#GSOC 2015 Proposal - Benjamin Elder (BenTheElder) ##Kubernetes: Improve Proxy ###Project Info:
- Google Kubernetes
- Project Idea: Improve Proxy
###Applicant Info:
- Name: Benjamin Elder
- Github: BenTheElder
- Current Kubernetes Contributions & [WIP] PR
- Education:
- 2013-Present: Georgia Insitute of Technology (Georgia Tech), Computer Science (undergratudate)
- Email: ben.the.elder@gmail.com
I love working with go, *nixes, and open source.
###Abstract: Google's Kubernetes is an open source system for managing containerized applications. Kubernetes currently uses a proxy to route between services (pods), this consists of a tcp/udp proxy in go (kube-proxy) along with some iptables rules.
Ideally where possible we can improve performance by using iptables to perform transparent routing in place of the userspace proxy. (see issue #3670)
I'm also interested in adding support for pf and will be working on that leading up to GSC (see my pull request), and if that works out will work to include pf ports of any iptables work under the time alloted to improvements.
###Project Proposal: Implement iptables rules based proxying to move proxy load to the kernel instead of userspace. Given enough time, potentially port to pf as well for OSX/BSD support (I've already started work abstracting the necessary components to be agnostic to the firewall rules backend).
###Schedule: ####First a brief explanation about possible summer classes:####
Registration is unfortunately next week here.
- I cannot be certain but I may be attempting to take 1-2 CS courses over part of the summer.
- (particularly if I am not accepted to GSOC, then I may even take more).
If I am able to register for them succesfully:
- I'll most likely have class mondays and wednesdays mid-day but I'd still be relatively free to work the rest of the day/week and weekends.
- There will also be will be a gap on either side of the summer semester where I have no class anyhow, and I intend to / have started work now.
If I am able to register for these, and I am accepted to GSoC, and the classes are a concern I should be able to un-register from them in favor of GSoC. I have no other major plans this summer and I love to tinker and code and would highly prefer GSoC to a trivial number of credit hours I can take in the fall instead.
####Schedule (Tentative, and Open to suggestion): Present - April 30th:
- Begin Tinkering with iptables and kube-proxy.
- Attempt to add support for current iptables related usage with a pf backend for OSX/BSD.
May 1st - August 21st:
| Week | Dates | Work |
|---|---|---|
| 1 | May 1st - 7th | Design / Research |
| 2 | May 8th - 14th | Host OS support detection for iptables / pf |
| 3 | May 15th - 21st | Write Iptables Proxy Rules |
| 4 | May 22nd - 28th | Write Iptables Proxy Rules |
| 5 | May 29th - June 4th | Implement Rules in Proxy |
| 6 | June 5th - 11th | Write Tests / Debug |
| 7 | June 12th - 18th | Improvements / PF Rules(?) |
| 8 | June 19th - 25th | Improvements / PF Rules(?) |
| 9 | June 26th - July 2nd | Improvements / PF Rules(?) |
| 10 | July 3rd - 9th | Write Tests / Debug |
| 11 | July 10th - 16th | Write Tests / Debug |
| 12 | July 17th - 23rd | General Improvements (Performance, etc) |
| 13 | July 24th - 30th | General Improvements (Performance, etc) |
| 14 | July 31st - August 6th | Improvements / Write Tests |
| 15 | August 7th - 13th | Write Tests / Cleanup |
| 16 | August 14th - 21st | Final Wrap-up |
##Why Me?
- I love, go, nixes, and open source.
- I'll work hard. I'm not here for the money or the shirt (though they'd be nice though of course :) ). I'm here for the work, and the experience. I'd like to work with an experienced mentor on an interesting project, and to be able to put some real experience on my resume.