By Andy Shi (Alibaba Cloud Senior Technical Expert) and Tianyuan (Alibaba Cloud Technical Expert)
In May this year, Alibaba Cloud and Microsoft jointly announced that the Open Application Model (OAM) community would cooperate with the Crossplane community, a well-known hybrid cloud management project, to release the standard implementation and core dependency library of the OAM in Kubernetes. This cooperation will enable the OAM community to integrate standard application definitions with standardized cloud service management capabilities, which is a key step towards non-differential cloud application delivery.
In October 2019, Alibaba Cloud and Microsoft jointly launched the OAM project to develop a Kubernetes-based, cloud-native application specification. The OAM is a model with a clear division of responsibility. Developers define application components. Application operators create instances for these components and assign application configurations to them. Infrastructure operators define, install, and maintain basic services on the OAM platform.
This technical cooperation among Alibaba Cloud, Microsoft, and the Crossplane community focuses on the standard OAM implementation in Kubernetes and the OAM-based implementation of the Crossplane project. When the Kubernetes community implemented the OAM, it raised the requirements for standard OAM implementation. Therefore, this cooperation aims to allow engineers from Alibaba Cloud, Microsoft, and the Crossplane community to use the Go language to develop a core OAM Kubernetes dependency library. This project is called OAM Kubernetes Runtime. OAM Kubernetes Runtime will become a basic component maintained by the OAM community, aiming to provide a stable, unified OAM core plug-in in Kubernetes.
To enable audiences to learn more about this cooperation and the progress of the OAM project, Andy Shi, an Alibaba Cloud senior technical expert, and Sun Jianbo (Tianyuan), an Alibaba Cloud technical expert, attended an interview by OSCHINA to discuss the significance of the OAM project.
Application container technology has revolutionized approaches to software packaging and distribution and is widely used by cloud service providers and data centers. However, the innovations in software packaging and distribution have not essentially changed the definition and description of software. Kubernetes-based application management does not make business R&D and O&M any easier.
The cloud-native technology revolution initiated by Kubernetes aims to standardize and abstract the infrastructure layer. However, this abstraction has little impact on business R&D and O&M. For example, until now, Kubernetes has never used the term "application". Instead, Kubernetes provides fine-grained workload-related primitives, such as Deployment and DaemonSet.
In actual environments, an application is often a combination of independent components, such as an e-commerce website composed of a PHP application container and a database instance, a machine learning training task composed of a parameter service node and a worker node, or a microservice application composed of a Deployment, StatefulSet, HPA, Service, and Ingress.
Kubernetes was intentionally designed to do away with the term "application". This makes the cloud-native application management ecosystem highly fragmented and difficult to understand. The OAM project is designed to answer the question of what applications mean in Kubernetes based on a series of standards.
Before the OAM was released, the cloud-native ecosystem did not use the term "application". Each team involved in cloud native defines the term "application" in its own way and with different degrees of abstraction. This leads to information silos among the systems created based on different definitions of application.
This fragmented and siloed application layer has a negative impact on the evolution of the cloud-native ecosystem. This situation is reflected in the development of Kubernetes. While Kubernetes has gradually standardized the access methods for infrastructure capabilities, the more important, user-specific application management layer has hardly evolved. Not a single innovative idea has been proposed in recent years.
As a result, all business R&D and O&M engineers worldwide are forced to become something of container experts. When they have to learn about declarative APIs, controllers, and other infrastructure as data concepts that are not in their area of expertise, they constantly complain about the complex and strange design of Kubernetes.
Kubernetes is a system-level project that is intended for infrastructure engineers and provides loosely coupled infrastructure semantics. When you learn to use Kubernetes YAML files, you will find that these files mainly contain confusing underlying details.
In fact, the end users of Kubernetes, such as business R&D and O&M engineers, need a higher level of abstraction without having to configure underlying resource information. To meet this need, we must define applications from the end user's point of view and provide application definition primitives from the perspectives of business R&D and O&M engineers.
In this sense, the first change made by the OAM project is that it defines a higher level of application layer abstraction in a universal, standard manner and builds a definition model with separation of concerns.
The second change made by the OAM project is that it defines applications in Kubernetes in accordance with a standard, open-source specification that defines and describes applications and required O&M capabilities.
OAM is a Kubernetes-native, standard application definition project. It is also a platform-layer framework designed to encapsulate, organize, and manage the O&M capabilities in Kubernetes and connect these capabilities to applications.
To be specific, the OAM project standardizes the application definition specification based on the Kubernetes API resource model. This model emphasizes that a modern application is a collection of multiple components rather than a simple workload or a Kubernetes operator. Therefore, in the OAM context, an e-commerce website consists of a PHP container, the database on which it depends, and the cloud services that it needs. The OAM project considers that an application also includes the O&M policy it requires. For example, the PHP container shown in the following figure includes the Horizontal Pod Autoscaler (HPA).
What changes has the Crossplane project experienced since the OAM upgrade was initiated by this tri-party effort?
"As a leader in the field of hybrid cloud management, the Crossplane community supports OAM implementation, forming a complete entity capable of seamless migration in hybrid cloud environments. This entity consists of OAM-based applications, O&M capabilities, and the cloud services on which these applications depend."
This platform-independent application definition paradigm allows application developers to describe their applications in accordance with the OAM specification. Without any modifications to the application description, these applications can run in any Kubernetes cluster, on any serverless application platform, and even in edge environments. The release of Crossplane OAM during the tri-party cooperation means the OAM community is integrating standard application definitions with standardized cloud service management capabilities to achieve true cloud application delivery.
This section explains how the OAM works in a project.
The OAM runs in Kubernetes as a native plug-in and emphasizes the separation of concerns. Business developers define and maintain components to describe service units. O&M engineers define O&M traits and add them to the components, which form OAM deliverables called application configurations.
Provided that the OAM can access all Kubernetes capabilities as needed, the separation-of-concerns design provides business R&D and O&M engineers with an optimal experience and minimizes their mental workload. Infrastructure engineers can add more workloads, such as function as a service (FaaS), to Kubernetes to run serverless features, or add O&M traits, such as CronHPA, to define CronJob HPA policies. The OAM manages application delivery capabilities and processes on the entire platform in a standard, declarative manner. In addition, the OAM provides API primitives for various roles to express their respective needs, which are met through Kubernetes.
In fact, almost all Kubernetes-based application management platforms need to build their own application models in accordance with the OAM specification. The OAM is a native Kubernetes API resource model, which makes the migration process much easier. You can complete migration through the phased management of API objects. This uses OAM objects to gradually take over the services of existing Kubernetes objects.
Platform as a service (PaaS) is a type of closed environment that cannot be connected to operator-based cloud-native ecosystems. A modern cloud-native application management platform built on the OAM and Kubernetes is essentially an application-oriented platform that can seamlessly access the cloud-native ecosystem. The OAM eliminates the complexity and differences of container infrastructure, allowing platform users to manage and deliver applications with minimum mental workload and in a standard, consistent manner. This allows an OAM-based Kubernetes application platform to hide the details of the underlying infrastructure. For example, you do not need to worry about whether the underlying infrastructure is built in the cloud or the Internet of Things (IoT). The platform focuses on application layer abstraction to provide an application-oriented resource model.
The OAM defines three roles for application delivery: development, O&M, and infrastructure. These roles are separated from each other, which makes the delivery process clearer and easier to manage.
Based on the Kubernetes API resource model, the OAM provides portable applications and infrastructure abstraction. This enables the direct delivery and running of applications on the cloud, edge, and terminals without having to modify the application description.
In addition, the OAM defines a set of core workloads, O&M traits, and application categories as the building blocks of an application delivery platform. Platform developers can add more workloads, such as FaaS and cloud services, or add O&M traits, such as CronHPA, to define CronJob HPA policies. The OAM manages application delivery capabilities and processes on the platform in a standard, declarative manner. A component marketplace is formed as more modular workloads and traits are added. The OAM works as an administrator of the component marketplace. It deals with the relationships between components and integrates many components into a deliverable product. The OAM-based Kubernetes application management platform allows you to flexibly assemble underlying capabilities, O&M traits, and development components. This unifies application management and makes functions more powerful.
This section describes the current situation in the OAM community. "As a neutral and open-source community not tied to commercial needs, the OAM ecosystem has maintained high popularity and active participation since its inception. A large number of issues and PR contributions to the community come from teams other than Alibaba and Microsoft, such as AWS, Tencent, ByteDance, HarmonyCloud, QingCloud, GoodRain, and 4Paradigm. Alibaba, Microsoft, and others have unified and standardized their internal application management architectures based on the OAM. In addition, many OAM-based cloud services have been launched, such as Alibaba Cloud Enterprise Distributed Application Service (EDAS).
OAM technology has been applied to many large community users, such as MasterCard, as well as a range of products and commercial practices, such as the visual OAM implementation by HarmonyCloud. Some cloud service providers, such as AWS, integrate their open-source projects with the OAM. The OAM community is growing rapidly.
We have always been curious about the operation modes of open-source communities. Currently, the OAM project is completely community-driven and managed by the maintainer team of each sub-project. The OAM community holds bi-weekly meetings (on USA time and Beijing time) to discuss and make decisions on major issues and synchronize the project progress. The OAM community implements a voting mechanism for maintainer seats and also takes the voting rights of end users into account. The maintainers of the OAM community are mainly from Alibaba Cloud, Microsoft, and the original members of the Crossplane project. In terms of promotion strategy, the OAM project is maintained by several large international teams and is operated in the same way as international open-source communities. The OAM project has been continuously evolving in the correct direction, backed by the technical prowess of Alibaba and Microsoft and the high-quality input of the entire cloud-native community and contributors. The OAM project encourages contributions and drives community development through communication, sharing, and collaboration. Operating in this way, the OAM project will grow quickly after it passes through the early stages of project building.
The OAM project has released the v1alpha2 version and will release further iterations based on actual scenarios, while guaranteeing the stability and compatibility of the OAM specification. The upgrade speed of the OAM specification depends on users' acceptance and feedback. A beta version will be released later this year. In this tri-party cooperation, the OAM has released the standard implementation and core dependency library for Kubernetes. This means that, in the future, the entire open-source ecosystem will be able to directly support the OAM specification by connecting to Crossplane or OAM Kubernetes Runtime. Then, an increasing number of projects like OAM will emerge.
Andy Shi is an Alibaba Cloud senior technical expert and a developer and advocate in the Alibaba Group. He has been promoting open-source technologies in Silicon Valley for years and has extensive experience in cloud platform usage and network infrastructure.
Sun Jianbo (Tianyuan) is an Alibaba Cloud technical expert. He is one of the main formulators of the OAM specification and is committed to promoting the standardization of cloud-native applications. He is also engaged in the delivery and management of large-scale, cloud-native applications at Alibaba
Getting Started with Serverless: What Is Function Compute and How Does It Work?
506 posts | 48 followers
FollowAlibaba Cloud Native Community - March 8, 2023
Alibaba Cloud New Products - June 11, 2020
Alibaba Developer - March 30, 2020
Alibaba Developer - September 7, 2020
Alibaba Developer - June 30, 2020
Aliware - March 22, 2021
506 posts | 48 followers
FollowMSE provides a fully managed registration and configuration center, and gateway and microservices governance capabilities.
Learn MoreAlibaba Cloud Container Service for Kubernetes is a fully managed cloud container management service that supports native Kubernetes and integrates with other Alibaba Cloud products.
Learn MoreVisualization, O&M-free orchestration, and Coordination of Stateful Application Scenarios
Learn MoreServerless Application Engine (SAE) is the world's first application-oriented serverless PaaS, providing a cost-effective and highly efficient one-stop application hosting solution.
Learn MoreMore Posts by Alibaba Cloud Native Community