Kubernetes gives you freedom about where to run your stuff since it works on multiple providers and your own hardware. Once you learn how to set it up, it isn't too bad.
Google managed kubernetes cluster gives you the best of both worlds anyway.
> […] (ie migrating VMs from overloaded hosts) for free.
> Something docker/kubernetes still can't do.
This doesn't solve issues arising from the VM outright crashing though, does it? (I don't see how it could.) At the end of the day, I still need to solve that myself, and if my application can gracefully withstand being crashed, then docker/kubernetes can migrate from overloaded hosts: just crash container.
I could probably also throw in something to gracefully die on a SIGTERM, but I feel like once you can withstand a crash, throwing in a SIGTERM is fairly straightforward. The only difference is that one trains traffic, the other just outright 500s it. (Though, perhaps there's more work involved there than I realize.)
Ultimately, I want crash resistance. I want to run Chaos Monkey. I can't, right now, because I know all too well what would happen.
In HA mode, you specify that this VM must be running. If its not do a list of certain actions.
But the thing is, making your app crash gracefully can be incredibly hard, and can almost always take a lot of dev time.
its cheaper in terms of planning and execution to have two have an HA pair defined in the cluster, and another HA pair defined in software (i.e. behind a varnish node or the like)
You can have virtual IPs so that if a node is not responding the HA partner picks up the traffic. If thats properly locked up, the hypervisor can kill the machine and restart it.
as for:
>migrate from overloaded hosts: just crash container.
try doing that with a clustered something, the host becomes overloaded, kills the app. not only does the traffic shift off to other nodes(which might already be started to overload), it takes resources to sync back into the cluster.
You don't want this behaviour as it causes failure hysteresis. (that is, as soon as you start to reach breaking point, the whole thing collapses and refuses to come back up, without stopping incoming traffic)
