This is the fourth day of my participation in Gwen Challenge
A summary of Kubernetes
1.1 Container Choreography tools
- Docker official orchestration tool
Docker swarm, docker swarm, docker swarm, docker swarm, docker swarm, docker swarm, docker swarm, docker swarm, docker swarm, docker swarm, docker swarm, docker swarm, docker swarm, docker swarm, docker swarm Docker Mechine # initializes a host as a preset program that can join a Docker swarm clusterCopy the code- Mesos INDICATES the IDC operating system
IDC operating system, can provide an IDC hardware resources, unified scheduling and allocation, it is only a resource allocation tool, can not directly host container, so it provides a direct scheduling framework, Marathon.Copy the code- kubernetes
Currently the most popular container orchestration tool, the highest market shareCopy the code1.2 kubernetes
Kubernetes is Greek and translates to helmsman. Its prototype is the Borg cluster management system that Google uses internally. It can be said that it gathers the essence of Borg design ideas and absorbs the experience and lessons of Borg system.
Its goal is not just to be a choreographed system, but to provide a specification that allows you to describe the architecture of the cluster and define the final state of the service, which Kubernetes can help you automatically achieve and maintain. As the cornerstone of cloud native applications, Kubernetes acts as a cloud operating system, and its importance is self-evident.
Kubernetes released its first version in 2014 and is currently open source and hosted on Github.
https://github.com/Kubernetes
Copy the codeAt present, AWS, Ali Cloud, Microsoft cloud, currently has native support for K8S, users can directly deploy cloud native services.
- What are the advantages
- Borg system based, mature design, open source, lightweight, easy to learn and understand; - Modular, pluggable, hook support, can be any combination, such as: network component flannel, storage plug-in; - Key and configuration management for fault discovery (live probe) and self-repair capability (number of copies), service rolling upgrade (ready probe) and online capacity expansion (number of copies); - Scalable automatic resource scheduling (multi-dimensional automatic capacity expansion) and multi-granularity resource quota management (resource restriction).Copy the code1.3 Environment Architecture
Kubernetes is a cluster that combines the computing power of multiple computers. It is a cluster with a central node mode. In a K8S cluster, hosts are divided into two roles:
Master: The management node of a cluster. There is one or a group of nodes. Usually, three nodes are sufficient. Nodes: Nodes that provide computing resources. Nodes that run containers can be expanded.Copy the codeThe client creates the request to start the container and sends it to the Master. There is a scheduler on the Master that can analyze the resource state of each node and find a node that is most suitable for running the user container, and start the container on this node using Docker. The Docker of the node node will first check if there is a local image when starting the container. If there is no image, it will pull from the repository and run it.
The repository can run as a container, so it can also be hosted on Top of Kubernetes, which can actually host itself, that is, self-hosted.
- ApiServer
Kubernetes receive users to create containers and other requests is Kubernetes Cluster, so its external service interface is an API interface, this interface needs programming to access, or through the preparation of a good client program to access, Kubernetes Master has a component is ApiServer, to receive client requests, parsing client requests, its main functions include authentication and authorization, data verification and cluster status change, and responsible for other modules direct communication and data interaction, only API server can operate ETCD, If other modules want to obtain data, they need to perform relevant data operations through the interface provided by API Server
- Scheduler
The Master uses the scheduler to assign a Node that can run the container based on the request. For example: According to the user’s resource requirements, CPU and memory, evaluate which nodes is the most suitable to run.
The general process is as follows: First, pre-select nodes that meet the operation requirements of the user container, and then select the best adaptation node from these pre-selection results.
- Controller (Controller)
If the node running the container goes down or the container itself fails, Kubernetes can start an identical container on another node. This is the self-healing capability provided by Kubernetes.
The controller then monitors the health of each container it is responsible for, and if it finds that it is not healthy, the controller sends a request to the Master, and the Master runs the container again with the appropriate node selected by the scheduler.
It can continuously detect managed containers and issue requests when they are unhealthy or do not conform to user-defined health states to ensure that containers migrate to the desired health state.
Kubernets supports many controllers, and container health controllers are just one of them.
- ControllerManager
In the Master built-in component, there is a controller manager, which is responsible for monitoring each controller, if the controller is not healthy and cannot work, then the controller manager to ensure the health of the controller, because there are multiple masters, so it has redundancy.
- Pod (Atomic scheduling unit, which is the wrapper of a container)
The atomic unit scheduled on Kubernetes, Kubernetes does not schedule containers directly, but Pod, Pod can be understood as the secondary encapsulation of containers, can be composed of one or more containers, multiple containers share the same network namespace: NET, UTS, IPC.
Containers in the same POD can also share the same storage volume, which can belong to a POD.
A POD usually runs only one container. If you need to put multiple containers in a POD, there is usually one main container and the other containers serve the main container.
- Node (working Node)
The node that provides computing resources is the host that runs Pod. The Kubenetes Cluster manages computing resources of all nodes in a unified manner. When users request to create resources, they can check whether there are resources in the Cluster that can run users’ containers, which realizes a platform of unified scheduling and management.
- Label (Label)
A tag consisting of key = value that labels a POD.
- Selecter label selector
There are many PODS running in the cluster. As mentioned earlier, one controller can manage several pods. How does the controller select the pods that it needs to manage from all the pods running in the cluster?
When creating a POD, attach a label to the POD so that the program can identify the POD by this label. It can also be used to distinguish a group of pods with the same function. For example, to create four Nginx pods, attach a K/V label to each POD. App =nginx, select pod (s) with key = app and value =nginx.
Tags are not the only mechanism POD has; other components can have tags as well.
1.4 Architecture and Components
- Etcd
Back-end data store for Kubernetes, where all cluster data is storedCopy the code- The Master node is responsible for maintaining the target status of the cluster
kube-apiserver The Kubernetes API is the front-end control layer of Kubernetes. Only the API Server can communicate with ETCD. All other modules must access the cluster status through the API Server
kube-controller-manager Handle common tasks in the cluster, which are separate processes containing multiple controllers, such as maintaining POD counts
kube-scheduler Assign the appropriate node node to the Pod
Copy the code- The Node Node is actually responsible for implementation, that is, the Node that runs the POD, and the components that run on it are
kubelet # Node self-registration and node status update, it monitors the Pod that has been assigned to itself, prepares volumes for Pod, downloads the Secret required by Pod, downloads the image and runs it, probes the life cycle, and reports Pod and node status
kube-proxy By maintaining the network rules on the host and performing connection forwarding, the network service provided by Kubernetes is proxy to each node, and the Kubernetes service abstraction is realized
docker Run the container
Copy the code- The plug-in
Plug-ins are pods and services that enhance clustering. The plug-in objects themselves are namespace-bound and are created in the Kube-System namespace.Copy the code- DNS
Although additional plug-ins are not required, all Kubernetes clusters should have Cluster DNS, which many applications rely on to provide DNS records for the Kubernetes service. When started, the container automatically includes the DNS server in resolv.conf.Copy the codeother
Send your notes to: github.com/redhatxl/aw… Welcome one button three links.