Writing in the front

Since the introduction of containers in production environments, two of the biggest benefits have been intuitively felt so far:

  1. Fast deployment, easy to move and expand.
  2. It saves about 15% of hardware resources.

With the increase in the number of online containers, the workload of management has increased, so the research on the use of DockerSwarm mentioned above and the introduction of Portainer tool have indeed reduced the difficulty of management.

But the essence of container management — automating the deployment, updating, uninstallation, and scaling and scaling of services — DockerSwarm doesn’t provide. Goals include a future separation of service infrastructure and applications, and a move from existing SpringCloud-based Java language microservices to language-independent cloud-native microservices. The next major learning direction is also placed here, exploring the ecological chain of cloud origin, and summarizing while learning.

Kubernetes learning ideas are as follows:

  • First get the general idea
  • Deploy the cluster
  • Dig deep into the principles and read about them

What is Kubernetes

Kubernetes is Google’s open source Container cluster Management system. It is an open source version of Borg, Google’s large-scale container management technology.

Kubernetes is an open source system for managing containerized applications across multiple hosts. It provides basic mechanisms for deployment, maintenance, and scaling of applications.

Open source system for automatically deploying, extending, and managing containerized applications.

The main features include:

  • Container-based application deployment, maintenance, and rolling upgrade

  • Load balancing and service discovery

  • Cluster scheduling across machines and across regions

  • Automatic telescopic

  • Stateless and stateful services

  • Extensive Volume support

  • The plug-in mechanism ensures extensibility

Kubernetes architecture

The overall architecture

The following diagram clearly illustrates the architectural design of Kubernetes and the communication protocols between components.

Some of the protocol names in the figure will be explored later for a brief overview.

Here’s a more abstract view:

Kubernetes belongs to the master-slave device model (master-slave architecture). In Kubernetes, the Master Node is generally called Master, while the Slave Node is called Node.

Kubernetes (Kubernetes, Kubernetes, Kubernetes, Kubernetes, Kubernetes, Kubernetes, Kubernetes, Kubernetes, Kubernetes) However, it is recommended to deploy Master nodes separately. All Master and Node nodes form a Kubernetes cluster. The same cluster may have multiple Master and Node nodes to meet high availability requirements.

Master Node Architecture

The Master node has the following responsibilities:

  • The “brain” of a cluster is responsible for managing all nodes.
  • Responsible for scheduling which nodes the Pod will run on.
  • Responsible for controlling all status of the cluster during its operation.

Master components include:

  • API Server

    Also called Kube-Apiserver, Kube-Apiserver is one of the most important core components of Kubernetes, mainly providing the following functions

    • Provides REST apis for cluster management, including authentication and authorization, data verification, and cluster status change
    • Provide a hub for data interaction and communication between other modules (other modules query or modify data through the API Server, only the API Server can directly operate ETCD)

  • Scheduler

    The KuBE-Scheduler assigns scheduling pods to nodes in the cluster. It listens to the Kube-Apiserver, looks for pods that have not yet been assigned nodes, and then assigns nodes to these pods according to the scheduling policy (update the NodeName field of the Pod).

  • Controller Manager

    Controller Manager consists of Kube-Controller-Manager and Cloud-Controller-Manager. It is the brain of Kubernetes. It monitors the state of the whole cluster through apiserver. And ensure that the cluster is working as expected.

    Controller Manager has a number of specific controllers, such as: Node Controller, Replication Controller, Endpoints Controller, Service Account and Token Controllers, Service Controller, Volume Controller, etc.

  • etcd

    Etcd is a distributed key-value store developed by CoreOS based on Raft for service discovery, shared configuration, and consistency assurance (database master selection, distributed locks, etc.)

    Etcd stores Kubernetes key configuration and user configuration, Kubernetes only API Server can have read and write permissions, Other components must read and write data through the API Server interface (see Kubernetes Works Like an Operating System).

Node Architecture

This image is from HOW DO APPLICATIONS RUN ON KUBERNETES

A Node has the following responsibilities:

  • Responsible for managing all containers.
  • Responsible for monitoring/reporting the running status of all PODS.

Node Components of a Node include:

  • kubelet

    Each Node runs a Kubelet server process. By default, it listens on port 10250, receives and executes instructions from the Master, and manages pods and containers in pods. Each Kubelet process registers the Node information on API Server, regularly reports the resource usage of the Node to the Master Node, and monitors the Node and container resources through cAdvisor.

  • kube-proxy

    Each machine runs a Kube-proxy service that listens for service and endpoint changes in THE API server and configures load balancing (TCP and UDP only) for the service using iptables, etc.

  • Container Runtime

    That is, the software environment required for containerization is installed to make the containerization program run, such as Docker Engine.

  • Logging Layer

    The Logging Layer collects monitoring information about all services on nodes, such as CPUS, memory, disks, and networks.

  • Add – Ons:

    Kubernetes manages o&M Node plug-in components, such as:

    • CoreDNS is responsible for providing DNS services for the entire cluster
    • The Ingress Controller provides an extranet entry for services
    • Prometheus provides resource monitoring
    • The Dashboard provides a GUI
    • Federation provides clustering across availability zones

Kubernates design concept

Kubernetes is a layered architecture similar to Linux, as shown in the following figure:

  • Core layer: the core function of Kubernetes, external API to build high-level applications, internal plug-in application execution environment
  • Application layer: deployment (stateless applications, stateful applications, batch tasks, clustered applications, etc.) and routing (service discovery, DNS resolution, etc.)
  • Management: System metrics (such as infrastructure, container, and network metrics), automation (such as automatic scaling, dynamic Provision, etc.), and policy management (RBAC, Quota, PSP, NetworkPolicy, etc.)
  • Interface layer: Kubectl command line tools, client SDK, and cluster federation
  • Ecosystem: An ecosystem managed by a large cluster of containers above the interface layer can be divided into two categories
    • Kubernetes external: Log, monitoring, configuration management, CI, CD, Workflow, FaaS, OTS application, ChatOps, etc
    • Kubernetes internal: CRI, CNI, CVI, mirror warehouse, Cloud Provider, cluster configuration and management, etc