Shulou(Shulou.com)06/02 Report--

This article introduces the relevant knowledge of "basic concepts and characteristics of kubernetes". In the operation process of actual cases, many people will encounter such difficulties. Next, let Xiaobian lead you to learn how to deal with these situations! I hope you can read carefully and learn something!

Kubernetes (k8s for short) is a management platform for running and collaborating containerized applications on a set of hosts that manage the lifecycle of containerized applications in a way that provides high availability, scalability, and predictability. With k8s, users can define how programs run, deploy upgrade policies, and dynamically scale capacity, allowing users to manage applications in a more flexible and reliable way.

About k8s, is a package of application services, deployment, monitoring and a complete set of life cycle automation management platform, the current major companies have been deployed in the production environment, while the k8s community is more active, in the future will become more and more popular, can be said to be the de facto standard for future service deployment, for Java developers, you can not directly use it, but can not not understand it.

In summary, the K8S features are as follows:

Auto-binning: deploying multiple applications to the same node based on containers and scheduling policies to improve resource utilization;

Self-healing: support failover/restart, with health check mechanism;

Horizontal expansion: manually execute expansion by command, and dynamically realize expansion capacity based on CPU and other resource load rates;

Service Discovery/Load Balancer: Service discovery function is built into the system through KubeDNS (or CoreDNS), DNS name is configured for each service, and Load Balancer mechanism is built into service through iptables or ipvs;

Automatic deployment: automatic release and rollback, support grayscale, incremental release, etc.;

Configuration management: ConfigMap decouples configuration data from Docker images, providing good flexibility for development and deployment;

Batch: In addition to managing service-based applications, Kubernetes supports batch jobs and CI (Continuous Integration).

From the perspective of k8s, it abstracts each resource to be managed, for example, Node is abstracted for servers (physical machines or virtual machines); Pod is abstracted to manage containers instead of directly managing them; service is abstracted to represent multiple Pods of the same type for service invocation in clusters, and Load Balancer policies are provided.

For beginners, some abstract resources and basic concepts of k8s may cause confusion. This article briefly analyzes the basic concepts and components of k8s, so that beginners can understand k8s concepts faster. Let's go~

K8S Basic Concept

K8s uses a shared network to bring together multiple physical machines (or virtual machines) into a cluster, which is the physical platform on which all components, functions, and workloads of K8s are configured. A server in a cluster manages the entire cluster as a master (master is typically deployed as multiple nodes for master high availability).

The Master is the gateway and hub of the cluster, responsible for tasks such as exposing APIs for users and clients, tracking the health of other servers, scheduling workloads in an optimal manner, and orchestrating communication between other components, is the central point of contact between users/clients and the cluster, and is responsible for most of the centralized governance logic of the Kubernetes system. A single Master node can accomplish all of its functions, but for redundancy and Load Balancer purposes, multiple such hosts are often deployed collaboratively in production environments. Node is the worker node of Kubernetes cluster, which is responsible for receiving work instructions from Master and creating or destroying Pod objects accordingly, adjusting network rules to route and forward traffic reasonably, etc. In theory, a Node can be any form of computing device, but the Master will uniformly abstract it as a Node object for management.

Several Resource Abstractions

Pod: The smallest scheduling unit managed by k8s. k8s does not directly manage containers, but uses an abstract resource object to encapsulate one or more containers. Containers in the same Pod share network namespaces and storage resources. These containers can communicate directly via the local loopback interface lo, and resources such as Mount, User, and PID are also isolated.

Label resource and label selector: Label is an identifier that classifies resources. Pod resource selection in k8s is mostly based on labels. An object can have multiple labels, and a label can also be attached to multiple objects (usually the same type of object). Label Selector is called Label Selector, which is a mechanism to filter qualified resource objects according to Label.

Controller： Pod controller, although Pod is the smallest scheduling unit of k8s, users usually do not directly deploy and manage Pod objects, but rely on another type of abstraction-controller.(Controller) to manage it. The controller of k8s includes ReplicationController, ReplicaSet, Deployment, StatefulSet, Job, etc. Each controller has corresponding functions.(For example, Deployment is the most common controller of stateless applications, which supports operations such as expansion and contraction of applications, scrolling updates, etc., giving containerized applications extremely flexible functions);

Service: Service is a resource abstraction built on a group of Pod objects. It selects a group of Pod objects through the label selector and defines a unified fixed access entry (usually an IP address) for this group of Pod objects.

Storage volume: Generally, it is a storage space independent of the container file system. It is often used to expand the storage space of the container and provide persistent storage capacity for it. It can be divided into temporary volume, local volume and network volume.

Name and Namespace: A name is a unique identifier of a network resource, usually within a namespace, and the name identifier is unique. Namespace is usually used to achieve resource isolation for tenants or projects, thus forming logical groupings.

Ingress: Pods are isolated from the network in k8s. If you need to open some pods for external use, you need to configure a channel for traffic to enter the k8s cluster. In addition to Service, Ingress is also one of the implementation strategies.

k8s component

A typical k8s cluster consists of a master node, multiple worker nodes, and ETCD, where ETCD is stored as cluster state. The master node is responsible for the management of the entire cluster, providing management APIs for the cluster, and is responsible for scheduling and monitoring each worker node. Each worker node has managed the running container in the form of a Pod. Master is mainly composed of apiserver, controller-manager and scheduler, and is responsible for storing cluster state data with ETCD education. Each worker node mainly contains kubelet, kube-proxy and container engine (Docker is the most common). Each component is as follows:

master node

Master contains the following components:

API server: Gateway to provide restful APIs and k8s clusters;

Controller： Pod controller, k8s manages Pod resources through controllers, including ReplicationController, ReplicaSet, Deployment, StatefulSet, Job, etc., each of which has corresponding functions (for example, Deployment is the most common controller for stateless applications, which supports operations such as application expansion and contraction, rolling update, etc., giving containerized applications extremely flexible functions);

Scheduler: K8s scheduler, K8s manages thousands of container resources, API server after receiving the request by the Scheduler according to the corresponding scheduling policy request scheduling operations among different nodes;

ETCD: K8s cluster state is stored in etcd (shared to all components and clients of the cluster through API Server). The collaborative operation of all components of K8s is carried out through the watch mechanism of etcd. Generally, etcd is deployed in clusters to ensure high availability.

node

The node is managed by the master and is responsible for managing all Pod resources:

kubelet: kubelet is the daemon process of node, node accepts the control of master, Kubelet registers the current node with api server, and regularly reports node resource usage to master;

Container runtime environment: node provides a container runtime environment responsible for downloading and running containers. Currently, k8s supports container runtime environments including Docker, RKT, cri-o and Fraki.

kube-proxy: Each node requires a kube-proxy process, such as generating iptables or ipvs rules on demand for services to control traffic access.

core components

In addition to etcd, master and node components, k8s also has some core components, as follows:

DNS service: k8s currently uses coreDNS, previously used KubeDNS;

Kubernetes Dashboard: k8s management web UI;

Heapster: A performance monitoring and analysis system for containers and nodes that collects and analyzes data on a variety of metrics, such as resource utilization and lifecycle events. In new versions of Kubernetes, its functionality is gradually replaced by Prometheus in combination with other components.

Ingress Controller:Service is a Load Balancer that works at the legacy layer, while Ingress is an HTTP (s) Load Balancer mechanism implemented at the application layer. However, an Ingress resource is not "traffic penetration" by itself, it is simply a collection of routing rules that need to be acted upon by an Ingress Controller. Currently, such projects are available as Nginx, Traefik, Envoy and HAProxy.

The content of "basic concepts and characteristics of kubernetes" is introduced here. Thank you for reading. If you want to know more about industry-related knowledge, you can pay attention to the website. Xiaobian will output more high-quality practical articles for everyone!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.