Shulou(Shulou.com)06/02 Report--

What is Kubernetes

Kubernetes is the most popular open source container management platform today, and it is the open source version of the famous Google Borg. Google launched Kubernetes in 2014, and the latest version at the time of this release is 1.11.

Kubernetes comes from the Greek word for helmsman, and K8S is an abbreviation because there are exactly eight letters between the beginning and the end of the letter. Based on container technology, Kubernetes can easily deploy cluster applications, expand capacity, reduce capacity, self-healing mechanism, service discovery, load balancing, logging, monitoring and other functions, greatly reducing the workload of daily operation and maintenance.

All operations of Kubernetes can be done through Kubernetes API, and objects in Kubernetes, including Pod, Service, Volume, Namespace, and so on, can be manipulated through API.

II. Kubernetes design architecture

Kubernetes draws on the design concepts of Borg, such as Pod, Service, Labels and single Pod and single IP. The overall architecture of Kubernetes is very similar to Borg, as shown in the following figure:

Kubernetes mainly consists of the following core components:

Etcd keeps the state of the entire cluster; apiserver provides the only entry for resource operation and provides mechanisms such as authentication, authorization, access control, API registration and discovery; controller manager is responsible for maintaining the state of the cluster, such as fault detection, automatic extension, rolling updates, etc. Scheduler is responsible for resource scheduling, dispatching Pod to the corresponding machines according to the predetermined scheduling policy Kubelet is responsible for maintaining the life cycle of the container, and is also responsible for the management of Volume (CVI) and network (CNI). Container runtime is responsible for image management and the real operation of Pod and container (CRI). Kube-proxy is responsible for providing Service with service discovery and load balancing within cluster.

In addition to the core components, there are some recommended Add-ons:

Kube-dns is responsible for providing DNS services for the whole cluster Ingress Controller providing services for public network access Heapster providing resource monitoring Dashboard providing GUIFederation providing cluster Fluentd-elasticsearch across availability zones providing cluster log collection, storage and query

Third, the core technology concepts of Kubernetes and API objects.

The API object is the administrative operation unit in the K8s cluster. Every time a new function is supported and a new technology is introduced in the K8s cluster system, the corresponding API object will be introduced to support the management operation of this function. For example, the API object corresponding to the replica set Replica Set is RS.

Each API object has three main categories of properties: metadata metadata, specification spec, and state status. Metadata is used to identify API objects, and each object has at least three metadata: namespace,name and uid;. In addition, there are a variety of tags labels used to identify and match different objects. For example, users can use the tag env to identify and distinguish different service deployment environments, and use env=dev, env=testing and env=production to identify different services for development, testing and production. The specification describes the ideal state (Desired State) that users expect the distributed system in K8s cluster to achieve, for example, the user can set the expected number of Pod copies to 3 through the replication controller Replication Controller to describe the actual current state of the system (Status), such as the current actual number of Pod copies of the system is 2; then the current program logic of the replication controller is to automatically start a new Pod and strive to achieve a copy number of 3.

All configurations in K8s are set through the spec of the API object, that is, users change the system by configuring the ideal state of the system, which is one of the important design concepts of K8s, that is, all operations are Declarative rather than Imperative. The advantage of declarative operation in distributed system is that it is stable, and it is not afraid to lose the operation or run it many times. For example, an operation with a replica number of 3 is still a result, while the operation of adding 1 to the number of copies is not declarative. The result of running multiple times is wrong.

Cluster

Cluster is a collection of computing, storage and network resources that Kubernetes uses to run a variety of container-based applications.

Master

Master is the brain of Cluster, and its main responsibility is scheduling, that is, deciding where to run the application. Master runs the Linux operating system, which can be a physical machine or a virtual machine. To achieve high availability, you can run multiple Master.

Node

The responsibility of Node is to run container applications. Node is managed by Master, and Node is responsible for monitoring and reporting the status of the container, and managing the life cycle of the container according to the requirements of Master. Node runs on the Linux operating system and can be a physical machine or a virtual machine.

Pod

Pod is the smallest unit of work for Kubernetes. Each Pod contains one or more containers. The containers in Pod will be dispatched by Master to run on a Node as a whole.

Kubernetes introduced Pod for the following two main purposes:

Manageability

Some containers are naturally connected and work together. Pod provides a higher level of abstraction than containers, encapsulating them in a deployment unit. Kubernetes schedules, expands, shares resources and manages life cycle with Pod as the smallest unit.

Communication and resource sharing

All containers in Pod use the same network namespace, that is, the same IP address and Port space. They can communicate directly using localhost. Similarly, these containers can share storage, and when Kubernetes mounts volume to Pod, it essentially mounts volume to each container in Pod.

File Puller periodically pulls the latest files from the external Content Manager and stores them in the shared volume. Web Server reads the file from volume and responds to Consumer's request. The two containers work closely together to provide up-to-date data for Consumer; they also share data through volume. So it is appropriate to put a Pod.

Controller

Kubernetes usually does not create Pod directly, but manages Pod through Controller. Controller defines the deployment features of Pod, such as having several copies, what kind of Node to run on, and so on. To meet different business scenarios, Kubernetes provides a variety of Controller, including Deployment, ReplicaSet, DaemonSet, StatefuleSet, Job, and so on, which we discuss one by one.

Deployment

Deployment is the most commonly used Controller. For example, in the previous online tutorials, you deployed applications by creating Deployment. Deployment can manage multiple copies of Pod and ensure that Pod is running as expected.

ReplicaSet

ReplicaSet implements multi-copy management of Pod. ReplicaSet is automatically created when using Deployment, which means that Deployment manages multiple copies of Pod through ReplicaSet, and we usually do not need to use ReplicaSet directly.

DaemonSet

DaemonSet is used for scenarios that run at most one copy of Pod per Node. As its name implies, DaemonSet is often used to run daemon.

StatefuleSet

StatefuleSet ensures that the name of each copy of Pod remains the same throughout the life cycle. Other Controller does not provide this feature, and when a Pod fails and needs to be deleted and restarted, the name of the Pod will change. At the same time, StatefuleSet ensures that copies are started, updated, or deleted in a fixed order.

Job

Job is used to run applications that are deleted at the end. Pod in other Controller usually runs continuously for a long time.

Service

RC, RS, and Deployment only guarantee the number of microservices Pod that support services, but do not solve the problem of how to access these services. An Pod is just an instance of running a service, which may stop at any time on one node and start a new Pod on another node with a new IP, so the service cannot be provided with a definite IP and port number. Stable service delivery requires service discovery and load balancing. The job of service discovery is to find the corresponding backend service instance for the service accessed by the client. In the K8s cluster, the service that the client needs to access is the Service object. Each Service corresponds to a valid virtual IP within the cluster, and the cluster accesses a service through the virtual IP. The load balancing of microservices in K8s cluster is realized by Kube-proxy. Kube-proxy is the load balancer within the K8s cluster. It is a distributed proxy server with one on each node of K8s; this design reflects its scalability advantages. The more nodes that need to access the service, the more Kube-proxy that provides load balancing capacity, and the more highly available nodes. In contrast, we usually do a reverse proxy on the server side to do load balancing, but also further solve the load balancing and high availability problems of the reverse proxy.

The Kubernetes running container (Pod) and access container (Pod) tasks are performed by Controller and Service, respectively.

Namespace

Namespaces provide virtual isolation for K8s clusters. K8s clusters initially have two namespaces, the default namespace default and the system namespace kube-system. In addition, administrators can create new namespaces to meet their needs.

Third, create Pod process

Reference document: http://docs.kubernetes.org.cn/251.html

Reference file: https://kubernetes.io/docs/concepts/overview/what-is-kubernetes/

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.