Shulou(Shulou.com)05/31 Report--

It is believed that many inexperienced people are at a loss about how to build a self-built Kubernetes cluster to use elastic containers. Therefore, this article summarizes the causes and solutions of the problem. Through this article, I hope you can solve this problem.

Virtual node (Virtual Node) realizes the seamless connection between Kubernetes and elastic container instance ECI, so that the Kubernetes cluster can easily obtain great resilience without being limited by the node computing capacity of the cluster. You can create ECI Pod on demand flexibly and dynamically, eliminating the trouble of cluster capacity planning. The following is mainly about virtual nodes and ECI, how to deploy virtual nodes through ack-virtual-node components and how to create ECI Pod.

prerequisite

The self-built Kubernetes cluster version needs to be higher than 1.14.

You need to create a registration cluster and connect the self-built Kubernetes cluster to the registration cluster. For more information, please see create Aliyun registration cluster and connect to self-built Kubernetes cluster.

You need to activate elastic container instance service. Log in to the console of the elastic container instance to activate the corresponding service.

You need to make sure that the region where the cluster is located is in the list of regions supported by ECI. Log in to the console of the elastic container instance to view the supported regions and availability zones.

Virtual node and elastic container instance ECI

Ali Cloud elastic container instance ECI (Elastic Container Instance) is a serverless elastic computing service for containers, which provides a container running environment with no operation and maintenance, strong isolation and fast startup. Using ECI eliminates the need to purchase and manage the underlying ECS server, allowing you to focus more on the maintenance of container applications rather than the underlying infrastructure. You can create an ECI on demand and only pay for the resources configured by the container (postpaid per second).

The virtual node Virtual Node realizes the seamless connection between Kubernetes and elastic container instance ECI, so that the Kubernetes cluster can easily obtain great resilience without being limited by the node computing capacity of the cluster. You can create ECI Pod on demand flexibly and dynamically, eliminating the trouble of cluster capacity planning. It is very suitable to run in the following scenarios to help users greatly reduce computing costs and improve computing flexibility.

The elastic expansion of peaks and troughs of online business: such as online education, e-commerce and other industries have obvious characteristics of peak and trough calculation. The use of virtual nodes can significantly reduce the maintenance of fixed resource pools and reduce computing costs.

Data computing: virtual nodes are used to host Spark, Presto and other computing scenarios to effectively reduce computing costs.

CI/CD Pipeline:Jenkins 、 Gitlab-Runner .

Job tasks: scheduled tasks, AI.

Ali Cloud CCS provides a variety of Serverless Container product forms based on virtual nodes and ECI, including Serverless Kubernetes (ASK) and ACK on ECI, fully supporting users' demands in various flexible and node-free OPS scenarios.

Step 1: configure RAM permissions for ack-virtual-node components in the self-built cluster

Before installing components in the registration cluster, you need to set the permissions that AK uses to access cloud services in the access cluster. Before setting up AK, you need to create RAM users and add permissions to access relevant cloud resources.

Create a RAM user. For specific steps on how to create a RAM user, see creating a RAM user.

Create a permission policy. For specific procedures for creating a permission policy, see creating a Custom Policy. Please authorize the AliyunECIFullAccess policy for RAM.

Add permissions for the RAM user. For specific steps on how to authorize RAM users, see authorizing RAM users.

Create an AK for the RAM user. For information about how to create an AK for a subaccount, see getting AccessKey.

Use AK to create a Secret resource named alibaba-addon-secret in the self-built Kubernetes cluster. The ack-virtual-node component installed in step 2 will automatically reference this AK to access the corresponding cloud service resources.

Kubectl-n kube-system create secret generic alibaba-addon-secret-- from-literal='access-key-id='-- from-literal='access-key-secret='

You need to replace the above code with the AK information you obtained.

Step 2: deploy ack-virtual-node components in a registered cluster

The steps to deploy ack-virtual-node components in a registered cluster are as follows:

Log in to the CCS management console.

Find the target registered cluster on the cluster list page and click to enter the cluster details page.

Click Operation and maintenance Management-> component Management, locate the ack-virtual-node component and click install

Wait for the prompt to install successfully.

Step 3: create an ECI Pod

You can create an ECI Pod in two ways.

Configure the Pod tag. Tagging Pod alibabacloud.com/eci=true,Pod will run as ECI, and its node is a virtual node, as shown in the following example:

1. Execute the following command to tag the Pod.

Kubectl run nginx-- image nginx-l alibabacloud.com/eci=true

two。 Execute the following command to view the Pod.

Kubectl get pod-o wide | grep virtual-kubelet

3. Expected output:

Nginx-7fc9f746b6-r4xgx 0/1 ContainerCreating 0 20s 192.168.XX.XX virtual-kubelet

Configure namespace labels. Tagging the namespace where Pod is located alibabacloud.com/eci=true,Pod runs in ECI mode, and its node is a virtual node, as shown in the following example:

4. Execute the following command to create a virtual node.

Kubectl create ns vk

5. Execute the following command to tag the namespace where Pod is located.

Kubectl label namespace vk alibabacloud.com/eci=true

6. Execute the following command to schedule the Pod in the namespace to the virtual node.

Kubectl-n vk run nginx-- image nginx

7. Execute the following command to view the Pod.

Kubectl-n vk get pod-o wide | grep virtual-kubelet

8. Expected output:

Nginx-6f489b847d-vgj4d 1 Running 1 Running 0 1m 192.168.XX.XX virtual-kubelet related operations

Modify ACK virtual node configuration

The configuration of virtual node Controller determines the behavior of its scheduling ECI Pod and the configuration of ECI running environment, including virtual switch and security group configuration. You can modify the Controller configuration flexibly as needed. The modified configuration will not affect the already running ECI Pod and will take effect on the newly created ECI Pod immediately.

Execute the following command to modify the configuration of the virtual node Controller.

Kubectl-n kube-system edit deployment ack-virtual-node-controller

Common change operations are as follows:

Update the virtual-node controller version. When you use the update virtual node feature, you need to update the Virtual Node Controller image to the latest version.

Modify the security group configuration ECI_SECURITY_GROUP. You can modify this environment variable to change the security group of ECI Pod.

Modify the virtual switch configuration ECI_VSWITCH. You can modify this environment variable to change the virtual switch where ECI Pod is located. It is recommended to configure multiple virtual switches to support multiple availability zones. When the inventory of a single availability zone is insufficient, Controller will select another availability zone to create an ECI Pod.

Modify the kube-proxy configuration ECI_KUBE_PROXY. The default value of this environment variable is true, which means that ECI Pod can access ClusterIP Service in the cluster by default. If ECI Pod does not need to access ClusterIP Service, such as Job computing scenarios, you can set this environment variable to false to turn off the kube-proxy feature. In addition, in some large-scale scenarios, such as when a large number of ECI Pod needs to be started in the cluster, the number of concurrent connections between kube-proxy and kubernetes apiserver in ECI will also greatly increase. You can also choose to turn off the kube-proxy feature to reduce the pressure on API Server and improve scalability.

Modify the kube-system/eci-profile configmap. You can modify this ConfigMap configuration for more ECI-related parameters, such as virtual switches, security groups, and so on.

Delete virtual node

1. Uninstall the ack-virtual-node component.

In the self-built cluster, after deleting all the ECI Pod, uninstall the ack-virtual-node component on the component management page.

two。 Delete the relevant virtual node through the command kubectl delete no.

When ECI Pod exists in the cluster, uninstalling the ack-virtual-node component will result in the residue of the ECI instance.

After reading the above, have you mastered how to use elastic containers in self-built Kubernetes clusters? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.