Shulou(Shulou.com)05/31 Report--

In this issue, Xiaobian will bring you a summary analysis of how to carry out K8S. The article is rich in content and analyzes and narrates from a professional perspective. After reading this article, I hope you can gain something.

I. Introduction

Why Kubernetes and what can it do?

Containers are a great way to package and run applications. In a production environment, you need to manage the containers running your applications and ensure that there is no downtime. For example, if one container fails, another container needs to be started. Would it be easier if the system handled this behavior?

This is how Kubernetes solves these problems! Kubernetes provides you with a framework for running distributed systems elastically.

Kubernetes will meet your scaling requirements, failover, deployment patterns, and more. Kubernetes, for example, makes it easy to manage Canary deployments of systems.

Kubernetes offers you:

Service Discovery and Load Balancer

Kubernetes can expose containers using DNS names or their own IP addresses, and if traffic into containers is heavy, Kubernetes can Load Balancer and distribute network traffic to stabilize deployments.

storage arrangement

Kubernetes allows you to automatically mount storage systems of your choice, such as on-premises storage, public cloud providers, etc.

Automatic deployment and rollback

You can use Kubernetes to describe the desired state of a deployed container, which can change the actual state to the desired state at a controlled rate. For example, you can automate Kubernetes to create new containers for your deployment, delete existing containers and use all of their resources for the new container.

Automatic completion of packing calculation

Kubernetes allows you to specify the CPU and memory (RAM) required for each container. When a container specifies resource requests, Kubernetes can make better decisions about managing the container's resources.

self-healing

Kubernetes restarts failed containers, replaces containers, kills containers that do not respond to user-defined health checks, and does not advertise them to clients until they are ready for service.

Key and Configuration Management

Kubernetes allows you to store and manage sensitive information such as passwords, OAuth tokens, and ssh keys. You can deploy and update keys and application configurations without rebuilding container images, and without exposing keys in stack configurations

II. Kubernetes components

When we deploy Kubernetes, we have a complete cluster.

A Kubernetes cluster consists of a group of machines called nodes. These nodes run containerized applications managed by Kubernetes. A cluster has at least one worker node.

Worker nodes host pods that are components of the application load. The control plane manages worker nodes and pods in the cluster. To provide failover and high availability for clusters, these control planes typically run across multiple hosts and clusters run across multiple nodes.

III. Pod

A Pod is a group of containers (one or more) that share storage, networks, and declarations about how to run them.

Kubernetes API

At the heart of the Kubernetes control plane is the API server. API servers are responsible for providing HTTP APIs for users, different parts of the cluster, and components outside the cluster to communicate with each other.

The Kubernetes API enables you to query and manipulate the state of objects in the Kubernetes API (e.g. Pod, Namespace, ConfigMap, and Event).

Most operations can be performed through the kubectl command-line interface or command-line tools like kubeadm, which also invoke APIs behind the scenes. However, you can also use REST calls to access these APIs.

The Kubernetes API server validates and configures data for API objects, including pods, services, replication controllers, and more. The API server provides services for REST operations and provides a front end for the shared state of the cluster through which all other components interact.

Kube-controller-manager

Run the components of the controller on the master node.

Logically, each controller is a separate process, but to reduce complexity, they are compiled into the same executable file and run in a single process.

These controllers include:

Node Controller: responsible for notification and response when a node fails.

Replication Controller: Responsible for maintaining the correct number of pods for each replica controller object in the system.

Endpoints Controller: Populate Endpoints objects (i.e. add Service and Pod).

Service Account & Token Controllers: Create default accounts and API access tokens for new namespaces.

VI. Node component

Node components run on each node, maintaining running pods and providing the Kubernetes runtime environment.

kubelet

An agent that runs on each node in the cluster. It ensures that containers are running in pods.

Kubelet receives a set of PodSpecs provided to it through various mechanisms to ensure that the containers described in these PodSpecs are operational and healthy. Kubelet does not manage containers that were not created by Kubernetes.

kube-proxy

Kube-proxies are network proxies running on each node in the cluster, part of the Kubernetes Service concept.

Kube-proxy maintains network rules on nodes. These network rules allow network communication with pods from network sessions inside or outside the cluster.

If the operating system provides a packet filtering layer and it is available, kube-proxy implements network rules through it. Otherwise, kube-proxy forwards only the traffic itself.

VII. Container operating environment

A container runtime environment is the software responsible for running containers.

Kubernetes supports multiple container runtimes: Docker, containerd, CRI-O, and any implementation of Kubernetes CRI (Container Runtime Interface).

VIII. Addons

Plugins use Kubernetes resources (DaemonSet, Deployment, etc.) to implement clustering functionality. Because these plug-ins provide cluster-level functionality, resources in namespace domains in plug-ins belong to the kube-system namespace.

A few of the plug-ins are described below. For a complete list of available plugins, see Addons.

DNS

Although none of the other plug-ins are strictly required components, almost all Kubernetes clusters should have cluster DNS, as many examples require DNS services.

Cluster DNS is a DNS server that works with other DNS servers in the environment to provide DNS records for Kubernetes services.

Kubernetes-launched containers automatically include this DNS server in their DNS search lists.

Web interface (dashboard)

Dashboard is a common, web-based user interface for Kubernetes clusters. It enables users to manage and troubleshoot applications running in the cluster as well as the cluster itself.

Container Resource Monitoring

Container resource monitoring saves some common time-series metrics about containers into a centralized database and provides an interface for browsing the data.

cluster-level log

Cluster-level logging is responsible for keeping container log data in a centralized log store that provides search and browse interfaces.

9. etcd

Etcd is a consistent and highly available key-value database that acts as a background database for all Kubernetes cluster data.

The etcd database for your Kubernetes cluster usually needs to have a backup schedule.

For more in-depth information on etcd, please refer to the etcd documentation

X. Related Orders

kubectl help: help commands, view all k8s commands

kubectl help xxx: View the detailed use of a specific command, such as kubectl help config: As shown below, view the specific use of the config command, such as kubectl config view, view the detailed configuration file, such as hzaz1-bubble-02 indicates the cluster name, and there are multiple namespaces in the cluster.

Note: namespace on k8s is just like a grouping, convenient for management, and does not isolate resources, that is, a namespace service if the pressure is too large, may affect other namespace services, such as hubble-manager may affect hubble-platform

kubectl get nodes: Get available nodes

kubectl get pod -A: Get all pods

kubectl get hpa -n hubble-manager: View hpa configuration

kubectl describe nodes 10.128.228.2: View node description/status information

kubectl get service -n hubble-manager: See which services are under hubble-manager cluster

kubectl delete service m-alarm-query -n hubble-manager: delete service named m-alarm-query under hubble-manager cluster

cat ~/.kube/config: View the cluster configuration file

/data/weiwei/kubectl --kubeconfig=/data/weiwei/config-bubble-test-01 apply -f /data/weiwei/k8s/qiyi_puppet/script/k8s/hubble-biz-aiops.yaml: Deploy containers to specified clusters, specify configuration files via--kubeconfig

/data/weiwei/kubectl --validate=false apply -f . : Execute all yaml files in the current directory, free of verification

/data/weiwei/kubectl describe pod metrics-server-6fdb89bdcb-8t4rs -n kube-system: View execution status information for kube-system namespace and pod name metrics-server-6fdb89bdcb-8t4rs

kubectl logs metrics-server-6fdb89bdcb-8t4rs -n kube-system -c metrics-server: View log information for namespace kube-system, pod name metrics-server-6fdb89bdcb-8t4rs, container metrics-server

/data/weiwei/kubectl get event: Get event information

/data/weiwei/kubectl get events --all-namespaces: Get events for all namespaces

/data/weiwei/kubectl api-versions -n hubble-manager: View currently available API versions

The above is how to carry out the summary analysis of K8S shared by Xiaobian for everyone. If there are similar doubts, please refer to the above analysis for understanding. If you want to know more about it, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.