Shulou(Shulou.com)06/02 Report--

What is Kubernetes?

Industry abbreviation: K8S, there are eight letters between the first letter and the last mother, so it is called K8S, I do not know why the name?

1. It is a new distributed architecture scheme based on container technology. Kubernetes is an open source version of Borg, Google's secret weapon for more than a decade. It is said that GG employees have signed a confidentiality agreement so that they cannot disclose secrets even if they leave. (industry big data framework: Hadoop, also inspired by GG public literature GFS and BigTable).

2. If our system design follows the design idea of Kubernetes, it can be said that the underlying code or functional modules in the traditional system architecture that do not have much to do with the business can be eliminated, and we no longer have to worry about load balancing and deployment of applications.

3. Kubernetes is an open platform. Big bowls of open source infrastructure such as Google and Redhat have jointly launched a foundation called CNCF (Cloud Native Computing Foundation).

4. Kubernetes is a complete distributed system supporting platform.

Why use Kubernetes?

1. It can be perfectly structured with micro-services to form a micro-service architecture.

2. The elastic expansion mechanism of services in K8S can cope with sudden traffic.

3. The flexibility of K8S architecture and super horizontal expansion ability can improve our competitiveness.

4. Build the company's DevOps, CI/CD and continuous delivery based on container technology to shorten the development cycle

Architecture of Kuberntes

The following figure shows the architecture of K8S

The main core components of Kubernetes:

In the figure above, the left node is the Master node and the right is the Node node:

The main function of Master node is to control and manage the state of the whole cluster and receive operation requests from external users. It mainly runs three service processes, namely, kube-apiserver, kube-scheduler and kube-controller-manager. The specific functions are as follows:

Kube-apiserver

Kube-apiserver is the core of the entire Kubernetes cluster, and it is also the first component to start deployment Kubernetes. All other components will be connected to this service at startup, mainly to provide a unified entry for resource operation, and to store the status information of the cluster in the etcd cluster through RestAPI.

Kube-scheduler

It is mainly responsible for resource scheduling, scheduling Pod to suitable running or specific service nodes according to the current resource usage of the cluster and complex scheduling algorithms.

Kube-controller-manager

The kube-controller-manager service is responsible for managing the status of various resources in the K8S cluster, such as fault detection, rolling updates and so on.

The Node node is the place where the user's tasks are actually executed, and there are two kinds of service processes on it: kube-proxy and kubelet. The specific functions are as follows:

Kube-proxy

The kube-proxy service is designed to solve the problem of routing K8S specific Service access from Pod in Node nodes. Whenever K8S creates a Service Endpoint, the kube-proxy process on each Node node modifies the iptables rules of the node system, so that when the Pod on that node accesses the virtual Ip and port of the corresponding Endpoint, the request is distributed to the correct node and container for processing.

Kubelet

Kubelet is directly responsible for the lifecycle of containers on the node, as well as the management of Volume and CNI

Other core components:

Etcd: save the state of the cluster, and the state data of the entire cluster is stored here, so when building a K8S cluster, etcd should also be clustered, and the data of etcd should be backed up at the same time.

Heapster: provides resource monitoring

Kube-dns: responsible for providing DNS services for the entire cluster

Core concepts of Kuberntes

In the Kubernetes cluster, the server roles are divided into Master and Node, and these two roles are running different service processes.

Pod

Pod represents a combination of one or more containers, which is the most basic scheduling and operating unit of K8S. There is a special container in each Pod, which is called the "root container" pause container.

Containers in the same Pod will always be scheduled and deployed to the same node, and share the same data volume and network stack, that is, multiple containers in the Pod can mount the same external data volume at the same time, which is very useful for deploying tight services.

Label

Labe (tag) is actually a key-value pair of Kmurv, which is used to mark the key-value pair of Pod, Node, Namespace, or any other resource object. It is mainly used to filter resources when querying or selecting.

Service

Service is the abstraction of user business function provided by Kubernetes cluster, which is represented as an independent virtual IP and port. In fact, this Service is a micro-service in the micro-service architecture that we often talk about.

In fact, its backend is a combination of containers composed of a single Pod or multiple copies of Pod, with the routing ability of K8S to provide actual access. Through this layer, K8S can complete services and handover, load balancing, node scheduling according to resource conditions and so on.

So what is the relationship between this Service and RC and Pod? See the picture below

If the company has hundreds or thousands of Service and there is a link invocation relationship between these Service, how do you monitor these services?

One is to print log information in these service for collection and analysis through ELK or EFK, and the other is to build (Service Mesh) monitoring through the service grid.

RC (Replication Controller)

RC is a concept used to manage Pod replica objects in the early K8S version. In fact, it also includes the functions of ReplicaSet and Deployment, but it does not have the function of deployment version management, so it is recommended to use Deployment and ReplicaSet to replace it in later versions, but Deployment is preferred.

Deployment

Deployment is a new concept introduced by K8S in version 1.2, which is used to better solve the problem of Pod choreography. In fact, Deployment is internally implemented using ReplicaSet, that is, the deployment description information saved by Deployment is used to create ReplicaSet objects, and each Deployment object corresponds to a running ReplicaSet object, which actually manages the operation of the Pod copy:

The general direction is as follows:

Deployment- > ReplicaSet- > Pod

Ingress

Ingress is essentially a load balancer, which is used to expose user services in the cluster to the outside world through a unified IP address.

Namespace

Namespace (namespace) is used in many cases to achieve multi-tenant resource isolation. Most of the resources in K8S except Node and Label, such as Pod,Service, LimitRange, etc., are created in a specific Namespace (default is the default namespace)

Sts (StatefulSet)

STS was called PetSet before the Kubernetes1.5 version and was used to deploy and run persistent state services. In K8S, Pod's management objects RC, Deployment and Job are all stateless services. Using STS, you can deploy MySQL cluster, MongoDB cluster, ZK cluster, Redis cluster and so on.

Job

Job is used to execute one-time tasks in batches. Each Job will also correspond to one or more Pod, these Pod execution is time-limited, after the end of the program, the Job will be marked as success or failure.

Volume

Volume (Storage Volume) is a shared directory in Pod that can be accessed by multiple containers.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.