Introduction
Kubernetes (K8S for short) is an open source container cluster management system that can realize the automatic deployment, automatic expansion and contraction, maintenance and other functions of container clusters. It is not only a container orchestration tool, but also a new leading solution for distributed architecture based on container technology. On the basis of Docker technology, it provides functions such as deployment and operation, resource scheduling, service discovery and dynamic scaling for containerized applications, which improves the convenience of large-scale container cluster management.
The basic term
pod: the smallest scheduling unit, a pod can have multiple containers, multiple containers share the network and storage volume
service: kubernetes abstracts a concept that can be understood as a load balancer, the backend is connected to the pod
cluster ip: service is in The ip in the cluster is equivalent to the ip
ingress of the load balancer : A way
to expose services inside the cluster to the outside of the cluster. Nodeport: The second way to expose services outside the cluster. Follow the service configuration and let the node nodes in the cluster listen accordingly. You can access the internal service
loadbalancer of the cluster through the node node : a way to expose the internal service of the cluster to the outside of the cluster, generally only on the cloud platform can use
deployment: encapsulated pod/replicaset, can achieve the specified number of pod replicas, rolling update, Expansion of pod, generally one application (service) one deployment
statefullSet: equivalent to the deployment of a stateful service, after restarting, the host name and pod name will not change
daemonSet: the pod that needs to run on each node can use daemonSet
job: once Sexual task
cronJob: similar to crontab to perform tasks regularly.
dns: kube-dns/coredns provides dns services in the cluster, which can parse service to cluster ip to realize service discovery.
PV: administrators use to create storage space in advance for users to apply for Use
pvc: users use to apply for storage space
storageClass: defines the storage class for pvc use. When the user requests pv through pvc and specifies the storageClass, kubernetes can dynamically create pv
basic components based on the
storageClass. Introduction to the K8S system architecture
etcd: etcd is a data warehouse
master node component used by the kubernetes cluster to store cluster-related data
The master node is the brain in the main cluster, responsible for processing external api requests, assigning scheduling tasks, and managing the number of copies of the container.
kube-apiserver: kubernetes' external service entrance, the link for communication with other components, the service is stateless, and
kube can be expanded horizontally -scheduler: Responsible for pod task scheduling
kube-controller-manager: handle node node crashes, ensure the number of pod copies, manage endpoints, connect services and pods, and create default api tokens and accounts for new namespaces
node node component The
node node is responsible for work and performs related tasks assigned by the master node
kubelet: Responsible for starting and stopping the container to ensure that the container runs.
kube-proxy: Responsible for generating network rules and routing rules based on the service.
Why Pod
K8S is needed to introduce Pod is mainly based on the following two purposes:
(1) Manageability
Some containers are born to be closely connected and work together. Pod provides a higher level of abstraction than containers, encapsulating them into a deployment unit. Kubernetes uses Pod as the smallest unit to schedule, expand, share resources, and manage life cycle.
(2)
All containers in the communication and resource sharing Pod use the same network namespace, that is, the same IP address and Port space. They can communicate directly with localhost. Similarly, these containers can share storage. When Kubernetes mounts a volume to a Pod, it essentially mounts the volume to each container in the Pod.
The five shared resource
PID namespaces of the container : Different applications in the Pod can see the process IDs of other applications.
Network namespace: Multiple containers in the Pod can access the same IP and port range.
IPC Namespace: Multiple containers in Pod can communicate using SystemV IPC or POSIX message queues.
UTS namespace: Multiple containers in a Pod share a host name.
Volumes (shared storage volumes): Each container in the Pod can access the Volumes defined at the Pod level.
Why do we need Service
Deployment can deploy multiple replicas. Each Pod has its own IP. How can the outside world access these replicas? Do you use the Pod's IP? You know that Pods are likely to be destroyed and restarted frequently, and their IPs will change. IP access is not realistic. At this time, Service appeared.
Service in k8s is a microservice architecture-oriented design, which solves the load balancing of container clusters from k8s itself. These pods marked by services are generally selected through label selectors.
Five types of Service
ClusterIP
Create a ClusterIP to provide access inside the cluster. The
default option
NodePort
exposes a port (NodePort) on each node IP to provide services. The outside of the cluster is accessed in this way::, and one will be created at the same time
ClusterIP
This type is used more
. The random port range exposed by default: 30000-32767
can be explicitly specified through the nodePort field.
LoadBalancer
is used in association with cloud provider's load balancer, and NodePort and ClusterIP will be created automatically at this time
ExternalName
maps the service name to an externalName (for example, a domain name), and provides DNS to CNAME records through kube-dns
Annex A: Troubleshooting Skills
view the log kubectl logs pod-name
to view events kubectl describe pod-name
View docker log
by kubectl get pod -o wide to find the node container node running
to find the container error by docker ps -a on the node node
docker logs container-id
view kubelet and other component logs: journalctl -u kubelet