Today's article mainly explains the basic concepts of Kubernetes, which plays a very important role in later learning. I hope that friends will read and think carefully.
Introduction to Kubernetes
Kubernetes is a container cluster management system open sourced by Google in June 2014. It is developed using the Go language. Kubernetes is also called K8S.
K8S is derived from a container cluster management system called Borg within Google. Borg has been in large-scale production and operation at Google for ten years.
K8S is mainly used to automate the deployment, expansion and management of container applications, providing a complete set of functions such as resource scheduling, deployment management, service discovery, capacity expansion and contraction, and monitoring.
In July 2015, Kubernetes v1.0 was officially released. As of September 29, 2017, the latest stable version is v1.8.
The goal of Kubernetes is to make deploying containerized applications simple and efficient.
Official website: www.kubernetes.io
The main functions of Kubernetes:
Data volume
To share data between containers in a Pod, data volumes can be used.
App health check
The service in the container may be blocked by the process and cannot process the request. You can set the monitoring and inspection strategy to ensure the robustness of the application.
Copy application instance
The controller maintains the number of Pod copies to ensure that a Pod or a group of similar Pods are always available.
Elastic scaling
Automatically scale the number of Pod copies according to the set index (CPU utilization).
Service discovery
Use environment variables or DNS service plug-ins to ensure that the program in the container finds the access address of the Pod entry.
Load balancing
A group of Pod copies is assigned a private cluster IP address, and load balancing forwards requests to the back-end container. Other Pods in the cluster can access applications through this ClusterIP.
Rolling update
The update service is not interrupted, updating one Pod at a time instead of deleting the entire service at the same time.
Service Orchestration
Describe deployment services through files to make application deployment more efficient.
Resource monitoring
The Node node component integrates the cAdvisor resource collection tool, which can summarize the resource data of the entire cluster node through Heapster, and then store it in the InfluxDB time series database, and then display it by Grafana.
Provide authentication and authorization
Supports attribute access control (ABAC) and role access control (RBAC) authentication and authorization strategies.
Basic object concept
Basic objects:
Under
Pod is the smallest deployment unit. A Pod consists of one or more containers. The containers in the Pod share storage and network and run on the same Docker host.
Service
Service is an application service abstraction that defines the logical collection of Pod and the strategy for accessing this collection of Pod.
The external performance of the Service proxy Pod collection is to assign a cluster IP address as an access portal, and requests from this IP will be load-balanced and forwarded to the containers in the back-end Pod.
Service selects a group of Pods to provide services through LableSelector.
Volume
Data volume, sharing the data used by the container in the Pod.
Namespace
Namespace logically allocates objects to different Namespaces, which can be managed separately for different projects, users, etc., and control strategies are set to realize multi-tenancy.
Namespaces are also called virtual clusters.
Lable
Tags are used to distinguish objects (such as Pod, Service), and key/value pairs exist; each object can have multiple tags, and objects are associated through tags.
Higher-level abstraction based on basic objects:
ReplicaSet
The next generation ReplicationController. Ensure the number of Pod copies specified at any given time and provide functions such as declarative updates.
The only difference between RC and RS is that the label selector supports different, RS supports new set-based tags, and RC only supports equation-based tags.
Deployment
Deployment is a higher-level API object that manages ReplicaSets and Pods, and provides functions such as declarative updates.
The official recommendation is to use Deployment to manage ReplicaSets instead of directly using ReplicaSets, which means that you may never need to directly manipulate ReplicaSet objects.
StatefulSet
StatefulSet is suitable for persistent applications, with a unique network identifier (IP), persistent storage, orderly deployment, expansion, deletion, and rolling update.
DaemonSet
DaemonSet ensures that all (or some) nodes run the same Pod. When a node joins a Kubernetes cluster, the Pod will be scheduled to run on that node. When the node is removed from the cluster, the Pod of the DaemonSet will be deleted. Deleting the DaemonSet will clean up all Pods created by it.
Job
A one-time task, the Pod will be destroyed after the operation is completed, and no new container will be restarted. Tasks can also be run regularly.
system structure
Component function
Master component:
cube-apiserver
Kubernetes API, the unified entrance of the cluster, the coordinator of each component, provides interface services with HTTPAPI, all the addition, deletion, modification, and monitoring operations of all object resources are handed over to the APIServer for processing and then submitted to Etcd storage.
kube-controller-manager
To handle regular background tasks in the cluster, a resource corresponds to a controller, and the ControllerManager is responsible for managing these controllers.
kube-scheduler
Select a Node node for the newly created Pod according to the scheduling algorithm.
Node components:
kubelet
The kubelet is the Agent of the Master on the Node node, which manages the life cycle of running containers on the machine, such as creating containers, Pod mounting data volumes, downloading secrets, and obtaining container and node status. Kubelet converts each Pod into a set of containers.
kube-proxy
Implement Pod network proxy on Node node, maintain network rules and four-layer load balancing work.
docker或rocket(rkt)
Run the container.
Third-party services:
etcd
Distributed key-value storage system. Used to maintain the cluster status, such as Pod, Service and other object information.
In addition, recently recorded <<Docker Advanced Application Practical Course>>, including Swarm and Kubernetes cluster management system, cluster is also the essence of Docker technology application! Those in need may wish to take a look.
Course address: https://ke.qq.com/course/246704