Kubelete create container steps

Others 2021-03-21 03:31:59 views: null

  1. Kubelet calls dockershim through the CRI interface (gRPC) to request the creation of a container. In this step, kubelet can be regarded as a simple CRI Client, and dockershim is the server that receives the request. At present, the code of dockershim is actually embedded in the kubelet, so the receiving call is the kubelet process.

  2. After Dockershim receives the request, it converts it into a request that the docker daemon can understand, and sends it to the docker daemon to request the creation of a container.

  3. Docke daemon moved container operations to another daemon process containerd as early as version 1.12, so docker daemon still cannot help us create a container, but asks containerd to create a container.

  4. After containerd receives the request, it does not directly operate the container by itself, but creates a process called containerd-shim to allow containerd-shim to operate the container. It is because the container process needs a parent process to do work such as collecting state, maintaining stdin and other fd open. And if the parent process is containerd, then every time containerd hangs up or upgrades, all containers on the entire host have to exit. The introduction of containerd-shim avoids this problem (containerd and shim are not a parent-child process relationship).

  5. We know that creating a container requires some operations such as setting namespaces and cgroups, mounting the root filesystem, and so on, and there is already a public specification for how to do these things, that is OCI. One of its reference implementations is called runC. Therefore, containerd-shim needs to call the command-line tool runC in this step to start the container.

  6. After runC starts the container, it will exit directly, and containerd-shim will become the parent process of the container process, responsible for collecting the status of the container process, reporting it to containerd, and taking over the child process in the container after the process with pid 1 in the container exits Clean up to ensure that there are no zombie processes.

Guess you like

Origin blog.csdn.net/qq_34939308/article/details/110674357
Recommended
Rich text editor Quill 2.0 is released, with greatly improved features, reliability and developer experience
Ranking
The bootstrap table export function is invalid and an error is reported Uncaught INVALID_CHARACTER_ERR: DOM Exception 5 and the problem of exporting Chinese garbled characters
The application could not be installed: INSTALL_FAILED_SHARED_USER_INCOMPATIBLE
Fools Modeling-Simulated Annealing Algorithm
Web-based live chat one on one swoole
타사 플랫폼, 서버 노트
Precautions for local.properties developed by android studio
Talking about data structure - reprint
thinkphp5 installation
Bit plane layering of images
Summary of the process of creating a Windows installer with Inno Setup
Daily
More
2024-04-17(31)
2024-04-16(23)
2024-04-15(5)
2024-04-14(0)
2024-04-13(18)
2024-04-12(5)
2024-04-11(0)
2024-04-10(1)
2024-04-09(0)
2024-04-08(1)

Code World

© 2018 codetd.com