Brief introduction
1, Kubernetes code is hosted on GitHub: https://github.com/kubernetes/kubernetes/ .
2, Kubernetes is an open source cluster management system container , Kubernetes goal is to make application deployment container of simple and effective (powerful), Kubernetes provides application deployment, planning, updating and maintenance of a mechanism . By Kubernetes you can:
- Rapid deployment of applications
- Rapid expansion application
- Seamless connection of new application functionality
- Save resources, optimize the use of hardware resources
3, Kubernetes a core feature is capable of self-management of the container to ensure that the cloud platform running in a container in accordance with the user's desired state (such as the user wants apache has been run, the user does not need to be concerned about how to do it, Kubernetes automatically to monitor, then go to restart, the new, short, let apache has been providing services), the administrator can load a miniature service, let the planner to find the right location, at the same time, Kubernetes also tools and systems to enhance the human aspects, allowing users to easily deploy own applications (like the canary deployments).
4, now Kubernetes focus on uninterrupted service status (such as a web server or cache server) and native cloud platform application (Nosql), in the near future will support a variety of production platforms in a variety of cloud services, such as batch, workflow, as well as traditional databases.
5, in the Kubenetes all containers operating at Pod in a Pod can carry one or more of the associated container , behind the case, the Pod in the same container will be deployed on the same physical machine and able to share a resources. Pod may also comprise a one or more disk volumes O groups (Volumes), These groups will be provided in the form of a directory to a container, or shared by all Pod in the container, each Pod for user-created, the system automatic selection of the healthy and have adequate capacity for the machine, and then create the container similar to the container when the container creation fails, the container will be automatically restarted node agent, the node agent called kubelet, however, if it is Pod failure or machine, it It does not automatically transfer and start unless the user defines the replication controller.
6, the user can create and manage its own Pod, to simplify these operations Kubernetes two operations: deploying a plurality of copies based on the same Pod Pod profile; Alternatively Pod created when a Pod or hanging hung up when the machine . The Kubernetes API is responsible to restart migration behavior part is called "replication controller", it generates a Pod according to a template, then the system will create a lot of redundancy in accordance with the needs of users, these form a redundant Pod the entire application, or service, or service level. Once a Pod is created, the system will constantly monitor the health Pod and the health of the host that Pod, Pod if the reason because the software hangs up the machine or where hung up, replication controller automatically in a healthy create a machine exactly the same as Pod, Pod redundancy to maintain the original state of the same, more of a Pod applications can share a machine.
7, we often need to select a set of Pod, e.g., we want to restrict certain actions of a group of Pod or Pod query the status of a group as a basic mechanism Kubernetes, the user can give in any object of Api Kubernetes paste group key: value of the label, then we will be able to choose by label a group of related Kubernetes Api object, and then to perform certain operations, additional resources each has a set of (many) keys and values, then an external tool using these keys and values vlues retrieve objects, which Map is called annotations (comments).
8, Kubernetes supports a special network model, Kubernetes create an address space, and not dynamically allocated ports, which allows the user to select any port you want to use, in order to achieve this, it is assigned an IP address for each Pod.
9, the modern Internet application services usually include a multi-layer structure, such as web space and reception memory used to store key-value pairs of servers and corresponding storage services, in order to better service provides an abstraction such services in architecture, Kubernetes, and it provides a fixed IP address and DNS name, which is associated with a series of dynamic Pod, which are related through the label mentioned before, so we wanted to be associated with any associated Pod us, when accessing a container in the Pod when this address, the request will be forwarded to the home agent (kube proxy), each machine has a local proxy, then forwarded to the appropriate back-end container. Kubernetes selected in rotation by means of a mechanism for appropriate back-end container, these dynamic Pod is replaced when, Kube proxy tracking the time, so, IP address, services (dns name), never change.
10, all Kubernetes resources, such as Pod, are distinguished by something called the URI , the URI has a UID, an important part of the URI is: Name Type (such as pod) objects, object, named spatial objects for specific object types, in the same namespace, all the names are different, in the case of the object name only and does not provide namespace, this case is assumed to be the default namespace. UID is unique in time and space .
Feature
1, portable: support public cloud, private cloud, hybrid cloud, cloud multiple (multi-cloud)
2, can be extended: a modular, plug-in technology, can be mounted, may be combined
3, automation: automatic deployment, automatic restart, automatic replication, automatic retractable / expansion
Design Architecture
Kubernetes cluster contains a node agent kubelet and Master components (APIs, Scheduler, etc) , everything is based on a distributed storage system. The picture below is Kubernetes architecture diagram.
① In this system architecture diagram, we put into service to run services on the working node and clustered service level control board .
② Kubernetes node has a running application container essential services, which are subject to Master Control.
③ on each node of course have to run Docker . Docker to be responsible for all specific images to download and run the container.
④ Kubernetes主要由以下几个核心组件组成:
- etcd 保存了整个集群的状态;
- apiserver 提供了资源操作的唯一入口,并提供认证、授权、访问控制、API注册和发现等机制;
- controller manager 负责维护集群的状态,比如故障检测、自动扩展、滚动更新等;
- scheduler 负责资源的调度,按照预定的调度策略将Pod调度到相应的机器上;
- kubelet 负责维护容器的生命周期,同时也负责Volume(CVI)和网络(CNI)的管理;
- Container runtime 负责镜像管理以及Pod和容器的真正运行(CRI);
- kube-proxy 负责为Service提供cluster内部的服务发现和负载均衡;
⑤ 除了核心组件,还有一些推荐的Add-ons:
- kube-dns 负责为整个集群提供DNS服务
- Ingress Controller 为服务提供外网入口
- Heapster提供资源监控
- Dashboard提供GUI
- Federation提供跨可用区的集群
- Fluentd-elasticsearch提供集群日志采集、存储与查询
相关名词
(1)kubelet
kubelet负责管理pods和它们上面的容器,images镜像、volumes、etc。
(2)kube-proxy
每一个节点也运行一个简单的网络代理和负载均衡(详见services FAQ )(PS:官方 英文)。 正如Kubernetes API里面定义的这些服务(详见the services doc)(PS:官方 英文)也可以在各种终端中以轮询的方式做一些简单的TCP和UDP传输。
服务端点目前是通过DNS或者环境变量( Docker-links-compatible 和 Kubernetes{FOO}_SERVICE_HOST 及 {FOO}_SERVICE_PORT 变量都支持)。这些变量由服务代理所管理的端口来解析。
(3)Kubernetes控制面板
Kubernetes控制面板可以分为多个部分。目前它们都运行在一个master 节点,然而为了达到高可用性,这需要改变。不同部分一起协作提供一个统一的关于集群的视图。
(4)etcd
所有master的持续状态都存在etcd的一个实例中。这可以很好地存储配置数据。因为有watch(观察者)的支持,各部件协调中的改变可以很快被察觉。
(5)Kubernetes API Server
API服务提供Kubernetes API (PS:官方 英文)的服务。这个服务试图通过把所有或者大部分的业务逻辑放到不两只的部件中从而使其具有CRUD特性。它主要处理REST操作,在etcd中验证更新这些对象(并最终存储)。
(6)Scheduler
调度器把未调度的pod通过binding api绑定到节点上。调度器是可插拔的,并且我们期待支持多集群的调度,未来甚至希望可以支持用户自定义的调度器。
(7)Kubernetes控制管理服务器
所有其它的集群级别的功能目前都是由控制管理器所负责。例如,端点对象是被端点控制器来创建和更新。这些最终可以被分隔成不同的部件来让它们独自的可插拔。
replicationcontroller(PS:官方 英文)是一种建立于简单的 pod API之上的一种机制。一旦实现,我们最终计划把这变成一种通用的插件机制。