Introduction Technology container (Kubernetes and Docker)
A, docker
With the rapid development of computer technology, container technology now more and more fire, and Docker is undoubtedly one of the star products, currently Docker in the country especially in the development of the company's line of Internet in full swing, the use of Docker is already very common.
Docker is based on the Linux kernel Cgroup and namespace, and Union FS and other AUFS class technology, the process is encapsulated isolation technology. It belongs to virtualization operating system level.
After the traditional virtualization technology is a set of virtual hardware, running a full operating system on its basis, and then on this system required to run the application process. The Docker technology is the application process in the container run directly on the host of the kernel, the kernel does not own the container, but not the virtual hardware. Thus, relative to traditional virtualization technology is concerned, Docker more portable.
Docker container has the following advantages:
(1) a more efficient use of system resources;
(2) faster start-up time;
(3) a consistent runtime environment;
(4) to support the continued delivery and deployment;
(5) easier migration application;
(6) easier to maintain and extend.
Docker using a client - server (C / S) architecture model, using remote API to create and manage Docker containers. In the Docker, with three basic concepts you need to know:
(1) Docker Mirror: Docker image is a special file system, in addition to providing the desired containers run programs, libraries, resources, and other configuration files, further comprising a number of configuration parameters for the preparation of runtime (e.g., volume anonymous , environment variables, users, etc.). Image does not contain any dynamic data, its contents do not change after the build. As the image contains the complete root file system of the operating system, the volume is often very large, so as tiered storage architecture Docker design. It consists of a coalition of multi-layer file system. When constructing the mirror, will be constructed layer by layer, the previous layer is the base layer. After the completion of construction of each layer will not change, the change will only occur after one in their own this layer. When mirrored building, as far as possible each layer contains only the things needed any extra things to be cleared away before the end of the layer build. Such layered design, the mirror image of reuse and customization become very easy. Just build a good basis to further customize.
(2) Docker container: the container can be seen as Docker Docker mirror runtime. Each runtime container, based on a mirror image, the current container to create a storage layer thereon, the reader is prepared it runs container, called the container storage layer. When dying container, container storage layer also will wither away, stored in any container storage layer information will be lost deleted. Press Docker best practice requires, the container should not write any data to its storage layer, the storage layer to keep the container free of state. All files should write operation data volume or binding Volume host directories, read and write at these locations will skip container storage layer to read and write to the host (or network storage) occurs directly, higher performance and stability . Volume data life cycle is independent of the volume of the container, the container disappeared, the data volume will not die out, therefore, the data volume is not lost.
(. 3) Docker Warehouse: warehouse for storing Docker Docker mirror, the mirror can be pulled from here, may be mirrored to push their Docker warehouse. Docker Registry may comprise a plurality of warehouses (Registrory), may comprise a plurality of labels each warehouse (Tag), each corresponding to a label image.
二, kubernetes
Docker itself is well suited to manage a single container. But as more and more of the container and container applications, and put them into hundreds of parts, it is likely to lead manage and arrange very difficult. Ultimately, the need to implement grouping of containers, all containers in order to provide cross-network, security, telemetry and other services. So, Kubernetes (also known as k8s) came into being.
Real production applications will involve a lot of container. These containers must be deployed across multiple servers host. Kubernetes can provide the required scheduling and management capabilities to large-scale deployment of containers for these workloads. With Kubernetes orchestration capabilities, you can build applications and services across multiple containers across the cluster scheduling, expansion of these vessels, and long-term sustainable management of the health status of these containers.
K8S architecture as shown below:
wherein, k8s architecture has some concepts need to know:
(. 1) ETCD: kv a highly available storage and service discovery system;
(2) flannel: container implement network communication component across hosts, Flannel the design goal is for all nodes in a cluster re planning to use the rules of IP addresses, so that the containers on different nodes can get "belong to a network" and "do not duplicate" IP address, and let the vessels belonging to different nodes directly through the IP communication network, which is essentially a "overlay network (overlaynetwork)", i.e. the TCP data and forwards the package to route communications network packet inside another, now supports udp, vxlan, host- gw, aws-vpc, gce alloc routing and data forwarding mode, the default data communication between nodes is forwarded UDP, which follows the architecture shown in FIG:
(. 3) Kube-apiserver: providing k8s cluster API calls, HTTP provides Rest key service process interface, where all resources are Kubernetes add, delete, change, and other operations only entrance, but also cluster control entry Cheng;
(4) kube-controller-manager : Kubernetes in automation control center for all resource objects;
(5) Kube-Scheduler: Process responsible for resource scheduling (Pod scheduling);
(6) kubelet: on Node node according to the configuration file is responsible for Pod corresponding container to create, start and stop tasks, while close collaboration with the Master node, the basic functions of cluster management;
(7) Kube-proxy: realize the important components of communication with the load balancing mechanism Kubernetes service provides network agency services;
(8) pod: Pod is the most important and basic concept Kubernetes each Pod has a special known as "root container," the Pause container. Pause image corresponding to part of the container Kubernetes platform, except Pause containers, each Pod further comprising one or a plurality of user service container closely related;
(. 9) ReplicaController: the RC is the core concept Kubernetes systems, simply it really is the definition of a desired scene, that is, the number of copies of certain Pod statement at any time in line with an expected value;
(10) Service: Service is one of the most Kubernetes in the core resource object, in the Kubernetes each service in fact, we often mention the micro-service architecture in a "micro-service", the following figure shows the logical relationship Pod, RC and service of:
(11) Volume: Volume is shared can be accessed in multiple containers Pod table of Contents. Volume Kubernetes the concept, use and purpose of the Docker Volume relatively similar, but not both equivalence;
(12 is) namespace: namespace Kubernetes system is another very important concept, in many cases for the Namespace multi-tenant the resource isolation;
(13) PV: PersistentVolume (PV ) is a segment of a network storage cluster configuration by an administrator. Resources in the cluster as a cluster node is a resource. PV is the volume widget such as a coil or the like, but with the use of any single pod independent of the PV life cycle. The API object capture storage implementation details, i.e. NFS, iSCSI or cloud provider specific storage system;
(14) of PVC: PersistentVolumeClaim (of PVC) is stored in the requesting user. It is similar pod. Pod node resource consumption, PVC consumption Pod resources. Pod may request a particular level of resources (CPU and memory). Claims may request a particular size and access mode (for example, once the read / write or read only install many times).
Three, kubernetes build a clustered environment
This part of my content on the Baidu network disk, including binary files and kubeadm way to build a quick way to build. I used centOs system, k8s1.6 + and Docker CE; a master node and nodes to build two node cluster. (Note: The virtual machine disk space at least 20GB or more, it is best to go with a solid state disk installed, otherwise there is a risk of jamming pro-test ...!). The following is the installation documentation Baidu network disk address:
link: https://pan.baidu.com/s/1roO1gc9-z_ttiVNVJLfMyA extraction code: ag9x
