Docker Cluster Management system Kubernetes

I. Introduction ofKubernetes

Kubernetes is Google open source container cluster management system, based on Docker to build a container scheduling service, providing resource scheduling, balanced disaster recovery, service registration, dynamic expansion capacity and other functional suites, using Kubernetes can easily manage the cross-machine operation of containerized applications. and Kubernetes supports GCE, Vshpere, CoreOS, OpenShift, Azure and other platforms, and can also be deployed directly on the physical host.

Second, kubernetes structure

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/7A/C5/wKiom1a0gdKQtCxOAAGeTsSoD0A101.jpg "title=" kubernetes architecture. jpg "alt=" wkiom1a0gdkqtcxoaagetssod0a101.jpg "/>

1. Pod

In Kubernetes system, the smallest particle of dispatch is not a simple container, but an abstraction into a pod,pod is a minimal deployment unit that can be built, destroyed, dispatched and managed;

The pod is the smallest operating unit of the Kubernetes, and a pod can consist of one or more containers;

The same pod can only be run on the same host;

The same pod shares the same volumes,network namespace.

2. Replicationcontroller (RC)

RC is used to manage the pod, each RC can be composed of one or more pods, after the RC is created, the system will keep the number of available pods in RC is consistent with the number of pods defined when creating RC, if the number of pods is less than the number of definitions, RC will start a new pod, Conversely, it kills the extra pods;

RC is created by a defined pod template, created after the object is called pods (also understood as RC), you can modify the properties of pods online to achieve the scale or properties of dynamic reduction/expansion pods;

RC uses the label association corresponding to the pods, by modifying the pods label can delete the corresponding pods

When a container in the pods needs to be updated, RC uses one substitution principle to update the pod in the entire pods.

3. Service

Services is the outermost unit of Kubernetes, and through virtual one access IP and service port, we can access our defined pod resources;

Service is also the smallest operating unit of Kubernetes, which is the abstraction of real application service;

Service is often used to correlate floating resources with containers that are real services on the backend;

The service is externally represented as a single access interface, without the need to understand the size and mechanism of the backend.

A service is actually an abstract resource that defines a set of running pods in a cluster that provides all the same functionality. When a service resource is created, a unique IP (also called a cluster IP) will be assigned, which will exist throughout the service lifecycle, and once the service is created, the entire IP cannot be modified. The pod can communicate through the service, and all traffic will be automatically load-balanced through the service to all containers in the pod.

4. Label

Labels is a key/value key-value pair used to differentiate pods, service, Replication controllers, using only the relationship recognition between pods, service, Replication Controller, However, the name tag should be used for the operation of the units themselves;

Pod, Service, RC can have more than one label, but each label key can only correspond to one value;

The entire system is associated with a label to get the target that really needs to be manipulated.

5. Proxy

Proxy not only solves the same host service port conflict problem, also provides service forwarding service port to provide services, the proxy backend using a random, round-robin load balancing algorithm.

Third, kubernetes related components

Kubernetes mainly include: Kubectl, Kube-apiserver, Kube-controller-manager, Kube-scheduler, Kube-proxy, Kubelet, Of course, these do not form a complete kubernetes system, the information in the whole system also needs a storage medium ETCD, Network Service flannel (optional)

1.Kubectl

A command-line tool that sends the received command, after formatting, to the Kube-apiserver, as an entry to the entire platform operation.

2.kube-apiserver

As the control entrance of the whole system, it is disclosed in the form of RESTAPI. It can be scaled horizontally in a highly available architecture.

3.kube-controller-manager

Used to perform background tasks throughout the system, which is actually a combination of multiple control processes. This is broadly included as follows:

Node Controller # #负责整个系统中node response and notification of up or down state

Replication Controller # #负责维持Pods中的正常运行的pod的个数

Endpoints Controller # #负责维持Pods和Service的关联关系

Service Account & Token Controllers # #负责为新的命名空间创建默认的账号和API访问Token

4.kube-scheduler

Responsible for monitoring the newly created pods task, which is issued to an unassigned node to run the task

5.kube-proxy

Kube-proxy runs on each node, which is responsible for the connection and forwarding of the entire network rule, making the service in the Kubernetes more abstract

6.Kubelet

Kubelet runs on each node, acting as the agent for the entire system, monitoring the pods tasks assigned to the node (via Apiserver or local profiles), is responsible for mounting the volume group that the pods depends on, downloading the pods key, running the container in pods ( Through Docker, the cycle gets the available state of all containers, and feeds back to the rest system by exporting the status of pods and nodes

7.Pod

A group of applications that share the context is called a pod, and in context, the program can also apply separate cgroup isolation. The model of a pod is a set of container environments (logical hosts) that run the specified application, which can accommodate one or more applications, but in a container world, this is relatively more coupled. They will run on the same physical host or virtual host

The context in the Pod is defined in conjunction with the Linux command space, which contains:

Pod namespace (application in pod can see other processes)

Network namespace (applications get the same IP and port space)

IPC namespace (applications in pod can use SYSTEMV IPC or POSIX Message Queuing to communicate)

UTS namespace (Application sharing host name in pod)

Resource Sharing and communication

All applications in the pod use the same network namespace, and localhost can be used between applications to discover other programs and communications. Each pod has an IP address to communicate with other physical nodes and containers across the network.

Pods are the smallest unit of deployment and support horizontal scaling and replication.

Four, kubernetes each component function introduction

Role Component Features

Master Apiserver provides pestful interface

Master Scheduler is responsible for scheduling, assigning pods to slave nodes

Master Controller-manager is responsible for other functions of master

Master ETCD Storage configuration information, node information, pod information, etc.

Slave Kubelet manages pod, container, and container mirroring

Slave Proxy forwards the request for access to the service to the corresponding pod, doing some load balancing

Client KUBECTL command-line tool to initiate requests to apiserver to create pods, etc.

Five, kubernetes installation

1.yum Installation

# yum-y Install ETCD kubernetes

2. Upgrade (overwrite bin file)

① Upgrade Etcd

# curl -l  https://github.com/coreos/etcd/releases/download/v2.2.3/ etcd-v2.2.3-linux-amd64.tar.gz -o etcd-v2.2.3-linux-amd64.tar.gz# tar -zxvf  etcd-v2.2.3-linux-amd64.tar.gz # cd etcd-v2.2.3-linux-amd64# cp etcd* /bin/#  etcd -versionetcd version: 2.2.3git sha: 05b564ago version: go1.5.2go  OS/Arch: linux/amd64# etcd > /var/log/etcd.log 2>&1 &                 # #启动etcd # curl  127.0.0.1:4001/version{"Etcdserver": "2.2.3", "Etcdcluster": "2.2.0"}#  etcdctl member  list                ## View ETCD Cluster ce2a822cea30bfca: name=default peerurls=http://localhost:2380,http://localhost:7001  clienturls=http://localhost:2379,http://localhost:4001

② Upgrade Kubernetes

# wget https://github.com/GoogleCloudPlatform/kubernetes/releases/download/v1.2.0-alpha.5/kubernetes.tar.gz# Tar- ZXVF kubernetes.tar.gz# CD kubernetes/server# tar-zxvf kubernetes-server-linux-amd64.tar.gz# CD Kubernetes/server/bin /# cp-a kubectl kubelet kube-controller-manager kube-scheduler kube-apiserver kube-proxy/usr/bin/

A. Run Kube-apiserver[systemctl start Kube-apiserver]

# kube-apiserver --address=0.0.0.0 --insecure-port=8080 --service-cluster-ip-range= ' 10.254.0.0/16 '  --kubelet_port=10250 --v=0 --logtostderr=false --log_dir=/var/log/kube  --etcd_servers=http://127.0.0.1:4001 --allow_privileged=false &# kubectl  Versionclient version: version. Info{major: "1",  minor: "The",  gitversion: "V1.2.0-alpha.5",  gitcommit: " 9c0e7775672b26ab2005db8651890a60253478e2 ",  gittreestate:" Clean "}server version: version. Info{major: "1",  minor: "The",  gitversion: "V1.2.0-alpha.5",  gitcommit: " 9c0e7775672b26ab2005db8651890a60253478e2 ",  gittreestate:" Clean "}# ss -tlnp|grep  apiserverlisten     0      128                       :: :6443                    :::*        Users: (("Kube-apiserver", 1811,27)) listen     0      128                        :::8080                     :::*       users: (("Kube-apiserver", 1811,26))

B. Run Kube-scheduler[systemctl start Kube-scheduler]

# Kube-scheduler--v=0--logtostderr=false--log_dir=/var/log/kube--master= ' 127.0.0.1:8080 ' Ss-tlnp|grep Schedulerlisten 0 127.0.0.1:10251 *:* Users: (("Kube-scheduler", 1933,9))

C. Run Kube-controller-manager[systemctl start Kube-controller-manager]

# Kube-controller-manager--v=0--logtostderr=false--log_dir=/var/log/kube--port=10252--master=127.0.0.1:8080 Ss-tlnp|grep Controllerlisten 0 127.0.0.1:10252 *:* Users: (("Ku Be-controller ", 1880,9))

Minion (need to start Docker before running Kubelet)

# kube-proxy --v=0 --logtostderr=false --log_dir=/ var/log/kube --master=http://master:8080 &# ss -tlnp|grep proxylisten      0      128                127.0.0.1:10249                     *:*        users: (("Kube-proxy", 1635,3)) listen     0       128                       :::54921                    :::*       users: (("Kube-proxy", 1635,7) )

B. Run Kubelet[systemctl start Kubelet]

# kubelet --v=0 --logtostderr=false --allow-privileged=false --log_dir=/var/log/kube  --address=0.0.0.0 --port=10250 --register-node=true --api_servers=mastr:8080 &#  ss -tlnp|grep kubeletLISTEN     0       128               127.0.0.1:10248                      *:*       users: (("Kubelet", 6277,14)) listen      0      128                       :::4194                     :::*        useRS: (("Kubelet", 6277,11) listen     0      128                        :::10250                    :::*       users: (("Kubelet", 6277,18)) LISTEN      0      128                       :::10255                    :::*       users: (("Kubelet", 6277,15))

Master

# kubectl get nodes               # #查看node清单NAME                      LABELS                          STATUS     AGE127.0.0.1      kubernetes.io/hostname=127.0.0.1        notready   23dlocalhost.localdomain   kubernetes.io/hostname= localhost.localdomain   notready   21dminion         kubernetes.io/hostname=minion            notready   21d# kubectl get pods                 # #查看pods清单NAME       READY      STATUS    RESTARTS   AGE# kubectl get services              # #查看service清单NAME           cluster_ip   external_ip   port (S)     SELECTOR   AGEkubernetes   10.254.0.1   <none>         443/TCP   <none>      4d# kubectl get replicationcontrollers   ## View Replicationcontrollers list Controller   container (s)    image (s)     Selector   replicas

This article is from the Notepad blog, so be sure to keep this source http://wangzhijian.blog.51cto.com/6427016/1762632

Docker Cluster Management system Kubernetes