±à¼ÍƼö: |
±¾ÎÄÏò´ó¼Ò½éÉÜÀí½âKubernetesµÄ×ÊÔ´ÇëÇóºÍÏÞÖÆ,½Úµã·ÖÅä×ÊÔ´»ò±£ÁôµÄ×ÊÔ´,ÓÅÑŵØÍ£Ö¹Pod,Pod×Ô¶¯À©Õ¹,¼à¿Ø,Ï£Íû¶ÔÄúµÄѧϰÓÐËù°ïÖú¡£
±¾ÎÄÀ´×ÔÓÚcsdn£¬ÓÉ»ðÁú¹ûÈí¼þDelores±à¼¡¢ÍƼö¡£ |
|
ÎÒÃǹ滮Óг¬¹ý30¸öÉú²ú»·¾³µÄKubernetes¼¯Èº¡£ÒÔÏÂÄ¿±ê¿ÉÄÜÓÐÖúÓÚÀí½âÎĵµµÄÆäÓಿ·Ö¡¢ÎÒÃǵÄKubernetesÉèÖÃÒÔ¼°ÎÒÃǵľßÌåÌôÕ½£º
ÎÞÐèÊÖ¶¯²Ù×÷£ºËùÓм¯ÈºµÄ¸üкͲÙ×÷¶¼±ØÐëÊÇÍêÈ«×Ô¶¯»¯µÄ
²»ÄÜÓÐÌØÀý¼¯Èº£ºËùÓеļ¯Èº¶¼Ó¦¸ÃÊÇÍêȫһֵ쬲»ÐèÒªÈκÎÌØ¶¨µÄÅäÖûòµ÷Õû
¿É¿¿ÐÔ£º»ù´¡ÉèʩӦ¸ÃÊǼáÈçÅÍʯµÄ£¬ÎÒÃǵĽ»¸¶ÍŶÓίÍÐÎÒÃǵļ¯Èº¹ÜÀíËûÃÇ×î¹Ø¼üµÄÓ¦ÓóÌÐò
µ¯ÐÔÉìËõ£º¼¯ÈºÓ¦¸ÃÄܹ»×Ô¶¯ÊÊÓ¦ÒѲ¿ÊðÓ¦ÓõŤ×÷¸ºÔØ£¬²¢ÇÒ°´ÕÕÔ¤ÆÚ½øÐÐÉìËõ
ÎÞ·ìÇ¨ÒÆ£ºÄ¿Ç°ÔÚAWS/STUPS[1]ÉÏÒѾ²¿ÊðµÄÈÝÆ÷»¯µÄÂú×ã£¨ÔÆÔÉú£©12ÒªËØµÄÓ¦Ó㬿ÉÒÔ²»×öÈκÎÐ޸ĵÄÇé¿öÇ¨ÒÆµ½Kubernetes
¼¯Èº×Ô¶¯»¯
ÏÖÔÚÒѾÓкܶ๤¾ß¿ÉÒÔÌṩKubernetes¼¯Èº¡£ÎÒÃÇÑ¡Ôñ²ÉÓÃkube-aws[2]¹¤¾ß£¬ÒòΪËüÓëÎÒÃǵ±Ç°ÔÚAWSµÄ¹¤×÷·½Ê½ÏàÏàËÆ£ºÊ¹ÓÃcloud-initºÍCloudFormation¶¨Òå»ù´¡½á¹¹£¬²¢ÇÒÅäÖÃÕâЩ²»¿É±ä½Úµã¡£CoreOSÌṩµÄÈÝÆ÷LinuxÍêÈ«·ûºÏÎÒÃǶÔÓÚ¼¯Èº½ÚµãϵͳµÄÀí½â£ºÖ»ÌṩÔËÐÐÈÝÆ÷ËùÐèÒªµÄÄÚÈÝ£¬Ã»ÓÐÈÎºÎÆäËû¶«Î÷¡£
ÿһ¸öAWSÕ˺ÅÏÂÃæÎÒÃÇÖ»´´½¨Ò»¸öKubernetes¼¯Èº¡£ÎÒÃÇΪÉú²úºÍ²âÊÔ»·¾³·í´´½¨Á˶ÀÁ¢µÄAWSÕ˺źͼ¯Èº£¬Í¬Ê±ÎÒÃÇ»áÁ¢¼´´´½¨Á½¸öAWSµ¯ÐÔÉìËõ×飺
Ò»¸öÖ÷µ¯ÐÔÉþË÷×飬ÓÃÓÚÈ·±£Ê¼ÖÕÓÐÁ½¸ö½ÚµãÓÃÓÚÔËÐÐAPI ServerºÍController Manager
Ò»¸ö¸±µ¯ÐÔÉìËõ×飬ÓÃÓÚÈ·±£Ê¼ÖÕÓÐ2¸ö»ò2¸öÒÔÉϵĽڵãÓÃÓÚÔËÐÐÓ¦ÓÃPod
ÕâÁ½¸ö×Ô¶¯µ¯ÐÔÉìËõ×é¶¼ÊÇ¿ç¿ÉÓÃÇø£¨AZ£©µÄ¡£API Serverͨ¹ýÒ»¸ö¡°¾µä¡±TCP/SSLµÄµ¯ÐÔ¸ºÔؾùºâÆ÷£¨ELB£©ÓëTLSÒ»Æð¶ÔÍ⹫¿ª¡£
ÎÒÃÇ×Ô¼º¹¹½¨ÁËÒ»¸ö¼¯Èº×¢²áµÄREST·þÎñ£¬ÓÃÓÚ¹ÜÀíËùÓеÄKubernetes¼¯Èº¡£ÁíÍâÒ»¸ö×é¼þ£¨¼¯ÈºÉúÃüÖÜÆÚ¹ÜÀíÆ÷£¬CLM£©¶¨ÆÚÂÖѵ¼¯Èº×¢²á±í£¬²¢ÇÒ½«¸üе½ËùÐè״̬¡£ÆäÖÐËùÐè״̬ÊÇͨ¹ýCloudFormationÒÔ¼°KubernetesÅäÖÃÊÇ´æ´¢ÔÚGitµ±ÖÐ[3]¡£

²»Í¬µÄ¼¯ÈºÊ¹ÓÃÁ˲»Í¬µÄͨµÀÅäÖ㨷ÖÖ§£©¡£¾ÙÀýÀ´Ëµ£¬Ò»Ð©·Ç¹Ø¼üÐԵļ¯Èº¿ÉÄÜʹÓÃÁ˾ßÓÐ×îÐÂÌØÐԵġ°alpha"ͨµÀ£¨·ÖÖ§£©£¬¶øÆäËü¼¯ÈºÔòʹÓÃÁË¡°Stable¡±Í¨µÀ£¨·ÖÖ§£©¡£Í¨µÀµÄ¸ÅÄîÀàËÆÓÚCoreOS¹ÜÀíÈÝÆ÷linux·¢²¼µÄ·½Ê½¡£
Ò»µ©ÓÐÈκαä¸ü±»ºÏ²¢µ½¶ÔÓ¦µÄ·ÖÖ§ÖУ¬¼¯Èº¾Í»á×Ô¶¯¸üС£ÅäÖñä¸üÊ×ÏÈ»áÔÚÒ»¸ö¶ÀÁ¢µÄÌØÐÔ·ÖÖ§½øÐвâÊÔ£¬Íê³ÉÑéÖ¤ºóÏòdev·ÖÖ§·¢Æðpull request£¬²¢ÇÒ×Ô¶¯ÔËÐж˵½¶Ë²âÊÔ£¨°üº¬¹Ù·½µÄKubernetesÒ»ÖÂÐÔ²âÊÔ£©¡£

AWS¼¯³É
ÎÒÃÇÔÚAWSÉÏÌṩ¼¯Èº£¬Òò´ËÏ£ÍûÔÚ¿ÉÄܵÄÇé¿öÏÂÓëAWSµÄ·þÎñ½øÐм¯³É¡£kube2iam[4]ÊØ»¤½ø³Ì¿ÉÒÔÔÊÐíÎÒÃÇͨ¹ýÌí¼Ó×¢½â£¨annotation£©µÄ·½Ê½½«AWS IAM½ÇÉ«·ÖÅ䏸Pod¡£ÎÒÃǵĻù´¡ÉèÊ©×é¼þ£¨ÈçAutoscaler£©Ê¹ÓÃÁËÏàͬµÄ»úÖÆÊ¹ÓÃIAM½ÇÉ«À´·ÃÎÊAWS API£¨ÊÜÏÞÖÆAPI£©¡£
Ingress
ÓÉÓÚûÓÐÔÚAWSÉÏʵÏÖIngress·þÎñµÄ¹Ù·½·½Ê½¡£ÎÒÃǾö¶¨Í¨¹ý´´½¨ÐµÄ×é¼þKube AWS ingress ControllerÀ´ÊµÏÖÎÒÃǵÄÄ¿±ê£º
ÓÃALBÖÐÖ¹µÄSSL£º±ãÓÚʹÓÃACM£¨ÑÇÂíÑ·ÌṩµÄÃâ·ÑCA·þÎñ£©£¬ÒÔ¼°Í¨¹ýAWS IAMÉÏ´«Ö¤Êé
ʹÓÃÐÂELBv2Ó¦ÓøºÔؾùºâÆ÷

External DNS×Ô¶¯½«IngressÖ÷»úÅäÖõ½ÎÒÃÇRoute53ÖеÄDNS¼Ç¼ÖС£
×ÊÔ´
Àí½âKubernetesµÄ×ÊÔ´ÇëÇóºÍÏÞÖÆÊǷdz£ÖØÒªµÄÒ»¸öÊÂÇé¡£
ĬÈϵÄ×ÊÔ´ÇëÇóºÍÏÞÖÆ¿ÉÒÔͨ¹ýLimitRange½øÐÐÅäÖá£Õâ¿ÉÒÔ·ÀֹһЩ¡°ÓÞ´À¡±µÄÊÂÇé·¢Éú£¬±ÈÈ磬²¿ÊðJVMÓ¦ÓÃʱûÓÐÈκÎÉèÖã¨Ã»ÓÐÄÚ´æÏÞÖÆ£¬Ò²Ã»ÓÐJVM¶Ñ¼¯ÉèÖã©£¬´Ó¶ø?ÏûºÄµô½ÚµãËùÓеÄÄÚ´æ¡£ÎÒÃǵ±Ç°Ê¹ÓÃÒÔÏÂĬÈÏÏÞÖÆ£º

CPUµÄĬÈÏÏÞÖÆÎª3¸öÄںˣ¬ÒòΪÎÒÃÇ·¢ÏÖÕâ¸öÓÐÀûÓÚJVMÓ¦ÓóÌÐò¿ìËÙÆô¶¯¡£Ïà¹ØµÄÏêϸÐÅÏ¢£¬Çë²Î¼ûÎÒÃǵÄLimitRange YAML Çåµ¥¡£
ÎÒÃÇʹÓÃÁËһЩСµÄ½Å±¾²¢ÇÒͨ¹ýʹÓÃÁËDownwards APIÔÚKubernetesÉÏÔËÐÐJVMÓ¦ÓóÌÐò£¬¶ø²»ÐèÒªÊÖ¶¯ÉèÖÃHeapµÄ×î´óÖµ¡£¶ÔÓÚijЩJVMÓ¦ÓóÌÐòµÄDeploymentµÄContainer spec²¿·ÖÀàËÆÓÚÒÔÏÂÄÚÈÝ£º

Kubelet¿ÉÒÔ±»Ö¸¶¨ÎªÏµÍ³ºÍKubernetes×é¼þ£¨KubeletºÍDockerµÈ£©Ô¤ÁôÒ»¶¨µÄ×ÊÔ´¡£±£Áô×ÊÔ´»á´Ó½ÚµãµÄ×ÊÔ´ÖÐÈ¥³ý¡£ÕâʹµÃµ÷¶È»úÖÆµÃµ½ÓÅ»¯£¬Ê¹×ÊÔ´·ÖÅä/ʹÓøü¼Ó͸Ã÷¡£½Úµã·ÖÅä×ÊÔ´»ò±£ÁôµÄ×ÊÔ´¿ÉÒÔÔÚKubernetes²Ù×÷ÊÓͼ²é¿´£º

ÓÅÑŵØÍ£Ö¹Pod
ĬÈÏÇé¿öϵ±Pod±»Í£Ö¹Ê±Kubernetes»áµ¼Ö·þÎñµÄÖжϣ¬Òò´ËÓ¦ÓóÌÐòÒÔ¼°ÅäÖö¼ÐèÒª×öºÃÓÅÑŹرյÄ×¼±¸¡£Ä¬ÈÏÇé¿öÏ£¬Pods»á½ÓÊÕµ½TERMÐźţ¬Í¬Ê±kube-proxy»á¶Ôiptables¹æÔò½øÐÐÖØÐÂÉèÖ㬴ӶøÍ£Ö¹Óë¸ÃPodµÄͨѶ¡£Èç¹ûPodûÓÐ×Ô¼ºÍ£Ö¹£¬ÔÚ½ÓÊÕµ½KILLÐźÅ30sºóPod½«»á±»Killµô¡£
KubernetesÏ£ÍûÈÝÆ÷Äܹ»´¦ÀíTERMÐźţ¬»òÕßÖÁÉÙÔڵȴý¼¸Ã룬ÈÃkube-proxyÓÐ×ã¹»µÄʱ¼ä¸Ä±äiptablesµÄ¹æÔò¡£Çë×¢ÒâreadinessProbeµÄÐÐΪÔÚ½ÓÊܵ½TERMÐźźó¾Í±äµÃÎ޹ؽôÒªÁË¡£
ÕâÀïÓÐÁ½ÖÖÇé¿ö»áµ¼ÖÂÇëÇóʧ°Ü£º
PodÖеÄÈÝÆ÷ÔÚ½ÓÊÕTERMÐźÅʱÁ¢¼´ÖÕÖ¹£¬Òò´ËûÓиøkube-proxy×ã¹»µÄʱ¼äÀ´É¾³ýת·¢¹æÔò
Keep-aliveµÄÁ¬½ÓÎÞ·¨±»Kubernetes´¦Àí¡£ÀýÈ磬Èç¹û¿Í»§¶ËʹÓÃÁËkeep-aliveÁ¬½Ó£¬ÄÇÕâ¸öÇëÇóÒÀÈ»»á±»Â·Óɵ½PodÉÏ
Keep-aliveÁ¬½ÓĬÈÏÇé¿ö϶¼Ê¹ÓÃÁËÁ¬½Ó³Ø¡£Õâ¾ÍÒâζ׿¸ºõËùÓеÄÔÚ΢·þÎñÖ®¼äµÄ¿Í»§¶ËÇëÇó¶¼»áÊܵ½PodÍ£Ö¹µÄÓ°Ïì¡£
KubernetesµÄĬÈÏÐÐΪ×è°ÁËÎÒÃÇ´ÓAWS/STUPS»ù´¡ÉèÊ©ÎÞ·ìÇ¨ÒÆµ½Kubernetes¡£ÔÚSTUPSÖУ¬Ã¿Ò»¸öµ¥¶ÀµÄÈÝÆ÷Ö±½ÓÔËÐÐÔÚEC2ʵÀýÉÏ¡£ÕâÖÖÇé¿öÏÂAWS»á×Ô¶¯×¢ÏúEC2ʵÀý£¬²¢ÇÒ´ÓELBÖн«ÇëÇó·¢Ë͵½ÒѾֹͣµÄʵÀýÖУ¬Òò´ËÈÝÆ÷µÄÓÅÑÅÖÕÖ¹²¢²»ÊDZØÐëµÃ¡£Òò´ËÎÒÃÇÕýÔÚ¿¼ÂÇͨ¹ýÔÚ»ù´¡ÉèÊ©²ãÃæÉϽâ¾öKubernetes PodÓÅÑÅÖÕÖ¹µÄÎÊÌâ¡£¶øÕâÖÖ·½Ê½¿ÉÒÔÈÃÎÒÃǵÄÓû§£¨ÒÔ¼°Ó¦Óÿª·¢Õߣ©²»ÓöÔÓ¦ÓóÌÐò×öÈκεÄÐ޸ġ£
ÓйØÕâ¸öÖ÷Ìâ¸ü¶àÐÅÏ¢, Äú¿ÉÒÔÕÒµ½Ò»Æª¹ØÓÚ¡¶ÈçºÎÔÚKubernetesÖÐÓÅÑÅ֪ͨnode.js[5]¡·µÄ²©¿ÍÒÔ¼°¡¶Ò»¸öСµÄ²âÊÔÓ¦ÓÃÀ´¹Û²ìpodµÄÖÐÖ¹ÐÐΪ[6]¡·¡£
×Ô¶¯À©Õ¹
Pod×Ô¶¯À©Õ¹
ÎÒÃÇʹÓÃHorizontalPodAutoscaler[7]À´À©Õ¹DeploymentµÄReplicaÊýÁ¿¡£PodµÄ×Ô¶¯ÉìËõʱÐèҪʵÏÖÓÅÑÅÖÕÖ¹£¨ÀíÓɼûÉÏÎÄ£©À´½µµÍÔÚÈκÎÇé¿öϵķçÏÕ¡£µ½Ä¿Ç°ÎªÖ¹ÎÒÃÇֻʹÓÃÁË»ùÓÚCPUµÄ×Ô¶¯À©Õ¹¡£
Node×Ô¶¯À©Õ¹
ÎÒÃÇÊÔÑéµÄAWS×Ô¶¯ÉìËõÆ÷³¢ÊÔ»ùÓÚAWS×Ô¶¯ÉìËõ×éʵÏÖÒ»¸ö¼òµ¥µÄºÍµ¯ÐÔµÄ×Ô¶¯ÉìËõÄÜÁ¦¡£
ÓÅÑŹرսڵãÔÚÈκÎʱºò¶¼ÊDZØÐëµÄ£¬ÒÔ½µµÍÏà¹ØµÄ·çÏÕ¡£ÎÒÃÇÌí¼ÓÁËÒ»¸ö¼òµ¥µÄϵͳµ¥Ôª£¬ÒÔ±ãÔڹػúʱÔËÐÐkubectlÇåÀí×ÊÔ´¡£
½øÐнڵãµÄÀ©Õ¹»òÕßÌæ»»»áÔì³ÉÓ¦¼¶PodÒÔ¼°ÏµÍ³¼¶Pod£¨DaemonSet£©µÄ¾ºÕù·çÏÕ¡£ÎÒÃÇ»¹Ã»ÓÐÏëµ½Ò»¸öºÃµÄ·½·¨À´±ÜÃâÔڽڵ㻹ûÓÐÍêÈ«¾ÍÐ÷֮ǰӦÓþͱ»µ÷¶Èµ½¸Ã½Úµã£¬½ö½öÒÀ¿¿kubeletµÄ¾ÍÐ÷Ìõ¼þÊDz»¹»µÄ¡£ÒòΪËüÎÞ·¨È·±£ËùÓеÄϵͳPod£¬Èçkube-proxyºÍkube2iamÒѾÕý³£ÔËÐС£ÓÐÒ»¸öÏë·¨ÊÇÔÚ½Úµã³õʼ»¯ÆÚ¼äʹÓÃtaintsÀ´·ÀÖ¹Ó¦ÓÃPodÔÚ½ÚµãÍêÈ«¾ÍÐ÷֮ǰ¾Í±»µ÷¶È¡£
¼à¿Ø
ÎÒÃÇʹÓÃÁË¿ªÔ´µÄZMON¼à¿ØÆ½Ì¨À´¼à¿ØËùÓеÄKubernetes¼¯Èº¡£ZMONµÄAgentºÍWorker±»²¿Êðµ½Ã¿Ò»¸öKubernetes¼¯ÈºÖÐ×÷Ϊ¸Ã¼¯ÈºµÄÒ»²¿·Ö¡£ZMONµÄAgent×Ô¶¯½«AWSºÍKubernetesÏà¹ØµÄÊý¾ÝÍÆË͵½È«¾ÖµÄZMON·þÎñÖС£PrometheusµÄNode ExporterÒÔDaemonSetµÄ·½Ê½²¿ÊðÔÚKubernetesµÄÿһ¸ö½Úµãµ±ÖС£ÓÃÓÚZMONµÄWorker²É¼¯ÏµÍ³Ïà¹ØµÄ¼à¿ØÖ¸±ê±ÈÈç´ÅÅ̿ռ䣬ÄÚ´æºÍCPU¡£ÔÚÿһ¸ö¼¯ÈºÖл¹²¿ÊðÁËkube-state-metricsÓÃÓڲɼ¯¼¯Èº¼¶±ðµÄ¼à¿ØÊý¾ÝÈçµÈ´ýÖеÄPodsÊýÁ¿µÈ¡£ZMON worker»¹»áͨ¹ý·ÃÎÊKubernetesµÄÄÚ²¿apiµØÖ·À´×öһЩ¸ü¸´Ôӵļì²â¡£Ê¹ÓÃZMONµÄCloudWatch·â×°¿ÉÒÔ¼à¿ØAWSÏà¹ØµÄ×ÊÔ´¡£ÎÒÃÇ»¹ÔÚÖÐÐÄZMON¶¨ÒåÁ˶Լ¯ÈºµÄ½¡¿µ¼ì²é»úÖÆ£¬ÀýÈ磺
ÒѾÍÐ÷µÄºÍ»¹Ã»Óе÷¶ÈµÄ½ÚµãÊý£¨Í¨¹ýAPI ServerÊÕ¼¯£©
ÿ¸ö½ÚµãµÄ´ÅÅÌ£¬Äڴ棬CPUʹÓÃÂÊ£¨Í¨¹ýPromenteus Node ExporterºÍCloudWatchÊÖ»ú£©
KubernetesÖÐÿһ¸ö·þÎñµÄEndpointsÊýÁ¿£¨Í¨¹ýAPI ServerÊÕ¼¯£©
API ServerÇëÇóÒÔ¼°ÑÓ³Ù£¨Í¨¹ýAPI ServerµÄmetricsÊÕ¼¯£©
ÎÒÃÇʹÓÃKubernetes²Ù×÷ÊÓͼ½øÐÐÌØÊâµÄ¼à¿ØºÍÎÊÌⶨλ¡£
Job
ʹÓÃKubernetesµÄCronJob¿ÉÒÔ·½±ãµÄÀ´Ö´Ðи÷ÖÖÈÎÎñ£¬ÀýÈçÿÖܸüÐÂÎÒÃÇSSH±¤ÀÝ»ú¡£
ĬÈÏÇé¿öÏ£¬KubernetesµÄJob²»»á±»Çå³ý£¬²¢ÇÒÒ²²»»áɾ³ýÒѾÍê³ÉµÄPods¡£Òò´ËÈç¹ûÄãÆµ·±µÄÔËÐÐJob£¨Èçÿ¸ô¼¸·ÖÖÓ£©»áѸËÙµ¼ÖÂAPI ServerÖдóÁ¿µÄ²»±ØÒªµÄPod×ÊÔ´¶ø²»Îȶ¨¡£ÕâÖÖÇé¿öÏÂÎÒÃǹ۲쵽API ServerÃ÷ÏÔ±äÂý¡£ÎªÁ˼õÇáÕâ¸öÎÊÌâ¡£ÎÒÃǹ¹½¨ÁËÒ»¸öСµÄkube-job-cleaner½Å±¾Ã¿Ð¡Ê±ÇåÀíÒ»´ÎÒѾÔËÐÐÍê³ÉµÄjobºÍpod¡£
°²È«
ÎÒÃÇͨ¹ýרÓеÄwebhookÊÚȨ·ÃÎÊAPI Server£¬Ëü¿ÉÒÔÑéÖ¤OAuth·ÃÎÊÁîÅÆ£¬²¢ÇÒͨ¹ýÁíÍâÒ»¸öREST·þÎñÀ´²éÕÒÓû§µÄ½ÇÉ«£¨¹ýÈ¥ÓÉLDAPÖ§³Ö£©¡£
¶ÔÓÚetcdµÄ·ÃÎÊÓ¦¸ÃÊܵ½ÏÞÖÆ£¬ÒòΪËüÓµÓÐËùÓÐKubernetes¼¯ÈºµÄÊý¾Ý£¬´Ó¶øÖ±½Ó·ÃÎʲ¢¶ÔÊý¾Ý½øÐд۸ġ£
ÎÒÃÇʹÓÃFlannel×÷ΪÎÒÃǵÄoverlayÍøÂ磬ËüĬÈÏÐèҪʹÓÃetcdÉèÖÃËüµÄÍøÂ緶Χ¡£ÕâÀïÓÐÒ»¸öÊÔÑéÌØÐÔÓÃÓÚÈÃFlannelµÄºó¶ËÖ§³ÖÇл»µ½Kubernetes API server¡£Õâ¿ÉÒÔÏÞÖÆetcd¶ÔÓÚÖ÷½ÚµãµÄ·ÃÎÊ¡£
Kubernetes»¹ÔÊÐí¶¨ÒåPodSecurityPolicyÓÃÓÚÏÞÖÆÊ¹ÓÃprivilegedÈÝÆ÷ÒÔ¼°ÆäËûÀàËÆµÄÔÊÐíȨÏÞÉý¼¶µÄ¹¦ÄÜ¡£
Docker
Dockerͨ³£ÊÇÃÀºÃµÄ£¬µ«ÓÐʱҲ»á´øÀ´Í´¿à£¬ÌرðÊdz¢ÊÔÔÚÉú²ú»·¾³ÔËÐпɿ¿µÄÈÝÆ÷ʱ¡£ÎÒÃÇÓöµ½ÁËDockerµÄ¸÷ÖÖÎÊÌ⣬²¢ÇÒ¶¼ÓëKubernetesÎ޹أ¬ÀýÈ磺
Docker 1.11µ½1.12.5µÄ°æ±¾Öаüº¬ÁËÒ»¸öÖÂÃüµÄBug£¬»áµ¼ÖÂDocker daemon²»ÏìÓ¦£¨docker ps¹ÒÆð£©¡£ÎÒÃǼ¸ºõÿÖܶ¼»áÖÁÉÙÓÐÒ»¸öKubernetes½ÚµãÅöÉÏÕâ¸öÎÊÌâ¡£ÎÒÃǵĽâ¾ö°ì·¨ÊÇÉý¼¶µ½Docke 1.13 RC2£¨ÎÒÃÇÏÖÔÚÓÖ»»»ØÁË1.12.6ÒòΪÕâ¸öÎÊÌâÒѾÐÞ¸´ÁË£©¡£
ÔÚʹÓÃDockerĬÈϵÄjson loggerÊä³öÈÕ־ʱ£¬ÎÒÃÇ¿´µ½Ò»Ð©½ø³ÌÔÚ¡°pipe wait¡±×´Ì¬±»¿¨³ö£¨¸ù±¾ÔÒòÏÖÔÚ»¹²»Çسþ£©¡£
ÕâÀïËÆºõ»¹ÓкܶàµÄÌõ¼þ»áµ¼ÖÂDocker±»¹ÒÆð£¬Äã¿ÉÒÔÔÚDockerÍøÕ¾ÉÏÕÒµ½ºÜ¶àÀàËÆµÄÎÊÌⱨ¸æ£¬ÎÒÃÇÒѾԤ¼ÆÕâ»áÔÙ´ò»÷ËûÃÇÒ»´Î¡£
Éý¼¶Docker¿Í»§¶Ëµ½1.13»áµ¼ÖÂÎÞ·¨´ÓÎÒÃǵÄRegistryÖÐÀÈ¥¾µÏñ£¨gcr.ioͬÑù³ö´í£©¡£ÎÒÃÇÔÚPire One Registry×öÁËÒ»¸ö¿ìËÙ½â¾ö·½°¸£¬Ö±µ½DockerÔÚÉÏÓνâ¾öÕâ¸öÎÊÌâ¡£
ÔÚTwitterÉÏÓÐһϵÁн¨ÒéΪDockerÌí¼Ó--iptables=falseµÄ²ÎÊý£¬ÎÒÃÇÀË·ÑÁËһЩʱ¼ä£¬Ö±µ½ÎÒÃÇ·¢ÏÖÕâÊÇÒ»¸ö»µÖ÷Òâ¡£Õâ¸ö²ÎÊý»áµ¼ÖÂFlannelµÄNATÍøÂçÖжϡ£
ÎÒÃÇÁ˽⵽£¬ÓÉÓÚÕâЩ΢СµÄ´íÎ󣨾ºÕùÌõ¼þ£©£¬»áµ¼ÖÂÔÚÉú²ú»·¾³ÖÐʹÓÃDocker±äµÃ·Ç³£Í´¿à¡£µ±ÄãÓÐ×ã¹»¶àµÄ24x7µÄÖ÷»úÔËÐÐʱ£¬»òÐí¿ÉÒÔ½µµÍÕâЩÎÊÌâ¸øÄã´øÀ´µÄ·çÏÕ¡£µ±È»ÔÚÄ㲿ÊðÍê³ÉÐíÒÔºó£¬×îºÃ²»ÒªÇáÒ×ÐÞ¸ÄÄãµÄDocker°æ±¾¡£
etcd
KubernetesÒÀÀµÓÚetcd´æ´¢Õû¸ö¼¯ÈºµÄ״̬¡£etcd³öÎÊÌâ»áʹµÃKubernetes API Server»ù±¾´¦ÓÚÖ»¶Á״̬£¬¼´ÎÞ·¨ÔÚ¼¯ÈºÖÐ×öÈκεıä¸ü¡£¶ªÊ§etcdµÄÊý¾ÝºóÐèÒªÖØ½¨Õû¸ö¼¯ÈºµÄ״̬£¬¿ÉÄܵ¼ÖÂÑÏÖØµÄå´»úÎÊÌ⣬ÐÒÔ˵ÄÊÇÖ»ÒªÓÐÒ»¸öetcd½Úµã»¹´æÔÚ£¬ËùÓеÄÊý¾Ý¶¼ÊÇ¿ÉÒÔ»Ö¸´µÄ¡£
Á˽âÁËetcd¼¯ÈºµÄÖØÒªÐÔºó£¬ÎÒÃǾö¶¨Ê¹ÓÃÎÒÃÇÏÖÓеģ¬Éú²ú¼¶µÄSTUPS etcd¼¯Èº£¬²¢ÇÒÔÚEC2ʵÀýÉÏÓëKubernetes API·Ö±ðÔËÐС£STUPSµÄetcd¼¯Èº»áÔÚRoute53 DNSÖÐ×¢²áËùÓеÄetcd½Úµã£¬²¢ÇÒÎÒÃÇʹÓÃetcdµÄDNS·¢ÏÖ¹¦ÄÜÀ´½«KubernetesÁ¬½Óµ½etcd½Úµã¡£Í¬Ê±STUPSµÄetcd¼¯ÈºÊÇ¿ç¿ÉÓÃÇø£¨AZ£©²¿ÊðµÄ£¬×ܹ²ÓÐ5¸ö½Úµã¡£ËùÓнڵ㶼ÔËÐÐÎÒÃÇ×Ô¼ºµÄSTUPS Taupage AMI£¬Ëü£¨ÀàËÆCoreOS£©Í¨¹ýAWSÓû§Êý¾ÝÔËÐÐÔËÐÐÌØ¶¨µÄDocker¾µÏñ¡£
|