架构
Master Node
通常也会有多个master node
API Server
集群统一入口(网关), restful风格接口
Controller Manager
处理集群里常规后台管理, 比如创建和处理pod, 监控pod状态
Scheduler
节点调度, 比如部署Pod时通过scheduler来调度决定在哪个Node部署
etcd
存储元数据
Worker Node
Container Runtime
保证container运行的运行时环境
kubelet
管理该Node(CPU内存等)以及各container
kubeproxy
做转发, 比如一个service访问另一个service, kube proxy就能做到让请求转发到同一个node的pod上
pod
最小部署单元, 一组容器container的集合, 同一个pod里的容器共享网络
pod生命周期是短暂的, 比如集群重启后旧pod就没了, 取而代之的是会创建一个新pod伴随着新ip address
Components
Service
service is an abstract way to expose an application running on a set of Pods as a network service
service has a persistent ip address, so even one pod is dead, the service ip is not changed which means service has load balance of many pods ip
Ingress
Use the format IP:Port is inconvenient, so the ingress is needed.
ingress is a domin which is easy to remember rather than ip:port
ingress : https://my-app.com
|
external service: https://sevice-ip:port
ConfigMap
一个serviceA访问另一个serviceB, 通常A会在代码里写死B的URL, 但是这样有个问题, 一旦B的URL更改了, 那么A就需要改动代码然后提交master, 然后再重新打image, 然后再重新启动pod, 整个步骤很繁琐, 所以k8s提供了configmap就是为了这个问题
Secret
和configmap也是存储数据的, 不过格式base64所以会起到加密的作用, 而configmap是明文, 所以敏感信息比如密钥需要存储在secret里
Volume
像数据库类型的pod, 我们需要保证pod挂了也能保证数据不丢失, 这时就需要volume了, volume有两种类型, 一种是关联本地磁盘, 一种关联remote storage
Deployment
n k8s cluster, pod is the smallest unit, but we cann't create or delete it directly, we must useDeployment(the abstract layer) to operate pod and replica
StatefulSet
和deployment一样, 不过statefulset是用于创建有状态的pod, 比如database类型的
因为statefulset很麻烦, 所以基本上数据库集群和k8s集群是分开的
kubectl
minikube
minikube start --force --driver=docker --image-mirror-country='cn'
minikube start --force --image-mirror-country='cn'
minikube start --image-mirror-country='cn' --container-runtime=containerd
minikube start --driver=docker --container-runtime=containerd --image-mirror-country='cn'
minikube status
minikube profile list
alias kubectl="minikube kubectl --"
minikube service go-sidecar-server-simple-service --url
kubectl
kubectl get nodes
kubectl get service
kubectl create deployment nginx-depl --image=nginx
kubectl apply -f xxx.yaml
API
minikube ip 返回ip地址
curl -k https://192.168.49.2:8443/version --cert ./ca.crt --key ./ca.key
port是8443 cert 和 key 在~/.minikube下
docker
docker build -t qxybest/go-server-simple .
