Guide to the construction of ultra-full K8s cluster, recommended for collection.

1. What is kubernetes?

Kubernetes(k8s) is an open source container cluster management system of Google (inside Google: Borg). Based on Docker technology, it provides a series of complete functions for containerized applications, such as deployment and operation, resource scheduling, service discovery and dynamic scaling, which improves the convenience of large-scale container cluster management.

2. Description of 2.Kubernetes core components

There are two main types of nodes in Kubernetes cluster, namely master node and minion node.

Minion node is the node that actually runs the Docker container, which is responsible for interacting with the Docker running on the node and providing proxy function.

The master node is responsible for providing a series of API interfaces for managing the cluster, and realizing the operation and management of the cluster by interacting with the Minion node.

Apiserver: the entrance for users to interact with kubernetes cluster, which encapsulates the operations of adding, deleting, modifying and querying core objects, provides RESTFul API interface, realizes persistence through etcd, and maintains the consistency of objects.

Scheduler: responsible for the scheduling and management of cluster resources. For example, when a pod exits abnormally and needs to reallocate machines, the scheduler can find the most suitable node through a certain scheduling algorithm.

Controller-manager: it is mainly used to ensure that the number of copies defined by replicationController is consistent with the number of PODs actually running, and also to ensure that the mapping relationship between services and PODs is always up to date.

Kubelet: It runs on the minion node and is responsible for interacting with Docker on the node, such as starting and stopping the container and monitoring the running status.

Agent: It runs on the minion node and is responsible for providing agent function for pod. It will get service information from etcd regularly, and modify iptables to realize traffic forwarding according to the service information (the original version is to provide forwarding function directly through the program, which is inefficient. ) and forward the traffic to the node where the pod to be accessed is located.

ETCD: Key value key value storage database, which is used to store the information of kubernetes.

Flannel: Flannel is an overlay network tool designed by CoreOS team for Kubernetes, which needs to be downloaded and deployed separately.

We know that when we start Docker, there will be an IP address to interact with the container. If we don't manage it, this IP address may be the same on all machines, and it is limited to communication on this machine, so we can't access the Docker container on other machines.

The purpose of flannel is to re-plan the usage rules of IP addresses for all nodes in the cluster, so that containers on different nodes can obtain non-duplicate IP addresses belonging to the same intranet, and containers belonging to different nodes can communicate directly through intranet IP.

3. The core concept of 3.Kubernetes

pod

A combination of several related containers running on a node. The containers contained in Pod run on the same host, use the same network namespace, IP address and port, and can communicate through localhost.

Pod is the smallest unit of creation, scheduling and management of Kurbernetes, which provides a higher level of abstraction than containers and makes deployment and management more flexible. A Pod can contain one container or multiple related containers.

Replication controller

The replication controller is used to manage Pod replicas and ensure that a specified number of Pod replicas exist in the cluster.

If the number of replicas in the cluster is greater than the specified number, the number of redundant containers beyond the specified number will be stopped; Otherwise, less than the specified number of containers will be started to ensure the same number.

Replication controller is the core to realize flexible expansion, dynamic expansion and rolling upgrade.

service

Service defines the logical set of Pod and the strategy of accessing the set, which is the abstraction of real service.

Services provide a unified service access portal, service proxy and discovery mechanism, and users don't need to know how the background Pod works.

label

Any API object in Kubernetes is identified by a tag, and the essence of a tag is a series of K/V key-value pairs. Tags are the basis of replication controller and service operation, and they associate PODs running on nodes through tags.

node

Nodes are service nodes (or agents) running Pod in Kubernetes cluster architecture.

Node is the unit of Kubernetes cluster operation, which is used to carry the operation of the assigned Pod and is the host of Pod operation.

4. Prerequisite setting

Three virtual machines of Centos7 system (1 master+2+2 node), firewalls on three machines and SELINUX are all closed. My experimental environment can be accessed online, and the default YUM source code can be used.

5. Deployment planning

192.168.10.1# master (etcd, kubernetes-master).

192.168.10.2 # node1node (etcd, Cooper -Node, Docker, flannel).

192.168.10.3 # Node 2 (ETCD, Cooper-node, docker, flannel)

6. Start the installation

Step 1: Install on the primary server.

Yum installs kubernetes-master etcd flannel -y

Step 2: Install on the node

Yum installs kubernetes-node etcd flannel -y

Step 3: ETCD cluster configuration

Edit the etcd configuration file on the primary node.

Edit the etcd configuration file on node 1.