青云 QingCloud 容器器及 Kubernetes 实践 王渊命 青云 QingCloud 容器器平台负责 人
当我们谈论容器器时我们在谈论什什么?
容器器的两个视 角 资源隔离 应 用封装
容器器 生态圈现状 容器器技术 一家独 大百花 齐放 Docker, Rocket, Mesos Universal container, LXC, Hyper Container 调度系统三 足鼎 立 Kubernetes, Mesos, Swarm 2016 年年容器器技术思考 :Docker, Kubernetes, Mesos 将 走向何 方? http://jolestar.com/container-ecosystem/
Container@QingCloud 资源视 角 应 用视 角
Container@QingCloud 资源视 角 QingCloud IaaS 调度系统 支持 Container Instance Virtual Instance Container Instance Applica6ons Guest OS Applica6ons Hypervisor Host OS Hardware
Container@QingCloud 应 用视 角 AppCenter 支持 "container": { "type": "docker", "image": "zookeeper" } Docker 镜像
Container@QingCloud 应 用视 角 AppCenter 支持各 种容器器编排系统
Kubernetes@QingCloud 网络存储负载均衡弹性
Internet Kubernetes 概览 Firewall kubectl (user commands) Node kubelet Proxy docker APIs scheduling actuator authentication authorization REST (pods,services, rep.contollers) cadvisor cadvisor container cadvisor container cadvisor Node kubelet Proxy Scheduler Scheduler controller manager docker Master components Distributed Watchable Storage (implemented via etcd) cadvisor cadvisor container cadvisor container cadvisor
Kubernetes 抽象概念 Service StatefulSet(PetSet) Job PersistentVolume ReplicaSet(ReplicationController) PersistentVolumeClaim Deployment Namespace DaemonSet Label/Selector
Kubernetes 网络 容器器之间可以直接互通, 不不需要 NAT 节点可以喝喝容器器直接互通, 不不需要 NAT 容器器看到 自 己的 IP 应该和其他容器器看到的 一样 CNI (Container Network Interface) - Flannel - Calico - Contiv ClusterIP - Virtual IP - Iptables
Kubernetes 网络之 ClusterIP { "kind": "Service", "apiversion": "v1", "metadata": { "name": "my-service" }, "spec": { "selector": { "app": "MyApp" }, "ports": [ { "protocol": "TCP", "port": 80, "targetport": 9376 } ], "clusterip": "10.0.171.239", "type": LoadBalancer /NodePort" } }
Kubernetes 网络之 flannel Discovery etcd kube-subnet-mgr Backend vxlan aws-vpc
Internet Kubernetes 网络之 QingCloud Public LoadBalancer Nic0(192.168.0.10) Nic1(192.168.1.10) Nic1(192.168.1.11) VPC Node1. NicX(192.168.1.X) Nic0(192.168.0.11) Nic1(192.168.2.10) Nic1(192.168.2.11) LoadBalancer Legacy App VM1 Node2. NicX(192.168.2.X)
Kubernetes 负载均衡器器 Internet LoadBalancer NodePort kube-proxy/iptables NodePort kube-proxy/iptables B B B
Internet Kubernetes 之 QingCloudLB Public LoadBalancer Nic0(192.168.0.10) Nic1(192.168.1.10) Nic1(192.168.1.11) VPC Node1. NicX(192.168.1.X) Nic0(192.168.0.10) Nic1(192.168.1.10) Nic1(192.168.1.11) LoadBalancer Legacy App VM1 Node1. NicX(192.168.1.X)
Kubernetes 存储 Controller Manager scheduler Container(MySQL) X Container(MySQL) Node1 LocalDisk Node2 LocalDisk Controller Manager scheduler Container(MySQL) OK Container(MySQL) Node1 Node2 DistributeDisk
Kubernetes 存储 DistributeDisk nfs ceph glusterfs PersistentVolume plugin - gcepersistentdisk - awselasticblockstore - qingcloudstore
Kubernetes 存储之 QingCloudStore PersistentVolume Plugin PersistentVolume StorageClass PersistentVolumeClaim
Kubernetes 存储之 QingCloudStore kind: PersistentVolume apiversion: v1 metadata: name: qingcloud-pv labels: type: qingcloud spec: capacity: storage: 10Gi accessmodes: - ReadWriteOnce qingcloudstore: volumeid: vol-caoxtgg3 fstype: ext4 kind: PersistentVolumeClaim apiversion: v1 metadata: name: qingcloud-pvc annotations: volume.beta.kubernetes.io/storage-class: qingcloud-storageclass spec: accessmodes: - ReadWriteOnce resources: requests: storage: 3Gi kind: StorageClass apiversion: storage.k8s.io/v1beta1 metadata: name: qingcloud-storageclass provisioner: kubernetes.io/qingcloud-volume parameters: type: "3"
Kubernetes 自动伸缩 Deployment kubectl autoscale deployment php-apache --cpu-percent=50 --min=1 --max=10 集群的 自动伸缩 (TriggeredScaleUp Event) gcloud container clusters create mytestcluster \ zone=us-central1-b --enable-autoscaling --min-nodes=3 --max-nodes=10 --num-nodes=5
Kubernetes@QingCloud 网络 (SDN Passthrough) 存储 (PersistentVolumePlugin) 负载均衡 (LB + SDN) 自动伸缩 (Event + IaaS API)
计划 7 月份公开试 用 AppCenter 支持 Kubernetes 应 用规范 Kubernetes 之上的服务