Why does the blockchain run on k8s
1. It is recommended to enter the camera - click the "..." icon in the upper right corner - slide left at the bottom of the screen to turn on the image switch
2. You can also enter the camera - click the settings button in the upper right corner - to start the self portrait
100 times of effort, 10 points of satisfaction
1. Configuration of service traffic entry
in the traditional virtual machine environment, we use virtual IP to configure a pre-defined virtual IP as the address of the linked database, and then the high availability service ensures that the virtual IP can always be routed to the master database. In kubernetes, there is a layer of network plug-ins shielding the underlying network topology. The way of high availability services managing virtual IP needs to be adjusted accordingly. For example, virtual IP drift is completed by combining service with label. But service itself is a function provided by kubernetes, and its reliability and performance depend on the stability of kubernetes service. In terms of performance, service is implemented by configuring iptables in kubeproxy component. When there are many iptables rules, there will inevitably be delay, which needs to be solved
2. Monitoring vision problems caused by container isolation
in kubernetes, if MySQL is made as a container to run in a pod, the container will isolate the MySQL process and running environment in a separate namespace. Monitoring components may have to enter the same namespace as MySQL when they obtain some of the metaircs of MySQL. These limitations need to be considered when deploying and designing monitoring components
3. It is stored in kubernetes and supports the configuration of various kinds of storage
if you use local persistent volume, you need to bind Mysql to a fixed node, which completely wastes the natural advantage of kubernetes' flexible scheling; If remote shared storage is used, the MySQL process and its storage are completely decoupled, so that the MySQL process can be scheled at any node. However, considering the high I / O throughput, it is not so good. The design needs to consider whether remote storage can meet the bandwidth requirements of MySQL
4. High availability / backup and recovery
the statefulset controller provided by kubernetes can only provide the most basic deployment and deletion functions, and can not realize the perfect high availability / backup and recovery operation of MySQL Cluster. For the deployment of stateful applications, customized development is still needed, so most companies provide customized operators to complete the management of application containers. For example, etcd operator and MySQL operator. Later, I will describe some records of my testing and using MySQL operator.
Kubernetes (k8s) is an open source container cluster management system of Google (Google internal: Borg). It is mainly used for container choreography, starting container, automatic deployment, extension and management of container application and recycling container. The goal of k8s is to make the deployment of containerized applications simple and efficient. K8s provides a mechanism for application deployment, planning, updating and maintenance
using kubernetes to manage docker cluster, docker can be regarded as a low-level component used in kubernetes; In addition, kubernetes supports not only docker but also rocket, which is another container technology
extended materials:
in the background, kubernetes is an open source "container choreography" project jointly led by Google and RedHat, which originated from Google's Borg system
therefore, its experience in super large scale cluster management is obviously better than other container choreography technologies, and kubernetes' democratization in community management makes it quickly beat the container choreography solution (compose + swarm) launched by docker company and become the de facto standard in the field of container choreography
In terms of function, kubernetes is a comprehensive infrastructure environment based on container to build distributed system, which can not only achieve the basic pull user image and run container, but also provide a series of operation and maintenance capabilities such as routing gateway, horizontal expansion, monitoring, backup and disaster recoverystateless service, K8S uses RC (or updated Replica Set) to guarantee the number of instances of a service. If a Pod instance is Crash for some reason, RC will replace it with the new template of Pod immediately, because it is stateless service, and the new startup is exactly the same as the original health. After the pod is rebuilt, its IP address may change. In order to provide a stable access interface, k8s introces the concept of service. A service can be followed by multiple pods to achieve high availability of services
compared with stateless service, ordinary stateful service needs more state preservation. Kubernetes provides a storage system based on volume and persistent volume, which can save the state of services
compared with ordinary stateful service, stateful cluster service has more requirements for cluster management. K8s develops a set of new features based on pet set to facilitate the deployment and management of stateful cluster services on k8s. Specifically, init container is used to initialize the cluster, headless service is used to maintain the stable relationship of cluster members, dynamic storage supply is used to facilitate cluster expansion, and finally pet set is used to comprehensively manage the whole cluster
to run stateful cluster service, there are two problems to be solved, one is state preservation, the other is cluster management. Let's first look at how to solve the first problem: state preservation. Kubernetes has a storage system based on volume plug-in, through which the state of applications and services can be saved
the storage system of k8s can be divided into three levels from basic to advanced: ordinary volume, persistent volume and dynamic storage supply
1. Ordinary volume
the simplest ordinary volume is single node volume. Similar to the storage volume of docker, it uses the local directory of the k8s node where pod is located
the second type is cross node storage volume, which is not bound to a specific k8s node, but independent of k8s node. The whole storage cluster and k8s cluster are two clusters, independent of each other
cross node storage volumes are widely used on kubernetes. If the existing storage cannot meet the requirements, you can also develop your own volume plug-in. You only need to implement the interface defined in volume.go. If you are a storage vendor and want your own storage to support containers running on kubernetes, you can develop your own volume plug-in
2. Persistent volume
what is the difference between it and ordinary volume
there is a static binding relationship between the ordinary volume and the pod that uses it. In the file that defines the pod, the volume that it uses is also defined. Volume is an accessory of pod. We cannot create a volume alone because it is not an independent k8s resource object
persistent volume is a k8s resource object, so we can create a PV separately. It is not directly related to pod, but through persistent volume claim (PVC) to achieve dynamic binding. The definition of pod specifies PVC, and then PVC will automatically bind the appropriate PV to pod according to the requirements of pod.
namespace
now that our cluster is running, let's enter and view some basic kubernetes resources. You can access the kubernetes cluster, directly through the kubectl cli, or through the rancher UI. The access management layer control of rancher can access the cluster, so you need to generate the API key from the rancher UI before accessing the CLI
let's look at the first kubernetes resource namespace. In a given namespace, all resource names must be unique. In addition, tags are used to connect resources delimited to a single namespace. That's why a namespace can be used to isolate the environment on the same kubernetes cluster. For example, you want to create alpha, beta and proction environments for your application so that you can test the latest changes without affecting real users. Finally, create a namespace, the following text to the namespace. Yaml file, and run the kubectl - f namespace. Yaml command to create a beta namespace
kind: namespace
apiversion: V1
metadata:
Name: beta
labels:
Name: beta
of course, you can also use the top namespace menu bar to create, view and select a namespace from the rancher UI<
you can use the following command to set the namespace for cli interaction:
$kubectl config set context kubernetes -- namespace = beta.
to verify whether the current context has been set, you can use the config view command to verify whether the output namespace meets your expectations
$kubectl config view | grep namespace command namespace: beta
pods
now that we have defined the namespace, let's start to create the resource. The first resource we need to look at is pod. A group of kubernetes of one or more containers is called pod. Containers are deployed, started, stopped, and replicated in groups in pod. In a given host type, there can only be one pod. All the containers in the pod can only run on the same host. Pods can share the network namespace and connect through the local host domain. Pods are also basic expansion units and cannot span hosts, so ideally they should be as close to a single workload as possible. This will eliminate the side effects of pods when they expand or shrink, and ensure that we create Pods without consuming too much resources and affecting the host
let's define a pod named mywebservice. In web-1-10, it has a container and uses nginx container image, and then adds the text under port 80 to the pod.yaml document< br />apiVersion: v1
kind: Pod
metadata:
name: mywebservice
spec:
containers:
- name: web-1-10
image: nginx:1.10
ports:
- containerport: 80
use kubetl create command to create pod. If you use set context command to set your namespace, Pods will be created in the specified namespace. The pod status is verified by running the pods command. After that, we can delete the pod by running the kubetl delete command< br />$ kubectl create -f ./pod.yaml
pod " mywebservice" created
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
mywebservice 1/1 Running 0 37s
$ kubectl delete -f pod.yaml
pod " mywebservice" Deleted
view the pod in the rancher UI and select kubernetes & gt; Pods
the simplest common volume is single node volume. Similar to the storage volume of docker, it uses the local directory of the k8s node where pod is located
the second type is cross node storage volume, which is not bound to a specific k8s node, but independent of k8s node. The whole storage cluster and k8s cluster are two clusters, independent of each other
cross node storage volumes are widely used on kubernetes. If the existing storage cannot meet the requirements, you can also develop your own volume plug-in. You only need to implement the interface defined in volume.go. If you are a storage vendor and want your own storage to support containers running on kubernetes, you can develop your own volume plug-in.
-
ordinary volume
< / OL >
the simplest ordinary volume is single node volume. Similar to the storage volume of docker, it uses the local directory of the k8s node where pod is located
the second type is cross node storage volume, which is not bound to a specific k8s node, but independent of k8s node. The whole storage cluster and k8s cluster are two clusters, independent of each other
cross node storage volumes are widely used on knetes. If the existing storage can not meet the requirements, you can also develop your own volume plug-in. You only need to implement the interface defined in volume.go. If you are a storage manufacturer and want your own storage to support containers running on knetes, you can develop your own volume plug-in
2. What is the difference between persistent volume
and ordinary volume
there is a static binding relationship between the ordinary volume and the pod that uses it. In the file that defines the pod, the volume that it uses is also defined. Volume is an accessory of pod. We cannot create a volume alone because it is not an independent k8s resource object
and persistent volume is a k8s resource object, so we can create a PV separately. It is not directly related to pod, but through persistent volume claim (PVC) to achieve dynamic binding. The definition of pod specifies PVC, and then PVC will automatically bind the appropriate PV to pod according to the requirements of pod
PV has three access modes:
first, readwriteonce: the most basic mode, which is readable and writable, but only supports being mounted by a single pod
Second, readonlymay: it can be mounted by multiple pods in a read-only way
Third, readwritemany: this kind of storage can be shared by multiple pods in the way of reading and writing. Not every kind of storage supports these three methods, such as sharing. Currently, there are few supports, and NFS is more commonly used. When PVC binds PV, it is usually bound according to two conditions, one is the size of storage, the other is the access mode
just mentioned that the difference between PV and ordinary volume is dynamic binding. Let's take a look at the process
this is the life cycle of PV. The first is provision, which means creating PV. There are two ways to create PV, static and dynamic. The so-called static is that the administrator creates a pile of PV manually to form a PV pool for PVC to bind. The dynamic mode is created automatically by the storage system according to the requirements of PVC through an object called storage class