Kubernetes 简明教程
Kubernetes - Architecture
在本章中,我们将讨论 Kubernetes 的基本架构。
In this chapter, we will discuss the basic architecture of Kubernetes.
Kubernetes - Cluster Architecture
如下图所示,Kubernetes 遵循客户端-服务端架构。其中,我们在一台机器上安装 master,在单独的 Linux 机器上安装节点。
As seen in the following diagram, Kubernetes follows client-server architecture. Wherein, we have master installed on one machine and the node on separate Linux machines.
将在以下部分定义 master 和节点的关键组件。
The key components of master and node are defined in the following section.
Kubernetes - Master Machine Components
以下是 Kubernetes Master 机器的组件。
Following are the components of Kubernetes Master Machine.
etcd
它存储每个节点群集中可使用的配置信息。它是一个高可用性的键值存储,可在多个节点之间分配。只有 Kubernetes API 服务器才能访问它,因为它可能包含一些敏感信息。它是一个所有用户均可访问的分布式键值存储。
It stores the configuration information which can be used by each of the nodes in the cluster. It is a high availability key value store that can be distributed among multiple nodes. It is accessible only by Kubernetes API server as it may have some sensitive information. It is a distributed key value Store which is accessible to all.
API Server
Kubernetes 是一个 API 服务器,它使用 API 提供群集上的所有操作。API 服务器实现了一个界面,这意味着不同的工具和库可以轻松地与之通信。 Kubeconfig 是一个包含服务器端工具的程序包,可用于通信。它公开 Kubernetes API。
Kubernetes is an API server which provides all the operation on cluster using the API. API server implements an interface, which means different tools and libraries can readily communicate with it. Kubeconfig is a package along with the server side tools that can be used for communication. It exposes Kubernetes API.
Controller Manager
此组件负责大多数调节群集状态并执行任务的收集器。总的来说,可以将其视为在一个非终止循环中运行的守护进程,负责收集信息并将其发送到 API 服务器。它致力于获取群集的共享状态,然后进行更改以使服务器的当前状态达到所需状态。关键控制器是复制控制器、端点控制器、命名空间控制器和服务帐户控制器。控制器管理器运行不同类型的控制器来处理节点、端点等。
This component is responsible for most of the collectors that regulates the state of cluster and performs a task. In general, it can be considered as a daemon which runs in nonterminating loop and is responsible for collecting and sending information to API server. It works toward getting the shared state of cluster and then make changes to bring the current status of the server to the desired state. The key controllers are replication controller, endpoint controller, namespace controller, and service account controller. The controller manager runs different kind of controllers to handle nodes, endpoints, etc.
Scheduler
这是 Kubernetes master 的关键组件之一。它是一个负责分配工作负载的 master 服务。它负责跟踪群集节点上的工作负载利用率,然后将工作负载置于具有可用资源并接受工作负载的位置。换句话说,这是负责将 pod 分配给可用节点的机制。调度程序负责工作负载利用率并将 pod 分配给新节点。
This is one of the key components of Kubernetes master. It is a service in master responsible for distributing the workload. It is responsible for tracking utilization of working load on cluster nodes and then placing the workload on which resources are available and accept the workload. In other words, this is the mechanism responsible for allocating pods to available nodes. The scheduler is responsible for workload utilization and allocating pod to new node.
Kubernetes - Node Components
以下是与 Kubernetes master 通信所需的节点服务器的关键组件。
Following are the key components of Node server which are necessary to communicate with Kubernetes master.
Docker
每个节点的首要要求是 Docker,它有助于在相对隔离但轻量级的操作环境中运行封装的应用程序容器。
The first requirement of each node is Docker which helps in running the encapsulated application containers in a relatively isolated but lightweight operating environment.
Kubelet Service
这是每个节点中负责中继进出控制平面服务的少量服务。它与 etcd 存储进行交互以读取配置详细信息和权限值。它与主组件通信以接收命令和工作。然后, kubelet 进程负责维护工作状态和节点服务器。它管理网络规则、端口转发等。
This is a small service in each node responsible for relaying information to and from control plane service. It interacts with etcd store to read configuration details and wright values. This communicates with the master component to receive commands and work. The kubelet process then assumes responsibility for maintaining the state of work and the node server. It manages network rules, port forwarding, etc.
Kubernetes Proxy Service
这是一项在每个节点上运行的代理服务,有助于向外部主机提供服务。它有助于将请求转发到正确的容器,并且能够执行基本负载平衡。它确保网络环境是可预测且可访问的,同时它也是隔离的。它管理节点上的 pod、卷、秘密、创建新容器的运行状况检查等。
This is a proxy service which runs on each node and helps in making services available to the external host. It helps in forwarding the request to correct containers and is capable of performing primitive load balancing. It makes sure that the networking environment is predictable and accessible and at the same time it is isolated as well. It manages pods on node, volumes, secrets, creating new containers’ health checkup, etc.
