Openshift 简明教程
OpenShift - Architecture
OpenShift 是一个分层系统,其中每一层都使用 Kubernetes 和 Docker 集群与其他层紧密绑定。OpenShift 的架构设计为可以支持和管理 Docker 容器,后者使用 Kubernetes 托管在所有层之上。与 OpenShift V2 的早期版本不同,OpenShift V3 的新版本支持容器化基础架构。在此模型中,Docker 有助于创建基于 Linux 的轻量级容器,而 Kubernetes 支持在多个主机上编排和管理容器的任务。
OpenShift is a layered system wherein each layer is tightly bound with the other layer using Kubernetes and Docker cluster. The architecture of OpenShift is designed in such a way that it can support and manage Docker containers, which are hosted on top of all the layers using Kubernetes. Unlike the earlier version of OpenShift V2, the new version of OpenShift V3 supports containerized infrastructure. In this model, Docker helps in creation of lightweight Linux-based containers and Kubernetes supports the task of orchestrating and managing containers on multiple hosts.
Components of OpenShift
OpenShift 架构的关键组件之一是在 Kubernetes 中管理容器化基础架构。Kubernetes 负责基础架构的部署和管理。在任何 Kubernetes 集群中,我们都可以有多个主节点和多个节点,这可确保设置中没有故障点。
One of the key components of OpenShift architecture is to manage containerized infrastructure in Kubernetes. Kubernetes is responsible for Deployment and Management of infrastructure. In any Kubernetes cluster, we can have more than one master and multiple nodes, which ensures there is no point of failure in the setup.
Kubernetes Master Machine Components
Etcd − 它存储配置信息,集群中的每个节点都可以使用该信息。它是一个高可用性键值存储,可以分布在多个节点之间。它只能由 Kubernetes API 服务器访问,因为它可能包含敏感信息。它是一个分布式键值存储,所有节点都可以访问。
Etcd − It stores the configuration information, which can be used by each of the nodes in the cluster. It is a high availability key value store that can be distributed among multiple nodes. It should only be accessible by Kubernetes API server as it may have sensitive information. It is a distributed key value Store which is accessible to all.
API Server − Kubernetes 是一个 API 服务器,它使用 API 提供集群上的所有操作。API 服务器实现了一个接口,这意味着不同的工具和库可以随时与其通信。Kubeconfig 是一个软件包,与服务器端工具一起使用,用于通信。它公开了 Kubernetes API”。
API Server − Kubernetes is an API server which provides all the operation on cluster using the API. API server implements an interface which means different tools and libraries can readily communicate with it. A kubeconfig is a package along with the server side tools that can be used for communication. It exposes Kubernetes API”.
Controller Manager − 此组件负责大多数调节集群状态和执行任务的收集器。它可以被视为在非终止循环中运行并负责收集信息并将其发送到 API 服务器的守护进程。它努力获得集群的共享状态,然后进行更改,将服务器的当前状态转变成所需状态。关键控制器是复制控制器、端点控制器、命名空间控制器和服务帐户控制器。控制器管理器运行不同类型的控制器来处理节点、端点等。
Controller Manager − This component is responsible for most of the collectors that regulate the state of the cluster and perform a task. It can be considered as a daemon which runs in a non-terminating loop and is responsible for collecting and sending information to API server. It works towards getting the shared state of the cluster and then make changes to bring the current status of the server to a desired state. The key controllers are replication controller, endpoint controller, namespace controller, and service account controller. The controller manager runs different kind of controllers to handle nodes, endpoint, etc.
Scheduler − 它是 Kubernetes 主节点的关键组件。它是主节点中负责分配工作负载的服务。它负责跟踪集群节点上的工作负载利用率,然后将工作负载放在具有可用资源并接受工作负载的资源上。换句话说,这是将 Pod 分配给可用节点的负责机制。调度程序负责工作负载利用率并为新节点分配 Pod。
Scheduler − It is a key component of Kubernetes master. It is a service in master which is responsible for distributing the workload. It is responsible for tracking the utilization of working load on cluster nodes and then placing the workload on which resources are available and accepting the workload. In other words, this is the mechanism responsible for allocating pods to available nodes. The scheduler is responsible for workload utilization and allocating a pod to a new node.
Kubernetes Node Components
以下是与 Kubernetes 主节点通信必需的节点服务器的关键组件。
Following are the key components of the Node server, which are necessary to communicate with the Kubernetes master.
Docker − 每个节点的第一要求是 Docker,它有助于在相对孤立但轻量级的操作环境中运行封装的应用程序容器。
Docker − The first requirement of each node is Docker which helps in running the encapsulated application containers in a relatively isolated but lightweight operating environment.
Kubelet Service − 这是每个节点中的一个小服务,负责向控制平面服务中继信息并从控制平面服务中继信息。它与 etcd 存储进行交互以读取配置详细信息和 Wright 值。它与主组件通信以接收命令并工作。然后,kubelet 进程负责维护工作状态和节点服务器。它管理网络规则、端口转发等。
Kubelet Service − This is a small service in each node, which is responsible for relaying information to and from the control plane service. It interacts with etcd store to read the configuration details and Wright values. This communicates with the master component to receive commands and work. The kubelet process then assumes responsibility for maintaining the state of work and the node server. It manages network rules, port forwarding, etc.
Kubernetes Proxy Service − 这是一个在每个节点上运行的代理服务,有助于向外部主机提供服务。它有助于将请求转发到正确的容器。Kubernetes 代理服务能够执行原始负载平衡。它确保网络环境可预测且可访问,但同时它也是隔离的。它管理节点、卷、秘密上的 Pod,创建新的容器健康检查等。
Kubernetes Proxy Service − This is a proxy service which runs on each node and helps in making the services available to the external host. It helps in forwarding the request to correct containers. Kubernetes Proxy Service is capable of carrying out primitive load balancing. It makes sure that the networking environment is predictable and accessible but at the same time it is isolated as well. It manages pods on node, volumes, secrets, creating new containers health checkup, etc.
Integrated OpenShift Container Registry
OpenShift 容器注册表是 Red Hat 的内置存储单元,用于存储 Docker 镜像。随着 OpenShift 最新集成版本的推出,它已推出一个用户界面,用于查看 OpenShift 内部存储中的镜像。这些注册表能够保存具有指定标签的镜像,这些标签稍后用于从中构建容器。
OpenShift container registry is an inbuilt storage unit of Red Hat, which is used for storing Docker images. With the latest integrated version of OpenShift, it has come up with a user interface to view images in OpenShift internal storage. These registries are capable of holding images with specified tags, which are later used to build containers out of it.
Frequently Used Terms
Image − Kubernetes(Docker)镜像是容器化基础架构的关键组成部分。截至目前,Kubernetes 仅支持 Docker 镜像。Pod 中的每个容器在其内部运行其 Docker 镜像。在配置 Pod 时,配置文件中的镜像属性与 Docker 命令具有相同的语法。
Image − Kubernetes (Docker) images are the key building blocks of Containerized Infrastructure. As of now, Kubernetes only supports Docker images. Each container in a pod has its Docker image running inside it. When configuring a pod, the image property in the configuration file has the same syntax as the Docker command.
Project − 它们可以定义为 OpenShift V2 早期版本中存在的域名的重命名版本。
Project − They can be defined as the renamed version of the domain which was present in the earlier version of OpenShift V2.
Container − 将镜像部署到 Kubernetes 集群节点后创建这些镜像。
Container − They are the ones which are created after the image is deployed on a Kubernetes cluster node.
Node − 节点是 Kubernetes 集群中的工作机器,它也是主节点的最小规模。它们是工作单元,可以是物理机、VM 或云实例。
Node − A node is a working machine in Kubernetes cluster, which is also known as minion for master. They are working units which can a physical, VM, or a cloud instance.
Pod − Pod 是 Kubernetes 集群节点内的一组容器及其存储。可以在 Pod 内创建带有多个容器的 Pod。例如,将数据库容器和 Web 服务器容器保留在 Pod 内。
Pod − A pod is a collection of containers and its storage inside a node of a Kubernetes cluster. It is possible to create a pod with multiple containers inside it. For example, keeping the database container and web server container inside the pod.