Kubereters

An open-source system for automating deployment, scaling, and management of containerized applications;

Traditional >> Hypervisor >> Container

Traditional:

  No way to define resource boundaries for applications in a physical server before, run each applications on a different physical server;

Hypervisor:

  Will run multi VMs on a single physical server's CPU;

  Allow applications to be isolated between VMs and provides a level of securiy as the infomation of one application cannot be freely accessed by another     application;

  Each VM is a full machine running all the components, including its own operating system;

Container:

  Have relaxed isolation properties to share the operating system among the applications;

  Lightweight;

  A container has its own filesytem/CPU/memory/process space/..

  Are portable across clouds and OS distributions because they are decoupled from the underlying infrastrucure;

  Benifits of containers:

    1. Agile application creation and deployment: increased ease and efficiency of container image creation compared to VM image use

    2. Continuous development, integrations and deployment:

      provide for reliable and frequent container image build and deployment with quick and easy rollbacks;

    3. Dev and Ops separation of concerns: create application container images at build/release time rather than deployment time, thereby decoupling applications from infrastructure;

    4. Obervability not only surfaces OS-level information and metrics, but also application health and other signals;

    5. Environmental consistency across development, testing, and production; Runs the same on a laptop as it does in the cloud;

    6. Cloud and OS distribution portabilty: Runs on Ubuntu, RHEL, CoreOS, on-prem, Google Kubernetes Engine, and anywhrere else;

    7. Application-centric management;

    8. Loosely coupled, distributed;

    9. Resource isolation;

    10. Resource utilization;

Benefits of Kubernetes:

  1.  Service discovery and load balancing    

      kubernetes expose a container using the DNS name or using their own IP address;

      if traffic to a container is high, kubernetes is able to load balance and distribute the network traffic so that the deployment is stable;

  2.  Stroage orchestartion

      automatically mount a storage system of local storages/public cloud providers/..

  3.  Automated rollouts and rollbacks

      automake kubernets to create new containers

  4.  Self-healing

      restart fail containers, kill no-respond containers;

  5.  Automatic bin packing

      tell kubernetes how much CPU and RAM each container needs, kubernets can fit containers onto your nodes to make the best use of you resources;

Kubernetes Master

When deploying kubernetes, we wil get a cluster, which is a set of machines (nodes),

that run containerzed applications managed by kubernetes.

A cluster has at least one worker node and at least one master node;

Kubernetes Master is a collection of three processes that run on a single node in your cluster, which is designed as the master node;

Three processes:

  Kube-apiserver;

  Kube-controller-manager;

  Kube-scheduler;

Individual non-master node in cluster run two processes:

  kubelet

    which communicates with the Kubernetes Master;

    The primary node agent that runs on each node; It can register the node with tha apiserver using one of

      the host name;

      a flag to override the hostname;

      specific logic for a cloud provider;

    

  kube-proxy

    a network proxy which reflects Kubernetes networking services on each node;

    Kubernets network proxy runs on each node, this relects services as defined in the Kubernetes API on each node

    and can do simple TCP/UDP and SCTP stream forwarding or round robin TCP/UDP/SCTP forwarding across a set of backends/

    Service cluster IPs and ports are currently found through Docker-links-compatible   

 

Kubernetes Objects

Kubernetes contains serveral abstractions representing the state of system;

Basic Kubernetes objects include:

Kata-container

An open-source project and community working to build a standard implement of lightweight VM that feel and perform like containers, but provide the workload isolation and security advantages of VMs;

Kata container Components

  • Agent      -- The Kata-agent runs inside the virtual machine and sets up the container environment
  • KSM throttler   -- An optional utility that monitors containers and deduplicates memory to max container density on a host
  • Proxy      -- A process running on the host and co-ordinates access to the agent running inside the VM
  • Runtime     -- Be invoked by a container manager and provides high-level verbs to manage containersd
  • Shim        -- A process that runs on the host, acts as though it is the workload ( which actually runs inside the VM), required to be compliant with th expecations of the OCI runtime sepc
  • Hypervisor    --
  • Kernel      -- HV uses a linux kernel to boot the guest image

Docker

Following storage drivers:

  • overlay2     is the preferred storage driver, for all currently supported linux distributions, and requires no extra conf
  • aufs       is the preferred stroage driver for Docker 18.06 or older, when running on Ubuntu 14 on Kernel 3.13 which has no support or ovrlay2
  • devicemapper   is supported, but requires direct-lvm for production environments, because loopback-lvm, while zero-conf, has very poor performance.

Basic concepts of docker/kubernete/kata-container的更多相关文章

  1. Kata Container 介绍

    docker容器,性能高,不安全:VM虚拟机,安全性好,性能损耗大:Kata Container轻量级虚拟机的容器,即安全,性能也高. 开源容器项目Kata Containers,旨在将虚拟机(VM) ...

  2. Basic Concepts of Block Media Recovery

    Basic Concepts of Block Media Recovery Whenever block corruption has been automatically detected, yo ...

  3. docker的网络-Container network interface(CNI)与Container network model(CNM)

    Overview 目前围绕着docker的网络,目前有两种比较主流的声音,docker主导的Container network model(CNM)和社区主导的Container network in ...

  4. (二)Basic Concepts 基本概念

    Basic Concepts There are a few concepts that are core to Elasticsearch. Understanding these concepts ...

  5. Docker入门03——Container

    1 启动容器 1.1 新建并启动 1.2 启动已终止容器 2 后台运行 3 终止 4 进入容器 5 导入和导出 5.1 导出 5.2 导入 6 删除 1 启动容器 1.1 新建并启动 docker r ...

  6. CMUSphinx Learn - Basic concepts of speech

    Basic concepts of speech Speech is a complex phenomenon. People rarely understand how is it produced ...

  7. docker Cannot start container [8] System error: exec format error

    docker Cannot start container  [8] System error: exec format error 学习了:https://www.aliyun.com/jiaoch ...

  8. Docker 容器(container)

    版权所有,未经许可,禁止转载 章节 Docker 介绍 Docker 和虚拟机的区别 Docker 安装 Docker Hub Docker 镜像(image) Docker 容器(container ...

  9. Docker实现退出container后保持继续运行的解决办法

    现象: 运行一个image,例如ubuntu14.04: 1 docker run -it --rm ubuntu:14.04 bash 退出时: 执行Ctrl+D或者执行exit 查看线程: 1 d ...

随机推荐

  1. 嵌入式02 STM32 实验06 按键

    按键实验和前面的跑马灯.蜂鸣器主要的区别就是这个是读取外部的输入信号,之前的实验都是对外部输出信号. 一.硬件设计 本实验的硬件为三个按键.两个lED(LED0.LED1).一个蜂鸣器(BEEP). ...

  2. 2. 运行Spark Streaming

    2.1 IDEA编写程序 Pom.xml加入以下依赖: <dependency> <groupId>org.apache.spark</groupId> <a ...

  3. ElasticSearch 429 Too Many Requests circuit_breaking_exception

    错误提示 { "statusCode": 429, "error": "Too Many Requests", "message& ...

  4. C# Datatable、DataReader等转化json

    //对象转换为Json字符串 public static string ToJson(object jsonObject) { object objectValue = string.Empty; s ...

  5. 如何监视 WPF 中的所有窗口,在所有窗口中订阅事件或者附加 UI

    原文:如何监视 WPF 中的所有窗口,在所有窗口中订阅事件或者附加 UI 由于 WPF 路由事件(主要是隧道和冒泡)的存在,我们很容易能够通过只监听窗口中的某些事件使得整个窗口中所有控件发生的事件都被 ...

  6. C#字符串基础

    C#字符串基础 1.    字符串的两种创建形式 (1)String A=”cat”; (2)String B=new string{‘a’,4}  .调用类方法,创建一个“aaaa”的字符串 (3) ...

  7. Docker/Dockerfile debug调试技巧

    『重用』容器名 但我们在编写/调试Dockerfile的时候我们经常会重复之前的command,比如这种docker run --name jstorm-zookeeper zookeeper:3.4 ...

  8. JS前端加密JAVA后端解密详解

    最近有一个加解密的需求,其实没有什么难度,但是实践过程中踩了很多坑,把踩坑过程分享出来. 1.前端JS加密 /** * 加密(需要先加载aes.min.js文件) * @param word * @r ...

  9. pandas-04 多级index操作

    pandas-04 多级index操作 在pandas中可以为series和dataframe设置多个index,也就是说可以有多级index和column.这样可以对pandas的操作更加灵活. i ...

  10. 十一、vue生命周期诠释--带图

    Vue 实例有一个完整的生命周期,也就是从开始创建.初始化数据.编译模板.挂载Dom→渲染.更新→渲染.卸载等一系列过程,我们称这是 Vue 的生命周期.通俗说就是 Vue 实例从创建到销毁的过程,就 ...