from: https://zhaohuabing.com/post/2020-02-22-k8s-network-mindmap/ 作者:zhaohuabing.com
基本理念
- 自动化部署,缩扩容和管理容器应用
预期状态管理(Desired State Management)
- Kubernetes API 对象(声明预期状态)
- Kubernetes Control Plane(确保集群当前状态匹配预期状态)
- Kubernetes Master
- kube-apiserver(API Server)
- 对外提供各种对象的CRUD REST接口
- 对外提供Watch机制,通知对象变化
- 将对象存储到Etcd中
- kube-controller-manager(守护进程)
- 功能:通过apiserver监视集群的状态,并做出相应更改,以使得集群的当前状态向预期状态靠拢
- controllers
- replication controller
- endpoints controller
- namespace controller
- serviceaccounts controller
- ……
- kube-scheduler(调度器)
- 功能:将Pod调度到合适的工作节点上运行
- 调度的考虑因素
- 资源需求
- 服务治理要求
- 硬件/软件/策略限制
- 亲和以及反亲和要求
- 数据局域性
- 负载间的干扰
- ……
- kube-apiserver(API Server)
- Work Node
- Kubernetes Master
Single node
- Single head node,multiple workers
- API Server,Scheduler,and Controller Manager run on a single node
- Single etcd,HA heade nodes,multiple workers
- Multiple API Server instances fronted by a load balancer
- Multiple Scheduler and Controller Manager instances with leader election
- Single etcd node
- HA etcd,HA head nodes,multiple workers
- Multiple API Server instances fronted by a load balancer
- Multiple Scheduler and Controller Manager instances with leader election
- Etcd cluster run on nodes seperate from the Kubernetes head nodes
-
商业模式
云服务用户:避免使用单一云提供商导致的厂商锁定,避免技术和成本风险
云服务厂商:使用Kubernetes来打破AWS的先入垄断地位,抢夺市场份额
Network
Linux Network Virtualization
- Network Namespace
- Veth Pair
- Linux bridge
- Vlan
- Vxlan
- Routing Protocol
- Distance Vector Protocol
- BGP
- Link-State Protocol
- OSPF
- Distance Vector Protocol
K8s Network
- Service -Cluster IP-Headless-NodePort-LoadBalancer
- Ingress
- API Gateway+Service Mesh
- Kubernetes CNI插件
- Calico
Security
- Calico
- Service -Cluster IP-Headless-NodePort-LoadBalancer
- Kubernetes 中使用到的证书
若有收获,就点个赞吧
0 人点赞
