Knock on the blackboard! There are so many core knowledge points of kubernetes architecture

One goal ： Container operation ; Three centers in two places ; Four layer service discovery ; Five kinds Pod Shared resources ; six CNI Common plug-ins ; Seven layer load balancing ; Eight dimensions of isolation ; Nine network model principles ; Ten categories IP Address ; 100 level product line ; A thousand level physical machine ; Ten thousand level container ; Like no billion ,K8s There are 100 million ： 100 million daily service people .

Kubernetes（k8s） Is an open source platform for automated container operations . These container operations include ： Deploy 、 Expansion between scheduling and node clusters .

1） Specific function

Dispatch ： Which machine does the container run on .

2） form

3）K8s The architecture topology of

The three centers of the two places include the local production center 、 Local disaster recovery center 、 Remote Disaster Recovery Center .

An important problem to be solved by the two places and three centers is data consistency .k8s Use etcd Component as a highly available 、 Highly consistent service discovery repository . For configuration sharing and service discovery .

It has been recognized as a country Zookeeper and doozer Inspired projects . In addition to having all their functions , Also have the following 4 Characteristics ：

Let's start with a diagram to explain the network layer 7 protocol ：

k8s Two ways of service discovery are provided ：

When creating a Pod When ,kubelet It's time to Pod In the cluster Service The relevant environment variables of . It should be noted that , Think of one Pod To inject some Service Environment variables of , You have to Service It's better to compare first Pod establish . This point , It almost makes this way of service discovery unavailable .

such as , One ServiceName by redis-master Of Service, Corresponding ClusterIP:Port by 10.0.0.11:6379, Then the corresponding environment variable is ：

There are two ways , One is based on tcp, as everyone knows ,DNS Is based on UDP Of , They're all built on four layer protocols .

Pod yes K8s The most basic operating unit , Contains one or more closely related containers , One Pod Can be viewed as application-level by a containerized environment “ Logic host ”; One Pod Multiple container applications in are usually tightly coupled ,Pod stay Node Is created on the 、 Initiate or destroy ; Every Pod There runs a special one called Volume Mount the volume , So they communicate and exchange data more efficiently , At design time, we can make full use of this feature to put a set of closely related service processes into the same Pod in .

The same Pod It's only necessary to pass through localhost Can communicate with each other .

One Pod Application containers in share five resources ：

Pod Through the life cycle of Replication Controller To manage ; Defined by template , And then assign it to a Node Up operation , stay Pod After the included container runs ,Pod end .

Kubernetes by Pod Designed a unique network configuration , Include ： For each Pod Allocate one IP Address , Use Pod Name as the host name for communication during the period .

CNI(Container Network Interface) Container network interface , yes Linux A set of standards and libraries for container network configuration , Users need to develop their own container network plug-ins according to these standards and libraries .CNI Only focus on solving the resource release of container network connection and container destruction , Provide a framework , therefore CNI Can support a large number of different network modes , And it's easy to implement .

Here's a diagram of six CNI Common plug-ins ：

When it comes to load balancing, we have to mention the communication between servers first .

IDC(Internet Data Center), Also called Data Center 、 Computer room , To put the server .IDC Network is the bridge of communication between servers .

The picture above shows a lot of network devices , What are they for ？

Router 、 Switch 、MGW/NAT It's all network devices , According to performance 、 The internal and external networks are divided into different roles .

Let's talk about the load balancing of each layer first ：

Here is a diagram to talk about the difference between layer 4 and layer 7 load balancing ：

The ideal way is through an external load balancer , Bind fixed ports , such as 80, Then according to the domain name or service name to the following Service ip forward ,Nginx It's a good solution to this demand , But the problem is that if you have the experience service to join , How to modify Nginx Configuration of , And load these configurations ？Kubernetes The solution is Ingress. This is a base 7 Layer scheme .

K8s On the side of cluster scheduling, we need to make corresponding scheduling strategies for the isolation from top to bottom, from coarse-grained to fine-grained .

K8s The network model should conform to 4 There are two basic principles ,3 It's a network requirement principle ,1 There are two principles of architecture ,1 individual IP principle .

Every Pod All have an independent IP Address , And assume that all Pod All in a directly connected 、 In the flat cyberspace , Whether it's running on the same Node You can go through on the Internet Pod Of IP To visit .

K8s Medium Pod Of IP It's the minimum size IP. The same Pod All containers in share a network stack , The model is called IP-per-Pod Model .

IP-per-Pod The model allocates from the port 、 Domain name resolution 、 Service discovery 、 Load balancing 、 From the perspective of application configuration ,Pod It can be seen as an independent VM Or physical machine .

To conform to the following Architecture ：

From the architecture above IP The concept goes from the outside of the cluster to the inside of the cluster ：