发布于 

Kubernetes 控制平面组件

[TOC]

Kubernetes控制平面组件

目录

  • Kube-scheduler(调度)
  • Controller Manager
  • kubelet
  • CRI
  • CNI
  • CSI

k8s三大核心能力:集群管理,资源调度、服务发现

Shell

# 进入容器内部,查看cgroup限制
docker inspect containerId
# 根据Cgroup查找到限制的路径
cd /sys/fs/cgroup
"CgroupParent": "kubepods-burstable-pod92e4430a_3409_4e54_b791_87245e7b00cb.slice"

# label设置
k get no --show-labels
k label no xxx xxx=xx

#replace是替换,apply是增量操作(旧数据可能还存在:比如,required替换preferred)
k replace -f xx.yaml
k apply -f xx.yaml

Kube-scheduler(调度)

image-20220206230019366

调度器

image-20220207174546890

predicates策略

image-20220207175821623

image-20220207175837491

predicates plugin工作原理

image-20220207175901905

priorities策略

image-20220207180009168

image-20220207180018597

资源需求

image-20220207180032764

resources:
  limits:
    memory: 1Gi
    cpu: 1
  requests:
    memory: 256Mi
    cpu: 100m

#上面配置的解读

# 下面配置(相对值):抢cpu的时候,相对值
# noah @ noahLinux in /sys/fs/cgroup/cpu/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod92e4430a_3409_4e54_b791_87245e7b00cb.slice [21:02:26]
$ cat cpu.shares
102

# 下面的配置(绝对值):解析上限时一个CPU
# noah @ noahLinux in /sys/fs/cgroup/cpu/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod92e4430a_3409_4e54_b791_87245e7b00cb.slice [21:03:00]
$ cat cpu.cfs_period_us
100000

# noah @ noahLinux in /sys/fs/cgroup/cpu/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod92e4430a_3409_4e54_b791_87245e7b00cb.slice [21:03:14]
$ cat cpu.cfs_quota_us
100000

磁盘资源需求

image-20220207180054103

init container的资源需求

image-20220207180117095

把pod调度到指定Node上

image-20220207180428634

nodeSelector

image-20220207180449960

NodeAffinity

image-20220207180510918

podAffinity

image-20220207180530324

podAffinity例子

image-20220212104342630

Taints和Tolerations

image-20220212104642414

多租户Kubernetes集群-计算资源隔离

image-20220212104827632

来自生产系统的经验

image-20220212105009998

优先级调度

image-20220212105045877

PriorityClass

image-20220212110537661为pod设置priority

image-20220212110609967

多调度器

image-20220212110641438

来自生产的一些经验

image-20220212110658520

Controller Manager

控制器的工作流程

image-20220212112856991

Informer的内部机制

image-20220212112921801

控制器的协同工作原理

image-20220212112947505

通用Controller

image-20220212113013478

image-20220212113025422

Cloud Controller Manager

image-20220212113130947

Cloud Controller manager 的配置

image-20220212113256075

需要定制的Cloud Controller

image-20220212113458605

来自生产的经验

image-20220212113515926

确保scheduler和controller的高可用

image-20220212113703710

Leader Election

image-20220212113728286

Kubelet

kubelet

image-20220212113928851

kubelet架构

image-20220212113812426

kubelet管理pod的核心流程

image-20220212113905801

节点管理

image-20220212114002906

pod管理

image-20220212114018274

pod启动流程

image-20220212114045448

kubelet启动pod的流程

image-20220212114124840

CRI

CRI

image-20220212114343660

image-20220212114357721

运行时的层级

image-20220212114416852

CRI

image-20220212114435134

image-20220212114446695

开源运行时的比较

image-20220212114518472

Docker和Containerd的差异细节

image-20220212114948259

多种运行时性能比较

image-20220212115009595

运行时优劣对比

image-20220212115100042

CNI

image-20220212115246607

CNI插件分类和常见插件

image-20220212115309852

CNI插件运行机制

image-20220212115344698

image-20220212115402989

CNI插件设计考量

image-20220212115432348

image-20220212115451031

打通主机层网络

image-20220212115513351

CNI Plugin

image-20220212115534094

Flannel

image-20220212115613484

Calico

image-20220212115907544

Calico组件

image-20220212121448731

Calico初始化

image-20220212121723815

Calico配置一览

image-20220212121743990

Calico VXLan

image-20220212121816928

IPPool

image-20220212121833933

IPAMBlock

image-20220212122028978

IPAMHandle

image-20220212122053644

创建Pod并查看IP配置情况

image-20220212122159790

CNI plugin的对比

image-20220212122217597

CSI

参考资料
文章链接