3186 lines
184 KiB
HTML
3186 lines
184 KiB
HTML
|
||
<!DOCTYPE HTML>
|
||
<html lang="zh-hans" >
|
||
<head>
|
||
<meta charset="UTF-8">
|
||
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
|
||
<title>Service · Kubernetes Handbook - jimmysong.io</title>
|
||
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
|
||
<meta name="description" content="">
|
||
<meta name="generator" content="GitBook 3.2.2">
|
||
<meta name="author" content="Jimmy Song">
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="../gitbook/style.css">
|
||
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="../gitbook/gitbook-plugin-splitter/splitter.css">
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="../gitbook/gitbook-plugin-page-toc-button/plugin.css">
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="../gitbook/gitbook-plugin-image-captions/image-captions.css">
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="../gitbook/gitbook-plugin-back-to-top-button/plugin.css">
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="../gitbook/gitbook-plugin-search-plus/search.css">
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="../gitbook/gitbook-plugin-tbfed-pagefooter/footer.css">
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="../gitbook/gitbook-plugin-highlight/website.css">
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="../gitbook/gitbook-plugin-fontsettings/website.css">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<meta name="HandheldFriendly" content="true"/>
|
||
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
|
||
<meta name="apple-mobile-web-app-capable" content="yes">
|
||
<meta name="apple-mobile-web-app-status-bar-style" content="black">
|
||
<link rel="apple-touch-icon-precomposed" sizes="152x152" href="../gitbook/images/apple-touch-icon-precomposed-152.png">
|
||
<link rel="shortcut icon" href="../gitbook/images/favicon.ico" type="image/x-icon">
|
||
|
||
|
||
<link rel="next" href="volume.html" />
|
||
|
||
|
||
<link rel="prev" href="namespace.html" />
|
||
|
||
|
||
|
||
<link rel="shortcut icon" href='../favicon.ico' type="image/x-icon">
|
||
|
||
|
||
<link rel="bookmark" href='../favicon.ico' type="image/x-icon">
|
||
|
||
|
||
|
||
|
||
<style>
|
||
@media only screen and (max-width: 640px) {
|
||
.book-header .hidden-mobile {
|
||
display: none;
|
||
}
|
||
}
|
||
</style>
|
||
<script>
|
||
window["gitbook-plugin-github-buttons"] = {"repo":"rootsongjc/kubernetes-handbook","types":["star"],"size":"small"};
|
||
</script>
|
||
|
||
</head>
|
||
<body>
|
||
|
||
<div class="book">
|
||
<div class="book-summary">
|
||
|
||
|
||
<div id="book-search-input" role="search">
|
||
<input type="text" placeholder="输入并搜索" />
|
||
</div>
|
||
|
||
|
||
<nav role="navigation">
|
||
|
||
|
||
|
||
<ul class="summary">
|
||
|
||
|
||
|
||
|
||
<li>
|
||
<a href="https://jimmysong.io" target="_blank" class="custom-link">Jimmy Song</a>
|
||
</li>
|
||
|
||
|
||
|
||
|
||
<li class="divider"></li>
|
||
|
||
|
||
|
||
|
||
<li class="header">前言</li>
|
||
|
||
|
||
|
||
<li class="chapter " data-level="1.1" data-path="../">
|
||
|
||
<a href="../">
|
||
|
||
|
||
<b>1.1.</b>
|
||
|
||
序言
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
|
||
|
||
<li class="header">云原生</li>
|
||
|
||
|
||
|
||
<li class="chapter " data-level="2.1" data-path="../cloud-native/kubernetes-and-cloud-native-app-overview.html">
|
||
|
||
<a href="../cloud-native/kubernetes-and-cloud-native-app-overview.html">
|
||
|
||
|
||
<b>2.1.</b>
|
||
|
||
Kubernetes与云原生应用概览
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="2.2" data-path="../cloud-native/from-kubernetes-to-cloud-native.html">
|
||
|
||
<a href="../cloud-native/from-kubernetes-to-cloud-native.html">
|
||
|
||
|
||
<b>2.2.</b>
|
||
|
||
云原生应用之路——从Kubernetes到Cloud Native
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
|
||
|
||
<li class="header">概念与原理</li>
|
||
|
||
|
||
|
||
<li class="chapter " data-level="3.1" data-path="./">
|
||
|
||
<a href="./">
|
||
|
||
|
||
<b>3.1.</b>
|
||
|
||
Kubernetes架构
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.2" data-path="concepts.html">
|
||
|
||
<a href="concepts.html">
|
||
|
||
|
||
<b>3.2.</b>
|
||
|
||
设计理念
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3" data-path="objects.html">
|
||
|
||
<a href="objects.html">
|
||
|
||
|
||
<b>3.3.</b>
|
||
|
||
资源对象与基本概念解析
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="3.3.1" data-path="pod-overview.html">
|
||
|
||
<a href="pod-overview.html">
|
||
|
||
|
||
<b>3.3.1.</b>
|
||
|
||
Pod
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="3.3.1.1" data-path="pod.html">
|
||
|
||
<a href="pod.html">
|
||
|
||
|
||
<b>3.3.1.1.</b>
|
||
|
||
Pod解析
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.1.2" data-path="init-containers.html">
|
||
|
||
<a href="init-containers.html">
|
||
|
||
|
||
<b>3.3.1.2.</b>
|
||
|
||
Init容器
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.1.3" data-path="pod-security-policy.html">
|
||
|
||
<a href="pod-security-policy.html">
|
||
|
||
|
||
<b>3.3.1.3.</b>
|
||
|
||
Pod安全策略
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.1.4" data-path="pod-lifecycle.html">
|
||
|
||
<a href="pod-lifecycle.html">
|
||
|
||
|
||
<b>3.3.1.4.</b>
|
||
|
||
Pod的生命周期
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.1.5" data-path="pod-hook.html">
|
||
|
||
<a href="pod-hook.html">
|
||
|
||
|
||
<b>3.3.1.5.</b>
|
||
|
||
Pod hook
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.1.6" data-path="pod-preset.html">
|
||
|
||
<a href="pod-preset.html">
|
||
|
||
|
||
<b>3.3.1.6.</b>
|
||
|
||
Pod Preset
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.2" data-path="node.html">
|
||
|
||
<a href="node.html">
|
||
|
||
|
||
<b>3.3.2.</b>
|
||
|
||
Node
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.3" data-path="namespace.html">
|
||
|
||
<a href="namespace.html">
|
||
|
||
|
||
<b>3.3.3.</b>
|
||
|
||
Namespace
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter active" data-level="3.3.4" data-path="service.html">
|
||
|
||
<a href="service.html">
|
||
|
||
|
||
<b>3.3.4.</b>
|
||
|
||
Service
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.5" data-path="volume.html">
|
||
|
||
<a href="volume.html">
|
||
|
||
|
||
<b>3.3.5.</b>
|
||
|
||
Volume和Persistent Volume
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.6" data-path="deployment.html">
|
||
|
||
<a href="deployment.html">
|
||
|
||
|
||
<b>3.3.6.</b>
|
||
|
||
Deployment
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.7" data-path="secret.html">
|
||
|
||
<a href="secret.html">
|
||
|
||
|
||
<b>3.3.7.</b>
|
||
|
||
Secret
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.8" data-path="statefulset.html">
|
||
|
||
<a href="statefulset.html">
|
||
|
||
|
||
<b>3.3.8.</b>
|
||
|
||
StatefulSet
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.9" data-path="daemonset.html">
|
||
|
||
<a href="daemonset.html">
|
||
|
||
|
||
<b>3.3.9.</b>
|
||
|
||
DaemonSet
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.10" data-path="serviceaccount.html">
|
||
|
||
<a href="serviceaccount.html">
|
||
|
||
|
||
<b>3.3.10.</b>
|
||
|
||
ServiceAccount
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.11" data-path="replicaset.html">
|
||
|
||
<a href="replicaset.html">
|
||
|
||
|
||
<b>3.3.11.</b>
|
||
|
||
ReplicationController和ReplicaSet
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.12" data-path="job.html">
|
||
|
||
<a href="job.html">
|
||
|
||
|
||
<b>3.3.12.</b>
|
||
|
||
Job
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.13" data-path="cronjob.html">
|
||
|
||
<a href="cronjob.html">
|
||
|
||
|
||
<b>3.3.13.</b>
|
||
|
||
CronJob
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.14" data-path="ingress.html">
|
||
|
||
<a href="ingress.html">
|
||
|
||
|
||
<b>3.3.14.</b>
|
||
|
||
Ingress
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="3.3.14.1" data-path="traefik-ingress-controller.html">
|
||
|
||
<a href="traefik-ingress-controller.html">
|
||
|
||
|
||
<b>3.3.14.1.</b>
|
||
|
||
Traefik Ingress Controller
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.15" data-path="configmap.html">
|
||
|
||
<a href="configmap.html">
|
||
|
||
|
||
<b>3.3.15.</b>
|
||
|
||
ConfigMap
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="3.3.15.1" data-path="configmap-hot-update.html">
|
||
|
||
<a href="configmap-hot-update.html">
|
||
|
||
|
||
<b>3.3.15.1.</b>
|
||
|
||
ConfigMap的热更新
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.16" data-path="horizontal-pod-autoscaling.html">
|
||
|
||
<a href="horizontal-pod-autoscaling.html">
|
||
|
||
|
||
<b>3.3.16.</b>
|
||
|
||
Horizontal Pod Autoscaling
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="3.3.16.1" data-path="custom-metrics-hpa.html">
|
||
|
||
<a href="custom-metrics-hpa.html">
|
||
|
||
|
||
<b>3.3.16.1.</b>
|
||
|
||
自定义指标HPA
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.17" data-path="label.html">
|
||
|
||
<a href="label.html">
|
||
|
||
|
||
<b>3.3.17.</b>
|
||
|
||
Label
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.18" data-path="garbage-collection.html">
|
||
|
||
<a href="garbage-collection.html">
|
||
|
||
|
||
<b>3.3.18.</b>
|
||
|
||
垃圾收集
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.19" data-path="network-policy.html">
|
||
|
||
<a href="network-policy.html">
|
||
|
||
|
||
<b>3.3.19.</b>
|
||
|
||
NetworkPolicy
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.20" data-path="annotation.html">
|
||
|
||
<a href="annotation.html">
|
||
|
||
|
||
<b>3.3.20.</b>
|
||
|
||
Annotation
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.21" data-path="aggregated-api-server.html">
|
||
|
||
<a href="aggregated-api-server.html">
|
||
|
||
|
||
<b>3.3.21.</b>
|
||
|
||
Aggregated API Server
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.22" data-path="custom-resource.html">
|
||
|
||
<a href="custom-resource.html">
|
||
|
||
|
||
<b>3.3.22.</b>
|
||
|
||
使用自定义资源扩展API
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="3.3.23" data-path="apiservice.html">
|
||
|
||
<a href="apiservice.html">
|
||
|
||
|
||
<b>3.3.23.</b>
|
||
|
||
APIService
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
|
||
|
||
|
||
<li class="header">用户指南</li>
|
||
|
||
|
||
|
||
<li class="chapter " data-level="4.1" data-path="../guide/">
|
||
|
||
<a href="../guide/">
|
||
|
||
|
||
<b>4.1.</b>
|
||
|
||
用户指南
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.2" data-path="../guide/resource-configuration.html">
|
||
|
||
<a href="../guide/resource-configuration.html">
|
||
|
||
|
||
<b>4.2.</b>
|
||
|
||
资源对象配置
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="4.2.1" data-path="../guide/configure-liveness-readiness-probes.html">
|
||
|
||
<a href="../guide/configure-liveness-readiness-probes.html">
|
||
|
||
|
||
<b>4.2.1.</b>
|
||
|
||
配置Pod的liveness和readiness探针
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.2.2" data-path="../guide/configure-pod-service-account.html">
|
||
|
||
<a href="../guide/configure-pod-service-account.html">
|
||
|
||
|
||
<b>4.2.2.</b>
|
||
|
||
配置Pod的Service Account
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.2.3" data-path="../guide/secret-configuration.html">
|
||
|
||
<a href="../guide/secret-configuration.html">
|
||
|
||
|
||
<b>4.2.3.</b>
|
||
|
||
Secret配置
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.2.4" data-path="../guide/resource-quota-management.html">
|
||
|
||
<a href="../guide/resource-quota-management.html">
|
||
|
||
|
||
<b>4.2.4.</b>
|
||
|
||
管理namespace中的资源配额
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.3" data-path="../guide/command-usage.html">
|
||
|
||
<a href="../guide/command-usage.html">
|
||
|
||
|
||
<b>4.3.</b>
|
||
|
||
命令使用
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="4.3.1" data-path="../guide/docker-cli-to-kubectl.html">
|
||
|
||
<a href="../guide/docker-cli-to-kubectl.html">
|
||
|
||
|
||
<b>4.3.1.</b>
|
||
|
||
docker用户过度到kubectl命令行指南
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.3.2" data-path="../guide/using-kubectl.html">
|
||
|
||
<a href="../guide/using-kubectl.html">
|
||
|
||
|
||
<b>4.3.2.</b>
|
||
|
||
kubectl命令概览
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.3.3" data-path="../guide/kubectl-cheatsheet.html">
|
||
|
||
<a href="../guide/kubectl-cheatsheet.html">
|
||
|
||
|
||
<b>4.3.3.</b>
|
||
|
||
kubectl命令技巧大全
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.3.4" data-path="../guide/using-etcdctl-to-access-kubernetes-data.html">
|
||
|
||
<a href="../guide/using-etcdctl-to-access-kubernetes-data.html">
|
||
|
||
|
||
<b>4.3.4.</b>
|
||
|
||
使用etcdctl访问kubernetes数据
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.4" data-path="../guide/cluster-security-management.html">
|
||
|
||
<a href="../guide/cluster-security-management.html">
|
||
|
||
|
||
<b>4.4.</b>
|
||
|
||
集群安全性管理
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="4.4.1" data-path="../guide/managing-tls-in-a-cluster.html">
|
||
|
||
<a href="../guide/managing-tls-in-a-cluster.html">
|
||
|
||
|
||
<b>4.4.1.</b>
|
||
|
||
管理集群中的TLS
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.4.2" data-path="../guide/kubelet-authentication-authorization.html">
|
||
|
||
<a href="../guide/kubelet-authentication-authorization.html">
|
||
|
||
|
||
<b>4.4.2.</b>
|
||
|
||
kubelet的认证授权
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.4.3" data-path="../guide/tls-bootstrapping.html">
|
||
|
||
<a href="../guide/tls-bootstrapping.html">
|
||
|
||
|
||
<b>4.4.3.</b>
|
||
|
||
TLS bootstrap
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.4.4" data-path="../guide/kubectl-user-authentication-authorization.html">
|
||
|
||
<a href="../guide/kubectl-user-authentication-authorization.html">
|
||
|
||
|
||
<b>4.4.4.</b>
|
||
|
||
创建用户认证授权的kubeconfig文件
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.4.5" data-path="../guide/rbac.html">
|
||
|
||
<a href="../guide/rbac.html">
|
||
|
||
|
||
<b>4.4.5.</b>
|
||
|
||
RBAC——基于角色的访问控制
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.4.6" data-path="../guide/ip-masq-agent.html">
|
||
|
||
<a href="../guide/ip-masq-agent.html">
|
||
|
||
|
||
<b>4.4.6.</b>
|
||
|
||
IP伪装代理
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.4.7" data-path="../guide/auth-with-kubeconfig-or-token.html">
|
||
|
||
<a href="../guide/auth-with-kubeconfig-or-token.html">
|
||
|
||
|
||
<b>4.4.7.</b>
|
||
|
||
使用kubeconfig或token进行用户身份认证
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.4.8" data-path="../guide/authentication.html">
|
||
|
||
<a href="../guide/authentication.html">
|
||
|
||
|
||
<b>4.4.8.</b>
|
||
|
||
kubernetes中的用户与身份认证授权
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.5" data-path="../guide/access-kubernetes-cluster.html">
|
||
|
||
<a href="../guide/access-kubernetes-cluster.html">
|
||
|
||
|
||
<b>4.5.</b>
|
||
|
||
访问Kubernetes集群
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="4.5.1" data-path="../guide/access-cluster.html">
|
||
|
||
<a href="../guide/access-cluster.html">
|
||
|
||
|
||
<b>4.5.1.</b>
|
||
|
||
访问集群
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.5.2" data-path="../guide/authenticate-across-clusters-kubeconfig.html">
|
||
|
||
<a href="../guide/authenticate-across-clusters-kubeconfig.html">
|
||
|
||
|
||
<b>4.5.2.</b>
|
||
|
||
使用kubeconfig文件配置跨集群认证
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.5.3" data-path="../guide/connecting-to-applications-port-forward.html">
|
||
|
||
<a href="../guide/connecting-to-applications-port-forward.html">
|
||
|
||
|
||
<b>4.5.3.</b>
|
||
|
||
通过端口转发访问集群中的应用程序
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.5.4" data-path="../guide/service-access-application-cluster.html">
|
||
|
||
<a href="../guide/service-access-application-cluster.html">
|
||
|
||
|
||
<b>4.5.4.</b>
|
||
|
||
使用service访问群集中的应用程序
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.5.5" data-path="../guide/accessing-kubernetes-pods-from-outside-of-the-cluster.html">
|
||
|
||
<a href="../guide/accessing-kubernetes-pods-from-outside-of-the-cluster.html">
|
||
|
||
|
||
<b>4.5.5.</b>
|
||
|
||
从外部访问Kubernetes中的Pod
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.5.6" data-path="../guide/carbin-mobile-dashboard-for-kubernetes.html">
|
||
|
||
<a href="../guide/carbin-mobile-dashboard-for-kubernetes.html">
|
||
|
||
|
||
<b>4.5.6.</b>
|
||
|
||
Carbin - Kubernetes手机客户端
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.5.7" data-path="../guide/kubernetes-desktop-client.html">
|
||
|
||
<a href="../guide/kubernetes-desktop-client.html">
|
||
|
||
|
||
<b>4.5.7.</b>
|
||
|
||
Kubernetic - Kubernetes桌面客户端
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.6" data-path="../guide/application-development-deployment-flow.html">
|
||
|
||
<a href="../guide/application-development-deployment-flow.html">
|
||
|
||
|
||
<b>4.6.</b>
|
||
|
||
在kubernetes中开发部署应用
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="4.6.1" data-path="../guide/deploy-applications-in-kubernetes.html">
|
||
|
||
<a href="../guide/deploy-applications-in-kubernetes.html">
|
||
|
||
|
||
<b>4.6.1.</b>
|
||
|
||
适用于kubernetes的应用开发部署流程
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.6.2" data-path="../guide/migrating-hadoop-yarn-to-kubernetes.html">
|
||
|
||
<a href="../guide/migrating-hadoop-yarn-to-kubernetes.html">
|
||
|
||
|
||
<b>4.6.2.</b>
|
||
|
||
迁移传统应用到kubernetes中——以Hadoop YARN为例
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="4.6.3" data-path="../guide/using-statefulset.html">
|
||
|
||
<a href="../guide/using-statefulset.html">
|
||
|
||
|
||
<b>4.6.3.</b>
|
||
|
||
使用StatefulSet部署用状态应用
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
|
||
|
||
|
||
<li class="header">最佳实践</li>
|
||
|
||
|
||
|
||
<li class="chapter " data-level="5.1" data-path="../practice/">
|
||
|
||
<a href="../practice/">
|
||
|
||
|
||
<b>5.1.</b>
|
||
|
||
最佳实践概览
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2" data-path="../practice/install-kubernetes-on-centos.html">
|
||
|
||
<a href="../practice/install-kubernetes-on-centos.html">
|
||
|
||
|
||
<b>5.2.</b>
|
||
|
||
在CentOS上部署kubernetes集群
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.2.1" data-path="../practice/create-tls-and-secret-key.html">
|
||
|
||
<a href="../practice/create-tls-and-secret-key.html">
|
||
|
||
|
||
<b>5.2.1.</b>
|
||
|
||
创建TLS证书和秘钥
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2.2" data-path="../practice/create-kubeconfig.html">
|
||
|
||
<a href="../practice/create-kubeconfig.html">
|
||
|
||
|
||
<b>5.2.2.</b>
|
||
|
||
创建kubeconfig文件
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2.3" data-path="../practice/etcd-cluster-installation.html">
|
||
|
||
<a href="../practice/etcd-cluster-installation.html">
|
||
|
||
|
||
<b>5.2.3.</b>
|
||
|
||
创建高可用etcd集群
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2.4" data-path="../practice/kubectl-installation.html">
|
||
|
||
<a href="../practice/kubectl-installation.html">
|
||
|
||
|
||
<b>5.2.4.</b>
|
||
|
||
安装kubectl命令行工具
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2.5" data-path="../practice/master-installation.html">
|
||
|
||
<a href="../practice/master-installation.html">
|
||
|
||
|
||
<b>5.2.5.</b>
|
||
|
||
部署master节点
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2.6" data-path="../practice/flannel-installation.html">
|
||
|
||
<a href="../practice/flannel-installation.html">
|
||
|
||
|
||
<b>5.2.6.</b>
|
||
|
||
安装flannel网络插件
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2.7" data-path="../practice/node-installation.html">
|
||
|
||
<a href="../practice/node-installation.html">
|
||
|
||
|
||
<b>5.2.7.</b>
|
||
|
||
部署node节点
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2.8" data-path="../practice/kubedns-addon-installation.html">
|
||
|
||
<a href="../practice/kubedns-addon-installation.html">
|
||
|
||
|
||
<b>5.2.8.</b>
|
||
|
||
安装kubedns插件
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2.9" data-path="../practice/dashboard-addon-installation.html">
|
||
|
||
<a href="../practice/dashboard-addon-installation.html">
|
||
|
||
|
||
<b>5.2.9.</b>
|
||
|
||
安装dashboard插件
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2.10" data-path="../practice/heapster-addon-installation.html">
|
||
|
||
<a href="../practice/heapster-addon-installation.html">
|
||
|
||
|
||
<b>5.2.10.</b>
|
||
|
||
安装heapster插件
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.2.11" data-path="../practice/efk-addon-installation.html">
|
||
|
||
<a href="../practice/efk-addon-installation.html">
|
||
|
||
|
||
<b>5.2.11.</b>
|
||
|
||
安装EFK插件
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.3" data-path="../practice/service-discovery-and-loadbalancing.html">
|
||
|
||
<a href="../practice/service-discovery-and-loadbalancing.html">
|
||
|
||
|
||
<b>5.3.</b>
|
||
|
||
服务发现与负载均衡
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.3.1" data-path="../practice/traefik-ingress-installation.html">
|
||
|
||
<a href="../practice/traefik-ingress-installation.html">
|
||
|
||
|
||
<b>5.3.1.</b>
|
||
|
||
安装Traefik ingress
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.3.2" data-path="../practice/distributed-load-test.html">
|
||
|
||
<a href="../practice/distributed-load-test.html">
|
||
|
||
|
||
<b>5.3.2.</b>
|
||
|
||
分布式负载测试
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.3.3" data-path="../practice/network-and-cluster-perfermance-test.html">
|
||
|
||
<a href="../practice/network-and-cluster-perfermance-test.html">
|
||
|
||
|
||
<b>5.3.3.</b>
|
||
|
||
网络和集群性能测试
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.3.4" data-path="../practice/edge-node-configuration.html">
|
||
|
||
<a href="../practice/edge-node-configuration.html">
|
||
|
||
|
||
<b>5.3.4.</b>
|
||
|
||
边缘节点配置
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.3.5" data-path="../practice/nginx-ingress-installation.html">
|
||
|
||
<a href="../practice/nginx-ingress-installation.html">
|
||
|
||
|
||
<b>5.3.5.</b>
|
||
|
||
安装Nginx ingress
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.4" data-path="../practice/operation.html">
|
||
|
||
<a href="../practice/operation.html">
|
||
|
||
|
||
<b>5.4.</b>
|
||
|
||
运维管理
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.4.1" data-path="../practice/service-rolling-update.html">
|
||
|
||
<a href="../practice/service-rolling-update.html">
|
||
|
||
|
||
<b>5.4.1.</b>
|
||
|
||
服务滚动升级
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.4.2" data-path="../practice/app-log-collection.html">
|
||
|
||
<a href="../practice/app-log-collection.html">
|
||
|
||
|
||
<b>5.4.2.</b>
|
||
|
||
应用日志收集
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.4.3" data-path="../practice/configuration-best-practice.html">
|
||
|
||
<a href="../practice/configuration-best-practice.html">
|
||
|
||
|
||
<b>5.4.3.</b>
|
||
|
||
配置最佳实践
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.4.4" data-path="../practice/monitor.html">
|
||
|
||
<a href="../practice/monitor.html">
|
||
|
||
|
||
<b>5.4.4.</b>
|
||
|
||
集群及应用监控
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.4.5" data-path="../practice/data-persistence-problem.html">
|
||
|
||
<a href="../practice/data-persistence-problem.html">
|
||
|
||
|
||
<b>5.4.5.</b>
|
||
|
||
数据持久化问题
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.4.6" data-path="../practice/manage-compute-resources-container.html">
|
||
|
||
<a href="../practice/manage-compute-resources-container.html">
|
||
|
||
|
||
<b>5.4.6.</b>
|
||
|
||
管理容器的计算资源
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.5" data-path="../practice/storage.html">
|
||
|
||
<a href="../practice/storage.html">
|
||
|
||
|
||
<b>5.5.</b>
|
||
|
||
存储管理
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.5.1" data-path="../practice/glusterfs.html">
|
||
|
||
<a href="../practice/glusterfs.html">
|
||
|
||
|
||
<b>5.5.1.</b>
|
||
|
||
GlusterFS
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.5.1.1" data-path="../practice/using-glusterfs-for-persistent-storage.html">
|
||
|
||
<a href="../practice/using-glusterfs-for-persistent-storage.html">
|
||
|
||
|
||
<b>5.5.1.1.</b>
|
||
|
||
使用GlusterFS做持久化存储
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.5.1.2" data-path="../practice/storage-for-containers-using-glusterfs-with-openshift.html">
|
||
|
||
<a href="../practice/storage-for-containers-using-glusterfs-with-openshift.html">
|
||
|
||
|
||
<b>5.5.1.2.</b>
|
||
|
||
在OpenShift中使用GlusterFS做持久化存储
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.5.2" data-path="../practice/cephfs.html">
|
||
|
||
<a href="../practice/cephfs.html">
|
||
|
||
|
||
<b>5.5.2.</b>
|
||
|
||
CephFS
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.5.2.1" data-path="../practice/using-ceph-for-persistent-storage.html">
|
||
|
||
<a href="../practice/using-ceph-for-persistent-storage.html">
|
||
|
||
|
||
<b>5.5.2.1.</b>
|
||
|
||
使用Ceph做持久化存储
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.6" data-path="../practice/monitoring.html">
|
||
|
||
<a href="../practice/monitoring.html">
|
||
|
||
|
||
<b>5.6.</b>
|
||
|
||
集群与应用监控
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.6.1" data-path="../practice/heapster.html">
|
||
|
||
<a href="../practice/heapster.html">
|
||
|
||
|
||
<b>5.6.1.</b>
|
||
|
||
Heapster
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.6.1.1" data-path="../practice/using-heapster-to-get-object-metrics.html">
|
||
|
||
<a href="../practice/using-heapster-to-get-object-metrics.html">
|
||
|
||
|
||
<b>5.6.1.1.</b>
|
||
|
||
使用Heapster获取集群和对象的metric数据
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.6.2" data-path="../practice/prometheus.html">
|
||
|
||
<a href="../practice/prometheus.html">
|
||
|
||
|
||
<b>5.6.2.</b>
|
||
|
||
Prometheus
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.6.2.1" data-path="../practice/using-prometheus-to-monitor-kuberentes-cluster.html">
|
||
|
||
<a href="../practice/using-prometheus-to-monitor-kuberentes-cluster.html">
|
||
|
||
|
||
<b>5.6.2.1.</b>
|
||
|
||
使用Prometheus监控kubernetes集群
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.7" data-path="../practice/services-management-tool.html">
|
||
|
||
<a href="../practice/services-management-tool.html">
|
||
|
||
|
||
<b>5.7.</b>
|
||
|
||
服务编排管理
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.7.1" data-path="../practice/helm.html">
|
||
|
||
<a href="../practice/helm.html">
|
||
|
||
|
||
<b>5.7.1.</b>
|
||
|
||
使用Helm管理kubernetes应用
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.7.2" data-path="../practice/create-private-charts-repo.html">
|
||
|
||
<a href="../practice/create-private-charts-repo.html">
|
||
|
||
|
||
<b>5.7.2.</b>
|
||
|
||
构建私有Chart仓库
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.8" data-path="../practice/ci-cd.html">
|
||
|
||
<a href="../practice/ci-cd.html">
|
||
|
||
|
||
<b>5.8.</b>
|
||
|
||
持续集成与发布
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.8.1" data-path="../practice/jenkins-ci-cd.html">
|
||
|
||
<a href="../practice/jenkins-ci-cd.html">
|
||
|
||
|
||
<b>5.8.1.</b>
|
||
|
||
使用Jenkins进行持续集成与发布
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.8.2" data-path="../practice/drone-ci-cd.html">
|
||
|
||
<a href="../practice/drone-ci-cd.html">
|
||
|
||
|
||
<b>5.8.2.</b>
|
||
|
||
使用Drone进行持续集成与发布
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.9" data-path="../practice/update-and-upgrade.html">
|
||
|
||
<a href="../practice/update-and-upgrade.html">
|
||
|
||
|
||
<b>5.9.</b>
|
||
|
||
更新与升级
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="5.9.1" data-path="../practice/manually-upgrade.html">
|
||
|
||
<a href="../practice/manually-upgrade.html">
|
||
|
||
|
||
<b>5.9.1.</b>
|
||
|
||
手动升级kubernetes集群
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="5.9.2" data-path="../practice/dashboard-upgrade.html">
|
||
|
||
<a href="../practice/dashboard-upgrade.html">
|
||
|
||
|
||
<b>5.9.2.</b>
|
||
|
||
升级dashboard
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
|
||
|
||
|
||
<li class="header">领域应用</li>
|
||
|
||
|
||
|
||
<li class="chapter " data-level="6.1" data-path="../usecases/">
|
||
|
||
<a href="../usecases/">
|
||
|
||
|
||
<b>6.1.</b>
|
||
|
||
领域应用概览
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.2" data-path="../usecases/microservices.html">
|
||
|
||
<a href="../usecases/microservices.html">
|
||
|
||
|
||
<b>6.2.</b>
|
||
|
||
微服务架构
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="6.2.1" data-path="../usecases/service-discovery-in-microservices.html">
|
||
|
||
<a href="../usecases/service-discovery-in-microservices.html">
|
||
|
||
|
||
<b>6.2.1.</b>
|
||
|
||
微服务中的服务发现
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.3" data-path="../usecases/service-mesh.html">
|
||
|
||
<a href="../usecases/service-mesh.html">
|
||
|
||
|
||
<b>6.3.</b>
|
||
|
||
Service Mesh 服务网格
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="6.3.1" data-path="../usecases/istio.html">
|
||
|
||
<a href="../usecases/istio.html">
|
||
|
||
|
||
<b>6.3.1.</b>
|
||
|
||
Istio
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="6.3.1.1" data-path="../usecases/istio-installation.html">
|
||
|
||
<a href="../usecases/istio-installation.html">
|
||
|
||
|
||
<b>6.3.1.1.</b>
|
||
|
||
安装并试用Istio service mesh
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.3.1.2" data-path="../usecases/configuring-request-routing.html">
|
||
|
||
<a href="../usecases/configuring-request-routing.html">
|
||
|
||
|
||
<b>6.3.1.2.</b>
|
||
|
||
配置请求的路由规则
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.3.1.3" data-path="../usecases/install-and-expand-istio-mesh.html">
|
||
|
||
<a href="../usecases/install-and-expand-istio-mesh.html">
|
||
|
||
|
||
<b>6.3.1.3.</b>
|
||
|
||
安装和拓展Istio service mesh
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.3.1.4" data-path="../usecases/integrating-vms.html">
|
||
|
||
<a href="../usecases/integrating-vms.html">
|
||
|
||
|
||
<b>6.3.1.4.</b>
|
||
|
||
集成虚拟机
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.3.2" data-path="../usecases/linkerd.html">
|
||
|
||
<a href="../usecases/linkerd.html">
|
||
|
||
|
||
<b>6.3.2.</b>
|
||
|
||
Linkerd
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="6.3.2.1" data-path="../usecases/linkerd-user-guide.html">
|
||
|
||
<a href="../usecases/linkerd-user-guide.html">
|
||
|
||
|
||
<b>6.3.2.1.</b>
|
||
|
||
Linkerd 使用指南
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.3.3" data-path="../usecases/conduit.html">
|
||
|
||
<a href="../usecases/conduit.html">
|
||
|
||
|
||
<b>6.3.3.</b>
|
||
|
||
Conduit
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="6.3.3.1" data-path="../usecases/conduit-overview.html">
|
||
|
||
<a href="../usecases/conduit-overview.html">
|
||
|
||
|
||
<b>6.3.3.1.</b>
|
||
|
||
Condiut概览
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.3.3.2" data-path="../usecases/conduit-installation.html">
|
||
|
||
<a href="../usecases/conduit-installation.html">
|
||
|
||
|
||
<b>6.3.3.2.</b>
|
||
|
||
安装Conduit
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.4" data-path="../usecases/big-data.html">
|
||
|
||
<a href="../usecases/big-data.html">
|
||
|
||
|
||
<b>6.4.</b>
|
||
|
||
大数据
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="6.4.1" data-path="../usecases/spark-standalone-on-kubernetes.html">
|
||
|
||
<a href="../usecases/spark-standalone-on-kubernetes.html">
|
||
|
||
|
||
<b>6.4.1.</b>
|
||
|
||
Spark standalone on Kubernetes
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.4.2" data-path="../usecases/running-spark-with-kubernetes-native-scheduler.html">
|
||
|
||
<a href="../usecases/running-spark-with-kubernetes-native-scheduler.html">
|
||
|
||
|
||
<b>6.4.2.</b>
|
||
|
||
运行支持kubernetes原生调度的Spark程序
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.5" data-path="../usecases/serverless.html">
|
||
|
||
<a href="../usecases/serverless.html">
|
||
|
||
|
||
<b>6.5.</b>
|
||
|
||
Serverless架构
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="6.5.1" data-path="../usecases/understanding-serverless.html">
|
||
|
||
<a href="../usecases/understanding-serverless.html">
|
||
|
||
|
||
<b>6.5.1.</b>
|
||
|
||
理解Serverless
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.5.2" data-path="../usecases/faas.html">
|
||
|
||
<a href="../usecases/faas.html">
|
||
|
||
|
||
<b>6.5.2.</b>
|
||
|
||
FaaS-函数即服务
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="6.5.2.1" data-path="../usecases/openfaas.html">
|
||
|
||
<a href="../usecases/openfaas.html">
|
||
|
||
|
||
<b>6.5.2.1.</b>
|
||
|
||
OpenFaaS
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="6.6" data-path="../usecases/edge-computing.html">
|
||
|
||
<a href="../usecases/edge-computing.html">
|
||
|
||
|
||
<b>6.6.</b>
|
||
|
||
边缘计算
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
|
||
|
||
<li class="header">开发指南</li>
|
||
|
||
|
||
|
||
<li class="chapter " data-level="7.1" data-path="../develop/">
|
||
|
||
<a href="../develop/">
|
||
|
||
|
||
<b>7.1.</b>
|
||
|
||
开发指南概览
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="7.2" data-path="../develop/sigs-and-working-group.html">
|
||
|
||
<a href="../develop/sigs-and-working-group.html">
|
||
|
||
|
||
<b>7.2.</b>
|
||
|
||
SIG和工作组
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="7.3" data-path="../develop/developing-environment.html">
|
||
|
||
<a href="../develop/developing-environment.html">
|
||
|
||
|
||
<b>7.3.</b>
|
||
|
||
开发环境搭建
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="7.4" data-path="../develop/testing.html">
|
||
|
||
<a href="../develop/testing.html">
|
||
|
||
|
||
<b>7.4.</b>
|
||
|
||
单元测试和集成测试
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="7.5" data-path="../develop/client-go-sample.html">
|
||
|
||
<a href="../develop/client-go-sample.html">
|
||
|
||
|
||
<b>7.5.</b>
|
||
|
||
client-go示例
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="7.6" data-path="../develop/contribute.html">
|
||
|
||
<a href="../develop/contribute.html">
|
||
|
||
|
||
<b>7.6.</b>
|
||
|
||
社区贡献
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="7.7" data-path="../develop/minikube.html">
|
||
|
||
<a href="../develop/minikube.html">
|
||
|
||
|
||
<b>7.7.</b>
|
||
|
||
Minikube
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
|
||
|
||
<li class="header">附录</li>
|
||
|
||
|
||
|
||
<li class="chapter " data-level="8.1" data-path="../appendix/">
|
||
|
||
<a href="../appendix/">
|
||
|
||
|
||
<b>8.1.</b>
|
||
|
||
附录说明
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="8.2" data-path="../appendix/debug-kubernetes-services.html">
|
||
|
||
<a href="../appendix/debug-kubernetes-services.html">
|
||
|
||
|
||
<b>8.2.</b>
|
||
|
||
Kubernetes中的应用故障排查
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="8.3" data-path="../appendix/material-share.html">
|
||
|
||
<a href="../appendix/material-share.html">
|
||
|
||
|
||
<b>8.3.</b>
|
||
|
||
Kubernetes相关资讯和情报链接
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="8.4" data-path="../appendix/docker-best-practice.html">
|
||
|
||
<a href="../appendix/docker-best-practice.html">
|
||
|
||
|
||
<b>8.4.</b>
|
||
|
||
Docker最佳实践
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="8.5" data-path="../appendix/tricks.html">
|
||
|
||
<a href="../appendix/tricks.html">
|
||
|
||
|
||
<b>8.5.</b>
|
||
|
||
使用技巧
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="8.6" data-path="../appendix/issues.html">
|
||
|
||
<a href="../appendix/issues.html">
|
||
|
||
|
||
<b>8.6.</b>
|
||
|
||
问题记录
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="8.7" data-path="../appendix/kubernetes-changelog.html">
|
||
|
||
<a href="../appendix/kubernetes-changelog.html">
|
||
|
||
|
||
<b>8.7.</b>
|
||
|
||
kubernetes版本更新日志
|
||
|
||
</a>
|
||
|
||
|
||
|
||
<ul class="articles">
|
||
|
||
|
||
<li class="chapter " data-level="8.7.1" data-path="../appendix/kubernetes-1.7-changelog.html">
|
||
|
||
<a href="../appendix/kubernetes-1.7-changelog.html">
|
||
|
||
|
||
<b>8.7.1.</b>
|
||
|
||
Kubernetes1.7更新日志
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="8.7.2" data-path="../appendix/kubernetes-1.8-changelog.html">
|
||
|
||
<a href="../appendix/kubernetes-1.8-changelog.html">
|
||
|
||
|
||
<b>8.7.2.</b>
|
||
|
||
Kubernetes1.8更新日志
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
<li class="chapter " data-level="8.7.3" data-path="../appendix/kubernetes-1.9-changelog.html">
|
||
|
||
<a href="../appendix/kubernetes-1.9-changelog.html">
|
||
|
||
|
||
<b>8.7.3.</b>
|
||
|
||
Kubernetes1.9更新日志
|
||
|
||
</a>
|
||
|
||
|
||
|
||
</li>
|
||
|
||
|
||
</ul>
|
||
|
||
</li>
|
||
|
||
|
||
|
||
|
||
<li class="divider"></li>
|
||
|
||
<li>
|
||
<a href="https://www.gitbook.com" target="blank" class="gitbook-link">
|
||
本书使用 GitBook 发布
|
||
</a>
|
||
</li>
|
||
</ul>
|
||
|
||
|
||
</nav>
|
||
|
||
|
||
</div>
|
||
|
||
<div class="book-body">
|
||
|
||
<div class="body-inner">
|
||
|
||
|
||
|
||
<div class="book-header" role="navigation">
|
||
|
||
|
||
<!-- Title -->
|
||
<h1>
|
||
<i class="fa fa-circle-o-notch fa-spin"></i>
|
||
<a href=".." >Service</a>
|
||
</h1>
|
||
</div>
|
||
|
||
|
||
|
||
|
||
<div class="page-wrapper" tabindex="-1" role="main">
|
||
<div class="page-inner">
|
||
|
||
<div class="search-plus" id="book-search-results">
|
||
<div class="search-noresults">
|
||
|
||
<section class="normal markdown-section">
|
||
|
||
<h1 id="service">Service</h1>
|
||
<p>Kubernetes <a href="https://kubernetes.io/docs/user-guide/pods" target="_blank"><code>Pod</code></a> 是有生命周期的,它们可以被创建,也可以被销毁,然而一旦被销毁生命就永远结束。
|
||
通过 <a href="https://kubernetes.io/docs/user-guide/replication-controller" target="_blank"><code>ReplicationController</code></a> 能够动态地创建和销毁 <code>Pod</code>(例如,需要进行扩缩容,或者执行 <a href="https://kubernetes.io/docs/user-guide/kubectl/v1.7/#rolling-update" target="_blank">滚动升级</a>)。
|
||
每个 <code>Pod</code> 都会获取它自己的 IP 地址,即使这些 IP 地址不总是稳定可依赖的。
|
||
这会导致一个问题:在 Kubernetes 集群中,如果一组 <code>Pod</code>(称为 backend)为其它 <code>Pod</code> (称为 frontend)提供服务,那么那些 frontend 该如何发现,并连接到这组 <code>Pod</code> 中的哪些 backend 呢?</p>
|
||
<p>关于 <code>Service</code></p>
|
||
<p>Kubernetes <code>Service</code> 定义了这样一种抽象:一个 <code>Pod</code> 的逻辑分组,一种可以访问它们的策略 —— 通常称为微服务。
|
||
这一组 <code>Pod</code> 能够被 <code>Service</code> 访问到,通常是通过 <a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors" target="_blank"><code>Label Selector</code></a>(查看下面了解,为什么可能需要没有 selector 的 <code>Service</code>)实现的。</p>
|
||
<p>举个例子,考虑一个图片处理 backend,它运行了3个副本。这些副本是可互换的 —— frontend 不需要关心它们调用了哪个 backend 副本。
|
||
然而组成这一组 backend 程序的 <code>Pod</code> 实际上可能会发生变化,frontend 客户端不应该也没必要知道,而且也不需要跟踪这一组 backend 的状态。
|
||
<code>Service</code> 定义的抽象能够解耦这种关联。</p>
|
||
<p>对 Kubernetes 集群中的应用,Kubernetes 提供了简单的 <code>Endpoints</code> API,只要 <code>Service</code> 中的一组 <code>Pod</code> 发生变更,应用程序就会被更新。
|
||
对非 Kubernetes 集群中的应用,Kubernetes 提供了基于 VIP 的网桥的方式访问 <code>Service</code>,再由 <code>Service</code> 重定向到 backend <code>Pod</code>。</p>
|
||
<h2 id="定义-service">定义 Service</h2>
|
||
<p>一个 <code>Service</code> 在 Kubernetes 中是一个 REST 对象,和 <code>Pod</code> 类似。
|
||
像所有的 REST 对象一样, <code>Service</code> 定义可以基于 POST 方式,请求 apiserver 创建新的实例。
|
||
例如,假定有一组 <code>Pod</code>,它们对外暴露了 9376 端口,同时还被打上 <code>"app=MyApp"</code> 标签。</p>
|
||
<pre><code class="lang-yaml"><span class="hljs-attr">kind:</span> Service
|
||
<span class="hljs-attr">apiVersion:</span> v1
|
||
<span class="hljs-attr">metadata:</span>
|
||
<span class="hljs-attr"> name:</span> my-service
|
||
<span class="hljs-attr">spec:</span>
|
||
<span class="hljs-attr"> selector:</span>
|
||
<span class="hljs-attr"> app:</span> MyApp
|
||
<span class="hljs-attr"> ports:</span>
|
||
<span class="hljs-attr"> - protocol:</span> TCP
|
||
<span class="hljs-attr"> port:</span> <span class="hljs-number">80</span>
|
||
<span class="hljs-attr"> targetPort:</span> <span class="hljs-number">9376</span>
|
||
</code></pre>
|
||
<p>上述配置将创建一个名称为 “my-service” 的 <code>Service</code> 对象,它会将请求代理到使用 TCP 端口 9376,并且具有标签 <code>"app=MyApp"</code> 的 <code>Pod</code> 上。
|
||
这个 <code>Service</code> 将被指派一个 IP 地址(通常称为 “Cluster IP”),它会被服务的代理使用(见下面)。
|
||
该 <code>Service</code> 的 selector 将会持续评估,处理结果将被 POST 到一个名称为 “my-service” 的 <code>Endpoints</code> 对象上。</p>
|
||
<p>需要注意的是, <code>Service</code> 能够将一个接收端口映射到任意的 <code>targetPort</code>。
|
||
默认情况下,<code>targetPort</code> 将被设置为与 <code>port</code> 字段相同的值。
|
||
可能更有趣的是,<code>targetPort</code> 可以是一个字符串,引用了 backend <code>Pod</code> 的一个端口的名称。
|
||
但是,实际指派给该端口名称的端口号,在每个 backend <code>Pod</code> 中可能并不相同。
|
||
对于部署和设计 <code>Service</code> ,这种方式会提供更大的灵活性。
|
||
例如,可以在 backend 软件下一个版本中,修改 Pod 暴露的端口,并不会中断客户端的调用。</p>
|
||
<p>Kubernetes <code>Service</code> 能够支持 <code>TCP</code> 和 <code>UDP</code> 协议,默认 <code>TCP</code> 协议。 </p>
|
||
<h3 id="没有-selector-的-service">没有 selector 的 Service</h3>
|
||
<p>Servcie 抽象了该如何访问 Kubernetes <code>Pod</code>,但也能够抽象其它类型的 backend,例如:</p>
|
||
<ul>
|
||
<li>希望在生产环境中使用外部的数据库集群,但测试环境使用自己的数据库。</li>
|
||
<li>希望服务指向另一个 <a href="https://kubernetes.io/docs/user-guide/namespaces" target="_blank"><code>Namespace</code></a> 中或其它集群中的服务。</li>
|
||
<li>正在将工作负载转移到 Kubernetes 集群,和运行在 Kubernetes 集群之外的 backend。</li>
|
||
</ul>
|
||
<p>在任何这些场景中,都能够定义没有 selector 的 <code>Service</code> :</p>
|
||
<pre><code class="lang-yaml"><span class="hljs-attr">kind:</span> Service
|
||
<span class="hljs-attr">apiVersion:</span> v1
|
||
<span class="hljs-attr">metadata:</span>
|
||
<span class="hljs-attr"> name:</span> my-service
|
||
<span class="hljs-attr">spec:</span>
|
||
<span class="hljs-attr"> ports:</span>
|
||
<span class="hljs-attr"> - protocol:</span> TCP
|
||
<span class="hljs-attr"> port:</span> <span class="hljs-number">80</span>
|
||
<span class="hljs-attr"> targetPort:</span> <span class="hljs-number">9376</span>
|
||
</code></pre>
|
||
<p>由于这个 <code>Service</code> 没有 selector,就不会创建相关的 <code>Endpoints</code> 对象。可以手动将 <code>Service</code> 映射到指定的 <code>Endpoints</code>:</p>
|
||
<pre><code class="lang-yaml"><span class="hljs-attr">kind:</span> Endpoints
|
||
<span class="hljs-attr">apiVersion:</span> v1
|
||
<span class="hljs-attr">metadata:</span>
|
||
<span class="hljs-attr"> name:</span> my-service
|
||
<span class="hljs-attr">subsets:</span>
|
||
<span class="hljs-attr"> - addresses:</span>
|
||
<span class="hljs-attr"> - ip:</span> <span class="hljs-number">1.2</span><span class="hljs-number">.3</span><span class="hljs-number">.4</span>
|
||
<span class="hljs-attr"> ports:</span>
|
||
<span class="hljs-attr"> - port:</span> <span class="hljs-number">9376</span>
|
||
</code></pre>
|
||
<p>注意:Endpoint IP 地址不能是 loopback(127.0.0.0/8)、 link-local(169.254.0.0/16)、或者 link-local 多播(224.0.0.0/24)。</p>
|
||
<p>访问没有 selector 的 <code>Service</code>,与有 selector 的 <code>Service</code> 的原理相同。请求将被路由到用户定义的 Endpoint(该示例中为 <code>1.2.3.4:9376</code>)。</p>
|
||
<p>ExternalName <code>Service</code> 是 <code>Service</code> 的特例,它没有 selector,也没有定义任何的端口和 Endpoint。
|
||
相反地,对于运行在集群外部的服务,它通过返回该外部服务的别名这种方式来提供服务。</p>
|
||
<pre><code class="lang-yaml"><span class="hljs-attr">kind:</span> Service
|
||
<span class="hljs-attr">apiVersion:</span> v1
|
||
<span class="hljs-attr">metadata:</span>
|
||
<span class="hljs-attr"> name:</span> my-service
|
||
<span class="hljs-attr"> namespace:</span> prod
|
||
<span class="hljs-attr">spec:</span>
|
||
<span class="hljs-attr"> type:</span> ExternalName
|
||
<span class="hljs-attr"> externalName:</span> my.database.example.com
|
||
</code></pre>
|
||
<p>当查询主机 <code>my-service.prod.svc.CLUSTER</code>时,集群的 DNS 服务将返回一个值为 <code>my.database.example.com</code> 的 <code>CNAME</code> 记录。
|
||
访问这个服务的工作方式与其它的相同,唯一不同的是重定向发生在 DNS 层,而且不会进行代理或转发。
|
||
如果后续决定要将数据库迁移到 Kubernetes 集群中,可以启动对应的 Pod,增加合适的 Selector 或 Endpoint,修改 <code>Service</code> 的 <code>type</code>。</p>
|
||
<h2 id="vip-和-service-代理">VIP 和 Service 代理</h2>
|
||
<p>在 Kubernetes 集群中,每个 Node 运行一个 <code>kube-proxy</code> 进程。<code>kube-proxy</code> 负责为 <code>Service</code> 实现了一种 VIP(虚拟 IP)的形式,而不是 <code>ExternalName</code> 的形式。
|
||
在 Kubernetes v1.0 版本,代理完全在 userspace。在 Kubernetes v1.1 版本,新增了 iptables 代理,但并不是默认的运行模式。
|
||
从 Kubernetes v1.2 起,默认就是 iptables 代理。</p>
|
||
<p>在 Kubernetes v1.0 版本,<code>Service</code> 是 “4层”(TCP/UDP over IP)概念。
|
||
在 Kubernetes v1.1 版本,新增了 <code>Ingress</code> API(beta 版),用来表示 “7层”(HTTP)服务。</p>
|
||
<h3 id="userspace-代理模式">userspace 代理模式</h3>
|
||
<p>这种模式,kube-proxy 会监视 Kubernetes master 对 <code>Service</code> 对象和 <code>Endpoints</code> 对象的添加和移除。
|
||
对每个 <code>Service</code>,它会在本地 Node 上打开一个端口(随机选择)。
|
||
任何连接到“代理端口”的请求,都会被代理到 <code>Service</code> 的backend <code>Pods</code> 中的某个上面(如 <code>Endpoints</code> 所报告的一样)。
|
||
使用哪个 backend <code>Pod</code>,是基于 <code>Service</code> 的 <code>SessionAffinity</code> 来确定的。
|
||
最后,它安装 iptables 规则,捕获到达该 <code>Service</code> 的 <code>clusterIP</code>(是虚拟 IP)和 <code>Port</code> 的请求,并重定向到代理端口,代理端口再代理请求到 backend <code>Pod</code>。</p>
|
||
<p>网络返回的结果是,任何到达 <code>Service</code> 的 IP:Port 的请求,都会被代理到一个合适的 backend,不需要客户端知道关于 Kubernetes、<code>Service</code>、或 <code>Pod</code> 的任何信息。</p>
|
||
<p>默认的策略是,通过 round-robin 算法来选择 backend <code>Pod</code>。
|
||
实现基于客户端 IP 的会话亲和性,可以通过设置 <code>service.spec.sessionAffinity</code> 的值为 <code>"ClientIP"</code> (默认值为 <code>"None"</code>)。</p>
|
||
<figure id="fig3.3.4.1"><img src="../images/services-userspace-overview.jpg" alt="userspace代理模式下Service概览图"><figcaption>图片 - userspace代理模式下Service概览图</figcaption></figure>
|
||
<h3 id="iptables-代理模式">iptables 代理模式</h3>
|
||
<p>这种模式,kube-proxy 会监视 Kubernetes master 对 <code>Service</code> 对象和 <code>Endpoints</code> 对象的添加和移除。
|
||
对每个 <code>Service</code>,它会安装 iptables 规则,从而捕获到达该 <code>Service</code> 的 <code>clusterIP</code>(虚拟 IP)和端口的请求,进而将请求重定向到 <code>Service</code> 的一组 backend 中的某个上面。
|
||
对于每个 <code>Endpoints</code> 对象,它也会安装 iptables 规则,这个规则会选择一个 backend <code>Pod</code>。</p>
|
||
<p>默认的策略是,随机选择一个 backend。
|
||
实现基于客户端 IP 的会话亲和性,可以将 <code>service.spec.sessionAffinity</code> 的值设置为 <code>"ClientIP"</code> (默认值为 <code>"None"</code>)。</p>
|
||
<p>和 userspace 代理类似,网络返回的结果是,任何到达 <code>Service</code> 的 IP:Port 的请求,都会被代理到一个合适的 backend,不需要客户端知道关于 Kubernetes、<code>Service</code>、或 <code>Pod</code> 的任何信息。
|
||
这应该比 userspace 代理更快、更可靠。然而,不像 userspace 代理,如果初始选择的 <code>Pod</code> 没有响应,iptables 代理能够自动地重试另一个 <code>Pod</code>,所以它需要依赖 <a href="https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#defining-readiness-probes" target="_blank">readiness probes</a>。</p>
|
||
<figure id="fig3.3.4.2"><img src="../images/services-iptables-overview.jpg" alt="iptables代理模式下Service概览图"><figcaption>图片 - iptables代理模式下Service概览图</figcaption></figure>
|
||
<h2 id="多端口-service">多端口 Service</h2>
|
||
<p>很多 <code>Service</code> 需要暴露多个端口。对于这种情况,Kubernetes 支持在 <code>Service</code> 对象中定义多个端口。
|
||
当使用多个端口时,必须给出所有的端口的名称,这样 Endpoint 就不会产生歧义,例如:</p>
|
||
<pre><code class="lang-yaml"><span class="hljs-attr">kind:</span> Service
|
||
<span class="hljs-attr">apiVersion:</span> v1
|
||
<span class="hljs-attr">metadata:</span>
|
||
<span class="hljs-attr"> name:</span> my-service
|
||
<span class="hljs-attr">spec:</span>
|
||
<span class="hljs-attr"> selector:</span>
|
||
<span class="hljs-attr"> app:</span> MyApp
|
||
<span class="hljs-attr"> ports:</span>
|
||
<span class="hljs-attr"> - name:</span> http
|
||
<span class="hljs-attr"> protocol:</span> TCP
|
||
<span class="hljs-attr"> port:</span> <span class="hljs-number">80</span>
|
||
<span class="hljs-attr"> targetPort:</span> <span class="hljs-number">9376</span>
|
||
<span class="hljs-attr"> - name:</span> https
|
||
<span class="hljs-attr"> protocol:</span> TCP
|
||
<span class="hljs-attr"> port:</span> <span class="hljs-number">443</span>
|
||
<span class="hljs-attr"> targetPort:</span> <span class="hljs-number">9377</span>
|
||
</code></pre>
|
||
<h2 id="选择自己的-ip-地址">选择自己的 IP 地址</h2>
|
||
<p>在 <code>Service</code> 创建的请求中,可以通过设置 <code>spec.clusterIP</code> 字段来指定自己的集群 IP 地址。
|
||
比如,希望替换一个已经已存在的 DNS 条目,或者遗留系统已经配置了一个固定的 IP 且很难重新配置。
|
||
用户选择的 IP 地址必须合法,并且这个 IP 地址在 <code>service-cluster-ip-range</code> CIDR 范围内,这对 API Server 来说是通过一个标识来指定的。
|
||
如果 IP 地址不合法,API Server 会返回 HTTP 状态码 422,表示值不合法。</p>
|
||
<h3 id="为何不使用-round-robin-dns?">为何不使用 round-robin DNS?</h3>
|
||
<p>一个不时出现的问题是,为什么我们都使用 VIP 的方式,而不使用标准的 round-robin DNS,有如下几个原因:</p>
|
||
<ul>
|
||
<li>长久以来,DNS 库都没能认真对待 DNS TTL、缓存域名查询结果</li>
|
||
<li>很多应用只查询一次 DNS 并缓存了结果<ul>
|
||
<li>就算应用和库能够正确查询解析,每个客户端反复重解析造成的负载也是非常难以管理的</li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
<p>我们尽力阻止用户做那些对他们没有好处的事情,如果很多人都来问这个问题,我们可能会选择实现它。</p>
|
||
<h2 id="服务发现">服务发现</h2>
|
||
<p>Kubernetes 支持2种基本的服务发现模式 —— 环境变量和 DNS。</p>
|
||
<h3 id="环境变量">环境变量</h3>
|
||
<p>当 <code>Pod</code> 运行在 <code>Node</code> 上,kubelet 会为每个活跃的 <code>Service</code> 添加一组环境变量。
|
||
它同时支持 <a href="https://docs.docker.com/userguide/dockerlinks/" target="_blank">Docker links 兼容</a> 变量(查看 <a href="http://releases.k8s.io//pkg/kubelet/envvars/envvars.go#L49" target="_blank">makeLinkVariables</a>)、简单的 <code>{SVCNAME}_SERVICE_HOST</code> 和 <code>{SVCNAME}_SERVICE_PORT</code> 变量,这里 <code>Service</code> 的名称需大写,横线被转换成下划线。</p>
|
||
<p>举个例子,一个名称为 <code>"redis-master"</code> 的 Service 暴露了 TCP 端口 6379,同时给它分配了 Cluster IP 地址 10.0.0.11,这个 Service 生成了如下环境变量:</p>
|
||
<pre><code class="lang-shell">REDIS_MASTER_SERVICE_HOST=10.0.0.11
|
||
REDIS_MASTER_SERVICE_PORT=6379
|
||
REDIS_MASTER_PORT=tcp://10.0.0.11:6379
|
||
REDIS_MASTER_PORT_6379_TCP=tcp://10.0.0.11:6379
|
||
REDIS_MASTER_PORT_6379_TCP_PROTO=tcp
|
||
REDIS_MASTER_PORT_6379_TCP_PORT=6379
|
||
REDIS_MASTER_PORT_6379_TCP_ADDR=10.0.0.11
|
||
</code></pre>
|
||
<p><em>这意味着需要有顺序的要求</em> —— <code>Pod</code> 想要访问的任何 <code>Service</code> 必须在 <code>Pod</code> 自己之前被创建,否则这些环境变量就不会被赋值。DNS 并没有这个限制。</p>
|
||
<h3 id="dns">DNS</h3>
|
||
<p>一个可选(尽管强烈推荐)<a href="http://releases.k8s.io/master/cluster/addons/README.md" target="_blank">集群插件</a> 是 DNS 服务器。
|
||
DNS 服务器监视着创建新 <code>Service</code> 的 Kubernetes API,从而为每一个 <code>Service</code> 创建一组 DNS 记录。
|
||
如果整个集群的 DNS 一直被启用,那么所有的 <code>Pod</code> 应该能够自动对 <code>Service</code> 进行名称解析。</p>
|
||
<p>例如,有一个名称为 <code>"my-service"</code> 的 <code>Service</code>,它在 Kubernetes 集群中名为 <code>"my-ns"</code> 的 <code>Namespace</code> 中,为 <code>"my-service.my-ns"</code> 创建了一条 DNS 记录。
|
||
在名称为 <code>"my-ns"</code> 的 <code>Namespace</code> 中的 <code>Pod</code> 应该能够简单地通过名称查询找到 <code>"my-service"</code>。
|
||
在另一个 <code>Namespace</code> 中的 <code>Pod</code> 必须限定名称为 <code>"my-service.my-ns"</code>。
|
||
这些名称查询的结果是 Cluster IP。</p>
|
||
<p>Kubernetes 也支持对端口名称的 DNS SRV(Service)记录。
|
||
如果名称为 <code>"my-service.my-ns"</code> 的 <code>Service</code> 有一个名为 <code>"http"</code> 的 <code>TCP</code> 端口,可以对 <code>"_http._tcp.my-service.my-ns"</code> 执行 DNS SRV 查询,得到 <code>"http"</code> 的端口号。</p>
|
||
<p>Kubernetes DNS 服务器是唯一的一种能够访问 <code>ExternalName</code> 类型的 Service 的方式。
|
||
更多信息可以查看 <a href="https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/" target="_blank">DNS Pod 和 Service</a>。</p>
|
||
<h2 id="headless-service">Headless Service</h2>
|
||
<p>有时不需要或不想要负载均衡,以及单独的 Service IP。
|
||
遇到这种情况,可以通过指定 Cluster IP(<code>spec.clusterIP</code>)的值为 <code>"None"</code> 来创建 <code>Headless</code> Service。</p>
|
||
<p>这个选项允许开发人员自由寻找他们自己的方式,从而降低与 Kubernetes 系统的耦合性。
|
||
应用仍然可以使用一种自注册的模式和适配器,对其它需要发现机制的系统能够很容易地基于这个 API 来构建。</p>
|
||
<p>对这类 <code>Service</code> 并不会分配 Cluster IP,kube-proxy 不会处理它们,而且平台也不会为它们进行负载均衡和路由。
|
||
DNS 如何实现自动配置,依赖于 <code>Service</code> 是否定义了 selector。</p>
|
||
<h3 id="配置-selector">配置 Selector</h3>
|
||
<p>对定义了 selector 的 Headless Service,Endpoint 控制器在 API 中创建了 <code>Endpoints</code> 记录,并且修改 DNS 配置返回 A 记录(地址),通过这个地址直接到达 <code>Service</code> 的后端 <code>Pod</code> 上。</p>
|
||
<h3 id="不配置-selector">不配置 Selector</h3>
|
||
<p>对没有定义 selector 的 Headless Service,Endpoint 控制器不会创建 <code>Endpoints</code> 记录。
|
||
然而 DNS 系统会查找和配置,无论是:</p>
|
||
<ul>
|
||
<li><code>ExternalName</code> 类型 Service 的 CNAME 记录<ul>
|
||
<li>记录:与 Service 共享一个名称的任何 <code>Endpoints</code>,以及所有其它类型</li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
<h2 id="发布服务-——-服务类型">发布服务 —— 服务类型</h2>
|
||
<p>对一些应用(如 Frontend)的某些部分,可能希望通过外部(Kubernetes 集群外部)IP 地址暴露 Service。</p>
|
||
<p>Kubernetes <code>ServiceTypes</code> 允许指定一个需要的类型的 Service,默认是 <code>ClusterIP</code> 类型。</p>
|
||
<p><code>Type</code> 的取值以及行为如下:</p>
|
||
<ul>
|
||
<li><code>ClusterIP</code>:通过集群的内部 IP 暴露服务,选择该值,服务只能够在集群内部可以访问,这也是默认的 <code>ServiceType</code>。</li>
|
||
<li><code>NodePort</code>:通过每个 Node 上的 IP 和静态端口(<code>NodePort</code>)暴露服务。<code>NodePort</code> 服务会路由到 <code>ClusterIP</code> 服务,这个 <code>ClusterIP</code> 服务会自动创建。通过请求 <code><NodeIP>:<NodePort></code>,可以从集群的外部访问一个 <code>NodePort</code> 服务。</li>
|
||
<li><code>LoadBalancer</code>:使用云提供商的负载均衡器,可以向外部暴露服务。外部的负载均衡器可以路由到 <code>NodePort</code> 服务和 <code>ClusterIP</code> 服务。</li>
|
||
<li><code>ExternalName</code>:通过返回 <code>CNAME</code> 和它的值,可以将服务映射到 <code>externalName</code> 字段的内容(例如, <code>foo.bar.example.com</code>)。
|
||
没有任何类型代理被创建,这只有 Kubernetes 1.7 或更高版本的 <code>kube-dns</code> 才支持。</li>
|
||
</ul>
|
||
<h3 id="nodeport-类型">NodePort 类型</h3>
|
||
<p>如果设置 <code>type</code> 的值为 <code>"NodePort"</code>,Kubernetes master 将从给定的配置范围内(默认:30000-32767)分配端口,每个 Node 将从该端口(每个 Node 上的同一端口)代理到 <code>Service</code>。该端口将通过 <code>Service</code> 的 <code>spec.ports[*].nodePort</code> 字段被指定。</p>
|
||
<p>如果需要指定的端口号,可以配置 <code>nodePort</code> 的值,系统将分配这个端口,否则调用 API 将会失败(比如,需要关心端口冲突的可能性)。 </p>
|
||
<p>这可以让开发人员自由地安装他们自己的负载均衡器,并配置 Kubernetes 不能完全支持的环境参数,或者直接暴露一个或多个 Node 的 IP 地址。</p>
|
||
<p>需要注意的是,Service 将能够通过 <code><NodeIP>:spec.ports[*].nodePort</code> 和 <code>spec.clusterIp:spec.ports[*].port</code> 而对外可见。</p>
|
||
<h3 id="loadbalancer-类型">LoadBalancer 类型</h3>
|
||
<p>使用支持外部负载均衡器的云提供商的服务,设置 <code>type</code> 的值为 <code>"LoadBalancer"</code>,将为 <code>Service</code> 提供负载均衡器。
|
||
负载均衡器是异步创建的,关于被提供的负载均衡器的信息将会通过 <code>Service</code> 的 <code>status.loadBalancer</code> 字段被发布出去。</p>
|
||
<pre><code class="lang-yaml"><span class="hljs-attr">kind:</span> Service
|
||
<span class="hljs-attr">apiVersion:</span> v1
|
||
<span class="hljs-attr">metadata:</span>
|
||
<span class="hljs-attr"> name:</span> my-service
|
||
<span class="hljs-attr">spec:</span>
|
||
<span class="hljs-attr"> selector:</span>
|
||
<span class="hljs-attr"> app:</span> MyApp
|
||
<span class="hljs-attr"> ports:</span>
|
||
<span class="hljs-attr"> - protocol:</span> TCP
|
||
<span class="hljs-attr"> port:</span> <span class="hljs-number">80</span>
|
||
<span class="hljs-attr"> targetPort:</span> <span class="hljs-number">9376</span>
|
||
<span class="hljs-attr"> nodePort:</span> <span class="hljs-number">30061</span>
|
||
<span class="hljs-attr"> clusterIP:</span> <span class="hljs-number">10.0</span><span class="hljs-number">.171</span><span class="hljs-number">.239</span>
|
||
<span class="hljs-attr"> loadBalancerIP:</span> <span class="hljs-number">78.11</span><span class="hljs-number">.24</span><span class="hljs-number">.19</span>
|
||
<span class="hljs-attr"> type:</span> LoadBalancer
|
||
<span class="hljs-attr">status:</span>
|
||
<span class="hljs-attr"> loadBalancer:</span>
|
||
<span class="hljs-attr"> ingress:</span>
|
||
<span class="hljs-attr"> - ip:</span> <span class="hljs-number">146.148</span><span class="hljs-number">.47</span><span class="hljs-number">.155</span>
|
||
</code></pre>
|
||
<p>来自外部负载均衡器的流量将直接打到 backend <code>Pod</code> 上,不过实际它们是如何工作的,这要依赖于云提供商。
|
||
在这些情况下,将根据用户设置的 <code>loadBalancerIP</code> 来创建负载均衡器。
|
||
某些云提供商允许设置 <code>loadBalancerIP</code>。如果没有设置 <code>loadBalancerIP</code>,将会给负载均衡器指派一个临时 IP。
|
||
如果设置了 <code>loadBalancerIP</code>,但云提供商并不支持这种特性,那么设置的 <code>loadBalancerIP</code> 值将会被忽略掉。</p>
|
||
<h3 id="aws-内部负载均衡器">AWS 内部负载均衡器</h3>
|
||
<p>在混合云环境中,有时从虚拟私有云(VPC)环境中的服务路由流量是非常有必要的。
|
||
可以通过在 <code>Service</code> 中增加 <code>annotation</code> 来实现,如下所示:</p>
|
||
<pre><code class="lang-yaml">[...]
|
||
<span class="hljs-attr">metadata:</span>
|
||
<span class="hljs-attr"> name:</span> my-service
|
||
<span class="hljs-attr"> annotations:</span>
|
||
service.beta.kubernetes.io/aws-load-balancer-internal: <span class="hljs-number">0.0</span><span class="hljs-number">.0</span><span class="hljs-number">.0</span>/<span class="hljs-number">0</span>
|
||
[...]
|
||
</code></pre>
|
||
<p>在水平分割的 DNS 环境中,需要两个 <code>Service</code> 来将外部和内部的流量路由到 Endpoint 上。</p>
|
||
<h3 id="aws-ssl-支持">AWS SSL 支持</h3>
|
||
<p>对运行在 AWS 上部分支持 SSL 的集群,从 1.3 版本开始,可以为 <code>LoadBalancer</code> 类型的 <code>Service</code> 增加两个 annotation:</p>
|
||
<pre><code> metadata:
|
||
name: my-service
|
||
annotations:
|
||
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012
|
||
</code></pre><p>第一个 annotation 指定了使用的证书。它可以是第三方发行商发行的证书,这个证书或者被上传到 IAM,或者由 AWS 的证书管理器创建。</p>
|
||
<pre><code class="lang-yaml"><span class="hljs-attr"> metadata:</span>
|
||
<span class="hljs-attr"> name:</span> my-service
|
||
<span class="hljs-attr"> annotations:</span>
|
||
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: (https|http|ssl|tcp)
|
||
</code></pre>
|
||
<p>第二个 annotation 指定了 <code>Pod</code> 使用的协议。
|
||
对于 HTTPS 和 SSL,ELB 将期望该 <code>Pod</code> 基于加密的连接来认证自身。</p>
|
||
<p>HTTP 和 HTTPS 将选择7层代理:ELB 将中断与用户的连接,当转发请求时,会解析 Header 信息并添加上用户的 IP 地址(<code>Pod</code> 将只能在连接的另一端看到该 IP 地址)。</p>
|
||
<p>TCP 和 SSL 将选择4层代理:ELB 将转发流量,并不修改 Header 信息。</p>
|
||
<h3 id="外部-ip">外部 IP</h3>
|
||
<p>如果外部的 IP 路由到集群中一个或多个 Node 上,Kubernetes <code>Service</code> 会被暴露给这些 <code>externalIPs</code>。
|
||
通过外部 IP(作为目的 IP 地址)进入到集群,打到 <code>Service</code> 的端口上的流量,将会被路由到 <code>Service</code> 的 Endpoint 上。
|
||
<code>externalIPs</code> 不会被 Kubernetes 管理,它属于集群管理员的职责范畴。</p>
|
||
<p>根据 <code>Service</code> 的规定,<code>externalIPs</code> 可以同任意的 <code>ServiceType</code> 来一起指定。
|
||
在下面的例子中,<code>my-service</code> 可以在 80.11.12.10:80(外部 IP:端口)上被客户端访问。</p>
|
||
<pre><code class="lang-yaml"><span class="hljs-attr">kind:</span> Service
|
||
<span class="hljs-attr">apiVersion:</span> v1
|
||
<span class="hljs-attr">metadata:</span>
|
||
<span class="hljs-attr"> name:</span> my-service
|
||
<span class="hljs-attr">spec:</span>
|
||
<span class="hljs-attr"> selector:</span>
|
||
<span class="hljs-attr"> app:</span> MyApp
|
||
<span class="hljs-attr"> ports:</span>
|
||
<span class="hljs-attr"> - name:</span> http
|
||
<span class="hljs-attr"> protocol:</span> TCP
|
||
<span class="hljs-attr"> port:</span> <span class="hljs-number">80</span>
|
||
<span class="hljs-attr"> targetPort:</span> <span class="hljs-number">9376</span>
|
||
<span class="hljs-attr"> externalIPs:</span>
|
||
<span class="hljs-bullet"> -</span> <span class="hljs-number">80.11</span><span class="hljs-number">.12</span><span class="hljs-number">.10</span>
|
||
</code></pre>
|
||
<h2 id="不足之处">不足之处</h2>
|
||
<p>为 VIP 使用 userspace 代理,将只适合小型到中型规模的集群,不能够扩展到上千 <code>Service</code> 的大型集群。
|
||
查看 <a href="http://issue.k8s.io/1107" target="_blank">最初设计方案</a> 获取更多细节。</p>
|
||
<p>使用 userspace 代理,隐藏了访问 <code>Service</code> 的数据包的源 IP 地址。
|
||
这使得一些类型的防火墙无法起作用。
|
||
iptables 代理不会隐藏 Kubernetes 集群内部的 IP 地址,但却要求客户端请求必须通过一个负载均衡器或 Node 端口。</p>
|
||
<p><code>Type</code> 字段支持嵌套功能 —— 每一层需要添加到上一层里面。
|
||
不会严格要求所有云提供商(例如,GCE 就没必要为了使一个 <code>LoadBalancer</code> 能工作而分配一个 <code>NodePort</code>,但是 AWS 需要 ),但当前 API 是强制要求的。</p>
|
||
<h2 id="未来工作">未来工作</h2>
|
||
<p>未来我们能预见到,代理策略可能会变得比简单的 round-robin 均衡策略有更多细微的差别,比如 master 选举或分片。
|
||
我们也能想到,某些 <code>Service</code> 将具有 “真正” 的负载均衡器,这种情况下 VIP 将简化数据包的传输。</p>
|
||
<p>我们打算为 L7(HTTP)<code>Service</code> 改进我们对它的支持。</p>
|
||
<p>我们打算为 <code>Service</code> 实现更加灵活的请求进入模式,这些 <code>Service</code> 包含当前 <code>ClusterIP</code>、<code>NodePort</code> 和 <code>LoadBalancer</code> 模式,或者更多。</p>
|
||
<h2 id="vip-的那些骇人听闻的细节">VIP 的那些骇人听闻的细节</h2>
|
||
<p>对很多想使用 <code>Service</code> 的人来说,前面的信息应该足够了。
|
||
然而,有很多内部原理性的内容,还是值去理解的。</p>
|
||
<h3 id="避免冲突">避免冲突</h3>
|
||
<p>Kubernetes 最主要的哲学之一,是用户不应该暴露那些能够导致他们操作失败、但又不是他们的过错的场景。
|
||
这种场景下,让我们来看一下网络端口 —— 用户不应该必须选择一个端口号,而且该端口还有可能与其他用户的冲突。
|
||
这就是说,在彼此隔离状态下仍然会出现失败。</p>
|
||
<p>为了使用户能够为他们的 <code>Service</code> 选择一个端口号,我们必须确保不能有2个 <code>Service</code> 发生冲突。
|
||
我们可以通过为每个 <code>Service</code> 分配它们自己的 IP 地址来实现。</p>
|
||
<p>为了保证每个 <code>Service</code> 被分配到一个唯一的 IP,需要一个内部的分配器能够原子地更新 etcd 中的一个全局分配映射表,这个更新操作要先于创建每一个 <code>Service</code>。
|
||
为了使 <code>Service</code> 能够获取到 IP,这个映射表对象必须在注册中心存在,否则创建 <code>Service</code> 将会失败,指示一个 IP 不能被分配。
|
||
一个后台 Controller 的职责是创建映射表(从 Kubernetes 的旧版本迁移过来,旧版本中是通过在内存中加锁的方式实现),并检查由于管理员干预和清除任意 IP 造成的不合理分配,这些 IP 被分配了但当前没有 <code>Service</code> 使用它们。</p>
|
||
<h3 id="ip-和-vip">IP 和 VIP</h3>
|
||
<p>不像 <code>Pod</code> 的 IP 地址,它实际路由到一个固定的目的地,<code>Service</code> 的 IP 实际上不能通过单个主机来进行应答。
|
||
相反,我们使用 <code>iptables</code>(Linux 中的数据包处理逻辑)来定义一个虚拟IP地址(VIP),它可以根据需要透明地进行重定向。
|
||
当客户端连接到 VIP 时,它们的流量会自动地传输到一个合适的 Endpoint。
|
||
环境变量和 DNS,实际上会根据 <code>Service</code> 的 VIP 和端口来进行填充。</p>
|
||
<h4 id="userspace">Userspace</h4>
|
||
<p>作为一个例子,考虑前面提到的图片处理应用程序。
|
||
当创建 backend <code>Service</code> 时,Kubernetes master 会给它指派一个虚拟 IP 地址,比如 10.0.0.1。
|
||
假设 <code>Service</code> 的端口是 1234,该 <code>Service</code> 会被集群中所有的 <code>kube-proxy</code> 实例观察到。
|
||
当代理看到一个新的 <code>Service</code>, 它会打开一个新的端口,建立一个从该 VIP 重定向到新端口的 iptables,并开始接收请求连接。</p>
|
||
<p>当一个客户端连接到一个 VIP,iptables 规则开始起作用,它会重定向该数据包到 <code>Service代理</code> 的端口。
|
||
<code>Service代理</code> 选择一个 backend,并将客户端的流量代理到 backend 上。</p>
|
||
<p>这意味着 <code>Service</code> 的所有者能够选择任何他们想使用的端口,而不存在冲突的风险。
|
||
客户端可以简单地连接到一个 IP 和端口,而不需要知道实际访问了哪些 <code>Pod</code>。</p>
|
||
<h4 id="iptables">Iptables</h4>
|
||
<p>再次考虑前面提到的图片处理应用程序。
|
||
当创建 backend <code>Service</code> 时,Kubernetes master 会给它指派一个虚拟 IP 地址,比如 10.0.0.1。
|
||
假设 <code>Service</code> 的端口是 1234,该 <code>Service</code> 会被集群中所有的 <code>kube-proxy</code> 实例观察到。
|
||
当代理看到一个新的 <code>Service</code>, 它会安装一系列的 iptables 规则,从 VIP 重定向到 per-<code>Service</code> 规则。
|
||
该 per-<code>Service</code> 规则连接到 per-<code>Endpoint</code> 规则,该 per-<code>Endpoint</code> 规则会重定向(目标 NAT)到 backend。</p>
|
||
<p>当一个客户端连接到一个 VIP,iptables 规则开始起作用。一个 backend 会被选择(或者根据会话亲和性,或者随机),数据包被重定向到这个 backend。
|
||
不像 userspace 代理,数据包从来不拷贝到用户空间,kube-proxy 不是必须为该 VIP 工作而运行,并且客户端 IP 是不可更改的。
|
||
当流量打到 Node 的端口上,或通过负载均衡器,会执行相同的基本流程,但是在那些案例中客户端 IP 是可以更改的。</p>
|
||
<h2 id="api-对象">API 对象</h2>
|
||
<p>在 Kubernetes REST API 中,Service 是 top-level 资源。关于 API 对象的更多细节可以查看:<a href="https://kubernetes.io/docs/api-reference/v1.7/#service-v1-core" target="_blank">Service API 对象</a>。</p>
|
||
<h2 id="更多信息">更多信息</h2>
|
||
<ul>
|
||
<li><a href="https://kubernetes.io/docs/tutorials/connecting-apps/connecting-frontend-backend/" target="_blank">使用 Service 连接 Frontend 到 Backend</a> </li>
|
||
</ul>
|
||
<footer class="page-footer"><span class="copyright">Copyright © jimmysong.io 2017 all right reserved,powered by Gitbook</span><span class="footer-modification">Updated:
|
||
2017-10-17 11:18:59
|
||
</span></footer>
|
||
|
||
</section>
|
||
|
||
</div>
|
||
<div class="search-results">
|
||
<div class="has-results">
|
||
|
||
<h1 class="search-results-title"><span class='search-results-count'></span> results matching "<span class='search-query'></span>"</h1>
|
||
<ul class="search-results-list"></ul>
|
||
|
||
</div>
|
||
<div class="no-results">
|
||
|
||
<h1 class="search-results-title">No results matching "<span class='search-query'></span>"</h1>
|
||
|
||
</div>
|
||
</div>
|
||
</div>
|
||
|
||
</div>
|
||
</div>
|
||
|
||
</div>
|
||
|
||
|
||
|
||
<a href="namespace.html" class="navigation navigation-prev " aria-label="Previous page: Namespace">
|
||
<i class="fa fa-angle-left"></i>
|
||
</a>
|
||
|
||
|
||
<a href="volume.html" class="navigation navigation-next " aria-label="Next page: Volume和Persistent Volume">
|
||
<i class="fa fa-angle-right"></i>
|
||
</a>
|
||
|
||
|
||
|
||
</div>
|
||
|
||
<script>
|
||
var gitbook = gitbook || [];
|
||
gitbook.push(function() {
|
||
gitbook.page.hasChanged({"page":{"title":"Service","level":"3.3.4","depth":2,"next":{"title":"Volume和Persistent Volume","level":"3.3.5","depth":2,"path":"concepts/volume.md","ref":"concepts/volume.md","articles":[]},"previous":{"title":"Namespace","level":"3.3.3","depth":2,"path":"concepts/namespace.md","ref":"concepts/namespace.md","articles":[]},"dir":"ltr"},"config":{"plugins":["github","codesnippet","splitter","page-toc-button","image-captions","editlink","back-to-top-button","-lunr","-search","search-plus","github-buttons@2.1.0","favicon@^0.0.2","tbfed-pagefooter@^0.0.1","3-ba","theme-default"],"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"pluginsConfig":{"tbfed-pagefooter":{"copyright":"Copyright © jimmysong.io 2017","modify_label":"Updated:","modify_format":"YYYY-MM-DD HH:mm:ss"},"github":{"url":"https://github.com/rootsongjc/kubernetes-handbook"},"editlink":{"label":"编辑本页","multilingual":false,"base":"https://github.com/rootsongjc/kubernetes-handbook/blob/master/"},"splitter":{},"codesnippet":{},"fontsettings":{"theme":"white","family":"sans","size":2},"highlight":{},"favicon":{"shortcut":"favicon.ico","bookmark":"favicon.ico"},"page-toc-button":{},"back-to-top-button":{},"github-buttons":{"repo":"rootsongjc/kubernetes-handbook","types":["star"],"size":"small"},"3-ba":{"configuration":"auto","token":"11f7d254cfa4e0ca44b175c66d379ecc"},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"theme-default":{"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"showLevel":true},"search-plus":{},"image-captions":{"caption":"图片 - _CAPTION_","variable_name":"_pictures"}},"theme":"default","author":"Jimmy Song","pdf":{"pageNumbers":true,"fontSize":12,"fontFamily":"Arial","paperSize":"a4","chapterMark":"pagebreak","pageBreaksBefore":"/","margin":{"right":62,"left":62,"top":56,"bottom":56}},"structure":{"langs":"LANGS.md","readme":"README.md","glossary":"GLOSSARY.md","summary":"SUMMARY.md"},"variables":{"_pictures":[{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.1","level":"2.1","list_caption":"Figure: 云计算演进历程","alt":"云计算演进历程","nro":1,"url":"../images/cloud-computing-evolution-road.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"云计算演进历程","attributes":{},"skip":false,"key":"2.1.1"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.2","level":"2.1","list_caption":"Figure: 来自Twitter @MarcWilczek","alt":"来自Twitter @MarcWilczek","nro":2,"url":"../images/cloud-native-comes-of-age.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"来自Twitter @MarcWilczek","attributes":{},"skip":false,"key":"2.1.2"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.3","level":"2.1","list_caption":"Figure: Cloud native思维导图","alt":"Cloud native思维导图","nro":3,"url":"../images/cloud-native-architecutre-mindnode.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"Cloud native思维导图","attributes":{},"skip":false,"key":"2.1.3"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.4","level":"2.1","list_caption":"Figure: 十二因素应用","alt":"十二因素应用","nro":4,"url":"../images/12-factor-app.png","index":4,"caption_template":"图片 - _CAPTION_","label":"十二因素应用","attributes":{},"skip":false,"key":"2.1.4"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.5","level":"2.1","list_caption":"Figure: 容器生态","alt":"容器生态","nro":5,"url":"../images/container-ecosystem.png","index":5,"caption_template":"图片 - _CAPTION_","label":"容器生态","attributes":{},"skip":false,"key":"2.1.5"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.6","level":"2.1","list_caption":"Figure: 使用Jenkins进行持续集成与发布流程图","alt":"使用Jenkins进行持续集成与发布流程图","nro":6,"url":"../images/kubernetes-jenkins-ci-cd.png","index":6,"caption_template":"图片 - _CAPTION_","label":"使用Jenkins进行持续集成与发布流程图","attributes":{},"skip":false,"key":"2.1.6"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.7","level":"2.1","list_caption":"Figure: filebeat日志收集架构图","alt":"filebeat日志收集架构图","nro":7,"url":"../images/filebeat-log-collector-arch.png","index":7,"caption_template":"图片 - _CAPTION_","label":"filebeat日志收集架构图","attributes":{},"skip":false,"key":"2.1.7"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.8","level":"2.1","list_caption":"Figure: API文档","alt":"API文档","nro":8,"url":"../images/k8s-app-monitor-test-api-doc.jpg","index":8,"caption_template":"图片 - _CAPTION_","label":"API文档","attributes":{},"skip":false,"key":"2.1.8"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.9","level":"2.1","list_caption":"Figure: 迁移步骤示意图","alt":"迁移步骤示意图","nro":9,"url":"../images/migrating-hadoop-yarn-to-kubernetes.png","index":9,"caption_template":"图片 - _CAPTION_","label":"迁移步骤示意图","attributes":{},"skip":false,"key":"2.1.9"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.10","level":"2.1","list_caption":"Figure: service mesh架构图","alt":"service mesh架构图","nro":10,"url":"../images/serivce-mesh-control-plane.png","index":10,"caption_template":"图片 - _CAPTION_","label":"service mesh架构图","attributes":{},"skip":false,"key":"2.1.10"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.11","level":"2.1","list_caption":"Figure: kibana界面","alt":"kibana界面","nro":11,"url":"../images/filebeat-docker-test.jpg","index":11,"caption_template":"图片 - _CAPTION_","label":"kibana界面","attributes":{},"skip":false,"key":"2.1.11"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.12","level":"2.1","list_caption":"Figure: Grafana界面示意图1","alt":"Grafana界面示意图1","nro":12,"url":"../images/kubernetes-devops-example-grafana-1.png","index":12,"caption_template":"图片 - _CAPTION_","label":"Grafana界面示意图1","attributes":{},"skip":false,"key":"2.1.12"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.13","level":"2.1","list_caption":"Figure: Grafana界面示意图2","alt":"Grafana界面示意图2","nro":13,"url":"../images/kubernetes-devops-example-grafana-2.png","index":13,"caption_template":"图片 - _CAPTION_","label":"Grafana界面示意图2","attributes":{},"skip":false,"key":"2.1.13"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.14","level":"2.1","list_caption":"Figure: Grafana界面示意图3","alt":"Grafana界面示意图3","nro":14,"url":"../images/kubernetes-devops-example-grafana-3.png","index":14,"caption_template":"图片 - _CAPTION_","label":"Grafana界面示意图3","attributes":{},"skip":false,"key":"2.1.14"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.15","level":"2.1","list_caption":"Figure: dashboard","alt":"dashboard","nro":15,"url":"../images/spark-job-on-kubernetes-example-1.jpg","index":15,"caption_template":"图片 - _CAPTION_","label":"dashboard","attributes":{},"skip":false,"key":"2.1.15"},{"backlink":"cloud-native/kubernetes-and-cloud-native-app-overview.html#fig2.1.16","level":"2.1","list_caption":"Figure: Grafana","alt":"Grafana","nro":16,"url":"../images/spark-job-on-kubernetes-example-2.jpg","index":16,"caption_template":"图片 - _CAPTION_","label":"Grafana","attributes":{},"skip":false,"key":"2.1.16"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.1","level":"2.2","list_caption":"Figure: Cloud Native容器实验室","alt":"Cloud Native容器实验室","nro":17,"url":"https://res.cloudinary.com/jimmysong/image/upload/images/cloud-native-container-lab.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Cloud Native容器实验室","attributes":{},"skip":false,"key":"2.2.1"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.2","level":"2.2","list_caption":"Figure: 容器生态图 Container ecosystem","alt":"容器生态图 Container ecosystem","nro":18,"url":"../images/container-ecosystem.png","index":2,"caption_template":"图片 - _CAPTION_","label":"容器生态图 Container ecosystem","attributes":{},"skip":false,"key":"2.2.2"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.3","level":"2.2","list_caption":"Figure: Cloud Native油井","alt":"Cloud Native油井","nro":19,"url":"https://res.cloudinary.com/jimmysong/image/upload/images/cloud-native-oil-well.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"Cloud Native油井","attributes":{},"skip":false,"key":"2.2.3"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.4","level":"2.2","list_caption":"Figure: Kuberentes架构","alt":"Kuberentes架构","nro":20,"url":"../images/kubernetes-high-level-component-archtecture.jpg","index":4,"caption_template":"图片 - _CAPTION_","label":"Kuberentes架构","attributes":{},"skip":false,"key":"2.2.4"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.5","level":"2.2","list_caption":"Figure: Cloud Native Core target","alt":"Cloud Native Core target","nro":21,"url":"../images/cloud-native-core-target.jpg","index":5,"caption_template":"图片 - _CAPTION_","label":"Cloud Native Core target","attributes":{},"skip":false,"key":"2.2.5"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.6","level":"2.2","list_caption":"Figure: FaaS Landscape","alt":"FaaS Landscape","nro":22,"url":"../images/redpoint-faas-landscape.jpg","index":6,"caption_template":"图片 - _CAPTION_","label":"FaaS Landscape","attributes":{},"skip":false,"key":"2.2.6"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.7","level":"2.2","list_caption":"Figure: Workloads running on Kubernetes","alt":"Workloads running on Kubernetes","nro":23,"url":"https://res.cloudinary.com/jimmysong/image/upload/images/workloads-running-on-kubernetes-2017-thenewstack.jpg","index":7,"caption_template":"图片 - _CAPTION_","label":"Workloads running on Kubernetes","attributes":{},"skip":false,"key":"2.2.7"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.8","level":"2.2","list_caption":"Figure: Gartner技术爆发趋势图2017","alt":"Gartner技术爆发趋势图2017","nro":24,"url":"https://res.cloudinary.com/jimmysong/image/upload/images/gartner-hype-cycle-for-emerging-technologies-2017.jpg","index":8,"caption_template":"图片 - _CAPTION_","label":"Gartner技术爆发趋势图2017","attributes":{},"skip":false,"key":"2.2.8"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.9","level":"2.2","list_caption":"Figure: Microservices concerns","alt":"Microservices concerns","nro":25,"url":"../images/microservices-concerns.jpg","index":9,"caption_template":"图片 - _CAPTION_","label":"Microservices concerns","attributes":{},"skip":false,"key":"2.2.9"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.10","level":"2.2","list_caption":"Figure: 两种服务发现方式","alt":"两种服务发现方式","nro":26,"url":"../images/service-discovery-in-microservices.png","index":10,"caption_template":"图片 - _CAPTION_","label":"两种服务发现方式","attributes":{},"skip":false,"key":"2.2.10"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.11","level":"2.2","list_caption":"Figure: Cloud Native Pipeline","alt":"Cloud Native Pipeline","nro":27,"url":"https://res.cloudinary.com/jimmysong/image/upload/images/cloud-natvie-pipeline.jpg","index":11,"caption_template":"图片 - _CAPTION_","label":"Cloud Native Pipeline","attributes":{},"skip":false,"key":"2.2.11"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.12","level":"2.2","list_caption":"Figure: Cloud Native Features","alt":"Cloud Native Features","nro":28,"url":"https://jimmysong.io/kubernetes-handbook/images/cloud-native-architecutre-mindnode.jpg","index":12,"caption_template":"图片 - _CAPTION_","label":"Cloud Native Features","attributes":{},"skip":false,"key":"2.2.12"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.13","level":"2.2","list_caption":"Figure: Cloud Native Landscape v1.0","alt":"Cloud Native Landscape v1.0","nro":29,"url":"https://raw.githubusercontent.com/cncf/landscape/master/landscape/CloudNativeLandscape_v1.0.jpg","index":13,"caption_template":"图片 - _CAPTION_","label":"Cloud Native Landscape v1.0","attributes":{},"skip":false,"key":"2.2.13"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.14","level":"2.2","list_caption":"Figure: Building a Cloud Native Architecture with Kubernetes followed 12 factor app","alt":"Building a Cloud Native Architecture with Kubernetes followed 12 factor app","nro":30,"url":"../images/building-cloud-native-architecture-with-kubernetes.png","index":14,"caption_template":"图片 - _CAPTION_","label":"Building a Cloud Native Architecture with Kubernetes followed 12 factor app","attributes":{},"skip":false,"key":"2.2.14"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.15","level":"2.2","list_caption":"Figure: Creating Kubernetes native app","alt":"Creating Kubernetes native app","nro":31,"url":"../images/creating-kubernetes-native-app.jpg","index":15,"caption_template":"图片 - _CAPTION_","label":"Creating Kubernetes native app","attributes":{},"skip":false,"key":"2.2.15"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.16","level":"2.2","list_caption":"Figure: Service Mesh中国社区slogan","alt":"Service Mesh中国社区slogan","nro":32,"url":"https://res.cloudinary.com/jimmysong/image/upload/images/service-meshes-pro.jpg","index":16,"caption_template":"图片 - _CAPTION_","label":"Service Mesh中国社区slogan","attributes":{},"skip":false,"key":"2.2.16"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.17","level":"2.2","list_caption":"Figure: istio vs linkerd","alt":"istio vs linkerd","nro":33,"url":"../images/istio-vs-linkerd.jpg","index":17,"caption_template":"图片 - _CAPTION_","label":"istio vs linkerd","attributes":{},"skip":false,"key":"2.2.17"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.18","level":"2.2","list_caption":"Figure: Cloud Native factory","alt":"Cloud Native factory","nro":34,"url":"https://res.cloudinary.com/jimmysong/image/upload/images/cloud-native-factory.jpg","index":18,"caption_template":"图片 - _CAPTION_","label":"Cloud Native factory","attributes":{},"skip":false,"key":"2.2.18"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.19","level":"2.2","list_caption":"Figure: Deployment pipeline","alt":"Deployment pipeline","nro":35,"url":"https://res.cloudinary.com/jimmysong/image/upload/images/deployment-pipeline-comic.jpg","index":19,"caption_template":"图片 - _CAPTION_","label":"Deployment pipeline","attributes":{},"skip":false,"key":"2.2.19"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.20","level":"2.2","list_caption":"Figure: Spark on Kubernetes with different schedulers","alt":"Spark on Kubernetes with different schedulers","nro":36,"url":"../images/spark-on-kubernetes-with-different-schedulers.jpg","index":20,"caption_template":"图片 - _CAPTION_","label":"Spark on Kubernetes with different schedulers","attributes":{},"skip":false,"key":"2.2.20"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.21","level":"2.2","list_caption":"Figure: Kubernetes solutions","alt":"Kubernetes solutions","nro":37,"url":"https://res.cloudinary.com/jimmysong/image/upload/images/kubernetes-solutions-choices.jpg","index":21,"caption_template":"图片 - _CAPTION_","label":"Kubernetes solutions","attributes":{},"skip":false,"key":"2.2.21"},{"backlink":"cloud-native/from-kubernetes-to-cloud-native.html#fig2.2.22","level":"2.2","list_caption":"Figure: Kubernetes SIG","alt":"Kubernetes SIG","nro":38,"url":"../images/kubernetes-sigs.jpg","index":22,"caption_template":"图片 - _CAPTION_","label":"Kubernetes SIG","attributes":{},"skip":false,"key":"2.2.22"},{"backlink":"concepts/index.html#fig3.1.1","level":"3.1","list_caption":"Figure: Borg架构","alt":"Borg架构","nro":39,"url":"../images/borg.png","index":1,"caption_template":"图片 - _CAPTION_","label":"Borg架构","attributes":{},"skip":false,"key":"3.1.1"},{"backlink":"concepts/index.html#fig3.1.2","level":"3.1","list_caption":"Figure: Kubernetes架构","alt":"Kubernetes架构","nro":40,"url":"../images/architecture.png","index":2,"caption_template":"图片 - _CAPTION_","label":"Kubernetes架构","attributes":{},"skip":false,"key":"3.1.2"},{"backlink":"concepts/index.html#fig3.1.3","level":"3.1","list_caption":"Figure: Kuberentes架构(图片来自于网络)","alt":"Kuberentes架构(图片来自于网络)","nro":41,"url":"../images/kubernetes-high-level-component-archtecture.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"Kuberentes架构(图片来自于网络)","attributes":{},"skip":false,"key":"3.1.3"},{"backlink":"concepts/index.html#fig3.1.4","level":"3.1","list_caption":"Figure: kubernetes整体架构示意图","alt":"kubernetes整体架构示意图","nro":42,"url":"../images/kubernetes-whole-arch.png","index":4,"caption_template":"图片 - _CAPTION_","label":"kubernetes整体架构示意图","attributes":{},"skip":false,"key":"3.1.4"},{"backlink":"concepts/index.html#fig3.1.5","level":"3.1","list_caption":"Figure: Kubernetes master架构示意图","alt":"Kubernetes master架构示意图","nro":43,"url":"../images/kubernetes-master-arch.png","index":5,"caption_template":"图片 - _CAPTION_","label":"Kubernetes master架构示意图","attributes":{},"skip":false,"key":"3.1.5"},{"backlink":"concepts/index.html#fig3.1.6","level":"3.1","list_caption":"Figure: kubernetes node架构示意图","alt":"kubernetes node架构示意图","nro":44,"url":"../images/kubernetes-node-arch.png","index":6,"caption_template":"图片 - _CAPTION_","label":"kubernetes node架构示意图","attributes":{},"skip":false,"key":"3.1.6"},{"backlink":"concepts/index.html#fig3.1.7","level":"3.1","list_caption":"Figure: Kubernetes分层架构示意图","alt":"Kubernetes分层架构示意图","nro":45,"url":"../images/kubernetes-layers-arch.jpg","index":7,"caption_template":"图片 - _CAPTION_","label":"Kubernetes分层架构示意图","attributes":{},"skip":false,"key":"3.1.7"},{"backlink":"concepts/concepts.html#fig3.2.1","level":"3.2","list_caption":"Figure: 分层架构示意图","alt":"分层架构示意图","nro":46,"url":"../images/kubernetes-layers-arch.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"分层架构示意图","attributes":{},"skip":false,"key":"3.2.1"},{"backlink":"concepts/pod-overview.html#fig3.3.1.1","level":"3.3.1","list_caption":"Figure: pod diagram","alt":"pod diagram","nro":47,"url":"../images/pod-overview.png","index":1,"caption_template":"图片 - _CAPTION_","label":"pod diagram","attributes":{},"skip":false,"key":"3.3.1.1"},{"backlink":"concepts/pod.html#fig3.3.1.1.1","level":"3.3.1.1","list_caption":"Figure: Pod示意图","alt":"Pod示意图","nro":48,"url":"../images/pod-overview.png","index":1,"caption_template":"图片 - _CAPTION_","label":"Pod示意图","attributes":{},"skip":false,"key":"3.3.1.1.1"},{"backlink":"concepts/pod.html#fig3.3.1.1.2","level":"3.3.1.1","list_caption":"Figure: Pod Cheatsheet","alt":"Pod Cheatsheet","nro":49,"url":"../images/kubernetes-pod-cheatsheet.png","index":2,"caption_template":"图片 - _CAPTION_","label":"Pod Cheatsheet","attributes":{},"skip":false,"key":"3.3.1.1.2"},{"backlink":"concepts/service.html#fig3.3.4.1","level":"3.3.4","list_caption":"Figure: userspace代理模式下Service概览图","alt":"userspace代理模式下Service概览图","nro":50,"url":"../images/services-userspace-overview.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"userspace代理模式下Service概览图","attributes":{},"skip":false,"key":"3.3.4.1"},{"backlink":"concepts/service.html#fig3.3.4.2","level":"3.3.4","list_caption":"Figure: iptables代理模式下Service概览图","alt":"iptables代理模式下Service概览图","nro":51,"url":"../images/services-iptables-overview.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"iptables代理模式下Service概览图","attributes":{},"skip":false,"key":"3.3.4.2"},{"backlink":"concepts/deployment.html#fig3.3.6.1","level":"3.3.6","list_caption":"Figure: kubernetes deployment cheatsheet","alt":"kubernetes deployment cheatsheet","nro":52,"url":"../images/deployment-cheatsheet.png","index":1,"caption_template":"图片 - _CAPTION_","label":"kubernetes deployment cheatsheet","attributes":{},"skip":false,"key":"3.3.6.1"},{"backlink":"concepts/horizontal-pod-autoscaling.html#fig3.3.16.1","level":"3.3.16","list_caption":"Figure: horizontal-pod-autoscaler","alt":"horizontal-pod-autoscaler","nro":53,"url":"../images/horizontal-pod-autoscaler.png","index":1,"caption_template":"图片 - _CAPTION_","label":"horizontal-pod-autoscaler","attributes":{},"skip":false,"key":"3.3.16.1"},{"backlink":"concepts/label.html#fig3.3.17.1","level":"3.3.17","list_caption":"Figure: label示意图","alt":"label示意图","nro":54,"url":"../images/labels.png","index":1,"caption_template":"图片 - _CAPTION_","label":"label示意图","attributes":{},"skip":false,"key":"3.3.17.1"},{"backlink":"guide/using-kubectl.html#fig4.3.2.1","level":"4.3.2","list_caption":"Figure: kubectl cheatsheet","alt":"kubectl cheatsheet","nro":55,"url":"../images/kubernetes-kubectl-cheatsheet.png","index":1,"caption_template":"图片 - _CAPTION_","label":"kubectl cheatsheet","attributes":{},"skip":false,"key":"4.3.2.1"},{"backlink":"guide/using-kubectl.html#fig4.3.2.2","level":"4.3.2","list_caption":"Figure: kube-shell页面","alt":"kube-shell页面","nro":56,"url":"../images/kube-shell.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"kube-shell页面","attributes":{},"skip":false,"key":"4.3.2.2"},{"backlink":"guide/ip-masq-agent.html#fig4.4.6.1","level":"4.4.6","list_caption":"Figure: IP伪装代理示意图","alt":"IP伪装代理示意图","nro":57,"url":"../images/ip-masq.png","index":1,"caption_template":"图片 - _CAPTION_","label":"IP伪装代理示意图","attributes":{},"skip":false,"key":"4.4.6.1"},{"backlink":"guide/auth-with-kubeconfig-or-token.html#fig4.4.7.1","level":"4.4.7","list_caption":"Figure: kubeconfig文件","alt":"kubeconfig文件","nro":58,"url":"../images/brand-kubeconfig-yaml.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"kubeconfig文件","attributes":{},"skip":false,"key":"4.4.7.1"},{"backlink":"guide/authentication.html#fig4.4.8.1","level":"4.4.8","list_caption":"Figure: Kubernetes OpenID Connect Flow","alt":"Kubernetes OpenID Connect Flow","nro":59,"url":"../images/kubernetes-oidc-login.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Kubernetes OpenID Connect Flow","attributes":{},"skip":false,"key":"4.4.8.1"},{"backlink":"guide/carbin-mobile-dashboard-for-kubernetes.html#fig4.5.6.1","level":"4.5.6","list_caption":"Figure: App Store","alt":"App Store","nro":60,"url":"../images/carbin-kubernetes-mobile-dashboard-1.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"App Store","attributes":{},"skip":false,"key":"4.5.6.1"},{"backlink":"guide/carbin-mobile-dashboard-for-kubernetes.html#fig4.5.6.2","level":"4.5.6","list_caption":"Figure: 在手机上操作Kubernetes集群","alt":"在手机上操作Kubernetes集群","nro":61,"url":"../images/carbin-kubernetes-mobile-dashboard-4.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"在手机上操作Kubernetes集群","attributes":{},"skip":false,"key":"4.5.6.2"},{"backlink":"guide/kubernetes-desktop-client.html#fig4.5.7.1","level":"4.5.7","list_caption":"Figure: Kubernetic客户端","alt":"Kubernetic客户端","nro":62,"url":"../images/kubernetic-desktop-ui.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Kubernetic客户端","attributes":{},"skip":false,"key":"4.5.7.1"},{"backlink":"guide/deploy-applications-in-kubernetes.html#fig4.6.1.1","level":"4.6.1","list_caption":"Figure: API","alt":"API","nro":63,"url":"../images/k8s-app-monitor-test-api-doc.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"API","attributes":{},"skip":false,"key":"4.6.1.1"},{"backlink":"guide/deploy-applications-in-kubernetes.html#fig4.6.1.2","level":"4.6.1","list_caption":"Figure: wercker","alt":"wercker","nro":64,"url":"../images/k8s-app-monitor-agent-wercker.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"wercker","attributes":{},"skip":false,"key":"4.6.1.2"},{"backlink":"guide/deploy-applications-in-kubernetes.html#fig4.6.1.3","level":"4.6.1","list_caption":"Figure: 图表","alt":"图表","nro":65,"url":"../images/k8s-app-monitor-agent.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"图表","attributes":{},"skip":false,"key":"4.6.1.3"},{"backlink":"guide/migrating-hadoop-yarn-to-kubernetes.html#fig4.6.2.1","level":"4.6.2","list_caption":"Figure: spark on yarn with kubernetes","alt":"spark on yarn with kubernetes","nro":66,"url":"../images/spark-on-yarn-with-kubernetes.png","index":1,"caption_template":"图片 - _CAPTION_","label":"spark on yarn with kubernetes","attributes":{},"skip":false,"key":"4.6.2.1"},{"backlink":"guide/migrating-hadoop-yarn-to-kubernetes.html#fig4.6.2.2","level":"4.6.2","list_caption":"Figure: Terms","alt":"Terms","nro":67,"url":"../images/terms-in-kubernetes-app-deployment.png","index":2,"caption_template":"图片 - _CAPTION_","label":"Terms","attributes":{},"skip":false,"key":"4.6.2.2"},{"backlink":"guide/migrating-hadoop-yarn-to-kubernetes.html#fig4.6.2.3","level":"4.6.2","list_caption":"Figure: 分解步骤解析","alt":"分解步骤解析","nro":68,"url":"../images/migrating-hadoop-yarn-to-kubernetes.png","index":3,"caption_template":"图片 - _CAPTION_","label":"分解步骤解析","attributes":{},"skip":false,"key":"4.6.2.3"},{"backlink":"practice/node-installation.html#fig5.2.7.1","level":"5.2.7","list_caption":"Figure: welcome nginx","alt":"welcome nginx","nro":69,"url":"../images/kubernetes-installation-test-nginx.png","index":1,"caption_template":"图片 - _CAPTION_","label":"welcome nginx","attributes":{},"skip":false,"key":"5.2.7.1"},{"backlink":"practice/dashboard-addon-installation.html#fig5.2.9.1","level":"5.2.9","list_caption":"Figure: kubernetes dashboard","alt":"kubernetes dashboard","nro":70,"url":"../images/kubernetes-dashboard-raw.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"kubernetes dashboard","attributes":{},"skip":false,"key":"5.2.9.1"},{"backlink":"practice/dashboard-addon-installation.html#fig5.2.9.2","level":"5.2.9","list_caption":"Figure: V1.6.3版本的dashboard界面","alt":"V1.6.3版本的dashboard界面","nro":71,"url":"../images/dashboard-v163.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"V1.6.3版本的dashboard界面","attributes":{},"skip":false,"key":"5.2.9.2"},{"backlink":"practice/heapster-addon-installation.html#fig5.2.10.1","level":"5.2.10","list_caption":"Figure: dashboard-heapster","alt":"dashboard-heapster","nro":72,"url":"../images/kubernetes-dashboard-with-heapster.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"dashboard-heapster","attributes":{},"skip":false,"key":"5.2.10.1"},{"backlink":"practice/heapster-addon-installation.html#fig5.2.10.2","level":"5.2.10","list_caption":"Figure: grafana","alt":"grafana","nro":73,"url":"../images/kubernetes-heapster-grafana.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"grafana","attributes":{},"skip":false,"key":"5.2.10.2"},{"backlink":"practice/heapster-addon-installation.html#fig5.2.10.3","level":"5.2.10","list_caption":"Figure: kubernetes-influxdb-heapster","alt":"kubernetes-influxdb-heapster","nro":74,"url":"../images/kubernetes-influxdb-heapster.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"kubernetes-influxdb-heapster","attributes":{},"skip":false,"key":"5.2.10.3"},{"backlink":"practice/heapster-addon-installation.html#fig5.2.10.4","level":"5.2.10","list_caption":"Figure: 修改grafana模板","alt":"修改grafana模板","nro":75,"url":"../images/grafana-dashboard-setting.jpg","index":4,"caption_template":"图片 - _CAPTION_","label":"修改grafana模板","attributes":{},"skip":false,"key":"5.2.10.4"},{"backlink":"practice/efk-addon-installation.html#fig5.2.11.1","level":"5.2.11","list_caption":"Figure: es-setting","alt":"es-setting","nro":76,"url":"../images/es-setting.png","index":1,"caption_template":"图片 - _CAPTION_","label":"es-setting","attributes":{},"skip":false,"key":"5.2.11.1"},{"backlink":"practice/efk-addon-installation.html#fig5.2.11.2","level":"5.2.11","list_caption":"Figure: es-home","alt":"es-home","nro":77,"url":"../images/kubernetes-efk-kibana.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"es-home","attributes":{},"skip":false,"key":"5.2.11.2"},{"backlink":"practice/traefik-ingress-installation.html#fig5.3.1.1","level":"5.3.1","list_caption":"Figure: kubernetes-dashboard","alt":"kubernetes-dashboard","nro":78,"url":"../images/traefik-dashboard.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"kubernetes-dashboard","attributes":{},"skip":false,"key":"5.3.1.1"},{"backlink":"practice/traefik-ingress-installation.html#fig5.3.1.2","level":"5.3.1","list_caption":"Figure: traefik-nginx","alt":"traefik-nginx","nro":79,"url":"../images/traefik-nginx.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"traefik-nginx","attributes":{},"skip":false,"key":"5.3.1.2"},{"backlink":"practice/traefik-ingress-installation.html#fig5.3.1.3","level":"5.3.1","list_caption":"Figure: traefik-guestbook","alt":"traefik-guestbook","nro":80,"url":"../images/traefik-guestbook.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"traefik-guestbook","attributes":{},"skip":false,"key":"5.3.1.3"},{"backlink":"practice/distributed-load-test.html#fig5.3.2.1","level":"5.3.2","list_caption":"Figure: 使用dashboard来扩容","alt":"使用dashboard来扩容","nro":81,"url":"../images/dashbaord-scale.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"使用dashboard来扩容","attributes":{},"skip":false,"key":"5.3.2.1"},{"backlink":"practice/distributed-load-test.html#fig5.3.2.2","level":"5.3.2","list_caption":"Figure: Traefik的UI","alt":"Traefik的UI","nro":82,"url":"../images/traefik-dashboard-locust.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"Traefik的UI","attributes":{},"skip":false,"key":"5.3.2.2"},{"backlink":"practice/distributed-load-test.html#fig5.3.2.3","level":"5.3.2","list_caption":"Figure: Locust启动界面","alt":"Locust启动界面","nro":83,"url":"../images/locust-start-swarming.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"Locust启动界面","attributes":{},"skip":false,"key":"5.3.2.3"},{"backlink":"practice/distributed-load-test.html#fig5.3.2.4","level":"5.3.2","list_caption":"Figure: Dashboard查看页面","alt":"Dashboard查看页面","nro":84,"url":"../images/sample-webapp-rc.jpg","index":4,"caption_template":"图片 - _CAPTION_","label":"Dashboard查看页面","attributes":{},"skip":false,"key":"5.3.2.4"},{"backlink":"practice/distributed-load-test.html#fig5.3.2.5","level":"5.3.2","list_caption":"Figure: Locust测试结果页面","alt":"Locust测试结果页面","nro":85,"url":"../images/locust-dashboard.jpg","index":5,"caption_template":"图片 - _CAPTION_","label":"Locust测试结果页面","attributes":{},"skip":false,"key":"5.3.2.5"},{"backlink":"practice/network-and-cluster-perfermance-test.html#fig5.3.3.1","level":"5.3.3","list_caption":"Figure: kubernetes-dashboard","alt":"kubernetes-dashboard","nro":86,"url":"../images/kubenetes-e2e-test.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"kubernetes-dashboard","attributes":{},"skip":false,"key":"5.3.3.1"},{"backlink":"practice/network-and-cluster-perfermance-test.html#fig5.3.3.2","level":"5.3.3","list_caption":"Figure: locust测试页面","alt":"locust测试页面","nro":87,"url":"../images/kubernetes-locust-test.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"locust测试页面","attributes":{},"skip":false,"key":"5.3.3.2"},{"backlink":"practice/edge-node-configuration.html#fig5.3.4.1","level":"5.3.4","list_caption":"Figure: 边缘节点架构","alt":"边缘节点架构","nro":88,"url":"../images/kubernetes-edge-node-architecture.png","index":1,"caption_template":"图片 - _CAPTION_","label":"边缘节点架构","attributes":{},"skip":false,"key":"5.3.4.1"},{"backlink":"practice/app-log-collection.html#fig5.4.2.1","level":"5.4.2","list_caption":"Figure: filebeat日志收集架构图","alt":"filebeat日志收集架构图","nro":89,"url":"../images/filebeat-log-collector.png","index":1,"caption_template":"图片 - _CAPTION_","label":"filebeat日志收集架构图","attributes":{},"skip":false,"key":"5.4.2.1"},{"backlink":"practice/app-log-collection.html#fig5.4.2.2","level":"5.4.2","list_caption":"Figure: Kibana页面","alt":"Kibana页面","nro":90,"url":"../images/filebeat-docker-test.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"Kibana页面","attributes":{},"skip":false,"key":"5.4.2.2"},{"backlink":"practice/app-log-collection.html#fig5.4.2.3","level":"5.4.2","list_caption":"Figure: filebeat收集的日志详细信息","alt":"filebeat收集的日志详细信息","nro":91,"url":"../images/kubernetes-filebeat-detail.png","index":3,"caption_template":"图片 - _CAPTION_","label":"filebeat收集的日志详细信息","attributes":{},"skip":false,"key":"5.4.2.3"},{"backlink":"practice/monitor.html#fig5.4.4.1","level":"5.4.4","list_caption":"Figure: Kubernetes集群中的监控","alt":"Kubernetes集群中的监控","nro":92,"url":"../images/monitoring-in-kubernetes.png","index":1,"caption_template":"图片 - _CAPTION_","label":"Kubernetes集群中的监控","attributes":{},"skip":false,"key":"5.4.4.1"},{"backlink":"practice/monitor.html#fig5.4.4.2","level":"5.4.4","list_caption":"Figure: kubernetes的容器命名规则示意图","alt":"kubernetes的容器命名规则示意图","nro":93,"url":"../images/kubernetes-container-naming-rule.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"kubernetes的容器命名规则示意图","attributes":{},"skip":false,"key":"5.4.4.2"},{"backlink":"practice/monitor.html#fig5.4.4.3","level":"5.4.4","list_caption":"Figure: Heapster架构图(改进版)","alt":"Heapster架构图(改进版)","nro":94,"url":"../images/kubernetes-heapster-monitoring.png","index":3,"caption_template":"图片 - _CAPTION_","label":"Heapster架构图(改进版)","attributes":{},"skip":false,"key":"5.4.4.3"},{"backlink":"practice/monitor.html#fig5.4.4.4","level":"5.4.4","list_caption":"Figure: 应用监控架构图","alt":"应用监控架构图","nro":95,"url":"../images/kubernetes-app-monitoring.png","index":4,"caption_template":"图片 - _CAPTION_","label":"应用监控架构图","attributes":{},"skip":false,"key":"5.4.4.4"},{"backlink":"practice/monitor.html#fig5.4.4.5","level":"5.4.4","list_caption":"Figure: 应用拓扑图","alt":"应用拓扑图","nro":96,"url":"../images/weave-scope-service-topology.jpg","index":5,"caption_template":"图片 - _CAPTION_","label":"应用拓扑图","attributes":{},"skip":false,"key":"5.4.4.5"},{"backlink":"practice/data-persistence-problem.html#fig5.4.5.1","level":"5.4.5","list_caption":"Figure: 日志持久化收集解决方案示意图","alt":"日志持久化收集解决方案示意图","nro":97,"url":"../images/log-persistence-logstash.png","index":1,"caption_template":"图片 - _CAPTION_","label":"日志持久化收集解决方案示意图","attributes":{},"skip":false,"key":"5.4.5.1"},{"backlink":"practice/storage-for-containers-using-glusterfs-with-openshift.html#fig5.5.1.2.1","level":"5.5.1.2","list_caption":"Figure: 创建存储","alt":"创建存储","nro":98,"url":"../images/create-gluster-storage.png","index":1,"caption_template":"图片 - _CAPTION_","label":"创建存储","attributes":{},"skip":false,"key":"5.5.1.2.1"},{"backlink":"practice/storage-for-containers-using-glusterfs-with-openshift.html#fig5.5.1.2.2","level":"5.5.1.2","list_caption":"Figure: Screen Shot 2017-03-24 at 11.09.34.png","alt":"Screen Shot 2017-03-24 at 11.09.34.png","nro":99,"url":"https://keithtenzer.files.wordpress.com/2017/03/screen-shot-2017-03-24-at-11-09-341.png?w=440","index":2,"caption_template":"图片 - _CAPTION_","label":"Screen Shot 2017-03-24 at 11.09.34.png","attributes":{},"skip":false,"key":"5.5.1.2.2"},{"backlink":"practice/using-heapster-to-get-object-metrics.html#fig5.6.1.1.1","level":"5.6.1.1","list_caption":"Figure: Heapster架构图","alt":"Heapster架构图","nro":100,"url":"../images/heapster-architecture.png","index":1,"caption_template":"图片 - _CAPTION_","label":"Heapster架构图","attributes":{},"skip":false,"key":"5.6.1.1.1"},{"backlink":"practice/prometheus.html#fig5.6.2.1","level":"5.6.2","list_caption":"Figure: Prometheus 架构图","alt":"Prometheus 架构图","nro":101,"url":"../images/prometheus-architecture.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Prometheus 架构图","attributes":{},"skip":false,"key":"5.6.2.1"},{"backlink":"practice/using-prometheus-to-monitor-kuberentes-cluster.html#fig5.6.2.1.1","level":"5.6.2.1","list_caption":"Figure: Grafana页面","alt":"Grafana页面","nro":102,"url":"../images/kubernetes-prometheus-monitoring.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Grafana页面","attributes":{},"skip":false,"key":"5.6.2.1.1"},{"backlink":"practice/helm.html#fig5.7.1.1","level":"5.7.1","list_caption":"Figure: Helm chart源","alt":"Helm chart源","nro":103,"url":"../images/helm-charts-repository.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Helm chart源","attributes":{},"skip":false,"key":"5.7.1.1"},{"backlink":"practice/helm.html#fig5.7.1.2","level":"5.7.1","list_caption":"Figure: TODO应用的Web页面","alt":"TODO应用的Web页面","nro":104,"url":"../images/helm-mean-todo-aholic.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"TODO应用的Web页面","attributes":{},"skip":false,"key":"5.7.1.2"},{"backlink":"practice/create-private-charts-repo.html#fig5.7.2.1","level":"5.7.2","list_caption":"Figure: Helm monocular界面","alt":"Helm monocular界面","nro":105,"url":"../images/helm-monocular-jimmysong.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Helm monocular界面","attributes":{},"skip":false,"key":"5.7.2.1"},{"backlink":"practice/jenkins-ci-cd.html#fig5.8.1.1","level":"5.8.1","list_caption":"Figure: 基于Jenkins的持续集成与发布","alt":"基于Jenkins的持续集成与发布","nro":106,"url":"../images/kubernetes-jenkins-ci-cd.png","index":1,"caption_template":"图片 - _CAPTION_","label":"基于Jenkins的持续集成与发布","attributes":{},"skip":false,"key":"5.8.1.1"},{"backlink":"practice/drone-ci-cd.html#fig5.8.2.1","level":"5.8.2","list_caption":"Figure: OAuth注册","alt":"OAuth注册","nro":107,"url":"../images/github-oauth-register.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"OAuth注册","attributes":{},"skip":false,"key":"5.8.2.1"},{"backlink":"practice/drone-ci-cd.html#fig5.8.2.2","level":"5.8.2","list_caption":"Figure: OAuth key","alt":"OAuth key","nro":108,"url":"../images/github-oauth-drone-key.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"OAuth key","attributes":{},"skip":false,"key":"5.8.2.2"},{"backlink":"practice/drone-ci-cd.html#fig5.8.2.3","level":"5.8.2","list_caption":"Figure: Drone登陆界面","alt":"Drone登陆界面","nro":109,"url":"../images/drone-login-github.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"Drone登陆界面","attributes":{},"skip":false,"key":"5.8.2.3"},{"backlink":"practice/drone-ci-cd.html#fig5.8.2.4","level":"5.8.2","list_caption":"Figure: Github启用repo设置","alt":"Github启用repo设置","nro":110,"url":"../images/drone-github-active.jpg","index":4,"caption_template":"图片 - _CAPTION_","label":"Github启用repo设置","attributes":{},"skip":false,"key":"5.8.2.4"},{"backlink":"practice/drone-ci-cd.html#fig5.8.2.5","level":"5.8.2","list_caption":"Figure: Github单个repo设置","alt":"Github单个repo设置","nro":111,"url":"../images/drone-github-repo-setting.jpg","index":5,"caption_template":"图片 - _CAPTION_","label":"Github单个repo设置","attributes":{},"skip":false,"key":"5.8.2.5"},{"backlink":"practice/manually-upgrade.html#fig5.9.1.1","level":"5.9.1","list_caption":"Figure: Kubernetes零宕机时间升级建议","alt":"Kubernetes零宕机时间升级建议","nro":112,"url":"../images/zero-downtime-kubernetes-upgrade-tips.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Kubernetes零宕机时间升级建议","attributes":{},"skip":false,"key":"5.9.1.1"},{"backlink":"practice/dashboard-upgrade.html#fig5.9.2.1","level":"5.9.2","list_caption":"Figure: 登陆界面","alt":"登陆界面","nro":113,"url":"../images/kubernetes-dashboard-1.7.1-login.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"登陆界面","attributes":{},"skip":false,"key":"5.9.2.1"},{"backlink":"practice/dashboard-upgrade.html#fig5.9.2.2","level":"5.9.2","list_caption":"Figure: 首页","alt":"首页","nro":114,"url":"../images/kubernetes-dashboard-1.7.1-default-page.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"首页","attributes":{},"skip":false,"key":"5.9.2.2"},{"backlink":"practice/dashboard-upgrade.html#fig5.9.2.3","level":"5.9.2","list_caption":"Figure: 用户空间","alt":"用户空间","nro":115,"url":"../images/kubernetes-dashboard-1.7.1-brand.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"用户空间","attributes":{},"skip":false,"key":"5.9.2.3"},{"backlink":"practice/dashboard-upgrade.html#fig5.9.2.4","level":"5.9.2","list_caption":"Figure: kubeconfig文件","alt":"kubeconfig文件","nro":116,"url":"../images/brand-kubeconfig-yaml.jpg","index":4,"caption_template":"图片 - _CAPTION_","label":"kubeconfig文件","attributes":{},"skip":false,"key":"5.9.2.4"},{"backlink":"usecases/microservices.html#fig6.2.1","level":"6.2","list_caption":"Figure: 微服务关注的部分","alt":"微服务关注的部分","nro":117,"url":"../images/microservices-concerns.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"微服务关注的部分","attributes":{},"skip":false,"key":"6.2.1"},{"backlink":"usecases/service-discovery-in-microservices.html#fig6.2.1.1","level":"6.2.1","list_caption":"Figure: 微服务中的服务发现","alt":"微服务中的服务发现","nro":118,"url":"../images/service-discovery-in-microservices.png","index":1,"caption_template":"图片 - _CAPTION_","label":"微服务中的服务发现","attributes":{},"skip":false,"key":"6.2.1.1"},{"backlink":"usecases/service-mesh.html#fig6.3.1","level":"6.3","list_caption":"Figure: 下一代异构微服务架构","alt":"下一代异构微服务架构","nro":119,"url":"../images/polyglot-microservices-serivce-mesh.png","index":1,"caption_template":"图片 - _CAPTION_","label":"下一代异构微服务架构","attributes":{},"skip":false,"key":"6.3.1"},{"backlink":"usecases/service-mesh.html#fig6.3.2","level":"6.3","list_caption":"Figure: Service Mesh 架构图","alt":"Service Mesh 架构图","nro":120,"url":"../images/serivce-mesh-control-plane.png","index":2,"caption_template":"图片 - _CAPTION_","label":"Service Mesh 架构图","attributes":{},"skip":false,"key":"6.3.2"},{"backlink":"usecases/service-mesh.html#fig6.3.3","level":"6.3","list_caption":"Figure: Istio vs linkerd","alt":"Istio vs linkerd","nro":121,"url":"../images/istio-vs-linkerd.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"Istio vs linkerd","attributes":{},"skip":false,"key":"6.3.3"},{"backlink":"usecases/istio.html#fig6.3.1.1","level":"6.3.1","list_caption":"Figure: Istio架构图","alt":"Istio架构图","nro":122,"url":"../images/istio-arch.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Istio架构图","attributes":{},"skip":false,"key":"6.3.1.1"},{"backlink":"usecases/istio-installation.html#fig6.3.1.1.1","level":"6.3.1.1","list_caption":"Figure: BookInfo Sample应用架构图","alt":"BookInfo Sample应用架构图","nro":123,"url":"../images/bookinfo-sample-arch.png","index":1,"caption_template":"图片 - _CAPTION_","label":"BookInfo Sample应用架构图","attributes":{},"skip":false,"key":"6.3.1.1.1"},{"backlink":"usecases/istio-installation.html#fig6.3.1.1.2","level":"6.3.1.1","list_caption":"Figure: BookInfo Sample页面","alt":"BookInfo Sample页面","nro":124,"url":"../images/bookinfo-sample.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"BookInfo Sample页面","attributes":{},"skip":false,"key":"6.3.1.1.2"},{"backlink":"usecases/istio-installation.html#fig6.3.1.1.3","level":"6.3.1.1","list_caption":"Figure: Istio Grafana界面","alt":"Istio Grafana界面","nro":125,"url":"../images/istio-grafana.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"Istio Grafana界面","attributes":{},"skip":false,"key":"6.3.1.1.3"},{"backlink":"usecases/istio-installation.html#fig6.3.1.1.4","level":"6.3.1.1","list_caption":"Figure: Prometheus页面","alt":"Prometheus页面","nro":126,"url":"../images/istio-prometheus.jpg","index":4,"caption_template":"图片 - _CAPTION_","label":"Prometheus页面","attributes":{},"skip":false,"key":"6.3.1.1.4"},{"backlink":"usecases/istio-installation.html#fig6.3.1.1.5","level":"6.3.1.1","list_caption":"Figure: Zipkin页面","alt":"Zipkin页面","nro":127,"url":"../images/istio-zipkin.jpg","index":5,"caption_template":"图片 - _CAPTION_","label":"Zipkin页面","attributes":{},"skip":false,"key":"6.3.1.1.5"},{"backlink":"usecases/istio-installation.html#fig6.3.1.1.6","level":"6.3.1.1","list_caption":"Figure: ServiceGraph页面","alt":"ServiceGraph页面","nro":128,"url":"../images/istio-servicegraph.jpg","index":6,"caption_template":"图片 - _CAPTION_","label":"ServiceGraph页面","attributes":{},"skip":false,"key":"6.3.1.1.6"},{"backlink":"usecases/install-and-expand-istio-mesh.html#fig6.3.1.3.1","level":"6.3.1.3","list_caption":"Figure: BookInfo","alt":"BookInfo","nro":129,"url":"../images/noistio.png","index":1,"caption_template":"图片 - _CAPTION_","label":"BookInfo","attributes":{},"skip":false,"key":"6.3.1.3.1"},{"backlink":"usecases/install-and-expand-istio-mesh.html#fig6.3.1.3.2","level":"6.3.1.3","list_caption":"Figure: BookInfo","alt":"BookInfo","nro":130,"url":"../images/noistio.png","index":2,"caption_template":"图片 - _CAPTION_","label":"BookInfo","attributes":{},"skip":false,"key":"6.3.1.3.2"},{"backlink":"usecases/integrating-vms.html#fig6.3.1.4.1","level":"6.3.1.4","list_caption":"Figure: Bookinfo应用的拓展Mesh","alt":"Bookinfo应用的拓展Mesh","nro":131,"url":"../images/istio-mesh-expansion.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Bookinfo应用的拓展Mesh","attributes":{},"skip":false,"key":"6.3.1.4.1"},{"backlink":"usecases/linkerd.html#fig6.3.2.1","level":"6.3.2","list_caption":"Figure: source https://linkerd.io","alt":"source https://linkerd.io","nro":132,"url":"../images/diagram-individual-instance.png","index":1,"caption_template":"图片 - _CAPTION_","label":"source https://linkerd.io","attributes":{},"skip":false,"key":"6.3.2.1"},{"backlink":"usecases/linkerd-user-guide.html#fig6.3.2.1.1","level":"6.3.2.1","list_caption":"Figure: Jenkins pipeline","alt":"Jenkins pipeline","nro":133,"url":"../images/linkerd-jenkins-pipeline.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Jenkins pipeline","attributes":{},"skip":false,"key":"6.3.2.1.1"},{"backlink":"usecases/linkerd-user-guide.html#fig6.3.2.1.2","level":"6.3.2.1","list_caption":"Figure: Jenkins config","alt":"Jenkins config","nro":134,"url":"../images/linkerd-jenkins.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"Jenkins config","attributes":{},"skip":false,"key":"6.3.2.1.2"},{"backlink":"usecases/linkerd-user-guide.html#fig6.3.2.1.3","level":"6.3.2.1","list_caption":"Figure: namerd","alt":"namerd","nro":135,"url":"../images/namerd-internal.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"namerd","attributes":{},"skip":false,"key":"6.3.2.1.3"},{"backlink":"usecases/linkerd-user-guide.html#fig6.3.2.1.4","level":"6.3.2.1","list_caption":"Figure: linkerd监控","alt":"linkerd监控","nro":136,"url":"../images/linkerd-helloworld-outgoing.jpg","index":4,"caption_template":"图片 - _CAPTION_","label":"linkerd监控","attributes":{},"skip":false,"key":"6.3.2.1.4"},{"backlink":"usecases/linkerd-user-guide.html#fig6.3.2.1.5","level":"6.3.2.1","list_caption":"Figure: linkerd监控","alt":"linkerd监控","nro":137,"url":"../images/linkerd-helloworld-incoming.jpg","index":5,"caption_template":"图片 - _CAPTION_","label":"linkerd监控","attributes":{},"skip":false,"key":"6.3.2.1.5"},{"backlink":"usecases/linkerd-user-guide.html#fig6.3.2.1.6","level":"6.3.2.1","list_caption":"Figure: linkerd性能监控","alt":"linkerd性能监控","nro":138,"url":"../images/linkerd-grafana.png","index":6,"caption_template":"图片 - _CAPTION_","label":"linkerd性能监控","attributes":{},"skip":false,"key":"6.3.2.1.6"},{"backlink":"usecases/linkerd-user-guide.html#fig6.3.2.1.7","level":"6.3.2.1","list_caption":"Figure: Linkerd ingress controller","alt":"Linkerd ingress controller","nro":139,"url":"../images/linkerd-ingress-controller.jpg","index":7,"caption_template":"图片 - _CAPTION_","label":"Linkerd ingress controller","attributes":{},"skip":false,"key":"6.3.2.1.7"},{"backlink":"usecases/conduit-installation.html#fig6.3.3.2.1","level":"6.3.3.2","list_caption":"Figure: Conduit dashboard","alt":"Conduit dashboard","nro":140,"url":"../images/conduit-dashboard.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Conduit dashboard","attributes":{},"skip":false,"key":"6.3.3.2.1"},{"backlink":"usecases/big-data.html#fig6.4.1","level":"6.4","list_caption":"Figure: Spark on yarn with kubernetes","alt":"Spark on yarn with kubernetes","nro":141,"url":"../images/spark-on-yarn-with-kubernetes.png","index":1,"caption_template":"图片 - _CAPTION_","label":"Spark on yarn with kubernetes","attributes":{},"skip":false,"key":"6.4.1"},{"backlink":"usecases/big-data.html#fig6.4.2","level":"6.4","list_caption":"Figure: 在kubernetes上使用多种调度方式","alt":"在kubernetes上使用多种调度方式","nro":142,"url":"../images/spark-on-kubernetes-with-different-schedulers.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"在kubernetes上使用多种调度方式","attributes":{},"skip":false,"key":"6.4.2"},{"backlink":"usecases/spark-standalone-on-kubernetes.html#fig6.4.1.1","level":"6.4.1","list_caption":"Figure: spark master ui","alt":"spark master ui","nro":143,"url":"../images/spark-ui.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"spark master ui","attributes":{},"skip":false,"key":"6.4.1.1"},{"backlink":"usecases/spark-standalone-on-kubernetes.html#fig6.4.1.2","level":"6.4.1","list_caption":"Figure: zeppelin ui","alt":"zeppelin ui","nro":144,"url":"../images/zeppelin-ui.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"zeppelin ui","attributes":{},"skip":false,"key":"6.4.1.2"},{"backlink":"usecases/serverless.html#fig6.5.1","level":"6.5","list_caption":"Figure: 从物理机到函数计算","alt":"从物理机到函数计算","nro":145,"url":"../images/from-bare-metal-to-functions.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"从物理机到函数计算","attributes":{},"skip":false,"key":"6.5.1"},{"backlink":"usecases/serverless.html#fig6.5.2","level":"6.5","list_caption":"Figure: FaaS Landscape","alt":"FaaS Landscape","nro":146,"url":"../images/redpoint-faas-landscape.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"FaaS Landscape","attributes":{},"skip":false,"key":"6.5.2"},{"backlink":"usecases/understanding-serverless.html#fig6.5.1.1","level":"6.5.1","list_caption":"Figure: 服务端软件的运行环境","alt":"服务端软件的运行环境","nro":147,"url":"../images/serverless-server-side-software.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"服务端软件的运行环境","attributes":{},"skip":false,"key":"6.5.1.1"},{"backlink":"usecases/understanding-serverless.html#fig6.5.1.2","level":"6.5.1","list_caption":"Figure: FaaS应用架构","alt":"FaaS应用架构","nro":148,"url":"../images/serverless-faas-platform.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"FaaS应用架构","attributes":{},"skip":false,"key":"6.5.1.2"},{"backlink":"usecases/understanding-serverless.html#fig6.5.1.3","level":"6.5.1","list_caption":"Figure: 传统应用程序架构","alt":"传统应用程序架构","nro":149,"url":"../images/non-serverless-game-arch.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"传统应用程序架构","attributes":{},"skip":false,"key":"6.5.1.3"},{"backlink":"usecases/understanding-serverless.html#fig6.5.1.4","level":"6.5.1","list_caption":"Figure: Serverless架构","alt":"Serverless架构","nro":150,"url":"../images/serverless-game-arch.jpg","index":4,"caption_template":"图片 - _CAPTION_","label":"Serverless架构","attributes":{},"skip":false,"key":"6.5.1.4"},{"backlink":"usecases/openfaas.html#fig6.5.2.1.1","level":"6.5.2.1","list_caption":"Figure: OpenFaaS架构","alt":"OpenFaaS架构","nro":151,"url":"../images/openfaas-arch.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"OpenFaaS架构","attributes":{},"skip":false,"key":"6.5.2.1.1"},{"backlink":"usecases/openfaas.html#fig6.5.2.1.2","level":"6.5.2.1","list_caption":"Figure: OpenFaaS Prometheus","alt":"OpenFaaS Prometheus","nro":152,"url":"../images/openfaas-prometheus.jpg","index":2,"caption_template":"图片 - _CAPTION_","label":"OpenFaaS Prometheus","attributes":{},"skip":false,"key":"6.5.2.1.2"},{"backlink":"usecases/openfaas.html#fig6.5.2.1.3","level":"6.5.2.1","list_caption":"Figure: OpenFaas Grafana监控","alt":"OpenFaas Grafana监控","nro":153,"url":"../images/openfaas-grafana.jpg","index":3,"caption_template":"图片 - _CAPTION_","label":"OpenFaas Grafana监控","attributes":{},"skip":false,"key":"6.5.2.1.3"},{"backlink":"usecases/openfaas.html#fig6.5.2.1.4","level":"6.5.2.1","list_caption":"Figure: OpenFaas Dashboard","alt":"OpenFaas Dashboard","nro":154,"url":"../images/openfaas-deploy-a-function.jpg","index":4,"caption_template":"图片 - _CAPTION_","label":"OpenFaas Dashboard","attributes":{},"skip":false,"key":"6.5.2.1.4"},{"backlink":"usecases/openfaas.html#fig6.5.2.1.5","level":"6.5.2.1","list_caption":"Figure: NodeInfo执行结果","alt":"NodeInfo执行结果","nro":155,"url":"../images/openfaas-nodeinfo.jpg","index":5,"caption_template":"图片 - _CAPTION_","label":"NodeInfo执行结果","attributes":{},"skip":false,"key":"6.5.2.1.5"},{"backlink":"develop/sigs-and-working-group.html#fig7.2.1","level":"7.2","list_caption":"Figure: Kubernetes SIG","alt":"Kubernetes SIG","nro":156,"url":"../images/kubernetes-sigs.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"Kubernetes SIG","attributes":{},"skip":false,"key":"7.2.1"},{"backlink":"develop/client-go-sample.html#fig7.5.1","level":"7.5","list_caption":"Figure: 使用kubernetes dashboard进行故障排查","alt":"使用kubernetes dashboard进行故障排查","nro":157,"url":"../images/kubernetes-client-go-sample-update.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"使用kubernetes dashboard进行故障排查","attributes":{},"skip":false,"key":"7.5.1"},{"backlink":"appendix/issues.html#fig8.6.1","level":"8.6","list_caption":"Figure: pvc-storage-limit","alt":"pvc-storage-limit","nro":158,"url":"../images/pvc-storage-limit.jpg","index":1,"caption_template":"图片 - _CAPTION_","label":"pvc-storage-limit","attributes":{},"skip":false,"key":"8.6.1"}]},"title":"Kubernetes Handbook - jimmysong.io","language":"zh-hans","links":{"sidebar":{"Jimmy Song":"https://jimmysong.io"}},"gitbook":"*","description":"Kubernetes中文指南/实践手册|kubernetes handbook|jimmysong.io|宋净超"},"file":{"path":"concepts/service.md","mtime":"2017-10-17T03:18:59.285Z","type":"markdown"},"gitbook":{"version":"3.2.2","time":"2017-12-26T07:04:54.366Z"},"basePath":"..","book":{"language":""}});
|
||
});
|
||
</script>
|
||
</div>
|
||
|
||
|
||
<script src="../gitbook/gitbook.js"></script>
|
||
<script src="../gitbook/theme.js"></script>
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-github/plugin.js"></script>
|
||
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-splitter/splitter.js"></script>
|
||
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-page-toc-button/plugin.js"></script>
|
||
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-editlink/plugin.js"></script>
|
||
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-back-to-top-button/plugin.js"></script>
|
||
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-search-plus/jquery.mark.min.js"></script>
|
||
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-search-plus/search.js"></script>
|
||
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-github-buttons/plugin.js"></script>
|
||
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-3-ba/plugin.js"></script>
|
||
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-sharing/buttons.js"></script>
|
||
|
||
|
||
|
||
<script src="../gitbook/gitbook-plugin-fontsettings/fontsettings.js"></script>
|
||
|
||
|
||
|
||
</body>
|
||
</html>
|
||
|