• <button id="4os99"><acronym id="4os99"><menuitem id="4os99"></menuitem></acronym></button>
  • <th id="4os99"><pre id="4os99"></pre></th>
  • <em id="4os99"><tr id="4os99"><kbd id="4os99"></kbd></tr></em>
  • <form id="4os99"></form>
      1. <progress id="4os99"></progress>
        登錄
        立即咨詢

        語言選擇

        諧云 諧云
        在這里探索云原生
        云原生多云容器編排平臺karmada上手指南
        2021年08月26日

        karmada是華為開源的云原生多云容器編排平臺,目標是讓開發者像使用單個k8s集群一樣使用多k8s云。它的第一個release(v0.1.0)出現在2020年12月,而正式發布則是在2021年4月25日,在深圳召開的華為開發者大會(HDC.Cloud)2021上。

        karmada吸取了CNCF社區的Federation v1和v2(也稱為kubefed)項目經驗與教訓,在保持原有k8s資源定義API不變的情況下,通過添加與分布式工作負載部署管理相關的一套新的API和控制面組件,方便用戶將工作負載部署到多云環境中,實現擴容、高可用等目標。

        官方網站:https://karmada.io/

        代碼地址:https://github.com/karmada-io/karmada

        使用karmada管理的多云環境包含兩類集群:

        host集群:即由karmada控制面構成的集群,接受用戶提交的工作負載部署需求,將之同步到member集群,并從member集群同步工作負載后續的運行狀況。

        member集群:由一個或多個k8s集群構成,負責運行用戶提交的工作負載

         

        架構圖如下:

        本文描述karmada的上手流程,使用的karmada版本為v0.7.0后的commit:c4835e1f,與8月發布的v0.8.0差了二十幾個commit。

         

        1. karmada安裝

        1.1. 安裝docker

        按照docker官網文檔在本機安裝docker,對debian來說流程如下:

        安裝基礎工具 

        sudo apt-get update sudo apt-get install \ apt-transport-https \ ca-certificates \ curl \ gnupg \ lsb-release

        安裝docker的gpg key: 

        curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

        安裝docker源 

        echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

        安裝docker 

        apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io

        1.2. 安裝簡易k8s開發集群管理工具:kind

        kind官網對其描述:kind is a tool for running local Kubernetes clusters using Docker container “nodes”. kind was primarily designed for testing Kubernetes itself, but may be used for local development or CI.

        在本地已經安裝好go (1.11以上) 和docker的情況下,執行下面指令安裝kind:

        GO111MODULE=on GOPROXY=goproxy.cn go get sigs.k8s.io/kind@v0.11.1

        0.11.1是當前kind最新的release的,也是后續部署karmada過程中指定要用的版本

        kind使用一個容器來模擬一個node,在容器內部使用systemd托管kubelet和containerd(不是docker),然后通過被托管的kubelet啟動其他k8s組件,比如kube-apiserver、etcd、CNI等跑起來。

        由于kind使用containerd而非docker作為容器運行時,要查看kind啟動的k8s節點內部容器運行情況,需要使用containerd的cli客戶端ctr??梢酝ㄟ^下面這條命令查看后續步驟中karmada調用kind啟動的單節點k8s集群內部容器的運行情況:docker exec karmada-host-control-plane ctr --namespace k8s.io containers ls。

        ctr的flag --namespace不是k8s里的namespace,也不是linux內核支持的namespace,感興趣的同學可以查看containerd的namespace相關概念

        1.3. 啟動本地k8s集群,安裝karmada控制面

        1.確保已經安裝make、gcc工具

        2.確保已經安裝kubectl,可以參考官方文檔采用手動安裝或包管理器的方式安裝

        3.clone karmada源碼:  git clone https://github.com/karmada-io/karmada.git karmada-io/karmada

        4.cd karmada-io/karmada

        5.hack/local-up-karmada.sh,這里包含一系列步驟: 

          1)檢查go、kind等工具是否已經存在

          2)調用kind創建host k8s集群,集群版本默認為1.19.1,與karmada重用的k8s組件(kube-apiserver、kube-controllermanager)版本一致 。創建k8s集群需要的kindest/node:v1.19.1鏡像較大,可以提前下載好,防止后續的local-up-karmada等待集群啟動超時(默認5分鐘)

          3)build karmada控制面可執行文件及容器鏡像,build結束后本地可以找到如下鏡像:karmada-agent、karmada-webhook、karmada-scheduler、karmada-controller-manager

          4)部署karmada控制面組件到host集群

          5)創建CRD,也就是karmada自定義的多云工作負載API資源,包含:propgation policy,override policy,work,resource binding等

          6)創建webhook

          7)部署完成后,形成kubeconfig文件$HOME/kube/karmada.config,包含karmada-host和karmada-apiserver兩個context,分別對應支撐karmada控制面運行的host集群,以及karmada控制面本身

        注意:karmada還提供了remote-up-karmada.sh腳本,用以把一個現有的k8s集群加入聯邦。感興趣的讀者可以閱讀karmada項目的readme嘗試

         

        2. karmada控制面構成

        部署karmada完成后,在切換到karmada-host context后,執行kubectl get po --all-namespaces可以得到已經部署的組件列表:

        NAMESPACE NAME READY STATUS RESTARTS AGE karmada-system etcd-0 1/1 Running 0 98m karmada-system karmada-apiserver-75b5dc6fb7-l6hdv 1/1 Running 0 98m karmada-system karmada-controller-manager-7d66968445-nnnpp 1/1 Running 0 98m karmada-system karmada-kube-controller-manager-5456fd756d-sf9xk 1/1 Running 0 98m karmada-system karmada-scheduler-7c8d678979-bgq4f 1/1 Running 0 98m karmada-system karmada-webhook-5bfd9fb89d-msqnw 1/1 Running 0 98m kube-system coredns-f9fd979d6-4bc2l 1/1 Running 0 99m kube-system coredns-f9fd979d6-s7jc6 1/1 Running 0 99m kube-system etcd-karmada-host-control-plane 1/1 Running 0 99m kube-system kindnet-cq6kv 1/1 Running 0 99m kube-system kube-apiserver-karmada-host-control-plane 1/1 Running 0 99m kube-system kube-controller-manager-karmada-host-control-plane 1/1 Running 0 99m kube-system kube-proxy-ld9t8 1/1 Running 0 99m kube-system kube-scheduler-karmada-host-control-plane 1/1 Running 0 99m local-path-storage local-path-provisioner-78776bfc44-d9fvv 1/1 Running 0 99m

        可以看到部署在兩個namespace中的兩個k8s控制面:

        • karmada-host context對應的控制面運行在kube-system namespace中,用來運行管理karmada控制面,是個由kind啟動的標準的k8s管理節點。
        • karmada-apiserver context對應的控制面運行在karmada-system namespace中,是karmada控制面,也就是karmada readme中提到的host集群。它由local-up-karmada.sh腳本部署到karmada-host集群中。該控制面重用了k8s的兩個組件:kube-apiserverkube-controllermanager以及etcd,其他3個為karmada組件,包括kamada-controller-manager、karmada-scheduler、karmada-webhook?
          ?

        前一個k8s集群只是為了支撐karmada控制面的運行。所有后續集群聯邦相關的操作,包括用karmadactl發出的member集群管理請求,以及用kubectl發出的工作負載管理請求都發往karmada控制面。這些請求中創建的API資源也保存在karmada控制面自身的etcd中(對應上面列表中的etcd-0 pod)。

        需要注意的是,雖然karmada控制面重用了部分k8s組件,被重用的kube-controller-mamager通過啟動flag限制其只運行namespace、garbagecollector、serviceaccount-token、serviceaccount這幾個controller,所以當用戶把Deployment等k8s標準資源提交給karmada apiserver時,它們只是被記錄在karmada控制面的etcd中,并在后續同步到member集群中,這些Deployment資源并不會在karmada控制面管理的集群中發生reconcile(如創建pod)。

         

        3. karmada使用

        用戶可以用karmadactl和kubectl兩個cli使用karmada,其中: 

        1.karmadactl用來執行member集群的加入(joint)/離開(unjoin)、標志一個member集群不可調度(cordon)或解除不可調度的標志(uncordon)

        2.kubectl用來向karmada集群提交標準的k8s資源請求,或由karmada定義的CR請求。用以管理karmada集群中的工作負載。

        3.1 使用karmadactl管理member集群

        執行hack/create-cluster.sh member1 $HOME/.kube/karmada.config創建新的集群member1執行kubectl config use-context karmada-apiserver切換到karmada控制面執行karmadactl join member1 --cluster-kubeconfig=$HOME/.kube/karmada.config以push的方式把member1加入karmada集群 

        注意:如果還沒有編譯過karmadactl可執行文件,可以在代碼根目錄執行make karmadactl

        注意:karmada中的host集群和member集群之間的同步方式有push和pull兩種,這里的上手過程采用push的方式,感興趣的讀者可以參考karmada的readme嘗試pull同步方式

        目前karmadactl沒有list member集群的功能,對于已經加入的member集群,可以通過獲取Cluster類型的CR實現:

        kubectl get clusters

        得到輸出為:

        NAME VERSION MODE READY AGE member1 v1.19.1 Push True 88s

        上面的create-cluster.sh腳本默認創建最新版的k8s集群,為了避免再次拉下一個大鏡像,可以修改create-cluster.sh腳本,為kind create cluster命令加上--image="kindest/node:v1.19.1"參數

        3.2 使用kubectl管理工作負載

        karmada代碼里自帶一個nginx應用可以用來體驗基于karmada的分布式工作負載管理:

        1.執行kubectl config use-context karmada-apiserver切換到karmada控制面

        2.執行kubectl create -f samples/nginx/deployment.yaml創建deployment資源?
        ?如前面所述,由于kamada控制面沒有部署deployment controller,nginx不會在karmada控制面所在集群跑起來,而是僅僅保存在etcd里?
        ?這時候如果去member1集群查看pod資源的情況,可以發現nginx也沒有在member1集群中運行起來

        3.執行kubectl create -f samples/nginx/propagationpolicy.yaml,定義如下的propgation policy:

        apiVersion: policy.karmada.io/v1alpha1 kind: PropagationPolicy metadata: name: nginx-propagation spec: resourceSelectors: - apiVersion: apps/v1 kind: Deployment name: nginx placement: clusterAffinity: clusterNames: - member1

        這個progation policy將之前部署的nginx deployment資源(由resourceSelectors指定)同步到member1集群(由placement指定)中。

        這時不用切換到member1 context,對karmada控制面執行kubectl get deploy可以看到名叫nginx的deployment已經正常運行: 

        NAME READY UP-TO-DATE AVAILABLE AGE nginx 1/1 1 1 21m

        上述結果說明karmada有能力從member集群同步工作負載狀態到host集群。作為驗證,我們可以切換到member1集群,執行kubectl get po可以看到deployment對應的nginx pod已經在member1集群內正常運行: 

        NAME READY STATUS RESTARTS AGE nginx-6799fc88d8-7tgmb 1/1 Running 0 8m27s

         

        4. 結尾并非結束

        Gartner的一份研究報告中,公有云用戶有81%都采用了多云架構。近年來蓬勃發展的云原生社區對多云挑戰給也幾次給出自己的思考和解決方案,遠有CNCF社區sig multicluster提出的Federation v1和v2,近有華為開源的karmada以及Red Hat開源的Open Cluster Management(OCM)。雖然尚未在API層面達成一致,但各開源項目都在吸取前人的經驗教訓的基礎上優化演進。百家爭鳴而非閉門造車,這正是開源的魅力所在。

        后續我們會對karmada項目進行更為深入的分析。

        添加評論
        諧云
        2024年03月02日
        添加回復
        回復:Hi, i think that i saw you visited my site thus i came to “return the favor”.I'm trying to find things to enhance my site!I suppose its ok to use some of your ideas!!
        添加回復
        回復:This information is invaluable. Where can I find out more?
        添加回復
        回復:Wonderful blog! Do you have any suggestions for aspiring writers? I'm hoping to start my own website soon but I'm a little lost on everything. Would you suggest starting with a free platform like Wordpress or go for a paid option? There are so many choices out there that I'm completely confused .. Any ideas? Many thanks!
        添加回復
        回復:Thanks on your marvelous posting! I quite enjoyed reading it, you are a great author. I will always bookmark your blog and will come back very soon. I want to encourage you to definitely continue your great posts, have a nice weekend!
        添加回復
        回復:I'm impressed, I have to admit. Rarely do I encounter a blog that's both educative and entertaining, and let me tell you, you have hit the nail on the head. The issue is an issue that too few folks are speaking intelligently about. Now i'm very happy that I came across this in my hunt for something relating to this.
        添加回復
        回復:Having read this I believed it was very enlightening. I appreciate you taking the time and energy to put this article together. I once again find myself spending a significant amount of time both reading and posting comments. But so what, it was still worthwhile!
        添加回復
        回復:Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point. You definitely know what youre talking about, why throw away your intelligence on just posting videos to your blog when you could be giving us something informative to read?
        添加回復
        回復:Every weekend i used to pay a quick visit this site, because i want enjoyment, for the reason that this this web page conations really good funny information too.
        添加回復
        回復:Terrific article! This is the kind of info that are meant to be shared across the web. Shame on Google for now not positioning this publish higher! Come on over and talk over with my website . Thanks =)
        添加回復
        回復:This website was... how do I say it? Relevant!! Finally I have found something which helped me. Kudos!
        添加回復
        回復:Its not my first time to visit this website, i am visiting this site dailly and take nice data from here everyday.
        添加回復
        回復:Hi there every one, here every person is sharing such know-how, so it's good to read this website, and I used to pay a visit this website everyday.
        添加回復
        回復:fantastic points altogether, you simply received a brand new reader. What may you recommend about your put up that you simply made some days ago? Any positive?
        添加回復
        回復:I am really loving the theme/design of your site. Do you ever run into any internet browser compatibility issues? A handful of my blog readers have complained about my website not working correctly in Explorer but looks great in Opera. Do you have any suggestions to help fix this problem?
        添加回復
        回復:If you wish for to get a great deal from this post then you have to apply these methods to your won website.
        添加回復
        回復:Hi there! This is my 1st comment here so I just wanted to give a quick shout out and tell you I genuinely enjoy reading your articles. Can you suggest any other blogs/websites/forums that go over the same topics? Thanks a ton!
        添加回復
        回復:Your style is really unique in comparison to other people I have read stuff from. Many thanks for posting when you've got the opportunity, Guess I'll just bookmark this site.
        添加回復
        回復:I read this piece of writing fully regarding the difference of most up-to-date and preceding technologies, it's amazing article.
        添加回復
        回復:Hey I know this is off topic but I was wondering if you knew of any widgets I could add to my blog that automatically tweet my newest twitter updates. I've been looking for a plug-in like this for quite some time and was hoping maybe you would have some experience with something like this. Please let me know if you run into anything. I truly enjoy reading your blog and I look forward to your new updates.
        添加回復
        回復:Good day I am so thrilled I found your blog, I really found you by mistake, while I was searching on Bing for something else, Anyways I am here now and would just like to say thanks a lot for a fantastic post and a all round interesting blog (I also love the theme/design), I don’t have time to go through it all at the minute but I have bookmarked it and also added in your RSS feeds, so when I have time I will be back to read more, Please do keep up the awesome work.
        添加回復
        回復:You could certainly see your skills in the work you write. The world hopes for more passionate writers like you who aren't afraid to say how they believe. All the time follow your heart.
        添加回復
        回復:Hi there! Someone in my Myspace group shared this website with us so I came to take a look. I'm definitely loving the information. I'm bookmarking and will be tweeting this to my followers! Exceptional blog and great design.
        添加回復
        回復:My brother suggested I might like this blog. He was totally right. This post truly made my day. You can not imagine just how much time I had spent for this information! Thanks!
        添加回復
        諧云
        2024年03月02日
        添加回復
        諧云 CpjJwWHV
        2024年03月02日
        555
        添加回復
        gBqsPxAZ回復CpjJwWHV:555
        添加回復
        gBqsPxAZ回復CpjJwWHV:555
        添加回復
        gBqsPxAZ回復CpjJwWHV:555
        添加回復
        gBqsPxAZ回復CpjJwWHV:555
        添加回復
        回復CpjJwWHV:
        添加回復
        回復CpjJwWHV:
        添加回復
        諧云 CpjJwWHV
        2024年03月02日
        555
        添加回復
        gBqsPxAZ回復CpjJwWHV:555
        添加回復
        gBqsPxAZ回復CpjJwWHV:555
        添加回復
        gBqsPxAZ回復CpjJwWHV:555
        添加回復
        gBqsPxAZ回復CpjJwWHV:555
        添加回復
        回復CpjJwWHV:
        添加回復
        回復CpjJwWHV:
        添加回復
        回復CpjJwWHV:
        添加回復
        回復CpjJwWHV:
        添加回復
        回復CpjJwWHV:
        添加回復
        申請合作咨詢
        您可以通過此表單填寫您的合作意向,我們將會盡快與您取得聯系!
        或撥打電話0571-87607309
        *姓名:
        *手機:
        *郵箱:
        備注:
        備注:
        登錄
        登錄
        注冊賬號 忘記密碼
        注冊
        {{ code.btn }}
        注冊
        立即登錄 忘記密碼?
        忘記密碼
        {{ code.btn }}
        確定
        立即登錄 忘記密碼?
        立即咨詢
        欧美一级a人与免费2019|99久热精品免费观看动漫官网|久久久久国色av免费看|免费A片短视频在线观看国产