calico: calico提供了多种部署方式,ipip,node-to-node BGP mesh,global/node specific 需要根据你的依赖网络环境来决定如何部署。 ipip: calico 会在每个node之间配置一个ip tunnel来转发package node-to-node BGP mesh: 每个节点利用bird建立bgp peer关系,节点通过路由表来转发packag(官方推荐是小于50个节点) 要看的几篇文章: https://docs.projectcalico.org/v3.1/reference/architecture/ https://docs.projectcalico.org/v3.1/reference/architecture/components https://docs.projectcalico.org/v3.1/reference/architecture/data-path https://docs.projectcalico.org/v3.1/reference/private-cloud/l2-interconnect-fabric https://docs.projectcalico.org/v3.1/reference/private-cloud/l3-interconnect-fabric 简单测试数据 [ 6] 0.0-10.0 sec 1.07 GBytes 920 Mbits/sec [ 5] 0.0-10.0 sec 1.09 GBytes 937 Mbits/sec flannel vxlan backend: work in kernel space udp backend: work in userspace docker0 — flanel0(tun) — flanneld https://blog.laputa.io/kubernetes-flannel-networking-6a1cb1f8ec7c https://docs.openshift.com/container-platform/3.10/architecture/networking/network_plugins.html vxlan https://www.slideshare.net/enakai/how-vxlan-works-on-linux https://events.static.linuxfound.org/sites/events/files/slides/2013-linuxcon.pdf WEAVE NET FastDataPath: kernel space sleeve: userspace 特点 Virtual Ethernet Switch Weave Net creates a virtual network that connects Docker containers deployed across multiple hosts.

Continue reading

Kubernetes-local-perisistent-storage 最近苦于公司没有上ceph、gluster、nfs这些volume provider,用了很久的hostpath+nodeselector,但是二者组合的方式对于部署statefulset的应用来说,很不方便,kubecon上有关于local-perisistent-storage这块的介绍吸引了我们来试试这个local volume的威力。 首先,我们来看一下文档 1、local volume的介绍(https://kubernetes.io/docs/concepts/storage/volumes/#local) 2、github:(https://github.com/kubernetes-incubator/external-storage/tree/master/local-volume) 仔细阅读了这两篇文章之后,我们来做个实验。 环境: kubernets 1.9.3 step1: api-server, controller-manager, scheduler, and all kubelets 开启 feature-gates的功能: --feature-gates=PersistentLocalVolumes=true,VolumeScheduling=true,MountPropagation=true step2: Creating a StorageClass: $ cat local-storage.yaml # Only create this for K8s 1.9+ apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: local-storage provisioner: kubernetes.io/no-provisioner volumeBindingMode: WaitForFirstConsumer step3: Manually create local persistent volume #文档中提供了一个 local volume static provisioner ,大概的功能就是 自动将你定义的path里的子文件夹 创建成 persistent volume #这里没有使用这种方式,而是选择了手动创建。 这里一定要关注一下 pv的 accessModes persistentVolumeReclaimPolicy 这两个参数,理解他们的意思。

Continue reading

kubectl explain

kubectl explain 之前很头疼kubernets的yaml文件怎么写,后天发现其实如果你装好了了kubectl你就随时随地的可以找到配置文件怎么写,kubectl explain 搭配 kubernetes官网API文档,yaml配置层级很清晰。 # kubectl explain -h kubectl explain secrets kubectl explain secrets --recursive DESCRIPTION: Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes. FIELDS: apiVersion <string> data <map[string]string> kind <string> metadata <Object> annotations <map[string]string> clusterName <string> creationTimestamp <string> deletionGracePeriodSeconds <integer> deletionTimestamp <string> finalizers <[]string> generateName <string> generation <integer> initializers <Object> pending <[]Object> name <string> result <Object> apiVersion <string> code <integer> details <Object> causes <[]Object> field <string> message <string> reason <string> group <string> kind <string> name <string> retryAfterSeconds <integer> uid <string> kind <string> message <string> metadata <Object> continue <string> resourceVersion <string> selfLink <string> reason <string> status <string> labels <map[string]string> name <string> namespace <string> ownerReferences <[]Object> apiVersion <string> blockOwnerDeletion <boolean> controller <boolean> kind <string> name <string> uid <string> resourceVersion <string> selfLink <string> uid <string> stringData <map[string]string> type <string> 试着在终端敲下这几个命令。(爸爸再也不用担心我写配置了) 额外分享一个工具,看看是什么吧? Registry creds <-> config.

Continue reading

kubernetes install offline step by step 概述: 此文档用于在ubuntu16.04上独立安装kubernetes节点 api-server与kubelet、kube-proxy之间通过tls认证交互 control-manager和scheduler通过api-server在本地暴露的127.0.0.1:8080交互 备注: 未实现HA模式 ,实现HA模式,官方的文档https://kubernetes.io/docs/admin/high-availability/里指明:需要etcd实现集群模式,apiserver是无状态的,在master节点上正常启动,利用云上的lb做负载均衡,感觉dns也行,注意证书问题就可以。,kube-controller-manager,kube-scheduler需要保证同时只有一个实例在work启动加上--leader-elect启动参数。 etcd组件说明: port: 127.0.0.1:2379: listen-client 127.0.0.1:2380: initial-cluster kubelet组件说明: port: 4194: cadvisor-port #cadvisor作为kubernetes一个组件集成在kubelet里 127.0.0.1:10248: localhost healthz endpoint # 10250: Kubelet to server on listen for HTTP and respond to a simple API (underspec’d currently) to submit a new manifest. 10255: The read-only port for the Kubelet to serve on with no authentication/authorization # 只读暴露kubelet里的指标 http://192.168.199.142:10255/stats/summary kube-proxy组件: port: 127.

Continue reading

Raft 初识

the secret lives of data http://thesecretlivesofdata.com/raft/ the Raft Consensus Algorithm https://raft.github.io/ Raft: The raft-the-understandable-distributed-consensus-protocol Distributed Consensus Protocol https://speakerdeck.com/benbjohnson/raft-the-understandable-distributed-consensus-protocol/

Continue reading

minikube install offline step by step 目标: 在没有网络接入的情况下安装minikube。供公司app demo 演示使用环境,建议在网络正常的情况下使用一次minikube,然后在尝试offline的安装。 准备 需要提前下载几个东西: kubectl 的二进制文件 官网下载 放到/usr/local/bin/ 下即可 minikube 的二进制文件 官网下载放到/usr/local/bin/ 下即可 docker的离线安装包 docker 离线安装 minikube要跑起来所需要的docker镜像: gcr.io/google_containers/kubernetes-dashboard-amd64 v1.6.3 gcr.io/google_containers/k8s-dns-sidecar-amd64 1.14.5 gcr.io/google_containers/k8s-dns-kube-dns-amd64 1.14.5 gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64 1.14.5 gcr.io/google-containers/kube-addon-manager v6.4-beta.2 gcr.io/google_containers/pause-amd64 3.0 docker image save 导出tar包,方便随时在离线环境使用 minikue.iso 下载地址:minikube.iso 使用定制参数启动minikube /usr/local/bin/minikube start --vm-driver=none --iso-url file://tmp/minikube-v0.23.5.iso --kubernetes-version v1.7.5 --extra-config=apiserver.Service.NodePortRange=0-60000 完成

Continue reading

leetcode 笔记

总结出一些比较意义的题 好久没有更新自己的博客了,自从3月份跳槽到现在这几个月一直很忙,所以也一直没有时间更新,最近自己也抽空去leetcode刷题,补一补薄弱的环节。就从easy难度的开始刷起,刷完这600多道题。 1. Given an array of integers, every element appears twice except for one. Find that single one. Note: Your algorithm should have a linear runtime complexity. Could you implement it without using extra memory? 我的解法很平常遍历一遍列表给每个元素计数,返回值为1的元素,但是并不符合Note里提到的。于是在大神们的Solutions找到了这个答案:One-line python solution with O(n) time def singleNumber(self, nums): """ :type nums: List[int] :rtype: int """ return reduce(lambda x, y: x ^ y, nums) 第一眼看,什么鬼,x 的 y次方~ 想了半天才明白 相同2个数 异或运算结果就是0 0和任意数 异或运算都是 任意数本身啊。 reduce下这个列表,完美。

Continue reading

Author's picture

zhoulouzi

KEEP FOCUS AND CARRY ON

Dev ops

China Beijing