Kubernetes family container housekeeper pod online Q & A?

Kubernetes Family container housekeeper Pod Answer questions online

I don't know how to study k8s Do my friends have the same questions as me ？

k8s Why not run the container directly , Rather let Pod intervention ？

Pod What is it again? ？ Why is containerization so common k8s To launch Pod Concept ？

Little sunflower Pod Class begins

This article mainly understands a core point , What is? Pod？ Let's not focus on Pod How do you use it? , How to schedule , How to achieve best practices . These issues will continue to be discussed later , I don't know why k8s Want to have Pod Under the circumstances , There is no practical point in delving into best practices first .

I'm sorry -k8s Special field

Pod The official definition of

Pod Yes, you can. Kubernetes Created and managed in 、 The smallest deployable cell .

Pod （ It's like in a whale pod or a pea pod ） It's a group. （ One or more ） Containers

These containers share storage 、 The Internet 、 And how to run these container declarations .

Pod Content in is always juxtaposed （colocated） And dispatch together , Run in a shared context .

Pod What is modeled is application specific “ Logical host ”,

It contains one or more application containers ,

These containers are relatively tightly coupled .

Linux Namespace 、cgroups

*namespace*

Linux namespace Provides a Isolate system resources at the kernel level Methods , By integrating the system Global resources Put it in Different namespace To achieve the purpose of resource isolation .Linux in Isolation mechanism of six types of system resources ：

● Mount: Isolation File system mount point

● UTS: Isolation Host name and domain name information

● IPC: Isolation Interprocess communication

● PID: Isolation Process ID

● NetWork: Isolation Network resources

● User: Isolation Users and user groups ID

cgroups

cgroups Limit a process group The upper limit of resources that can be used , Include CPU, Memory , disk , Network bandwidth, etc , At the same time, you can set the process priority , And suspend and resume the process .

docker From the perspective of understanding Pod

Pod The shared context of includes a set of Linux Namespace 、 Control group （cgroup） And maybe some other isolation aspect , It's used to isolate Docker Container technology . stay Pod In the context of , Each individual application may be further isolated .

Just Docker In terms of concepts ,Pod Similar to a set of shared namespace and file system volumes Docker Containers .

Pod How to coordinate multiple containers in ？

Pod Designed to support the formation of Multiple collaborative processes of cohesive service units （ In the form of a container ）.

Pod Containers in the cluster are automatically scheduled to containers in the cluster On the same physical machine or virtual machine , And can Scheduling together .

Between containers can Shared resources and dependencies 、 Communicate with each other 、 When and how coordination will terminate itself .

for example , You may have a container , Provide... For files in shared volumes Web Server support , And a single “sidecar（ Hanging bucket ）” The container is responsible for updating these files remotely , As shown in the figure below ：

How to understand Pod Shared context ？

One Pod The shared context of is Linux Namespace 、cgroups And other potentially isolated content . stay Pod in , Containers share a IP Address and port space , They can go through localhost Find each other .

stay The same Pod In the container , have access to System V or POSIX The signal Carry out standard Interprocess communication and shared memory .

stay Different Pod In the container , Have Different IP Address , Therefore, it is not possible to communicate directly between processes . Container room usually Use Pod IP Address to communicate .

Pod The context of can be understood as multiple linux Union of namespaces ：

● PID Namespace （ The same Pod Other processes can be seen in the application ）

● The Internet Namespace （ The same Pod For the same IP The address and port have permissions ）

● IPC Namespace （ The same Pod Applications in can be through VPC perhaps POSIX communicate ）

● UTS Namespace （ The same Pod Applications in share a host name ）

《k8s- Enterprise container application hosting 》- Continuous updating

The first paragraph ： know k8s What is it? ？ Recommended reading ： 《 Cloud primordial new era trendsetter k8s Why is it unique in containerization ？》

The second paragraph ： know k8s Members of the family ？ Recommended reading ： 《 Sneak in while colleagues play games k8s A family makes up lessons 》

The third paragraph ： know k8s Container housekeeper Pod？ Recommended reading ： 《Kubernetes Family container housekeeper Pod Answer questions online 》

The fourth paragraph ： To be updated ？ Casual reading is recommended ： 《 I'm sorry 》