The most complete knowledge map that k8s learners can’t miss (including 58 knowledge point links)

Time:2019-11-4

The most complete knowledge map that k8s learners can't miss (including 58 knowledge point links)
Author: Alibaba server development technology expert

Guide readingKubernetes, as the “operating system” in the cloud native era, is a necessary skill for every user to be familiar with and use it. This article outlines the knowledge map of kubernetes, which is a container service. Some contents refer to the knowledge map on the Internet to help users better understand the knowledge of k8s.

Summary

The kubernetes knowledge map of container service, some of which refer to the online knowledge map, is more integrated with Alibaba cloud container service.
The most complete knowledge map that k8s learners can't miss (including 58 knowledge point links)
Original by Yang Chuansheng
Original image link address: https://www.processon.com/vie

Knowledge links and notes

Docker principle

  • KVM–> ECS

https://blog.csdn.net/weixin_…

  • Network tunnel technology — > VPC

https://blog.csdn.net/wangjia…

  • NameSpace

https://blog.csdn.net/a352193…
Note: the technical means used to realize “isolation” in Linux container: namespace, namespace technology actually modifies the scope of the application process to view the whole computer. Its access scope is limited by the operating system, and only certain specified content can be “seen”.

  • CGroup

https://blog.csdn.net/wudongx…
Note: Linux control group. Its main function is to limit the upper limit of resources that a process group can use, including CPU, memory, disk, network bandwidth, etc.

  • RootFS(Union FS)

https://coolshell.cn/articles…
Note: rootfs is just a file, configuration and directory contained in an operating system, not including the operating system kernel. In the Linux operating system, the two parts are stored separately. The operating system will only load the specified version of the kernel image when it starts.

  • windows 2019

Note: Windows Server 2019 starts to support namespace

Container service deployment

  • Docker Desktop

https://www.docker.com/produc…
Note: it is highly recommended to install this software on MAC as a learning tool

  • kubernetes

http://docs.kubernetes.org.cn/
Note: kubernetes cluster, aliyun container service support

  • DashBoard

https://kubernetes.io/docs/ta…
Note: kubernetes cluster GUI management tool, container service console integrates the application and expands

  • EasyPack

https://github.com/liumiaocn/…
Note: a batch of script collections for deploying kubernetes and other clusters

  • minikube

https://kubernetes.io/docs/ta… 
Note: Mini New k8s

Tool components

  • kubectl

http://docs.kubernetes.org.cn…
Note: kubectl is a management tool for running kubernetes cluster command

  • kubeadm

https://kubernetes.io/docs/re…
Note: Official tools for quick installation and configuration of kubernetes cluster

  • Helm

Note: similar to rpm, yum, k8s is a tool for installing components (package: Chart)

  • APP Hub

https://developer.aliyun.com/hub
Note: in the open cloud native application center, all the default helm charts (helm format applications) are regularly synchronized from the helm hub North America official station and hosted on GitHub. In this process, cloud native application center will automatically “localize” all the charts synchronized.

  • CFSSL

https://github.com/cloudflare…
Note: cfssl is an open-source PKI / TLS tool, commonly used in k8s certificate production

  • Aliyun private image warehouse

https://cr.console.aliyun.com… 
Note: for the launched image warehouse, enterprise version is recommended

  • Cloud effect configuration image warehouse

https://cn.aliyun.com/product…
Note: cloud effect enterprise settings, configuration supports pulling images from Alibaba cloud private image warehouse

  • Harbor image warehouse

https://goharbor.io
Note: open source and free enterprise level registry server for storing and distributing docker images

assembly

  • kube-apiserver(Master)

https://kubernetes.io/docs/re…
Note: a layer of official default API server (static POD) encapsulated on the generic server

  • etcd(Master)

https://etcd.io
Note: class ZK starts the process based on the implementation of raft protocol

  • Kube-scheduler(Master)

https://kubernetes.io/docs/re…
Note: responsible for the distribution of pod to the scheduler on node (static POD)

  • kube-controller-manager(Master)

https://kubernetes.io/docs/re…
Note: controller (static POD) of basic objects such as deployment

  • cloud-controller-manager(Master)

https://kubernetes.io/docs/re…
Note: the controller for the use of cloud resources is the controller for the integration of cloud services (daemonset)

  • kubelet(Node)

https://kubernetes.io/docs/re…
Note: communicate with the master to manage the life cycle of the worker (node)

  • kube-proxy(Node)

https://kubernetes.io/docs/re…
Note: network agent (daemonset) running on node

  • containner runtime(Node)

Note: CRI interface

  • DNS

https://kubernetes.io/docs/co…
Note: coredns (deployment) is adopted for aliyun container service

  • Ingress controller

https://kubernetes.io/docs/co…
Note: aliyun container service uses nginx ingress controller, which can be used as the unified deployment of HTTPS service

  • Heapster & influxdb 

Note: time series database (deployment) for monitoring data collection and storage

  • Federation

https://kubernetes.io/docs/co…
Note: cluster alliance, high availability, synchronous resources, etc

  • kube-flannel

Note: the official network plug-in, aliyun also provides its own Terway component (daemonset)

  • logtail

https://help.aliyun.com/docum…
Note: aliyun log collection component (daemonset)

Base object

  • POD

http://docs.kubernetes.org.cn…
Container group, basic unit of running application container, kubectl get pods

  • Node

Http://docs.kubernetes.org.cn… Working node in kubernetes.

  • NameSpace

http://docs.kubernetes.org.cn…
Note: used to distinguish and isolate applications

  • Deployement

http://docs.kubernetes.org.cn…
Note: stateless deployment, the most commonly used deployment configuration

  • Daemonset

https://kubernetes.io/docs/co…
Note: similar to Daemons

  • StatefulSet

http://docs.kubernetes.org.cn…
Note: stateful deployment

  • Job & CronJob

https://kubernetes.io/docs/co…
Note: scheduling tasks

  • Static POD

https://kubernetes.io/docs/ta…
Note: static pod configuration, yaml in master

  • HPA

https://kubernetes.io/docs/ta…
Note: horizontal expansion scheduler

  • Service

https://kubernetes.io/docs/co…
Note: service exposure configuration, including cluster, nodeport, SLB, etc

  • Ingress

https://www.kubernetes.org.cn…
Note: routing, Alibaba cloud provides nginx ingress by default

  • Secret

https://kubernetes.io/docs/co…
Note: confidential dictionary, including TLS, private warehouse key and opaque

  • ServiceAccount

https://kubernetes.io/docs/re…
Note: account used for resource object, such as granting a private image access to a namespace

  • RBAC

https://kubernetes.io/docs/re…
Note: k8s role based access control, role, rolebinding

  • Volume

https://kubernetes.io/docs/co…
Note: Map disk

  • Storge Class

https://kubernetes.io/docs/co…

  • CustomResourceDefinition

Note: custom extended resources

Plug-in extension

  • CNI(Falnnel/Terway)

https://kubernetes.io/docs/co…
Note: container network interface

  • FlexVolume

https://github.com/fstab/cifs
Note: the open source volume implementation plug-in is in use by Alibaba cloud

  • Cloud Provider

Note: cloud service supply interface

Container service optimization – Best Practices

  • Master selection and disk specifications

[1] https://yq.aliyun.com/article…
[2] https://yq.aliyun.com/article…

  • Network selection

https://yq.aliyun.com/article…

  • Worker node selection

https://yq.aliyun.com/article…

  • Progress controller independent deployment
  • Master distribution

https://help.aliyun.com/docum…

  • Node configuration change or restart, removal, addition
  • Basic image development
  • Combination of service and SLB
  • Cluster audit

https://help.aliyun.com/docum…

  • Deployment implementation batch release
  • Statefullset batch release

https://yq.aliyun.com/article…

  • Set permissions according to application on Fortress

https://yq.aliyun.com/article…

  • Pod evenly distributed deployment

https://yq.aliyun.com/article…

  • Application elegant offline, elegant exit
  • API server access
  • Monitor

Service governance

  • Istio

https://istio.io
Note: currently the most popular grid service architecture, supported by aliyun

  • Linkerd

https://linkerd.io/2/overview/
Note: the first product of grid service company

  • Cloud effect

https://www.aliyun.com/produc…
Note: CI / CD produced on Alibaba cloud supporting k8s container service

  • Jenkins

https://jenkins.io/zh/
Note: famous and most commonly used CI / CD product, container service is installed by one key

Cloud native technology open course
https://edu.aliyun.com/roadma…
Note: Alibaba cloud and CNCF (cloud native Computing Foundation) jointly developed this set of cloud native technology open course, which is free in the whole course!

“This article is reproduced from Alibaba cloud developer community”
Original link:
https://developer.aliyun.com/…