容器云平台在企业中的运维管理和场景实践.pptx

1、容器云平台在企业中的运维管理及场景实践AgendaWhy Enterprise need Private PaaS?What Enterprise Cares about Network Storage CI/CD Application Package and Deployment Configuration Management Secret Data High Availability How to Manage Your PaaSWhy Enterprise Need Private PaaS?Cloud Enablement of Existingand New Applicatio

2、nsHybrid CloudPrivate Cloud StrategyMicroservices and APIsRequirements for Private PaaS?Data layer separationEase of deployment and managementIntegration with Legacy SystemsExtensibilityPortability through StandardsWhat Enterprise Cares about?NetworkStorageCI/CDApplication Package and DeploymentConf

3、iguration ManagementSecret DataMonitor and AlertHigh AvailabilityNetwork-Flannel2379 TCP443 TCPNodeNodeWebAppProxy10250 TCP8285/8742 UDPFirewallNodeNodeNodeTenxCloud容器云平台Master8285/8742 UDPFirewallDBNodeNode2379 TCP443 TCP10250 TCPNetwork-Docker BridgeHostHostDocker Container172.17.0.1/16Docker Cont

4、ainerDocker Container172.17.0.1/16Docker Container172.17.0.1216172.17.0.1216eth0eth0eth0eth0veth*veth*veth*veth*docker0 172.17.42.1/16docker0 172.17.42.1/16iptable NAT ruleiptable NAT ruleeth0eth0ProxyNetwork-CalicoPVLANHost2Host1containercontainercontainercalixxcalixxxcontainercontainercontainercal

5、ixxxcalixxxcalixxxcalixxxCalico Settings in EtcdCalico/Etcd/Global policyHost2PVLANHost2containercontainercontainercontainercontainercontainercontainercontainercontainercontainercontainercontainerContainers in samI seon laatm edesG pra oc ue pwillStorage-Extensible Volume SupportKubernetes ClusterNo

6、deCNodeCNodeC Easy to add customizedplugin to use otherCCCCCCCCCstorage backend followingvolume interfaceVarious volume pluginsShared VolumeUnshared Volume nfs emptyDir hostPath glusterfs flocker hostPath gcePersistentDisk awsElasticBlockStore iscsi cephfs secret rbd vsphereVirtualDisk azureFileVolu

7、meStorage-Add your volume plugin1.Register in kubelet entrykubelet/app/plugins.goallPlugins=append(allPlugins,customizedPlugin.ProbeVolumePlugins().)2.Implement it in the package below:pkg/volume/,interface can refer to volume.go ProbeVolumePlugins Init CanSupport SetUp TearDown 3.Update API SpecCI/

8、CD-TypicalDevelopment Env.1Testing Env.Production Env.Auto/ManualCreate/UpgradeDev/Test EnvCode analysis,UT coverage234Rolling upgradeCompileProjectBuild dockerImagesGitlabDeploymentService6ManualApprove5DeploymentServiceSonarQubeShare filesSync Release Ready ImagesDev.Docker RegistryPro.Docker Regi

9、stryManage、Monitor PlatformOperationCI/CD-Example13tenxcloud/tomcat-base:8.0ADD*.war/tomcat/webapps/Share war files to final imageCompile togenerate war filesitil.waronecmdb-itil-1.4.0.waronecmdb-modeller.warROOT.warNo source code in final imagesOnly compiled code2Application Package and DeploymentC

10、ommon Deployment ApproachDeploy using Pod Orchestration ApproachFROM tomcat:8.0Add v1.war/tomcat/webappsFROM tomcat:7.0Add v1.war/tomcat/webappsuser_app:v1tomcat:8.0FROM tomcat:8.0Add v2.war/tomcat/webappsFROM tomcat:7.0Add v2.war/tomcat/webappsuser_app:v2tomcat:7.0FROM tomcat:8.0Add v3.war/tomcat/w

11、ebappsFROM tomcat:7.0Add v3.war/tomcat/webappsuser_app:v3M*N number of imagesM+N number of imagesCI/CD-Example13tenxcloud/busyboxADD*.war/app_dirShare war files to final imageCompile togenerate war filesitil.waronecmdb-itil-1.4.0.waronecmdb-modeller.warROOT.warNo source code in final imagesOnly comp

12、iled code2Configuration ManagementCentralized and cluster level configurationmanagementCluster(Features：ConfigMap Decouple config from image content Support environment variables,command-line arguments or as avolume Update associated application nodeautomatically with new config onceupdatedSecret Da

13、tasecretsUsing secretsContainerContainerPodPodsecretsVolume or EnvSecret Datasecretskubeletkube-apiserverPrivate RegistryHigh Availability12NodeNodeNodeNode faultOut of diskOOMNo responseApplication will be migrated to other nodeApplication will be restarted on the same node43Proxyk8sEtcd-Masterssto

14、rage layerNodeNodeMaster HANo responseNo response56Multiple zones HAFederation clustersApplication will be removed from endpoints of proxyAgendaWhy Enterprise need Private PaaS?What Enterprise Cares about Network Storage CI/CD Application Package and Deployment Configuration Management Secret Data M

15、onitor and Alert High Availability How to Manage Your PaaSMonitor and Alert Platform CPU Kubernete Cluster-Components Memory Disk Node Service QPSNode Problem Detector A DaemonSet detects node problems and reports them to APIServer.Event Notify to API serverNodeApiServerNode Problem DetectorNodeCond

16、itionOperationKUBECTLKOPS DebugClusters operation tool kubectl create/get/describe/delete kops create cluster kops update cluster kops get cluster(type name)namespace=Node maintenance kubectl drain/uncordon kubectl patch kops delete cluster kubectl patch(type name)-p PATCH Resource annotation kubect

17、l annotate(type name)key=value kubectl label kubectl annotate(type name)key=valueUpgradev0.17.xv1beta3 Kubernetes Version Definition X.Y.Z:X=major,Y=minor,Z=patch API vXbetaYv0.19.xBoth v1beta3 and v1 UpgradeUpgrade from 1.x to any other 1.xEtcdupdate-storage-objectsrelease as rolling upgradeUpdate-Master first and then each nodev1.xRun latest patch releases of a givenminor releasev1Upgrade more than two minorreleases at a timeNo hard breaking changesover version boundariesThanks!