Skip to content

Latest commit

 

History

History
34 lines (23 loc) · 2.13 KB

002.md

File metadata and controls

34 lines (23 loc) · 2.13 KB

  • container-based applications that span multi- and hybrid cloud environments, including physical, virtual, private cloud and public cloud platforms

  • CoreOS Inc. also offers the Quay container registry, a Kubernetes distribution known as Tectonic and maintains the etcd key-value store that is core to the operation of the Kubernetes open source container orchestration software.

  • a tiny Linux = Alpine Linux

  • Kube masters (VMs running kube-apiserver) https://kubernetes.io/docs/reference/generated/kube-apiserver/

  • kube-apiservers were reading more than 500MB/s from etcd

  • We set up Prometheus to monitor the apiservers, and also set the --audit-log-path and --audit-log-maxbackup flags to enabled more logging on the apiserver. etcd cluster = the central store of state for the Kube masters.

  • We colocate the kube-apiserver, kube-controller-manager, and kube-scheduler processes on the same machines. For high availability, we always have at least 2 masters, and set the --apiserver-count flag to the number of apiservers we’re running (otherwise Prometheus monitoring can get confused between instances).

  • Our last Docker pull issue was due to the Google Container Registry. By default, kubelet pulls a special image from gcr.io (controlled by the --pod-infra-container-image flag) which is used when starting any new container. If that pull fails for any reason, like exceeding your quota, that node won’t be able to launch any containers. Because our nodes go through a NAT to reach gcr.io rather than having their own public IP, it’s quite likely that we’ll hit this per-IP quota limit. To fix this, we simply preloaded that Docker image in the machine image for our Kubernetes workers by using docker image save -o /opt/preloaded_docker_images.tar and docker image load -i /opt/preloaded_docker_images.tar.

  • Kubernetes Architecture

    • Head Node = the brain
      • API server
      • Scheduler
      • Controller manager
      • Etcd
      • kubelet / docker
    • Worker node
      • kubelet = Kubernetes agent
        • talks to local Docker daemon and API server
      • kube-proxy
      • docker

Created on Jan 30th, 2018 in Evernote