Kubernetes架构
Kubernetes架构
控制平面
控制平面是K8s的大脑,包含API Server、etcd、Scheduler和Controller Manager。
┌─────────────────────────────────────────────┐
│ 控制平面 (Control Plane) │
├─────────────┬─────────────┬─────────────────┤
│ API Server │ etcd │ Scheduler │
├─────────────┼─────────────┼─────────────────┤
│ Controller │ Cloud │ │
│ Manager │ Controller │ │
└─────────────┴─────────────┴─────────────────┘
│
▼
┌─────────────────────────────────────────────┐
│ 数据平面 (Data Plane) │
├─────────────┬─────────────┬─────────────────┤
│ kubelet │ kube-proxy │ Container │
│ │ │ Runtime │
└─────────────┴─────────────┴─────────────────┘
核心组件
# K8s核心组件职责
controlPlane:
apiServer:
description: "集群网关,所有操作的入口"
port: 6443
etcd:
description: "分布式KV存储,保存集群状态"
port: 2379
scheduler:
description: "Pod调度,选择最优节点运行"
controllerManager:
description: "控制循环,维护期望状态"
dataPlane:
kubelet:
description: "节点代理,管理Pod生命周期"
kubeProxy:
description: "网络代理,实现Service负载均衡"
containerRuntime:
description: "容器运行时,如containerd/CRI-O"
Pod生命周期
# Pod配置示例
apiVersion: v1
kind: Pod
metadata:
name: web-app
labels:
app: web
spec:
containers:
- name: nginx
image: nginx:alpine
ports:
- containerPort: 80
resources:
requests:
cpu: "100m"
memory: "128Mi"
limits:
cpu: "500m"
memory: "256Mi"
livenessProbe:
httpGet:
path: /health
port: 80
initialDelaySeconds: 10
periodSeconds: 5
restartPolicy: Always
Deployment与ReplicaSet
# Deployment配置
apiVersion: apps/v1
kind: Deployment
metadata:
name: web-deployment
spec:
replicas: 3
selector:
matchLabels:
app: web
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
template:
metadata:
labels:
app: web
spec:
containers:
- name: web
image: myapp:v1.2.0
命名空间与资源配额
# 命名空间资源限制
apiVersion: v1
kind: Namespace
metadata:
name: production
---
apiVersion: v1
kind: ResourceQuota
metadata:
name: prod-quota
namespace: production
spec:
hard:
requests.cpu: "10"
requests.memory: 20Gi
limits.cpu: "20"
limits.memory: 40Gi
pods: "50"