Worker node是用來部署容器的地方,也就是運行服務的機器,所以每個Node中必備著能夠建置容器的執行環境,像是Docker等。
Worker node當中主要包含著四個部分,Pod、Kubelet、cAdvisor以及kube-Proxy。在本篇章也會詳細介紹這些重要組件。
kubectl get nodes
該command能夠取得當下cluster中所有的nodes
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
gke-my-first-cluster-1-default-pool-dddd2fae-j0k1 Ready <none> 2d18h v1.18.6-gke.3504
gke-my-first-cluster-1-default-pool-dddd2fae-rfl8 Ready <none> 2d18h v1.18.6-gke.3504
gke-my-first-cluster-1-default-pool-dddd2fae-tz38 Ready <none> 2d18h v1.18.6-gke.3504
kubectl describe nodes <node_name>
該command可以取得指定node的詳細資訊,像是labels、annotation、address...等,並概述幾個node info中的key-value所代表意思
$ kubectl describe nodes gke-my-first-cluster-1-default-pool-dddd2fae-j0k1
Name: gke-my-first-cluster-1-default-pool-dddd2fae-j0k1
Roles: <none>
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/instance-type=g1-small
beta.kubernetes.io/os=linux
cloud.google.com/gke-nodepool=default-pool
cloud.google.com/gke-os-distribution=cos
cloud.google.com/machine-family=g1
failure-domain.beta.kubernetes.io/region=asia-east1
failure-domain.beta.kubernetes.io/zone=asia-east1-a
kubernetes.io/arch=amd64
kubernetes.io/hostname=gke-my-first-cluster-1-default-pool-dddd2fae-j0k1
kubernetes.io/os=linux
node.kubernetes.io/instance-type=g1-small
topology.kubernetes.io/region=asia-east1
topology.kubernetes.io/zone=asia-east1-a
Annotations: container.googleapis.com/instance_id: 32495144918220960
node.alpha.kubernetes.io/ttl: 0
node.gke.io/last-applied-node-labels:
cloud.google.com/gke-nodepool=default-pool,cloud.google.com/gke-os-distribution=cos,cloud.google.com/machine-family=g1
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Wed, 23 Sep 2020 20:26:23 +0800
Taints: <none>
Unschedulable: false
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
CorruptDockerOverlay2 False Sat, 26 Sep 2020 14:44:01 +0800 Wed, 23 Sep 2020 20:26:24 +0800 NoCorruptDockerOverlay2 docker overlay2 is functioning properly
FrequentUnregisterNetDevice False Sat, 26 Sep 2020 14:44:01 +0800 Wed, 23 Sep 2020 20:26:24 +0800 NoFrequentUnregisterNetDevice node is functioning properly
FrequentKubeletRestart False Sat, 26 Sep 2020 14:44:01 +0800 Wed, 23 Sep 2020 20:26:24 +0800 NoFrequentKubeletRestart kubelet is functioning properly
FrequentDockerRestart False Sat, 26 Sep 2020 14:44:01 +0800 Wed, 23 Sep 2020 20:26:24 +0800 NoFrequentDockerRestart docker is functioning properly
FrequentContainerdRestart False Sat, 26 Sep 2020 14:44:01 +0800 Wed, 23 Sep 2020 20:26:24 +0800 NoFrequentContainerdRestart containerd is functioning properly
KernelDeadlock False Sat, 26 Sep 2020 14:44:01 +0800 Wed, 23 Sep 2020 20:26:24 +0800 KernelHasNoDeadlock kernel has no deadlock
ReadonlyFilesystem False Sat, 26 Sep 2020 14:44:01 +0800 Wed, 23 Sep 2020 20:26:24 +0800 FilesystemIsNotReadOnly Filesystem is not read-only
NetworkUnavailable False Wed, 23 Sep 2020 20:26:24 +0800 Wed, 23 Sep 2020 20:26:24 +0800 RouteCreated NodeController create implicit route
MemoryPressure False Sat, 26 Sep 2020 14:44:23 +0800 Wed, 23 Sep 2020 20:26:23 +0800 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Sat, 26 Sep 2020 14:44:23 +0800 Wed, 23 Sep 2020 20:26:23 +0800 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Sat, 26 Sep 2020 14:44:23 +0800 Wed, 23 Sep 2020 20:26:23 +0800 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Sat, 26 Sep 2020 14:44:23 +0800 Wed, 23 Sep 2020 20:26:33 +0800 KubeletReady kubelet is posting ready status. AppArmor enabled
Addresses:
InternalIP: 10.140.0.4
ExternalIP: 35.201.206.74
InternalDNS: gke-my-first-cluster-1-default-pool-dddd2fae-j0k1.asia-east1-a.c.oval-compass-290412.internal
Hostname: gke-my-first-cluster-1-default-pool-dddd2fae-j0k1.asia-east1-a.c.oval-compass-290412.internal
Capacity:
attachable-volumes-gce-pd: 15
cpu: 1
ephemeral-storage: 28679952Ki
hugepages-2Mi: 0
memory: 1727548Ki
pods: 110
Allocatable:
attachable-volumes-gce-pd: 15
cpu: 940m
ephemeral-storage: 9251574536
hugepages-2Mi: 0
memory: 1179708Ki
pods: 110
System Info:
Machine ID: 1b0e9c72c5dbfbab01123c602f399416
System UUID: 1b0e9c72-c5db-fbab-0112-3c602f399416
Boot ID: f456cdc3-20d3-406a-9368-738b39a74b19
Kernel Version: 5.4.49+
OS Image: Container-Optimized OS from Google
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://19.3.9
Kubelet Version: v1.18.6-gke.3504
Kube-Proxy Version: v1.18.6-gke.3504
PodCIDR: 10.0.2.0/24
PodCIDRs: 10.0.2.0/24
ProviderID: gce://oval-compass-290412/asia-east1-a/gke-my-first-cluster-1-default-pool-dddd2fae-j0k1
Non-terminated Pods: (4 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE
--------- ---- ------------ ---------- --------------- ------------- ---
kube-system konnectivity-agent-kjnbk 0 (0%) 0 (0%) 30Mi (2%) 30Mi (2%) 2d18h
kube-system kube-dns-56b5cc7c4c-zzxl6 260m (27%) 0 (0%) 110Mi (9%) 210Mi (18%) 2d18h
kube-system kube-proxy-gke-my-first-cluster-1-default-pool-dddd2fae-j0k1 100m (10%) 0 (0%) 0 (0%) 0 (0%) 2d18h
kubernetes-dashboard kubernetes-dashboard-7b544877d5-tth5k 0 (0%) 0 (0%) 0 (0%) 0 (0%) 25m
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 360m (38%) 0 (0%)
memory 140Mi (12%) 240Mi (20%)
ephemeral-storage 0 (0%) 0 (0%)
attachable-volumes-gce-pd 0 0
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning NodeSysctlChange 22m (x12 over 2d18h) sysctl-monitor, gke-my-first-cluster-1-default-pool-dddd2fae-j0k1
Tips: 這些key值與labels都會因為公有雲不同而有所差異。
描述所有運行節點目前的狀態,狀態的描述有以下幾種:
| Node Condition | Description |
|---|---|
| Ready | True表示節點運行狀況良好並準備好接受Pod,False表示節點運行狀況不佳並且不接受Pod,Unknown表示節點控制器最近一次未從節點收到消息node-monitor-grace-period(默認值為40秒) |
| DiskPressure | True表示磁盤容量不足;除此以外False |
| MemoryPressure | True表示節點內存不足; 除此以外False |
| PIDPressure | True表示節點上的Process太多;除此以外False |
| NetworkUnavailable | True表示節點的網絡配置不正確,否則 False |
描述該節點上可用資源最大數量,包含cpu、memory與pods的數量等...。
該節點上各種軟硬體設備的訊息,包含uuid與版本號....等
Pod是在kubernetes當中,能夠創建與運行的最小執行單位,在Pod當中能夠有著一個或多個Containers,並且這些Containers共享著Pod的資源。因為Pod在Kubernetes當中是相當重要的一個component,因此會在下個篇章詳細介紹!
Kubernetes是一個分散式的集群管理系統,在每個worker 上運行一個worker process對node上的Container做周期性管理,而這個worker就是Kubelet。
kubelet有著以下幾個主要功能
cAdvisor是一個worker,並即時性的對該Node上所有的資源與容器進行監測與數據的採集,像是CPU、Memory的用量、網路的流量與Storage的使用量等。cAdvisor集成於Kubelet當中,當使用Kubelet時會自動地啟動cAdvisor。
在kubernetes中,網路是相當重要的一環,那簡單來說每個pod都會有個ip,但pod是經常在發生變化的,每次更新ip位置都會有變。為此kubernetes有個component叫做service,每個service都會有一組固定的虛擬ip(clusterIp),並且自動地綁定某種類型的pod,有點類似某種pod的專用通道,所有對於該類型pod的request都會透過service進行load balance與redirect。為了實現該功能,在每個Node上都會有個Kube-Proxy,得以當作service, api-server與pod間溝通的橋樑。
在未來service的篇章會再與service一起詳述。
在本篇章我們瀏覽的Worker Node的整體架構與初步了解了其中的components,並且初步認識幾個重要的Kubernetes components像是Pod與Service,那在後面的篇章將會為大家延伸並深入認識這些重要components,敬請期待。
https://kubernetes.io/docs/concepts/architecture/nodes/
iThome鐵人賽
看影片追技術