Pod是Kubernetes中非常重要的概念,也是Kubernetes管理的基本單位。正如其名,Pod像一個豌豆莢,可以容納多個container,擁有相同的IP地址。
Kubernetes使用Pod,不直接使用container。而Container的技術本質是Linux namespace和 cgroup。namespace提供進程間資源的隔離,讓進程自認為擁有獨立的全部資源;而實質上進程是能夠使用多少資源,則由cgroup進行限制。
現在,Pod要容納多個Container,必然要共享資源。前面我們知道,Container想要擁有獨立的資源,對Linux資源進行了拆分,而今因為Pod的提出,又需要將某些資源共享起來,也就是在原來的隔離環境中再整合在一起。
那么,在Pod中如何進行資源的共享呢?
Pod引入了pause容器。
root@k8s:/# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa5d3554b60d 404fc3ab6749 "/opt/bin/flanneld -a|" 27 hours ago Up 27 hours k8s_kube-flannel_kube-flannel-ds-th8cd_kube-system_322a7b3b-01b3-4902-9ac8-f14ed2eecec6_0
f1f6cbfce9c4 registry.aliyuncs.com/google_containers/pause:3.6 "/pause" 27 hours ago Up 27 hours k8s_POD_kube-flannel-ds-th8cd_kube-system_322a7b3b-01b3-4902-9ac8-f14ed2eecec6_0
de1d18ca0405 b46c42588d51 "/usr/local/bin/kubea|" 28 hours ago Up 28 hours k8s_kube-proxy_kube-proxy-9rjpc_kube-system_bd7d444b-20e3-4e4a-ab9e-8af4dce6b47a_0
a60b297d572d registry.aliyuncs.com/google_containers/pause:3.6 "/pause" 28 hours ago Up 28 hours k8s_POD_kube-proxy-9rjpc_kube-system_bd7d444b-20e3-4e4a-ab9e-8af4dce6b47a_0
c14bff92e79b b6d7abedde39 "kube-apiserver --ada|" 28 hours ago Up 28 hours k8s_kube-apiserver_kube-apiserver-master_kube-system_d6f2f822def6f57249e6789960cadda9_0
77fb48469b2b f51846a4fd28 "kube-controller-mana|" 28 hours ago Up 28 hours k8s_kube-controller-manager_kube-controller-manager-master_kube-system_85ff8159d8c894c53981716f8927f187_0
db450e4928f8 25f8c7f3da61 "etcd --advertise-cla|" 28 hours ago Up 28 hours k8s_etcd_etcd-master_kube-system_1d7ec9e1c409f497753e8635eb01ed02_0
00383cb94409 71d575efe628 "kube-scheduler --aua|" 28 hours ago Up 28 hours k8s_kube-scheduler_kube-scheduler-master_kube-system_77a51208064a0e9b17209ee62638dfcd_0
e8f4474d43bf registry.aliyuncs.com/google_containers/pause:3.6 "/pause" 28 hours ago Up 28 hours k8s_POD_kube-controller-manager-master_kube-system_85ff8159d8c894c53981716f8927f187_0
ba10a2d6709f registry.aliyuncs.com/google_containers/pause:3.6 "/pause" 28 hours ago Up 28 hours k8s_POD_etcd-master_kube-system_1d7ec9e1c409f497753e8635eb01ed02_0
c1250096678e registry.aliyuncs.com/google_containers/pause:3.6 "/pause" 28 hours ago Up 28 hours k8s_POD_kube-apiserver-master_kube-system_d6f2f822def6f57249e6789960cadda9_0
06a9cd375a35 registry.aliyuncs.com/google_containers/pause:3.6 "/pause" 28 hours ago Up 28 hours k8s_POD_kube-scheduler-master_kube-system_77a51208064a0e9b17209ee62638dfcd_0
root@k8s:/# ps -el | grep pause
4 S 65535 16718 16694 0 80 0 - 242 pause ? 00:00:00 pause
4 S 65535 16824 16761 0 80 0 - 242 pause ? 00:00:00 pause
4 S 65535 16864 16773 0 80 0 - 242 pause ? 00:00:00 pause
4 S 65535 16874 16762 0 80 0 - 242 pause ? 00:00:00 pause
4 S 65535 17580 17551 0 80 0 - 242 pause ? 00:00:00 pause
4 S 65535 20614 20588 0 80 0 - 242 pause ? 00:00:00 pause
Kubernetes官方給出的Pause容器的解釋是:
it's part of the infrastructure. This container is started first in all Pods to setup the network for the Pod.
也就是pause容器作為基礎設施,在Pod中會第一個啟動,以提供Pod的網絡共享空間。
后續的容器則以“加入”的方式,共享該Pod資源。
講述Pod比較清晰的文章:
What even is a container: namespaces and cgroups
https://jvns.ca/blog/2016/10/10/what-even-is-a-container/
What are Kubernetes Pods Anyway?
https://www.ianlewis.org/en/what-are-kubernetes-pods-anyway
The Almighty Pause Container
https://www.ianlewis.org/en/almighty-pause-container
-
ip地址
+關注
關注
0文章
303瀏覽量
17055 -
POD
+關注
關注
0文章
16瀏覽量
6025 -
kubernetes
+關注
關注
0文章
224瀏覽量
8716
發布評論請先 登錄
相關推薦
評論