Architecture

Architecture Diagram

Non-Prod Environment

Prod Environment

Cluster Networking

Kubernetes supports for third-party netwroking the cluster via CNI plugin. for more infromation, please see Cluster Networking.

According to this chinese blog, Principles and Solutions of Kubernetes Networking from Yourongyun the three top of CNI providers for kubernetes cluster based on VMs are Project CalicoFlannel, Weave Net.

And also, here is comparison of variable networking solutions, https://github.com/xelatex/homepage/blob/master/source/_posts/Battlefield-Calico-Flannel-Weave-and-Docker-Overlay-Network.md

If just only considering performance, Project Calico should be perferred.

Container Repository

Two options as follows,

Option 1, Private Repository, such as Harbor.

Option 2, Repositories from Cloud Providers, such as AWS ECR.

Setup

We can refer to Picking the Right Solution in Kubernetes offical document to select a setup solution. Considering our goal of building a kuberletes platform based on VMs in our on-premises data center.

Minikube For Dev Env

Minikube can be engaed to create a kubernets development in a local local single machine.

For more information about Minikube, please read Running Kubernetes Locally via Minikube.

Kubeadm For Non-Prod Env

Using Kubeadm, we can build a kubernetes cluster for non-prod environment, which runs master key components as containers.

For more Kubeadm information, please see Using kubeadm to Create a Cluster.

Other IaaC For Prod Env

For creating a kubernetes cluster on VMs for Prod Env, We need to a infrastructure automation tool, such as Ansible, to have this done.

Here is a reference of Creating Kubernets Cluster via Ansible

Devops

CI/CD

Source Code Management

For small and agile web projects, such SaaS applications, considering adopting GitHub Flow. For more information, please refer to GitHub Flow.

For desk or client applications, such PC desk application, ISO/Android App, or being different time windows for delivery and release of applications, considering GitLab Flow. For more information please refer to Gitlab Flow.

PipeLine

Monitoring

Dashboard

Using Kubernetes Dashboard as Web-based UI for Kubernets clusters to manage the cluster itself along with its attendant resources.

For more information, please see Web-UI(Dashboard).

Metrics

Here is official suggested solution as follows. For more informaton, please see Tools for Monitoring Compute, Storage, and Network Resources

Grafana + Heapster / Prometheus + cAdvisor + InfluxDB

Heapster as a metircs aggregator and processor

InfluxDB time series database for storage

Grafana as a dashboarding and alerting solution

cAdvisor has been built in Kubelet, which collects host metrics like CPU, disk space, and memory utilization, in addition to container metrics.

And also, here is a practical example, How to Utilize the “Heapster + InfluxDB + Grafana” Stack in Kubernetes for Monitoring Pods.

Logging

ELK

APM

zipkin

pinpoint

Security

Pod Service Account

For more information, please see the User Guide to Service Accounts.

Pod Security Policy

For more information, please see Pod Security Policies

Auth

Authentication

For more information, please see Authenticating

Support SSO integration, such as SAML,AD OpenID, Auth2?

Authenrization

For more information, please see https://kubernetes.io/docs/admin/authorization/

ABAC/RBAC

Multi-Tenancy

Hypernetes

For more information, please see Hypernetes: Bringing Security and Multi-tenancy to Kubernetes

Application Architecture

Microservice

Here is a chinese blog about how to select open source tools for building a micorservice.

https://mp.weixin.qq.com/s/bsuveX-E6E2fKZ24mj03nQ

Servcie Mesh

Linkerd

Envoy

Istio

Training

Knowledge

Kubernets

Document

Kubernetes Handbook (Chinese Version)

ETCD

For more information, please see ETCD Document.

Containter

Docker

For moe information, please see https://docs.docker.com/.

CRI-O

For more information, please see http://cri-o.io/.

OCI

OCI is a container specification named Open Container Initiative, consisting of OCI Runtime Specification and OCI Image Format

Networking

ip/route/iptables/ipvs etc

Container Netwroking

OpenVswitch

CNI - Calico/Flannel

CNM bridge/host/none/(overlay)plugin

Orgnization & People

How To Build Kubernetes Platform (构建Kubernetes平台方案参考)的更多相关文章

  1. 基于Kubernetes/K8S构建Jenkins持续集成平台(下)

    基于Kubernetes/K8S构建Jenkins持续集成平台(下) Jenkins-Master-Slave架构图回顾: 安装和配置NFS NFS简介 NFS(Network File System ...

  2. 基于Kubernetes/K8S构建Jenkins持续集成平台(上)-1

    基于Kubernetes/K8S构建Jenkins持续集成平台(上)-1 Jenkins的Master-Slave分布式构建 什么是Master-Slave分布式构建 Jenkins的Master-S ...

  3. 基于Kubernetes/K8S构建Jenkins持续集成平台(上)-2

    基于Kubernetes/K8S构建Jenkins持续集成平台(上)-2 Kubernetes实现Master-Slave分布式构建方案 传统Jenkins的Master-Slave方案的缺陷 Mas ...

  4. 基于Docker&Kubernetes构建PaaS平台基础知识梳理

    点击上方"开源Linux",选择"设为星标" 回复"学习"获取独家整理的学习资料! 基于Docker&Kubernetes构建Paa ...

  5. 通过重新构建Kubernetes来实现更具弹性的容器编排系统

    通过重新构建Kubernetes来实现更具弹性的容器编排系统 译自:rearchitecting-kubernetes-for-the-edge 摘要 近年来,kubernetes已经发展为容器编排的 ...

  6. bluemix部署(二)构建kubernetes工作环境

    本文接上篇.在bluemix中构建kubernetes容器. 1.创建集群 左上角的三横,选容器,然后创建集群. 注意区域,免费版,给个名字,创建集群吧. 继续正在部署,这个可能要15-30分钟,真不 ...

  7. Kubernetes+Docker的云平台在CentOS7系统上的安装

    Kubernetes+Docker的云平台在CentOS7系统上的安装 1.运行VirtualBox5. 2.安装CentOS7系统. 注意:选择Basic Server类型 安装过程略. 3.修改计 ...

  8. 使用 Elastic 技术栈构建 Kubernetes全栈监控

    以下我们描述如何使用 Elastic 技术栈来为 Kubernetes 构建监控环境.可观测性的目标是为生产环境提供运维工具来检测服务不可用的情况(比如服务宕机.错误或者响应变慢等),并且保留一些可以 ...

  9. 10分钟搭建Kubernetes容器集群平台【转】

    官方提供3种方式部署Kubernetes minikube Minikube是一个工具,可以在本地快速运行一个单点的Kubernetes,尝试Kubernetes或日常开发的用户使用.不能用于生产环境 ...

随机推荐

  1. javascript之常遇到的浏览器兼容问题和解决方法

    转自http://www.cnblogs.com/duenyang/p/6066737.html 常遇到的关于浏览器的宽高问题: var winW=document.body.clientWidth| ...

  2. python 高性能web框架 gunicorn+gevent

    参考链接: http://rfyiamcool.blog.51cto.com/1030776/1276364/ http://www.cnblogs.com/nanrou/p/7026789.html ...

  3. COCOS2DX场景切换特效

    cocos2d-x 3.0中场景切换特效比较多,而且游戏开发中也经常需要用到这些特效,来使场景切换时不至于那么干巴,遂这里汇总一下,开发中使用. 百牛信息技术bainiu.ltd整理发布于博客园 场景 ...

  4. 【转】[钉钉通知系列]Jenkins发布后自动通知

    转载请注明出处:https://www.cnblogs.com/jianxuanbing/p/7211006.html 阅读目录 一.前言 二.使用钉钉推送的优势 三.配置 一.前言 最近使用Jenk ...

  5. 【旧文章搬运】Idle进程相关的一些东西

    原文发表于百度空间,2009-05-13========================================================================== Idle进 ...

  6. mysql5.7 异常ERROR 1055 (42000)

    大致错误如:ERROR 1055 (42000): Expression #1 of SELECT list is not in GROUP BY clause and contains nonagg ...

  7. 洛谷 - P1739 - 表达式括号匹配 - 模拟 - 栈

    https://www.luogu.org/problemnew/show/P1739 虽然应该是用栈的……但是直接模拟就可以了. #include<bits/stdc++.h> usin ...

  8. HDU4467:Graph(点的度数分块)

    传送门 题意 给出一张n个点m条边的无向图,点的颜色为0/1,每次有两种操作: 1.Asksum x y,查询两点颜色为x和y的边的权值之和 2.Change x,将x颜色取反 分析 最直接的做法是每 ...

  9. python 可迭代对象与迭代器之间的转换

    列表: >>> l = [1, 2, 3, 4] >>> l_iter = iter(l) >>> l_iter <list_iterato ...

  10. 【EXCEL终极总结分享】基于NPOI扩展封装的简易操作工具类库(简单灵活易用,支持导出、导入、上传等常见操作)

    对于EXCEL的导入.导出,我之前已分享过多次,比如: 第一种方案:<我写的一个ExcelHelper通用类,可用于读取或生成数据>这个主要是利用把EXCEL当成一个DB来进行获取数据,导 ...