├── practice ├── storage.md ├── opration.md ├── update-and-upgrade.md ├── dns-installation.md ├── nfs.md ├── controller-extended.md ├── glusterfs.md ├── operation.md ├── cephfs.md ├── services-management-tool.md ├── index.md ├── distributed-tracing.md ├── jenkins-ci-cd.md ├── monitoring.md ├── heapster.md └── data-persistence-problem.md ├── manifests ├── charts │ ├── mongodb │ │ ├── .helmignore │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── svc.yaml │ │ │ ├── secrets.yaml │ │ │ ├── pvc.yaml │ │ │ └── _helpers.tpl │ │ └── Chart.yaml │ ├── mean │ │ ├── charts │ │ │ └── mongodb │ │ │ │ ├── .helmignore │ │ │ │ ├── templates │ │ │ │ ├── NOTES.txt │ │ │ │ ├── secrets.yaml │ │ │ │ ├── svc.yaml │ │ │ │ ├── pvc.yaml │ │ │ │ └── _helpers.tpl │ │ │ │ └── Chart.yaml │ │ ├── requirements.yaml │ │ ├── requirements.lock │ │ ├── templates │ │ │ ├── configmap.yaml │ │ │ ├── svc.yaml │ │ │ ├── pvc.yaml │ │ │ └── _helpers.tpl │ │ └── Chart.yaml │ ├── mychart │ │ ├── Chart.yaml │ │ ├── .helmignore │ │ ├── templates │ │ │ ├── service.yaml │ │ │ ├── _helpers.tpl │ │ │ └── deployment.yaml │ │ └── values.yaml │ └── oam-core-resources │ │ ├── .helmignore │ │ ├── templates │ │ └── tests │ │ │ └── test-connection.yaml │ │ └── Chart.yaml ├── mariadb-cluster │ ├── galera-namespace.yaml │ ├── ceph-secret.yaml │ ├── mysql-secret.yaml │ └── ceph-class.yaml ├── prometheus │ ├── prometheus-monitoring-ns.yaml │ ├── prometheus-datasource.json │ ├── prometheus-monitoring-serviceaccount.yaml │ └── import-grafana-dashboard.yaml ├── test │ ├── rolling-update-test │ │ ├── Dockerfile │ │ ├── Makefile │ │ ├── main.go │ │ └── rolling-update-test.yaml │ ├── nginx-pod.yaml │ ├── job.yaml │ ├── cronjob.yaml │ ├── centos.yaml │ ├── my-nginx.yaml │ ├── configmap-test.yaml │ └── web.yaml ├── spark-standalone │ ├── namespace-spark-cluster.yaml │ ├── zeppelin-service.yaml │ ├── spark-ui-proxy-service.yaml │ ├── spark-master-service.yaml │ ├── spark-ingress.yaml │ ├── zeppelin-controller.yaml │ ├── spark-worker-controller.yaml │ ├── spark-master-controller.yaml │ └── spark-ui-proxy-controller.yaml ├── glusterfs │ ├── glusterfs-pvc.yaml │ ├── glusterfs-service.json │ ├── glusterfs-pv.yaml │ ├── glusterfs-endpoints.json │ ├── nginx-deployment.yaml │ └── glusterfs-pod.json ├── kubedns │ ├── kubedns-sa.yaml │ └── kubedns-cm.yaml ├── oam │ ├── containerized-workload │ │ ├── sample_trait_definition.yaml │ │ ├── sample_workload_definition.yaml │ │ ├── sample_component.yaml │ │ └── sample_application_config.yaml │ ├── cluster-role.yaml │ └── food-truck │ │ └── food-truck.yaml ├── spark-with-kubernetes-native-scheduler │ ├── spark-limit-range.yaml │ ├── spark-compute-resources.yaml │ └── spark-object-counts.yaml ├── rook │ ├── rook-agent-clusterrolebinding.yaml │ ├── rook-cluster.yaml │ └── rook-storageclass.yaml ├── nginx-ingress │ ├── templates │ │ ├── serviceaccount.yaml │ │ ├── tcp-configmap.yaml │ │ ├── udp-configmap.yaml │ │ ├── controller-configmap.yaml │ │ ├── rolebinding.yaml │ │ ├── clusterrolebinding.yaml │ │ └── role.yaml │ └── Chart.yaml ├── linkerd │ ├── hello-world-ingress.yml │ ├── jenkins.yml │ ├── jenkins-rbac-beta.yml │ └── world-v2.yml ├── dashboard │ ├── dashboard-service.yaml │ └── dashboard-rbac.yaml ├── EFK │ ├── kibana-service.yaml │ ├── efk-rbac.yaml │ └── es-service.yaml ├── HPA │ └── hpa.yaml ├── heapster │ ├── heapster-rbac.yaml │ ├── heapster-service.yaml │ ├── influxdb-service.yaml │ ├── heapster-deployment.yaml │ ├── grafana-service.yaml │ └── influxdb-deployment.yaml ├── traefik-ingress │ ├── ingress-rbac.yaml │ └── ui.yaml ├── scripts │ └── pull-rename-push-docker-images.sh ├── kafka │ ├── kafkaGenConfig.sh │ └── Dockerfile ├── dashboard-1.7.1 │ └── admin-role.yaml ├── zookeeper │ └── zkMetrics.sh ├── istio │ ├── servicegraph.yaml │ └── zipkin.yaml └── openfaas │ └── rbac.yml ├── develop ├── index.md ├── contribute.md └── developing-environment.md ├── usecases ├── index.md ├── ai.md ├── the-enterprise-path-to-service-mesh-architectures.md ├── microservices-for-java-developers.md ├── microservices.md ├── envoy-sidecar-routing-of-istio-service-mesh-deep-dive.md ├── edge-computing.md ├── observability.md ├── conduit.md └── service-mesh-customization-and-integration.md ├── guide ├── command-usage.md ├── resource-configuration.md ├── cluster-security-management.md ├── index.md ├── access-kubernetes-cluster.md ├── application-development-deployment-flow.md ├── kubernetes-desktop-client.md └── cabin-mobile-dashboard-for-kubernetes.md ├── cover.jpg ├── favicon.ico ├── images ├── cri.png ├── ha.png ├── pod.png ├── borg.png ├── calico.png ├── close.png ├── labels.png ├── lens.jpg ├── next.png ├── node.png ├── prev.png ├── rbac1.png ├── rbac2.png ├── roles.png ├── scale.png ├── favicon.ico ├── feedback.jpg ├── ip-masq.png ├── iptables.jpg ├── loading.gif ├── noistio.png ├── oam-spec.png ├── spark-ui.jpg ├── update1.png ├── update2.png ├── update3.png ├── update4.png ├── cc4-license.png ├── cka-mindmap.png ├── dashboard.png ├── envoy-arch.png ├── es-setting.png ├── federation.png ├── grafana-ui.jpg ├── helm-chart.png ├── kube-shell.jpg ├── master-ha.JPG ├── rancher-web.jpg ├── wordpress.jpg ├── zeppelin-ui.jpg ├── 12-factor-app.png ├── architecture.png ├── cka-question.png ├── cncf-org-arch.jpg ├── git-push-flow.png ├── heapster-arch.png ├── hook-connect.jpg ├── istio-grafana.jpg ├── istio-mindmap.png ├── istio-zipkin.jpg ├── oam-principle.png ├── openfaas-arch.jpg ├── pod-overview.png ├── prometheus-ui.jpg ├── service-arch.png ├── spring-stack.png ├── traefik-nginx.jpg ├── bookinfo-sample.jpg ├── cncf-graduation.jpg ├── cri-architecture.png ├── dashbaord-scale.jpg ├── dashboard-v163.jpg ├── istio-arch-v0.1.jpg ├── istio-mesh-arch.png ├── istio-prometheus.jpg ├── istio-vs-linkerd.jpg ├── jaeger-query-ui.png ├── kubernator-rbac.jpg ├── kubernetes-sigs.jpg ├── linkerd-grafana.png ├── linkerd-jenkins.jpg ├── locust-dashboard.jpg ├── namerd-internal.jpg ├── open-interfaces.jpg ├── openfaas-grafana.jpg ├── pause-container.png ├── rancher-cluster.jpg ├── sample-webapp-rc.jpg ├── sandbox-process.png ├── sidecar-pattern.jpg ├── workflow-detail.png ├── OpenEBS-Data-Plane.png ├── application-layout.png ├── cloud-landscape-zh.jpg ├── conduit-dashboard.jpg ├── drone-login-github.jpg ├── flannel-networking.png ├── istio-servicegraph.jpg ├── kubenetes-e2e-test.jpg ├── kubernator-catalog.jpg ├── openfaas-nodeinfo.jpg ├── pvc-storage-limit.jpg ├── traefik-dashboard.jpg ├── traefik-guestbook.jpg ├── OpenEBS-Control-Plane.png ├── bookinfo-sample-arch.png ├── brand-kubeconfig-yaml.jpg ├── cloud-native-wechat.jpg ├── container-ecosystem.png ├── deployment-cheatsheet.png ├── drone-github-active.jpg ├── filebeat-docker-test.jpg ├── flannel-host-gw-arch.png ├── github-oauth-register.jpg ├── heapster-architecture.png ├── helm-mean-todo-aholic.jpg ├── iscsi-on-kubernetes.png ├── istio-mesh-expansion.jpg ├── istio-vm-demo-video.jpg ├── k8s-app-monitor-agent.jpg ├── kubernetes-efk-kibana.jpg ├── kubernetes-node-arch.png ├── kubernetes-oidc-login.jpg ├── kubernetes-velocity.jpg ├── kubernetes-whole-arch.png ├── kubernetic-desktop-ui.jpg ├── locust-start-swarming.jpg ├── logstash-test-kibana.jpg ├── openfaas-prometheus.jpg ├── play-with-kubernetes.jpg ├── serverless-game-arch.jpg ├── service-catalog-bind.jpg ├── service-catalog-list.jpg ├── service-catalog-map.jpg ├── service-ipvs-overview.png ├── supercharged-kubectl.jpg ├── cloud-native-app-model.png ├── create-gluster-storage.png ├── filebeat-log-collector.png ├── github-oauth-drone-key.jpg ├── helm-charts-repository.jpg ├── istio-tutorial-grafana.png ├── kubernetes-layers-arch.png ├── kubernetes-locust-test.jpg ├── kubernetes-master-arch.png ├── logstash-log-collector.jpg ├── microservices-concerns.jpg ├── mosn-with-service-mesh.png ├── rancher-customize-node.jpg ├── redpoint-faas-landscape.jpg ├── spring-boot-note-spots.png ├── cloud-native-comes-of-age.jpg ├── cloud-native-core-target.jpg ├── drone-github-repo-setting.jpg ├── envoy-mesh-in-kubernetes.png ├── envoyproxy-docker-compose.png ├── grafana-dashboard-setting.jpg ├── helm-monocular-jimmysong.jpg ├── horizontal-pod-autoscaler.png ├── istio-bookinfo-vm-traffic.jpg ├── kubernetes-app-monitoring.png ├── kubernetes-dashboard-raw.jpg ├── kubernetes-filebeat-detail.png ├── kubernetes-jenkins-ci-cd.png ├── kubernetes-pod-cheatsheet.png ├── kubernetes-pod-life-cycle.jpg ├── linkerd-ingress-controller.jpg ├── linkerd-jenkins-pipeline.jpg ├── load-balancing-and-proxing.png ├── log-persistence-logstash.png ├── monitoring-in-kubernetes.png ├── non-serverless-game-arch.jpg ├── openfaas-deploy-a-function.jpg ├── serivce-mesh-control-plane.png ├── serverless-faas-platform.jpg ├── service-api-request-flow.png ├── service-api-route-binding.jpg ├── service-catalog-provision.jpg ├── services-iptables-overview.jpg ├── traefik-dashboard-locust.jpg ├── wechat-appreciate-qrcode.jpg ├── cncf-graduation-criteria-v2.jpg ├── diagram-individual-instance.png ├── filebeat-log-collector-arch.png ├── from-bare-metal-to-functions.jpg ├── istio-tutorial-zipkin-trace.png ├── k8s-app-monitor-istio-zipkin.png ├── k8s-app-monitor-test-api-doc.jpg ├── kubernetes-heapster-grafana.jpg ├── kubernetes-influxdb-heapster.jpg ├── kubernetes-service-api-intro.jpg ├── kubernetes-test-architecture.jpg ├── linkerd-helloworld-incoming.jpg ├── linkerd-helloworld-outgoing.jpg ├── philosophy-page-diagrams-top.png ├── service-catalog-architecture.jpg ├── servicemesher-wechat-public.jpg ├── services-userspace-overview.jpg ├── tools-to-supercharge-kubectl.jpg ├── weave-scope-service-topology.jpg ├── cloud-computing-evolution-road.jpg ├── cloud-native-go-wechat-qr-code.jpg ├── creating-kubernetes-native-app.jpg ├── dashboard-addon-installation001.png ├── k8s-app-monitor-agent-wercker.jpg ├── k8s-app-monitor-istio-grafana.png ├── kubernetes-apversions-changes.jpg ├── kubernetes-heapster-monitoring.png ├── kubernetes-kubectl-cheatsheet.png ├── philosophy-diagrams-for-site-02.png ├── philosophy-diagrams-for-site-03.png ├── philosophy-diagrams-for-site-04.png ├── serverless-server-side-software.jpg ├── spark-on-yarn-with-kubernetes.png ├── 0069RVTdgy1fu08liarftj31kw0spkeg.jpg ├── 0069RVTdgy1fu08m7p22kj31kw1biq98.jpg ├── 0069RVTdgy1fv5df9lq1aj317o0o6wia.jpg ├── 0069RVTdgy1fv5dm4a9ygj30w50czdi3.jpg ├── 0069RVTdgy1fv5doj8fuij31kw0ytn7h.jpg ├── 0069RVTdgy1fv5dq2bptdj31110begnl.jpg ├── 0069RVTdgy1fv5mxr6fxtj31kw11q484.jpg ├── 0069RVTdgy1fv5my2jtxzj315o0z8dkr.jpg ├── 0069RVTdgy1fv5myp6ednj31kw0w0u0x.jpg ├── 0069RVTdgy1fv5mzj8rj6j318g1ewtfc.jpg ├── 0069RVTdgy1fv5mzywc83j31fk1i8qg4.jpg ├── 0069RVTdly1fuafvbnuc7j310a0oqdm9.jpg ├── 0069RVTdly1fuaie8jan8j310a0kitem.jpg ├── 0069RVTdly1fuail4d24jj31080rkgr7.jpg ├── 0069RVTdly1fuam4ln45jj30yu0o6wkc.jpg ├── 0069RVTdly1fuamvq97cuj30yu0wg7cr.jpg ├── 0069RVTdly1fuanez4qbtj30v4183n7p.jpg ├── 0069RVTdly1fv5hukl647j30k6145gnt.jpg ├── 006tKfTcgy1ft5pe433f6j31kw0s3nnl.jpg ├── 006tKfTcgy1ft75ot24lzj31ec18479s.jpg ├── 006tKfTcgy1ft75pq8rplj31kw19sn5q.jpg ├── 006tKfTcly1ft3zgjlisxj30n70ffjth.jpg ├── 006tKfTcly1g1gbdpsdbgj303c03cwel.jpg ├── 006tKfTcly1g1gbjvx2ugj305k05mmx9.jpg ├── 006tNbRwgy1fuyr4vizzwj31kw1biq98.jpg ├── 006tNbRwgy1fvlwjd3302j31bo0ro0x5.jpg ├── 006tNbRwly1fubfiiryirj30w20ayjui.jpg ├── 006tNbRwly1fubnx0q9bpj30vq0pq465.jpg ├── 006tNbRwly1fubs6ts3sgj30vo0osdnj.jpg ├── 006tNbRwly1fubsk4v16hj30vo0bq75z.jpg ├── 006tNbRwly1fubsxrph3dj30vq0duq53.jpg ├── 006tNbRwly1fubt5a97h7j30vq0bcq5p.jpg ├── 006tNbRwly1fubvi0dnhlj30vo0ekwhx.jpg ├── 006tNbRwly1fubvr83wvgj30vq0mmdip.jpg ├── 006tNbRwly1fucp8yralaj30vu0sijx8.jpg ├── 006tNbRwly1fucpano6gsj31kw1biq98.jpg ├── 006tNbRwly1fucpc5fn8wj31kw0sfdnu.jpg ├── 006tNbRwly1fucplat3l9j30vo0lw43l.jpg ├── 006tNbRwly1fwcgsn11fej311j0mjadw.jpg ├── 006tNbRwly1fwcl7v28rhj30xl0onadv.jpg ├── 006tNbRwly1fwdlx22rv9j31ec184dlr.jpg ├── 006tNbRwly1fwjg48fh7xj31kw0wedrg.jpg ├── 006tNbRwly1fwjkfbvfluj30y70hf0y9.jpg ├── 006tNbRwly1fwqi98i51ij30sc0j80zn.jpg ├── 006tNbRwly1fwzreaalj6j30dz0dy3z3.jpg ├── 006tNbRwly1fwztvhg0gmj318z143tdv.jpg ├── 006tNbRwly1fx0ie2kb90j31kw0ynha3.jpg ├── 006tNbRwly1fxmx633ymqj31dp0u0kjn.jpg ├── 006tNbRwly1fyitp0jsghj31o70u0x6p.jpg ├── 006tNbRwly1fyl39icd27j31c70u04gc.jpg ├── 006tNc79gy1ftwe77v4u5j31kw0ziwtw.jpg ├── 006tNc79gy1ftweryj0zrj31kw0zix6q.jpg ├── 006tNc79gy1ftwesjg1e2j31kw0s8woq.jpg ├── 006tNc79gy1ftwhtmzhfej31kw0ziww1.jpg ├── 006tNc79gy1ftwhvtu1vxj31kw0zitvc.jpg ├── 006tNc79gy1ftwiolw1tyj31kw0zib29.jpg ├── 006tNc79gy1ftwjyxiw1pj31kw0zi4qp.jpg ├── 006tNc79gy1fz65bt7ieej30c90bsgn2.jpg ├── 006tNc79ly1fzm9vs4o3aj31s00u0x6p.jpg ├── 006tNc79ly1fzmnolp5ghj30z90u0gwf.jpg ├── 006tNc79ly1fzna87wmfij30u00zc4qp.jpg ├── 006tNc79ly1fznadbp63qj31jt0beq9s.jpg ├── 006tNc79ly1fznbh3vfbwj310f0jxgxj.jpg ├── 006tNc79ly1fzne6y4f2ej31q60fedho.jpg ├── 006tNc79ly1fznegoocmvj31y00hmgon.jpg ├── 006tNc79ly1fzniqvmi51j31gq0s0q5u.jpg ├── 006tNc79ly1fzor2k6f7wj313j0u0dl3.jpg ├── 006tNc79ly1g04s0oznytj31tg0ok7ca.jpg ├── 006tNc79ly1g04tl97vm4j318v0h7dpt.jpg ├── 006tNc79ly1g1yz80ag98j31cs0n2gr7.jpg ├── 006y8mN6ly1g7ldey3l7gj31ti0mwta9.jpg ├── 006y8mN6ly1g7ldhm7bxyj31040u0q5n.jpg ├── 00704eQkgy1frr4z08j6oj31p20w2n6n.jpg ├── 00704eQkgy1frr52hl4eaj31qy15en74.jpg ├── 00704eQkgy1frr53j3aiuj32fs1dc7wi.jpg ├── 00704eQkgy1frr54de5oyj31qw14qn2x.jpg ├── 00704eQkgy1frr54ztql2j329q0zwwlf.jpg ├── 00704eQkgy1frr56m7z2sj31y010y17y.jpg ├── 00704eQkgy1frr57nm2mnj31xk11qqej.jpg ├── 00704eQkgy1frr58ebf2lj323o11219r.jpg ├── 00704eQkgy1frr59gzzwsj32gg16k4qp.jpg ├── 00704eQkgy1frr5arzvetj31no12mdre.jpg ├── 00704eQkgy1frr5bulhuhj329m10iwua.jpg ├── 00704eQkgy1frr5c8bwmtj31ou152qc3.jpg ├── 00704eQkgy1frr5dsurx6j320i140tpf.jpg ├── 00704eQkgy1frr5exqm7kj320u18mh2t.jpg ├── 00704eQkgy1frr5fxzoltj32f81akqr2.jpg ├── 00704eQkgy1frr5gloob0j31vi18017p.jpg ├── 00704eQkgy1fsaxszh01vj30da0j2jvn.jpg ├── 00704eQkgy1fsayashxz3j31c00w6aed.jpg ├── 00704eQkgy1fsayfzk3ezj31bu0tkdky.jpg ├── 00704eQkgy1fsayrk6vppj31bu0w0gsd.jpg ├── 00704eQkgy1fsaytbabxgj31c00w2n4r.jpg ├── 00704eQkgy1fsaz2wirz9j31bs0vygsb.jpg ├── 00704eQkgy1fsaz3yo227j31c60mgdim.jpg ├── 00704eQkgy1fsaz50k2atj31bs0mitbn.jpg ├── 00704eQkgy1fsaz5n5qs9j31by0motbm.jpg ├── 00704eQkgy1fsazabn0b9j31by0w6791.jpg ├── 00704eQkgy1fsazcclee6j31c20w6n5y.jpg ├── 00704eQkgy1fshft5oxlwj318g0pe0wp.jpg ├── 00704eQkgy1fshg0vw25ij318g0jzqjq.jpg ├── 00704eQkgy1fshi61t04oj310q17c0y1.jpg ├── 00704eQkgy1fshi98duzgj318g0l2406.jpg ├── 00704eQkgy1fshibdwcj3j318g0p8th1.jpg ├── 00704eQkgy1fshicc7or1j318g0p8ahr.jpg ├── 00704eQkgy1fshie7wxkyj30ks0f4myd.jpg ├── 00704eQkgy1fsm4v0a6qwj30xc0m8t9d.jpg ├── 0081Kckwly1gm0d6qx2o0j30sq0v440v.jpg ├── 0081Kckwly1gm0d6rogojj30u00yhdil.jpg ├── 0081Kckwly1gm0d6sgfpxj30oi0rsjt5.jpg ├── 0081Kckwly1gm0d6t775lj31s80k8go8.jpg ├── 008eGmZEly1gmhqzaxsy1j31dz0u0acn.jpg ├── 008eGmZEly1gmhrip3dc2j315q0u01e0.jpg ├── 008eGmZEly1gmhrl3860hj31ob0u0wn4.jpg ├── apple-touch-icon-precomposed-152.png ├── how-to-use-kubernetes-with-istio.jpg ├── istio-tutorial-zipkin-dependency.png ├── kubernetes-container-naming-rule.jpg ├── kubernetes-dashboard-1.7.1-brand.jpg ├── kubernetes-dashboard-1.7.1-login.jpg ├── kubernetes-edge-node-architecture.png ├── kubernetes-prometheus-monitoring.jpg ├── migrating-monolith-to-kubernetes.jpg ├── philosophy-principle-diagrams-01.png ├── philosophy-principle-diagrams-02.png ├── spark-job-on-kubernetes-example-1.jpg ├── spark-job-on-kubernetes-example-2.jpg ├── cabin-kubernetes-mobile-dashboard-1.jpg ├── cabin-kubernetes-mobile-dashboard-4.jpg ├── cloud-native-architecutre-mindnode.jpg ├── istio-tutorial-serivcegraph-dotviz.png ├── kubernetes-client-go-sample-update.jpg ├── kubernetes-dashboard-with-heapster.jpg ├── kubernetes-devops-example-grafana-1.png ├── kubernetes-devops-example-grafana-2.png ├── kubernetes-devops-example-grafana-3.png ├── kubernetes-installation-test-nginx.png ├── migrating-hadoop-yarn-to-kubernetes.png ├── polyglot-microservices-serivce-mesh.png ├── service-discovery-in-microservices.png ├── terms-in-kubernetes-app-deployment.png ├── istio-deployment-architecture-diagram.png ├── zero-downtime-kubernetes-upgrade-tips.jpg ├── k8s-app-monitor-istio-servicegraph-dotviz.png ├── kubernetes-dashboard-1.7.1-default-page.jpg ├── accessing-kubernetes-services-with-dns-name.png ├── kubernetes-high-level-component-archtecture.jpg ├── spark-on-kubernetes-with-different-schedulers.jpg ├── 1536291419546-2aa160de-69cd-497f-a280-fae20a1f87a3.png ├── building-cloud-native-architecture-with-kubernetes.png └── envoy-sidecar-traffic-interception-jimmysong-blog.png ├── appendix ├── summary-and-outlook.md ├── kubernetes-1.18-changelog.md ├── kubernetes-1.19-changelog.md ├── cncf-annual-report.md ├── index.md ├── kubernetes-1.16-changelog.md ├── kubernetes-1.17-changelog.md ├── debug-kubernetes-services.md ├── kubernetes-1.15-changelog.md └── kubernetes-1.10-changelog.md ├── concepts ├── controllers.md ├── storage.md ├── extension.md ├── service-discovery.md ├── authentication-and-permission.md ├── cluster.md ├── pod-state-and-lifecycle.md ├── open-interfaces.md ├── multicluster.md ├── scheduling.md ├── namespace.md ├── networking.md └── node.md ├── etc ├── ceph │ └── ceph.client.admin.keyring ├── kubernetes │ ├── scheduler │ ├── proxy │ ├── controller-manager │ └── config └── sysconfig │ └── flanneld ├── tools ├── flannel │ └── README.md ├── etcd │ └── get-kubernetes-keys-from-etcd.sh ├── wordcount │ ├── wordcount.sh │ └── README.md └── create-user │ └── README.md ├── scripts ├── build-gitbook.sh └── lint-gitbook.sh ├── .mergify.yml ├── ISSUE_TEMPLATE.md ├── .github └── workflows │ └── main.yml ├── CONTRIBUTING.md ├── systemd ├── kube-scheduler.service ├── kube-proxy.service ├── kube-controller-manager.service ├── kubelet.service ├── flanneld.service └── kube-apiserver.service ├── .gitignore └── .circleci └── config.yml /practice/storage.md: -------------------------------------------------------------------------------- 1 | # 存储管理 2 | -------------------------------------------------------------------------------- /practice/opration.md: -------------------------------------------------------------------------------- 1 | # 运维管理 2 | 3 | -------------------------------------------------------------------------------- /manifests/charts/mongodb/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | -------------------------------------------------------------------------------- /manifests/charts/mean/charts/mongodb/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | -------------------------------------------------------------------------------- /develop/index.md: -------------------------------------------------------------------------------- 1 | # 开发指南说明 2 | 3 | 讲解如何在原生 Kubernetes 的基础上做定制开发。 4 | -------------------------------------------------------------------------------- /usecases/index.md: -------------------------------------------------------------------------------- 1 | # 领域应用 2 | 3 | Kubernetes 和云原生应用在各个领域中的实践。 4 | -------------------------------------------------------------------------------- /guide/command-usage.md: -------------------------------------------------------------------------------- 1 | # 命令使用 2 | 3 | Kubernetes 中的 kubectl 及其他管理命令使用。 4 | -------------------------------------------------------------------------------- /cover.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/cover.jpg -------------------------------------------------------------------------------- /guide/resource-configuration.md: -------------------------------------------------------------------------------- 1 | # 资源配置 2 | 3 | Kubernetes 中的各个 Object 的配置指南。 4 | -------------------------------------------------------------------------------- /favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/favicon.ico -------------------------------------------------------------------------------- /guide/cluster-security-management.md: -------------------------------------------------------------------------------- 1 | # 集群安全性管理 2 | 3 | Kubernetes 支持多租户,这就需要对集群的安全性进行管理。 4 | -------------------------------------------------------------------------------- /images/cri.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cri.png -------------------------------------------------------------------------------- /images/ha.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/ha.png -------------------------------------------------------------------------------- /images/pod.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/pod.png -------------------------------------------------------------------------------- /images/borg.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/borg.png -------------------------------------------------------------------------------- /images/calico.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/calico.png -------------------------------------------------------------------------------- /images/close.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/close.png -------------------------------------------------------------------------------- /images/labels.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/labels.png -------------------------------------------------------------------------------- /images/lens.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/lens.jpg -------------------------------------------------------------------------------- /images/next.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/next.png -------------------------------------------------------------------------------- /images/node.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/node.png -------------------------------------------------------------------------------- /images/prev.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/prev.png -------------------------------------------------------------------------------- /images/rbac1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/rbac1.png -------------------------------------------------------------------------------- /images/rbac2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/rbac2.png -------------------------------------------------------------------------------- /images/roles.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/roles.png -------------------------------------------------------------------------------- /images/scale.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/scale.png -------------------------------------------------------------------------------- /images/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/favicon.ico -------------------------------------------------------------------------------- /images/feedback.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/feedback.jpg -------------------------------------------------------------------------------- /images/ip-masq.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/ip-masq.png -------------------------------------------------------------------------------- /images/iptables.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/iptables.jpg -------------------------------------------------------------------------------- /images/loading.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/loading.gif -------------------------------------------------------------------------------- /images/noistio.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/noistio.png -------------------------------------------------------------------------------- /images/oam-spec.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/oam-spec.png -------------------------------------------------------------------------------- /images/spark-ui.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/spark-ui.jpg -------------------------------------------------------------------------------- /images/update1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/update1.png -------------------------------------------------------------------------------- /images/update2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/update2.png -------------------------------------------------------------------------------- /images/update3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/update3.png -------------------------------------------------------------------------------- /images/update4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/update4.png -------------------------------------------------------------------------------- /appendix/summary-and-outlook.md: -------------------------------------------------------------------------------- 1 | # Kubernetes及云原生年度总结及展望 2 | 3 | 本节将聚焦Kubernetes及云原生技术的年度总结并展望下一年的发展。 4 | -------------------------------------------------------------------------------- /concepts/controllers.md: -------------------------------------------------------------------------------- 1 | # 控制器 2 | 3 | Kubernetes 中内建了很多 controller(控制器),这些相当于一个状态机,用来控制 Pod 的具体状态和行为。 4 | -------------------------------------------------------------------------------- /etc/ceph/ceph.client.admin.keyring: -------------------------------------------------------------------------------- 1 | [client.admin] 2 | key = AQCX06hZ9LnSBxAAYuoIT/ewbTRhKpTHOZLoRQ== 3 | -------------------------------------------------------------------------------- /images/cc4-license.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cc4-license.png -------------------------------------------------------------------------------- /images/cka-mindmap.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cka-mindmap.png -------------------------------------------------------------------------------- /images/dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/dashboard.png -------------------------------------------------------------------------------- /images/envoy-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/envoy-arch.png -------------------------------------------------------------------------------- /images/es-setting.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/es-setting.png -------------------------------------------------------------------------------- /images/federation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/federation.png -------------------------------------------------------------------------------- /images/grafana-ui.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/grafana-ui.jpg -------------------------------------------------------------------------------- /images/helm-chart.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/helm-chart.png -------------------------------------------------------------------------------- /images/kube-shell.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kube-shell.jpg -------------------------------------------------------------------------------- /images/master-ha.JPG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/master-ha.JPG -------------------------------------------------------------------------------- /images/rancher-web.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/rancher-web.jpg -------------------------------------------------------------------------------- /images/wordpress.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/wordpress.jpg -------------------------------------------------------------------------------- /images/zeppelin-ui.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/zeppelin-ui.jpg -------------------------------------------------------------------------------- /images/12-factor-app.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/12-factor-app.png -------------------------------------------------------------------------------- /images/architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/architecture.png -------------------------------------------------------------------------------- /images/cka-question.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cka-question.png -------------------------------------------------------------------------------- /images/cncf-org-arch.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cncf-org-arch.jpg -------------------------------------------------------------------------------- /images/git-push-flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/git-push-flow.png -------------------------------------------------------------------------------- /images/heapster-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/heapster-arch.png -------------------------------------------------------------------------------- /images/hook-connect.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/hook-connect.jpg -------------------------------------------------------------------------------- /images/istio-grafana.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-grafana.jpg -------------------------------------------------------------------------------- /images/istio-mindmap.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-mindmap.png -------------------------------------------------------------------------------- /images/istio-zipkin.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-zipkin.jpg -------------------------------------------------------------------------------- /images/oam-principle.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/oam-principle.png -------------------------------------------------------------------------------- /images/openfaas-arch.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/openfaas-arch.jpg -------------------------------------------------------------------------------- /images/pod-overview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/pod-overview.png -------------------------------------------------------------------------------- /images/prometheus-ui.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/prometheus-ui.jpg -------------------------------------------------------------------------------- /images/service-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/service-arch.png -------------------------------------------------------------------------------- /images/spring-stack.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/spring-stack.png -------------------------------------------------------------------------------- /images/traefik-nginx.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/traefik-nginx.jpg -------------------------------------------------------------------------------- /images/bookinfo-sample.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/bookinfo-sample.jpg -------------------------------------------------------------------------------- /images/cncf-graduation.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cncf-graduation.jpg -------------------------------------------------------------------------------- /images/cri-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cri-architecture.png -------------------------------------------------------------------------------- /images/dashbaord-scale.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/dashbaord-scale.jpg -------------------------------------------------------------------------------- /images/dashboard-v163.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/dashboard-v163.jpg -------------------------------------------------------------------------------- /images/istio-arch-v0.1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-arch-v0.1.jpg -------------------------------------------------------------------------------- /images/istio-mesh-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-mesh-arch.png -------------------------------------------------------------------------------- /images/istio-prometheus.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-prometheus.jpg -------------------------------------------------------------------------------- /images/istio-vs-linkerd.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-vs-linkerd.jpg -------------------------------------------------------------------------------- /images/jaeger-query-ui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/jaeger-query-ui.png -------------------------------------------------------------------------------- /images/kubernator-rbac.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernator-rbac.jpg -------------------------------------------------------------------------------- /images/kubernetes-sigs.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-sigs.jpg -------------------------------------------------------------------------------- /images/linkerd-grafana.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/linkerd-grafana.png -------------------------------------------------------------------------------- /images/linkerd-jenkins.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/linkerd-jenkins.jpg -------------------------------------------------------------------------------- /images/locust-dashboard.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/locust-dashboard.jpg -------------------------------------------------------------------------------- /images/namerd-internal.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/namerd-internal.jpg -------------------------------------------------------------------------------- /images/open-interfaces.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/open-interfaces.jpg -------------------------------------------------------------------------------- /images/openfaas-grafana.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/openfaas-grafana.jpg -------------------------------------------------------------------------------- /images/pause-container.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/pause-container.png -------------------------------------------------------------------------------- /images/rancher-cluster.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/rancher-cluster.jpg -------------------------------------------------------------------------------- /images/sample-webapp-rc.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/sample-webapp-rc.jpg -------------------------------------------------------------------------------- /images/sandbox-process.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/sandbox-process.png -------------------------------------------------------------------------------- /images/sidecar-pattern.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/sidecar-pattern.jpg -------------------------------------------------------------------------------- /images/workflow-detail.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/workflow-detail.png -------------------------------------------------------------------------------- /concepts/storage.md: -------------------------------------------------------------------------------- 1 | # 存储 2 | 3 | 为了管理存储,Kubernetes提供了Secret用于管理敏感信息,ConfigMap存储配置,Volume、PV、PVC、StorageClass等用来管理存储卷。 4 | -------------------------------------------------------------------------------- /images/OpenEBS-Data-Plane.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/OpenEBS-Data-Plane.png -------------------------------------------------------------------------------- /images/application-layout.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/application-layout.png -------------------------------------------------------------------------------- /images/cloud-landscape-zh.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cloud-landscape-zh.jpg -------------------------------------------------------------------------------- /images/conduit-dashboard.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/conduit-dashboard.jpg -------------------------------------------------------------------------------- /images/drone-login-github.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/drone-login-github.jpg -------------------------------------------------------------------------------- /images/flannel-networking.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/flannel-networking.png -------------------------------------------------------------------------------- /images/istio-servicegraph.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-servicegraph.jpg -------------------------------------------------------------------------------- /images/kubenetes-e2e-test.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubenetes-e2e-test.jpg -------------------------------------------------------------------------------- /images/kubernator-catalog.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernator-catalog.jpg -------------------------------------------------------------------------------- /images/openfaas-nodeinfo.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/openfaas-nodeinfo.jpg -------------------------------------------------------------------------------- /images/pvc-storage-limit.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/pvc-storage-limit.jpg -------------------------------------------------------------------------------- /images/traefik-dashboard.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/traefik-dashboard.jpg -------------------------------------------------------------------------------- /images/traefik-guestbook.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/traefik-guestbook.jpg -------------------------------------------------------------------------------- /manifests/mariadb-cluster/galera-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: galera 5 | -------------------------------------------------------------------------------- /concepts/extension.md: -------------------------------------------------------------------------------- 1 | # 扩展 2 | 3 | Kubernetes是一个高度开放可扩展的架构,可以通过自定义资源类型CRD来定义自己的类型,还可以自己来扩展API服务,用户的使用方式跟Kubernetes的原生对象无异。 4 | -------------------------------------------------------------------------------- /concepts/service-discovery.md: -------------------------------------------------------------------------------- 1 | # 服务发现 2 | 3 | Kubernetes中为了实现服务实例间的负载均衡和不同服务间的服务发现,创造了Serivce对象,同时又为从集群外部访问集群创建了Ingress对象。 4 | -------------------------------------------------------------------------------- /images/OpenEBS-Control-Plane.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/OpenEBS-Control-Plane.png -------------------------------------------------------------------------------- /images/bookinfo-sample-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/bookinfo-sample-arch.png -------------------------------------------------------------------------------- /images/brand-kubeconfig-yaml.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/brand-kubeconfig-yaml.jpg -------------------------------------------------------------------------------- /images/cloud-native-wechat.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cloud-native-wechat.jpg -------------------------------------------------------------------------------- /images/container-ecosystem.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/container-ecosystem.png -------------------------------------------------------------------------------- /images/deployment-cheatsheet.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/deployment-cheatsheet.png -------------------------------------------------------------------------------- /images/drone-github-active.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/drone-github-active.jpg -------------------------------------------------------------------------------- /images/filebeat-docker-test.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/filebeat-docker-test.jpg -------------------------------------------------------------------------------- /images/flannel-host-gw-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/flannel-host-gw-arch.png -------------------------------------------------------------------------------- /images/github-oauth-register.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/github-oauth-register.jpg -------------------------------------------------------------------------------- /images/heapster-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/heapster-architecture.png -------------------------------------------------------------------------------- /images/helm-mean-todo-aholic.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/helm-mean-todo-aholic.jpg -------------------------------------------------------------------------------- /images/iscsi-on-kubernetes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/iscsi-on-kubernetes.png -------------------------------------------------------------------------------- /images/istio-mesh-expansion.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-mesh-expansion.jpg -------------------------------------------------------------------------------- /images/istio-vm-demo-video.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-vm-demo-video.jpg -------------------------------------------------------------------------------- /images/k8s-app-monitor-agent.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/k8s-app-monitor-agent.jpg -------------------------------------------------------------------------------- /images/kubernetes-efk-kibana.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-efk-kibana.jpg -------------------------------------------------------------------------------- /images/kubernetes-node-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-node-arch.png -------------------------------------------------------------------------------- /images/kubernetes-oidc-login.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-oidc-login.jpg -------------------------------------------------------------------------------- /images/kubernetes-velocity.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-velocity.jpg -------------------------------------------------------------------------------- /images/kubernetes-whole-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-whole-arch.png -------------------------------------------------------------------------------- /images/kubernetic-desktop-ui.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetic-desktop-ui.jpg -------------------------------------------------------------------------------- /images/locust-start-swarming.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/locust-start-swarming.jpg -------------------------------------------------------------------------------- /images/logstash-test-kibana.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/logstash-test-kibana.jpg -------------------------------------------------------------------------------- /images/openfaas-prometheus.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/openfaas-prometheus.jpg -------------------------------------------------------------------------------- /images/play-with-kubernetes.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/play-with-kubernetes.jpg -------------------------------------------------------------------------------- /images/serverless-game-arch.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/serverless-game-arch.jpg -------------------------------------------------------------------------------- /images/service-catalog-bind.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/service-catalog-bind.jpg -------------------------------------------------------------------------------- /images/service-catalog-list.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/service-catalog-list.jpg -------------------------------------------------------------------------------- /images/service-catalog-map.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/service-catalog-map.jpg -------------------------------------------------------------------------------- /images/service-ipvs-overview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/service-ipvs-overview.png -------------------------------------------------------------------------------- /images/supercharged-kubectl.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/supercharged-kubectl.jpg -------------------------------------------------------------------------------- /manifests/prometheus/prometheus-monitoring-ns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: monitoring 5 | -------------------------------------------------------------------------------- /practice/update-and-upgrade.md: -------------------------------------------------------------------------------- 1 | # 更新与升级 2 | 3 | Kubernetes到目前为止基本保持三个月发行一个新版本的节奏,更新节奏可以说非常快,这一部分将主要跟踪kubernetes及其相关组件的更新与升级。 4 | -------------------------------------------------------------------------------- /concepts/authentication-and-permission.md: -------------------------------------------------------------------------------- 1 | # 身份与权限认证 2 | 3 | Kubernetes 中提供了良好的多租户认证管理机制,如 RBAC、ServiceAccount 还有各种 Policy 等。 4 | -------------------------------------------------------------------------------- /images/cloud-native-app-model.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cloud-native-app-model.png -------------------------------------------------------------------------------- /images/create-gluster-storage.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/create-gluster-storage.png -------------------------------------------------------------------------------- /images/filebeat-log-collector.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/filebeat-log-collector.png -------------------------------------------------------------------------------- /images/github-oauth-drone-key.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/github-oauth-drone-key.jpg -------------------------------------------------------------------------------- /images/helm-charts-repository.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/helm-charts-repository.jpg -------------------------------------------------------------------------------- /images/istio-tutorial-grafana.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-tutorial-grafana.png -------------------------------------------------------------------------------- /images/kubernetes-layers-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-layers-arch.png -------------------------------------------------------------------------------- /images/kubernetes-locust-test.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-locust-test.jpg -------------------------------------------------------------------------------- /images/kubernetes-master-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-master-arch.png -------------------------------------------------------------------------------- /images/logstash-log-collector.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/logstash-log-collector.jpg -------------------------------------------------------------------------------- /images/microservices-concerns.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/microservices-concerns.jpg -------------------------------------------------------------------------------- /images/mosn-with-service-mesh.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/mosn-with-service-mesh.png -------------------------------------------------------------------------------- /images/rancher-customize-node.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/rancher-customize-node.jpg -------------------------------------------------------------------------------- /images/redpoint-faas-landscape.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/redpoint-faas-landscape.jpg -------------------------------------------------------------------------------- /images/spring-boot-note-spots.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/spring-boot-note-spots.png -------------------------------------------------------------------------------- /practice/dns-installation.md: -------------------------------------------------------------------------------- 1 | # 安装配置 DNS 2 | 3 | DNS 组件作为 Kubernetes 中服务注册和发现的一个必要组件,起着举足轻重的作用,是我们在安装好 Kubernetes 集群后部署的第一个容器化应用。 4 | -------------------------------------------------------------------------------- /images/cloud-native-comes-of-age.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cloud-native-comes-of-age.jpg -------------------------------------------------------------------------------- /images/cloud-native-core-target.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cloud-native-core-target.jpg -------------------------------------------------------------------------------- /images/drone-github-repo-setting.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/drone-github-repo-setting.jpg -------------------------------------------------------------------------------- /images/envoy-mesh-in-kubernetes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/envoy-mesh-in-kubernetes.png -------------------------------------------------------------------------------- /images/envoyproxy-docker-compose.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/envoyproxy-docker-compose.png -------------------------------------------------------------------------------- /images/grafana-dashboard-setting.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/grafana-dashboard-setting.jpg -------------------------------------------------------------------------------- /images/helm-monocular-jimmysong.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/helm-monocular-jimmysong.jpg -------------------------------------------------------------------------------- /images/horizontal-pod-autoscaler.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/horizontal-pod-autoscaler.png -------------------------------------------------------------------------------- /images/istio-bookinfo-vm-traffic.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-bookinfo-vm-traffic.jpg -------------------------------------------------------------------------------- /images/kubernetes-app-monitoring.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-app-monitoring.png -------------------------------------------------------------------------------- /images/kubernetes-dashboard-raw.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-dashboard-raw.jpg -------------------------------------------------------------------------------- /images/kubernetes-filebeat-detail.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-filebeat-detail.png -------------------------------------------------------------------------------- /images/kubernetes-jenkins-ci-cd.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-jenkins-ci-cd.png -------------------------------------------------------------------------------- /images/kubernetes-pod-cheatsheet.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-pod-cheatsheet.png -------------------------------------------------------------------------------- /images/kubernetes-pod-life-cycle.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-pod-life-cycle.jpg -------------------------------------------------------------------------------- /images/linkerd-ingress-controller.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/linkerd-ingress-controller.jpg -------------------------------------------------------------------------------- /images/linkerd-jenkins-pipeline.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/linkerd-jenkins-pipeline.jpg -------------------------------------------------------------------------------- /images/load-balancing-and-proxing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/load-balancing-and-proxing.png -------------------------------------------------------------------------------- /images/log-persistence-logstash.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/log-persistence-logstash.png -------------------------------------------------------------------------------- /images/monitoring-in-kubernetes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/monitoring-in-kubernetes.png -------------------------------------------------------------------------------- /images/non-serverless-game-arch.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/non-serverless-game-arch.jpg -------------------------------------------------------------------------------- /images/openfaas-deploy-a-function.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/openfaas-deploy-a-function.jpg -------------------------------------------------------------------------------- /images/serivce-mesh-control-plane.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/serivce-mesh-control-plane.png -------------------------------------------------------------------------------- /images/serverless-faas-platform.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/serverless-faas-platform.jpg -------------------------------------------------------------------------------- /images/service-api-request-flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/service-api-request-flow.png -------------------------------------------------------------------------------- /images/service-api-route-binding.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/service-api-route-binding.jpg -------------------------------------------------------------------------------- /images/service-catalog-provision.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/service-catalog-provision.jpg -------------------------------------------------------------------------------- /images/services-iptables-overview.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/services-iptables-overview.jpg -------------------------------------------------------------------------------- /images/traefik-dashboard-locust.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/traefik-dashboard-locust.jpg -------------------------------------------------------------------------------- /images/wechat-appreciate-qrcode.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/wechat-appreciate-qrcode.jpg -------------------------------------------------------------------------------- /manifests/charts/mean/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: mongodb 3 | repository: http://localhost:8879 4 | version: 0.4.x 5 | -------------------------------------------------------------------------------- /manifests/charts/mychart/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: A Helm chart for Kubernetes 3 | name: mychart 4 | version: 0.1.0 5 | -------------------------------------------------------------------------------- /tools/flannel/README.md: -------------------------------------------------------------------------------- 1 | # mk-docker-opts.sh 2 | 3 | flannel 0.7.1 release中的脚本 4 | 5 | See https://github.com/coreos/flannel/releases 6 | -------------------------------------------------------------------------------- /images/cncf-graduation-criteria-v2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cncf-graduation-criteria-v2.jpg -------------------------------------------------------------------------------- /images/diagram-individual-instance.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/diagram-individual-instance.png -------------------------------------------------------------------------------- /images/filebeat-log-collector-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/filebeat-log-collector-arch.png -------------------------------------------------------------------------------- /images/from-bare-metal-to-functions.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/from-bare-metal-to-functions.jpg -------------------------------------------------------------------------------- /images/istio-tutorial-zipkin-trace.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-tutorial-zipkin-trace.png -------------------------------------------------------------------------------- /images/k8s-app-monitor-istio-zipkin.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/k8s-app-monitor-istio-zipkin.png -------------------------------------------------------------------------------- /images/k8s-app-monitor-test-api-doc.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/k8s-app-monitor-test-api-doc.jpg -------------------------------------------------------------------------------- /images/kubernetes-heapster-grafana.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-heapster-grafana.jpg -------------------------------------------------------------------------------- /images/kubernetes-influxdb-heapster.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-influxdb-heapster.jpg -------------------------------------------------------------------------------- /images/kubernetes-service-api-intro.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-service-api-intro.jpg -------------------------------------------------------------------------------- /images/kubernetes-test-architecture.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-test-architecture.jpg -------------------------------------------------------------------------------- /images/linkerd-helloworld-incoming.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/linkerd-helloworld-incoming.jpg -------------------------------------------------------------------------------- /images/linkerd-helloworld-outgoing.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/linkerd-helloworld-outgoing.jpg -------------------------------------------------------------------------------- /images/philosophy-page-diagrams-top.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/philosophy-page-diagrams-top.png -------------------------------------------------------------------------------- /images/service-catalog-architecture.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/service-catalog-architecture.jpg -------------------------------------------------------------------------------- /images/servicemesher-wechat-public.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/servicemesher-wechat-public.jpg -------------------------------------------------------------------------------- /images/services-userspace-overview.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/services-userspace-overview.jpg -------------------------------------------------------------------------------- /images/tools-to-supercharge-kubectl.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/tools-to-supercharge-kubectl.jpg -------------------------------------------------------------------------------- /images/weave-scope-service-topology.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/weave-scope-service-topology.jpg -------------------------------------------------------------------------------- /images/cloud-computing-evolution-road.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cloud-computing-evolution-road.jpg -------------------------------------------------------------------------------- /images/cloud-native-go-wechat-qr-code.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cloud-native-go-wechat-qr-code.jpg -------------------------------------------------------------------------------- /images/creating-kubernetes-native-app.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/creating-kubernetes-native-app.jpg -------------------------------------------------------------------------------- /images/dashboard-addon-installation001.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/dashboard-addon-installation001.png -------------------------------------------------------------------------------- /images/k8s-app-monitor-agent-wercker.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/k8s-app-monitor-agent-wercker.jpg -------------------------------------------------------------------------------- /images/k8s-app-monitor-istio-grafana.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/k8s-app-monitor-istio-grafana.png -------------------------------------------------------------------------------- /images/kubernetes-apversions-changes.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-apversions-changes.jpg -------------------------------------------------------------------------------- /images/kubernetes-heapster-monitoring.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-heapster-monitoring.png -------------------------------------------------------------------------------- /images/kubernetes-kubectl-cheatsheet.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-kubectl-cheatsheet.png -------------------------------------------------------------------------------- /images/philosophy-diagrams-for-site-02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/philosophy-diagrams-for-site-02.png -------------------------------------------------------------------------------- /images/philosophy-diagrams-for-site-03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/philosophy-diagrams-for-site-03.png -------------------------------------------------------------------------------- /images/philosophy-diagrams-for-site-04.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/philosophy-diagrams-for-site-04.png -------------------------------------------------------------------------------- /images/serverless-server-side-software.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/serverless-server-side-software.jpg -------------------------------------------------------------------------------- /images/spark-on-yarn-with-kubernetes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/spark-on-yarn-with-kubernetes.png -------------------------------------------------------------------------------- /images/0069RVTdgy1fu08liarftj31kw0spkeg.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fu08liarftj31kw0spkeg.jpg -------------------------------------------------------------------------------- /images/0069RVTdgy1fu08m7p22kj31kw1biq98.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fu08m7p22kj31kw1biq98.jpg -------------------------------------------------------------------------------- /images/0069RVTdgy1fv5df9lq1aj317o0o6wia.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fv5df9lq1aj317o0o6wia.jpg -------------------------------------------------------------------------------- /images/0069RVTdgy1fv5dm4a9ygj30w50czdi3.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fv5dm4a9ygj30w50czdi3.jpg -------------------------------------------------------------------------------- /images/0069RVTdgy1fv5doj8fuij31kw0ytn7h.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fv5doj8fuij31kw0ytn7h.jpg -------------------------------------------------------------------------------- /images/0069RVTdgy1fv5dq2bptdj31110begnl.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fv5dq2bptdj31110begnl.jpg -------------------------------------------------------------------------------- /images/0069RVTdgy1fv5mxr6fxtj31kw11q484.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fv5mxr6fxtj31kw11q484.jpg -------------------------------------------------------------------------------- /images/0069RVTdgy1fv5my2jtxzj315o0z8dkr.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fv5my2jtxzj315o0z8dkr.jpg -------------------------------------------------------------------------------- /images/0069RVTdgy1fv5myp6ednj31kw0w0u0x.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fv5myp6ednj31kw0w0u0x.jpg -------------------------------------------------------------------------------- /images/0069RVTdgy1fv5mzj8rj6j318g1ewtfc.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fv5mzj8rj6j318g1ewtfc.jpg -------------------------------------------------------------------------------- /images/0069RVTdgy1fv5mzywc83j31fk1i8qg4.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdgy1fv5mzywc83j31fk1i8qg4.jpg -------------------------------------------------------------------------------- /images/0069RVTdly1fuafvbnuc7j310a0oqdm9.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdly1fuafvbnuc7j310a0oqdm9.jpg -------------------------------------------------------------------------------- /images/0069RVTdly1fuaie8jan8j310a0kitem.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdly1fuaie8jan8j310a0kitem.jpg -------------------------------------------------------------------------------- /images/0069RVTdly1fuail4d24jj31080rkgr7.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdly1fuail4d24jj31080rkgr7.jpg -------------------------------------------------------------------------------- /images/0069RVTdly1fuam4ln45jj30yu0o6wkc.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdly1fuam4ln45jj30yu0o6wkc.jpg -------------------------------------------------------------------------------- /images/0069RVTdly1fuamvq97cuj30yu0wg7cr.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdly1fuamvq97cuj30yu0wg7cr.jpg -------------------------------------------------------------------------------- /images/0069RVTdly1fuanez4qbtj30v4183n7p.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdly1fuanez4qbtj30v4183n7p.jpg -------------------------------------------------------------------------------- /images/0069RVTdly1fv5hukl647j30k6145gnt.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0069RVTdly1fv5hukl647j30k6145gnt.jpg -------------------------------------------------------------------------------- /images/006tKfTcgy1ft5pe433f6j31kw0s3nnl.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tKfTcgy1ft5pe433f6j31kw0s3nnl.jpg -------------------------------------------------------------------------------- /images/006tKfTcgy1ft75ot24lzj31ec18479s.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tKfTcgy1ft75ot24lzj31ec18479s.jpg -------------------------------------------------------------------------------- /images/006tKfTcgy1ft75pq8rplj31kw19sn5q.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tKfTcgy1ft75pq8rplj31kw19sn5q.jpg -------------------------------------------------------------------------------- /images/006tKfTcly1ft3zgjlisxj30n70ffjth.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tKfTcly1ft3zgjlisxj30n70ffjth.jpg -------------------------------------------------------------------------------- /images/006tKfTcly1g1gbdpsdbgj303c03cwel.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tKfTcly1g1gbdpsdbgj303c03cwel.jpg -------------------------------------------------------------------------------- /images/006tKfTcly1g1gbjvx2ugj305k05mmx9.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tKfTcly1g1gbjvx2ugj305k05mmx9.jpg -------------------------------------------------------------------------------- /images/006tNbRwgy1fuyr4vizzwj31kw1biq98.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwgy1fuyr4vizzwj31kw1biq98.jpg -------------------------------------------------------------------------------- /images/006tNbRwgy1fvlwjd3302j31bo0ro0x5.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwgy1fvlwjd3302j31bo0ro0x5.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fubfiiryirj30w20ayjui.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fubfiiryirj30w20ayjui.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fubnx0q9bpj30vq0pq465.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fubnx0q9bpj30vq0pq465.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fubs6ts3sgj30vo0osdnj.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fubs6ts3sgj30vo0osdnj.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fubsk4v16hj30vo0bq75z.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fubsk4v16hj30vo0bq75z.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fubsxrph3dj30vq0duq53.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fubsxrph3dj30vq0duq53.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fubt5a97h7j30vq0bcq5p.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fubt5a97h7j30vq0bcq5p.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fubvi0dnhlj30vo0ekwhx.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fubvi0dnhlj30vo0ekwhx.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fubvr83wvgj30vq0mmdip.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fubvr83wvgj30vq0mmdip.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fucp8yralaj30vu0sijx8.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fucp8yralaj30vu0sijx8.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fucpano6gsj31kw1biq98.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fucpano6gsj31kw1biq98.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fucpc5fn8wj31kw0sfdnu.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fucpc5fn8wj31kw0sfdnu.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fucplat3l9j30vo0lw43l.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fucplat3l9j30vo0lw43l.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fwcgsn11fej311j0mjadw.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fwcgsn11fej311j0mjadw.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fwcl7v28rhj30xl0onadv.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fwcl7v28rhj30xl0onadv.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fwdlx22rv9j31ec184dlr.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fwdlx22rv9j31ec184dlr.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fwjg48fh7xj31kw0wedrg.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fwjg48fh7xj31kw0wedrg.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fwjkfbvfluj30y70hf0y9.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fwjkfbvfluj30y70hf0y9.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fwqi98i51ij30sc0j80zn.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fwqi98i51ij30sc0j80zn.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fwzreaalj6j30dz0dy3z3.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fwzreaalj6j30dz0dy3z3.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fwztvhg0gmj318z143tdv.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fwztvhg0gmj318z143tdv.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fx0ie2kb90j31kw0ynha3.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fx0ie2kb90j31kw0ynha3.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fxmx633ymqj31dp0u0kjn.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fxmx633ymqj31dp0u0kjn.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fyitp0jsghj31o70u0x6p.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fyitp0jsghj31o70u0x6p.jpg -------------------------------------------------------------------------------- /images/006tNbRwly1fyl39icd27j31c70u04gc.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNbRwly1fyl39icd27j31c70u04gc.jpg -------------------------------------------------------------------------------- /images/006tNc79gy1ftwe77v4u5j31kw0ziwtw.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79gy1ftwe77v4u5j31kw0ziwtw.jpg -------------------------------------------------------------------------------- /images/006tNc79gy1ftweryj0zrj31kw0zix6q.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79gy1ftweryj0zrj31kw0zix6q.jpg -------------------------------------------------------------------------------- /images/006tNc79gy1ftwesjg1e2j31kw0s8woq.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79gy1ftwesjg1e2j31kw0s8woq.jpg -------------------------------------------------------------------------------- /images/006tNc79gy1ftwhtmzhfej31kw0ziww1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79gy1ftwhtmzhfej31kw0ziww1.jpg -------------------------------------------------------------------------------- /images/006tNc79gy1ftwhvtu1vxj31kw0zitvc.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79gy1ftwhvtu1vxj31kw0zitvc.jpg -------------------------------------------------------------------------------- /images/006tNc79gy1ftwiolw1tyj31kw0zib29.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79gy1ftwiolw1tyj31kw0zib29.jpg -------------------------------------------------------------------------------- /images/006tNc79gy1ftwjyxiw1pj31kw0zi4qp.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79gy1ftwjyxiw1pj31kw0zi4qp.jpg -------------------------------------------------------------------------------- /images/006tNc79gy1fz65bt7ieej30c90bsgn2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79gy1fz65bt7ieej30c90bsgn2.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1fzm9vs4o3aj31s00u0x6p.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1fzm9vs4o3aj31s00u0x6p.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1fzmnolp5ghj30z90u0gwf.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1fzmnolp5ghj30z90u0gwf.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1fzna87wmfij30u00zc4qp.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1fzna87wmfij30u00zc4qp.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1fznadbp63qj31jt0beq9s.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1fznadbp63qj31jt0beq9s.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1fznbh3vfbwj310f0jxgxj.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1fznbh3vfbwj310f0jxgxj.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1fzne6y4f2ej31q60fedho.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1fzne6y4f2ej31q60fedho.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1fznegoocmvj31y00hmgon.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1fznegoocmvj31y00hmgon.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1fzniqvmi51j31gq0s0q5u.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1fzniqvmi51j31gq0s0q5u.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1fzor2k6f7wj313j0u0dl3.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1fzor2k6f7wj313j0u0dl3.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1g04s0oznytj31tg0ok7ca.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1g04s0oznytj31tg0ok7ca.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1g04tl97vm4j318v0h7dpt.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1g04tl97vm4j318v0h7dpt.jpg -------------------------------------------------------------------------------- /images/006tNc79ly1g1yz80ag98j31cs0n2gr7.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006tNc79ly1g1yz80ag98j31cs0n2gr7.jpg -------------------------------------------------------------------------------- /images/006y8mN6ly1g7ldey3l7gj31ti0mwta9.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006y8mN6ly1g7ldey3l7gj31ti0mwta9.jpg -------------------------------------------------------------------------------- /images/006y8mN6ly1g7ldhm7bxyj31040u0q5n.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/006y8mN6ly1g7ldhm7bxyj31040u0q5n.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr4z08j6oj31p20w2n6n.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr4z08j6oj31p20w2n6n.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr52hl4eaj31qy15en74.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr52hl4eaj31qy15en74.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr53j3aiuj32fs1dc7wi.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr53j3aiuj32fs1dc7wi.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr54de5oyj31qw14qn2x.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr54de5oyj31qw14qn2x.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr54ztql2j329q0zwwlf.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr54ztql2j329q0zwwlf.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr56m7z2sj31y010y17y.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr56m7z2sj31y010y17y.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr57nm2mnj31xk11qqej.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr57nm2mnj31xk11qqej.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr58ebf2lj323o11219r.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr58ebf2lj323o11219r.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr59gzzwsj32gg16k4qp.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr59gzzwsj32gg16k4qp.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr5arzvetj31no12mdre.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr5arzvetj31no12mdre.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr5bulhuhj329m10iwua.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr5bulhuhj329m10iwua.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr5c8bwmtj31ou152qc3.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr5c8bwmtj31ou152qc3.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr5dsurx6j320i140tpf.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr5dsurx6j320i140tpf.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr5exqm7kj320u18mh2t.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr5exqm7kj320u18mh2t.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr5fxzoltj32f81akqr2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr5fxzoltj32f81akqr2.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1frr5gloob0j31vi18017p.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1frr5gloob0j31vi18017p.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsaxszh01vj30da0j2jvn.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsaxszh01vj30da0j2jvn.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsayashxz3j31c00w6aed.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsayashxz3j31c00w6aed.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsayfzk3ezj31bu0tkdky.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsayfzk3ezj31bu0tkdky.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsayrk6vppj31bu0w0gsd.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsayrk6vppj31bu0w0gsd.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsaytbabxgj31c00w2n4r.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsaytbabxgj31c00w2n4r.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsaz2wirz9j31bs0vygsb.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsaz2wirz9j31bs0vygsb.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsaz3yo227j31c60mgdim.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsaz3yo227j31c60mgdim.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsaz50k2atj31bs0mitbn.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsaz50k2atj31bs0mitbn.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsaz5n5qs9j31by0motbm.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsaz5n5qs9j31by0motbm.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsazabn0b9j31by0w6791.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsazabn0b9j31by0w6791.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsazcclee6j31c20w6n5y.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsazcclee6j31c20w6n5y.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fshft5oxlwj318g0pe0wp.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fshft5oxlwj318g0pe0wp.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fshg0vw25ij318g0jzqjq.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fshg0vw25ij318g0jzqjq.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fshi61t04oj310q17c0y1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fshi61t04oj310q17c0y1.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fshi98duzgj318g0l2406.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fshi98duzgj318g0l2406.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fshibdwcj3j318g0p8th1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fshibdwcj3j318g0p8th1.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fshicc7or1j318g0p8ahr.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fshicc7or1j318g0p8ahr.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fshie7wxkyj30ks0f4myd.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fshie7wxkyj30ks0f4myd.jpg -------------------------------------------------------------------------------- /images/00704eQkgy1fsm4v0a6qwj30xc0m8t9d.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/00704eQkgy1fsm4v0a6qwj30xc0m8t9d.jpg -------------------------------------------------------------------------------- /images/0081Kckwly1gm0d6qx2o0j30sq0v440v.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0081Kckwly1gm0d6qx2o0j30sq0v440v.jpg -------------------------------------------------------------------------------- /images/0081Kckwly1gm0d6rogojj30u00yhdil.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0081Kckwly1gm0d6rogojj30u00yhdil.jpg -------------------------------------------------------------------------------- /images/0081Kckwly1gm0d6sgfpxj30oi0rsjt5.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0081Kckwly1gm0d6sgfpxj30oi0rsjt5.jpg -------------------------------------------------------------------------------- /images/0081Kckwly1gm0d6t775lj31s80k8go8.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/0081Kckwly1gm0d6t775lj31s80k8go8.jpg -------------------------------------------------------------------------------- /images/008eGmZEly1gmhqzaxsy1j31dz0u0acn.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/008eGmZEly1gmhqzaxsy1j31dz0u0acn.jpg -------------------------------------------------------------------------------- /images/008eGmZEly1gmhrip3dc2j315q0u01e0.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/008eGmZEly1gmhrip3dc2j315q0u01e0.jpg -------------------------------------------------------------------------------- /images/008eGmZEly1gmhrl3860hj31ob0u0wn4.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/008eGmZEly1gmhrl3860hj31ob0u0wn4.jpg -------------------------------------------------------------------------------- /images/apple-touch-icon-precomposed-152.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/apple-touch-icon-precomposed-152.png -------------------------------------------------------------------------------- /images/how-to-use-kubernetes-with-istio.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/how-to-use-kubernetes-with-istio.jpg -------------------------------------------------------------------------------- /images/istio-tutorial-zipkin-dependency.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-tutorial-zipkin-dependency.png -------------------------------------------------------------------------------- /images/kubernetes-container-naming-rule.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-container-naming-rule.jpg -------------------------------------------------------------------------------- /images/kubernetes-dashboard-1.7.1-brand.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-dashboard-1.7.1-brand.jpg -------------------------------------------------------------------------------- /images/kubernetes-dashboard-1.7.1-login.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-dashboard-1.7.1-login.jpg -------------------------------------------------------------------------------- /images/kubernetes-edge-node-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-edge-node-architecture.png -------------------------------------------------------------------------------- /images/kubernetes-prometheus-monitoring.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-prometheus-monitoring.jpg -------------------------------------------------------------------------------- /images/migrating-monolith-to-kubernetes.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/migrating-monolith-to-kubernetes.jpg -------------------------------------------------------------------------------- /images/philosophy-principle-diagrams-01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/philosophy-principle-diagrams-01.png -------------------------------------------------------------------------------- /images/philosophy-principle-diagrams-02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/philosophy-principle-diagrams-02.png -------------------------------------------------------------------------------- /images/spark-job-on-kubernetes-example-1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/spark-job-on-kubernetes-example-1.jpg -------------------------------------------------------------------------------- /images/spark-job-on-kubernetes-example-2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/spark-job-on-kubernetes-example-2.jpg -------------------------------------------------------------------------------- /scripts/build-gitbook.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | gitbook install 3 | gitbook build 4 | cp images/apple-touch-icon-precomposed-152.png _book/gitbook/images 5 | -------------------------------------------------------------------------------- /concepts/cluster.md: -------------------------------------------------------------------------------- 1 | # 集群信息 2 | 3 | 为了管理异构和不同配置的主机,为了便于 Pod 的运维管理,Kubernetes 中提供了很多集群管理的配置和管理功能,通过 namespace 划分的空间,通过为 node 节点创建label和 taint 用于 pod 的调度等。 4 | -------------------------------------------------------------------------------- /images/cabin-kubernetes-mobile-dashboard-1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cabin-kubernetes-mobile-dashboard-1.jpg -------------------------------------------------------------------------------- /images/cabin-kubernetes-mobile-dashboard-4.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cabin-kubernetes-mobile-dashboard-4.jpg -------------------------------------------------------------------------------- /images/cloud-native-architecutre-mindnode.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/cloud-native-architecutre-mindnode.jpg -------------------------------------------------------------------------------- /images/istio-tutorial-serivcegraph-dotviz.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-tutorial-serivcegraph-dotviz.png -------------------------------------------------------------------------------- /images/kubernetes-client-go-sample-update.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-client-go-sample-update.jpg -------------------------------------------------------------------------------- /images/kubernetes-dashboard-with-heapster.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-dashboard-with-heapster.jpg -------------------------------------------------------------------------------- /images/kubernetes-devops-example-grafana-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-devops-example-grafana-1.png -------------------------------------------------------------------------------- /images/kubernetes-devops-example-grafana-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-devops-example-grafana-2.png -------------------------------------------------------------------------------- /images/kubernetes-devops-example-grafana-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-devops-example-grafana-3.png -------------------------------------------------------------------------------- /images/kubernetes-installation-test-nginx.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-installation-test-nginx.png -------------------------------------------------------------------------------- /images/migrating-hadoop-yarn-to-kubernetes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/migrating-hadoop-yarn-to-kubernetes.png -------------------------------------------------------------------------------- /images/polyglot-microservices-serivce-mesh.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/polyglot-microservices-serivce-mesh.png -------------------------------------------------------------------------------- /images/service-discovery-in-microservices.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/service-discovery-in-microservices.png -------------------------------------------------------------------------------- /images/terms-in-kubernetes-app-deployment.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/terms-in-kubernetes-app-deployment.png -------------------------------------------------------------------------------- /images/istio-deployment-architecture-diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/istio-deployment-architecture-diagram.png -------------------------------------------------------------------------------- /images/zero-downtime-kubernetes-upgrade-tips.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/zero-downtime-kubernetes-upgrade-tips.jpg -------------------------------------------------------------------------------- /manifests/test/rolling-update-test/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.5 2 | MAINTAINER Jimmy Song 3 | ADD hellov2 / 4 | ENTRYPOINT ["/hellov2"] 5 | -------------------------------------------------------------------------------- /images/k8s-app-monitor-istio-servicegraph-dotviz.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/k8s-app-monitor-istio-servicegraph-dotviz.png -------------------------------------------------------------------------------- /images/kubernetes-dashboard-1.7.1-default-page.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-dashboard-1.7.1-default-page.jpg -------------------------------------------------------------------------------- /images/accessing-kubernetes-services-with-dns-name.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/accessing-kubernetes-services-with-dns-name.png -------------------------------------------------------------------------------- /images/kubernetes-high-level-component-archtecture.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/kubernetes-high-level-component-archtecture.jpg -------------------------------------------------------------------------------- /images/spark-on-kubernetes-with-different-schedulers.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/spark-on-kubernetes-with-different-schedulers.jpg -------------------------------------------------------------------------------- /manifests/spark-standalone/namespace-spark-cluster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: "spark-cluster" 5 | labels: 6 | name: "spark-cluster" 7 | -------------------------------------------------------------------------------- /images/1536291419546-2aa160de-69cd-497f-a280-fae20a1f87a3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/1536291419546-2aa160de-69cd-497f-a280-fae20a1f87a3.png -------------------------------------------------------------------------------- /images/building-cloud-native-architecture-with-kubernetes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/building-cloud-native-architecture-with-kubernetes.png -------------------------------------------------------------------------------- /images/envoy-sidecar-traffic-interception-jimmysong-blog.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/devops/kubernetes-handbook/master/images/envoy-sidecar-traffic-interception-jimmysong-blog.png -------------------------------------------------------------------------------- /.mergify.yml: -------------------------------------------------------------------------------- 1 | pull_request_rules: 2 | - name: Automatic merge on approval 3 | conditions: 4 | - "#approved-reviews-by>=1" 5 | actions: 6 | merge: 7 | method: squash 8 | -------------------------------------------------------------------------------- /etc/kubernetes/scheduler: -------------------------------------------------------------------------------- 1 | ### 2 | # kubernetes scheduler config 3 | 4 | # default config should be adequate 5 | 6 | # Add your own! 7 | KUBE_SCHEDULER_ARGS="--leader-elect=true --address=127.0.0.1" 8 | -------------------------------------------------------------------------------- /ISSUE_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | ## 环境 2 | 3 | **版本和配置信息** 4 | 5 | - kubernetes版本: 6 | - docker版本: 7 | - 网络插件: 8 | - 存储类型: 9 | 10 | ## 操作 11 | 12 | **导致该问题的操作或现象** 13 | 14 | ## 日志 15 | 16 | **日志或报错信息** 17 | -------------------------------------------------------------------------------- /appendix/kubernetes-1.18-changelog.md: -------------------------------------------------------------------------------- 1 | # Kubernetes 1.18 更新日志 2 | 3 | ## 参考 4 | 5 | * [Kubernetes 1.18: Fit & Finish](https://kubernetes.io/blog/2020/03/25/kubernetes-1-18-release-announcement/) 6 | 7 | -------------------------------------------------------------------------------- /guide/index.md: -------------------------------------------------------------------------------- 1 | # 用户指南 2 | 3 | 该章节主要记录kubernetes使用过程中的一些配置技巧和操作。 4 | 5 | - [配置Pod的liveness和readiness探针](configure-liveness-readiness-probes.md) 6 | - [管理集群中的TLS](managing-tls-in-a-cluster.md) 7 | 8 | 9 | -------------------------------------------------------------------------------- /manifests/prometheus/prometheus-datasource.json: -------------------------------------------------------------------------------- 1 | "name": "prometheus", 2 | "type": "prometheus", 3 | "url": "http://prometheus:9090", 4 | "access": "proxy", 5 | "basicAuth": false 6 | } 7 | -------------------------------------------------------------------------------- /practice/nfs.md: -------------------------------------------------------------------------------- 1 | # NFS(Network File System)网络文件系统 2 | 3 | NFS(Network File System)即网络文件系统,是FreeBSD支持的文件系统中的一种,它允许网络中的计算机之间通过TCP/IP网络共享资源。在NFS的应用中,本地NFS的客户端应用可以透明地读写位于远端NFS服务器上的文件,就像访问本地文件一样。在Linux系统中,NFS也作为一种简单的网络共享文件系统而存在。 4 | -------------------------------------------------------------------------------- /appendix/kubernetes-1.19-changelog.md: -------------------------------------------------------------------------------- 1 | # Kubernetes 1.19 更新日志 2 | 3 | ## 参考 4 | 5 | * [Kubernetes 1.19: Accentuate the Paw-sitive](https://kubernetes.io/blog/2020/08/26/kubernetes-release-1.19-accentuate-the-paw-sitive/) 6 | 7 | -------------------------------------------------------------------------------- /manifests/mariadb-cluster/ceph-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: ceph-secret 5 | namespace: galera 6 | type: "kubernetes.io/rbd" 7 | data: 8 | key: AQCX06hZ9LnSBxAAYuoIT/ewbTRhKpTHOZLoRQ== 9 | -------------------------------------------------------------------------------- /practice/controller-extended.md: -------------------------------------------------------------------------------- 1 | # 扩展控制器 2 | 3 | Kubernetes 原生提供了 Deployment、StatefulSet、DaemonSet、Job、CronJob 等一系列控制器,这些控制器组成了云原生应用的基本原语,但是在 Kubernetes 的实际生产使用过程中,往往很难直接满足要求,因此又诞生了很多第三方的扩展控制器。本节将为大家介绍系列第三方扩展控制器,这些控制器融合了 Kubernetes 生产使用中的最佳实践。 -------------------------------------------------------------------------------- /practice/glusterfs.md: -------------------------------------------------------------------------------- 1 | # GlusterFS 2 | 3 | GlusterFS是Scale-Out存储解决方案Gluster的核心,它是一个开源的分布式文件系统,具有强大的横向扩展能力,通过扩展能够支持数PB存储容量和处理数千客户端。GlusterFS借助TCP/IP或InfiniBand RDMA网络将物理分布的存储资源聚集在一起,使用单一全局命名空间来管理数据。GlusterFS基于可堆叠的用户空间设计,可为各种不同的数据负载提供优异的性能。 4 | -------------------------------------------------------------------------------- /practice/operation.md: -------------------------------------------------------------------------------- 1 | # 运维管理 2 | 3 | 将集群部署到生产环境后就不得不考虑运维管理问题。运维管理问题主要包括如下几个方面: 4 | 5 | - **监控**:包括 kubernetes 本身组件和 Pod、应用的监控 6 | - **日志收集**:包括 kubernetes 本身组件的日志,应用的日志 7 | - **审计**:用户对集群操作的审计 8 | - **安全**:用户权限的管理和镜像漏洞扫描 9 | 10 | -------------------------------------------------------------------------------- /manifests/glusterfs/glusterfs-pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: glusterfs-nginx 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 8Gi 11 | -------------------------------------------------------------------------------- /manifests/kubedns/kubedns-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: kube-dns 5 | namespace: kube-system 6 | labels: 7 | kubernetes.io/cluster-service: "true" 8 | addonmanager.kubernetes.io/mode: Reconcile 9 | -------------------------------------------------------------------------------- /manifests/test/nginx-pod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nginx 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: harbor-001.jimmysong.io/library/nginx:1.9 9 | ports: 10 | - containerPort: 80 11 | -------------------------------------------------------------------------------- /manifests/glusterfs/glusterfs-service.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Service", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "glusterfs-cluster" 6 | }, 7 | "spec": { 8 | "ports": [ 9 | {"port": 1990} 10 | ] 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /manifests/oam/containerized-workload/sample_trait_definition.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: core.oam.dev/v1alpha2 2 | kind: TraitDefinition 3 | metadata: 4 | name: manualscalertraits.core.oam.dev 5 | spec: 6 | definitionRef: 7 | name: manualscalertraits.core.oam.dev -------------------------------------------------------------------------------- /etc/kubernetes/proxy: -------------------------------------------------------------------------------- 1 | ### 2 | # kubernetes proxy config 3 | 4 | # default config should be adequate 5 | 6 | # Add your own! 7 | KUBE_PROXY_ARGS="--bind-address=172.20.0.113 --hostname-override=172.20.0.113 --kubeconfig=/etc/kubernetes/kube-proxy.kubeconfig --cluster-cidr=10.254.0.0/16" 8 | -------------------------------------------------------------------------------- /guide/access-kubernetes-cluster.md: -------------------------------------------------------------------------------- 1 | # 访问 Kubernetes 集群 2 | 3 | 根据用户部署和暴露服务的方式不同,有很多种方式可以用来访问 kubernetes 集群。 4 | 5 | - 最简单也是最直接的方式是使用 `kubectl` 命令。 6 | - 其次可以使用 `kubeconfig` 文件来认证授权访问 API server。 7 | - 通过各种 proxy 经过端口转发访问 kubernetes 集群中的服务 8 | - 使用 Ingress,在集群外访问 kubernetes 集群内的 service 9 | -------------------------------------------------------------------------------- /tools/etcd/get-kubernetes-keys-from-etcd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Get kubernetes keys from etcd 3 | export ETCDCTL_API=3 4 | keys=`etcdctl get /registry --prefix -w json|python -m json.tool|grep key|cut -d ":" -f2|tr -d '"'|tr -d ","` 5 | for x in $keys;do 6 | echo $x|base64 -d|sort 7 | done 8 | -------------------------------------------------------------------------------- /manifests/spark-standalone/zeppelin-service.yaml: -------------------------------------------------------------------------------- 1 | kind: Service 2 | apiVersion: v1 3 | metadata: 4 | name: zeppelin 5 | namespace: spark-cluster 6 | spec: 7 | ports: 8 | - port: 80 9 | targetPort: 8080 10 | selector: 11 | component: zeppelin 12 | type: ClusterIP 13 | -------------------------------------------------------------------------------- /manifests/prometheus/prometheus-monitoring-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: prometheus-k8s 5 | namespace: monitoring 6 | --- 7 | apiVersion: v1 8 | kind: ServiceAccount 9 | metadata: 10 | name: kube-state-metrics 11 | namespace: monitoring 12 | -------------------------------------------------------------------------------- /concepts/pod-state-and-lifecycle.md: -------------------------------------------------------------------------------- 1 | # Pod状态与生命周期管理 2 | 3 | 该节将带领大家了解Kubernetes中的基本概念,尤其是作为Kubernetes中调度的最基本单位Pod。 4 | 5 | 本节中包括以下内容: 6 | 7 | - 了解Pod的构成 8 | - Pod的生命周期 9 | - Pod中容器的启动顺序模板定义 10 | 11 | Kubernetes中的基本组件`kube-controller-manager`就是用来控制Pod的状态和生命周期的,在了解各种controller之前我们有必要先了解下Pod本身和其生命周期。 12 | -------------------------------------------------------------------------------- /manifests/spark-standalone/spark-ui-proxy-service.yaml: -------------------------------------------------------------------------------- 1 | kind: Service 2 | apiVersion: v1 3 | metadata: 4 | name: spark-ui-proxy 5 | namespace: spark-cluster 6 | spec: 7 | ports: 8 | - port: 80 9 | targetPort: 80 10 | selector: 11 | component: spark-ui-proxy 12 | type: ClusterIP 13 | -------------------------------------------------------------------------------- /practice/cephfs.md: -------------------------------------------------------------------------------- 1 | # CephFS 2 | 3 | Cephfs 是一个基于 ceph 集群且兼容POSIX标准的文件系统。创建 cephfs 文件系统时需要在 ceph 集群中添加 mds 服务,该服务负责处理 POSIX 文件系统中的 metadata 部分,实际的数据部分交由 ceph 集群中的 OSDs 处理。cephfs 支持以内核模块方式加载也支持 fuse 方式加载。无论是内核模式还是 fuse 模式,都是通过调用 libcephfs 库来实现 cephfs 文件系统的加载,而 libcephfs 库又调用 librados 库与 ceph 集群进行通信,从而实现 cephfs 的加载。 4 | -------------------------------------------------------------------------------- /manifests/spark-with-kubernetes-native-scheduler/spark-limit-range.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: LimitRange 3 | metadata: 4 | name: mem-limit-range 5 | spec: 6 | limits: 7 | - default: 8 | memory: 50Gi 9 | cpu: 5 10 | defaultRequest: 11 | memory: 1Gi 12 | cpu: 1 13 | type: Container 14 | -------------------------------------------------------------------------------- /manifests/glusterfs/glusterfs-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: gluster-dev-volume 5 | spec: 6 | capacity: 7 | storage: 8Gi 8 | accessModes: 9 | - ReadWriteMany 10 | glusterfs: 11 | endpoints: "glusterfs-cluster" 12 | path: "k8s-volume" 13 | readOnly: false 14 | -------------------------------------------------------------------------------- /manifests/mariadb-cluster/mysql-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: mysql-secrets 5 | namespace: galera 6 | labels: 7 | app: mysql 8 | data: 9 | # Root password: changeit run echo -n jimmysong|base64 10 | root-password: amltbXlzb25n 11 | # Root user: root 12 | root-user: cm9vdA== 13 | -------------------------------------------------------------------------------- /tools/wordcount/wordcount.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Count Chinese characters 3 | total=0 4 | basedir="../../" 5 | for x in `cd $basedir;fd -e md` 6 | do 7 | i=`cnwordcount -f $basedir/$x|cut -d " " -f2` 8 | total=$(($total+$i)) 9 | if [ $i -ne 0 ]; then 10 | echo "$x $i" 11 | fi 12 | done 13 | echo "Total $total" 14 | -------------------------------------------------------------------------------- /tools/wordcount/README.md: -------------------------------------------------------------------------------- 1 | # 全书字数统计 2 | 3 | ## 使用说明 4 | 5 | 首先需要安装`cnworcount`,见:https://github.com/rootsongjc/cnwordcount 6 | 7 | 在该目录下执行: 8 | 9 | ```bash 10 | ./wordcount 11 | ... 12 | usecases/service-mesh.md 1306 13 | usecases/spark-standalone-on-kubernetes.md 285 14 | usecases/understanding-serverless.md 3481 15 | Total 136674 16 | ``` -------------------------------------------------------------------------------- /manifests/test/job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: pi 5 | spec: 6 | template: 7 | metadata: 8 | name: pi 9 | spec: 10 | containers: 11 | - name: pi 12 | image: perl 13 | command: ["perl", "-Mbignum=bpi", "-wle", "print bpi(2000)"] 14 | restartPolicy: Never 15 | -------------------------------------------------------------------------------- /manifests/spark-with-kubernetes-native-scheduler/spark-compute-resources.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ResourceQuota 3 | metadata: 4 | name: compute-resources 5 | namespace: spark-cluster 6 | spec: 7 | hard: 8 | pods: "20" 9 | requests.cpu: "20" 10 | requests.memory: 100Gi 11 | limits.cpu: "40" 12 | limits.memory: 200Gi 13 | -------------------------------------------------------------------------------- /guide/application-development-deployment-flow.md: -------------------------------------------------------------------------------- 1 | # 在 Kubernetes 中开发部署应用 2 | 3 | 理论上只要可以使用主机名做服务注册的应用都可以迁移到 kubernetes 集群上。看到这里你可能不禁要问,为什么使用 IP 地址做服务注册发现的应用不适合迁移到 kubernetes 集群?因为这样的应用不适合自动故障恢复,因为目前 kubernetes 中不支持固定 Pod 的 IP 地址,当 Pod 故障后自动转移到其他 Node 的时候该 Pod 的 IP 地址也随之变化。 4 | 5 | 将传统应用迁移到 kubernetes 中可能还有很长的路要走,但是直接开发 Cloud native 应用,kubernetes 就是最佳运行时环境了。 6 | -------------------------------------------------------------------------------- /manifests/charts/mean/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - condition: "" 3 | enabled: false 4 | import-values: null 5 | name: mongodb 6 | repository: http://localhost:8879/ 7 | tags: null 8 | version: 0.4.17 9 | digest: sha256:955f80c2844df5fb24c06440898df8d3b2143d7081ac11409d8604720e47b814 10 | generated: 2017-10-24T11:45:19.054114+08:00 11 | -------------------------------------------------------------------------------- /manifests/rook/rook-agent-clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | kind: ClusterRoleBinding 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | metadata: 4 | name: rookagent-clusterrolebinding 5 | subjects: 6 | - kind: ServiceAccount 7 | name: rook-agent 8 | namespace: rook-system 9 | roleRef: 10 | kind: ClusterRole 11 | name: cluster-admin 12 | apiGroup: "" 13 | -------------------------------------------------------------------------------- /manifests/spark-standalone/spark-master-service.yaml: -------------------------------------------------------------------------------- 1 | kind: Service 2 | apiVersion: v1 3 | metadata: 4 | name: spark-master 5 | namespace: spark-cluster 6 | spec: 7 | ports: 8 | - port: 7077 9 | targetPort: 7077 10 | name: spark 11 | - port: 8080 12 | targetPort: 8080 13 | name: http 14 | selector: 15 | component: spark-master 16 | -------------------------------------------------------------------------------- /practice/services-management-tool.md: -------------------------------------------------------------------------------- 1 | # 服务编排管理 2 | 3 | Kubernetes虽然提供了多种容器编排对象,例如Deployment、StatefulSet、DeamonSet、Job等,还有多种基础资源封装例如ConfigMap、Secret、Serivce等,但是一个应用往往有多个服务,有的可能还要依赖持久化存储,当这些服务之间直接互相依赖,需要有一定的组合的情况下,使用YAML文件的方式配置应用往往十分繁琐还容易出错,这时候就需要服务编排工具。 4 | 5 | 服务编排管理工具就是构建在kubernetes的基础[object](../concepts/objects.md)之上,统筹各个服务之间的关系和依赖的。目前常用到的工具是 [Helm](https://github.com/helm/helm)。 6 | -------------------------------------------------------------------------------- /manifests/nginx-ingress/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "fullname" . }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /manifests/spark-with-kubernetes-native-scheduler/spark-object-counts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ResourceQuota 3 | metadata: 4 | name: object-counts 5 | namespace: spark-cluster 6 | spec: 7 | hard: 8 | configmaps: "10" 9 | persistentvolumeclaims: "4" 10 | replicationcontrollers: "20" 11 | secrets: "10" 12 | services: "10" 13 | services.loadbalancers: "2" 14 | -------------------------------------------------------------------------------- /manifests/oam/containerized-workload/sample_workload_definition.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: core.oam.dev/v1alpha2 2 | kind: WorkloadDefinition 3 | metadata: 4 | name: containerizedworkloads.core.oam.dev 5 | spec: 6 | definitionRef: 7 | name: containerizedworkloads.core.oam.dev 8 | childResourceKinds: 9 | - apiVersion: apps/v1 10 | kind: Deployment 11 | - apiVersion: v1 12 | kind: Service -------------------------------------------------------------------------------- /manifests/glusterfs/glusterfs-endpoints.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Endpoints", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "glusterfs-cluster" 6 | }, 7 | "subsets": [ 8 | { 9 | "addresses": [ 10 | { 11 | "ip": "172.20.0.113" 12 | } 13 | ], 14 | "ports": [ 15 | { 16 | "port": 1990 17 | } 18 | ] 19 | } 20 | ] 21 | } 22 | -------------------------------------------------------------------------------- /concepts/open-interfaces.md: -------------------------------------------------------------------------------- 1 | # 开放接口 2 | 3 | Kubernetes作为云原生应用的基础调度平台,相当于云原生的操作系统,为了便于系统的扩展,Kubernetes中开放的以下接口,可以分别对接不同的后端,来实现自己的业务逻辑: 4 | 5 | - **CRI(Container Runtime Interface)**:容器运行时接口,提供计算资源 6 | - **CNI(Container Network Interface)**:容器网络接口,提供网络资源 7 | - **CSI(Container Storage Interface**):容器存储接口,提供存储资源 8 | 9 | 以上三种资源相当于一个分布式操作系统的最基础的几种资源类型,而Kuberentes是将他们粘合在一起的纽带。 10 | 11 | ![开放接口](../images/open-interfaces.jpg) 12 | -------------------------------------------------------------------------------- /manifests/mariadb-cluster/ceph-class.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.k8s.io/v1 2 | kind: StorageClass 3 | metadata: 4 | name: ceph-web 5 | provisioner: kubernetes.io/rbd 6 | parameters: 7 | monitors: 172.28.7.98,172.28.7.99,172.28.7.100 8 | adminId: admin 9 | adminSecretName: ceph-secret 10 | adminSecretNamespace: galera 11 | pool: rbd #此处默认是rbd池,生产上建议自己创建存储池隔离 12 | userId: admin 13 | userSecretName: ceph-secret 14 | -------------------------------------------------------------------------------- /concepts/multicluster.md: -------------------------------------------------------------------------------- 1 | # 多集群管理 2 | 3 | 组织需要部署多个 Kubernetes 集群来为不同的业务提供隔离,增强可用性和可扩展性。 4 | 5 | ## 什么是多集群? 6 | 7 | 多集群是一种在多个Kubernetes集群上或跨集群部署应用的策略,目的是提高可用性、隔离性和可扩展性。多集群对于确保遵守不同的和相互冲突的法规非常重要,因为单个集群可以进行调整,以遵守特定地域或认证的法规。软件交付的速度和安全性也可以提高,单个开发团队将应用程序部署到隔离的集群中,并有选择地暴露哪些服务可用于测试和发布。 8 | 9 | ## 参考 10 | 11 | - [Multicluster Special Interest Group](https://github.com/kubernetes/community/blob/master/sig-multicluster/README.md) 12 | 13 | -------------------------------------------------------------------------------- /manifests/linkerd/hello-world-ingress.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: hello-world 5 | annotations: 6 | kubernetes.io/ingress.class: "linkerd" 7 | spec: 8 | backend: 9 | serviceName: world-v1 10 | servicePort: http 11 | rules: 12 | - host: world.v2 13 | http: 14 | paths: 15 | - backend: 16 | serviceName: world-v2 17 | servicePort: http 18 | -------------------------------------------------------------------------------- /.github/workflows/main.yml: -------------------------------------------------------------------------------- 1 | name: build-and-deploy 2 | on: push 3 | jobs: 4 | deploy: 5 | runs-on: ubuntu-18.04 6 | steps: 7 | - name: Git checkout 8 | uses: actions/checkout@v2 9 | - name: Build 10 | run: make build 11 | - name: Deploy 12 | uses: peaceiris/actions-gh-pages@v3 13 | with: 14 | deploy_key: ${{ secrets.ACTIONS_DEPLOY_KEY }} 15 | publish_dir: ./_book 16 | -------------------------------------------------------------------------------- /manifests/dashboard/dashboard-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: kubernetes-dashboard 5 | namespace: kube-system 6 | labels: 7 | k8s-app: kubernetes-dashboard 8 | kubernetes.io/cluster-service: "true" 9 | addonmanager.kubernetes.io/mode: Reconcile 10 | spec: 11 | type: NodePort 12 | selector: 13 | k8s-app: kubernetes-dashboard 14 | ports: 15 | - port: 80 16 | targetPort: 9090 17 | -------------------------------------------------------------------------------- /manifests/test/rolling-update-test/Makefile: -------------------------------------------------------------------------------- 1 | all: build push clean 2 | .PHONY: build push clean 3 | 4 | TAG = v2 5 | 6 | # Build for linux amd64 7 | build: 8 | GOOS=linux GOARCH=amd64 go build -o hello${TAG} main.go 9 | docker build -t harbor-001.jimmysong.io/library/hello:${TAG} . 10 | 11 | # Push to tenxcloud 12 | push: 13 | docker push harbor-001.jimmysong.io/library/hello:${TAG} 14 | 15 | # Clean 16 | clean: 17 | rm -f hello${TAG} 18 | -------------------------------------------------------------------------------- /manifests/EFK/kibana-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: kibana-logging 5 | namespace: kube-system 6 | labels: 7 | k8s-app: kibana-logging 8 | kubernetes.io/cluster-service: "true" 9 | addonmanager.kubernetes.io/mode: Reconcile 10 | kubernetes.io/name: "Kibana" 11 | spec: 12 | ports: 13 | - port: 5601 14 | protocol: TCP 15 | targetPort: ui 16 | selector: 17 | k8s-app: kibana-logging 18 | -------------------------------------------------------------------------------- /manifests/EFK/efk-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: efk 5 | namespace: kube-system 6 | 7 | --- 8 | 9 | kind: ClusterRoleBinding 10 | apiVersion: rbac.authorization.k8s.io/v1beta1 11 | metadata: 12 | name: efk 13 | subjects: 14 | - kind: ServiceAccount 15 | name: efk 16 | namespace: kube-system 17 | roleRef: 18 | kind: ClusterRole 19 | name: cluster-admin 20 | apiGroup: rbac.authorization.k8s.io 21 | -------------------------------------------------------------------------------- /manifests/charts/mychart/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /manifests/rook/rook-cluster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: rook 5 | --- 6 | apiVersion: rook.io/v1alpha1 7 | kind: Cluster 8 | metadata: 9 | name: rook 10 | namespace: rook 11 | spec: 12 | versionTag: v0.6.2 13 | dataDirHostPath: /var/lib/rook 14 | storage: 15 | useAllNodes: true 16 | useAllDevices: false 17 | storeConfig: 18 | storeType: bluestore 19 | databaseSizeMB: 512 20 | journalSizeMB: 512 21 | -------------------------------------------------------------------------------- /manifests/HPA/hpa.yaml: -------------------------------------------------------------------------------- 1 | kind: HorizontalPodAutoscaler 2 | apiVersion: autoscaling/v2beta1 3 | metadata: 4 | name: sample-metrics-app-hpa 5 | spec: 6 | scaleTargetRef: 7 | kind: Deployment 8 | name: sample-metrics-app 9 | minReplicas: 2 10 | maxReplicas: 10 11 | metrics: 12 | - type: Object 13 | object: 14 | target: 15 | kind: Service 16 | name: sample-metrics-app 17 | metricName: http_requests 18 | targetValue: 100 19 | -------------------------------------------------------------------------------- /manifests/nginx-ingress/templates/tcp-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.tcp }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | labels: 6 | app: {{ template "name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.controller.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "fullname" . }}-tcp 12 | data: 13 | {{ toYaml .Values.tcp | indent 2 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /manifests/nginx-ingress/templates/udp-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.udp }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | labels: 6 | app: {{ template "name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.controller.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "fullname" . }}-udp 12 | data: 13 | {{ toYaml .Values.udp | indent 2 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /usecases/ai.md: -------------------------------------------------------------------------------- 1 | # 人工智能 2 | 3 | Kubernetes 在人工智能领域的应用。 4 | 5 | ## KubeFlow 6 | 7 | [Kubeflow](https://github.com/kubeflow/kubeflow)项目致力于使机器学习(ML)工作流在Kubernetes上的部署简单,可移植且可扩展。KubeFlow的目标不是重新创建其他服务,而是提供一种直接的方式来将ML的同类最佳的开源系统部署到各种基础结构中。在运行Kubernetes的任何地方都应该能够运行Kubeflow。官网:。 8 | 9 | ## ElasticDL 10 | 11 | [ElasticDL](https://github.com/sql-machine-learning/elasticdl) 是一个基于 TensorFlow2.0 的 Kubenretes 原生深度学习框架,官网:[https://elasticdl.org](https://elasticdl.org/)。 -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | ## 如何贡献 2 | 3 | ### 提 issue 4 | 5 | 如果你发现文档中的错误,或者有好的建议、不明白的问题、不要犹豫,欢迎[提交issue](https://github.com/rootsongjc/kubernetes-handbook/issues/new)。 6 | 7 | ### 发起 Pull Request 8 | 9 | 当你发现文章中明确的错误或者逻辑问题,在你自己的fork的分支中,创建一个新的branch,修改错误,push 到你的branch,然后在[提交issue](https://github.com/rootsongjc/kubernetes-handbook/issues/new) 后直接发起Pull Request。 10 | 11 | 任何人都可以发起PR,当文档审核完成merge之后将由[rootsongjc](https://github.com/rootsongjc)来发布到页面上。 -------------------------------------------------------------------------------- /manifests/EFK/es-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: elasticsearch-logging 5 | namespace: kube-system 6 | labels: 7 | k8s-app: elasticsearch-logging 8 | kubernetes.io/cluster-service: "true" 9 | addonmanager.kubernetes.io/mode: Reconcile 10 | kubernetes.io/name: "Elasticsearch" 11 | spec: 12 | ports: 13 | - port: 9200 14 | protocol: TCP 15 | targetPort: db 16 | selector: 17 | k8s-app: elasticsearch-logging 18 | -------------------------------------------------------------------------------- /manifests/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v2alpha1 2 | kind: CronJob 3 | metadata: 4 | name: hello 5 | spec: 6 | schedule: "*/1 * * * *" 7 | jobTemplate: 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: hello 13 | image: busybox 14 | args: 15 | - /bin/sh 16 | - -c 17 | - date; echo Hello from the Kubernetes cluster 18 | restartPolicy: OnFailure 19 | -------------------------------------------------------------------------------- /manifests/charts/oam-core-resources/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /manifests/heapster/heapster-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: heapster 5 | namespace: kube-system 6 | 7 | --- 8 | 9 | kind: ClusterRoleBinding 10 | apiVersion: rbac.authorization.k8s.io/v1beta1 11 | metadata: 12 | name: heapster 13 | subjects: 14 | - kind: ServiceAccount 15 | name: heapster 16 | namespace: kube-system 17 | roleRef: 18 | kind: ClusterRole 19 | name: cluster-admin 20 | apiGroup: rbac.authorization.k8s.io 21 | -------------------------------------------------------------------------------- /manifests/traefik-ingress/ingress-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: ingress 5 | namespace: kube-system 6 | 7 | --- 8 | 9 | kind: ClusterRoleBinding 10 | apiVersion: rbac.authorization.k8s.io/v1beta1 11 | metadata: 12 | name: ingress 13 | subjects: 14 | - kind: ServiceAccount 15 | name: ingress 16 | namespace: kube-system 17 | roleRef: 18 | kind: ClusterRole 19 | name: cluster-admin 20 | apiGroup: rbac.authorization.k8s.io 21 | -------------------------------------------------------------------------------- /manifests/charts/mean/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "fullname" . }} 5 | labels: 6 | app: {{ template "fullname" . }} 7 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 8 | release: "{{ .Release.Name }}" 9 | heritage: "{{ .Release.Service }}" 10 | data: 11 | {{ default "database.js" .Values.configfile}}: |- 12 | {{- if .Values.config }} 13 | {{ default "" .Values.config | indent 4 }} 14 | {{- end -}} 15 | -------------------------------------------------------------------------------- /manifests/dashboard/dashboard-rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: dashboard 5 | namespace: kube-system 6 | 7 | --- 8 | 9 | kind: ClusterRoleBinding 10 | apiVersion: rbac.authorization.k8s.io/v1beta1 11 | metadata: 12 | name: dashboard 13 | subjects: 14 | - kind: ServiceAccount 15 | name: dashboard 16 | namespace: kube-system 17 | roleRef: 18 | kind: ClusterRole 19 | name: cluster-admin 20 | apiGroup: rbac.authorization.k8s.io 21 | -------------------------------------------------------------------------------- /manifests/test/centos.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: test 5 | labels: 6 | app: test 7 | spec: 8 | replicas: 1 9 | template: 10 | metadata: 11 | labels: 12 | app: test 13 | spec: 14 | containers: 15 | - image: harbor-001.jimmysong.io/library/centos:7.2.1511 16 | name: test 17 | command: ["/bin/bash","-c","while true; do sleep 1000; done"] 18 | imagePullPolicy: IfNotPresent 19 | -------------------------------------------------------------------------------- /manifests/test/rolling-update-test/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "log" 6 | "net/http" 7 | ) 8 | 9 | func sayhello(w http.ResponseWriter, r *http.Request) { 10 | fmt.Fprintf(w, "This is version 1.") //这个写入到w的是输出到客户端的 11 | } 12 | 13 | func main() { 14 | http.HandleFunc("/", sayhello) //设置访问的路由 15 | log.Println("This is version 1.") 16 | err := http.ListenAndServe(":9090", nil) //设置监听的端口 17 | if err != nil { 18 | log.Fatal("ListenAndServe: ", err) 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /practice/index.md: -------------------------------------------------------------------------------- 1 | # 最佳实践概览 2 | 3 | 本章节从零开始创建我们自己的kubernetes集群,并在该集群的基础上,配置服务发现、负载均衡和日志收集等功能,使我们的集群能够成为一个真正线上可用、功能完整的集群。 4 | 5 | - 第一部分[ 在CentOS上部署kubernetes集群](install-kubernetes-on-centos.md)中介绍了如何通过二进制文件在CentOS物理机(也可以是公有云主机)上快速部署一个kubernetes集群。 6 | - 第二部分介绍如何在kubernetes中的服务发现与负载均衡。 7 | - 第三部分介绍如何运维kubernetes集群。 8 | - 第四部分介绍kubernetes中的存储管理。 9 | - 第五部分关于kubernetes集群和应用的监控。 10 | - 第六部分介绍kuberentes中的服务编排与管理。 11 | - 第七部分介绍如何基于kubernetes做持续集成与发布。 12 | - 第八部分是kubernetes集群与插件的更新升级。 13 | 14 | 15 | 16 | -------------------------------------------------------------------------------- /manifests/charts/mean/templates/svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "fullname" . }} 5 | labels: 6 | app: {{ template "fullname" . }} 7 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 8 | release: "{{ .Release.Name }}" 9 | heritage: "{{ .Release.Service }}" 10 | spec: 11 | type: {{ .Values.serviceType }} 12 | ports: 13 | - name: http 14 | port: 80 15 | targetPort: http 16 | selector: 17 | app: {{ template "fullname" . }} 18 | -------------------------------------------------------------------------------- /manifests/charts/mychart/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "fullname" . }} 5 | labels: 6 | chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.externalPort }} 11 | targetPort: {{ .Values.service.internalPort }} 12 | protocol: TCP 13 | name: {{ .Values.service.name }} 14 | selector: 15 | app: {{ template "fullname" . }} 16 | -------------------------------------------------------------------------------- /systemd/kube-scheduler.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Kubernetes Scheduler Plugin 3 | Documentation=https://github.com/GoogleCloudPlatform/kubernetes 4 | 5 | [Service] 6 | EnvironmentFile=-/etc/kubernetes/config 7 | EnvironmentFile=-/etc/kubernetes/scheduler 8 | ExecStart=/usr/bin/kube-scheduler \ 9 | $KUBE_LOGTOSTDERR \ 10 | $KUBE_LOG_LEVEL \ 11 | $KUBE_MASTER \ 12 | $KUBE_SCHEDULER_ARGS 13 | Restart=on-failure 14 | LimitNOFILE=65536 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | -------------------------------------------------------------------------------- /tools/create-user/README.md: -------------------------------------------------------------------------------- 1 | # 在kubernetes中创建用户并授予用户namespace的admin权限 2 | 3 | 使用`create-user.sh`脚本创建namespace和用户(同名),并将该namespace的admin权限授予该用户。 4 | 5 | ## 使用前提 6 | 7 | 使用该脚本需要满足以下前提: 8 | 9 | - 所有的证书文件都在`/etc/kubernetes/ssl`目录下 10 | - 执行该脚本的主机可以访问kubernetes集群,并用于最高管理员权限 11 | 12 | ## 使用方式 13 | 14 | ```bash 15 | ./create-user.sh 16 | ``` 17 | 18 | 最后生成了`$username.kubeconfig`文件。 19 | 20 | ## 参考 21 | 22 | [创建用户认证授权的kubeconfig文件](../../guide/kubectl-user-authentication-authorization.md) -------------------------------------------------------------------------------- /manifests/prometheus/import-grafana-dashboard.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: test 5 | namespace: monitoring 6 | labels: 7 | app: test 8 | spec: 9 | replicas: 1 10 | template: 11 | metadata: 12 | labels: 13 | app: test 14 | spec: 15 | serviceAccountName: prometheus-k8s 16 | containers: 17 | - image: harbor-001.jimmysong.io/library/centos:7.2.1511 18 | name: test 19 | imagePullPolicy: IfNotPresent 20 | -------------------------------------------------------------------------------- /systemd/kube-proxy.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Kubernetes Kube-Proxy Server 3 | Documentation=https://github.com/GoogleCloudPlatform/kubernetes 4 | After=network.target 5 | 6 | [Service] 7 | EnvironmentFile=-/etc/kubernetes/config 8 | EnvironmentFile=-/etc/kubernetes/proxy 9 | ExecStart=/usr/bin/kube-proxy \ 10 | $KUBE_LOGTOSTDERR \ 11 | $KUBE_LOG_LEVEL \ 12 | $KUBE_MASTER \ 13 | $KUBE_PROXY_ARGS 14 | Restart=on-failure 15 | LimitNOFILE=65536 16 | 17 | [Install] 18 | WantedBy=multi-user.target 19 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Node rules: 2 | ## Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files) 3 | .grunt 4 | 5 | ## Dependency directory 6 | ## Commenting this out is preferred by some people, see 7 | ## https://docs.npmjs.com/misc/faq#should-i-check-my-node_modules-folder-into-git 8 | node_modules 9 | 10 | # Book build output 11 | _book 12 | 13 | # eBook build output 14 | *.epub 15 | *.mobi 16 | *.pdf 17 | 18 | # Github Pages 19 | deploy.sh 20 | .DS_Store 21 | 22 | # IDEA 23 | *.iml 24 | .idea 25 | -------------------------------------------------------------------------------- /manifests/scripts/pull-rename-push-docker-images.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | repo=harbor-001.jimmysong.io/library/ 3 | cat $1|while read line 4 | do 5 | docker pull $line 6 | old_name=`echo $line|cut -d ":" -f1` 7 | tag=`echo $line|cut -d ":" -f2` 8 | new_name=$repo`echo $old_name|cut -d "/" -f1`-`echo $old_name|cut -d "/" -f2`:$tag 9 | echo "Change $line => $new_name" 10 | id=`docker images|grep $old_name|tr -s " "|cut -d " " -f3` 11 | docker tag $id $new_name 12 | docker push $new_name 13 | done 14 | -------------------------------------------------------------------------------- /manifests/charts/mongodb/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | MongoDB can be accessed via port 27017 on the following DNS name from within your cluster: 2 | {{ template "mongodb.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local 3 | 4 | To connect to your database run the following command: 5 | 6 | kubectl run {{ template "mongodb.fullname" . }}-client --rm --tty -i --image bitnami/mongodb --command -- mongo --host {{ template "mongodb.fullname" . }} {{- if .Values.mongodbRootPassword }} -p {{ .Values.mongodbRootPassword }}{{- end -}} 7 | 8 | -------------------------------------------------------------------------------- /manifests/charts/mychart/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for mychart. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | replicaCount: 1 5 | image: 6 | repository: harbor-001.jimmysong.io/library/nginx 7 | tag: 1.9 8 | pullPolicy: IfNotPresent 9 | service: 10 | name: nginx 11 | type: ClusterIP 12 | externalPort: 80 13 | internalPort: 80 14 | resources: 15 | limits: 16 | cpu: 100m 17 | memory: 128Mi 18 | requests: 19 | cpu: 100m 20 | memory: 128Mi 21 | 22 | -------------------------------------------------------------------------------- /systemd/kube-controller-manager.service: -------------------------------------------------------------------------------- 1 | Description=Kubernetes Controller Manager 2 | Documentation=https://github.com/GoogleCloudPlatform/kubernetes 3 | 4 | [Service] 5 | EnvironmentFile=-/etc/kubernetes/config 6 | EnvironmentFile=-/etc/kubernetes/controller-manager 7 | ExecStart=/usr/bin/kube-controller-manager \ 8 | $KUBE_LOGTOSTDERR \ 9 | $KUBE_LOG_LEVEL \ 10 | $KUBE_MASTER \ 11 | $KUBE_CONTROLLER_MANAGER_ARGS 12 | Restart=on-failure 13 | LimitNOFILE=65536 14 | 15 | [Install] 16 | WantedBy=multi-user.target 17 | -------------------------------------------------------------------------------- /manifests/charts/mean/charts/mongodb/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | MongoDB can be accessed via port 27017 on the following DNS name from within your cluster: 2 | {{ template "mongodb.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local 3 | 4 | To connect to your database run the following command: 5 | 6 | kubectl run {{ template "mongodb.fullname" . }}-client --rm --tty -i --image bitnami/mongodb --command -- mongo --host {{ template "mongodb.fullname" . }} {{- if .Values.mongodbRootPassword }} -p {{ .Values.mongodbRootPassword }}{{- end -}} 7 | 8 | -------------------------------------------------------------------------------- /manifests/charts/mongodb/templates/svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "mongodb.fullname" . }} 5 | labels: 6 | app: {{ template "mongodb.fullname" . }} 7 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 8 | release: "{{ .Release.Name }}" 9 | heritage: "{{ .Release.Service }}" 10 | spec: 11 | type: {{ .Values.serviceType }} 12 | ports: 13 | - name: mongodb 14 | port: 27017 15 | targetPort: mongodb 16 | selector: 17 | app: {{ template "mongodb.fullname" . }} 18 | -------------------------------------------------------------------------------- /develop/contribute.md: -------------------------------------------------------------------------------- 1 | # Kubernetes社区贡献 2 | 3 | 如果您想参与 Kubernetes 社区,请先阅读下[Kubernetes Community](https://github.com/kubernetes/community)这个 GitHub Repo中的文档,该文档中包括社区的治理形式、社区成员资格申请、提交 Issue、查找问题和提交 PR 的指导等。 4 | 5 | ## 参考 6 | 7 | - [Kubernetes Community](https://github.com/kubernetes/community) 8 | - [Kubernetes Developer Guide](https://github.com/kubernetes/community/tree/master/contributors/devel) 9 | - [Enhencement Tracking and Backlog](https://github.com/kubernetes/features) 10 | - [Kubernetes 官方网站项目](https://github.com/kubernetes/website) 11 | -------------------------------------------------------------------------------- /manifests/charts/mongodb/templates/secrets.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: {{ template "mongodb.fullname" . }} 5 | labels: 6 | app: {{ template "mongodb.fullname" . }} 7 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 8 | release: "{{ .Release.Name }}" 9 | heritage: "{{ .Release.Service }}" 10 | type: Opaque 11 | data: 12 | mongodb-root-password: {{ default "" .Values.mongodbRootPassword | b64enc | quote }} 13 | mongodb-password: {{ default "" .Values.mongodbPassword | b64enc | quote }} 14 | -------------------------------------------------------------------------------- /manifests/charts/oam-core-resources/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "oam-core-resources.fullname" . }}-test-connection" 5 | labels: 6 | {{ include "oam-core-resources.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test-success 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "oam-core-resources.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /usecases/the-enterprise-path-to-service-mesh-architectures.md: -------------------------------------------------------------------------------- 1 | # 企业级服务网格架构之路 2 | 3 | 本节是根据由Nginx赞助,O’Reilly出版社出品的关于服务网格的书籍总结而来,本书标题是 _The Enterprise Path to Service Mesh_ ,还有个副标题 _Decoupling at Layer 5_ ,第一版发行于2018年8月8日。这本书一共61页,本文是我对该书的一些解读,读者可以在[Nginx的网站](https://www.nginx.com/resources/library/the-enterprise-path-to-service-mesh-architectures/)上免费下载阅读完整内容。 4 | 5 | 追本溯源,Service Mesh实际上是一种SDN,等同于OSI模型中的会话层。 每一次技术变革,必然要导致生产力和生产关系的变革,我们看到这种趋势正在加速。本书中给出了企业上Service Mesh的路径,可供广大技术和管理人员参考。 6 | 7 | **注**:若未加声明,本章中所有图片均来自*The Enterprise Path to Service Mesh*一书。 8 | -------------------------------------------------------------------------------- /manifests/charts/mean/charts/mongodb/templates/secrets.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: {{ template "mongodb.fullname" . }} 5 | labels: 6 | app: {{ template "mongodb.fullname" . }} 7 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 8 | release: "{{ .Release.Name }}" 9 | heritage: "{{ .Release.Service }}" 10 | type: Opaque 11 | data: 12 | mongodb-root-password: {{ default "" .Values.mongodbRootPassword | b64enc | quote }} 13 | mongodb-password: {{ default "" .Values.mongodbPassword | b64enc | quote }} 14 | -------------------------------------------------------------------------------- /manifests/charts/mean/charts/mongodb/templates/svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "mongodb.fullname" . }} 5 | labels: 6 | app: {{ template "mongodb.fullname" . }} 7 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 8 | release: "{{ .Release.Name }}" 9 | heritage: "{{ .Release.Service }}" 10 | spec: 11 | type: {{ .Values.serviceType }} 12 | ports: 13 | - name: mongodb 14 | port: 27017 15 | targetPort: mongodb 16 | selector: 17 | app: {{ template "mongodb.fullname" . }} 18 | -------------------------------------------------------------------------------- /etc/kubernetes/controller-manager: -------------------------------------------------------------------------------- 1 | ### 2 | # The following values are used to configure the kubernetes controller-manager 3 | 4 | # defaults from config and apiserver should be adequate 5 | 6 | # Add your own! 7 | KUBE_CONTROLLER_MANAGER_ARGS="--address=127.0.0.1 --service-cluster-ip-range=10.254.0.0/16 --cluster-name=kubernetes --cluster-signing-cert-file=/etc/kubernetes/ssl/ca.pem --cluster-signing-key-file=/etc/kubernetes/ssl/ca-key.pem --service-account-private-key-file=/etc/kubernetes/ssl/ca-key.pem --root-ca-file=/etc/kubernetes/ssl/ca.pem --leader-elect=true" 8 | -------------------------------------------------------------------------------- /manifests/heapster/heapster-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | task: monitoring 6 | # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons) 7 | # If you are NOT using this as an addon, you should comment out this line. 8 | kubernetes.io/cluster-service: 'true' 9 | kubernetes.io/name: Heapster 10 | name: heapster 11 | namespace: kube-system 12 | spec: 13 | ports: 14 | - port: 80 15 | targetPort: 8082 16 | selector: 17 | k8s-app: heapster 18 | -------------------------------------------------------------------------------- /practice/distributed-tracing.md: -------------------------------------------------------------------------------- 1 | # 分布式追踪 2 | 3 | 当我将单体应用拆成多个微服务之后,如何监控服务之间的依赖关系和调用链,以判断应用在哪个服务环节出了问题,哪些地方可以优化?这就需要用到分布式追踪(Distributed Tracing)。 4 | 5 | CNCF 提出了分布式追踪的标准 [OpenTracing](https://opentracing.io/),它提供用厂商中立的 API,并提供 Go、Java、JavaScript、Python、Ruby、PHP、Objective-C、C++ 和 C# 这九种语言的库。 6 | 7 | 同时 CNCF 中还有个端到端的支持 OpenTracing API 的分布式追踪项目 [Jaeger](https://www.jaegertracing.io/)。 8 | 9 | ## 参考 10 | 11 | - [OpenTracing 官方网站](https://opentracing.io/) 12 | - [Jaeger 官方网站](https://www.jaegertracing.io/) 13 | - [Apache SkyWalking 官方网站](https://skywalking.apache.org/) 14 | -------------------------------------------------------------------------------- /appendix/cncf-annual-report.md: -------------------------------------------------------------------------------- 1 | # CNCF年度报告解读 2 | 3 | CNCF成立于2015年12月11日,自2018年开始每年年初都会发布一次 CNCF Annual Report(CNCF 年度报告),总结 CNCF 去年一年里在推广云原生技术和理念上付出的行动和取得的进展,这一章节将从2018年的年度报告开始每年都会解读一次 CNCF 年度报告,2018年的年度报告延续了2017年年度报告的大体分类,但2017年的报告过于精简(只列举了一些活动与数字),本章不对其解读,而是从2018年的年度报告开始,感兴趣的读者可以下载其报告自行阅览。 4 | 5 | ## 参考 6 | 7 | - CNCF Annual Report 2017 pdf 8 | - [CNCF Annual Report 2018 pdf](https://www.cncf.io/wp-content/uploads/2019/02/CNCF_Annual_Report_2018_FInal.pdf) 9 | - [CNCF Annual Report 2019 pdf](https://www.cncf.io/wp-content/uploads/2020/02/CNCF-Annual-Report-2019.pdf) 10 | -------------------------------------------------------------------------------- /manifests/kafka/kafkaGenConfig.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | HOST=`hostname -s` 3 | if [[ $HOST =~ (.*)-([0-9]+)$ ]]; then 4 | NAME=${BASH_REMATCH[1]} 5 | ORD=${BASH_REMATCH[2]} 6 | else 7 | echo "Failed to extract ordinal from hostname $HOST" 8 | exit 1 9 | fi 10 | 11 | MY_ID=$((ORD+1)) 12 | sed -i s"/broker.id=0/broker.id=$MY_ID/g" /opt/kafka/config/server.properties 13 | sed -i s'/zookeeper.connect=localhost:2181/zookeeper.connect=zk-0.zk-svc.brand.svc:2181,zk-1.zk-svc.brand.svc:2181,zk-2.zk-svc.brand.svc:2181/g' /opt/kafka/config/server.properties 14 | -------------------------------------------------------------------------------- /manifests/spark-standalone/spark-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: traefik-ingress 5 | namespace: spark-cluster 6 | spec: 7 | rules: 8 | - host: spark.traefik.io 9 | http: 10 | paths: 11 | - path: / 12 | backend: 13 | serviceName: spark-ui-proxy 14 | servicePort: 80 15 | - host: zeppelin.traefik.io 16 | http: 17 | paths: 18 | - path: / 19 | backend: 20 | serviceName: zeppelin 21 | servicePort: 80 22 | -------------------------------------------------------------------------------- /manifests/nginx-ingress/templates/controller-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | labels: 5 | app: {{ template "name" . }} 6 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 7 | component: "{{ .Values.controller.name }}" 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "controller.fullname" . }} 11 | data: 12 | enable-vts-status: "{{ .Values.controller.stats.enabled }}" 13 | {{- if .Values.controller.config }} 14 | {{ toYaml .Values.controller.config | indent 2 }} 15 | {{- end }} 16 | -------------------------------------------------------------------------------- /guide/kubernetes-desktop-client.md: -------------------------------------------------------------------------------- 1 | # Lens - Kubernetes IDE/桌面客户端 2 | 3 | [Lens](https://k8slens.dev/) 是一款开源的 Kubenretes IDE,也可以作为桌面客户端,官方网站 ,具有以下特性: 4 | 5 | - 完全开源,GitHub 地址 6 | - 实时展示集群状态 7 | - 内置 Prometheus 监控 8 | - 多集群,多个 namespace 管理 9 | - 原生 Kubernetes 支持 10 | - 支持使用 chart 安装应用 11 | - 使用 kubeconfig 登陆认证 12 | - 支持多平台,Windows、Mac、Linux 13 | - Visual Studio Code 友好的风格设计 14 | 15 | Lens 界面图下图所示。 16 | 17 | ![Lens Kubernetes IDE 界面](../images/lens.jpg) 18 | 19 | ## 参考 20 | 21 | - [Lens, Kubernetes IDE - k8slens.dev](https://k8slens.dev/) -------------------------------------------------------------------------------- /manifests/charts/mongodb/Chart.yaml: -------------------------------------------------------------------------------- 1 | appVersion: 3.4.9 2 | description: NoSQL document-oriented database that stores JSON-like documents with 3 | dynamic schemas, simplifying the integration of data in content-driven applications. 4 | engine: gotpl 5 | home: https://mongodb.org 6 | icon: https://bitnami.com/assets/stacks/mongodb/img/mongodb-stack-220x234.png 7 | keywords: 8 | - mongodb 9 | - database 10 | - nosql 11 | maintainers: 12 | - email: containers@bitnami.com 13 | name: Bitnami 14 | name: mongodb 15 | sources: 16 | - https://github.com/bitnami/bitnami-docker-mongodb 17 | version: 0.4.17 18 | -------------------------------------------------------------------------------- /appendix/index.md: -------------------------------------------------------------------------------- 1 | # 附录说明 2 | 3 | 参考文档以及一些实用的资源链接。 4 | 5 | - [Kubernetes documentation](http://kubernetes.io/docs/) 6 | - [Awesome Kubernetes](https://github.com/ramitsurana/awesome-kubernetes) 7 | - [Kubernetes the hard way](https://github.com/kelseyhightower/kubernetes-the-hard-way) 8 | - [Kubernetes Bootcamp](https://kubernetesbootcamp.github.io/kubernetes-bootcamp/index.html) 9 | - [Design patterns for container-based distributed systems](https://www.usenix.org/system/files/conference/hotcloud16/hotcloud16_burns.pdf) 10 | - [Awesome Cloud Native](https://jimmysong.io/awesome-cloud-native/) 11 | 12 | 13 | -------------------------------------------------------------------------------- /appendix/kubernetes-1.16-changelog.md: -------------------------------------------------------------------------------- 1 | # Kubernetes 1.16 更新日志 2 | 3 | 北京时间 2019 年 9 月 19 日,Kubernetes 1.16 发布,这是 2019 年的第三个版本,距离上个版本发布刚好又是三个月的时间。该版本中最显著地改进包括: 4 | 5 | - CRD,现在 GA(General Availability)了 6 | - Kubernetes 之前已经大量使用了全局的度量注册表来注册要暴露的 Metrics。通过实现度量注册表,度量的注册方式更加透明。此前,Kubernetes 的度量一直被排除在任何形式的稳定性要求之外。 7 | - 在这个版本中,有不少与 volume 和 volume 修改有关的增强功能。在 CSI spec 中的 volume 大小调整支持转移到了 beta 版,允许任何 CSI spec 的 volume 插件进行大小调整。 8 | 9 | ## 参考 10 | 11 | - [Kubernetes 1.16: Custom Resources, Overhauled Metrics, and Volume Extensions](https://kubernetes.io/blog/2019/09/18/kubernetes-1-16-release-announcement/) 12 | 13 | -------------------------------------------------------------------------------- /manifests/charts/mean/charts/mongodb/Chart.yaml: -------------------------------------------------------------------------------- 1 | appVersion: 3.4.9 2 | description: NoSQL document-oriented database that stores JSON-like documents with 3 | dynamic schemas, simplifying the integration of data in content-driven applications. 4 | engine: gotpl 5 | home: https://mongodb.org 6 | icon: https://bitnami.com/assets/stacks/mongodb/img/mongodb-stack-220x234.png 7 | keywords: 8 | - mongodb 9 | - database 10 | - nosql 11 | maintainers: 12 | - email: containers@bitnami.com 13 | name: Bitnami 14 | name: mongodb 15 | sources: 16 | - https://github.com/bitnami/bitnami-docker-mongodb 17 | version: 0.4.17 18 | -------------------------------------------------------------------------------- /manifests/oam/cluster-role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: crossplane-oam 5 | rules: 6 | - apiGroups: 7 | - apps 8 | resources: 9 | - statefulsets 10 | - deployments 11 | verbs: 12 | - "*" 13 | --- 14 | apiVersion: rbac.authorization.k8s.io/v1 15 | kind: ClusterRoleBinding 16 | metadata: 17 | name: oam-example-catalog 18 | roleRef: 19 | apiGroup: rbac.authorization.k8s.io 20 | kind: ClusterRole 21 | name: crossplane-oam 22 | subjects: 23 | - kind: ServiceAccount 24 | name: crossplane-oam 25 | namespace: crossplane-system 26 | -------------------------------------------------------------------------------- /manifests/spark-standalone/zeppelin-controller.yaml: -------------------------------------------------------------------------------- 1 | kind: ReplicationController 2 | apiVersion: v1 3 | metadata: 4 | name: zeppelin-controller 5 | namespace: spark-cluster 6 | spec: 7 | replicas: 1 8 | selector: 9 | component: zeppelin 10 | template: 11 | metadata: 12 | labels: 13 | component: zeppelin 14 | spec: 15 | containers: 16 | - name: zeppelin 17 | image: harbor-001.jimmysong.io/library/zeppelin:0.7.1 18 | ports: 19 | - containerPort: 8080 20 | resources: 21 | requests: 22 | cpu: 100m 23 | -------------------------------------------------------------------------------- /manifests/traefik-ingress/ui.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: traefik-web-ui 5 | namespace: kube-system 6 | spec: 7 | selector: 8 | k8s-app: traefik-ingress-lb 9 | ports: 10 | - name: web 11 | port: 80 12 | targetPort: 8580 13 | --- 14 | apiVersion: extensions/v1beta1 15 | kind: Ingress 16 | metadata: 17 | name: traefik-web-ui 18 | namespace: kube-system 19 | spec: 20 | rules: 21 | - host: traefik-ui.local 22 | http: 23 | paths: 24 | - path: / 25 | backend: 26 | serviceName: traefik-web-ui 27 | servicePort: web 28 | -------------------------------------------------------------------------------- /etc/sysconfig/flanneld: -------------------------------------------------------------------------------- 1 | # Flanneld configuration options 2 | 3 | # etcd url location. Point this to the server where etcd runs 4 | FLANNEL_ETCD_ENDPOINTS="https://172.20.0.113:2379,https://172.20.0.114:2379,https://172.20.0.115:2379" 5 | 6 | # etcd config key. This is the configuration key that flannel queries 7 | # For address range assignment 8 | FLANNEL_ETCD_PREFIX="/kube-centos/network" 9 | 10 | # Any additional options that you want to pass 11 | FLANNEL_OPTIONS="-etcd-cafile=/etc/kubernetes/ssl/ca.pem -etcd-certfile=/etc/kubernetes/ssl/kubernetes.pem -etcd-keyfile=/etc/kubernetes/ssl/kubernetes-key.pem" 12 | -------------------------------------------------------------------------------- /manifests/charts/mychart/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | */}} 13 | {{- define "fullname" -}} 14 | {{- $name := default .Chart.Name .Values.nameOverride -}} 15 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 16 | {{- end -}} 17 | -------------------------------------------------------------------------------- /manifests/nginx-ingress/Chart.yaml: -------------------------------------------------------------------------------- 1 | appVersion: 0.9.0-beta.15 2 | description: An nginx Ingress controller that uses ConfigMap to store the nginx configuration. 3 | engine: gotpl 4 | icon: https://upload.wikimedia.org/wikipedia/commons/thumb/c/c5/Nginx_logo.svg/500px-Nginx_logo.svg.png 5 | keywords: 6 | - ingress 7 | - nginx 8 | maintainers: 9 | - email: jack.zampolin@gmail.com 10 | name: jackzampolin 11 | - email: mgoodness@gmail.com 12 | name: mgoodness 13 | - email: chance.zibolski@coreos.com 14 | name: chancez 15 | name: nginx-ingress 16 | sources: 17 | - https://github.com/kubernetes/ingress-nginx 18 | version: 0.8.9 19 | -------------------------------------------------------------------------------- /manifests/charts/mongodb/templates/pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.persistence.enabled }} 2 | kind: PersistentVolumeClaim 3 | apiVersion: v1 4 | metadata: 5 | name: {{ template "mongodb.fullname" . }} 6 | spec: 7 | accessModes: 8 | - {{ .Values.persistence.accessMode | quote }} 9 | resources: 10 | requests: 11 | storage: {{ .Values.persistence.size | quote }} 12 | {{- if .Values.persistence.storageClass }} 13 | {{- if (eq "-" .Values.persistence.storageClass) }} 14 | storageClassName: "" 15 | {{- else }} 16 | storageClassName: "{{ .Values.persistence.storageClass }}" 17 | {{- end }} 18 | {{- end }} 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /develop/developing-environment.md: -------------------------------------------------------------------------------- 1 | # 配置Kubernetes开发环境 2 | 3 | 我们将在Mac上使用docker环境编译kuberentes。 4 | 5 | ## 安装依赖 6 | 7 | ```bash 8 | brew install gnu-tar 9 | ``` 10 | 11 | Docker环境,至少需要给容器分配4G内存,在低于3G内存的时候可能会编译失败。 12 | 13 | ## 执行编译 14 | 15 | 切换目录到kuberentes源码的根目录下执行: 16 | 17 | `./build/run.sh make`可以在docker中执行跨平台编译出二进制文件。 18 | 19 | 需要用的的docker镜像: 20 | 21 | ```bash 22 | gcr.io/google_containers/kube-cross:v1.7.5-2 23 | ``` 24 | 25 | 该镜像基于Ubuntu构建,大小2.15G,编译环境中包含以下软件: 26 | 27 | - Go1.7.5 28 | - etcd 29 | - protobuf 30 | - g++ 31 | - 其他golang依赖包 32 | 33 | 在我自己的电脑上的整个编译过程大概要半个小时。 34 | 35 | 编译完成的二进制文件在`/_output/local/go/bin/`目录下。 36 | -------------------------------------------------------------------------------- /manifests/charts/mean/charts/mongodb/templates/pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.persistence.enabled }} 2 | kind: PersistentVolumeClaim 3 | apiVersion: v1 4 | metadata: 5 | name: {{ template "mongodb.fullname" . }} 6 | spec: 7 | accessModes: 8 | - {{ .Values.persistence.accessMode | quote }} 9 | resources: 10 | requests: 11 | storage: {{ .Values.persistence.size | quote }} 12 | {{- if .Values.persistence.storageClass }} 13 | {{- if (eq "-" .Values.persistence.storageClass) }} 14 | storageClassName: "" 15 | {{- else }} 16 | storageClassName: "{{ .Values.persistence.storageClass }}" 17 | {{- end }} 18 | {{- end }} 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /manifests/charts/mongodb/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "mongodb.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | */}} 13 | {{- define "mongodb.fullname" -}} 14 | {{- $name := default .Chart.Name .Values.nameOverride -}} 15 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 16 | {{- end -}} 17 | -------------------------------------------------------------------------------- /usecases/microservices-for-java-developers.md: -------------------------------------------------------------------------------- 1 | # 使用Java构建微服务并发布到Kubernetes平台 2 | 3 | Java作为多年的编程语言届的No.1(使用人数最多,最流行),使用它来构建微服务的人也不计其数,Java的微服务框架Spring中的Spring Boot和Spring Cloud已成为当前最流行的微服务框架。 4 | 5 | 下面是Sping技术栈所包含的技术框架图。 6 | 7 | ![Spring技术栈](../images/spring-stack.png) 8 | 9 | 10 | 11 | 当然如果在Kubernetes中运行Java语言构建的微服务应用,我们不会使用上图中所有的技术,本节将主要讲解如何使用Spring Boot构建微服务应用。 12 | 13 | 下图是Spring Boot的一些知识点。 14 | 15 | ![Spring Boot的知识点](../images/spring-boot-note-spots.png) 16 | 17 | Spring Boot是Spring框架的一部分,关于Spring的核心技术请参考[Spring core technologies - spring.io](https://docs.spring.io/spring/docs/current/spring-framework-reference/core.html)。 18 | -------------------------------------------------------------------------------- /manifests/test/my-nginx.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: my-nginx 5 | spec: 6 | replicas: 2 7 | template: 8 | metadata: 9 | labels: 10 | run: my-nginx 11 | spec: 12 | containers: 13 | - name: my-nginx 14 | image: harbor-001.jimmysong.io/library/nginx:1.9 15 | ports: 16 | - containerPort: 80 17 | --- 18 | apiVersion: v1 19 | kind: Service 20 | metadata: 21 | name: my-nginx 22 | labels: 23 | app: my-nginx 24 | spec: 25 | ports: 26 | - port: 80 27 | protocol: TCP 28 | name: http 29 | selector: 30 | run: my-nginx 31 | -------------------------------------------------------------------------------- /manifests/charts/mean/charts/mongodb/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "mongodb.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | */}} 13 | {{- define "mongodb.fullname" -}} 14 | {{- $name := default .Chart.Name .Values.nameOverride -}} 15 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 16 | {{- end -}} 17 | -------------------------------------------------------------------------------- /manifests/dashboard-1.7.1/admin-role.yaml: -------------------------------------------------------------------------------- 1 | kind: ClusterRoleBinding 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | metadata: 4 | name: admin 5 | annotations: 6 | rbac.authorization.kubernetes.io/autoupdate: "true" 7 | roleRef: 8 | kind: ClusterRole 9 | name: cluster-admin 10 | apiGroup: rbac.authorization.k8s.io 11 | subjects: 12 | - kind: ServiceAccount 13 | name: admin 14 | namespace: kube-system 15 | --- 16 | apiVersion: v1 17 | kind: ServiceAccount 18 | metadata: 19 | name: admin 20 | namespace: kube-system 21 | labels: 22 | kubernetes.io/cluster-service: "true" 23 | addonmanager.kubernetes.io/mode: Reconcile 24 | -------------------------------------------------------------------------------- /manifests/nginx-ingress/templates/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: RoleBinding 4 | metadata: 5 | labels: 6 | app: {{ template "name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "fullname" . }} 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: Role 14 | name: {{ template "fullname" . }} 15 | subjects: 16 | - kind: ServiceAccount 17 | name: {{ template "fullname" . }} 18 | namespace: {{ .Release.Namespace }} 19 | {{- end -}} 20 | -------------------------------------------------------------------------------- /usecases/microservices.md: -------------------------------------------------------------------------------- 1 | # 微服务架构 2 | 3 | Kubernetes 设计之初就是按照 Cloud Native 的理念设计的,Cloud Native 中有个重要概念就是微服务的架构设计,当将单体应用拆分微服务后, 随着服务数量的增多,如何微服务进行管理以保证服务的 SLA 呢?为了从架构层面上解决这个问题,解放程序员的创造性,避免繁琐的服务发现、监控、分布式追踪等事务,Service mesh 应运而生。 4 | 5 | ## 微服务 6 | 7 | 下图是[Bilgin Ibryam](https://developers.redhat.com/blog/author/bibryam/)给出的微服务中应该关心的主题,图片来自[RedHat Developers](https://developers.redhat.com/blog/2016/12/09/spring-cloud-for-microservices-compared-to-kubernetes/)。 8 | 9 | ![微服务关注的部分](../images/microservices-concerns.jpg) 10 | 11 | 当前最成熟最完整的微服务框架可以说非[Spring](https://spring.io)莫属,而Spring又仅限于Java语言开发,其架构本身又跟Kubernetes存在很多重合的部分,如何探索将Kubernetes作为微服务架构平台就成为一个热点话题。 12 | -------------------------------------------------------------------------------- /appendix/kubernetes-1.17-changelog.md: -------------------------------------------------------------------------------- 1 | # Kubernetes 1.17 更新日志 2 | 3 | 北京时间 2019 年 12 月 10 日,Kubernetes 1.17 发布,这是 2019 年的第四个版本,距离上个版本发布刚好又是三个月的时间。该版本中最显著地改进包括: 4 | 5 | - 云供应商标签 GA:早在 v1.2 版本中就作为测试版功能添加,v1.17 版本中的云供应商标签普遍可用。 6 | - Volume Snapshot 进入 bata 版:Kubernetes Volume Snapshot功能现在是Kubernetes v1.17中的测试版。该功能在 Kubernetes v1.12 中作为 alpha 引入的,在 Kubernetes v1.13 中进行了第二次 alpha,并进行了突破性修改。 7 | - CSI 迁移(Migration)进入 beata 版:Kubernetes 树内(in-tree)存储插件到容器存储接口(CSI)迁移基础架构现在是 Kubernetes v1.17 中的 beata 版。CSI 迁移在 Kubernetes v1.14 中作为 alpha 引入。 8 | 9 | ## 参考 10 | 11 | - [Kubernetes 1.17: Stability](https://kubernetes.io/blog/2019/12/09/kubernetes-1-17-release-announcement/) 12 | 13 | -------------------------------------------------------------------------------- /manifests/nginx-ingress/templates/clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | labels: 6 | app: {{ template "name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "fullname" . }} 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: {{ template "fullname" . }} 15 | subjects: 16 | - kind: ServiceAccount 17 | name: {{ template "fullname" . }} 18 | namespace: {{ .Release.Namespace }} 19 | {{- end -}} 20 | -------------------------------------------------------------------------------- /manifests/oam/containerized-workload/sample_component.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: core.oam.dev/v1alpha2 2 | kind: Component 3 | metadata: 4 | name: example-component 5 | spec: 6 | workload: 7 | apiVersion: core.oam.dev/v1alpha2 8 | kind: ContainerizedWorkload 9 | spec: 10 | containers: 11 | - name: wordpress 12 | image: wordpress:4.6.1-apache 13 | ports: 14 | - containerPort: 80 15 | name: wordpress 16 | parameters: 17 | - name: instance-name 18 | required: true 19 | fieldPaths: 20 | - metadata.name 21 | - name: image 22 | fieldPaths: 23 | - spec.containers[0].image -------------------------------------------------------------------------------- /practice/jenkins-ci-cd.md: -------------------------------------------------------------------------------- 1 | # 使用Jenkins进行持续集成与发布 2 | 3 | 我们基于Jenkins的CI/CD流程如下所示。 4 | 5 | ![基于Jenkins的持续集成与发布](../images/kubernetes-jenkins-ci-cd.png) 6 | 7 | ## 流程说明 8 | 9 | 应用构建和发布流程说明。 10 | 11 | 1. 用户向Gitlab提交代码,代码中必须包含`Dockerfile` 12 | 2. 将代码提交到远程仓库 13 | 3. 用户在发布应用时需要填写git仓库地址和分支、服务类型、服务名称、资源数量、实例个数,确定后触发Jenkins自动构建 14 | 4. Jenkins的CI流水线自动编译代码并打包成docker镜像推送到Harbor镜像仓库 15 | 5. Jenkins的CI流水线中包括了自定义脚本,根据我们已准备好的kubernetes的YAML模板,将其中的变量替换成用户输入的选项 16 | 6. 生成应用的kubernetes YAML配置文件 17 | 7. 更新Ingress的配置,根据新部署的应用的名称,在ingress的配置文件中增加一条路由信息 18 | 8. 更新PowerDNS,向其中插入一条DNS记录,IP地址是边缘节点的IP地址。关于边缘节点,请查看[边缘节点配置](edge-node-configuration.md) 19 | 9. Jenkins调用kubernetes的API,部署应用 20 | 21 | -------------------------------------------------------------------------------- /manifests/spark-standalone/spark-worker-controller.yaml: -------------------------------------------------------------------------------- 1 | kind: ReplicationController 2 | apiVersion: v1 3 | metadata: 4 | name: spark-worker-controller 5 | namespace: spark-cluster 6 | spec: 7 | replicas: 3 8 | selector: 9 | component: spark-worker 10 | template: 11 | metadata: 12 | labels: 13 | component: spark-worker 14 | spec: 15 | containers: 16 | - name: spark-worker 17 | image: harbor-001.jimmysong.io/library/spark:1.5.2_v1 18 | command: ["/start-worker"] 19 | ports: 20 | - containerPort: 8081 21 | resources: 22 | requests: 23 | cpu: 100m 24 | 25 | -------------------------------------------------------------------------------- /manifests/oam/containerized-workload/sample_application_config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: core.oam.dev/v1alpha2 2 | kind: ApplicationConfiguration 3 | metadata: 4 | name: example-appconfig 5 | spec: 6 | components: 7 | - componentName: example-component 8 | parameterValues: 9 | - name: instance-name 10 | value: example-appconfig-workload 11 | - name: image 12 | value: wordpress:php7.2 13 | traits: 14 | - trait: 15 | apiVersion: core.oam.dev/v1alpha2 16 | kind: ManualScalerTrait 17 | metadata: 18 | name: example-appconfig-trait 19 | spec: 20 | replicaCount: 3 -------------------------------------------------------------------------------- /manifests/heapster/influxdb-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | task: monitoring 6 | # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons) 7 | # If you are NOT using this as an addon, you should comment out this line. 8 | kubernetes.io/cluster-service: 'true' 9 | kubernetes.io/name: monitoring-influxdb 10 | name: monitoring-influxdb 11 | namespace: kube-system 12 | spec: 13 | type: NodePort 14 | ports: 15 | - port: 8086 16 | targetPort: 8086 17 | name: http 18 | - port: 8083 19 | targetPort: 8083 20 | name: admin 21 | selector: 22 | k8s-app: influxdb 23 | -------------------------------------------------------------------------------- /manifests/spark-standalone/spark-master-controller.yaml: -------------------------------------------------------------------------------- 1 | kind: ReplicationController 2 | apiVersion: v1 3 | metadata: 4 | name: spark-master-controller 5 | namespace: spark-cluster 6 | spec: 7 | replicas: 1 8 | selector: 9 | component: spark-master 10 | template: 11 | metadata: 12 | labels: 13 | component: spark-master 14 | spec: 15 | containers: 16 | - name: spark-master 17 | image: harbor-001.jimmysong.io/library/spark:1.5.2_v1 18 | command: ["/start-master"] 19 | ports: 20 | - containerPort: 7077 21 | - containerPort: 8080 22 | resources: 23 | requests: 24 | cpu: 100m 25 | -------------------------------------------------------------------------------- /usecases/envoy-sidecar-routing-of-istio-service-mesh-deep-dive.md: -------------------------------------------------------------------------------- 1 | # 深入理解Istio Service Mesh中的Envoy Sidecar代理的路由转发 2 | 3 | **注意:本文基于 Istio 1.5。** 4 | 5 | 本文以 Istio 官方的 bookinfo 示例来讲解在进入 Pod 的流量被 iptables 转交给 Envoy sidecar 后,Envoy 是如何做路由转发的,详述了 Inbound 和 Outbound 处理过程。关于流量拦截的详细分析请参考[理解 Istio Service Mesh 中 Envoy 代理 Sidecar 注入及流量劫持](understand-sidecar-injection-and-traffic-hijack-in-istio-service-mesh.md)。 6 | 7 | 下面是 Istio 官方提供的 bookinfo 的请求流程图,假设 bookinfo 应用的所有服务中没有配置 DestinationRule。 8 | 9 | ![Bookinfo 示例](../images/006tNbRwgy1fvlwjd3302j31bo0ro0x5.jpg) 10 | 11 | 请读者参考 ServiceMesher 社区出品的 Istio Handbook 中的 [Sidecar 流量路由机制分析](https://www.servicemesher.com/istio-handbook/concepts/sidecar-traffic-route.html)一节。 -------------------------------------------------------------------------------- /systemd/kubelet.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Kubernetes Kubelet Server 3 | Documentation=https://github.com/GoogleCloudPlatform/kubernetes 4 | After=docker.service 5 | Requires=docker.service 6 | 7 | [Service] 8 | WorkingDirectory=/var/lib/kubelet 9 | EnvironmentFile=-/etc/kubernetes/config 10 | EnvironmentFile=-/etc/kubernetes/kubelet 11 | ExecStart=/usr/bin/kubelet \ 12 | $KUBE_LOGTOSTDERR \ 13 | $KUBE_LOG_LEVEL \ 14 | $KUBELET_API_SERVER \ 15 | $KUBELET_ADDRESS \ 16 | $KUBELET_PORT \ 17 | $KUBELET_HOSTNAME \ 18 | $KUBE_ALLOW_PRIV \ 19 | $KUBELET_POD_INFRA_CONTAINER \ 20 | $KUBELET_ARGS 21 | Restart=on-failure 22 | 23 | [Install] 24 | WantedBy=multi-user.target 25 | -------------------------------------------------------------------------------- /systemd/flanneld.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Flanneld overlay address etcd agent 3 | After=network.target 4 | After=network-online.target 5 | Wants=network-online.target 6 | After=etcd.service 7 | Before=docker.service 8 | 9 | [Service] 10 | Type=notify 11 | EnvironmentFile=/etc/sysconfig/flanneld 12 | EnvironmentFile=-/etc/sysconfig/docker-network 13 | ExecStart=/usr/bin/flanneld-start \ 14 | -etcd-endpoints=${FLANNEL_ETCD_ENDPOINTS} \ 15 | -etcd-prefix=${FLANNEL_ETCD_PREFIX} \ 16 | $FLANNEL_OPTIONS 17 | ExecStartPost=/usr/libexec/flannel/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker 18 | Restart=on-failure 19 | 20 | [Install] 21 | WantedBy=multi-user.target 22 | RequiredBy=docker.service 23 | -------------------------------------------------------------------------------- /manifests/linkerd/jenkins.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ReplicationController 4 | metadata: 5 | name: jenkins 6 | spec: 7 | replicas: 1 8 | selector: 9 | app: jenkins 10 | template: 11 | metadata: 12 | labels: 13 | app: jenkins 14 | spec: 15 | dnsPolicy: ClusterFirst 16 | containers: 17 | - name: jenkins 18 | image: harbor-001.jimmysong.io/library/buoyantio-jenkins-plus:2.60.1 19 | ports: 20 | - name: http 21 | containerPort: 8080 22 | --- 23 | apiVersion: v1 24 | kind: Service 25 | metadata: 26 | name: jenkins 27 | spec: 28 | selector: 29 | app: jenkins 30 | ports: 31 | - name: http 32 | port: 80 33 | targetPort: 8080 34 | -------------------------------------------------------------------------------- /manifests/glusterfs/nginx-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: nginx-dm 5 | spec: 6 | replicas: 2 7 | template: 8 | metadata: 9 | labels: 10 | name: nginx 11 | spec: 12 | containers: 13 | - name: nginx 14 | image: harbor-001.jimmysong.io/library/nginx:1.9 15 | imagePullPolicy: IfNotPresent 16 | ports: 17 | - containerPort: 80 18 | volumeMounts: 19 | - name: gluster-dev-volume 20 | mountPath: "/usr/share/nginx/html" 21 | volumes: 22 | - name: gluster-dev-volume 23 | persistentVolumeClaim: 24 | claimName: glusterfs-nginx 25 | -------------------------------------------------------------------------------- /manifests/linkerd/jenkins-rbac-beta.yml: -------------------------------------------------------------------------------- 1 | # RBAC configs for jenkins 2 | --- 3 | # allows the jenkins process to run the continuous deploy demo 4 | kind: ClusterRole 5 | apiVersion: rbac.authorization.k8s.io/v1beta1 6 | metadata: 7 | name: jenkins-rc 8 | rules: 9 | - apiGroups: [""] # "" indicates the core API group 10 | resources: ["services", "replicationcontrollers"] 11 | verbs: ["*"] 12 | --- 13 | kind: ClusterRoleBinding 14 | apiVersion: rbac.authorization.k8s.io/v1beta1 15 | metadata: 16 | name: jenkins-role-binding 17 | subjects: 18 | - kind: ServiceAccount 19 | name: default 20 | namespace: default 21 | roleRef: 22 | kind: ClusterRole 23 | name: jenkins-rc 24 | apiGroup: rbac.authorization.k8s.io 25 | -------------------------------------------------------------------------------- /guide/cabin-mobile-dashboard-for-kubernetes.md: -------------------------------------------------------------------------------- 1 | # Cabin - Kubernetes手机客户端 2 | 3 | cabin是由[bitnami](https://bitnami.com/)开源的手机管理Kubernetes集群的客户端,目前提供iOS和安卓版本,代码开源在GitHub上: 4 | 5 | 为了方便移动办公,可以使用Cabin这个kuberntes手机客户端,可以链接GKE和任何Kubernetes集群,可以使用以下三种认证方式: 6 | 7 | - 证书 8 | - token 9 | - kubeconfig文件 10 | 11 | 所有功能跟kubernetes dashboard相同,还可以支持使用Helm chart部署应用,可以配置自定义的chart仓库地址。 12 | 13 | iPhone用户可以在App Store中搜索**Cabin**即可找到。 14 | 15 | ![App Store](../images/cabin-kubernetes-mobile-dashboard-1.jpg) 16 | 17 | 可以很方便的在手机上操作自己的kubernetes集群,还可以登录到容器中操作,只要是kubernetes API支持的功能,都可以在该移动客户端上实现。 18 | 19 | ![在手机上操作Kubernetes集群](../images/cabin-kubernetes-mobile-dashboard-4.jpg) 20 | 21 | 更多详细信息请参考:https://github.com/bitnami/cabin 22 | -------------------------------------------------------------------------------- /manifests/test/rolling-update-test/rolling-update-test.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: rolling-update-test 5 | spec: 6 | replicas: 3 7 | template: 8 | metadata: 9 | labels: 10 | app: rolling-update-test 11 | spec: 12 | containers: 13 | - name: rolling-update-test 14 | image: harbor-001.jimmysong.io/library/hello:v1 15 | ports: 16 | - containerPort: 9090 17 | --- 18 | apiVersion: v1 19 | kind: Service 20 | metadata: 21 | name: rolling-update-test 22 | labels: 23 | app: rolling-update-test 24 | spec: 25 | ports: 26 | - port: 9090 27 | protocol: TCP 28 | name: http 29 | selector: 30 | app: rolling-update-test 31 | -------------------------------------------------------------------------------- /systemd/kube-apiserver.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Kubernetes API Service 3 | Documentation=https://github.com/GoogleCloudPlatform/kubernetes 4 | After=network.target 5 | After=etcd.service 6 | 7 | [Service] 8 | EnvironmentFile=-/etc/kubernetes/config 9 | EnvironmentFile=-/etc/kubernetes/apiserver 10 | ExecStart=/usr/bin/kube-apiserver \ 11 | $KUBE_LOGTOSTDERR \ 12 | $KUBE_LOG_LEVEL \ 13 | $KUBE_ETCD_SERVERS \ 14 | $KUBE_API_ADDRESS \ 15 | $KUBE_API_PORT \ 16 | $KUBELET_PORT \ 17 | $KUBE_ALLOW_PRIV \ 18 | $KUBE_SERVICE_ADDRESSES \ 19 | $KUBE_ADMISSION_CONTROL \ 20 | $KUBE_API_ARGS 21 | Restart=on-failure 22 | Type=notify 23 | LimitNOFILE=65536 24 | 25 | [Install] 26 | WantedBy=multi-user.target 27 | -------------------------------------------------------------------------------- /appendix/debug-kubernetes-services.md: -------------------------------------------------------------------------------- 1 | # Kubernetes service中的故障排查 2 | 3 | - 查看某个资源的定义和用法 4 | 5 | ```bash 6 | kubectl explain 7 | ``` 8 | 9 | - 查看Pod的状态 10 | 11 | ```bash 12 | kubectl get pods 13 | kubectl describe pods my-pod 14 | ``` 15 | 16 | - 监控Pod状态的变化 17 | 18 | ```bash 19 | kubectl get pod -w 20 | ``` 21 | 22 | 可以看到一个 namespace 中所有的 pod 的 phase 变化,请参考 [Pod 的生命周期](../concepts/pod-lifecycle.md)。 23 | 24 | - 查看 Pod 的日志 25 | 26 | ```bash 27 | kubectl logs my-pod 28 | kubectl logs my-pod -c my-container 29 | kubectl logs -f my-pod 30 | kubectl logs -f my-pod -c my-container 31 | ``` 32 | 33 | `-f` 参数可以 follow 日志输出。 34 | 35 | - 交互式 debug 36 | 37 | ```bash 38 | kubectl exec my-pod -it /bin/bash 39 | kubectl top pod POD_NAME --containers 40 | ``` 41 | -------------------------------------------------------------------------------- /manifests/test/configmap-test.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: my-nginx 5 | spec: 6 | replicas: 1 7 | template: 8 | metadata: 9 | labels: 10 | run: my-nginx 11 | spec: 12 | containers: 13 | - name: my-nginx 14 | image: harbor-001.jimmysong.io/library/nginx:1.9 15 | ports: 16 | - containerPort: 80 17 | volumeMounts: 18 | - name: config-volume 19 | mountPath: /tmp 20 | volumes: 21 | - name: config-volume 22 | configMap: 23 | name: special-config 24 | --- 25 | apiVersion: v1 26 | kind: ConfigMap 27 | metadata: 28 | name: special-config 29 | namespace: default 30 | data: 31 | log_level: WARN 32 | -------------------------------------------------------------------------------- /appendix/kubernetes-1.15-changelog.md: -------------------------------------------------------------------------------- 1 | # Kubernetes 1.15 更新日志 2 | 3 | 北京时间 2019 年 6 月 20 日,Kubernetes 1.15 发布,这是 2019 年的第二个版本,距离上个版本发布刚好又是三个月的时间。该版本中最显著地改进包括: 4 | 5 | - CRD 6 | - SIG API Machinery 相关的改进 7 | - 集群生命周期的稳定性和可用性的改进,kubeadm 管理的证书轮换得到进一步加强,还有了自己的 logo 8 | 9 | ![KubeAdmin Logo](https://d33wubrfki0l68.cloudfront.net/285b361256db9bb624c22ff9cd32557b4bc61aba/759c7/images/blog/2019-06-19-kubernetes-1-15-release-announcement/kubeadm-logo.png) 10 | 11 | 详细的日志请访问:[Kubernetes 1.15: Extensibility and Continuous Improvement](https://kubernetes.io/blog/2019/06/19/kubernetes-1-15-release-announcement/)。 12 | 13 | ## 参考 14 | 15 | - [Kubernetes 1.15: Extensibility and Continuous Improvement](https://kubernetes.io/blog/2019/06/19/kubernetes-1-15-release-announcement/) 16 | -------------------------------------------------------------------------------- /concepts/scheduling.md: -------------------------------------------------------------------------------- 1 | # 资源调度 2 | 3 | Kubernetes作为一个容器编排调度引擎,资源调度是它的最基本也是最重要的功能,这一节中我们将着重讲解Kubernetes中是如何做资源调度的。 4 | 5 | Kubernetes中有一个叫做`kube-scheduler`的组件,该组件就是专门监听`kube-apiserver`中是否有还未调度到node上的pod,再通过特定的算法为pod指定分派node运行。 6 | 7 | Kubernetes中的众多资源类型,例如Deployment、DaemonSet、StatefulSet等都已经定义了Pod运行的一些默认调度策略,但是如果我们细心的根据node或者pod的不同属性,分别为它们打上标签之后,我们将发现Kubernetes中的高级调度策略是多么强大。当然如果要实现动态的资源调度,即pod已经调度到某些节点上后,因为一些其它原因,想要让pod重新调度到其它节点。 8 | 9 | 考虑以下两种情况: 10 | 11 | - 集群中有新增节点,想要让集群中的节点的资源利用率比较均衡一些,想要将一些高负载的节点上的pod驱逐到新增节点上,这是kuberentes的scheduler所不支持的,需要使用如[descheduler](https://github.com/kubernetes-incubator/descheduler)这样的插件来实现。 12 | - 想要运行一些大数据应用,设计到资源分片,pod需要与数据分布达到一致均衡,避免个别节点处理大量数据,而其它节点闲置导致整个作业延迟,这时候可以考虑使用[kube-batch](https://github.com/kubernetes-incubator/kube-batch)。 13 | -------------------------------------------------------------------------------- /manifests/heapster/heapster-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: heapster 5 | namespace: kube-system 6 | spec: 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | task: monitoring 12 | k8s-app: heapster 13 | spec: 14 | serviceAccountName: heapster 15 | containers: 16 | - name: heapster 17 | #image: harbor-001.jimmysong.io/library/heapster-amd64:v1.3.0-beta.1 18 | image: harbor-001.jimmysong.io/library/heapster-amd64:v1.4.3 19 | imagePullPolicy: IfNotPresent 20 | command: 21 | - /heapster 22 | - --source=kubernetes:https://kubernetes.default 23 | - --sink=influxdb:http://monitoring-influxdb:8086 24 | -------------------------------------------------------------------------------- /manifests/zookeeper/zkMetrics.sh: -------------------------------------------------------------------------------- 1 | opyright 2016 The Kubernetes Authors. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | 16 | ZK_CLIENT_PORT=${ZK_CLIENT_PORT:-2181} 17 | echo mntr | nc localhost $ZK_CLIENT_PORT >& 1 18 | -------------------------------------------------------------------------------- /practice/monitoring.md: -------------------------------------------------------------------------------- 1 | # 监控 2 | 3 | Kubernetes 使得管理复杂环境变得更简单,但是对 kubernetes 本身的各种组件还有运行在 kubernetes 集群上的各种应用程序做到很好的洞察就很难了。Kubernetes 本身对应用程序的做了很多抽象,在生产环境下对这些不同的抽象组件的健康就是迫在眉睫的事情。 4 | 5 | 我们在安装 kubernetes 集群的时候,默认安装了 kubernetes 官方提供的 [heapster](https://github.com/kubernetes/heapster) 插件,可以对 kubernetes 集群上的应用进行简单的监控,获取 pod 级别的**内存**、**CPU**和**网络**监控信息,同时还能够通过 API 监控 kubernetes 中的基本资源监控指标。 6 | 7 | 然而,[Prometheus](https://prometheus.io) 的出现让人眼前一亮,与 kubernetes 一样同样为 CNCF 中的项目,而且是第一个加入到 CNCF 中的项目。 8 | 9 | [Prometheus](https://prometheus.io) 是由 SoundCloud 开源监控告警解决方案,从 2012 年开始编写代码,再到 2015 年 GitHub 上开源以来,已经吸引了 9k+ 关注,以及很多大公司的使用;2016 年 Prometheus 成为继 k8s 后,第二名 CNCF\([Cloud Native Computing Foundation](https://cncf.io/)\) 成员。 10 | 11 | 作为新一代开源解决方案,很多理念与 Google SRE 运维之道不谋而合。 12 | -------------------------------------------------------------------------------- /appendix/kubernetes-1.10-changelog.md: -------------------------------------------------------------------------------- 1 | # Kubernetes1.10更新日志 2 | 3 | 2018年3月26日,kubernetes1.10版本发布,这是2018年发布的第一个版本。该版本的Kubernetes主要提升了Kubernetes的成熟度、可扩展性与可插入性。 4 | 5 | 该版本提升了三大关键性功能的稳定度,分别为存储、安全与网络。另外,此次新版本还引入了外部kubectl凭证提供程序(处于alpha测试阶段)、在安装时将默认的DNS服务切换为CoreDNS(beta测试阶段)以及容器存储接口(简称CSI)与持久化本地卷的beta测试版。 6 | 7 | 下面再分别说下三大关键更新。 8 | 9 | ## 存储 10 | 11 | - CSI(容器存储接口)迎来Beta版本,可以通过插件的形式安装存储。 12 | - 持久化本地存储管理也迎来Beta版本。 13 | - 对PV的一系列更新,可以自动阻止Pod正在使用的PVC的删除,阻止已绑定到PVC的PV的删除操作,这样可以保证所有存储对象可以按照正确的顺序被删除。 14 | 15 | ## 安全 16 | 17 | - kubectl可以对接不同的凭证提供程序 18 | - 各云服务供应商、厂商以及其他平台开发者现在能够发布二进制插件以处理特定云供应商IAM服务的身价验证 19 | 20 | ## 网络 21 | 22 | - 将原来的kube-dns切换为CoreDNS 23 | 24 | ## 获取 25 | 26 | Kubernetes1.10已经可以通过[GitHub下载](https://github.com/kubernetes/kubernetes/releases/tag/v1.10.0)。 27 | -------------------------------------------------------------------------------- /manifests/istio/servicegraph.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: extensions/v1beta1 3 | kind: Deployment 4 | metadata: 5 | name: servicegraph 6 | spec: 7 | replicas: 1 8 | template: 9 | metadata: 10 | annotations: 11 | alpha.istio.io/sidecar: ignore 12 | labels: 13 | app: servicegraph 14 | spec: 15 | containers: 16 | - name: servicegraph 17 | image: harbor-001.jimmysong.io/library/servicegraph:latest 18 | ports: 19 | - containerPort: 8088 20 | args: 21 | - --prometheusAddr=http://prometheus:9090 22 | --- 23 | apiVersion: v1 24 | kind: Service 25 | metadata: 26 | name: servicegraph 27 | spec: 28 | ports: 29 | - name: http 30 | port: 8088 31 | selector: 32 | app: servicegraph 33 | --- 34 | -------------------------------------------------------------------------------- /manifests/heapster/grafana-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons) 6 | # If you are NOT using this as an addon, you should comment out this line. 7 | kubernetes.io/cluster-service: 'true' 8 | kubernetes.io/name: monitoring-grafana 9 | name: monitoring-grafana 10 | namespace: kube-system 11 | spec: 12 | # In a production setup, we recommend accessing Grafana through an external Loadbalancer 13 | # or through a public IP. 14 | # type: LoadBalancer 15 | # You could also use NodePort to expose the service at a randomly-generated port 16 | ports: 17 | - port : 80 18 | targetPort: 3000 19 | selector: 20 | k8s-app: grafana 21 | -------------------------------------------------------------------------------- /usecases/edge-computing.md: -------------------------------------------------------------------------------- 1 | # 边缘计算 2 | 3 | 以 Kubernetes 为基础的开源项目:[KubeEdge](https://kubeedge.io/zh/)。 4 | 5 | - Github: 6 | 7 | - 官方网站: 8 | 9 | 另外还有很多其他边缘计算相关的 Kubernetes 生态开源项目请见 [Awesome Cloud Native](https://jimmysong.io/awesome-cloud-native/#edge-computing)。 10 | 11 | ## KubeEdge 12 | 13 | ![KubeEdge logo](https://tva1.sinaimg.cn/large/006y8mN6ly1g7vfsugr2fj306y06yjra.jpg) 14 | 15 | Kubeedge项目致力于打造一个基于kubernetes的开放平台,并为网络应用提供基础架构支持。云和边缘之间的部署和元数据同步。 16 | 17 | KubeEdge是一个开源系统,用于将容器化应用程序编排功能扩展到Edge的主机。它基于kubernetes构建,并为网络应用程序提供基础架构支持。云和边缘之间的部署和元数据同步。 KubeEdge使用Apache 2.0许可。并且绝对可以免费用于个人或商业用途。 18 | 19 | ## 参考 20 | 21 | - [The Birth of an Edge Orchestrator – Cloudify Meets Edge Computing](http://cloudify.co/2017/07/26/birth-of-edge-orchestrator-cloudify.html) -------------------------------------------------------------------------------- /manifests/charts/mean/Chart.yaml: -------------------------------------------------------------------------------- 1 | name: mean 2 | version: 0.1.3 3 | description: MEAN is a free and open-source JavaScript software stack for building dynamic web sites and web applications. The MEAN stack is MongoDB, Express.js, Angular, and Node.js. Because all components of the MEAN stack support programs written in JavaScript, MEAN applications can be written in one language for both server-side and client-side execution environments. 4 | keywords: 5 | - node 6 | - javascript 7 | - mongodb 8 | - express 9 | - angular 10 | - nodejs 11 | - git 12 | home: http://nodejs.org/ 13 | sources: 14 | - https://github.com/bitnami/bitnami-docker-node 15 | maintainers: 16 | - name: Bitnami 17 | email: containers@bitnami.com 18 | engine: gotpl 19 | icon: https://bitnami.com/assets/stacks/meanstack/img/meanstack-stack-220x234.png 20 | -------------------------------------------------------------------------------- /etc/kubernetes/config: -------------------------------------------------------------------------------- 1 | ### 2 | # kubernetes system config 3 | # 4 | # The following values are used to configure various aspects of all 5 | # kubernetes services, including 6 | # 7 | # kube-apiserver.service 8 | # kube-controller-manager.service 9 | # kube-scheduler.service 10 | # kubelet.service 11 | # kube-proxy.service 12 | # logging to stderr means we get it in the systemd journal 13 | KUBE_LOGTOSTDERR="--logtostderr=true" 14 | 15 | # journal message level, 0 is debug 16 | KUBE_LOG_LEVEL="--v=0" 17 | 18 | # Should this cluster be allowed to run privileged docker containers 19 | KUBE_ALLOW_PRIV="--allow-privileged=true" 20 | 21 | # How the controller-manager, scheduler, and proxy find the apiserver 22 | #KUBE_MASTER="--master=http://sz-pg-oam-docker-test-001.tendcloud.com:8080" 23 | KUBE_MASTER="--master=http://172.20.0.113:8080" 24 | -------------------------------------------------------------------------------- /manifests/kubedns/kubedns-cm.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2016 The Kubernetes Authors. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | apiVersion: v1 16 | kind: ConfigMap 17 | metadata: 18 | name: kube-dns 19 | namespace: kube-system 20 | labels: 21 | addonmanager.kubernetes.io/mode: EnsureExists 22 | -------------------------------------------------------------------------------- /manifests/heapster/influxdb-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: monitoring-influxdb 5 | namespace: kube-system 6 | spec: 7 | replicas: 1 8 | template: 9 | metadata: 10 | labels: 11 | task: monitoring 12 | k8s-app: influxdb 13 | spec: 14 | containers: 15 | - name: influxdb 16 | # image: gcr.io/google_containers/heapster-influxdb-amd64:v1.1.1 17 | image: harbor-001.jimmysong.io/library/heapster-influxdb-amd64:v1.1.1 18 | volumeMounts: 19 | - mountPath: /data 20 | name: influxdb-storage 21 | - mountPath: /etc/ 22 | name: influxdb-config 23 | volumes: 24 | - name: influxdb-storage 25 | emptyDir: {} 26 | - name: influxdb-config 27 | configMap: 28 | name: influxdb-config 29 | -------------------------------------------------------------------------------- /manifests/spark-standalone/spark-ui-proxy-controller.yaml: -------------------------------------------------------------------------------- 1 | kind: ReplicationController 2 | apiVersion: v1 3 | metadata: 4 | name: spark-ui-proxy-controller 5 | namespace: spark-cluster 6 | spec: 7 | replicas: 1 8 | selector: 9 | component: spark-ui-proxy 10 | template: 11 | metadata: 12 | labels: 13 | component: spark-ui-proxy 14 | spec: 15 | containers: 16 | - name: spark-ui-proxy 17 | image: harbor-001.jimmysong.io/library/spark-ui-proxy:1.0 18 | ports: 19 | - containerPort: 80 20 | resources: 21 | requests: 22 | cpu: 100m 23 | args: 24 | - spark-master:8080 25 | livenessProbe: 26 | httpGet: 27 | path: / 28 | port: 80 29 | initialDelaySeconds: 120 30 | timeoutSeconds: 5 31 | -------------------------------------------------------------------------------- /practice/heapster.md: -------------------------------------------------------------------------------- 1 | # Heapster 2 | 3 | Heapster作为kubernetes安装过程中默认安装的一个插件,见[安装heapster插件](heapster-addon-installation.md)。这对于集群监控十分有用,同时在[Horizontal Pod Autoscaling](../concepts/horizontal-pod-autoscaling.md)中也用到了,HPA将Heapster作为`Resource Metrics API`,向其获取metric,做法是在`kube-controller-manager` 中配置`--api-server`指向[kube-aggregator](https://github.com/kubernetes/kube-aggregator),也可以使用heapster来实现,通过在启动heapster的时候指定`--api-server=true`。 4 | 5 | Heapster可以收集Node节点上的cAdvisor数据,还可以按照kubernetes的资源类型来集合资源,比如Pod、Namespace域,可以分别获取它们的CPU、内存、网络和磁盘的metric。默认的metric数据聚合时间间隔是1分钟。 6 | 7 | **注意** :Kubernetes 1.11 不建议使用 Heapster,就 SIG Instrumentation 而言,这是为了转向新的 Kubernetes 监控模型的持续努力的一部分。仍使用 Heapster 进行自动扩展的集群应迁移到 [metrics-server](https://github.com/kubernetes-incubator/metrics-server) 和自定义指标 API。 8 | 9 | ## 参考 10 | 11 | - [metrics-server - github.com](https://github.com/kubernetes-incubator/metrics-server) 12 | -------------------------------------------------------------------------------- /scripts/lint-gitbook.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ./scripts/build-gitbook.sh 3 | echo -ne "mdspell " 4 | mdspell --version 5 | echo -ne "mdl " 6 | mdl --version 7 | htmlproofer --version 8 | htmlproofer --url-ignore "/localhost/,/172.17.8.101/,/172.20.0.113/,/slideshare.net/,/grpc.io/,/kiali.io/,/condiut.io/,/twitter.com/,/facebook.com/,/medium.com/,/google.com/,/jimmysong.io/,/openfaas.com/,/linkerd.io/,/layer5.io/,/thenewstack.io/,/blog.envoyproxy.io/,/blog.openebs.io/,/k8smeetup.github.io/,/blog.heptio.com/,/apigee.com/,/speakerdeck.com/,/download.svcat.sh/,/blog.fabric8.io/,/blog.heptio.com/,/blog.containership.io/,/blog.mobyproject.org/,/blog.spinnaker.io/,/coscale.com/,/zh.wikipedia.org/,/labs.play-with-k8s.com/,/cilium.readthedocs.io/,/azure.microsoft.com/,/storageos.com/,/openid.net/,/prometheus.io/,/coreos.com/,/openwhisk.incubator.apache.org/,/dockone.io/,/jianshu.com/,/cloudstax.io/,/spring.io/" _book 9 | -------------------------------------------------------------------------------- /manifests/istio/zipkin.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: extensions/v1beta1 3 | kind: Deployment 4 | metadata: 5 | name: zipkin 6 | spec: 7 | replicas: 1 8 | template: 9 | metadata: 10 | annotations: 11 | alpha.istio.io/sidecar: ignore 12 | labels: 13 | app: zipkin 14 | spec: 15 | containers: 16 | - name: zipkin 17 | image: harbor-001.jimmysong.io/library/zipkin:latest 18 | ports: 19 | - containerPort: 9411 20 | env: 21 | - name: POD_NAMESPACE 22 | valueFrom: 23 | fieldRef: 24 | apiVersion: v1 25 | fieldPath: metadata.namespace 26 | --- 27 | apiVersion: v1 28 | kind: Service 29 | metadata: 30 | name: zipkin 31 | spec: 32 | #type: NodePort 33 | ports: 34 | - name: http 35 | port: 9411 36 | #nodePort: 30411 37 | selector: 38 | app: zipkin 39 | --- 40 | -------------------------------------------------------------------------------- /practice/data-persistence-problem.md: -------------------------------------------------------------------------------- 1 | ## 数据落盘问题的由来 2 | 3 | 这本质上是数据持久化问题,对于有些应用依赖持久化数据,比如应用自身产生的日志需要持久化存储的情况,需要保证容器里的数据不丢失,在Pod挂掉后,其他应用依然可以访问到这些数据,因此我们需要将数据持久化存储起来。 4 | 5 | ## 数据落盘问题解决方案 6 | 7 | 下面以一个应用的日志收集为例,该日志需要持久化收集到ElasticSearch集群中,如果不考虑数据丢失的情形,可以直接使用前面提到的[应用日志收集](app-log-collection.md)一节中的方法,但考虑到Pod挂掉时logstash(或filebeat)并没有收集完该pod内日志的情形,我们想到了如下这种解决方案,示意图如下: 8 | 9 | ![日志持久化收集解决方案示意图](../images/log-persistence-logstash.png) 10 | 11 | 1. 首先需要给数据落盘的应用划分node,即这些应用只调用到若干台主机上 12 | 2. 给这若干台主机增加label 13 | 3. 使用`deamonset`方式在这若干台主机上启动logstash的Pod(使用nodeSelector来限定在这几台主机上,我们在边缘节点启动的`treafik`也是这种模式) 14 | 4. 将应用的数据通过volume挂载到宿主机上 15 | 5. Logstash(或者filebeat)收集宿主机上的数据,数据持久化不会丢失 16 | 17 | ## Side-effect 18 | 19 | 1. 首先kubernetes本身就提供了数据持久化的解决方案statefulset,不过需要用到公有云的存储或其他分布式存储,这一点在我们的私有云环境里被否定了。 20 | 2. 需要管理主机的label,增加运维复杂度,但是具体问题具体对待 21 | 3. 必须保证应用启动顺序,需要先启动logstash 22 | 4. 为主机打label使用nodeSelector的方式限制了资源调度的范围 23 | 24 | -------------------------------------------------------------------------------- /usecases/observability.md: -------------------------------------------------------------------------------- 1 | # 可观察性 2 | 3 | 可观察性使用指标、日志和追踪这些外部输出来理解系统的能力。这些指标、日志和追踪是基于系统内部的事件产生的。 4 | 5 | ## 指标(Metrics) 6 | 7 | 指标是数据的总体汇总,它能让你了解正在发生的事情和需要深入挖掘的地方。服务不断产生消费指标,这些指标是服务健康状况的持续衡量标准。 8 | 9 | 指标包括两种类型:应用/业务指标和运维指标。 10 | 11 | ### 应用指标 12 | 13 | 应用性能指标(Application Performance Metrics,简称 APM)数据与应用性能有关,如加载时间和响应时间,确保应用向客户提供预期性能。像 [Apache Skywalking](https://skywalking.apache.org) 这样的开源技术可以集成到 Istio 服务网格中,既可以作为 APM,也可以作为额外的服务性能管理(Service Performance Management,简称 SPM)系统——一举两得。 14 | 15 | ### 运维指标 16 | 17 | 运维指标关注的是服务的运行情况。你的环境表现如何,通常被描述为 "RED "指标——衡量请求(Request)率 、错误(Error)率和持续(Duration)时间。 18 | 19 | 服务网格(比如Istio)唯一关心的就是收集这些运维指标,帮助你确定服务表现如何,并对服务健康状况有一个大致的了解。 20 | 21 | ## 日志(Logs) 22 | 23 | 日志是冗长的。包含一个 "事件 "从头到尾的信息。一则日志可以收集(匿名)用户数据。例如,哪个用户发出了请求,这条请求从哪里开始,到达哪些服务等等。 24 | 25 | ## 追踪(Tracing) 26 | 27 | 追踪让你能够看到一个请求从开始到结束的过程。它是对事件行为的实时捕捉。它可以帮助确定故障发生的位置,或确定引起当前示例性能问题的原因。 在基于微服务的环境中会产生大量的事件。事件被定义为从请求到达网络外围的那一刻起发生的一切,即产生可观察数据的动作。 -------------------------------------------------------------------------------- /concepts/namespace.md: -------------------------------------------------------------------------------- 1 | # Namespace 2 | 3 | 在一个 Kubernetes 集群中可以使用 namespace 创建多个 “虚拟集群”,这些 namespace 之间可以完全隔离,也可以通过某种方式,让一个 namespace 中的 service 可以访问到其他的 namespace 中的服务,我们 [在 CentOS 中部署 kubernetes1.6 集群](../practice/install-kubernetes-on-centos.md) 的时候就用到了好几个跨越 namespace 的服务,比如 Traefik ingress 和 `kube-system`namespace 下的 service 就可以为整个集群提供服务,这些都需要通过 RBAC 定义集群级别的角色来实现。 4 | 5 | ## 哪些情况下适合使用多个 namespace 6 | 7 | 因为 namespace 可以提供独立的命名空间,因此可以实现部分的环境隔离。当你的项目和人员众多的时候可以考虑根据项目属性,例如生产、测试、开发划分不同的 namespace。 8 | 9 | ## Namespace 使用 10 | 11 | **获取集群中有哪些 namespace ** 12 | 13 | ```kubectl get ns``` 14 | 15 | 集群中默认会有 `default` 和 `kube-system` 这两个 namespace。 16 | 17 | 在执行 `kubectl` 命令时可以使用 `-n` 指定操作的 namespace。 18 | 19 | 用户的普通应用默认是在 `default` 下,与集群管理相关的为整个集群提供服务的应用一般部署在 `kube-system` 的 namespace 下,例如我们在安装 kubernetes 集群时部署的 `kubedns`、`heapseter`、`EFK` 等都是在这个 namespace 下面。 20 | 21 | 另外,并不是所有的资源对象都会对应 namespace,`node` 和 `persistentVolume` 就不属于任何 namespace。 22 | -------------------------------------------------------------------------------- /manifests/charts/mean/templates/pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.persistence.enabled }} 2 | kind: PersistentVolumeClaim 3 | apiVersion: v1 4 | metadata: 5 | name: {{ template "fullname" . }} 6 | labels: 7 | app: {{ template "fullname" . }} 8 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | annotations: 12 | {{- if .Values.persistence.storageClass }} 13 | volume.beta.kubernetes.io/storage-class: {{ .Values.persistence.storageClass | quote }} 14 | {{- else }} 15 | volume.alpha.kubernetes.io/storage-class: default 16 | {{- end }} 17 | {{- range $key, $value := .Values.persistence.annotations }} 18 | {{ $key }}: {{ $value }} 19 | {{- end }} 20 | spec: 21 | accessModes: 22 | - {{ .Values.persistence.accessMode | quote }} 23 | resources: 24 | requests: 25 | storage: {{ .Values.persistence.size | quote }} 26 | {{- end }} 27 | -------------------------------------------------------------------------------- /manifests/glusterfs/glusterfs-pod.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "v1", 3 | "kind": "Pod", 4 | "metadata": { 5 | "name": "glusterfs" 6 | }, 7 | "spec": { 8 | "containers": [ 9 | { 10 | "name": "glusterfs", 11 | "image": "harbor-001.jimmysong.io/library/pause-amd64:3.0", 12 | "volumeMounts": [ 13 | { 14 | "mountPath": "/mnt/glusterfs", 15 | "name": "glusterfsvol" 16 | } 17 | ] 18 | } 19 | ], 20 | "volumes": [ 21 | { 22 | "name": "glusterfsvol", 23 | "glusterfs": { 24 | "endpoints": "glusterfs-cluster", 25 | "path": "k8s-volume", 26 | "readOnly": true 27 | } 28 | } 29 | ] 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /manifests/openfaas/rbac.yml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1beta1 2 | kind: ClusterRole 3 | metadata: 4 | name: faas-controller 5 | rules: 6 | - apiGroups: 7 | - "" 8 | resources: 9 | - services 10 | verbs: 11 | - get 12 | - list 13 | - watch 14 | - create 15 | - delete 16 | - update 17 | - apiGroups: 18 | - "" 19 | resources: 20 | - secrets 21 | verbs: 22 | - get 23 | - list 24 | - watch 25 | - apiGroups: 26 | - extensions 27 | resources: 28 | - deployments 29 | verbs: 30 | - get 31 | - list 32 | - watch 33 | - create 34 | - delete 35 | - update 36 | --- 37 | apiVersion: rbac.authorization.k8s.io/v1beta1 38 | kind: ClusterRoleBinding 39 | metadata: 40 | name: faas-controller 41 | roleRef: 42 | apiGroup: rbac.authorization.k8s.io 43 | kind: ClusterRole 44 | name: faas-controller 45 | subjects: 46 | - kind: ServiceAccount 47 | name: faas-controller 48 | namespace: default 49 | -------------------------------------------------------------------------------- /manifests/oam/food-truck/food-truck.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: food-trucks 5 | spec: 6 | selector: 7 | app: food-trucks 8 | type: NodePort 9 | ports: 10 | - port: 5000 11 | targetPort: 5000 12 | --- 13 | apiVersion: apps/v1 14 | kind: Deployment 15 | metadata: 16 | name: food-trucks-deployment 17 | labels: 18 | app: food-trucks 19 | spec: 20 | selector: 21 | matchLabels: 22 | app: food-trucks 23 | template: 24 | metadata: 25 | labels: 26 | app: food-trucks 27 | spec: 28 | containers: 29 | - name: food-trucks-web 30 | image: zzxwill/foodtrucks-web:0.1.1 31 | env: 32 | - name: discovery.type 33 | value: single-node 34 | ports: 35 | - containerPort: 5000 36 | - name: es 37 | image: jimmysong/elasticsearch:6.3.2 38 | ports: 39 | - containerPort: 9200 40 | - containerPort: 9300 41 | -------------------------------------------------------------------------------- /manifests/rook/rook-storageclass.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rook.io/v1alpha1 2 | kind: Pool 3 | metadata: 4 | name: replicapool 5 | namespace: rook 6 | spec: 7 | replicated: 8 | size: 1 9 | # For an erasure-coded pool, comment out the replication size above and uncomment the following settings. 10 | # Make sure you have enough OSDs to support the replica size or erasure code chunks. 11 | #erasureCoded: 12 | # dataChunks: 2 13 | # codingChunks: 1 14 | --- 15 | apiVersion: storage.k8s.io/v1 16 | kind: StorageClass 17 | metadata: 18 | name: rook-block 19 | provisioner: rook.io/block 20 | parameters: 21 | pool: replicapool 22 | # Specify the Rook cluster from which to create volumes. 23 | # If not specified, it will use `rook` as the name of the cluster. 24 | # This is also the namespace where the cluster will be 25 | clusterName: rook 26 | # Specify the filesystem type of the volume. If not specified, it will use `ext4`. 27 | # fstype: ext4 28 | -------------------------------------------------------------------------------- /manifests/charts/mean/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 | trimSuffix "-" chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | */}} 13 | {{- define "fullname" -}} 14 | {{- $name := default .Chart.Name .Values.nameOverride -}} 15 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 16 | {{- end -}} 17 | 18 | {{/* 19 | Create a default fully qualified app name. 20 | We truncate at 63 | trimSuffix "-" chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 21 | */}} 22 | {{- define "mongodb.fullname" -}} 23 | {{- printf "%s-%s" .Release.Name "mongodb" | trunc 63 | trimSuffix "-" -}} 24 | {{- end -}} 25 | -------------------------------------------------------------------------------- /manifests/linkerd/world-v2.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ReplicationController 4 | metadata: 5 | name: world-v2 6 | spec: 7 | replicas: 3 8 | selector: 9 | app: world-v2 10 | template: 11 | metadata: 12 | labels: 13 | app: world-v2 14 | spec: 15 | dnsPolicy: ClusterFirst 16 | containers: 17 | - name: service 18 | image: harbor-001.jimmysong.io/library/buoyantio-helloworld:0.1.4 19 | env: 20 | - name: POD_IP 21 | valueFrom: 22 | fieldRef: 23 | fieldPath: status.podIP 24 | - name: TARGET_WORLD 25 | value: earth 26 | args: 27 | - "-addr=:7778" 28 | ports: 29 | - name: service 30 | containerPort: 7778 31 | --- 32 | apiVersion: v1 33 | kind: Service 34 | metadata: 35 | name: world-v2 36 | spec: 37 | selector: 38 | app: world-v2 39 | clusterIP: None 40 | ports: 41 | - name: http 42 | port: 7778 43 | -------------------------------------------------------------------------------- /concepts/networking.md: -------------------------------------------------------------------------------- 1 | # Kubernetes中的网络 2 | 3 | Kubernetes中的网络可以说对初次接触Kubernetes或者没有网络方面经验的人来说可能是其中最难的部分。Kubernetes本身并不提供网络功能,只是把网络接口开放出来,通过插件的形式实现。 4 | 5 | ## 网络要解决的问题 6 | 7 | 既然Kubernetes中将容器的联网通过插件的方式来实现,那么该如何解决容器的联网问题呢? 8 | 9 | 如果您在本地单台机器上运行docker容器的话会注意到所有容器都会处在`docker0`网桥自动分配的一个网络IP段内(172.17.0.1/16)。该值可以通过docker启动参数`--bip`来设置。这样所有本地的所有的容器都拥有了一个IP地址,而且还是在一个网段内彼此就可以互相通信了。 10 | 11 | 但是Kubernetes管理的是集群,Kubernetes中的网络要解决的核心问题就是每台主机的IP地址网段划分,以及单个容器的IP地址分配。概括为: 12 | 13 | - 保证每个Pod拥有一个集群内唯一的IP地址 14 | - 保证不同节点的IP地址划分不会重复 15 | - 保证跨节点的Pod可以互相通信 16 | - 保证不同节点的Pod可以与跨节点的主机互相通信 17 | 18 | 为了解决该问题,出现了一系列开源的Kubernetes中的网络插件与方案,如: 19 | 20 | - flannel 21 | - calico 22 | - contiv 23 | - weave net 24 | - kube-router 25 | - cilium 26 | - canal 27 | 28 | 还有很多就不一一列举了,只要实现Kubernetes官方的设计的[CNI - Container Network Interface(容器网络接口)](cni.md)就可以自己写一个网络插件。 29 | 30 | 下面仅以当前最常用的flannel和calico插件为例解析。 31 | 32 | - [Kubernetes中的网络解析——以flannel为例](flannel.md) 33 | - [Kubernetes中的网络解析——以calico为例](calico.md) 34 | -------------------------------------------------------------------------------- /concepts/node.md: -------------------------------------------------------------------------------- 1 | # Node 2 | 3 | Node 是 Kubernetes 集群的工作节点,可以是物理机也可以是虚拟机。 4 | 5 | ## Node 的状态 6 | 7 | Node 包括如下状态信息: 8 | 9 | - Address 10 | - HostName:可以被 kubelet 中的 `--hostname-override` 参数替代。 11 | - ExternalIP:可以被集群外部路由到的 IP 地址。 12 | - InternalIP:集群内部使用的 IP,集群外部无法访问。 13 | - Condition 14 | - OutOfDisk:磁盘空间不足时为 `True` 15 | - Ready:Node controller 40 秒内没有收到 node 的状态报告为 `Unknown`,健康为 `True`,否则为 `False`。 16 | - MemoryPressure:当 node 有内存压力时为 `True`,否则为 `False`。 17 | - DiskPressure:当 node 有磁盘压力时为 `True`,否则为 `False`。 18 | - Capacity 19 | - CPU 20 | - 内存 21 | - 可运行的最大 Pod 个数 22 | - Info:节点的一些版本信息,如 OS、kubernetes、docker 等 23 | 24 | ## Node 管理 25 | 26 | 禁止 Pod 调度到该节点上。 27 | 28 | ```bash 29 | kubectl cordon 30 | ``` 31 | 32 | 驱逐该节点上的所有 Pod。 33 | 34 | ```bash 35 | kubectl drain 36 | ``` 37 | 38 | 该命令会删除该节点上的所有 Pod(DaemonSet 除外),在其他 node 上重新启动它们,通常该节点需要维护时使用该命令。直接使用该命令会自动调用`kubectl cordon `命令。当该节点维护完成,启动了 kubelet 后,再使用`kubectl uncordon ` 即可将该节点添加到 kubernetes 集群中。 -------------------------------------------------------------------------------- /.circleci/config.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | jobs: 3 | lint-gitbook: 4 | docker: 5 | - image: jimmysong/gitbook-builder:2019-07-31 6 | working_directory: ~/gitbook 7 | steps: 8 | - checkout 9 | - run: 10 | name: Linting the gitbook 11 | command: scripts/lint-gitbook.sh 12 | markdown-spell-check: 13 | docker: 14 | - image: jimmysong/gitbook-builder:2019-07-31 15 | working_directory: ~/gitbook 16 | steps: 17 | - checkout 18 | - run: 19 | name: Running markdown spell check 20 | command: scripts/mdspell-check.sh 21 | markdown-style-check: 22 | docker: 23 | - image: jimmysong/gitbook-builder:2019-07-31 24 | working_directory: ~/gitbook 25 | steps: 26 | - checkout 27 | - run: 28 | name: Running markdown style check 29 | command: scripts/mdl-check.sh 30 | workflows: 31 | version: 2 32 | workflow: 33 | jobs: 34 | - lint-gitbook 35 | - markdown-spell-check 36 | - markdown-style-check 37 | -------------------------------------------------------------------------------- /manifests/charts/mychart/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: {{ template "fullname" . }} 5 | labels: 6 | chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" 7 | spec: 8 | replicas: {{ .Values.replicaCount }} 9 | template: 10 | metadata: 11 | labels: 12 | app: {{ template "fullname" . }} 13 | spec: 14 | containers: 15 | - name: {{ .Chart.Name }} 16 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 17 | imagePullPolicy: {{ .Values.image.pullPolicy }} 18 | ports: 19 | - containerPort: {{ .Values.service.internalPort }} 20 | livenessProbe: 21 | httpGet: 22 | path: / 23 | port: {{ .Values.service.internalPort }} 24 | readinessProbe: 25 | httpGet: 26 | path: / 27 | port: {{ .Values.service.internalPort }} 28 | resources: 29 | {{ toYaml .Values.resources | indent 12 }} 30 | -------------------------------------------------------------------------------- /manifests/kafka/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM harbor-001.jimmysong.io/library/jdk:8u45 2 | ENV KAFKA_USER=kafka \ 3 | KAFKA_DATA_DIR=/var/lib/kafka/data \ 4 | JAVA_HOME=/usr/local/java \ 5 | KAFKA_HOME=/opt/kafka \ 6 | PATH=$PATH:/opt/kafka/bin 7 | 8 | ARG KAFKA_DIST=kafka_2.10-0.8.2.1 9 | RUN set -x \ 10 | && yum install -y wget tar \ 11 | && wget -q "http://repo.jimmysong.io/configuration/deploy/kafka/$KAFKA_DIST.tgz" \ 12 | && export GNUPGHOME="$(mktemp -d)" \ 13 | && tar -xzf "$KAFKA_DIST.tgz" -C /opt \ 14 | && rm -r "$GNUPGHOME" "$KAFKA_DIST.tgz" 15 | 16 | COPY log4j.properties /opt/$KAFKA_DIST/config/ 17 | 18 | RUN set -x \ 19 | && ln -s /opt/$KAFKA_DIST $KAFKA_HOME \ 20 | && useradd $KAFKA_USER \ 21 | && [ `id -u $KAFKA_USER` -eq 1000 ] \ 22 | && [ `id -g $KAFKA_USER` -eq 1000 ] \ 23 | && mkdir -p $KAFKA_DATA_DIR \ 24 | && chown -R "$KAFKA_USER:$KAFKA_USER" /opt/$KAFKA_DIST \ 25 | && chown -R "$KAFKA_USER:$KAFKA_USER" $KAFKA_DATA_DIR 26 | 27 | COPY kafkaGenConfig.sh /opt/$KAFKA_DIST/bin 28 | -------------------------------------------------------------------------------- /usecases/conduit.md: -------------------------------------------------------------------------------- 1 | # Conduit - 基于Kubernetes的轻量级Service Mesh 2 | 3 | > **注意**:Conduit在发布0.5版本后已经停止开发,而是合并入Linkerd 2.0,详见[Conduit 0.5发布—以及R.I.P. Conduit](http://www.servicemesher.com/blog/rip-conduit/)。 4 | 5 | 2017年12月在得克萨斯州的Asdin,KubeCon和CloudNativeCon上,创造了Service Mesh这个词汇并开源了[Linkerd](https://linkerd.io)的公司[Buoyant](https://buoyant.io),又开源了一款针对Kubernetes的超轻量Service Sesh——[Conduit](https://github.com/runconduit/conduit)。它可以透明得管理服务运行时之间的通信,使得在Kubernetes上运行服务更加安全和可靠;它还具有不用修改任何应用程序代码即可改进应用程序的可观测性、可靠性及安全性等方面的特性。 6 | 7 | Condiut与[Linkerd](https://linkerd.io)的设计方式不同,它跟[Istio](https://istio.io)一样使用的是Sidecar模式,但架构又没Istio那么复杂。Conduit只支持Kubernetes,且只支持HTTP2(包括gRPC)协议。 8 | 9 | Conduit使用Rust和Go语言开发,GitHub地址https://github.com/runconduit/conduit 10 | 11 | 安装Conduit必须使用Kubernetes1.8以上版本。 12 | 13 | ## 参考 14 | 15 | - Conduit GitHub:https://github.com/runconduit/conduit 16 | - 关于Conduit的更多资源请参考官方网站:https://conduit.io/ 17 | - Conduit的官方文档中文版:https://github.com/doczhcn/conduit 18 | - 关于Service Mesh的更多内容请访问ServiceMesher:http://www.servicemesher.com 19 | -------------------------------------------------------------------------------- /manifests/charts/oam-core-resources/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: oam-core-resources 3 | description: A Helm chart for OAM Core Resources Controller 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | version: 0.1.1 18 | 19 | # This is the version number of the application being deployed. This version number should be 20 | # incremented each time you make changes to the application. 21 | appVersion: 0.2.0 22 | -------------------------------------------------------------------------------- /manifests/test/web.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: nginx 6 | labels: 7 | app: nginx 8 | spec: 9 | ports: 10 | - port: 80 11 | name: web 12 | clusterIP: None 13 | selector: 14 | app: nginx 15 | --- 16 | apiVersion: apps/v1beta1 17 | kind: StatefulSet 18 | metadata: 19 | name: web 20 | spec: 21 | serviceName: "nginx" 22 | replicas: 2 23 | template: 24 | metadata: 25 | labels: 26 | app: nginx 27 | spec: 28 | containers: 29 | - name: nginx 30 | image: gcr.io/google_containers/nginx-slim:0.8 31 | ports: 32 | - containerPort: 80 33 | name: web 34 | volumeMounts: 35 | - name: www 36 | mountPath: /usr/share/nginx/html 37 | volumeClaimTemplates: 38 | - metadata: 39 | name: www 40 | annotations: 41 | volume.alpha.kubernetes.io/storage-class: anything 42 | spec: 43 | accessModes: [ "ReadWriteOnce" ] 44 | resources: 45 | requests: 46 | storage: 1Gi 47 | 48 | -------------------------------------------------------------------------------- /manifests/nginx-ingress/templates/role.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: Role 4 | metadata: 5 | labels: 6 | app: {{ template "name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "fullname" . }} 11 | rules: 12 | - apiGroups: 13 | - "" 14 | resources: 15 | - configmaps 16 | - namespaces 17 | - pods 18 | - secrets 19 | verbs: 20 | - get 21 | - apiGroups: 22 | - "" 23 | resources: 24 | - configmaps 25 | resourceNames: 26 | - {{ .Values.controller.electionID }}-{{ .Values.controller.ingressClass }} 27 | verbs: 28 | - get 29 | - update 30 | - apiGroups: 31 | - "" 32 | resources: 33 | - configmaps 34 | verbs: 35 | - create 36 | - apiGroups: 37 | - "" 38 | resources: 39 | - endpoints 40 | verbs: 41 | - create 42 | - get 43 | - update 44 | {{- end -}} 45 | -------------------------------------------------------------------------------- /usecases/service-mesh-customization-and-integration.md: -------------------------------------------------------------------------------- 1 | # 定制和集成 2 | 3 | 例如Istio这样的Service Mesh中有很多地方可以给大家定制,例如作为数据平面的sidecar,虽然默认使用的是Envoy,但是你可以开发自己的sidecar代理;还有Mixer中的各种adpater,你也可以开发自己的adapter来扩展遥测和鉴权功能,[Consul Connect](http://www.servicemesher.com/blog/consul-1-2-service-mesh/)就是个例子。 4 | 5 | 当前可选择的开源的代理可以在[landscape](http://layer5.io/landscape/)里找到,例如使用nginMesh替代Envoy作为数据平面。下图是使用nginMesh作为sidecar的架构图。 6 | 7 | **nginMesh** 8 | 9 | ![nginMesh架构图](../images/006tNbRwly1fucp8yralaj30vu0sijx8.jpg) 10 | 11 | 通过扩展Istio Mixer adapter来对接不同的监控后端。 12 | 13 | ![Mixer adapter](../images/006tNbRwly1fucplat3l9j30vo0lw43l.jpg) 14 | 15 | **MOSN** 16 | 17 | 还有蚂蚁金服开源的Go语言版的数据平面[MOSN](https://github.com/mosn/mosn),这是也兼容Istio的SOFAMesh的一部分,也可以单独作为代理使用,详见:[蚂蚁金服开源SOFAMesh](https://jimmysong.io/blog/sofamesh-and-mosn-proxy-sidecar-service-mesh-by-ant-financial/)。 18 | 19 | ![SOFAMesh](../images/mosn-with-service-mesh.png) 20 | 21 | [MOSN](https://github.com/mosn/mosn)的模块架构图。 22 | 23 | ![SOFAMosn模块架构图](../images/006tNbRwly1fucpc5fn8wj31kw0sfdnu.jpg) 24 | 25 | 在未来我们会看到更多定制的数据平面和Mixer适配器出现。 26 | --------------------------------------------------------------------------------