Slide 1
Slide 1 text
Alibaba Cloud Container Service for Kubernetes (ACK)
AliEaters in Nagoya #4
Slide 2
Slide 2 text
•
• Alibaba Cloud Solution Architect
• Kubernetes, Container, IaC, DevOps, Cloud
s-ari
@shigeto_arima
Slide 3
Slide 3 text
• Kubernetes
• Container Service for Kubernetes
•
•
•
•
Slide 4
Slide 4 text
Kubernetes
Slide 5
Slide 5 text
9F-66$&[
5
OS
OS
OS
l +%OSP
OS>N@S
l ^=]E_)3$.'#%57Q`
l TOC^LHW
$.IR@S
l V?Z2!7JUK
OS
l +%OSA7'3;G
l +%*4
V?
l /7X\ 8^YV?
l ,7"(2$^N
Slide 6
Slide 6 text
Kubernetes
6
l /"&$.0+/!0-
l /"&6 ),0+/
9D0,/>:A56
0)/0"*
l Google
=42;
Borg/'D<
l Linux Foundation31
?@Cloud Native Computing Foundation
ECNCFF 8C
l CNCF
Graduated ProjectB7
l /"&0$.0+/!0-
#($/ 0%
Management
Configration
Volume
Security
Container
Authentication
Slide 7
Slide 7 text
Kubernetes/ (
7
kube-apiserver Kubernetes API=2
kube-controller-
manager
Deployment Controller
ReplicaSet Contoroller
7D."-/*;G
kube-scheduler PodOF+/
)/,
etcd +/<9?L
Key-Value Store
kube-proxy Pod "*&KM
kublet . #J63@
EB
Container runtime . #*.'
Docker0:H>
Kubernetes*4N
85IA/%!
$+1C
. #J6
Slide 8
Slide 8 text
Container Service for Kubernetes
Slide 9
Slide 9 text
Container Service for Kubernetes
9
l $-'"0 /!0#
l Kubernetes
29/!3%,0*/
:8
l Alibaba Cloud/&0"/0(.>7
l /0-/!0+0
;416
l +$-)00/0$ API
&0
l 16Alibaba Cloud,0
5=
Slide 10
Slide 10 text
Slide 11
Slide 11 text
11
Slide 12
Slide 12 text
Master Node
Worker Node
12
Dedicated Kubernetes Cluster
Worker Node
Managed Kubernetes Cluster
Kubernetes Controle Plane
ECI Container Group
Serverless Kubernetes Cluster
Kubernetes Controle Plane
Creation procedures
Elastic Container Instance
Slide 13
Slide 13 text
Slide 14
Slide 14 text
14
Slide 15
Slide 15 text
15
Slide 16
Slide 16 text
16
Slide 17
Slide 17 text
17
Slide 18
Slide 18 text
18
Slide 19
Slide 19 text
Standard Managed Cluster
Container Service for Kubernetes
Log Service Cloud Monitor RAM
Monitoring, Log, Security
ECS
Auto Scaling Group
Kubernetes Worker Nodes
Kubernetes Control Plane Components
Alibaba
Cloud
SLB NAT Gateway
VPC
Network
Security Group
Slide 20
Slide 20 text
ACK
Slide 21
Slide 21 text
21
l LoadBalancerSLB
l
LadBalancer
apiVersion: v1
kind: Service
metadata:
labels:
run: nginx
name: nginx
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
run: nginx
type: LoadBalancer
ACK
SLB
kubectl
Slide 22
Slide 22 text
22
l Cloud Disk, Object Storage Service, NAS
Volume
Alibaba Cloud
Alibaba Cloud ΫϥυσΟεΫ l
l PV/PVC
Alibaba Cloud NAS l FlexVolume
-
- PV/PVC
l Kubernetes NFS
Alibaba Cloud OSS
(Object Storage Service)
l
l PV/PVC
ACK
NAS
OSS
Cloud Disk
Slide 23
Slide 23 text
23
l Monitoring Plugin
2('Cloud Monitor51
l .4/PrometheusGrafana
$
l Prometheus
&#&!% #&
#
%#&!%+2 #
*-
l )3#& #%
Prometheus #%
$
0,
Monitoring
CPU, Memory,
Network, Uptime…
Prometheus
Grafana
Cloud Monitor
Cloud Monitor
2('Cloud
Monitor "%$
Slide 24
Slide 24 text
Log
24
• Log Service@70Log Service%*-- /+
• Alibaba Cloud Log ServiceL?,8O
• Kubernetes*,-"3 ,8<
• -" ,
$+ #>:CD46.CD*/
,8<
• LabelEnvironment>:08<;KN:
• -/+
, JF.BG
• )/EI'(&/! 1=9H
Log File
Stdout
Stderr
Log Service@70%*-
WorkerNode%,
Log Hub Log Shipper
,M2
,BG.5A.(
&/!1=
MaxCompute
OSS
Slide 25
Slide 25 text
RAM
25
• RAMAlibaba Cloud
• RBAC (Role-based access control) RAM
Kubernetes
UserAccount (RAM)
ServiceAccount
RoleBinding
Role
UserAccount (RAM)
UserAccount (RAM)
ClusterRoleBinding
ClusterRole
Namespace
Kubernetes Cluster
Node
Group
Slide 26
Slide 26 text
Container Registry
26
• Docker$
+)
• GitHubBitbucket!$*'GitLab,&$
•
$"$
%.
• $
#(-
GitHub
Bitbucket
GitLab
Container
Registry
Local
Repository
ACK
Container
Slide 27
Slide 27 text
Slide 28
Slide 28 text
28
ACK
SLB Log Service
SLB
Log Service
Slide 29
Slide 29 text
No content
Slide 30
Slide 30 text
!