Alibaba Cloud Container Service for Kubernetes (ACK) 入門編

Transcript

1. Alibaba Cloud Container Service for Kubernetes (ACK)
    AliEaters in

   Nagoya #4

2.   •    • Alibaba Cloud Solution

   Architect •
   Kubernetes, Container, IaC, DevOps, Cloud s-ari @shigeto_arima

3. •  
   Kubernetes • Container Service for Kubernetes  •

     •   •   •  

4. 
   Kubernetes

5. 9F-6 6$&[ 5    OS  
   

    OS   
     OS    l +%OS P OS>N@S l ^=]E_)3$.'#%57Q` l TOC^LHW $.IR@S l V?Z2!7JUK    OS          l +%OS A7'3;G l +%*4   V? l /7X\ 8 ^YV? l ,7"(2$ ^<ME l =]:L 02$D
   MB gVisorQ=]E^6$&16".>N 

6. Kubernetes 6 l /"&$.0+/!0- l /"&6 ),0+/ 9D
   0,/
   >:A56  

   0)/0"* l Google =4 2;  Borg /'D< l Linux Foundation31 ?@ Cloud Native Computing Foundation ECNCFF 8C l CNCF Graduated Project B7 l /"&0$.0+/!0- #($/ 0% Management Configration Volume Security Container Authentication

7. Kubernetes/ ( 7 kube-apiserver Kubernetes API=2 kube-controller- manager Deployment Controller

   ReplicaSet Contoroller 7D."-/*;G kube-scheduler PodOF+/ )/, etcd +/<9?L  Key-Value Store kube-proxy Pod "*&KM kublet . #J6 3@ EB Container runtime . #*.'
   Docker0: H> Kubernetes*4N 85IA /%! $+1C . #J6

8. Container Service for Kubernetes
   

9. Container Service for Kubernetes 9 l $-'"0 /!0# l Kubernetes

   29/!3 %,0*/ :8 l Alibaba Cloud/&0"/0(.>7 l /0-
   /!0+0 ;416 l +$-)00/0$ API &0 l 16Alibaba Cloud,0 <?5=

10. 
    

11. 11

12. Master Node Worker Node
     12 Dedicated Kubernetes Cluster Worker

    Node Managed Kubernetes Cluster Kubernetes Controle Plane ECI Container Group Serverless Kubernetes Cluster Kubernetes Controle Plane Creation procedures Elastic Container Instance

13. 
    

14. 14

15. 15

16. 16

17. 17

18. 18

19. Standard Managed Cluster
    Container Service for Kubernetes Log Service Cloud

    Monitor RAM Monitoring, Log, Security ECS Auto Scaling Group Kubernetes Worker Nodes Kubernetes Control Plane Components Alibaba Cloud SLB NAT Gateway VPC Network Security Group 
    

20. ACK
     

21. 21 l LoadBalancerSLB l   
      

    LadBalancer apiVersion: v1 kind: Service metadata: labels: run: nginx name: nginx spec: ports: - port: 80 protocol: TCP targetPort: 80 selector: run: nginx type: LoadBalancer ACK SLB kubectl

22. 22 l Cloud Disk, Object Storage Service, NAS  
    

    Volume Alibaba Cloud    Alibaba Cloud Ϋϥ΢υσΟεΫ l 
     l PV/PVC 
      Alibaba Cloud NAS l FlexVolume  
     - 
     - PV/PVC 
     l Kubernetes  NFS  
      Alibaba Cloud OSS (Object Storage Service) l 
     l PV/PVC 
      ACK NAS OSS Cloud Disk

23. 23 l Monitoring Plugin 2( 'Cloud Monitor51 l .4/PrometheusGrafana $

    l Prometheus & #&!% #& # %
    #&!%+2 # *- l )3#& #%
    Prometheus #%  $ 0, Monitoring CPU, Memory, Network, Uptime… Prometheus Grafana Cloud Monitor Cloud Monitor 2( 'Cloud Monitor "%$

24. Log 24 • Log Service@70
    Log Service%*-- /+ • Alibaba Cloud

    Log ServiceL?,8O • Kubernetes*,
    -"3 ,8< • -" , $+ #>:
    CD46.CD*/ ,8< • LabelEnvironment>:08<;KN: • -/+ , JF.BG • )/EI'(&/! 1=9H Log File Stdout Stderr Log Service@70%*- WorkerNode %, Log Hub Log Shipper ,M2 ,BG.5A.( &/!1= MaxCompute OSS

25. RAM 25 • RAMAlibaba Cloud   • RBAC (Role-based

    access control) RAM 
    Kubernetes   UserAccount (RAM) ServiceAccount RoleBinding Role UserAccount (RAM) UserAccount (RAM) ClusterRoleBinding ClusterRole Namespace Kubernetes Cluster Node Group

26. Container Registry 26 • Docker$  +) • GitHub
    Bitbucket
    !$*'GitLab,& $

    • 
    $"$   %. • $   #(- GitHub Bitbucket GitLab Container Registry Local Repository ACK Container

27. 
    

28. 
     28 ACK SLB Log Service SLB
       

     Log Service 
29. None

30. 
       !