CN113037522A - Container unit management method and related equipment - Google Patents
Container unit management method and related equipment Download PDFInfo
- Publication number
- CN113037522A CN113037522A CN201911344800.4A CN201911344800A CN113037522A CN 113037522 A CN113037522 A CN 113037522A CN 201911344800 A CN201911344800 A CN 201911344800A CN 113037522 A CN113037522 A CN 113037522A
- Authority
- CN
- China
- Prior art keywords
- network
- container
- container unit
- component
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title abstract description 220
- 238000000034 method Methods 0.000 claims abstract description 77
- 230000008569 process Effects 0.000 description 33
- 238000004891 communication Methods 0.000 description 29
- 238000010586 diagram Methods 0.000 description 16
- 238000004590 computer program Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 10
- 238000012795 verification Methods 0.000 description 10
- 238000012544 monitoring process Methods 0.000 description 4
- 230000006378 damage Effects 0.000 description 3
- 239000000284 extract Substances 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 235000019800 disodium phosphate Nutrition 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/02—Standardisation; Integration
- H04L41/0246—Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
Abstract
The embodiment of the application provides a container unit management method and related equipment, wherein the method comprises the following steps: the network configuration component receives a first network configuration instruction sent by the container agent component, wherein the first network configuration instruction comprises a first container unit identifier, and the first network configuration instruction is sent by the container agent component after a first container unit corresponding to the first container unit identifier is created; the network configuration component sends a container address request to the network management component, wherein the container address request carries a first container unit identifier; the network configuration component receives an address allocation instruction sent by the network management component, wherein the address allocation instruction comprises a first IP address, and the first IP address is an IP address which is recorded by the network management component and corresponds to the first container unit identifier; the network configuration component creates a first virtual network adapter of the first container unit and performs network configuration on the first virtual network adapter according to the first IP address. The fixation of the IP address of the container unit can be realized.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a container unit management method and a related device.
Background
Kubernetes (k 8s for short) is a container cluster management system, and can realize the functions of automatic deployment, automatic capacity expansion, maintenance and the like of a container cluster. Pod is the smallest unit of deployment, creation, or management on the k8s platform, with one Pod representing one process running. One pod can be operated in one pod, or a plurality of pods can be operated, each pod is assigned with an independent IP address, and the pods in the pods can share the IP address for communication.
When a pod of a certain application is newly built, the K8s platform randomly allocates an IP address for the newly built pod from the available address field, and other containers or hosts can access the application carried by the pod through the allocated IP address. If the pod is destroyed by the k8s platform due to an abnormal condition, the IP address is recycled to the available address field, and if other pods are established, the k8s may allocate the IP address to other pods. When a pod is rebuilt for the application, k8s may assign other IP addresses in the available address field to the pod, and the IP address to access the application changes.
The way of distributing the IP address of K8s is suitable for the pod corresponding to the application that does not depend on IP address inter-access, such as web application, and the access to the web application is usually based on Uniform Resource Locator (URL), and even if the IP address changes, the normal access to the web application through the URL is not affected. However, for applications that depend on IP address mutual access, such as database applications, if the IP address of the pod carrying this type of application is changed after being rebuilt, the applications carrying this type of application that are based on IP address mutual access cannot be accessed normally after these pods are rebuilt.
Disclosure of Invention
The application provides a container unit management method and related equipment, and the container unit management method and related equipment can realize the immobilization of the IP address of the container unit and ensure that an application based on IP address inter-access carried by the container unit is normally accessed.
A first aspect of the present application provides a container element management method, which may be performed by a network management component in a control node in the k8s platform, and a container agent component and a network configuration component in the same computing node device in the k8s platform. The container unit involved in the method may be a pod in the k8s platform.
The network management component is responsible for managing and distributing the IP addresses of the container units in the plurality of computing node devices in the k8s platform; the container agent component is responsible for creating, modifying, monitoring and the like of the container unit in the computing node equipment; the network configuration component is responsible for creating and configuring the virtual network adapter of the container unit in the computing node device according to the IP address allocated by the network management component, so as to ensure that the container unit in the computing node device can perform network communication based on the configured virtual network adapter.
In the method, a network configuration component receives a first network configuration instruction sent by a container agent component, wherein the first network configuration instruction is sent by the container agent component after a first container unit corresponding to a first container unit identifier is created, and the first network configuration instruction comprises the first container unit identifier; further, the network configuration component sends a container address request for applying an IP address to the network management component, wherein the container address request carries a first container unit identifier, so that the network management component acquires the recorded IP address corresponding to the first container unit identifier and returns an address allocation instruction containing the first IP address to the network configuration component; thus, the network configuration component creates a first virtual network adapter for the first container unit and can network configure the first virtual network adapter based on the first IP address. Aiming at the container unit established by the first container unit identification, the network configuration component fixes the IP address of the container unit, and provides network guarantee for normal access of the application in the container unit.
Optionally, the container unit management method of the first aspect may be applied in a scenario where the container unit corresponding to the first container unit identifier is restarted or rebuilt. Thus, the first container unit may be created by the container proxy component in the event of a failure of a second container unit, wherein the second container unit, prior to the failure, is the first container unit identifying the uniquely corresponding container unit.
The second container unit is in an unhealthy running state due to defects existing in the second container unit in the running process and is further destroyed by the container agent assembly; or the second container unit is killed by the user in the healthy operation process due to the service requirement; or the second container unit can quit automatically when the life cycle expires; the second container unit may also be destroyed due to a hardware failure such as a power failure of the computing node device carrying the second container unit. The factors causing the second container unit to fail are various and are not particularly limited in this application.
Aiming at the first container unit restarted or rebuilt by the second container unit, the original first IP address of the second container unit is still adopted, so that the application corresponding to the second container unit and the first container unit can be normally accessed through the first IP address before and after the restart or the rebuild, and the continuity of the application service is ensured.
Optionally, the container unit management method of the first aspect may be used in a first container unit establishment scenario corresponding to the first container unit identifier. Therefore, the first container unit may be created by the container proxy component after receiving an indication to establish the container unit sent by the cluster interface component, where the indication includes the identifier of the first container unit. The cluster interface component is a component existing in a control node device in the k8s platform, is an interface and a communication bus of the k8s platform, and is responsible for receiving operation input of a user and event interaction inside the load-bearing platform. Compared with a mode of randomly allocating the IP addresses, when the container unit corresponding to the first container unit identifier is established for the first time, the first IP address corresponding to the first container unit identifier is allocated to the first container unit, so that the IP addresses in the k8s platform can be reasonably managed and planned, and the flexibility of IP address management in the k8s platform is improved.
Optionally, before receiving the first network configuration instruction sent by the container agent component, the network configuration component further receives a second network configuration instruction sent by the container agent component, where the second network configuration instruction includes the first IP address, and the network configuration component acquires the first container unit identifier and sends address specifying information to the container management component, so that the network management component establishes a correspondence between the first IP address and the first container unit identifier. Optionally, the second network configuration instruction may be the same instruction as the first network configuration instruction in the first aspect, or may be a different instruction.
The method for acquiring the identifier of the first container unit by the network configuration component may be to acquire one parameter or a combination of several parameters uniquely corresponding to the first container unit from the existing container unit parameters of the first container unit, and use the parameter or the combination as the identifier of the first container unit; or may be a unique corresponding container unit identification generated for the first container unit.
The corresponding relation between the first IP address and the first container unit identifier is recorded by triggering the network management component, so that the first IP address is allocated to the first container unit when the first container unit corresponding to the first container unit identifier is created, and the precondition that the first container unit realizes the immobilization of the IP address is ensured.
Optionally, after sending the container address request to the network management component, the network configuration component further receives a first virtual local area network identifier sent by the network management component, where the first virtual local area network identifier is an identifier indicating a virtual local area network to which the first container unit is accessed. By receiving the first virtual local area network identifier sent by the network management component, the first container unit can be accessed to the virtual local area network corresponding to the first virtual local area network identifier according to the first virtual local area network identifier, so that the communication of the first container unit based on a two-layer network is realized, and the flexibility of creating a container network is improved.
Before the network management component sends the first virtual local area network identifier, the recorded first network identifier corresponding to the first container unit identifier is firstly obtained, the recorded first network information corresponding to the first network identifier is further obtained, and finally the first virtual local area network identifier is obtained from the first network information.
Optionally, after receiving the first virtual local area network identifier sent by the network management component, the network configuration component configures the first virtual local area network identifier as an identifier of a virtual local area network to which the first port belongs, where the first port is a port in the virtual switching device that establishes a connection with the first virtual network adapter, and the configured first port may access the first container unit to the virtual local area network corresponding to the first virtual local area network identifier. The virtual switching equipment is the switching equipment which establishes connection with the physical network adapter of the computing node equipment. The first container unit is accessed to the virtual local area network corresponding to the first virtual local area network identifier by configuring the home virtual local area network of the first port.
Optionally, before the network configuration component receives the first network configuration instruction sent by the container agent component, the network configuration component further receives a third network configuration instruction sent by the container agent component, where the third network configuration instruction includes the first network identifier, and then the network configuration component sends network specifying information to the network management component, where the network specifying information includes the first network identifier, so that the network management component establishes a corresponding relationship between the first network identifier and the first container unit identifier according to the network specifying information. The optional third network configuration instruction may be the same instruction as the first network configuration instruction in the first aspect, or may be a different instruction. The corresponding relation between the first network identification and the first container unit identification is recorded by triggering the network management component, so that when the first container unit corresponding to the first container unit identification is created, a container network is constructed for the first container unit according to the network information corresponding to the first network identification, the immobilization of the network information of the container is realized, and the network stability of the container unit is ensured.
Optionally, the first network information may further include a first subnet mask and a first gateway address, after the network configuration component sends the container address request to the network management component, the network management component sends the first subnet mask and the first gateway address in the first network information to the network configuration component, and a specific manner of the network configuration component performing network configuration on the first virtual network adapter according to the first IP address may be that the first IP address is configured as an IP address of the first virtual network adapter, the first subnet mask is configured as a subnet mask of the first virtual adapter, and the first gateway address is configured as a gateway address of the first virtual adapter. The first subnet mask code and the first gateway address are recorded by the network management component, so that the subnet mask code and the gateway address of the container unit are fixed, and then the subnet mask code and the gateway address are configured after the IP address of the first virtual network adapter is configured, so that the normal network adaptation function of the first virtual network adapter is ensured.
Optionally, before the network configuration component acquires the identifier of the first container unit, the network configuration component may further acquire container attribute information of the second container unit, and a specific implementation manner of the network configuration component acquiring the identifier of the first container unit may be: and the network configuration component determines the identifier of the first container unit through a first hash operation according to the container attribute information of the second container unit, the first IP address and the first network identifier. Compared with the case that the combination of several parameters of the container unit is used as the first container unit identifier, the result of the first hash operation is determined as the first container unit identifier in the above process, so that the storage space occupied by the first container unit identifier in the network management component can be saved, and the access efficiency of the network management component to the first container unit identifier can be improved.
Optionally, after the network configuration component sends the container address request to the network management component, the network management component may obtain the recorded first network identifier corresponding to the first container unit identifier, and send the first network identifier to the network configuration component; the network configuration component can also obtain the container attribute information of the first container unit before performing network configuration on the first virtual network adapter according to the first IP address, obtain a verification container unit identifier through a first hash operation according to the container attribute information of the first container unit, the first IP address contained in the address allocation instruction and the first network identifier sent by the network configuration component, and perform network configuration on the first virtual network adapter according to the first IP address only under the condition that the verification container unit identifier is determined to be consistent with the first container unit identifier. After receiving the address allocation instruction, the network configuration component verifies whether the first IP address in the address allocation instruction is the IP address corresponding to the previous second container unit by comparing the verification container unit identifier with the first container unit identifier, so that the reliability of the first IP address allocated to the first container unit when the first container unit is rebuilt or restarted after the second container unit is invalid is ensured.
A network management component receives a container address request sent by a network configuration component, where the container address request carries a first container unit identifier, the network configuration component sends the container address request to the network management component under the trigger of a first network configuration instruction of a container proxy component, and the first network configuration instruction is sent to the network configuration component after the container proxy component creates a first container unit corresponding to the first container unit identifier; then the network management component acquires a first IP address corresponding to the recorded first container unit identifier; furthermore, the network management component sends an address allocation instruction containing the first IP address to the network configuration component, so that the network configuration component performs network configuration on the virtual network adapter of the first container unit according to the first IP address. Compared with the mode of randomly allocating the IP address to the first container unit, the network management component allocates the first IP address corresponding to the identifier of the first container unit to the first container unit corresponding to the identifier of the first container unit, so that the IP address of the first container unit can be fixed, and a network guarantee is provided for normal access of applications in the first container unit.
Wherein the network management component in the second aspect is a component in a control node device in the k8s platform, and the container agent component and the network configuration component may be components existing in the same computing node device in the k8s platform. The network management component is responsible for managing and distributing the IP addresses of the container units in the plurality of computing node devices in the k8s platform; the container agent component is responsible for creating, modifying, monitoring and the like of the container unit in the computing node equipment; the network configuration component is responsible for creating and configuring the virtual network adapter of the container unit in the computing node device according to the IP address allocated by the network management component, so as to ensure that the container unit in the computing node device can perform network communication based on the configured virtual network adapter.
Optionally, before receiving the container address request sent by the network configuration component, the network management component may further obtain the first IP address, obtain the first container unit identifier, and further record a correspondence between the first IP address and the first container unit identifier. The network management component records the corresponding relation between the first IP address and the first container unit identifier in advance, so that the first IP address is allocated to the first container unit corresponding to the first container unit identifier after a container address request carrying the first container unit identifier is received, and preconditions are provided for container unit IP address immobilization.
Optionally, if the container unit management method of the second aspect is applied in a scenario where the container unit is restarted or rebuilt, the network management component may obtain the first IP address, and obtain the first container unit identifier in a specific manner, where the container management component receives address specification information sent by the network configuration component, where the address specification information includes the first IP address and the first container unit identifier. And the first container unit identification in the address designation information is sent to the network management component through the address designation information after being acquired by the network configuration component. The network configuration component sends the first container unit identifier and the first IP address to the network management component in advance for recording, so that the IP address of the container unit is kept unchanged before and after restarting or rebuilding.
Optionally, if the container unit management method in the second aspect is applied in a scenario where the container unit is initially established, the network management component acquires the first IP address, and a specific manner of acquiring the first container unit identifier may be that the container management component receives the first IP address sent by the cluster interface component, and the container management component generates the first container unit identifier. Then, the network management component sends a container identifier allocation instruction to the cluster interface component, where the container identifier allocation instruction includes the first container unit identifier generated by the network management component, so that the cluster interface component sends first network configuration information including the first container unit identifier to the container proxy component, and the container proxy component sends the first network configuration instruction to the network configuration component under the trigger of the first network configuration information.
The cluster interface component is a component existing in a control node device in the k8s platform, is an interface and a communication bus of the k8s platform, and is responsible for receiving operation input of a user and event interaction inside the load-bearing platform. Before the first container unit is established, the first IP address designated for the first container unit is sent to the network management component, the network management component generates the first container unit identifier, and the corresponding relation between the first container unit identifier and the first IP address is established, compared with a mode that the container unit is randomly allocated with the IP address when being established, reasonable management planning can be carried out on the IP address in the k8s platform, and the flexibility of IP address management in the k8s platform is improved.
Optionally, after receiving the container address request sent by the network configuration component, the network management component may further obtain a first network identifier corresponding to the first container unit identifier, and further obtain first network information corresponding to the first network identifier, where the first network information includes a first virtual local area network identifier, and the first virtual local area network identifier may indicate a virtual local area network to which the first container unit is accessed. The first container unit can be accessed to the virtual local area network corresponding to the first virtual local area network identifier, so that the communication of the first container unit based on a two-layer network is realized, and the flexibility of creating the container network is improved.
Optionally, after the network management component obtains the first network information corresponding to the first network identifier, the network management component may further send the first virtual local area network identifier to the network configuration component, so that the network configuration component configures the virtual local area network to which the first port belongs according to the first virtual local area network identifier. The first port is a port which is connected with the first virtual adapter in the virtual switching equipment, and the virtual switching equipment is switching equipment which is connected with a physical network adapter of the computing node equipment. The first container unit is accessed to the virtual local area network corresponding to the first virtual local area network identifier by configuring the home virtual local area network of the first port.
Optionally, before the network management component receives the container address request sent by the network configuration component, the network management component may further receive the first network identifier, and further record a corresponding relationship between the first network identifier and the first container unit identifier. If the container unit management method of the second aspect is applied to a scenario in which a container unit is restarted or rebuilt, the network management component may receive a first network identifier sent by the network configuration component; if the container unit management method of the second aspect is applied in a scenario where a container unit is initially established, the network management component may receive the first network identifier sent by the cluster interface component. Optionally, the network management component records the corresponding relationship between the first network identifier and the first container unit identifier in advance, so that when the first container unit corresponding to the first container unit identifier is created, a container network can be constructed for the first container unit according to the network information corresponding to the first network identifier, thereby implementing the immobilization of the network information of the container and ensuring the network stability of the container unit.
Optionally, before the network management component receives the container address request sent by the network configuration component, the network management component may further receive a network information warehousing instruction, where the network information warehousing instruction carries the first network information, and the network management component generates a first network identifier corresponding to the first network information and records a corresponding relationship between the first network information and the first network identifier. The network information warehousing instruction may be sent to the network management component by the cluster interface component.
Optionally, the first network information may further include a first subnet mask and a first gateway address, and after receiving the container address request sent by the network configuration component, the network management component may further send the first subnet mask and the first gateway address to the network configuration component, so that the network configuration component configures the subnet mask of the first virtual adapter according to the first subnet mask and configures the gateway address of the first virtual adapter according to the first gateway address. The network management component realizes the fixation of the subnet mask and the gateway address of the first container unit by sending the first subnet mask and the first gateway address to the network configuration component, and ensures the normal network adaptation function of the first virtual network adapter.
A third aspect of the present application provides a computing node device, which includes a network configuration component and a container agent component, and is configured to implement the method in the first aspect and its implementation manners.
Optionally, the computing node device may implement some or all of the possible implementations of the first aspect based on the network configuration component and the container proxy component that it includes.
A fourth aspect of the present application provides a control node device, which includes a network management component, and is configured to implement the methods in the second aspect and the implementation manners thereof.
A fifth aspect of the present application provides a computing node device, comprising: a processor and a memory;
the processor is connected to the memory, wherein the memory is configured to store program codes, and the processor is configured to execute the program codes stored in the memory, so as to implement the method in the first aspect and the implementation manners thereof.
A sixth aspect of the present application provides a control node apparatus, including: a processor and a memory;
the processor is connected to the memory, wherein the memory is used for storing program codes, and the processor is used for executing the program codes stored in the memory to implement the method in the second aspect and the implementation manners thereof.
A seventh aspect of the present application provides a container unit management system, which includes the computing node device of the third aspect and the control node device of the fourth aspect.
An eighth aspect of the present application provides a container unit management system, which includes the computing node device of the fifth aspect and the control node device of the sixth aspect.
A ninth aspect of the present application provides a computer-readable medium having program code stored thereon, which, when run on a computer, causes the computer to perform the method of the first aspect and any one of its possible implementations.
A tenth aspect of the present application provides a computer-readable medium having program code stored thereon, which, when run on a computer, causes the computer to perform the method of the second aspect and any one of its possible implementations.
An eleventh aspect of the present application provides a computer program product comprising: computer program code for causing a computer to perform the method of the first aspect and any one of its possible implementations described above, when the computer program code runs on a computer.
A twelfth aspect of the present application provides a computer program product comprising: computer program code which, when run on a computer, causes the computer to perform the method of the second aspect and any possible implementation thereof.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is a schematic architecture diagram of a container unit management system according to an embodiment of the present application;
fig. 2 is a schematic architecture diagram of a k8s platform according to an embodiment of the present disclosure;
fig. 3 is a schematic architecture diagram of a container unit management system based on a k8s platform according to an embodiment of the present application;
fig. 4 is a schematic flow chart of a container unit management method according to an embodiment of the present application;
FIG. 5 is a schematic flow chart of another container unit management method provided in the embodiments of the present application;
fig. 6 is a schematic flowchart of recording first network information according to an embodiment of the present application;
fig. 7 is a schematic flow chart of a network management component retrieving first network information according to an embodiment of the present application;
fig. 8 is a schematic flow chart of another network management component for retrieving first network information according to an embodiment of the present application;
FIG. 9 is a schematic flow chart illustrating a further method for managing container units according to an embodiment of the present disclosure;
FIG. 10 is a schematic structural diagram of a computing node device according to an embodiment of the present application;
FIG. 11 is a schematic structural diagram of another computing node device provided in an embodiment of the present application;
fig. 12 is a schematic structural diagram of a control node device according to an embodiment of the present application;
fig. 13 is a schematic structural diagram of another control node device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Before describing the container unit management method of the embodiment of the present application, a system architecture for implementing the method is first described, referring to fig. 1, fig. 1 is an architectural schematic diagram of a container unit management system provided by the embodiment of the present application, and as shown in fig. 1, the container unit management system may include a network configuration component 001, a container agent component 002, and a network management component 003. Network configuration component 001 establishes communication connections with container agent component 002 and network management component 003, respectively. The container unit in the embodiment of the present application is a process of bearing an application in a computer.
The container agent component 002 is a component having a management function of creating and deleting a container unit. The container agent component 002 is configured to create a first container unit corresponding to the first container unit identifier, and send a first network configuration instruction to the network configuration component 001 after the first container unit is created. The first network configuration instruction includes a first container unit identifier, where the first container unit identifier is a globally unique container unit identifier in the container unit management system, that is, in the container unit management system, one container unit identifier and one container unit are in a unique corresponding relationship.
The network management component 003 is a component having an address field available for managing and allocating container units. The network management component 003 is configured to receive a container address request sent by the container agent component 001, and obtain a first IP address corresponding to the first container unit identifier; and further send an address assignment instruction carrying the first IP address to network configuration component 001.
After receiving the container address request sent by the network management component 003, the network configuration component 001 may further be configured to perform network configuration on the first virtual network adapter according to the first IP address, and the first virtual network adapter after completing the network configuration may support communication of the first container unit, such as performing encapsulation and decapsulation, link management, serial-to-parallel conversion, encoding, and decoding on communication data of the first container unit.
Based on the container unit management system provided by the embodiment of the application, the first IP address can be accurately allocated to the first container unit corresponding to the first container unit identifier, the IP address of the container unit is fixed, and the application which is borne by the container unit and based on IP address inter-access is ensured to be normally accessed.
In some optional implementations, the architecture of the container unit management system of the embodiments of the present application may be built on the k8s platform. First, the basic architecture of the k8s platform is described, where k8s is a container cluster management system and pod is the smallest unit of deployment, creation, or management on the k8s platform. The K8s platform is generally a computer cluster (cluster) including a plurality of computer nodes, and the plurality of computer nodes are generally divided into two roles, a control node (master) and a compute node (worker). The control node is mainly responsible for management and control of nodes in the k8s platform, and the computing node is mainly responsible for carrying pod operation tasks in the k8s platform. In a specific deployment, the control node and the computing node may be physical machine nodes or virtual machine nodes.
Referring to fig. 2, fig. 2 is an architecture schematic diagram of a k8s platform provided in an embodiment of the present application, and as shown in the diagram, the k8s platform in fig. 2 exemplarily includes a control node 100 and three computing nodes, which are a computing node 200, a computing node 300, and a computing node 400. The control node 100, the computing node 200, the computing node 300, and the computing node 400 may establish network connections between each other.
As shown in fig. 2, the control node 100 includes a cluster interface component (API server)1001, a scheduling component (scheduler)1002, a control management component (controller manager)1003, a storage component (etcd)1004, and a network management component (CNI master)1005, where:
the cluster interface component 1001 is a communication bus of the k8s platform, and may interact with other components in the cluster, and may also receive the operation of the k8s platform by a user through a command line tool (kubecect), etc.; the storage component is also the only component which can access the storage component, and other components can only indirectly operate the storage component through the cluster interface component;
the scheduling component 1002 is a component in the k8s platform responsible for scheduling decisions, and is responsible for allocating a newly issued application request to a corresponding computing node through a scheduling decision algorithm according to the resource usage in a cluster, and issuing a task event to the corresponding computing node through the cluster interface component 1001;
the control management component 1003 is a component for ensuring the cluster state in the k8s platform to be finally consistent, and monitors the cluster state through the cluster interface component to determine that the actual state is finally consistent with the expected state;
the storage component 1004 is used for storing all cluster state data in the k8s platform, including configuration data of pod, allocation data of task, and the like;
the network management component 1005 is a component derived by the k8s platform during later use to manage and assign the IP address of the pod.
Components of the computing node 200, the computing node 300, and the computing node 400 may have the same functional categories, and by taking the computing node 200 as an example, as shown in fig. 2, the computing node 200 includes a container proxy component (kubel) 2001, a service proxy component (kube-proxy)2002, a container runtime component (container runtime)2003, and a network configuration component (CNI plug) 2004, where:
the container agent component 2001 is a resource management component in the compute node 200, and monitors a task event issued by the cluster interface component 1001 in the control node 100, and further starts or closes a pod according to task time;
the service agent component 2002 is responsible for managing services (services) in k8s, and is a component for implementing the communication and load balancing mechanism of the services in the k8s platform;
the container runtime component 2003 is a container creation engine (engine) in the compute node 200 and is also a container resource manager of the compute node 200. In fact, the container agent component 2001 does not directly manage the container resources of the node, but delegates the management to the container runtime component 2003, such as starting a container, closing a container, and the like;
the network configuration component 2004 is responsible for creating a virtual network card for the pod in the computing node 200, and configuring the virtual network card according to the IP address allocated by the network management component 1005 in the control node 100.
Next, a system architecture built on a k8s platform for implementing the container unit management method in the embodiment of the present application is described, referring to fig. 3, where fig. 3 is a schematic architecture diagram of a container unit management system based on a k8s platform provided in the embodiment of the present application. In the case that the system architecture is built based on k8s, the container unit related to the embodiment of the present application may be a pod in the k8s platform.
The system architecture can be built based on a control node and any one computing node of a k8s platform, and as shown in fig. 3, the container unit management system can include a network management component 2011 in the control node 201, a container agent component 2021 in the computing node 202, and a network configuration component 2022;
optionally, a cluster interface component 2012 in control node 201 may also be included;
optionally, a pod created by the virtual switch device 2027 and the container agent component 2021 in the computing node 202 and a virtual network adapter corresponding to the pod may be further included, and fig. 3 exemplarily illustrates the pod2023 and the pod2024, and the virtual network adapter 2025 and the virtual network adapter 2026 corresponding to the two pods respectively;
optionally, a physical network adapter 2028 may also be included.
For a description of the network management component 2011 and the cluster interface component 2012 in the control node 201, and a related description of the container agent component 2021 and the network configuration component 2022 in the compute node 202, reference may be made to descriptions of corresponding components in fig. 2, which are not described herein again, and optionally, a container network in which the pod in the compute node 202 communicates is described in combination with the pod, the virtual network adapter, the virtual switch device 2027, and the physical network adapter 2028.
After the pod proxy component 2021 establishes the pod, if the physical network adapter 2028 of the compute node 202 is directly declared to be used, it may cause a problem that different pods use network resources with conflict. Therefore, it is necessary to isolate network resources of different pods, and isolate them in different network name spaces (network namespaces), where there are respective corresponding IP addresses and ports, and at this time, the network configuration component 2022 is required to create respective virtual network adapters (such as virtual network card vNIC) for the different pods, and perform network configuration on the respective virtual network adapters, so that the pods can communicate.
After the virtual network adapters of the Pod are established, if communication is to be performed between different pods, the pods in the computing node 202 need to be connected through a virtual switch device (vSwitch)2027, so that the pods in the computing node 202 can communicate with each other. If a pod in the compute node 202 needs to communicate with a communication node other than the compute node 202 (including a pod in another compute node in the k8s platform and a communication node other than the k8s platform), the virtual switch device needs to be connected to the physical network adapter 2028 of the compute node 202, and then the virtual switch device can forward traffic communicated with the communication node other than the compute node 202 to the physical network adapter 2028 and forward the traffic to the corresponding communication node by the physical network adapter 2028, thereby implementing communication between the pod in the compute node 202 and the communication node other than the compute node 202.
Based on the system architecture implementation corresponding to fig. 1 or fig. 3, an embodiment of the present application provides a container unit management method, referring to fig. 4, fig. 4 is a flowchart illustrating the container unit management method provided in the embodiment of the present application, and as shown in fig. 4, the container unit management method may include steps S401 to S404.
S401, the container agent component sends a first network configuration instruction to the network configuration component.
Optionally, the first network configuration instruction is sent by the container agent component to the network configuration component after the first container unit corresponding to the first container unit identifier is created. The container proxy component may be the first container unit created upon receiving an indication to create a container unit for the first container unit identification; or the first container unit may be created when it is determined that the container unit corresponding to the first container unit identifier needs to be restarted or rebuilt in the process of monitoring the created container unit by the container agent component.
The first network configuration instruction includes a first container unit identifier, and the container agent component may acquire container unit configuration information corresponding to the first container unit identifier, and then create the first container unit according to the acquired container unit configuration information. The process of creating the first container unit by the container agent component includes allocating system resources to the first container unit according to the system resource demand information configured in the container unit configuration information, and further loading the mirror image specified in the container unit configuration information based on the allocated system resources. For example, the specified image may be a database application image, and after the image is loaded, the first container unit may serve as a database to provide database services; it is also possible to apply a mirror to the block chain nodes, and after loading the mirror, the first container unit can serve as the deployed block chain node.
S402, the network configuration component sends a container address request to the network management component.
Optionally, after receiving the first network configuration instruction sent by the container agent component, the network configuration component extracts the first container unit identifier in the first network configuration instruction, and further sends a container address request carrying the first container unit identifier to the network management component.
S403, the network management component sends an address assignment instruction to the network configuration component.
Optionally, after receiving the container address request, the network management component may extract the first container unit identifier included in the container address request, further search and obtain the first IP address corresponding to the first container unit identifier from the recorded correspondence between the container unit identifier and the IP address, and then send the address assignment instruction carrying the first IP address to the network configuration component.
The corresponding relationship between the first container unit identifier and the first IP address recorded by the network management component may be that the first container unit identifier and the first IP address are sent to the network management component in advance at the cluster interface component, and the network management component further establishes and records the corresponding relationship between the first container unit identifier and the first IP address. Or the network configuration component may send the first container unit identifier and the first IP address to the network management component in advance, and the network management component establishes and records the corresponding relationship between the first container unit identifier and the first IP address. The cluster interface component may also send the first IP address to the network management component, and the network management component generates the first container unit identifier, thereby establishing and recording a corresponding relationship between the first container unit identifier and the first IP address.
S404, the network configuration component creates a first virtual network adapter of the first container unit, and performs network configuration on the first virtual network adapter according to the first IP address.
Wherein, the network configuration component creates the first virtual network adapter, which may be executed after receiving the address allocation instruction sent by the network configuration component in S403; or after receiving the first network configuration instruction in S401, the sending of the container address request to the network management component in S402 may be performed in parallel. And after the first IP address in the address allocation instruction is extracted, setting the first IP address as the IP address of the first virtual network adapter.
In some implementations, the network configuration component may further obtain a first subnet mask and a first gateway address for configuring the first container unit, and configure the first subnet mask as the subnet mask of the first virtual network adapter and configure the first gateway address as the gateway address of the first virtual network adapter when the first virtual network adapter is configured in a network. The first subnet mask may be used to determine a network segment where the first virtual network adapter is located when the first virtual network adapter forwards the communication data packet of the first container unit; the first gateway address may be used to determine, when the first container unit communicates with a communication node outside the network segment where the first virtual network adapter is located, a last-hop gateway node of the network segment where the communication packet leaves the first virtual network adapter.
And after the network configuration component completes the network configuration of the first virtual network adapter, the first virtual network adapter is connected with the virtual switching equipment in the same computing node. The first container unit may further communicate during operation via the first virtual network adapter and a virtual switching device in the same computing node.
Alternatively, the network configuration component may establish the connection between the first virtual network adapter and the virtual switching device by creating a set of virtual ethernet device pairs (vtth pairs), assuming that the created set of vtth pairs includes vEth0 and vEth1, vEth0 and vEth1 may be regarded as two ends of the same virtual network line, vEth0 is inserted into the first virtual network adapter, and vEth1 is inserted into the virtual switching device, so that the connection between the first virtual network adapter and the virtual switching device is established.
In this embodiment of the application, after receiving a first network configuration instruction carrying a first container unit identifier sent by a container component, a network configuration component sends a container address request including the first container unit identifier to a network management component, so that the network management component obtains a recorded first IP address corresponding to the first container unit identifier, and sends an address assignment instruction carrying the first IP address to the network configuration component, so that the network configuration component can use the network management component to perform network configuration on a first virtual network adapter according to the first IP address assigned by the first container unit identifier after creating the first virtual network adapter. The network management component records the corresponding relation between the first container unit identification and the first IP address, so that the first IP address allocated by the network management component can be obtained when the network management component requests the IP address corresponding to the first container unit identification at any time. The method and the device realize the immobilization of the IP address of the container unit corresponding to the first container unit identifier, avoid the problem that the application in the container unit cannot be normally accessed due to the randomization of the IP address, and provide network guarantee for the normal access of the application in the container unit.
Referring to fig. 5, fig. 5 is a schematic flowchart of another container unit management method provided in an embodiment of the present application. In a possible implementation scenario, the execution bodies involved in the container unit management method in the embodiment of the present application include at least a container agent component and a network configuration component of a first computing node (the first computing node may be any computing node in the k8s platform) in the k8s platform, and a network management component and a cluster interface component of a control node in the k8s platform. As shown in fig. 5, the method may include steps S501 to S514.
S501, the cluster interface component issues a first container creating task to the container agent component, and sends container address configuration information to the container agent component.
When a user of the k8s platform issues a new task to create a container unit, an issue request, which may include configuration information for the container unit to be created, may be submitted to the cluster interface component via a command line tool or the like in the control node. When monitoring that a new issue request exists in the cluster interface component, a scheduling component in the control node determines a first computing node as a computing node executing the new issue request from a plurality of computing nodes of the k8s platform according to a preset scheduling policy, and sends a binding relationship between the first computing node and the new issue request to the cluster interface component, and stores the binding relationship between the first computing node and the new issue request in a storage component through the cluster interface component. The container agent component in the first computing node may periodically obtain, through the cluster interface component, a list of container units stored in the storage component, where the container units need to be run by the first computing node, where the list includes the new issue request. Furthermore, the container agent component of the first computing node, through comparison between the list and the container unit actually running in the first computing node, finds that a container unit has not been created for the new issuance request, and then acquires the first container creation task for the new issuance request.
The container address configuration information includes a first IP address corresponding to the first container creating task. Before sending the container address configuration information, the cluster interface component receives a first IP address input by a user, where the first IP address may be submitted to the container proxy component by the new issue request or sent to the cluster interface component by the user through another instruction, and then the cluster interface component sends the container address configuration information carrying the first IP address to the container proxy component.
S502, the container agent component creates a first container unit corresponding to the first container creating task.
Optionally, the container proxy component creates the first container unit by the container runtime component by invoking a container runtime interface in the first compute node. The optional container runtime component may be any existing container engine supporting the k8s platform, and the present embodiment does not specifically limit the type of the container runtime component.
S503, the container agent component sends a first network configuration instruction to the network configuration component, and the first network configuration instruction carries the first IP address.
Optionally, after the container agent component creates the first container unit, the network configuration component is invoked to send a first network configuration instruction carrying the first IP address to the network configuration component, so that the network configuration component configures the first IP address as an IP address for the first container unit to perform communication.
S504, the network configuration component creates a first virtual network adapter of the first container unit, and performs network configuration on the first virtual network adapter according to the first IP address.
Optionally, the network configuration component sets the first IP address to an IP address of the first virtual network adapter. Further, the network configuration component may obtain a first subnet mask and a first gateway address, configure the first subnet mask as a subnet mask of the first virtual network adapter, and configure the first gateway address as a gateway address of the first virtual network adapter.
After the network configuration component completes the network configuration of the first virtual network adapter, the first virtual network adapter is connected with the virtual switching equipment in the first computing node. The first container unit may further communicate during operation via the first virtual network adapter and a virtual switching device in the first computing node.
S505, the network configuration component obtains the first container unit identifier.
In a specific implementation, the network configuration component may obtain the identifier of the first container unit in various ways. In an optional obtaining manner, the container configuration component may select one or more parameters from existing parameters in the container attribute information of the first container unit, as the identifier of the first container unit. After the container agent component creates the first container unit, a plurality of container unit parameters of the first container unit are generated, such as the name (pod name) of the container unit, the namespace (pod name) of the container unit, the image (image) corresponding to the container unit, the port number (container port) of the container unit, and the like, and these container unit parameters are recorded in the storage component by the container agent component through the cluster interface component in the form of container unit objects.
Furthermore, the network configuration component may obtain, through the cluster interface component, one or more container unit parameters that are recorded by the storage component and that include a parameter that uniquely corresponds to the first container unit, and use the one container unit parameter or a combination of the plurality of container unit parameters as the first container unit identifier. For example, the k8s platform divides the resources inside the platform into different user groups through pod name space, and the pod name under the same pod name space is unique, so that one container unit can be uniquely corresponded by pod name space and pod name, and the combination of the container unit parameters of pod name space and pod name containing the first container unit can be used as the first container unit identifier of the first container unit.
In another alternative obtaining manner, the first container unit identifier may be a globally unique identifier within the k8s platform generated by the network configuration component for the first container unit. In an optional generation and acquisition manner, the network configuration component may obtain the Identifier of the first container unit in the form of a Universal Unique Identifier (UUID). The UUIDs have different versions (UUID versions) that correspond to different algorithms, e.g., UUID Version 1 corresponds to a time-based UUID, UUID Version 2 corresponds to a DCE security-based UUID, UUID Version 3 corresponds to a name-based UUID (computed by MD5 hashing algorithm), UUID Version 4 corresponds to a random UUID, UUID Version 5 corresponds to a name-based UUID (computed by SHA1 hashing algorithm), etc. Optionally, a first container element identifier globally unique within the k8s platform corresponding to the first container element may be obtained through any UUID algorithm.
In another alternative generation and acquisition manner, the network configuration component may generate the first container unit identifier by a specified first hash operation according to the container unit parameter and the first IP address in the container attribute information of the first container unit. For example, the first IP address is recorded as port-IP, the network configuration component may obtain the pod name of the first container unit and the pod name of the first container unit, and use the computed pod-port-ID as the first container unit identifier by using a formula of pod-port-ID ═ Hash (pod name, port-IP). Alternatively, the first hash operation may be any kind of hash operation. The parameters related to the Hash operation in the formula are not limited to three types, and may further include, for example, a load image (image) and a port number (container port) of the container unit, and then, the formula may be alternatively calculated as a pod-port-ID — Hash (pod name, pod name space, image, container port, port-IP). Further optionally, the arrangement order of the parameters participating in the first hash operation in the two formulas for computing the pod-port-ID is not limited to the arrangement order exemplified in the two formulas, and any arrangement order may be set, which is not limited herein.
S506, the network configuration component sends address designation information to the network management component, wherein the address designation information comprises the first IP address and the first container unit identification.
S507, the network management component establishes a corresponding relation between the first IP address and the first container unit identifier.
And after receiving the address designation information, the network management component establishes and stores a corresponding relation between the first IP address and the first container unit identifier.
Steps S505 to S507 are executed in sequence, step S504 and steps S505 to S507 are not limited in the execution order, and step S504 may be executed at any time after step S503 is executed and before step S508 is executed.
S508, the container agent component obtains a second container creation task.
Prior to step S508, the first container unit is a container unit to which the first container unit identification uniquely corresponds. Optionally, the second container creation task is a task to identify a rebuild or restart container unit for the first container unit in case the first container unit fails. The first container unit may fail due to various factors, for example, the first container unit may fail in an unhealthy operation state due to its own defects during the operation process, and then be destroyed by the container agent assembly; or the first container unit is killed by the user in the healthy operation process due to the service requirement; or the first container unit exits by itself when the life cycle expires; the first container unit may also be destroyed due to a hardware failure such as a power failure of the computing node device carrying the first container unit. The embodiment of the present application is not particularly limited to specific failure factors.
Because there are various influences of the failure of the first container unit, there are also various ways of acquiring the second container creation task, which may be issued by the cluster interface component to the container proxy component or generated by the container proxy component itself.
In one implementation, the control management component in the control node may monitor the operation status of the container unit in each computing node in the k8s platform through the cluster agent component, and may issue the second container creation task to the container agent component in the first computing node when it is monitored that the first container unit in the first computing node has an operation failure.
In another implementation manner, the cluster agent component may receive a container process destruction instruction for the first container unit identifier sent by the user, and then the cluster agent component may send a destruction instruction for the first container unit to the container agent component of the first computing node, and the container agent component of the first computing node may destroy the first container unit according to the destruction instruction. Or the first container unit has the life cycle of the first container unit, and the first container unit automatically exits when the life cycle is finished. The cluster agent component may issue a second container creation task to the container agent component of the first compute node upon receiving a container launch instruction sent by a user for the first container unit identification.
In another implementation, the container agent component of the first compute node may monitor the container unit in the first compute node, and may generate the second container creation task to be executed by itself when the first container unit is monitored to be in an abnormal state.
S509, the container agent component creates a second container unit corresponding to the first container unit identifier.
Specifically, the container agent component may obtain the container unit configuration information corresponding to the first container unit according to the first container unit identifier, so as to create the second container unit according to the obtained container unit configuration information.
S510, the container agent component sends a second network configuration instruction to the network configuration component, wherein the second network configuration instruction comprises the first container unit identifier.
S511, the network configuration component sends a container address request to the network management component, and the container address request carries the first container unit identifier.
S512, the network management component acquires the recorded first IP address corresponding to the first container unit identifier.
Optionally, the network management component extracts the first container unit identifier in the container address request, and obtains the first IP address corresponding to the first container unit identifier according to the correspondence between the first container unit identifier and the first IP address recorded in step S507.
S513, the network management component sends an address assignment instruction including the first IP address to the network configuration component.
S514, the network configuration component creates a second virtual network adapter of the second container unit, and performs network configuration on the second virtual network adapter according to the first IP address.
And after the network configuration component completes the network configuration of the second virtual network adapter, the second virtual network adapter is connected with the virtual switching equipment in the first computing node.
The specific implementation manners of steps S510 to S514 may refer to the specific implementation manners of steps S401 to S404 in the embodiment corresponding to fig. 4, and are not described herein again.
In an optional implementation manner, if the manner of acquiring the first container unit identifier by the network configuration component in S505 is to generate the first container unit identifier through a specified first hash operation according to the container unit parameter and the first IP address of the first container unit, the network configuration component may further verify the first IP address before performing network configuration on the second virtual network adapter, and perform network configuration on the second virtual network adapter according to the first IP address after the verification is passed.
The specific verification method can be as follows: the network configuration component can obtain corresponding container unit parameters in the container attribute information of the second container unit, obtain a verification container unit identifier through a first hash operation according to the container unit parameters and the first IP address of the second container unit, and confirm that the verification is passed under the condition that the first container unit identifier is consistent with the verification container unit identifier.
In this embodiment of the present application, after the first container unit corresponding to the first container unit identifier is created for the first time, the network management component records the first container unit identifier of the first container unit and the first IP address in a corresponding manner, and when the container unit corresponding to the first container unit identifier is restarted or rebuilt, the network management component may allocate the first IP address recorded in a corresponding manner to the first container unit identifier to the second container unit created for the first container unit identifier again. In the container unit creating process of the first container unit identification, the first IP address is fixedly allocated to the container unit corresponding to the first container unit identification, the IP address is fixed, and the container unit access abnormity caused by the random allocation of the IP address is avoided.
In some optional implementations, before step S501, the container unit management method provided in this embodiment may include a process in which the network management component records the first network information (i.e., the network information corresponding to the first network identifier). The network management component may record the first network information in correspondence with the first network identifier, and may retrieve the corresponding first network information according to the first network identifier during the process of performing network configuration on the container unit, where the network parameters in the first network information may be used by the network configuration component for performing network configuration. The following describes a recording process of the first network information and a retrieval scenario of the first network information, respectively.
First, a recording process of first network information is described, referring to fig. 6, where fig. 6 is a schematic flowchart of a process for recording first network information according to an embodiment of the present application, and as shown in the figure, the process for recording first network information may include steps S601-S603.
S601, the cluster interface component receives a network information storage instruction, and the network information storage instruction carries first network information.
Optionally, the network information warehousing instruction received by the cluster interface component may be input by a user through a command line tool, and the first network information may include a network parameter configured by the user for building a container network. For example, the first network information may include a network name (network name), a gateway IP address (gateway-IP), a subnet mask (subnet mask), and an available address field (start IP/end IP). Optionally, if a two-layer container network is established, the first network information may further include a local area network identifier (VLAN ID or segment ID) to be added.
S602, the cluster interface component sends the first network information to the network management component.
S603, the network management component obtains a first network identifier corresponding to the first network information, and establishes a corresponding relationship between the first network information and the first network identifier.
And after the network management component acquires the first network information in the network information storage instruction, performing validity verification on the network parameters in the first network information, for example, verifying whether the gateway address in the first network information is in the same network segment as the available address segment, and the like. And acquiring the first network identification after the validity verification is passed.
The first network identifier (network ID) is a globally unique network identifier in the k8s platform, and in an obtaining manner, the network management component may generate the first network identifier by itself after receiving the network information warehousing instruction, for example, may generate the first network identifier in the form of a UUID. In another obtaining mode, the first network identifier may also be a globally unique network identifier input by a user, when the first network identifier input by the user is received, the globally unique network identifier may be determined, and only when the first network identifier is determined to be the globally unique network identifier, it is determined that the obtaining of the first network identifier is successful.
Two scenarios for retrieving and using the first network information are described below:
in a retrieval scenario, when the network management component is directed to the first container unit, the network management component may obtain, according to the received first network identifier specified by the user, first network information corresponding to the first network identifier, and further send a relevant parameter in the first network information to the network configuration component for network configuration. For example, the subnet mask and the gateway address in the first network information are sent to the network configuration component, so that the network configuration component performs the network configuration operation on the first virtual network adapter in the embodiment corresponding to fig. 5 by using the subnet mask and the gateway address as the first subnet mask and the first gateway address, respectively. For another example, when the layer two communication network of the container is created, the local area network identifier in the first network information is sent to the network configuration component, so that the network configuration component configures the layer two communication port of the first container unit.
Fig. 7 shows a process of retrieving the first network information according to the first network identifier in the process of establishing the first container unit by the network management component, where fig. 7 is a schematic flow diagram of retrieving the first network information by the network management component according to the embodiment of the present application, and as shown in fig. 7, the process of retrieving the first network information by the network management component may include the following steps S701 to S705, which may be performed before step S508 in the embodiment shown in fig. 5.
S701, the cluster interface component sends network parameter configuration information to the container agent component, and the network parameter configuration information contains a first network identifier corresponding to the first container creating task.
Before sending the network parameter configuration information, the cluster interface component receives a first network identifier specified by a user, which may be submitted to the container agent component by a new issue request input by the user in a specific implementation manner in step S501, or sent to the cluster interface component by another instruction, and then sends the network parameter configuration information to the container agent component.
S702, the container agent component sends a third network configuration instruction to the network configuration component, wherein the third network configuration instruction carries the first network identifier.
The third network configuration instruction may be the same as or different from the first network configuration instruction in S503 in the embodiment corresponding to fig. 5.
Optionally, if in the embodiment corresponding to fig. 5, the manner in which the network configuration component acquires the first container unit identifier in S505 is to generate the first container unit identifier through a specified first Hash operation according to the container unit parameter and the first IP address of the first container unit, in an alternative manner, the network configuration component may determine the first container unit identifier pod-port-ID through a formula of pod name, network ID, and port-IP, where the network ID is the first network identifier.
S703, the network configuration component sends network designation information to the network management component, wherein the network designation information contains a first network identifier.
The network specifying information and the address specifying information in S506 in the embodiment corresponding to fig. 5 may be the same information, or may be different information, and if the network specifying information is different information, the network specifying information may further include the first container unit identifier.
S704, the network management component acquires the recorded first network information corresponding to the first network identifier, and sends the network parameters in the first network information to the network configuration component.
S705, the network configuration component carries out network configuration according to the network parameters sent by the network management component.
Alternatively, if the network parameters sent by the network management component to the network configuration component are the subnet mask and the gateway address, the network configuration component may perform network configuration according to the specific implementation manner in S504 in the embodiment shown in fig. 5.
If the network parameter sent by the network management component to the network configuration component is the virtual local area network identifier, the configuration of the two-layer container network is realized through the following processes: the network configuration component configures the received virtual local area network identifier (marked as a first virtual local area network identifier) as an identifier of a virtual local area network to which the first port belongs. The first port is a port which is connected with the first virtual network adapter in the virtual switching equipment of the first computing node. Specifically, the first port may be a port into which a virtual ethernet device (veth) is inserted in the virtual switching device when the virtual switching device establishes a connection with the first virtual network adapter. By configuring the first port, the first container unit can be accessed to the virtual local area network corresponding to the first virtual local area network identifier.
Optionally, after receiving the specified first network identifier, the network management component may establish a correspondence between the first network identifier and the first container unit identifier. Therefore, in another retrieval scenario, the network management component may further obtain the first network information corresponding to the first network identifier in a process of reconstructing a container unit (i.e., the second container unit) corresponding to the first network identifier, and further send the relevant parameter in the first network information to the network configuration component for network configuration. For example, the subnet mask and the gateway address in the first network information are sent to the network configuration component, so that the network configuration component performs the network configuration operation on the second virtual network adapter in the embodiment corresponding to fig. 5 by using the subnet mask and the gateway address as the first subnet mask and the first gateway address, respectively. For another example, when the layer two container communication network is created, the local area network identifier in the first network information is sent to the network configuration component, so that the network configuration component configures the layer two communication port of the second container unit.
In the process of establishing the second container unit, the process of retrieving the first network information according to the first network identifier by the network management component may be referred to in fig. 8. As shown in fig. 8, the process of acquiring the first network information by the network management component may include the following steps S801 to S804, which may be performed after receiving the container address request carrying the first container unit identifier in the embodiment S511 shown in fig. 5.
S801, the network management component acquires a first network identifier of the record corresponding to the first container unit identifier.
S802, the network management component acquires the recorded first network information corresponding to the first network identifier.
S803, the network management component sends the network parameters in the first network information to the network configuration component.
Optionally, the network parameter may be a subnet mask and a gateway address in the first network information, or may be a virtual local area network identifier in the first network information.
S804, the network configuration component carries out network configuration according to the network parameters sent by the network management component.
If the network parameter received by the network configuration component is the subnet mask and the gateway address, the network configuration component configures the received subnet mask as the subnet mask of the second virtual network adapter after the second virtual network adapter of the second container unit is created, and configures the received gateway address as the gateway address of the second virtual network adapter.
And if the network parameter received by the network configuration component is the virtual local area network identifier, configuring the received virtual local area network identifier as the identifier of the virtual local area network to which the second port belongs. Wherein the second port is a port in the first computing node that establishes a connection with a second virtual network adapter. And by configuring the second port, the second container unit can be accessed to the virtual local area network corresponding to the first virtual local area network identifier.
Through the implementation process corresponding to fig. 8 in the embodiment of the present application, in the container unit creation process performed for multiple times for the first container unit identifier, the same network parameter may be configured for the container unit corresponding to the first container unit identifier, so that stability of network information applied in the container unit is ensured.
In yet another possible implementation scenario, in the embodiment corresponding to fig. 5, steps S501 to S507 are steps of performing interactive execution on a corresponding execution component in a control node of the k8S platform and a corresponding execution component in a first computing node of the k8S platform. After step S507, when the control management component in the control node monitors that the first computing node has a fault (e.g., a fault such as power failure) through the cluster interface component, the cluster interface component selects, through the scheduling component, a second computing node that meets the scheduling policy from the other computing nodes except the first computing node in the k8S platform. And the corresponding execution component in the second computing node and the corresponding execution component in the control node of the k8S platform interactively execute the steps S508 to S514.
Through the above process, after the first container unit is established in the first computing node, if the first computing node fails, the second container unit can be re-established in the second computing node for the first container unit, and the second container unit is kept consistent with the IP address used by the first container unit in normal operation. Rebuilding on different computing nodes, and continuously providing a running environment guarantee for the service of the application borne by the first container unit or the second container unit; and the IP address is kept unchanged after reconstruction, and network guarantee is provided for the service continuity of the application borne by the first container unit or the second container unit.
It should be noted that, in this implementation scenario, the running data of the application borne by the first container unit may be stored in advance in a third-party remote storage space other than the first computing node and the second computing node, so that after the second container unit is created in the second computing node, the running data may be obtained from the third-party remote storage space, and then the application that was originally running in the first container unit continues to run normally.
Referring to fig. 9, fig. 9 is a schematic flowchart of another container unit management method provided in an embodiment of the present application. The execution body related to the container unit management method in the embodiment of the application at least comprises a container agent component, a network configuration component, a network management component and a cluster interface component. Among other things, the container agent component and the network configuration component may reside at a first compute node in the k8s platform (the first compute node may be any one of the k8s platforms), the network management component and the cluster interface component may reside at a control node in the k8s platform. As shown in fig. 9, the method may include steps S901-S914.
S901, the cluster interface component receives a network information storage instruction, and the network information storage instruction carries first network information.
S902, the cluster interface component sends the first network information to the network management component.
S903, the network management component acquires a first network identifier corresponding to the first network information, and establishes a corresponding relationship between the first network information and the first network identifier.
The specific implementation manners of steps S901 to S903 may refer to the specific implementation manners of steps S601 to S603 in the embodiment corresponding to fig. 6, and are not described herein again.
And S904, the cluster interface component receives a container creating instruction, the container creating instruction comprises container unit configuration information, and receives an information fixing instruction corresponding to the container creating instruction, and the information fixing instruction carries the first IP address.
Alternatively, the container creation instruction may be the same instruction as the information immobilization instruction, or may be a different instruction. The container creation instruction and the information immobilization instruction may be input through a command line tool in the control node.
S905, the cluster interface component sends the first IP address to the network management component.
S906, the network management component acquires the first container unit identification and establishes the corresponding relation between the first container unit identification and the first IP address.
Optionally, the manner in which the network management component acquires the first container unit identifier may be to acquire, from a plurality of container configuration parameters of the container unit configuration information, one or more parameters that uniquely correspond to the container creation instruction, as the first container unit identifier. It is also possible that the network management component generates the first container element identification in the form of a UUID. The network management component may also generate the first container unit identifier through a first hash operation according to the plurality of container configuration parameters and the first IP address in the container unit configuration information. For each specific obtaining manner, refer to a manner in which the network configuration component obtains the identifier of the first container unit in the embodiment corresponding to fig. 5, which is not described herein again.
S907, the network management component sends a container identifier allocation instruction to the cluster interface component, where the container identifier allocation instruction includes the first container unit identifier.
S908, the cluster interface component sends first network configuration information to the container proxy component, where the first network configuration information includes a first container unit identifier.
The first network configuration information is used to trigger the container agent component to perform S909 and S910.
S909, the container proxy component creates a first container unit that identifies the corresponding first container unit.
S910, the container agent component sends a first network configuration instruction to the network configuration component.
S911, the network configuration component sends a container address request to the network management component, wherein the container address request carries the first container unit identifier.
S912, the network management component obtains the recorded first IP address corresponding to the identifier of the first container unit.
S913, the network management component sends an address assignment instruction to the network configuration component, where the address assignment instruction includes the first IP address.
S914, the network configuration component creates a first virtual network adapter of the first container unit, and performs network configuration on the first virtual network adapter according to the first IP address.
After the network configuration component performs network configuration on the first virtual network adapter, the first virtual network adapter is connected with the virtual switching equipment in the first computing node.
The specific implementation of steps S909 to S914 may refer to the implementation of S401 to S404 in the embodiment corresponding to fig. 4, and will not be described herein again.
In an optional implementation manner, the first network information may include a first virtual local area network identifier, and the information fixing instruction in step S904 further carries the first network identifier. The cluster interface component may further send the first network identifier to the network management component, and the network management component may establish a correspondence between the first container unit identifier and the first network identifier. Therefore, after receiving the container address request, the network management component acquires the recorded first network identifier corresponding to the first container unit identifier, acquires the recorded first network information corresponding to the first network identifier, and further acquires the first virtual local area network identifier from the first network information. Before step S914, the network management component further sends the first vlan id to the network configuration component. The network configuration component thereby configures the identifier of the first virtual local area network as an identifier of a virtual local area network to which the first port belongs, the first port being a port in the virtual switching device of the first computing node that establishes a connection with the first virtual network adapter.
In this embodiment, before the network management device establishes the first container unit for the first time, the network management device obtains the first container unit identifier of the first container unit, and establishes a corresponding relationship between the first container unit identifier and the first IP address. Further, after the container agent component creates a first container unit for the first container unit identification bed, the network configuration component invokes the network management component, sends a container address request containing the first container unit identification to the network management component, and the network management component assigns the first IP address to the created first container unit. The container unit is created by the container agent component according to the first container identifier, and the first IP address is fixedly allocated to the first container unit corresponding to the first container unit identifier by the network management component, so that the IP address is fixed, and the container unit access abnormity caused by random allocation of the IP address is avoided.
The scheme provided by the embodiment of the present application has been mainly described from the perspective of the method. It is understood that the computing node device and the control node device, in order to implement the above functions, contain corresponding hardware structures and/or software modules for performing the respective functions. The components and steps of the various examples described in connection with the embodiments disclosed herein may be embodied as hardware or a combination of hardware and computer software. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present teachings.
Referring to fig. 10, fig. 10 is a schematic structural diagram of a computing node device according to an embodiment of the present application. The computing node device may implement the method embodiments of fig. 4-9 through its built-in components. As shown in fig. 10, the computing node device 60 includes a network configuration component 601 and a container agent component 602, wherein:
a container agent component 602 for creating a first container unit corresponding to the first container unit identifier;
a network configuration component 601 for:
receiving a first network configuration instruction sent by a container agent component, wherein the first network configuration instruction comprises a first container unit identifier;
sending a container address request to control node equipment, wherein the container address request carries a first container unit identifier;
receiving an address allocation instruction sent by the control node device, wherein the address allocation instruction comprises a first IP address, and the first IP address is an IP address which is recorded by the control node device and corresponds to the first container unit identifier;
and creating a first virtual network adapter of the first container unit, and carrying out network configuration on the first virtual network adapter according to the first IP address.
Optionally, the container agent component 602 is specifically configured to create, in the case that a second container unit fails, a first container unit corresponding to a first container unit identifier, where the second container unit is, before the second container unit fails, a container unit uniquely corresponding to the first container unit identifier.
Optionally, the container agent component 602 is further configured to send a second network configuration instruction, where the second network configuration instruction includes the first IP address;
a network configuration component 601, further configured to:
receiving a second network configuration instruction;
the method comprises the steps of obtaining a first container unit identifier, and sending address designation information to control node equipment, wherein the address designation information comprises a first IP address and the first container unit identifier, and the address designation information is used for enabling the control node equipment to establish a corresponding relation between the first IP address and the first container unit identifier.
Optionally, the network configuring component 601 is further configured to obtain container attribute information of the second container unit;
the network configuration component 601 is specifically configured to:
and determining the first container unit identifier through a first hash operation according to the container attribute information, the first IP address and the first network identifier of the second container unit.
It is understood that the computing node device 60 in the embodiment of the present application may implement the steps performed by the network configuration component and the container proxy component in the embodiments shown in fig. 4 to 9, respectively. With regard to specific implementation of the functional components included in the computing node device of fig. 10 and corresponding advantageous effects, reference may be made to the detailed descriptions of the embodiments of fig. 4 to 9 described above.
The computing node device in the embodiment illustrated in fig. 10 described above may be implemented as the computing node device 70 illustrated in fig. 11. As shown in fig. 11, fig. 11 is a schematic structural diagram of another computing node device provided in this embodiment of the present application, and the computing node device 70 shown in fig. 11 includes: a processor 701 and a memory 702.
The memory 702 is used for storing program codes and data for the computing node device to execute, and the processor 701 may execute the application program codes stored in the memory 702 to realize the actions of the container agent component or the network configuration component provided in any of the embodiments shown in fig. 4 to 9.
The processor 701 is communicatively coupled to the memory 702, for example, via a bus 703. The bus 703 may be a PCI bus or an EISA bus, etc. The bus 703 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 11, but this is not intended to represent only one bus or type of bus.
The computing node device 70 may also include a transceiver 704 for supporting the transfer of information between the computing node device 70 and the control node device or other devices involved in the embodiments described above. For example, step S402 in the corresponding embodiment of fig. 4 is implemented; for example, step S511 and step S513 in the corresponding embodiment of fig. 5 are implemented; for example, step S911 and step S913 in the corresponding embodiment of fig. 9 are implemented.
It should be noted that, in practical applications, the computing node device may include one or more processors, and the structure of the computing node device 70 does not constitute a limitation to the embodiments of the present application.
The processor 701 may be a Central Processing Unit (CPU), a general purpose processor, a Digital Signal Processor (DSP), an application-specific integrated circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, transistor logic, hardware components, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs, and microprocessors, among others.
The transceiver 704 may be a communication interface or a transceiver circuit, etc., where the transceiver is referred to collectively and in particular implementations, the transceiver may include multiple interfaces.
The memory 702 may include volatile memory (volatile memory), such as Random Access Memory (RAM); the memory 702 may also include a non-volatile memory (non-volatile memory), such as a read-only memory (ROM), a flash memory (flash memory), a Hard Disk Drive (HDD) or a solid-state drive (SSD); the memory 702 may also comprise a combination of the above types of memory.
A computer storage medium may be provided in an embodiment of the present application, and may be used to store computer software instructions for a computing node device in the embodiment shown in fig. 11, which include a program designed for the computing node device in the above-described embodiment. The storage medium includes, but is not limited to, flash memory, hard disk, solid state disk.
In an embodiment of the present application, a computer program product is further provided, and when the computer program product is executed by a computing node device, the computer program product may execute the container unit management method designed for the computing node device in the embodiment shown in fig. 11.
Referring to fig. 12, fig. 12 is a schematic structural diagram of a control node device according to an embodiment of the present application. The control node device may implement the method embodiments of fig. 4-9 through its built-in components. As shown, the control node device 80 may include a network management component 801 for:
receiving a container address request sent by computing node equipment, wherein the container address request carries a first container unit identifier, and the container address request is sent by the computing node equipment after a first container unit corresponding to the first container unit identifier is created;
acquiring a first IP address corresponding to the recorded first container unit identifier;
sending an address allocation instruction to the computing node equipment, wherein the address allocation instruction comprises a first IP address; the address allocation instruction is used for enabling the computing node device to perform network configuration on the first virtual network adapter according to the first IP address, and the first virtual network adapter is a virtual network adapter of the first container unit.
Optionally, the network management component 801 is further configured to:
acquiring a first IP address and acquiring a first container unit identifier;
and recording the corresponding relation between the first IP address and the first container unit identifier.
Optionally, the control node device 80 further comprises a cluster interface component 802 for sending the first IP address to the network management component 801;
the network management component 801 is specifically configured to receive the first IP address sent by the cluster interface component 802, and generate a first container unit identifier;
the network management component 801 is further configured to send a container identifier allocation instruction, where the container identifier allocation instruction includes a first container unit identifier;
receiving a container identifier allocation instruction;
first network configuration information is sent to the computing node equipment, wherein the first network configuration information comprises a first container unit identifier; the first network configuration information is used for enabling the computing node device to create a first container unit corresponding to the first container unit identification, and enabling the computing node device to send the container address request.
It is understood that the control node device 80 in the embodiment of the present application may implement the steps correspondingly performed by the cluster interface component and the network management component in the embodiments shown in fig. 4 to fig. 9. With regard to the specific implementation of the functional components included in the control node device of fig. 12 and the corresponding advantageous effects, reference may be made to the detailed descriptions of the embodiments of fig. 4 to 9 described above.
The control node device in the embodiment shown in fig. 12 described above may be implemented as the control node device 90 shown in fig. 13. As shown in fig. 13, fig. 13 is a schematic structural diagram of another control node device provided in an embodiment of the present application, and a computing node device 90 shown in fig. 13 includes: a processor 901 and a memory 902.
The processor 901 may be used for the assignment management of the IP addresses of the available container units and the creation task of assigning container units. For example, implement step S403 in the embodiment shown in fig. 4; for example, step S501 or step S512 in the embodiment shown in fig. 5; for example, step S902 or S903 in the embodiment shown in fig. 9 is implemented.
The memory 902 is used for storing program codes and data for the control node device to execute, and the processor 901 may execute the application program codes stored in the memory 902 to implement the actions of the cluster interface component or the network management component provided in any of the embodiments shown in fig. 4 to 9.
The processor 901 is communicatively coupled to the memory 902, for example, via a bus 903. The bus 903 may be a PCI bus or an EISA bus, etc. The bus 903 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 13, but this is not intended to represent only one bus or type of bus.
The computing node device 90 may further comprise a transceiver 904 for supporting information transfer between the controlling node device 90 and the computing node device or other devices involved in the embodiments described above. For example, step S402 or S403 in the corresponding embodiment of fig. 4 is implemented; for example, step S511 and step S513 in the corresponding embodiment of fig. 5 are implemented; for example, step S911 and step S913 in the corresponding embodiment of fig. 9 are implemented.
It should be noted that, in practical applications, the control node device may include one or more processors, and the structure of the control node device 90 does not constitute a limitation to the embodiments of the present application.
The processor 901 may be a Central Processing Unit (CPU), a general purpose processor, a Digital Signal Processor (DSP), an application-specific integrated circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs, and microprocessors, among others.
The transceiver 904 may be a communication interface or a transceiver circuit, etc., wherein the transceiver is referred to collectively and in a particular implementation may comprise a plurality of interfaces.
A computer storage medium may be provided in the embodiment of the present application, and may be configured to store computer software instructions for controlling a node device in the embodiment shown in fig. 13, where the computer software instructions include a program designed to execute the control node device in the embodiment described above. The storage medium includes, but is not limited to, flash memory, hard disk, solid state disk.
In an embodiment of the present application, a computer program product is further provided, where when the computer program product is executed by a control node device, the computer program product may execute the container unit management method designed for the control node device in the embodiment shown in fig. 12.
In an embodiment of the present application, a container unit management system is further provided, where the container unit management system includes the computing node device in the embodiment corresponding to fig. 10 and the control node device in the embodiment corresponding to fig. 12, so as to implement the container unit management method according to the embodiment of the present application.
In an embodiment of the present application, another container unit management system is further provided, where the container unit management system includes the computing node device in the embodiment corresponding to fig. 11 and the control node device in the embodiment corresponding to fig. 13, so as to implement the container unit management method according to the embodiment of the present application.
The terms "first," "second," "third," and "fourth," etc. in the description and claims of this application and in the accompanying drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
It should be understood by those of ordinary skill in the art that, in the various embodiments of the present application, the sequence numbers of the above-mentioned processes do not mean the execution sequence, and the execution sequence of the processes should be determined by their functions and inherent logic, and should not limit the implementation process of the embodiments of the present application.
Claims (20)
1. A method of container unit management, comprising:
a network configuration component receives a first network configuration instruction sent by a container agent component, wherein the first network configuration instruction comprises a first container unit identifier, and the first network configuration instruction is sent by the container agent component after a first container unit corresponding to the first container unit identifier is created;
the network configuration component sends a container address request to a network management component, wherein the container address request carries the first container unit identifier;
the network configuration component receives an address allocation instruction sent by the network management component, wherein the address allocation instruction comprises a first IP address, and the first IP address is an IP address which is recorded by the network management component and corresponds to the first container unit identifier;
and the network configuration component creates a first virtual network adapter of the first container unit and performs network configuration on the first virtual network adapter according to the first IP address.
2. The method of claim 1, wherein the first container unit is created by the container proxy component in the event of a failure of a second container unit, wherein the second container unit identifies a uniquely corresponding container unit for the first container unit prior to failure.
3. The method according to any one of claims 1 to 2, wherein before the network configuration component receives the first network configuration instruction sent by the container agent component, the method further comprises:
the network configuration component receives a second network configuration instruction sent by the container agent component, wherein the second network configuration instruction comprises the first IP address;
the network configuration component acquires the first container unit identifier, and sends address designation information to the network management component, wherein the address designation information includes the first IP address and the first container unit identifier, and the address designation information is used for enabling the network management component to establish a corresponding relationship between the first IP address and the first container unit identifier.
4. The method of claim 3, wherein after the network configuration component sends the container address request to the network management component, further comprising:
the network configuration component receives a first virtual local area network identifier sent by the network management component; the first virtual local area network identifier is used for indicating a virtual local area network accessed by the first container unit.
5. The method of claim 4, wherein after the network configuration component receives the first vlan id sent by the network management component, the method further comprises:
the network configuration component configures the first virtual local area network identifier as an identifier of a virtual local area network to which the first port belongs; the first port is a port which is connected with the first virtual network adapter in the virtual switching equipment; the configured first port is used for accessing the first container unit to a virtual local area network corresponding to the first virtual local area network identifier.
6. The method of claim 4, wherein before the network configuration component receives the first network configuration instruction sent by the container agent component, the method further comprises:
the network configuration component receives a third network configuration instruction sent by the container agent component, wherein the third network configuration instruction comprises a first network identifier;
the network configuration component sends network designation information to the network management component, the network designation information includes the first network identifier, and the network designation information is used for enabling the network management component to establish a corresponding relationship between the first network identifier and the first container unit identifier.
7. The method of any of claims 3 to 6, wherein before the network configuration component obtains the first container unit identifier, the method further comprises:
the network configuration component acquires the container attribute information of the second container unit;
the network configuration component obtaining the first container unit identification comprises:
and the network configuration component determines the first container unit identifier through a first hash operation according to the container attribute information of the second container unit, the first IP address and the first network identifier.
8. A method of container unit management, comprising:
a network management component receives a container address request sent by a network configuration component, wherein the container address request carries a first container unit identifier, the container address request is sent by the network configuration component under the condition that a first network configuration instruction sent by a container agent component is received, the first network configuration instruction comprises the first container unit identifier, and the first network configuration instruction is sent by the container agent component after a first container unit corresponding to the first container unit identifier is created;
the network management component acquires a first IP address corresponding to the first recorded container unit identifier;
the network management component sends an address allocation instruction to the network configuration component, wherein the address allocation instruction comprises the first IP address; the address allocation instruction is used for enabling the network configuration component to perform network configuration on a first virtual network adapter according to the first IP address, where the first virtual network adapter is a virtual network adapter of the first container unit.
9. The method of claim 8, wherein before the network management component receives the container address request sent by the network configuration component, the method further comprises:
the network management component acquires the first IP address and the first container unit identifier;
and the network management component records the corresponding relation between the first IP address and the first container unit identifier.
10. The method of claim 9, wherein the network management component obtaining the first IP address and obtaining the first container unit identifier comprises:
and the network management component receives address designation information sent by the network configuration component, wherein the address designation information comprises the first IP address and the first container unit identifier.
11. The method of claim 9, wherein the network management component obtaining the first IP address and obtaining the first container unit identifier comprises:
the network management component receives the first IP address sent by the cluster interface component and generates the first container unit identifier;
before the network management component receives the container address request sent by the network configuration component, the method further includes:
the network management component sends a container identifier distribution instruction to the cluster interface component, wherein the container identifier distribution instruction comprises the first container unit identifier; the container identifier allocation instruction is used by the cluster interface component to send first network configuration information to the container proxy component, where the first network configuration information includes the first container unit identifier; the first network configuration information is for causing the container agent component to send the first network configuration instructions to the network configuration component.
12. The method according to any one of claims 8 to 11, wherein after receiving the container address request sent by the network configuration component, the network management component further comprises:
the network management component acquires a first network identifier corresponding to the first container unit identifier;
the network management component acquires first network information corresponding to the first network identifier, wherein the first network information comprises a first virtual local area network identifier; the first virtual local area network identifier is used for indicating a virtual local area network accessed by the first container unit.
13. The method of claim 12, wherein after the network management component obtains the first network information corresponding to the first network identifier, the method further comprises:
the network management component sends the first virtual local area network identifier to the network configuration component, wherein the first virtual local area network identifier is used by the network configuration component for configuring a virtual local area network to which a first port belongs; the first port is a port which is connected with the first virtual network adapter in the virtual switching equipment; the configured first port is used for accessing the first container unit to a virtual local area network corresponding to the first virtual local area network identifier.
14. A computing node device comprising a network configuration component and a container proxy component, wherein:
the container agent component is used for creating a first container unit corresponding to the first container unit identifier;
the network configuration component to:
receiving a first network configuration instruction sent by the container agent component, wherein the first network configuration instruction comprises the first container unit identifier;
sending a container address request to a control node device, wherein the container address request carries the first container unit identifier;
receiving an address allocation instruction sent by the control node device, where the address allocation instruction includes a first IP address, and the first IP address is an IP address, which is recorded by the control node device and corresponds to the first container unit identifier;
and creating a first virtual network adapter of the first container unit, and carrying out network configuration on the first virtual network adapter according to the first IP address.
15. The computing node device of claim 14, wherein the container proxy component is specifically configured to create the first container unit corresponding to the first container unit identifier if a second container unit fails, wherein the second container unit is a container unit uniquely corresponding to the first container unit identifier before the second container unit fails.
16. The computing node device of any of claims 14-15,
the container agent component is further configured to send a second network configuration instruction, where the second network configuration instruction includes the first IP address;
the network configuration component is further configured to:
receiving the second network configuration instruction;
and acquiring the first container unit identifier, and sending address designation information to control node equipment, wherein the address designation information comprises the first IP address and the first container unit identifier, and the address designation information is used for enabling the control node equipment to establish a corresponding relation between the first IP address and the first container unit identifier.
17. The computing node apparatus of claim 16,
the network configuration component is further configured to obtain container attribute information of the second container unit;
the network configuration component is specifically configured to:
and determining the first container unit identifier through a first hash operation according to the container attribute information of the second container unit, the first IP address and the first network identifier.
18. A control node device comprising a network management component configured to:
receiving a container address request sent by a computing node device, wherein the container address request carries a first container unit identifier, and the container address request is sent by the computing node device after a first container unit corresponding to the first container unit identifier is created;
acquiring a first IP address corresponding to the recorded first container unit identifier;
sending an address allocation instruction to the computing node equipment, wherein the address allocation instruction comprises the first IP address; the address allocation instruction is used for enabling the computing node device to perform network configuration on a first virtual network adapter according to the first IP address, where the first virtual network adapter is a virtual network adapter of the first container unit.
19. The control node apparatus of claim 18, wherein the network management component is further configured to:
acquiring the first IP address and acquiring the first container unit identifier;
and recording the corresponding relation between the first IP address and the first container unit identifier.
20. The control node apparatus of claim 19, further comprising a cluster interface component;
the cluster interface component is used for sending the first IP address to the network management component;
the network management component is specifically configured to receive the first IP address sent by the cluster interface component, and generate the first container unit identifier;
the network management component is further configured to send a container identifier allocation instruction, where the container identifier allocation instruction includes the first container unit identifier;
the cluster interface component is further configured to:
receiving the container identification allocation instruction;
sending first network configuration information to the computing node device, the first network configuration information including the first container unit identifier; the first network configuration information is used for enabling the computing node device to create the first container unit corresponding to the first container unit identifier, and enabling the computing node device to send the container address request.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911344800.4A CN113037522A (en) | 2019-12-24 | 2019-12-24 | Container unit management method and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911344800.4A CN113037522A (en) | 2019-12-24 | 2019-12-24 | Container unit management method and related equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113037522A true CN113037522A (en) | 2021-06-25 |
Family
ID=76452249
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911344800.4A Pending CN113037522A (en) | 2019-12-24 | 2019-12-24 | Container unit management method and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113037522A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113285843A (en) * | 2021-07-23 | 2021-08-20 | 中航金网(北京)电子商务有限公司 | Container network configuration method and device, computer readable medium and electronic equipment |
| CN113760452A (en) * | 2021-08-02 | 2021-12-07 | 阿里巴巴新加坡控股有限公司 | Container scheduling method, system, equipment and storage medium |
| CN114070822A (en) * | 2021-11-17 | 2022-02-18 | 苏州博纳讯动软件有限公司 | Kubernetes Overlay IP address management method |
| CN114172802A (en) * | 2021-12-01 | 2022-03-11 | 百果园技术(新加坡)有限公司 | Container network configuration method and device, computing node, main node and storage medium |
| CN114640652A (en) * | 2022-02-24 | 2022-06-17 | 联想(北京)有限公司 | Information processing method and device |
| CN115225482A (en) * | 2022-06-10 | 2022-10-21 | 中电云数智科技有限公司 | Method and device for configuring Pod network based on Kubernetes |
| CN115883352A (en) * | 2022-11-29 | 2023-03-31 | 北京瑞莱智慧科技有限公司 | Service node creation method, related device and storage medium |
| CN114172802B (en) * | 2021-12-01 | 2024-04-26 | 百果园技术(新加坡)有限公司 | Container network configuration method, device, computing node, master node and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107566541A (en) * | 2017-08-03 | 2018-01-09 | 携程旅游信息技术(上海)有限公司 | Capacitor network resource allocation methods, system, storage medium and electronic equipment |
| CN107580083A (en) * | 2017-09-20 | 2018-01-12 | 北京京东尚科信息技术有限公司 | A kind of method and system of container IP address distribution |
| US20180375825A1 (en) * | 2017-06-23 | 2018-12-27 | Cisco Technology, Inc. | Container networking for connecting network controller applications to a switch fabric |
| CN110138606A (en) * | 2019-05-06 | 2019-08-16 | 携程旅游信息技术(上海)有限公司 | Capacitor network configuration method and system |
| CN110445884A (en) * | 2018-05-04 | 2019-11-12 | 中国移动通信集团浙江有限公司 | A kind of container IP address management method and device |
-
2019
- 2019-12-24 CN CN201911344800.4A patent/CN113037522A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180375825A1 (en) * | 2017-06-23 | 2018-12-27 | Cisco Technology, Inc. | Container networking for connecting network controller applications to a switch fabric |
| CN107566541A (en) * | 2017-08-03 | 2018-01-09 | 携程旅游信息技术(上海)有限公司 | Capacitor network resource allocation methods, system, storage medium and electronic equipment |
| CN107580083A (en) * | 2017-09-20 | 2018-01-12 | 北京京东尚科信息技术有限公司 | A kind of method and system of container IP address distribution |
| CN110445884A (en) * | 2018-05-04 | 2019-11-12 | 中国移动通信集团浙江有限公司 | A kind of container IP address management method and device |
| CN110138606A (en) * | 2019-05-06 | 2019-08-16 | 携程旅游信息技术(上海)有限公司 | Capacitor network configuration method and system |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113285843A (en) * | 2021-07-23 | 2021-08-20 | 中航金网(北京)电子商务有限公司 | Container network configuration method and device, computer readable medium and electronic equipment |
| CN113760452A (en) * | 2021-08-02 | 2021-12-07 | 阿里巴巴新加坡控股有限公司 | Container scheduling method, system, equipment and storage medium |
| CN113760452B (en) * | 2021-08-02 | 2023-09-26 | 阿里巴巴新加坡控股有限公司 | Container scheduling method, system, equipment and storage medium |
| CN114070822B (en) * | 2021-11-17 | 2022-10-14 | 江苏博云科技股份有限公司 | Kubernetes Overlay IP address management method |
| CN114070822A (en) * | 2021-11-17 | 2022-02-18 | 苏州博纳讯动软件有限公司 | Kubernetes Overlay IP address management method |
| CN114172802A (en) * | 2021-12-01 | 2022-03-11 | 百果园技术(新加坡)有限公司 | Container network configuration method and device, computing node, main node and storage medium |
| CN114172802B (en) * | 2021-12-01 | 2024-04-26 | 百果园技术(新加坡)有限公司 | Container network configuration method, device, computing node, master node and storage medium |
| CN114640652B (en) * | 2022-02-24 | 2023-09-19 | 联想(北京)有限公司 | Information processing method and device |
| CN114640652A (en) * | 2022-02-24 | 2022-06-17 | 联想(北京)有限公司 | Information processing method and device |
| CN115225482A (en) * | 2022-06-10 | 2022-10-21 | 中电云数智科技有限公司 | Method and device for configuring Pod network based on Kubernetes |
| CN115225482B (en) * | 2022-06-10 | 2023-10-20 | 中电云数智科技有限公司 | Method and device for carrying out Pod container network configuration based on Kubernetes |
| CN115883352A (en) * | 2022-11-29 | 2023-03-31 | 北京瑞莱智慧科技有限公司 | Service node creation method, related device and storage medium |
| CN115883352B (en) * | 2022-11-29 | 2024-02-13 | 北京瑞莱智慧科技有限公司 | Service node creation method, related equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113037522A (en) | Container unit management method and related equipment | |
| US10347542B2 (en) | Client-initiated leader election in distributed client-server systems | |
| CN109196474B (en) | Distributed operation control in a computing system | |
| US7523178B2 (en) | Tolerating failure of traffic management systems | |
| US7478361B2 (en) | Method and system for managing application deployment | |
| CN112532675B (en) | Method, device and medium for establishing network edge computing system | |
| JP2012208605A (en) | Virtual server id management system, integrated monitoring system, virtual server id management program, and integrated monitoring program | |
| CN108989476B (en) | Address allocation method and device | |
| CN106452836B (en) | main node setting method and device | |
| JP6165978B2 (en) | Distribution of creator systems among lease agent systems | |
| CN114070822B (en) | Kubernetes Overlay IP address management method | |
| CN112328262A (en) | Deployment method, system and device of operating system and electronic equipment | |
| CN111104201A (en) | System migration method and device, electronic equipment and storage medium | |
| CN113382077B (en) | Micro-service scheduling method, micro-service scheduling device, computer equipment and storage medium | |
| CN113810230A (en) | Method, device and system for carrying out network configuration on containers in container cluster | |
| CN112506647A (en) | Method, system, device and storage medium for load balancing of stateful servers | |
| CN107547674B (en) | Address allocation method and device | |
| CN111506388B (en) | Container performance detection method, container management platform and computer storage medium | |
| CN109005071B (en) | Decision deployment method and scheduling equipment | |
| CN109660575B (en) | Method and device for realizing NFV service deployment | |
| CN104657240B (en) | The Failure Control method and device of more kernel operating systems | |
| WO2021248972A1 (en) | Default gateway management method, gateway manager, server, and storage medium | |
| CN112532758B (en) | Method, device and medium for establishing network edge computing system | |
| JP5695689B2 (en) | Network boot system and network boot method | |
| JP2010287172A (en) | Computer node, computer system, process generation method and process generation program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |