CN114157569A - Cluster system and construction method and construction device thereof - Google Patents
Cluster system and construction method and construction device thereof Download PDFInfo
- Publication number
- CN114157569A CN114157569A CN202010824759.7A CN202010824759A CN114157569A CN 114157569 A CN114157569 A CN 114157569A CN 202010824759 A CN202010824759 A CN 202010824759A CN 114157569 A CN114157569 A CN 114157569A
- Authority
- CN
- China
- Prior art keywords
- cluster
- tenant
- master
- node
- container
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000010276 construction Methods 0.000 title claims abstract description 23
- 238000000034 method Methods 0.000 claims abstract description 19
- 238000004590 computer program Methods 0.000 claims description 11
- 238000010586 diagram Methods 0.000 description 22
- 239000002184 metal Substances 0.000 description 10
- 238000002955 isolation Methods 0.000 description 9
- 238000005192 partition Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 210000001503 joint Anatomy 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 239000000523 sample Substances 0.000 description 1
- 238000000638 solvent extraction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0823—Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
- H04L41/0826—Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability for reduction of network costs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Abstract
The disclosure provides a cluster system and a construction method and a construction device thereof, and relates to the field of cloud computing. The method comprises the following steps: constructing a master cluster, wherein the master cluster comprises a first master node and a first working node; a second master node and a second working node of any tenant cluster are created in the first working node through the control of the first master node; the method comprises the steps that components of a second main node of a tenant cluster are deployed on a first working node of a main cluster in a container mode; the components of the second worker node of the tenant cluster are deployed on the first worker node of the master cluster in a container manner. The tenant cluster is constructed in the working nodes of the main cluster through the main nodes of the main cluster, and the components of the tenant cluster are deployed in a container form, so that the infrastructure of an IaaS layer is not required to be relied on, the resource overhead of the cluster is reduced, and the components of the tenant cluster deployed in a single container form are simple to upgrade and maintain.
Description
Technical Field
The disclosure relates to the field of cloud computing, and in particular, to a cluster system, a construction method and a construction device thereof.
Background
The inventor has appreciated that in some related technologies, the construction manner of the multi-tenant container cluster mainly includes two manners, i.e., an Infrastructure as a Service (isa) based construction (i.e., each tenant cluster has an independent virtual machine server) and a fully bare metal server based construction (i.e., each tenant cluster has an independent bare metal server).
The inventor realizes that the tenant cluster is mainly constructed by Kubernets over OpenStack based on virtualized IaaS construction, and OpenStack occupies more resources, so that the whole cluster system is large and difficult to maintain. The tenant clusters constructed by the full bare metal servers are deployed on the independent bare metal servers, each tenant cluster has a respective cluster system, the resource utilization rate is low, and the used bare metal servers are difficult to recover and redistribute. Therefore, in the two schemes, the IaaS layer is relatively heavy, which results in a large tenant cluster being constructed and occupying more resources, so that the resource overhead of the constructed tenant cluster is relatively high; the latter has low resource utilization rate, and is difficult to recycle and redistribute resources.
Disclosure of Invention
According to the embodiment of the invention, the main node of the main cluster is used for constructing the tenant cluster in the working node of the main cluster, and the components of the tenant cluster are deployed in the container form, so that the infrastructure of an IaaS layer is not required to be relied on, the resource overhead of the cluster is reduced, and the components of the tenant cluster deployed in the single container form are simple to upgrade and maintain. In addition, the multi-tenant cluster can share the network resources, the storage resources and other resources of the main cluster, so that the resource utilization rate is improved, and the resources are easy to recover and redistribute.
Some embodiments of the present disclosure provide a cluster system construction method, including:
constructing a master cluster, wherein the master cluster comprises a first master node and a first working node;
a second master node and a second working node of any tenant cluster are created in the first working node through the control of the first master node;
the method comprises the steps that components of a second main node of a tenant cluster are deployed on a first working node of a main cluster in a container mode;
the components of the second worker node of the tenant cluster are deployed on the first worker node of the master cluster in a container manner.
In some embodiments, the components of the second master node of the tenant cluster include an API bus, a resource scheduler, a workload controller, and a cluster database, wherein the resource scheduler and the workload controller are configured to interface with the API bus, which is configured to interface with the cluster database.
In some embodiments, the cluster database is configured to be shared by the respective tenant clusters, and to store and distinguish the resource of each tenant cluster with the identity of each tenant cluster, and the identity of the tenant cluster to which the API bus belongs is added to a path of the API bus of each tenant cluster accessing the resource in the cluster database.
In some embodiments, the API bus, the resource scheduler, and the workload controller of the tenant cluster are deployed in a stateless container manner on a first worker node of the master cluster; a cluster database of the tenant cluster is deployed on a first working node of the main cluster in a state container mode.
In some embodiments, the components of the second worker node of the tenant cluster include: the system comprises a tenant system kernel, a tenant container engine, a tenant cluster agent and a tenant service agent, and the tenant system kernel, the tenant container engine, the tenant cluster agent and the tenant service agent run in the form of a micro virtual machine container group; the method further comprises the following steps: calling a virtual machine management tool on a second working node of the tenant cluster through a cluster agent of a first working node of the main cluster to create a micro virtual machine container group, loading a tenant system kernel, loading a tenant container engine through the tenant system kernel, loading a tenant cluster agent and a tenant service agent through the tenant container engine, creating a container of the tenant cluster through the tenant cluster agent, mounting and binding a storage resource of the main cluster as a tenant storage resource and a network resource of the main cluster as a tenant network resource for the container of the tenant cluster.
In some embodiments, a network resource pool of the cluster system is created that includes network resources of the master cluster that are shared by the respective tenant clusters, the network resources of the master cluster including kube-ovn network components.
In some embodiments, further comprising:
the main cluster allocates a virtual route for each tenant cluster, and allocates a virtual switch for each sub-network in the tenant cluster, and the sub-networks are used for isolating different namespaces in the main nodes, the working nodes or the working nodes of the tenant cluster;
the container of the tenant cluster is accessed to the virtual exchange of the tenant cluster, the virtual exchange of the tenant cluster is accessed to the virtual route of the tenant cluster, and the virtual route of the tenant cluster is accessed to the virtual route of the main cluster.
In some embodiments, a storage resource pool of a cluster system is created, including the storage resources of the master cluster, which are shared by the respective tenant clusters, the storage resources of the master cluster including a Ceph storage component.
In some embodiments, further comprising: in the storage resources of the main cluster, at least one dedicated virtual storage pool is allocated to each tenant cluster, and the virtual storage pool is bound with the identifier of the tenant cluster, so that the storage objects of different tenant clusters are isolated at a resource access path layer.
In some embodiments, further comprising: and the created tenant cluster manager is configured to be responsible for managing the relationship between the tenant and the tenant cluster and the relationship between the tenant cluster and the main cluster resource, and performing tenant cluster authentication.
Some embodiments of the present disclosure provide a cluster system, including:
the system comprises a master cluster, a first server cluster and a second server cluster, wherein the master cluster comprises a first master node and a first working node;
and the components of the second working node of the tenant cluster are deployed on the first working node of the master cluster in a container mode.
In some embodiments, the components of the second master node of the tenant cluster include an API bus, a resource scheduler, a workload controller, and a cluster database, wherein the resource scheduler and the workload controller are configured to interface with the API bus, the API bus is configured to interface with the cluster database, and the cluster database is configured to be shared by the respective tenant clusters.
In some embodiments, the components of the second worker node of the tenant cluster include: the system comprises a tenant system kernel, a tenant container engine, a tenant cluster agent and a tenant service agent, and the tenant system kernel, the tenant container engine, the tenant cluster agent and the tenant service agent run in the form of a micro virtual machine container group.
In some embodiments, further comprising: a network resource pool comprising network resources of the master cluster shared by the respective tenant clusters, the network resources of the master cluster including kube-ovn network components, wherein a container of a tenant cluster accesses a virtual switch of the tenant cluster, the virtual switch of the tenant cluster accesses a virtual route of the tenant cluster, and the virtual route of the tenant cluster accesses a virtual route of the master cluster.
In some embodiments, further comprising: and the storage resource pool comprises storage resources of the master cluster, the storage resources of the master cluster are shared by the tenant clusters, the storage resources of the master cluster comprise Ceph storage components, and the storage resources of the master cluster comprise at least one dedicated virtual storage pool of each tenant cluster and are bound with the identifications of the tenant clusters.
In some embodiments, further comprising: and the tenant cluster manager is configured to be responsible for managing the relationship between the tenant and the tenant cluster and the relationship between the tenant cluster and the main cluster resource, and performing tenant cluster authentication.
Some embodiments of the present disclosure provide a cluster system constructing apparatus, including:
a memory; and
a processor coupled to the memory, the processor configured to perform the cluster system construction method of any of the embodiments based on instructions stored in the memory.
Some embodiments of the disclosure provide a non-transitory computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the cluster system construction method of any of the embodiments.
Drawings
The drawings that will be used in the description of the embodiments or the related art will be briefly described below. The present disclosure can be understood more clearly from the following detailed description, which proceeds with reference to the accompanying drawings.
It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without undue inventive faculty.
Fig. 1 illustrates a flow diagram of a cluster system construction method of some embodiments of the present disclosure.
FIG. 2 shows a schematic diagram of a clustered system constructed in accordance with some embodiments of the present disclosure.
Fig. 3 shows a schematic diagram of a cluster system building apparatus according to some embodiments of the present disclosure.
Figure 4 illustrates a schematic diagram of master node resource sharing and isolation for a tenant cluster of some embodiments of the present disclosure.
Figure 5 illustrates a schematic diagram of worker node resource sharing and isolation for a tenant cluster of some embodiments of the present disclosure.
Fig. 6 illustrates a schematic diagram of network resource sharing and isolation of a cluster system according to some embodiments of the present disclosure.
FIG. 7 illustrates a schematic diagram of storage resource sharing and isolation for a cluster system according to some embodiments of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure.
Unless otherwise specified, "first", "second", and the like in the present disclosure are described to distinguish different objects, and are not intended to mean size, timing, or the like.
Fig. 1 illustrates a flow diagram of a cluster system construction method of some embodiments of the present disclosure.
FIG. 2 shows a schematic diagram of a clustered system constructed in accordance with some embodiments of the present disclosure.
The following describes a cluster system construction method and a constructed cluster system with reference to fig. 1-2.
At step 110, a master cluster is constructed, the master cluster including a first master node, a first worker node, a network resource, and a storage resource.
For convenience of description, a master node (master) of the master cluster is referred to as a first master node, and a worker node (node) of the master cluster is referred to as a first worker node.
For example, a master cluster is constructed based on a Kubernetes tool for managing containerized applications on multiple hosts in a cloud platform, and a master node and a node of the master cluster are a first master node and a first working node, respectively.
The first master node is deployed on a bare metal server. The primary master node is the control panel that carries control of kubernets and manages the entire cluster system. The first master node includes an API bus (API server component), a resource Scheduler (Scheduler component), a workload Controller (Controller manager component), a cluster database (Etcd), and the like. Some of the components in the primary master node are shown in fig. 2. The resource scheduler and the work load controller are in butt joint with an API bus, and the API bus is in butt joint with the cluster database. The API bus of the master cluster acts as a master cluster controller that controls the creation of the cluster system, e.g., the creation of individual tenant clusters. The cluster database is shared by the master cluster and each tenant cluster, and is also called a shared cluster database.
The first working node is deployed on a bare metal server. The first worker node runs the user's actual application.
And the components of the storage resources of the main cluster are deployed on the bare metal server where the first working node is located. The storage resources of the master cluster include, for example, a Ceph storage component. The storage resources of the master cluster are shared by each tenant cluster, also called shared storage.
The components of the network resources of the master cluster are deployed in a cluster container (DaemonSet) manner on all bare metal servers of the master cluster, also referred to as a container network. The network resources of the master cluster include, for example, kube-ovn network components.
At step 120, a second master node and a second worker node of any tenant cluster are created in the first worker node through control of the first master node.
For convenience of description, a master node (master) of the tenant cluster is referred to as a second master node, and a worker node (node) of the tenant cluster is referred to as a second worker node.
For example, a master node and a node of any one tenant cluster are created in a node of a master cluster by control of the master node of the master cluster. And the master node and the node of the tenant cluster are respectively a second master node and a second working node of the tenant cluster. And creating the tenant micro virtual machine container group through KubeVirt in the second working node. Each tenant cluster corresponds to a virtual network.
At step 130, components of a second master node of the tenant cluster are deployed in a container fashion on a first worker node of the master cluster.
The components of the second host node include, for example: an API server component, a Controller manager component, a Scheduler component, and a shared cluster database (Etcd), among others. The main cluster and each tenant cluster share a cluster database. The Scheduler component and the Controller manager component interface with the API server component, and the API server component interfaces with the cluster database. Among the components, the API server component, the Controller manager component and the Scheduler component are all stateless components, and only the cluster database is a stateful component and needs to persist data. The API server component, the Controller manager component and the Scheduler component of the second main node are deployed on the first working node of the main cluster in a stateless container mode, and the cluster database is deployed on the first working node of the main cluster in a stateful container mode. The API server component exposes a kubernets API (Application Program Interface) to the outside, which is a kubernets front-end control layer. The Controller manager component is a run Controller, which is a background thread that handles regular tasks in the cluster. The Scheduler component is responsible for scheduling of the Pod, e.g., monitoring newly created pods that have no assigned nodes, selecting a node for their execution. And creating an API server component, a Controller manager component and a Scheduler component of a second main node of the tenant cluster on the first working node through an agent component Kubelet of the first working node of the main cluster.
Each tenant cluster can adopt a container mode to deploy one or more second main nodes, and the number of container instances is consistent with the number of the second main nodes.
The container technique can effectively divide the resources of a single operating system into isolated groups so as to better balance conflicting resource usage requirements among the isolated groups. The container encapsulates relevant details necessary to run the application, such as application dependencies and operating systems. The different containers are isolated from each other, so that better safety is brought, and the upgrading or the failure of one container does not affect other containers. Containers are much lighter weight than virtual machines.
At step 140, components of a second worker node of the tenant cluster are deployed in a container fashion on a first worker node of the master cluster.
The components of the second working node include a tenant system kernel (OSKernel), a tenant container engine (ContainerD), a tenant cluster agent (Kubelet), and a tenant service agent (Kube proxy), and the components operate in the form of a micro virtual machine container group. Firstly, calling a virtual machine management tool (Kubevirt) on a second working node through a cluster agent (kubelelet) on a first working node of a main cluster to create a micro virtual machine container group (VMpod), loading a tenant system kernel, then loading a tenant container engine through a micro virtual machine of the tenant system kernel, secondly loading a tenant cluster agent container and a tenant service agent container through the tenant container engine, and finally creating a container of the tenant cluster through the tenant cluster agent Kubelet, wherein the container of the tenant cluster is used for mounting and binding storage resources of the main cluster as tenant storage resources and network resources of the main cluster as tenant network resources. The tenant cluster agent Kubelet component is configured as an API server component that interfaces with the second master node. The Kubelet component may monitor the Pod that has been assigned to its node, provide the Volume of data (Volume) needed to mount the Pod, may also run the Pod of the Pod, periodically probe the life cycle of the Pod, etc. The Kube proxy component realizes the Kubernetes service proxy by maintaining the network rule on the host and executing the connection forwarding.
In step 150, the cluster database is configured as a database shared by the master cluster and each tenant cluster, and the API server component in the second master node of each tenant cluster and the API server component in the first master node of the master cluster are respectively bound to the cluster database.
The cluster database stores and distinguishes resources of each tenant cluster with an identification of each tenant cluster. And the cluster database searches the locally stored resources of the tenant cluster according to the identifier of the tenant cluster in the access path and returns the locally stored resources to the corresponding tenant cluster.
The cluster database is, for example, an ETCD database, which is a highly available Key/Value (Key/Value) storage system for sharing configuration and service discovery.
And the data of each tenant cluster in the cluster database is isolated through an independent index set, a logic library or a directory tree, is bound with the ID of the tenant cluster, and simultaneously issues a certificate or a secret key to the tenant cluster for authenticating the access of different tenant cluster databases.
At step 160, a network resource pool of the cluster system is created that includes the network resources of the master cluster and other network resources. The network resources of the master cluster are shared by the master cluster and the respective tenant clusters. The network resources of the master cluster include, for example, kube-ovn network components.
The network resources of the main cluster are configured to be global components, the network resource components of the main cluster penetrate through the entire kubernets cluster, the network resource components of the main cluster are deployed on all bare metal servers of the main cluster in a cluster container (DaemonSet) mode, the main cluster allocates a virtual route (vRouter) for each tenant cluster, allocates a virtual switch (vSwitch) for sub-networks in the tenant cluster, the sub-networks are used for isolating different namespaces in a main node, a working node or a working node of the tenant cluster, the container of the tenant cluster is accessed into the tenant cluster vSwitch, the tenant cluster vSwitch is accessed into the tenant cluster vRouter, and the cluster vRouter is accessed into the main cluster vRouter. The main cluster and each tenant cluster (including the main node and the working node) are in the same container network, and normal access to the whole service is guaranteed.
At step 170, a storage resource pool of the cluster system is created that includes the storage resources of the primary cluster and other storage resources. The storage resources of the master cluster are shared by the master cluster and each tenant cluster. The storage resources of the master cluster include, for example, a Ceph storage component.
In the storage resources of the main cluster, by introducing a tenant storage resource isolation mechanism, at least one dedicated virtual storage pool is allocated to each tenant cluster and is bound with the identification ID of the tenant cluster, so that storage objects of different tenant clusters are isolated at a resource access path layer.
In step 180, a tenant cluster manager is created that is configured to be responsible for managing the relationship between tenants and tenant clusters, and master cluster resources, and perform tenant cluster authentication.
The API server component of the first main node is connected with a tenant cluster manager in a butt joint mode, and the tenant cluster manager establishes each tenant cluster through the API server component of the first main node, is responsible for managing the relationship between tenants and the tenant cluster and the relationship between the tenant cluster and main cluster resources, and conducts tenant cluster authentication.
Through the steps, the constructed cluster system comprises: the system comprises a tenant cluster manager, a main cluster, a tenant cluster, a network resource pool, a storage resource pool and the like. The shared working node, the shared cluster database, the shared storage resource pool and the shared network resource pool are required to interact with the tenant cluster manager to perform tenant cluster resource data synchronization and tenant cluster resource authentication. The tenant cluster resource authentication comprises authentication of resource creation, resource access, resource modification, resource quota and the like.
The tenant cluster is constructed in the working nodes of the main cluster through the main nodes of the main cluster, and the components of the tenant cluster are deployed in a container form, so that the infrastructure of an IaaS layer is not required to be relied on, the resource overhead of the cluster is reduced, and the components of the tenant cluster deployed in a single container form are simple to upgrade and maintain. In addition, the multi-tenant cluster can share the network resources, the storage resources and other resources of the main cluster, so that the resource utilization rate is improved, and the resources are easy to recover and redistribute. In addition, each tenant cluster shares a cluster database, so that the resource overhead of the cluster can be further reduced. Different tenant networks where different tenant clusters are located are isolated from each other, and communication between the main cluster and the tenant cluster or communication between the tenant clusters can be achieved through common network resources.
Fig. 3 shows a schematic diagram of a cluster system building apparatus according to some embodiments of the present disclosure.
As shown in fig. 3, the apparatus 300 of this embodiment includes: a memory 310 and a processor 320 coupled to the memory 310, the processor 320 configured to execute the cluster system construction method of any of the embodiments based on instructions stored in the memory 310.
The apparatus 300 may also include an input-output interface 330, a network interface 340, a storage interface 350, and the like. These interfaces 330, 340, 350 and the memory 310 and the processor 320 may be connected, for example, by a bus 360. The input/output interface 330 provides a connection interface for input/output devices such as a display, a mouse, a keyboard, and a touch screen. The network interface 340 provides a connection interface for various networking devices. The storage interface 350 provides a connection interface for external storage devices such as an SD card and a usb disk.
Figure 4 illustrates a schematic diagram of secondary master node resource sharing and isolation for a tenant cluster of some embodiments of the present disclosure.
As shown in fig. 4, a plurality of tenants share one second Master node, for example, a Master node of Kubernetes is shared by the plurality of tenants, a second working node of each tenant corresponds to one or more working partitions, different tenants occupy different working partitions, and each partition includes a group of second working nodes that are shared by the tenants. Each tenant shares the network resources and storage resources of the master cluster.
After the tenant cluster is established, the tenant cluster can be distributed to one tenant or a plurality of tenants; when the cluster is distributed to a tenant, the tenant completely owns the tenant cluster; when the tenant cluster is distributed to a plurality of tenants, each tenant shares the tenant cluster. The second master node of the tenant cluster is shared by a plurality of tenants, and different tenants correspond to different partitions of the second working node of the tenant cluster through partitioning the second working node of the tenant cluster, so that resources of each tenant are distinguished and isolated, and the creation and operation of each tenant container can be in each working partition.
Figure 5 illustrates a schematic diagram of second worker node resource sharing and isolation for a tenant cluster of some embodiments of the present disclosure.
As shown in fig. 5, a plurality of tenants share a second working Node of the tenant cluster, for example, a Node of Kubernetes is shared by the plurality of tenants, and each tenant has a second master Node and shares network resources and storage resources with the master cluster.
After the second main node of each tenant cluster is constructed, the working node of each tenant is operated on the second working node of the tenant cluster in the form of a micro virtual machine container group, and each tenant cluster creates a respective tenant container through a tenant cluster proxy Kubelet and is uniformly distributed on the shared tenant working node.
Fig. 6 illustrates a schematic diagram of network resource sharing and isolation of a cluster system according to some embodiments of the present disclosure.
As shown in fig. 6, the multi-tenant cluster shares the network resources of the master cluster, and each tenant cluster owns one virtual network. The main cluster allocates a virtual route (vRouter) for each tenant cluster, allocates a virtual switch (vSwitch) for subnets in the tenant cluster, the subnets are used for isolating different namespaces (Namespace) in tenant cluster working nodes, containers (Pod) of the tenant cluster are accessed to the tenant cluster vSwitch, the tenant cluster vSwitch is accessed to the tenant cluster vRouter, and the tenant cluster vRouter is accessed to the main cluster vRouter. The main cluster and each tenant cluster (including the main node and the working node) are in the same container network, and normal access to the whole service is guaranteed.
FIG. 7 illustrates a schematic diagram of storage resource sharing and isolation for a cluster system according to some embodiments of the present disclosure.
As shown in fig. 7, the multi-tenant cluster shares the storage resources of the main cluster, and each tenant cluster is allocated at least one dedicated virtual storage Pool, such as Ceph OSD Pool, which is bound to the tenant cluster ID.
In fig. 4-7, the first master node of the master cluster is omitted from illustration, with emphasis on illustrating the relevant deployment in the first worker node.
The disclosed embodiments propose a non-transitory computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the cluster system construction method of any of the embodiments.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more non-transitory computer-readable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only exemplary of the present disclosure and is not intended to limit the present disclosure, so that any modification, equivalent replacement, or improvement made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.
Claims (18)
1. A cluster system construction method is characterized by comprising the following steps:
constructing a master cluster, wherein the master cluster comprises a first master node and a first working node;
a second master node and a second working node of any tenant cluster are created in the first working node through the control of the first master node;
the method comprises the steps that components of a second main node of a tenant cluster are deployed on a first working node of a main cluster in a container mode;
the components of the second worker node of the tenant cluster are deployed on the first worker node of the master cluster in a container manner.
2. The method of claim 1,
the components of the second master node of the tenant cluster include an API bus, a resource scheduler, a workload controller, and a cluster database,
wherein the resource scheduler and the workload controller are configured to interface with an API bus configured to interface with the cluster database.
3. The method of claim 2,
the cluster database is configured to be shared by each tenant cluster, and stores and distinguishes resources of each tenant cluster by the identification of each tenant cluster, and the identification of the tenant cluster to which the API bus belongs is added to a path of the API bus of each tenant cluster accessing the resources in the cluster database.
4. The method of claim 1,
an API bus, a resource scheduler and a work load controller of the tenant cluster are deployed on a first work node of the main cluster in a stateless container mode;
a cluster database of the tenant cluster is deployed on a first working node of the main cluster in a state container mode.
5. The method of claim 1,
the components of the second worker node of the tenant cluster include: the system comprises a tenant system kernel, a tenant container engine, a tenant cluster agent and a tenant service agent, and the tenant system kernel, the tenant container engine, the tenant cluster agent and the tenant service agent run in the form of a micro virtual machine container group;
the method further comprises the following steps:
calling a virtual machine management tool on a second working node of the tenant cluster through a cluster agent of a first working node of the main cluster to create a micro virtual machine container group, loading a tenant system kernel, loading a tenant container engine through the tenant system kernel, loading a tenant cluster agent and a tenant service agent through the tenant container engine, creating a container of the tenant cluster through the tenant cluster agent, mounting and binding a storage resource of the main cluster as a tenant storage resource and a network resource of the main cluster as a tenant network resource for the container of the tenant cluster.
6. The method of claim 1,
creating a network resource pool of the cluster system, including the network resources of the master cluster, which are shared by the respective tenant clusters, the network resources of the master cluster including kube-ovn network components.
7. The method of claim 6, further comprising:
the main cluster allocates a virtual route for each tenant cluster, and allocates a virtual switch for each sub-network in the tenant cluster, and the sub-networks are used for isolating different namespaces in the main nodes, the working nodes or the working nodes of the tenant cluster;
the container of the tenant cluster is accessed to the virtual exchange of the tenant cluster, the virtual exchange of the tenant cluster is accessed to the virtual route of the tenant cluster, and the virtual route of the tenant cluster is accessed to the virtual route of the main cluster.
8. The method of claim 1,
and creating a storage resource pool of the cluster system, wherein the storage resource pool comprises the storage resource of the master cluster, the storage resource of the master cluster is shared by each tenant cluster, and the storage resource of the master cluster comprises a Ceph storage component.
9. The method of claim 8, further comprising:
in the storage resources of the main cluster, at least one dedicated virtual storage pool is allocated to each tenant cluster, and the virtual storage pool is bound with the identifier of the tenant cluster, so that the storage objects of different tenant clusters are isolated at a resource access path layer.
10. The method of claim 1, further comprising:
and the created tenant cluster manager is configured to be responsible for managing the relationship between the tenant and the tenant cluster and the relationship between the tenant cluster and the main cluster resource, and performing tenant cluster authentication.
11. A cluster system, comprising:
the system comprises a master cluster, a first server cluster and a second server cluster, wherein the master cluster comprises a first master node and a first working node;
and the components of the second working node of the tenant cluster are deployed on the first working node of the master cluster in a container mode.
12. The cluster system of claim 11,
the components of the second master node of the tenant cluster include an API bus, a resource scheduler, a workload controller, and a cluster database, wherein the resource scheduler and the workload controller are configured to interface with the API bus, the API bus is configured to interface with a cluster database configured to be shared by the respective tenant clusters.
13. The cluster system of claim 11,
the components of the second worker node of the tenant cluster include: the system comprises a tenant system kernel, a tenant container engine, a tenant cluster agent and a tenant service agent, and the tenant system kernel, the tenant container engine, the tenant cluster agent and the tenant service agent run in the form of a micro virtual machine container group.
14. The cluster system of claim 11, further comprising:
a network resource pool comprising network resources of the master cluster shared by the respective tenant clusters, the network resources of the master cluster including kube-ovn network components, wherein a container of a tenant cluster accesses a virtual switch of the tenant cluster, the virtual switch of the tenant cluster accesses a virtual route of the tenant cluster, and the virtual route of the tenant cluster accesses a virtual route of the master cluster.
15. The cluster system of claim 11, further comprising:
and the storage resource pool comprises storage resources of the master cluster, the storage resources of the master cluster are shared by the tenant clusters, the storage resources of the master cluster comprise Ceph storage components, and the storage resources of the master cluster comprise at least one dedicated virtual storage pool of each tenant cluster and are bound with the identifications of the tenant clusters.
16. The cluster system of claim 11, further comprising:
and the tenant cluster manager is configured to be responsible for managing the relationship between the tenant and the tenant cluster and the relationship between the tenant cluster and the main cluster resource, and performing tenant cluster authentication.
17. A cluster system building apparatus comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform the cluster system construction method of any of claims 1-10 based on instructions stored in the memory.
18. A non-transitory computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the cluster system construction method of any one of claims 1 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010824759.7A CN114157569A (en) | 2020-08-17 | 2020-08-17 | Cluster system and construction method and construction device thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010824759.7A CN114157569A (en) | 2020-08-17 | 2020-08-17 | Cluster system and construction method and construction device thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114157569A true CN114157569A (en) | 2022-03-08 |
Family
ID=80460449
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010824759.7A Pending CN114157569A (en) | 2020-08-17 | 2020-08-17 | Cluster system and construction method and construction device thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114157569A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116668296A (en) * | 2023-08-01 | 2023-08-29 | 苏州浪潮智能科技有限公司 | Gateway node scheduling method, system, equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110198231A (en) * | 2018-05-08 | 2019-09-03 | 腾讯科技(深圳)有限公司 | Capacitor network management method and system and middleware for multi-tenant |
| KR20200027783A (en) * | 2018-09-05 | 2020-03-13 | 주식회사 나눔기술 | Integrated management system of distributed intelligence module |
| CN110995473A (en) * | 2019-11-18 | 2020-04-10 | 腾讯科技(深圳)有限公司 | Service node control method and related equipment |
| CN111290834A (en) * | 2020-01-21 | 2020-06-16 | 苏州浪潮智能科技有限公司 | Method, device and equipment for realizing high availability of service based on cloud management platform |
| CN111522628A (en) * | 2020-04-27 | 2020-08-11 | 上海仪电(集团)有限公司中央研究院 | Kubernets cluster building and deploying method, architecture and storage medium based on OpenStack |
-
2020
- 2020-08-17 CN CN202010824759.7A patent/CN114157569A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110198231A (en) * | 2018-05-08 | 2019-09-03 | 腾讯科技(深圳)有限公司 | Capacitor network management method and system and middleware for multi-tenant |
| KR20200027783A (en) * | 2018-09-05 | 2020-03-13 | 주식회사 나눔기술 | Integrated management system of distributed intelligence module |
| CN110995473A (en) * | 2019-11-18 | 2020-04-10 | 腾讯科技(深圳)有限公司 | Service node control method and related equipment |
| CN111290834A (en) * | 2020-01-21 | 2020-06-16 | 苏州浪潮智能科技有限公司 | Method, device and equipment for realizing high availability of service based on cloud management platform |
| CN111522628A (en) * | 2020-04-27 | 2020-08-11 | 上海仪电(集团)有限公司中央研究院 | Kubernets cluster building and deploying method, architecture and storage medium based on OpenStack |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116668296A (en) * | 2023-08-01 | 2023-08-29 | 苏州浪潮智能科技有限公司 | Gateway node scheduling method, system, equipment and storage medium |
| CN116668296B (en) * | 2023-08-01 | 2023-11-03 | 苏州浪潮智能科技有限公司 | Gateway node scheduling method, system, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3761170B1 (en) | Virtual machine creation method and apparatus | |
| US10635496B2 (en) | Thread pool management | |
| US9999030B2 (en) | Resource provisioning method | |
| JP6435050B2 (en) | Resource management in cloud systems | |
| CN111385114B (en) | VNF service instantiation method and device | |
| US11392400B2 (en) | Enhanced migration of clusters based on data accessibility | |
| US9389903B2 (en) | Method, system and apparatus for creating virtual machine | |
| CN111880902A (en) | Pod creation method, device, equipment and readable storage medium | |
| US20190050248A1 (en) | Control apparatus, vnf deployment destination selection method and program | |
| EP3442201B1 (en) | Cloud platform construction method and cloud platform | |
| JP6840099B2 (en) | Service provision system, resource allocation method, and resource allocation program | |
| US11556369B2 (en) | Virtual machine deployment method and OMM virtual machine | |
| CN103595801B (en) | Cloud computing system and real-time monitoring method for virtual machine in cloud computing system | |
| CN112948063B (en) | Cloud platform creation method and device, cloud platform and cloud platform implementation system | |
| US10761869B2 (en) | Cloud platform construction method and cloud platform storing image files in storage backend cluster according to image file type | |
| CN111857951A (en) | Containerized deployment platform and deployment method | |
| US20210011773A1 (en) | Memory-aware placement for virtual gpu enabled systems | |
| CN111970354A (en) | Application management method in edge calculation and related device | |
| JP6543219B2 (en) | Virtual machine allocation apparatus and resource management method | |
| CN114157569A (en) | Cluster system and construction method and construction device thereof | |
| CN113127444A (en) | Data migration method, device, server and storage medium | |
| CN109257201B (en) | License sending method and device | |
| JP2015138385A (en) | Decentralized processing system and decentralized processing method | |
| US20230337012A1 (en) | Cellular network system configuration | |
| CN115686802B (en) | Cloud computing cluster scheduling system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |