[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2019184116A1 - Method and device for automatically building kubernetes main node, terminal device and computer-readable storage medium - Google Patents

Method and device for automatically building kubernetes main node, terminal device and computer-readable storage medium Download PDF

Info

Publication number
WO2019184116A1
WO2019184116A1 PCT/CN2018/093710 CN2018093710W WO2019184116A1 WO 2019184116 A1 WO2019184116 A1 WO 2019184116A1 CN 2018093710 W CN2018093710 W CN 2018093710W WO 2019184116 A1 WO2019184116 A1 WO 2019184116A1
Authority
WO
WIPO (PCT)
Prior art keywords
master node
component
kubernetes
management
configuration file
Prior art date
Application number
PCT/CN2018/093710
Other languages
French (fr)
Chinese (zh)
Inventor
邓志弘
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2019184116A1 publication Critical patent/WO2019184116A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45504Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45562Creating, deleting, cloning virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/4557Distribution of virtual machine instances; Migration and load balancing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Definitions

  • the present application belongs to the field of data processing technologies, and in particular, to a method, an apparatus, a terminal device, and a computer readable storage medium for automatically setting up a Kubernetes master node.
  • a container can be understood as a sandbox.
  • One application runs inside each container, and different containers are isolated from each other, but a communication mechanism can be established between the containers.
  • Docker container technology allows several containers to run on the same host or virtual machine, each of which is a separate virtual environment or application.
  • Kubernetes is an open source container operation platform that can realize the functions of combining containers into one service and dynamically allocating the host running the container, which provides great convenience for users to use the container.
  • the Kubernetes cluster includes two types of nodes: the master node and the slave node.
  • the master node is responsible for the management and scheduling of all resources in the Kubernetes cluster. Therefore, to use Kubernetes, the master node needs to be built first.
  • the Kubernetes master node is manually built by the user, and the construction process relies on the Internet service, and the construction efficiency and applicability are low.
  • the embodiment of the present application provides a method, a device, a terminal device, and a computer readable storage medium for automatically setting up a Kubernetes master node, so as to solve the problem that the prior art needs to manually build a Kubernetes master node, and build efficiency and applicability. Low problem.
  • a first aspect of the embodiments of the present application provides a method for automatically setting up a Kubernetes master node, including:
  • a second aspect of the embodiments of the present application provides an apparatus for automatically setting up a Kubernetes master node, which may include a unit for implementing the steps of the above method of automatically setting up a Kubernetes master node.
  • a third aspect of the embodiments of the present application provides a terminal device, including a memory and a processor, where the computer stores computer readable instructions executable on the processor, the processor executing the computer
  • the steps of the above method of automatically setting up the Kubernetes master node are implemented when the instruction is read.
  • a fourth aspect of the embodiments of the present application provides a computer readable storage medium storing computer readable instructions, the computer readable instructions being implemented by a processor to implement the above-mentioned automatic establishment of a Kubernetes master node The steps of the method.
  • the embodiment of the present application obtains a preset script file for setting up a Kubernetes master node, and executes a preset script file to generate a configuration file according to a creation parameter related to the Kubernetes master node input by the user, and finally starts the SaltStack.
  • the tool under the control of the SaltStack tool, automatically constructs the Kubernetes master node according to the configuration file, realizes the automatic establishment of the Kubernetes master node, and does not need to rely on the Internet service, thereby improving the building efficiency and the applicability to the construction environment.
  • FIG. 1 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node in the first embodiment of the present application
  • FIG. 2 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node in Embodiment 2 of the present application;
  • FIG. 3 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node in Embodiment 3 of the present application;
  • FIG. 4 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node in Embodiment 4 of the present application;
  • FIG. 5 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node in Embodiment 5 of the present application;
  • FIG. 6 is a structural block diagram of an apparatus for automatically setting up a Kubernetes master node in Embodiment 6 of the present application;
  • FIG. 7 is a schematic diagram of a Kubernetes cluster in Embodiment 7 of the present application.
  • Embodiment 8 is a regional structure diagram based on a Kubernetes cluster in Embodiment 8 of the present application;
  • FIG. 9 is a schematic diagram of a terminal device in Embodiment 9 of the present application.
  • FIG. 1 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node according to an embodiment of the present application. As shown in Figure 1, the method includes the following steps:
  • S101 Obtain a preset script file for setting up a Kubernetes master node.
  • the Kubernetes master node is mainly built by the SaltStack tool.
  • the preset script file for setting up the Kubernetes master node is obtained.
  • Kubernetes and Kubernetes master nodes are introduced.
  • Kubernetes is an open source platform for automated container operations. It enables the deployment, scheduling, and inter-cluster expansion of containers.
  • the physical server or virtual machine on which the Kubernetes platform is installed is called the Kubernetes node.
  • multiple Kubernetes nodes are required to be formed as Kubernetes clusters (Kubernetes) Cluster) to achieve the deployment and management of the container.
  • the Kubernetes master node (Kubernetes) Master
  • the Kubernetes master node (Kubernetes) Master
  • the components of the Kubernetes master node are described in detail later.
  • the Kubernetes cluster also includes multiple subordinate objects of the Kubernetes master node, namely the Kubernetes Node, which is used to actually run the container allocated by the Kubernetes master node.
  • the Kubernetes master node is mainly built by the script file, and the script file is a determined series of control computer operations. Combination, in which logical branches can be implemented, and script files can be written in Shell language or the like.
  • the user may be provided with a setup option for setting up a Kubernetes master node, and the setup option may be presented to the user in the form of a graphical interface or a command line, and the obtained confirmation result of the user is obtained.
  • the operation of acquiring the script file is performed.
  • the script file can be placed in the file server PackageServer after the pre-setting is completed.
  • the PackageServer is a high-speed download server, which can be used to place various binary files and script files, and the contents thereof are usually fixed, so it can be applied in this application.
  • the real-time and reliability of the script file acquisition is improved.
  • the Kubernetes platform is suitable for different operating systems, such as Windows, Linux, etc., and under different environments, the underlying build code has a certain degree of difference, so it can be written for multiple operating systems.
  • S102 execute the script file to generate a configuration file according to a creation parameter input by the user related to the Kubernetes master node.
  • the script file After obtaining the preset script file, the script file is executed, and the creation parameters related to the Kubernetes master node are obtained during the execution of the script file, and some of the creation parameters such as the version number of the Kubernetes master node are automatically acquired, and another part is automatically acquired.
  • Creating parameters such as log file paths, etc. requires detecting user input and looking up the contents of the log file path from the user's input.
  • the creation parameters related to the Kubernetes master node include the attribute parameters of the Kubernetes master node, such as the installation version, the Internet Protocol address of the Kubernetes master node, the host identifier (name) of the Kubernetes master node, and the area identifier, etc., and also constitute the Kubernetes master. Attribute parameters of each component of the node, etc.
  • the script file After the creation parameters entered by the user are obtained, the script file generates a configuration file according to the creation parameters.
  • the configuration file is written in script language. It is similar to the script file. For the convenience of description, the configuration file can be named as the deployment script. In the subsequent steps, the configuration file is executed to build the Kubernetes master node through the SaltStack tool.
  • an input template is generated according to each type of the creation parameter related to the Kubernetes master node, and a creation parameter input by the user through the input template is obtained. Since each type of the created parameter is determined, an input template can be generated according to the type of the created parameter, and the input template includes the names of the various types of the created parameters, so that the user can input the content corresponding to each type of name, and the error of creating the parameter input is reduced. may.
  • the input template can also be configured in the script file. When the creation parameters need to be obtained, the script file is executed, and the input template is automatically provided to the user.
  • S103 Start a SaltStack tool to build the Kubernetes master node according to the configuration file.
  • the Kubernetes master node is built by using the SaltStack tool.
  • the SaltStack tool is an open source infrastructure management tool, which is divided into two parts: the management master node (SaltMaster) and the management slave node (SaltMinion).
  • the management master node of the SaltStack tool mainly manages the management slave nodes, and the management slave nodes run on the physical servers or virtual machines that need to be managed, and execute the management master node transmission. Instructions, and build the main Kubernetes node according to the configuration file, the specific process will be explained later.
  • the script file can be stored in the file server PackageServer and obtain the creation related to the Kubernetes master node by acquiring a preset script file for setting up the Kubernetes master node. After executing the script file, generate the configuration file corresponding to the created parameter, and finally start the SaltStack tool. Specifically, through the management master node and the management slave node in the SaltStack tool, the Kubernetes master node is built according to the configuration file, and the Kubernetes master node is implemented. Automated construction reduces user operations and improves construction efficiency.
  • FIG. 2 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node according to Embodiment 2 of the present application.
  • the embodiment refines S103 to obtain S201 ⁇ S202, which are as follows:
  • S201 Configure a management master node and a plurality of management slave nodes under the SaltStack tool, wherein the management master node is connected to the plurality of management slave nodes.
  • the SaltStack tool applies a client/server architecture that enables remote command execution and configuration management.
  • the SaltStack tool includes a management master node and multiple management slave nodes.
  • the management master node is equivalent to the SaltStack tool server. It is responsible for resource management.
  • the multiple management slave nodes are equivalent to the SaltStack tool client, and are responsible for executing the instructions issued by the management master node. .
  • an area that provides a specific service for a user is referred to as an available area, and the inside of the available area is specifically divided into a resource management area and a public service area, wherein the resource management area is used to deploy a resource management related program and A component that can access a physical server or virtual machine in a public service area, which is equivalent to a server in a client/server architecture.
  • the management master node runs in the resource management area; the public service area is used to deploy a program or service that provides a specific service to the user. , equivalent to the client in the client/server architecture, so the management slave node is installed in the public service area.
  • the management master node and the plurality of management slave nodes are automatically configured.
  • the management slave node starts, the private key and the public key are generated according to the encryption algorithm, and after the generation is completed, the public key is sent to the management master node.
  • the management master node verifies and accepts the public key to establish a connection with the management slave node.
  • the management master node and the management slave node pass the message through the message queue ZeroMQ, that is, the management master node posts the message to the message queue ZeroMQ, and the management slave node obtains the message by subscribing to the message queue ZeroMQ.
  • S202 Call the management master node, so that one of the plurality of management slave nodes constructs the Kubernetes master node according to the configuration file.
  • the SaltStack tool calls the management master node, and the management master node selects one of the plurality of management slave nodes, and the selected management slave node receives the setup instructions, according to the configuration.
  • the file is built on the Kubernetes master node, which essentially builds the Kubernetes master node on the physical server or virtual machine where the management slave node is located.
  • the management master node and the plurality of management slave nodes are connected, and the communication is realized through the message queue ZeroMQ. And call the management master node, so that the management master node selects one of the plurality of management slave nodes, and builds the Kubernetes master node according to the configuration file under the selected management slave node, which embodies the specific process of setting up the Kubernetes master node through the SaltStack tool, and improves The stability of building the main Kubernetes node.
  • FIG. 3 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node according to Embodiment 3 of the present application.
  • S202 is refined to obtain S301 ⁇ S303, which are as follows:
  • the management master node searches for multiple management slave nodes connected thereto to find out whether there is a corresponding parameter corresponding to the creation parameter.
  • the main node of Kubernetes Since the creation parameters are related to the Kubernetes master node, after the SaltStack tool is started and the management master node and the plurality of management slave nodes are configured, the management master node searches for multiple management slave nodes connected thereto to find out whether there is a corresponding parameter corresponding to the creation parameter. The main node of Kubernetes.
  • S302 If the Kubernetes master node does not exist under the multiple management slave nodes, select a management slave node corresponding to the creation parameter from the multiple management slave nodes as a slave node.
  • the Kubernetes master node is built under the management slave node, so in step S102, the acquired creation parameters related to the Kubernetes master node also include the user-configured management slave node correlation. The parameters, then in this step, the corresponding management slave node can be selected from the plurality of management slave nodes according to the creation parameters, as a slave node.
  • one of the plurality of management slave nodes may be randomly selected as a slave node, or may be performed in multiple management slave nodes according to a preset selection mechanism. select.
  • the Kubernetes master node is built according to the configuration file under the setup slave node.
  • a flag can be set for the setup slave node
  • a flag stamp can be set for the setup slave node to prove that the setup slave node has been used to create a Kubernetes master node.
  • the flag stamp setting is completed, if the new Kubernetes master node is set again, then when the operation of step S301 is performed, that is, whether there is a Kubernetes master node under the plurality of management slave nodes, whether there is a mark stamp according to the management slave node To determine whether the management slave node has been used to create a Kubernetes master node, improving detection efficiency.
  • FIG. 4 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node according to Embodiment 4 of the present application.
  • the S103 is refined to obtain S401 ⁇ S402, which are as follows:
  • S401 Deploy the database component by using the SaltStack tool, and obtain network configuration data related to the creation parameter, and load the network configuration data to the database component.
  • the Kubernetes master node includes a database (Etcd) component, an interface service (Kube ApiServer) component, and a control (Kube).
  • the Controller Manager component and the Kube Scheduler component provide a schematic diagram of a Kubernetes cluster as shown in FIG. 7 for facilitating the explanation of the content of the embodiment of the present application.
  • the Master represents the Kubernetes master node
  • the Controller The Manager represents the control component
  • the Scheduler represents the scheduling component
  • the ApiServer represents the interface service component
  • the Etcd represents the database component
  • the lowest node represents the Kubernetes slave node.
  • the database component is a distributed key-value storage service that guarantees data consistency through a distributed Raft algorithm and provides Hypertext Transfer Protocol (HTTP) and JavaScript Object Notation (JSON). Application Programming Interface (API).
  • the database component is used for configuration management, data storage, and as a distributed lock, which can be deployed through the SaltStack tool, specifically, the management slave node is configured according to
  • the file configuration database component obtains the database component configuration file from the file server through the configuration file.
  • the database component configuration file is a binary file, which is used to configure the database component service, and the configuration content also includes the database name and the data path. After the database component is configured, obtain the network configuration data related to the creation parameters and load the network configuration data into the database component.
  • the network configuration data may be obtained by presetting a network configuration template in the script file, and extracting the content related to the network configuration data in the creation parameter when the parameter is created, and adding the content to the network configuration template, thereby Obtained directly from the network configuration template when network configuration data is required.
  • the database component can identify the node to be joined as a Kubernetes slave node according to the network configuration data.
  • S402 Deploy the interface service component, the control component, and the scheduling component in sequence, and modify a service address of the interface service component.
  • the interface service component is responsible for data interaction with the database component. It is worth mentioning that, in addition to the interface service component, other components of the Kubernetes master node do not directly manipulate the database component.
  • the interface service component is the data center of the Kubernetes master node, which manages the application programming interface of the Kubernetes cluster. It is mentioned in step S102 that the configuration file is essentially a script file written by the scripting language. Therefore, in this step, the interface service configuration file in the file server is automatically extracted according to the configuration file, and the interface service component is performed according to the interface service configuration file. Configuration.
  • the creation parameter input by the user includes the database component address and the interface service address
  • the configuration file is generated by the creation parameter, so in the step, the database component address and the interface service component address are also configured in the interface service component through the configuration file, wherein the database The component address is the address of the database service in the database component, and the database component address is configured in the interface service component to enable the interface service component to access the database component through the database component address; the interface service component address is the local address of the interface service component.
  • the interface service component includes two types of communication interfaces, one is used to provide an interface for Kubernetes slave nodes to access database components, and needs to be authenticated by a security certificate. The specific content is introduced later; It is an interface for data interaction with the scheduling component and the control component. This interface is the internal interface of the component and does not require permission authentication.
  • the control component is the management and control center of the Kubernetes cluster, ensuring that the status of various resources in the Kubernetes cluster is in a normal state.
  • the control component triggers the scheduling operation, and the control component includes the node controller. (Node Controller) and copy controller (Replication Controller).
  • the scheduling component is responsible for orchestrating the containers in the Kubernetes cluster, and is responsible for dispatching the containers to specific Kubernetes slave nodes.
  • the scheduling component listens to the container through the application programming interface provided by the interface service component, obtains the container to be scheduled, and sorts each Kubernetes slave node according to a preset sorting mechanism, and dispatches the container to the Kubernetes slave node of the first sort.
  • the control component configuration file and the scheduling component configuration file are obtained from the file server through the configuration file, and the control component configuration file and the scheduling component configuration file are all binary files, wherein the control component configuration file is used to configure the control component related services, and the component configuration is scheduled. Files are used to configure the scheduling component.
  • the configuration process also includes setting environment variables, including control component and version environment variables of the scheduling component.
  • the environment variables are determined by the creation parameters input by the user, and the environment variables are automatically configured in the control component and the scheduling component through the configuration file.
  • the service address of the interface service component is automatically modified according to the configuration file, so that the control component and the scheduling component can respectively perform data interaction with the interface service component, wherein the service address refers to an address that the interface service component provides the service to.
  • DNS Domain Name System
  • you can create the Domain Name System (DNS) service which is kube-dns, which is responsible for creating DNS services inside the Kubernetes cluster, so that the containers can be searched through the domain name. It is convenient to build services between containers.
  • a dashboard is created, and the dashboard is a user interface of the Kubernetes cluster, which is convenient for the user to view and operate the resources of the Kubernetes cluster through the dashboard.
  • the Kubernetes master node includes a database component, an interface service component, a control component, and a scheduling component, deploys a database component through the SaltStack tool, and acquires and creates parameters from the network configuration template.
  • Related network configuration data loading network configuration data into the database component, after the database component configuration is completed, sequentially deploying the interface service component, the control component, and the scheduling component, and modifying the service address of the interface service component, so as to facilitate the control component and the scheduling component
  • Data interaction with the interface service component alone reflects the deployment process of each component under the Kubernetes master node, which improves the automation of component configuration.
  • FIG. 5 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node according to Embodiment 5 of the present application.
  • S401 is refined to obtain S501 ⁇ S502, which are as follows:
  • S501 Generate a first security certificate and a second security certificate according to the configuration file, where the first security certificate is used to control access rights to the database component, and the second security certificate is used to control the interface service component. access permission.
  • the first security certificate and the second security certificate are automatically generated according to the configuration file, and the first security certificate and the first security certificate are
  • the second security certificate is the Secure Sockets Layer (Secure Socket Layer, SSL) certificate.
  • the first security certificate is used to control access rights to the database component
  • the second security certificate is used to control access rights to the interface service component.
  • S502 Configure the first security certificate to the database component and the interface service component, and configure the second security certificate to the interface service component.
  • the Kubernetes slave node and the interface service component need to be verified by the first security certificate before performing data interaction with the database component.
  • the second security certificate is configured into the interface service component. After the interface service component service is started, the Kubernetes slave node needs to be verified by the second security certificate before performing data interaction with the interface service component.
  • FIG. 5 shows that, in the embodiment of the present application, when the database component is deployed, the first security certificate and the second security certificate are generated, and the first security certificate is configured to the database component and the interface service component, and is used for Controls the access rights of Kubernetes from the node and interface service components to the database components, configures the second security certificate to the interface service component, controls the access rights of the Kubernetes slave node to the interface service component, and improves the access of the database component and the interface service component. safety.
  • the Kubernetes primary node and the Kubernetes cluster may be constructed based on a proprietary network.
  • a regional structure diagram based on the Kubernetes cluster is provided.
  • the user-specific network Virtual Private Cloud (VPC) is a user-created custom private network. Different private networks are logically isolated. Users can create and manage cloud hosts in their own private networks to implement load balancing and secure access control.
  • VPC1 And VPC2 is a proprietary network created by different users.
  • the available area includes the resource management area and the public service area, and the specific user VPC area, which provides specific services for the cloud platform service.
  • the ECA and SCA in Figure 8 are two instances of the available area, representing East China and South China respectively. District A.
  • the resource management area is used to deploy resource management related programs and components, and can access physical servers or virtual machines in the public service area, and the public service area is used to deploy programs or services that provide specific services to users.
  • the user VPC communicates with each other.
  • the public service area contains the resource pool.
  • the resource pool is a collection of physical servers or virtual machines that can be run.
  • the Package Server represents the file server.
  • the master1 and master2 in the resource pool represent the Kubernetes master node, and the VPC1 and VPC2.
  • Node represents the Kubernetes slave node, and the default user isolation between user VPCs of different users.
  • the management area is a general level with respect to the higher level of the available area. It can open and manage the resource management area and the public service area of all available areas.
  • the Manager in the management area in Figure 8 represents Kubernetes. Manager is a hypervisor that can manage Kubernetes clusters.
  • the DB connected to the Manager in the management area of FIG. 8 represents a database
  • the etcd cluster connected to the Manager represents a cluster of database components.
  • the database is used to store data
  • the database component cluster as a distributed lock guarantees consistency.
  • Kubernetes The Manager manages the physical server or virtual machine of the public service area by calling the management master node of the resource management area. There are multiple management slave nodes in the resource pool of the public service area, when Kubernetes When the Manager deploys the Kubernetes master node, the available management slave nodes are selected from the plurality of management slave nodes of the resource pool, and the Kubernetes master node is deployed on the management slave node.
  • the node under the user VPC acts as a Kubernetes slave node and forms a Kubernetes cluster with the Kubernetes master node.
  • the embodiment of the present application ensures the isolation between different Kubernetes clusters by establishing a Kubernetes master node and a Kubernetes cluster under the user's proprietary network.
  • FIG. 6 is a structural block diagram of an apparatus for automatically setting up a Kubernetes master node according to an embodiment of the present application.
  • the device is provided. include:
  • the first obtaining unit 61 is configured to acquire a preset script file for setting up a Kubernetes master node
  • a second obtaining unit 62 configured to execute the script file to generate a configuration file according to a creation parameter input by the user related to the Kubernetes master node;
  • the building unit 63 is configured to start the SaltStack tool to construct the Kubernetes master node according to the configuration file.
  • the building unit 63 includes:
  • a node configuration unit configured to configure a management master node and a plurality of management slave nodes under the SaltStack tool, wherein the management master node is connected to the plurality of management slave nodes;
  • a calling unit configured to invoke the management master node, so that one of the plurality of management slave nodes constructs the Kubernetes master node according to the configuration file.
  • the calling unit includes:
  • a detecting unit configured to detect whether the Kubernetes master node exists under the plurality of management slave nodes
  • a selecting unit configured to: if the Kubernetes master node does not exist under the plurality of management slave nodes, select a management slave node corresponding to the creation parameter from the plurality of management slave nodes as a slave node;
  • the Kubernetes master node includes a database component, an interface service component, a control component, and a scheduling component
  • the building unit 63 includes:
  • a deployment unit configured to deploy the database component by using the SaltStack tool, and obtain network configuration data related to the creation parameter, and load the network configuration data into the database component;
  • sequentially deploying units for sequentially deploying the interface service component, the control component, and the scheduling component, and modifying a service address of the interface service component.
  • the deployment unit further includes:
  • a generating unit configured to generate a first security certificate and a second security certificate according to the configuration file, where the first security certificate is used to control access rights to the database component, and the second security certificate is used to control the interface Access to the service component;
  • a configuration unit configured to configure the first security certificate to the database component and the interface service component, and configure the second security certificate to the interface service component.
  • FIG. 9 is a schematic diagram of a terminal device according to an embodiment of the present application.
  • the terminal device 9 of this embodiment includes a processor 90 and a memory 91 in which computer readable instructions 92 executable on the processor 90 are stored, for example, a Kubernetes master node is built. program of.
  • the processor 90 executes the computer readable instructions 92, the steps in the method embodiments of the foregoing automatic establishment of the Kubernetes master node are implemented, for example, steps S101 to S103 shown in FIG.
  • the processor 90 when executing the computer readable instructions 92, implements the functions of the various units of the apparatus embodiments described above, such as the functions of the units 61-63 shown in FIG.
  • the computer readable instructions 92 may be partitioned into one or more modules/units that are stored in the memory 91 and executed by the processor 90, To complete this application.
  • the one or more modules/units may be a series of computer readable instruction segments capable of performing a particular function, the instruction segments being used to describe the execution of the computer readable instructions 92 in the terminal device 9.
  • the computer readable instructions 92 can be segmented into a first acquisition unit, a second acquisition unit, and a construction unit, each unit having a specific function as described above.
  • the terminal device may include, but is not limited to, a processor 90 and a memory 91. It will be understood by those skilled in the art that FIG. 9 is only an example of the terminal device 9, does not constitute a limitation of the terminal device 9, may include more or less components than those illustrated, or combine some components, or different components.
  • the terminal device may further include an input/output device, a network access device, a bus, and the like.
  • the so-called processor 90 can be a central processing unit (Central Processing Unit, CPU), can also be other general-purpose processors, digital signal processors (DSP), application specific integrated circuits (Application Specific Integrated Circuit (ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc.
  • the general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
  • the memory 91 may be an internal storage unit of the terminal device 9, such as a hard disk or a memory of the terminal device 9.
  • the memory 91 may also be an external storage device of the terminal device 9, for example, a plug-in hard disk equipped on the terminal device 9, a smart memory card (SMC), and a secure digital (SD). Card, flash card, etc. Further, the memory 91 may also include both an internal storage unit of the terminal device 9 and an external storage device.
  • the memory 91 is configured to store the computer readable instructions and other programs and data required by the terminal device.
  • the memory 91 can also be used to temporarily store data that has been output or is about to be output.
  • each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
  • the integrated unit if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium.
  • a computer readable storage medium A number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present application.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)
  • Stored Programmes (AREA)

Abstract

The present solution is applicable to the technical field of data processing, and provided thereby are a method for automatically building a Kubernetes main node, a terminal device and a computer-readable storage medium, the method comprising: acquiring a preset script file used for building the Kubernetes main node; executing the script file, so as to generate a configuration file according to creation parameters which are inputted by a user and are related to the Kubernetes main node; and starting a SaltStack tool, so as to build the Kubernetes main node according to the configuration file. The present solution achieves automatic building of a Kubernetes main node and improves building efficiency for the Kubernetes main node.

Description

自动搭建Kubernetes主节点的方法、装置、终端设备及可读存储介质Method, device, terminal device and readable storage medium for automatically setting up Kubernetes master node
本申请要求于2018年03月31日提交中国专利局、申请号为201810276602.8、发明名称为“自动搭建Kubernetes主节点的方法及终端设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese Patent Application filed on March 31, 2018, the Chinese Patent Office, Application No. 201810276602.8, entitled "Method and Terminal Device for Automatically Establishing Kubernetes Master Node", the entire contents of which are incorporated by reference. In this application.
技术领域Technical field
本申请属于数据处理技术领域,尤其涉及一种自动搭建Kubernetes主节点的方法、装置、终端设备及计算机可读存储介质。The present application belongs to the field of data processing technologies, and in particular, to a method, an apparatus, a terminal device, and a computer readable storage medium for automatically setting up a Kubernetes master node.
背景技术Background technique
传统的虚拟化技术,如hypervisor虚拟化技术在性能和资源使用率等方面存在不足,而容器(container)技术通过将单个操作系统管理的资源划分到孤立的组中,提升了资源使用率,逐渐成为研究热门。容器可理解为一种沙盒。每个容器内运行一个应用,不同的容器相互隔离,但可在容器之间建立通信机制。Docker容器技术允许在同一台主机或虚拟机上运行若干个容器,每个容器为独立的虚拟环境或应用。Traditional virtualization technologies, such as hypervisor virtualization technology, have shortcomings in terms of performance and resource usage, while container technology improves resource utilization by dividing resources managed by a single operating system into isolated groups. Become a research hotspot. A container can be understood as a sandbox. One application runs inside each container, and different containers are isolated from each other, but a communication mechanism can be established between the containers. Docker container technology allows several containers to run on the same host or virtual machine, each of which is a separate virtual environment or application.
通常来说,需要使用工具对容器进行控制。Kubernetes为一款开源的容器操作平台,其可以实现将若干个容器组合成一个服务及动态地分配容器运行的主机等功能,为用户使用容器提供了极大的便利。通常来说,Kubernetes集群包括主节点和从节点两类节点,其中主节点负责对Kubernetes集群中所有资源进行管控和调度,故要使用Kubernetes,首先需要进行主节点的搭建。但在现有技术中,主要通过用户手动搭建Kubernetes主节点,并且搭建过程依赖互联网服务,搭建效率和适用性低。In general, you need to use tools to control the container. Kubernetes is an open source container operation platform that can realize the functions of combining containers into one service and dynamically allocating the host running the container, which provides great convenience for users to use the container. Generally speaking, the Kubernetes cluster includes two types of nodes: the master node and the slave node. The master node is responsible for the management and scheduling of all resources in the Kubernetes cluster. Therefore, to use Kubernetes, the master node needs to be built first. However, in the prior art, the Kubernetes master node is manually built by the user, and the construction process relies on the Internet service, and the construction efficiency and applicability are low.
技术问题technical problem
有鉴于此,本申请实施例提供了一种自动搭建Kubernetes主节点的方法、装置、终端设备及计算机可读存储介质,以解决现有技术中需要依靠手动搭建Kubernetes主节点,搭建效率和适用性低的问题。In view of this, the embodiment of the present application provides a method, a device, a terminal device, and a computer readable storage medium for automatically setting up a Kubernetes master node, so as to solve the problem that the prior art needs to manually build a Kubernetes master node, and build efficiency and applicability. Low problem.
技术解决方案Technical solution
本申请实施例的第一方面提供了一种自动搭建Kubernetes主节点的方法,包括:A first aspect of the embodiments of the present application provides a method for automatically setting up a Kubernetes master node, including:
获取预设的用于搭建Kubernetes主节点的脚本文件;Obtain the default script file used to build the Kubernetes master node;
执行所述脚本文件,以根据用户输入的与所述Kubernetes主节点相关的创建参数,生成配置文件;Executing the script file to generate a configuration file according to a creation parameter input by the user related to the Kubernetes master node;
启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点。Start the SaltStack tool to build the Kubernetes master node according to the configuration file.
本申请实施例的第二方面提供了一种自动搭建Kubernetes主节点的装置,可以包括用于实现上述自动搭建Kubernetes主节点的方法的步骤的单元。A second aspect of the embodiments of the present application provides an apparatus for automatically setting up a Kubernetes master node, which may include a unit for implementing the steps of the above method of automatically setting up a Kubernetes master node.
本申请实施例的第三方面提供了一种终端设备,包括存储器以及处理器,所述存储器中存储有可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现上述自动搭建Kubernetes主节点的方法的步骤。A third aspect of the embodiments of the present application provides a terminal device, including a memory and a processor, where the computer stores computer readable instructions executable on the processor, the processor executing the computer The steps of the above method of automatically setting up the Kubernetes master node are implemented when the instruction is read.
本申请实施例的第四方面提供了一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,所述计算机可读指令被处理器执行时实现上述自动搭建Kubernetes主节点的方法的步骤。A fourth aspect of the embodiments of the present application provides a computer readable storage medium storing computer readable instructions, the computer readable instructions being implemented by a processor to implement the above-mentioned automatic establishment of a Kubernetes master node The steps of the method.
有益效果Beneficial effect
本申请实施例通过获取预设的用于搭建Kubernetes主节点的脚本文件,并通过执行预设的脚本文件,以根据用户输入的与所述Kubernetes主节点相关的创建参数生成配置文件,最后启动SaltStack工具,在SaltStack工具控制下,自动根据该配置文件执行对Kubernetes主节点的搭建,实现了Kubernetes主节点的自动搭建,并且不需依赖互联网服务,提升了搭建效率和对搭建环境的适用性。The embodiment of the present application obtains a preset script file for setting up a Kubernetes master node, and executes a preset script file to generate a configuration file according to a creation parameter related to the Kubernetes master node input by the user, and finally starts the SaltStack. The tool, under the control of the SaltStack tool, automatically constructs the Kubernetes master node according to the configuration file, realizes the automatic establishment of the Kubernetes master node, and does not need to rely on the Internet service, thereby improving the building efficiency and the applicability to the construction environment.
附图说明DRAWINGS
图1是本申请实施例一中自动搭建Kubernetes主节点的方法的实现流程图;1 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node in the first embodiment of the present application;
图2是本申请实施例二中自动搭建Kubernetes主节点的方法的实现流程图;2 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node in Embodiment 2 of the present application;
图3是本申请实施例三中自动搭建Kubernetes主节点的方法的实现流程图;3 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node in Embodiment 3 of the present application;
图4是本申请实施例四中自动搭建Kubernetes主节点的方法的实现流程图;4 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node in Embodiment 4 of the present application;
图5是本申请实施例五中自动搭建Kubernetes主节点的方法的实现流程图;5 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node in Embodiment 5 of the present application;
图6是本申请实施例六中自动搭建Kubernetes主节点的装置的结构框图;6 is a structural block diagram of an apparatus for automatically setting up a Kubernetes master node in Embodiment 6 of the present application;
图7是本申请实施例七中一个Kubernetes集群的示意图;7 is a schematic diagram of a Kubernetes cluster in Embodiment 7 of the present application;
图8是本申请实施例八中基于Kubernetes集群的区域结构图;8 is a regional structure diagram based on a Kubernetes cluster in Embodiment 8 of the present application;
图9是本申请实施例九中终端设备的示意图。FIG. 9 is a schematic diagram of a terminal device in Embodiment 9 of the present application.
本发明的实施方式Embodiments of the invention
为了对本申请的技术特征、目的和效果有更加清楚的理解,现对照附图详细说明本申请的具体实施方式。In order to more clearly understand the technical features, objects and effects of the present application, the specific embodiments of the present application will be described in detail with reference to the accompanying drawings.
请参阅图1,图1是本申请实施例提供的一种自动搭建Kubernetes主节点的方法的实现流程图。如图1所示,该方法包括以下步骤:Please refer to FIG. 1. FIG. 1 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node according to an embodiment of the present application. As shown in Figure 1, the method includes the following steps:
S101:获取预设的用于搭建Kubernetes主节点的脚本文件。S101: Obtain a preset script file for setting up a Kubernetes master node.
在本申请实施例中,主要通过SaltStack工具进行Kubernetes主节点的搭建,首先,获取预设的用于搭建Kubernetes主节点的脚本文件,为了便于说明,对Kubernetes及Kubernetes主节点进行介绍。Kubernetes为一款自动化容器操作的开源平台,能够实现对容器的部署、调度和节点集群间扩展等功能,将安装有Kubernetes平台的物理服务器或虚拟机称作Kubernetes节点。通常来说,需要多个Kubernetes节点组建为Kubernetes集群(Kubernetes Cluster)以实现对容器的部署和管理。在一个Kubernetes集群内,有且只有一套控制单元,即Kubernetes主节点(Kubernetes Master),主要负责接收请求、资源调度以及进行管理,Kubernetes主节点的组成部分在后文进行具体阐述。除了Kubernetes主节点之外,Kubernetes集群内还包括多个Kubernetes主节点的下属对象,即Kubernetes从节点(Kubernetes Node),用于实际运行由Kubernetes主节点分配的容器。In the embodiment of the present application, the Kubernetes master node is mainly built by the SaltStack tool. First, the preset script file for setting up the Kubernetes master node is obtained. For convenience of description, the Kubernetes and Kubernetes master nodes are introduced. Kubernetes is an open source platform for automated container operations. It enables the deployment, scheduling, and inter-cluster expansion of containers. The physical server or virtual machine on which the Kubernetes platform is installed is called the Kubernetes node. In general, multiple Kubernetes nodes are required to be formed as Kubernetes clusters (Kubernetes) Cluster) to achieve the deployment and management of the container. Within a Kubernetes cluster, there is one and only one control unit, the Kubernetes master node (Kubernetes) Master), mainly responsible for receiving requests, resource scheduling, and management. The components of the Kubernetes master node are described in detail later. In addition to the Kubernetes master node, the Kubernetes cluster also includes multiple subordinate objects of the Kubernetes master node, namely the Kubernetes Node, which is used to actually run the container allocated by the Kubernetes master node.
对于搭建过程,相比于传统的手动编写Kubernetes主节点的每一条配置代码,在本申请实施例中,主要通过脚本文件搭建Kubernetes主节点,脚本文件是确定的一系列控制计算机进行运算操作动作的组合,在其中可实现逻辑分支,脚本文件可采用Shell语言等编写。For the construction process, compared with the traditional manual programming of the Kubernetes master node, in the embodiment of the present application, the Kubernetes master node is mainly built by the script file, and the script file is a determined series of control computer operations. Combination, in which logical branches can be implemented, and script files can be written in Shell language or the like.
可选地,在接收到用户关于Kubernetes主节点的搭建指令后,获取文件服务器PackageServer上存储的脚本文件。在本申请实施例中,可向用户提供搭建Kubernetes主节点的搭建选项,搭建选项可以以图形化界面或者命令行的形式呈现至用户,在获取到用户关于该搭建选项的确认结果,即获取到用户的搭建指令后,执行获取脚本文件的操作。另外,脚本文件在预先设置完成后,可放置于文件服务器PackageServer中,PackageServer为高速下载服务器,可用于放置各类二进制文件及脚本文件,其内的内容通常固定不变,故可应用在本申请实施例中,提升了脚本文件获取的实时性和可靠性。在此基础上,由于Kubernetes平台适用于不同的操作系统,如Windows、Linux等,而不同的环境下,底层的搭建代码存在一定程度的差异,故可针对多个操作系统编写与其对应的多个脚本文件,并将多个脚本文件放置于PackageServer中。在接收到用户通过终端设备发出的关于Kubernetes主节点的搭建指令后,识别终端设备所属操作系统,并获取Package Server上存储的与终端设备的操作系统对应的脚本文件,防止获取到的脚本文件与运行环境不匹配,无法执行。Optionally, after receiving the construction instruction of the user about the Kubernetes master node, acquiring the script file stored on the file server PackageServer. In the embodiment of the present application, the user may be provided with a setup option for setting up a Kubernetes master node, and the setup option may be presented to the user in the form of a graphical interface or a command line, and the obtained confirmation result of the user is obtained. After the user builds the instruction, the operation of acquiring the script file is performed. In addition, the script file can be placed in the file server PackageServer after the pre-setting is completed. The PackageServer is a high-speed download server, which can be used to place various binary files and script files, and the contents thereof are usually fixed, so it can be applied in this application. In the embodiment, the real-time and reliability of the script file acquisition is improved. On this basis, because the Kubernetes platform is suitable for different operating systems, such as Windows, Linux, etc., and under different environments, the underlying build code has a certain degree of difference, so it can be written for multiple operating systems. Script file and place multiple script files in the PackageServer. After receiving the setup instruction about the Kubernetes master node issued by the user through the terminal device, identifying the operating system of the terminal device and obtaining the package The script file corresponding to the operating system of the terminal device stored on the server prevents the obtained script file from matching the running environment and cannot be executed.
S102:执行所述脚本文件,以根据用户输入的与所述Kubernetes主节点相关的创建参数,生成配置文件。S102: execute the script file to generate a configuration file according to a creation parameter input by the user related to the Kubernetes master node.
在获取到预设的脚本文件后,执行该脚本文件,在该脚本文件的执行过程中获取与Kubernetes主节点相关的创建参数,部分创建参数如Kubernetes主节点的版本号等可自动获取,另一部分创建参数如日志文件路径等需要检测用户输入,并从用户的输入内容中查找与日志文件路径相关的内容。其中,与Kubernetes主节点相关的创建参数包括Kubernetes主节点的属性参数,比如安装版本、Kubernetes主节点的互联网协议地址、运行Kubernetes主节点的主机标识(名称)以及区域标识等,还包括构成Kubernetes主节点的各个组件的属性参数等。当获取到用户输入的创建参数后,脚本文件根据该创建参数生成配置文件。配置文件实质利用脚本语言编写而成,与脚本文件相似,为了便于说明,可将配置文件命名为部署脚本,在后续步骤中,配置文件执行,以通过SaltStack工具搭建Kubernetes主节点。After obtaining the preset script file, the script file is executed, and the creation parameters related to the Kubernetes master node are obtained during the execution of the script file, and some of the creation parameters such as the version number of the Kubernetes master node are automatically acquired, and another part is automatically acquired. Creating parameters such as log file paths, etc., requires detecting user input and looking up the contents of the log file path from the user's input. The creation parameters related to the Kubernetes master node include the attribute parameters of the Kubernetes master node, such as the installation version, the Internet Protocol address of the Kubernetes master node, the host identifier (name) of the Kubernetes master node, and the area identifier, etc., and also constitute the Kubernetes master. Attribute parameters of each component of the node, etc. After the creation parameters entered by the user are obtained, the script file generates a configuration file according to the creation parameters. The configuration file is written in script language. It is similar to the script file. For the convenience of description, the configuration file can be named as the deployment script. In the subsequent steps, the configuration file is executed to build the Kubernetes master node through the SaltStack tool.
可选地,根据与Kubernetes主节点相关的创建参数的各个类型生成输入模板,并获取用户通过输入模板输入的创建参数。由于创建参数的各个类型确定,故可根据创建参数的类型生成输入模板,输入模板中包含创建参数的各个类型的名称,便于用户输入与各个类型的名称对应的内容,降低了创建参数输入出错的可能。此外,输入模板还可配置于脚本文件中,当需要获取创建参数时,脚本文件执行,自动提供输入模板至用户。Optionally, an input template is generated according to each type of the creation parameter related to the Kubernetes master node, and a creation parameter input by the user through the input template is obtained. Since each type of the created parameter is determined, an input template can be generated according to the type of the created parameter, and the input template includes the names of the various types of the created parameters, so that the user can input the content corresponding to each type of name, and the error of creating the parameter input is reduced. may. In addition, the input template can also be configured in the script file. When the creation parameters need to be obtained, the script file is executed, and the input template is automatically provided to the user.
S103:启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点。S103: Start a SaltStack tool to build the Kubernetes master node according to the configuration file.
以往的如kops等工具虽然能够进行对Kubernetes主节点的搭建,但是在具体的搭建过程中,需要用户编写代码完成对如Kubernetes主节点互联网协议地址的配置。故在本申请实施例中,使用SaltStack工具搭建Kubernetes主节点。需要说明的是,SaltStack工具为开源的基础设施管理工具,分为管理主节点(SaltMaster)和管理从节点(SaltMinion)两个部分。与Kubernetes主节点和Kubernetes从节点的关系类似,SaltStack工具的管理主节点主要对管理从节点进行统一管理,而管理从节点运行于需要管理的物理服务器或虚拟机上,通过执行管理主节点传输的指令,并根据配置文件搭建Kubernetes主节点,具体过程在后文进行阐述。In the past, tools such as kops were able to build the main node of Kubernetes, but in the specific construction process, users need to write code to complete the configuration of the Internet Protocol address of the main node such as Kubernetes. Therefore, in the embodiment of the present application, the Kubernetes master node is built by using the SaltStack tool. It should be noted that the SaltStack tool is an open source infrastructure management tool, which is divided into two parts: the management master node (SaltMaster) and the management slave node (SaltMinion). Similar to the relationship between the Kubernetes master node and the Kubernetes slave node, the management master node of the SaltStack tool mainly manages the management slave nodes, and the management slave nodes run on the physical servers or virtual machines that need to be managed, and execute the management master node transmission. Instructions, and build the main Kubernetes node according to the configuration file, the specific process will be explained later.
通过图1所示实施例可知,在本申请实施例中,通过获取预设的用于搭建Kubernetes主节点的脚本文件,脚本文件可存储于文件服务器PackageServer中,并获取与Kubernetes主节点相关的创建参数,在执行脚本文件后,生成与创建参数对应的配置文件,最后启动SaltStack工具,具体通过SaltStack工具内的管理主节点和管理从节点,根据配置文件搭建Kubernetes主节点,实现了Kubernetes主节点的自动化搭建,减少了用户操作,提升了搭建效率。According to the embodiment shown in FIG. 1 , in the embodiment of the present application, the script file can be stored in the file server PackageServer and obtain the creation related to the Kubernetes master node by acquiring a preset script file for setting up the Kubernetes master node. After executing the script file, generate the configuration file corresponding to the created parameter, and finally start the SaltStack tool. Specifically, through the management master node and the management slave node in the SaltStack tool, the Kubernetes master node is built according to the configuration file, and the Kubernetes master node is implemented. Automated construction reduces user operations and improves construction efficiency.
请参阅图2,图2是本申请实施例二提供的一种自动搭建Kubernetes主节点的方法的实现流程图。相对于图1对应的实施例,本实施例对S103进行细化后得到S201~S202,详述如下:Referring to FIG. 2, FIG. 2 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node according to Embodiment 2 of the present application. With respect to the embodiment corresponding to FIG. 1, the embodiment refines S103 to obtain S201~S202, which are as follows:
S201:在所述SaltStack工具下配置管理主节点和多个管理从节点,其中,所述管理主节点与所述多个管理从节点连接。S201: Configure a management master node and a plurality of management slave nodes under the SaltStack tool, wherein the management master node is connected to the plurality of management slave nodes.
SaltStack工具应用客户端/服务器架构,可实现远程命令执行和配置管理等功能。SaltStack工具下包含管理主节点和多个管理从节点,管理主节点相当于SaltStack工具的服务器,负责资源管理,多个管理从节点相当于SaltStack工具的客户端,负责执行管理主节点下发的指令。在本其实施例中,将为用户提供具体服务的区域称为可用区,并将可用区内部具体分为资源管理区和公共服务区,其中,资源管理区用于部署资源管理相关的程序与组件,可以访问公共服务区的物理服务器或虚拟机,相当于客户端/服务器架构中的服务器,故管理主节点运行于资源管理区;公共服务区用于部署为用户提供具体服务的程序或服务,相当于客户端/服务器架构中的客户端,故在公共服务区安装管理从节点。在SaltStack工具启动后,自动配置管理主节点和多个管理从节点,其中,管理从节点在启动时,会根据加密算法生成私钥和公钥,生成完毕后并将公钥发送至管理主节点,管理主节点验证并接受公钥,从而与管理从节点建立连接。值得一提的是,管理主节点与管理从节点之间通过消息队列ZeroMQ传递消息,也即管理主节点将消息发布至消息队列ZeroMQ,管理从节点通过订阅消息队列ZeroMQ从而得到该消息。The SaltStack tool applies a client/server architecture that enables remote command execution and configuration management. The SaltStack tool includes a management master node and multiple management slave nodes. The management master node is equivalent to the SaltStack tool server. It is responsible for resource management. The multiple management slave nodes are equivalent to the SaltStack tool client, and are responsible for executing the instructions issued by the management master node. . In this embodiment, an area that provides a specific service for a user is referred to as an available area, and the inside of the available area is specifically divided into a resource management area and a public service area, wherein the resource management area is used to deploy a resource management related program and A component that can access a physical server or virtual machine in a public service area, which is equivalent to a server in a client/server architecture. Therefore, the management master node runs in the resource management area; the public service area is used to deploy a program or service that provides a specific service to the user. , equivalent to the client in the client/server architecture, so the management slave node is installed in the public service area. After the SaltStack tool is started, the management master node and the plurality of management slave nodes are automatically configured. When the management slave node starts, the private key and the public key are generated according to the encryption algorithm, and after the generation is completed, the public key is sent to the management master node. The management master node verifies and accepts the public key to establish a connection with the management slave node. It is worth mentioning that the management master node and the management slave node pass the message through the message queue ZeroMQ, that is, the management master node posts the message to the message queue ZeroMQ, and the management slave node obtains the message by subscribing to the message queue ZeroMQ.
S202:调用所述管理主节点,以使所述多个管理从节点中的一个根据所述配置文件搭建所述Kubernetes主节点。S202: Call the management master node, so that one of the plurality of management slave nodes constructs the Kubernetes master node according to the configuration file.
SaltStack工具下的管理主节点和多个管理从节点配置完成后,SaltStack工具调用管理主节点,管理主节点从多个管理从节点中选择一个,被选择的管理从节点接收搭建的指令,根据配置文件搭建Kubernetes主节点,实质是在该管理从节点所在的物理服务器或虚拟机进行Kubernetes主节点的搭建。After the management master node and multiple management slave nodes under the SaltStack tool are configured, the SaltStack tool calls the management master node, and the management master node selects one of the plurality of management slave nodes, and the selected management slave node receives the setup instructions, according to the configuration. The file is built on the Kubernetes master node, which essentially builds the Kubernetes master node on the physical server or virtual machine where the management slave node is located.
通过图2所示实施例可知,在本申请实施例中,通过在SaltStack工具下配置管理主节点和多个管理从节点,管理主节点和多个管理从节点相连接,通过消息队列ZeroMQ实现通信,并调用管理主节点,使管理主节点从多个管理从节点中选取一个,在选取的管理从节点下根据配置文件搭建Kubernetes主节点,体现了通过SaltStack工具搭建Kubernetes主节点的具体过程,提升了搭建Kubernetes主节点的稳定性。According to the embodiment shown in FIG. 2, in the embodiment of the present application, by configuring the management master node and the plurality of management slave nodes under the SaltStack tool, the management master node and the plurality of management slave nodes are connected, and the communication is realized through the message queue ZeroMQ. And call the management master node, so that the management master node selects one of the plurality of management slave nodes, and builds the Kubernetes master node according to the configuration file under the selected management slave node, which embodies the specific process of setting up the Kubernetes master node through the SaltStack tool, and improves The stability of building the main Kubernetes node.
请参阅图3,图3是本申请实施例三提供的一种自动搭建Kubernetes主节点的方法的实现流程图。相对于图2对应的实施例,本实施例对S202进行细化后得到S301~S303,详述如下:Referring to FIG. 3, FIG. 3 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node according to Embodiment 3 of the present application. With respect to the embodiment corresponding to FIG. 2, in this embodiment, S202 is refined to obtain S301~S303, which are as follows:
S301:检测所述多个管理从节点下是否存在所述Kubernetes主节点。S301: Detect whether the Kubernetes master node exists under the multiple management slave nodes.
由于创建参数与Kubernetes主节点相关,故在启动SaltStack工具,并配置完成管理主节点和多个管理从节点后,由管理主节点在与其连接的多个管理从节点下查找是否存在与创建参数对应的Kubernetes主节点。Since the creation parameters are related to the Kubernetes master node, after the SaltStack tool is started and the management master node and the plurality of management slave nodes are configured, the management master node searches for multiple management slave nodes connected thereto to find out whether there is a corresponding parameter corresponding to the creation parameter. The main node of Kubernetes.
S302:若所述多个管理从节点下都不存在所述Kubernetes主节点,则从所述多个管理从节点中选取与所述创建参数对应的管理从节点,作为搭建从节点。S302: If the Kubernetes master node does not exist under the multiple management slave nodes, select a management slave node corresponding to the creation parameter from the multiple management slave nodes as a slave node.
如果在所有的管理从节点下都未查找到Kubernetes主节点,则证明Kubernetes主节点未被创建。值得一提的是,由于在本申请实施例中,是在管理从节点下搭建Kubernetes主节点,故在步骤S102中,获取的与Kubernetes主节点相关的创建参数也包含用户配置的管理从节点相关的参数,那么在本步骤中,即可根据创建参数从多个管理从节点中选择相应的管理从节点,作为搭建从节点。若检测到创建参数不包含与管理从节点相关的参数,则可从多个管理从节点中随机选择其中的一个作为搭建从节点,也可根据预设的选择机制在多个管理从节点中进行选择。If the Kubernetes master node is not found under all management slave nodes, it proves that the Kubernetes master node has not been created. It is worth mentioning that, in the embodiment of the present application, the Kubernetes master node is built under the management slave node, so in step S102, the acquired creation parameters related to the Kubernetes master node also include the user-configured management slave node correlation. The parameters, then in this step, the corresponding management slave node can be selected from the plurality of management slave nodes according to the creation parameters, as a slave node. If it is detected that the creation parameter does not include a parameter related to the management slave node, one of the plurality of management slave nodes may be randomly selected as a slave node, or may be performed in multiple management slave nodes according to a preset selection mechanism. select.
S303:在所述搭建从节点下根据所述配置文件搭建所述Kubernetes主节点。S303: Build the Kubernetes master node according to the configuration file under the setup slave node.
选取搭建从节点后,在该搭建从节点下根据配置文件搭建Kubernetes主节点。此外,可对该搭建从节点设置标记,具体可对该搭建从节点设置标记戳,证明该搭建从节点已被用于创建Kubernetes主节点。在标记戳设置完成后,若再次设置新的Kubernetes主节点,那么在执行步骤S301的操作,即在检测多个管理从节点下是否存在Kubernetes主节点时,则可根据管理从节点是否存在标记戳来判断该管理从节点是否已用于创建Kubernetes主节点,提升了检测效率。After the slave node is selected, the Kubernetes master node is built according to the configuration file under the setup slave node. In addition, a flag can be set for the setup slave node, and a flag stamp can be set for the setup slave node to prove that the setup slave node has been used to create a Kubernetes master node. After the flag stamp setting is completed, if the new Kubernetes master node is set again, then when the operation of step S301 is performed, that is, whether there is a Kubernetes master node under the plurality of management slave nodes, whether there is a mark stamp according to the management slave node To determine whether the management slave node has been used to create a Kubernetes master node, improving detection efficiency.
通过图3所示实施例可知,在本申请实施例中,通过检测在多个管理从节点下是否存在Kubernetes主节点,防止重复搭建造成的资源浪费。It can be seen from the embodiment shown in FIG. 3 that in the embodiment of the present application, by detecting whether there is a Kubernetes master node under multiple management slave nodes, resource waste caused by repeated construction is prevented.
请参阅图4,图4是本申请实施例四提供的一种自动搭建Kubernetes主节点的方法的实现流程图。相对于图1对应的实施例,本实施例在Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件的基础上,对S103进行细化后得到S401~S402,详述如下:Please refer to FIG. 4. FIG. 4 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node according to Embodiment 4 of the present application. With respect to the embodiment corresponding to FIG. 1, in this embodiment, based on the Kubernetes master node including the database component, the interface service component, the control component, and the scheduling component, the S103 is refined to obtain S401~S402, which are as follows:
S401:通过所述SaltStack工具部署所述数据库组件,并获取与所述创建参数相关的网络配置数据,将所述网络配置数据加载至所述数据库组件。S401: Deploy the database component by using the SaltStack tool, and obtain network configuration data related to the creation parameter, and load the network configuration data to the database component.
在本申请实施例中,Kubernetes主节点包括数据库(Etcd)组件、接口服务(Kube ApiServer)组件、控制(Kube Controller Manager)组件以及调度(Kube Scheduler)组件,为了便于解释本申请实施例的内容,提供了如图7所示的一个Kubernetes集群的示意图,在图7中,Master代表Kubernetes主节点,Controller Manager代表控制组件,Scheduler代表调度组件,ApiServer代表接口服务组件,Etcd代表数据库组件,最下方的Node代表Kubernetes从节点。值得一提的是,在搭建Kubernetes主节点,配置Kubernetes主节点下的各个组件前,关闭防火墙,基于防火墙策略实现最小化的网络打通,即将管理主节点所在的资源管理区和管理从节点所在的公共服务区之间的网络打通。In the embodiment of the present application, the Kubernetes master node includes a database (Etcd) component, an interface service (Kube ApiServer) component, and a control (Kube). The Controller Manager component and the Kube Scheduler component provide a schematic diagram of a Kubernetes cluster as shown in FIG. 7 for facilitating the explanation of the content of the embodiment of the present application. In FIG. 7, the Master represents the Kubernetes master node, and the Controller The Manager represents the control component, the Scheduler represents the scheduling component, the ApiServer represents the interface service component, the Etcd represents the database component, and the lowest node represents the Kubernetes slave node. It is worth mentioning that before setting up the Kubernetes master node, configuring the components under the Kubernetes master node, shutting down the firewall, and minimizing the network access based on the firewall policy, that is, managing the resource management area where the master node is located and the management slave node. The network between the public service areas is open.
数据库组件即Etcd组件是分布式键值存储服务,通过分布式Raft算法来保证数据一致性,并且提供基于超文本传输协议(HyperText Transfer Protocol,HTTP)和JavaScript 对象标记语言(JavaScript Object Notation,JSON)的应用程序编程接口(Application Programming Interface,API),在本申请实施例中,数据库组件用于配置管理、数据存储及作为分布式锁,可通过SaltStack工具进行部署,具体地,管理从节点根据配置文件配置数据库组件,具体通过配置文件从文件服务器中获取数据库组件配置文件,该数据库组件配置文件为二进制文件,用于配置数据库组件服务,配置内容还包括数据库名称和数据路径等。当数据库组件配置完成后,获取与创建参数相关的网络配置数据,并将网络配置数据加载至数据库组件。其中,网络配置数据的获取方式可以是在脚本文件中预设网络配置模板,并在获取到创建参数时,提取出创建参数中与网络配置数据相关的内容,并添加至网络配置模板中,从而在需要网络配置数据时直接从网络配置模板中获取。在添加Kubernetes从节点,待加入的节点向数据库组件发送请求时,数据库组件可根据网络配置数据将待加入的节点识别为Kubernetes从节点。The database component, the Etcd component, is a distributed key-value storage service that guarantees data consistency through a distributed Raft algorithm and provides Hypertext Transfer Protocol (HTTP) and JavaScript Object Notation (JSON). Application Programming Interface (API). In the embodiment of the present application, the database component is used for configuration management, data storage, and as a distributed lock, which can be deployed through the SaltStack tool, specifically, the management slave node is configured according to The file configuration database component obtains the database component configuration file from the file server through the configuration file. The database component configuration file is a binary file, which is used to configure the database component service, and the configuration content also includes the database name and the data path. After the database component is configured, obtain the network configuration data related to the creation parameters and load the network configuration data into the database component. The network configuration data may be obtained by presetting a network configuration template in the script file, and extracting the content related to the network configuration data in the creation parameter when the parameter is created, and adding the content to the network configuration template, thereby Obtained directly from the network configuration template when network configuration data is required. When a Kubernetes slave node is added, and the node to be joined sends a request to the database component, the database component can identify the node to be joined as a Kubernetes slave node according to the network configuration data.
S402:依次部署所述接口服务组件、所述控制组件以及所述调度组件,并修改所述接口服务组件的服务地址。S402: Deploy the interface service component, the control component, and the scheduling component in sequence, and modify a service address of the interface service component.
数据库组件部署完成后,继续部署接口服务组件。如图7所示,在Kubernetes主节点中,接口服务组件负责与数据库组件进行数据交互,值得一提的是,除了接口服务组件外,Kubernetes主节点的其他组件不会直接操作数据库组件。接口服务组件是Kubernetes主节点的数据中心,管理Kubernetes集群的应用程序编程接口。在步骤S102中提到,配置文件实质上是脚本语言编写的脚本文件,故在本步骤中,根据配置文件自动提取文件服务器中的接口服务配置文件,并根据接口服务配置文件对接口服务组件进行配置。另外,用户输入的创建参数包含数据库组件地址和接口服务地址,而配置文件由创建参数生成,故在步骤中还通过配置文件在接口服务组件中配置数据库组件地址和接口服务组件地址,其中,数据库组件地址为数据库组件中提供数据库服务的地址,在接口服务组件配置该数据库组件地址,以使接口服务组件能够通过数据库组件地址访问数据库组件;接口服务组件地址为接口服务组件的本地地址。值得一提的是,接口服务组件包括两类通信接口,一类是用于为Kubernetes从节点提供访问数据库组件的接口,需要通过安全证书进行权限认证,具体内容在后文进行介绍;另一类是用于与调度组件和控制组件进行数据交互的接口,此接口为组件内部接口,不需进行权限认证。After the database component deployment is complete, continue to deploy the interface service components. As shown in Figure 7, in the Kubernetes master node, the interface service component is responsible for data interaction with the database component. It is worth mentioning that, in addition to the interface service component, other components of the Kubernetes master node do not directly manipulate the database component. The interface service component is the data center of the Kubernetes master node, which manages the application programming interface of the Kubernetes cluster. It is mentioned in step S102 that the configuration file is essentially a script file written by the scripting language. Therefore, in this step, the interface service configuration file in the file server is automatically extracted according to the configuration file, and the interface service component is performed according to the interface service configuration file. Configuration. In addition, the creation parameter input by the user includes the database component address and the interface service address, and the configuration file is generated by the creation parameter, so in the step, the database component address and the interface service component address are also configured in the interface service component through the configuration file, wherein the database The component address is the address of the database service in the database component, and the database component address is configured in the interface service component to enable the interface service component to access the database component through the database component address; the interface service component address is the local address of the interface service component. It is worth mentioning that the interface service component includes two types of communication interfaces, one is used to provide an interface for Kubernetes slave nodes to access database components, and needs to be authenticated by a security certificate. The specific content is introduced later; It is an interface for data interaction with the scheduling component and the control component. This interface is the internal interface of the component and does not require permission authentication.
控制组件为Kubernetes集群的管理控制中心,保证Kubernetes集群中各种资源的状态处于正常状态,当监控到Kubernetes集群中某个资源状态不正常时,控制组件会触发调度操作,控制组件包括节点控制器(Node Controller)和副本控制器(Replication Controller)等。调度组件负责对Kubernetes集群中的容器进行编排,具体负责将容器调度到具体的Kubernetes从节点。调度组件通过接口服务组件提供的应用程序编程接口监听容器,获取待调度容器,并根据预设的排序机制对各个Kubernetes从节点进行排序,将容器调度至排序首位的Kubernetes从节点。通过配置文件从文件服务器中获取控制组件配置文件和调度组件配置文件,控制组件配置文件和调度组件配置文件都为二进制文件,其中控制组件配置文件用于对控制组件相关服务进行配置,调度组件配置文件用于对调度组件相关进行配置。配置过程还包括设置环境变量,环境变量包括控制组件和调度组件的版本环境变量等,环境变量由用户输入的创建参数确定,并通过配置文件在控制组件和调度组件中进行环境变量的自动配置。此外,根据配置文件自动修改接口服务组件的服务地址,以便控制组件和调度组件分别能够与接口服务组件进行数据交互,其中服务地址是指接口服务组件向外提供服务的地址。在配置完成Kubernetes主节点下的所有组件后,可创建系统域名系统(Domain Name System,DNS)服务,也即kube-dns,负责在Kubernetes集群内部创建DNS服务,使得容器之间通过域名查找服务,便于容器之间构建服务。可选地,创建dashboard,dashboard是Kubernetes集群的用户界面,便于用户通过dashboard对Kubernetes集群的资源进行查看及操作。The control component is the management and control center of the Kubernetes cluster, ensuring that the status of various resources in the Kubernetes cluster is in a normal state. When monitoring the status of a resource in the Kubernetes cluster is abnormal, the control component triggers the scheduling operation, and the control component includes the node controller. (Node Controller) and copy controller (Replication Controller). The scheduling component is responsible for orchestrating the containers in the Kubernetes cluster, and is responsible for dispatching the containers to specific Kubernetes slave nodes. The scheduling component listens to the container through the application programming interface provided by the interface service component, obtains the container to be scheduled, and sorts each Kubernetes slave node according to a preset sorting mechanism, and dispatches the container to the Kubernetes slave node of the first sort. The control component configuration file and the scheduling component configuration file are obtained from the file server through the configuration file, and the control component configuration file and the scheduling component configuration file are all binary files, wherein the control component configuration file is used to configure the control component related services, and the component configuration is scheduled. Files are used to configure the scheduling component. The configuration process also includes setting environment variables, including control component and version environment variables of the scheduling component. The environment variables are determined by the creation parameters input by the user, and the environment variables are automatically configured in the control component and the scheduling component through the configuration file. In addition, the service address of the interface service component is automatically modified according to the configuration file, so that the control component and the scheduling component can respectively perform data interaction with the interface service component, wherein the service address refers to an address that the interface service component provides the service to. After configuring all the components under the Kubernetes master node, you can create the Domain Name System (DNS) service, which is kube-dns, which is responsible for creating DNS services inside the Kubernetes cluster, so that the containers can be searched through the domain name. It is convenient to build services between containers. Optionally, a dashboard is created, and the dashboard is a user interface of the Kubernetes cluster, which is convenient for the user to view and operate the resources of the Kubernetes cluster through the dashboard.
通过图4所示实施例可知,在本申请实施例中,Kubernetes主节点包括数据库组件、接口服务组件、控制组件和调度组件,通过SaltStack工具部署数据库组件,并从网络配置模板中获取与创建参数相关的网络配置数据,将网络配置数据加载至所述数据库组件,数据库组件配置完成后,依次部署接口服务组件、控制组件和调度组件,并修改接口服务组件的服务地址,便于控制组件和调度组件单独和接口服务组件进行数据交互,体现了Kubernetes主节点下各个组件的部署过程,提升了组件配置的自动化程度。As shown in the embodiment shown in FIG. 4, in the embodiment of the present application, the Kubernetes master node includes a database component, an interface service component, a control component, and a scheduling component, deploys a database component through the SaltStack tool, and acquires and creates parameters from the network configuration template. Related network configuration data, loading network configuration data into the database component, after the database component configuration is completed, sequentially deploying the interface service component, the control component, and the scheduling component, and modifying the service address of the interface service component, so as to facilitate the control component and the scheduling component Data interaction with the interface service component alone reflects the deployment process of each component under the Kubernetes master node, which improves the automation of component configuration.
请参阅图5,图5是本申请实施例五提供的一种自动搭建Kubernetes主节点的方法的实现流程图。相对于图4对应的实施例,本实施例对S401进行细化后得到S501~S502,详述如下:Referring to FIG. 5, FIG. 5 is a flowchart of an implementation of a method for automatically setting up a Kubernetes master node according to Embodiment 5 of the present application. With respect to the embodiment corresponding to FIG. 4, in this embodiment, S401 is refined to obtain S501~S502, which are as follows:
S501:根据所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制对所述数据库组件的访问权限,第二安全证书用于控制对所述接口服务组件的访问权限。S501: Generate a first security certificate and a second security certificate according to the configuration file, where the first security certificate is used to control access rights to the database component, and the second security certificate is used to control the interface service component. access permission.
由于数据库组件和接口服务组件经常进行数据交互,故为了提升上述两个组件的安全性,在部署数据库组件时,根据配置文件自动生成第一安全证书和第二安全证书,第一安全证书和第二安全证书都为安全套接字层(Secure Socket Layer,SSL)证书。其中,第一安全证书用于控制对数据库组件的访问权限,第二安全证书用于控制对接口服务组件的访问权限。Since the database component and the interface service component often perform data interaction, in order to improve the security of the above two components, when the database component is deployed, the first security certificate and the second security certificate are automatically generated according to the configuration file, and the first security certificate and the first security certificate are The second security certificate is the Secure Sockets Layer (Secure Socket Layer, SSL) certificate. The first security certificate is used to control access rights to the database component, and the second security certificate is used to control access rights to the interface service component.
S502:将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。S502: Configure the first security certificate to the database component and the interface service component, and configure the second security certificate to the interface service component.
将第一安全证书配置至数据库组件和接口服务组件中,配置完成并启动数据库组件服务后,Kubernetes从节点和接口服务组件在与数据库组件进行数据交互之前,都需要经过第一安全证书的验证。将第二安全证书配置至接口服务组件中,在启动接口服务组件服务后,Kubernetes从节点在与接口服务组件进行数据交互之前,都需要经过第二安全证书的验证。After the first security certificate is configured into the database component and the interface service component, after the configuration and startup of the database component service, the Kubernetes slave node and the interface service component need to be verified by the first security certificate before performing data interaction with the database component. The second security certificate is configured into the interface service component. After the interface service component service is started, the Kubernetes slave node needs to be verified by the second security certificate before performing data interaction with the interface service component.
通过图5所示实施例可知,在本申请实施例中,在部署数据库组件时,生成第一安全证书和第二安全证书,并将第一安全证书配置至数据库组件和接口服务组件,用于控制Kubernetes从节点和接口服务组件对数据库组件的访问权限,将第二安全证书配置至接口服务组件,用于控制Kubernetes从节点对接口服务组件的访问权限,提升了数据库组件和接口服务组件的访问安全性。The embodiment shown in FIG. 5 shows that, in the embodiment of the present application, when the database component is deployed, the first security certificate and the second security certificate are generated, and the first security certificate is configured to the database component and the interface service component, and is used for Controls the access rights of Kubernetes from the node and interface service components to the database components, configures the second security certificate to the interface service component, controls the access rights of the Kubernetes slave node to the interface service component, and improves the access of the database component and the interface service component. safety.
在本申请另一实施例中,可基于专有网络实现Kubernetes主节点及Kubernetes集群的搭建,如图8所示,提供了基于Kubernetes集群的区域结构图。首先对图8中的各个结构进行说明,用户专有网络(Virtual Private Cloud,VPC)是用户创建的自定义私有网络,不同的专有网络之间逻辑隔离,用户可在自己的专有网络中创建和管理云主机,实现负载均衡、安全访问控制等功能,VPC1和VPC2是不同用户创建的专有网络。可用区包括资源管理区和公共服务区,以及具体的用户VPC区域,为云平台服务提供具体服务的区域,图8中的ECA和SCA为可用区的两个实例,分别代表华东区A和华南区A。如前所述,资源管理区用于部署资源管理相关的程序与组件,可以访问公共服务区的物理服务器或虚拟机,而公共服务区用于部署为用户提供具体服务的程序或服务,可以与用户VPC互通,公共服务区内包含资源池,资源池为可运行的物理服务器或虚拟机的集合,Package Server代表文件服务器,资源池内的master1和master2等代表Kubernetes主节点,而VPC1和VPC2中的node代表Kubernetes从节点,不同用户的用户VPC之间默认隔离。管理区是相对于可用区更高一层的统称,能够对所有可用区的资源管理区和公共服务区打通并进行管理,图8中管理区内的Manager代表Kubernetes Manager,是能够管理Kubernetes集群的管理程序。In another embodiment of the present application, the Kubernetes primary node and the Kubernetes cluster may be constructed based on a proprietary network. As shown in FIG. 8, a regional structure diagram based on the Kubernetes cluster is provided. First, the various structures in Figure 8 are described, the user-specific network (Virtual Private Cloud (VPC) is a user-created custom private network. Different private networks are logically isolated. Users can create and manage cloud hosts in their own private networks to implement load balancing and secure access control. VPC1 And VPC2 is a proprietary network created by different users. The available area includes the resource management area and the public service area, and the specific user VPC area, which provides specific services for the cloud platform service. The ECA and SCA in Figure 8 are two instances of the available area, representing East China and South China respectively. District A. As mentioned above, the resource management area is used to deploy resource management related programs and components, and can access physical servers or virtual machines in the public service area, and the public service area is used to deploy programs or services that provide specific services to users. The user VPC communicates with each other. The public service area contains the resource pool. The resource pool is a collection of physical servers or virtual machines that can be run. The Package Server represents the file server. The master1 and master2 in the resource pool represent the Kubernetes master node, and the VPC1 and VPC2. Node represents the Kubernetes slave node, and the default user isolation between user VPCs of different users. The management area is a general level with respect to the higher level of the available area. It can open and manage the resource management area and the public service area of all available areas. The Manager in the management area in Figure 8 represents Kubernetes. Manager is a hypervisor that can manage Kubernetes clusters.
另外,图8的管理区中与Manager连接的DB代表数据库,与Manager连接的etcd集群代表数据库组件集群。其中,数据库用于存储数据,数据库组件集群作为分布式锁保证一致性。Kubernetes Manager通过调用资源管理区的管理主节点来对公共服务区的物理服务器或虚拟机进行管理,公共服务区的资源池内存在多个管理从节点,当Kubernetes Manager部署Kubernetes主节点时,从资源池的多个管理从节点中选取可用的管理从节点,并在该管理从节点部署Kubernetes主节点。部署完成后,用户VPC下的节点作为Kubernetes从节点,与Kubernetes主节点组成Kubernetes集群。本申请实施例通过在用户的专有网络下搭建Kubernetes主节点以及Kubernetes集群,保证了不同Kubernetes集群间的隔离性。In addition, the DB connected to the Manager in the management area of FIG. 8 represents a database, and the etcd cluster connected to the Manager represents a cluster of database components. Among them, the database is used to store data, and the database component cluster as a distributed lock guarantees consistency. Kubernetes The Manager manages the physical server or virtual machine of the public service area by calling the management master node of the resource management area. There are multiple management slave nodes in the resource pool of the public service area, when Kubernetes When the Manager deploys the Kubernetes master node, the available management slave nodes are selected from the plurality of management slave nodes of the resource pool, and the Kubernetes master node is deployed on the management slave node. After the deployment is complete, the node under the user VPC acts as a Kubernetes slave node and forms a Kubernetes cluster with the Kubernetes master node. The embodiment of the present application ensures the isolation between different Kubernetes clusters by establishing a Kubernetes master node and a Kubernetes cluster under the user's proprietary network.
对应于上文实施例所述的一种自动搭建Kubernetes主节点的方法,图6示出了本申请实施例提供的一种自动搭建Kubernetes主节点的装置的一个结构框图,参照图6,该装置包括:Corresponding to a method for automatically setting up a Kubernetes master node according to the above embodiment, FIG. 6 is a structural block diagram of an apparatus for automatically setting up a Kubernetes master node according to an embodiment of the present application. Referring to FIG. 6, the device is provided. include:
第一获取单元61,用于获取预设的用于搭建Kubernetes主节点的脚本文件;The first obtaining unit 61 is configured to acquire a preset script file for setting up a Kubernetes master node;
第二获取单元62,用于执行所述脚本文件,以根据用户输入的与所述Kubernetes主节点相关的创建参数,生成配置文件;a second obtaining unit 62, configured to execute the script file to generate a configuration file according to a creation parameter input by the user related to the Kubernetes master node;
搭建单元63,用于启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点。The building unit 63 is configured to start the SaltStack tool to construct the Kubernetes master node according to the configuration file.
可选地,搭建单元63包括:Optionally, the building unit 63 includes:
节点配置单元,用于在所述SaltStack工具下配置管理主节点和多个管理从节点,其中,所述管理主节点与所述多个管理从节点连接;a node configuration unit, configured to configure a management master node and a plurality of management slave nodes under the SaltStack tool, wherein the management master node is connected to the plurality of management slave nodes;
调用单元,用于调用所述管理主节点,以使所述多个管理从节点中的一个根据所述配置文件搭建所述Kubernetes主节点。And a calling unit, configured to invoke the management master node, so that one of the plurality of management slave nodes constructs the Kubernetes master node according to the configuration file.
可选地,调用单元包括:Optionally, the calling unit includes:
检测单元,用于检测所述多个管理从节点下是否存在所述Kubernetes主节点;a detecting unit, configured to detect whether the Kubernetes master node exists under the plurality of management slave nodes;
选取单元,用于若所述多个管理从节点下都不存在所述Kubernetes主节点,则从所述多个管理从节点中选取与所述创建参数对应的管理从节点,作为搭建从节点;a selecting unit, configured to: if the Kubernetes master node does not exist under the plurality of management slave nodes, select a management slave node corresponding to the creation parameter from the plurality of management slave nodes as a slave node;
搭建子单元,用于在所述搭建从节点下根据所述配置文件搭建所述Kubernetes主节点。And establishing a subunit, configured to build the Kubernetes master node according to the configuration file under the setup slave node.
可选地,Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件,搭建单元63包括:Optionally, the Kubernetes master node includes a database component, an interface service component, a control component, and a scheduling component, and the building unit 63 includes:
部署单元,用于通过所述SaltStack工具部署所述数据库组件,并获取与所述创建参数相关的网络配置数据,将所述网络配置数据加载至所述数据库组件;a deployment unit, configured to deploy the database component by using the SaltStack tool, and obtain network configuration data related to the creation parameter, and load the network configuration data into the database component;
依次部署单元,用于依次部署所述接口服务组件、所述控制组件以及所述调度组件,并修改所述接口服务组件的服务地址。And sequentially deploying units for sequentially deploying the interface service component, the control component, and the scheduling component, and modifying a service address of the interface service component.
可选地,部署单元还包括:Optionally, the deployment unit further includes:
生成单元,用于根据所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制对所述数据库组件的访问权限,第二安全证书用于控制对所述接口服务组件的访问权限;a generating unit, configured to generate a first security certificate and a second security certificate according to the configuration file, where the first security certificate is used to control access rights to the database component, and the second security certificate is used to control the interface Access to the service component;
配置单元,用于将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。And a configuration unit, configured to configure the first security certificate to the database component and the interface service component, and configure the second security certificate to the interface service component.
图9是本申请实施例提供的终端设备的示意图。如图9所示,该实施例的终端设备9包括:处理器90以及存储器91,所述存储器91中存储有可在所述处理器90上运行的计算机可读指令92,例如搭建Kubernetes主节点的程序。所述处理器90执行所述计算机可读指令92时实现上述各个自动搭建Kubernetes主节点的方法实施例中的步骤,例如图1所示的步骤S101至S103。或者,所述处理器90执行所述计算机可读指令92时实现上述装置实施例中各单元的功能,例如图6所示单元61至63的功能。FIG. 9 is a schematic diagram of a terminal device according to an embodiment of the present application. As shown in FIG. 9, the terminal device 9 of this embodiment includes a processor 90 and a memory 91 in which computer readable instructions 92 executable on the processor 90 are stored, for example, a Kubernetes master node is built. program of. When the processor 90 executes the computer readable instructions 92, the steps in the method embodiments of the foregoing automatic establishment of the Kubernetes master node are implemented, for example, steps S101 to S103 shown in FIG. Alternatively, the processor 90, when executing the computer readable instructions 92, implements the functions of the various units of the apparatus embodiments described above, such as the functions of the units 61-63 shown in FIG.
示例性的,所述计算机可读指令92可以被分割成一个或多个模块/单元,所述一个或者多个模块/单元被存储在所述存储器91中,并由所述处理器90执行,以完成本申请。所述一个或多个模块/单元可以是能够完成特定功能的一系列计算机可读指令段,该指令段用于描述所述计算机可读指令92在所述终端设备9中的执行过程。例如,所述计算机可读指令92可以被分割成第一获取单元、第二获取单元及搭建单元,各单元具体功能如上所述。Illustratively, the computer readable instructions 92 may be partitioned into one or more modules/units that are stored in the memory 91 and executed by the processor 90, To complete this application. The one or more modules/units may be a series of computer readable instruction segments capable of performing a particular function, the instruction segments being used to describe the execution of the computer readable instructions 92 in the terminal device 9. For example, the computer readable instructions 92 can be segmented into a first acquisition unit, a second acquisition unit, and a construction unit, each unit having a specific function as described above.
所述终端设备可包括,但不仅限于,处理器90、存储器91。本领域技术人员可以理解,图9仅仅是终端设备9的示例,并不构成对终端设备9的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件,例如所述终端设备还可以包括输入输出设备、网络接入设备、总线等。The terminal device may include, but is not limited to, a processor 90 and a memory 91. It will be understood by those skilled in the art that FIG. 9 is only an example of the terminal device 9, does not constitute a limitation of the terminal device 9, may include more or less components than those illustrated, or combine some components, or different components. For example, the terminal device may further include an input/output device, a network access device, a bus, and the like.
所称处理器90可以是中央处理单元(Central Processing Unit,CPU),还可以是其他通用处理器、数字信号处理器 (Digital Signal Processor,DSP)、专用集成电路 (Application Specific Integrated Circuit,ASIC)、现成可编程门阵列 (Field-Programmable Gate Array,FPGA) 或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。The so-called processor 90 can be a central processing unit (Central Processing Unit, CPU), can also be other general-purpose processors, digital signal processors (DSP), application specific integrated circuits (Application Specific Integrated Circuit (ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc. The general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
所述存储器91可以是所述终端设备9的内部存储单元,例如终端设备9的硬盘或内存。所述存储器91也可以是所述终端设备9的外部存储设备,例如所述终端设备9上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。进一步地,所述存储器91还可以既包括所述终端设备9的内部存储单元也包括外部存储设备。所述存储器91用于存储所述计算机可读指令以及所述终端设备所需的其他程序和数据。所述存储器91还可以用于暂时地存储已经输出或者将要输出的数据。The memory 91 may be an internal storage unit of the terminal device 9, such as a hard disk or a memory of the terminal device 9. The memory 91 may also be an external storage device of the terminal device 9, for example, a plug-in hard disk equipped on the terminal device 9, a smart memory card (SMC), and a secure digital (SD). Card, flash card, etc. Further, the memory 91 may also include both an internal storage unit of the terminal device 9 and an external storage device. The memory 91 is configured to store the computer readable instructions and other programs and data required by the terminal device. The memory 91 can also be used to temporarily store data that has been output or is about to be output.
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。The integrated unit, if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application, in essence or the contribution to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium. A number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present application. The foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .
以上所述,以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围。The above embodiments are only used to explain the technical solutions of the present application, and are not limited thereto; although the present application has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that they can still The technical solutions described in the embodiments are modified, or the equivalents of the technical features are replaced by the equivalents. The modifications and substitutions of the embodiments do not depart from the spirit and scope of the technical solutions of the embodiments of the present application.

Claims (20)

  1. 一种自动搭建Kubernetes主节点的方法,其特征在于,包括:A method for automatically setting up a Kubernetes master node, which comprises:
    获取预设的用于搭建Kubernetes主节点的脚本文件;Obtain the default script file used to build the Kubernetes master node;
    执行所述脚本文件,以根据用户输入的与所述Kubernetes主节点相关的创建参数,生成配置文件;Executing the script file to generate a configuration file according to a creation parameter input by the user related to the Kubernetes master node;
    启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点。Start the SaltStack tool to build the Kubernetes master node according to the configuration file.
  2. 如权利要求1所述的方法,其特征在于,所述启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点,包括:The method of claim 1, wherein the launching the SaltStack tool to construct the Kubernetes master node according to the configuration file comprises:
    在所述SaltStack工具下配置管理主节点和多个管理从节点,其中,所述管理主节点与所述多个管理从节点连接;Configuring a management master node and a plurality of management slave nodes under the SaltStack tool, wherein the management master node is connected to the plurality of management slave nodes;
    调用所述管理主节点,以使所述多个管理从节点中的一个根据所述配置文件搭建所述Kubernetes主节点。And calling the management master node, so that one of the plurality of management slave nodes constructs the Kubernetes master node according to the configuration file.
  3. 如权利要求2所述的方法,其特征在于,所述调用所述管理主节点,以使所述多个管理从节点中的一个根据所述配置文件搭建所述Kubernetes主节点,包括:The method of claim 2, wherein the invoking the management master node to cause one of the plurality of management slave nodes to construct the Kubernetes master node according to the configuration file comprises:
    检测所述多个管理从节点下是否存在所述Kubernetes主节点;Detecting whether the Kubernetes master node exists under the plurality of management slave nodes;
    若所述多个管理从节点下都不存在所述Kubernetes主节点,则从所述多个管理从节点中选取与所述创建参数对应的管理从节点,作为搭建从节点;If the Kubernetes master node does not exist under the plurality of management slave nodes, selecting a management slave node corresponding to the creation parameter from the plurality of management slave nodes as a slave node;
    在所述搭建从节点下根据所述配置文件搭建所述Kubernetes主节点。Constructing the Kubernetes master node according to the configuration file under the setup slave node.
  4. 如权利要求1所述的方法,所述Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件,其特征在于,所述启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点,包括:The method of claim 1, wherein the Kubernetes master node comprises a database component, an interface service component, a control component, and a scheduling component, wherein the launching the SaltStack tool to construct the Kubernetes master node according to the configuration file ,include:
    通过所述SaltStack工具部署所述数据库组件,并获取与所述创建参数相关的网络配置数据,将所述网络配置数据加载至所述数据库组件;Deploying the database component by using the SaltStack tool, and acquiring network configuration data related to the creation parameter, loading the network configuration data to the database component;
    依次部署所述接口服务组件、所述控制组件以及所述调度组件,并修改所述接口服务组件的服务地址。The interface service component, the control component, and the scheduling component are deployed in sequence, and the service address of the interface service component is modified.
  5. 如权利要求4所述的方法,其特征在于,所述通过所述SaltStack工具部署所述数据库组件,还包括:The method of claim 4, wherein the deploying the database component by the SaltStack tool further comprises:
    根据所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制对所述数据库组件的访问权限,第二安全证书用于控制对所述接口服务组件的访问权限;Generating a first security certificate and a second security certificate according to the configuration file, where the first security certificate is used to control access rights to the database component, and the second security certificate is used to control access rights to the interface service component ;
    将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。Configuring the first security certificate to the database component and the interface service component and configuring the second security certificate to the interface service component.
  6. 一种自动搭建Kubernetes主节点的装置,其特征在于,包括:A device for automatically setting up a Kubernetes master node, comprising:
    第一获取单元,用于获取预设的用于搭建Kubernetes主节点的脚本文件;a first acquiring unit, configured to acquire a preset script file used to build a Kubernetes master node;
    第二获取单元,用于执行所述脚本文件,以根据用户输入的与所述Kubernetes主节点相关的创建参数,生成配置文件;a second acquiring unit, configured to execute the script file, to generate a configuration file according to a creation parameter input by the user related to the Kubernetes primary node;
    搭建单元,用于启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点。A building unit is configured to start the SaltStack tool to construct the Kubernetes master node according to the configuration file.
  7. 如权利要求6所述的装置,其特征在于,所述搭建单元,还包括:The device of claim 6, wherein the building unit further comprises:
    节点配置单元,用于在所述SaltStack工具下配置管理主节点和多个管理从节点,其中,所述管理主节点与所述多个管理从节点连接;a node configuration unit, configured to configure a management master node and a plurality of management slave nodes under the SaltStack tool, wherein the management master node is connected to the plurality of management slave nodes;
    调用单元,用于调用所述管理主节点,以使所述多个管理从节点中的一个根据所述配置文件搭建所述Kubernetes主节点。And a calling unit, configured to invoke the management master node, so that one of the plurality of management slave nodes constructs the Kubernetes master node according to the configuration file.
  8. 如权利要求7所述的装置,其特征在于,所述调用单元,包括:The device according to claim 7, wherein the calling unit comprises:
    检测单元,用于检测所述多个管理从节点下是否存在所述Kubernetes主节点;a detecting unit, configured to detect whether the Kubernetes master node exists under the plurality of management slave nodes;
    选取单元,用于若所述多个管理从节点下都不存在所述Kubernetes主节点,则从所述多个管理从节点中选取与所述创建参数对应的管理从节点,作为搭建从节点;a selecting unit, configured to: if the Kubernetes master node does not exist under the plurality of management slave nodes, select a management slave node corresponding to the creation parameter from the plurality of management slave nodes as a slave node;
    搭建子单元,用于在所述搭建从节点下根据所述配置文件搭建所述Kubernetes主节点。And establishing a subunit, configured to build the Kubernetes master node according to the configuration file under the setup slave node.
  9. 如权利要求6所述的装置,所述Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件,其特征在于,所述搭建单元,包括:The device of claim 6, wherein the Kubernetes master node comprises a database component, an interface service component, a control component, and a scheduling component, wherein the building unit comprises:
    部署单元,用于通过所述SaltStack工具部署所述数据库组件,并获取与所述创建参数相关的网络配置数据,将所述网络配置数据加载至所述数据库组件;a deployment unit, configured to deploy the database component by using the SaltStack tool, and obtain network configuration data related to the creation parameter, and load the network configuration data into the database component;
    依次部署单元,用于依次部署所述接口服务组件、所述控制组件以及所述调度组件,并修改所述接口服务组件的服务地址。And sequentially deploying units for sequentially deploying the interface service component, the control component, and the scheduling component, and modifying a service address of the interface service component.
  10. 如权利要求9所述的装置,其特征在于,所述部署单元,还包括:The device according to claim 9, wherein the deployment unit further comprises:
    生成单元,用于根据所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制对所述数据库组件的访问权限,第二安全证书用于控制对所述接口服务组件的访问权限;a generating unit, configured to generate a first security certificate and a second security certificate according to the configuration file, where the first security certificate is used to control access rights to the database component, and the second security certificate is used to control the interface Access to the service component;
    配置单元,用于将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。And a configuration unit, configured to configure the first security certificate to the database component and the interface service component, and configure the second security certificate to the interface service component.
  11. 一种终端设备,其特征在于,包括存储器以及处理器,所述存储器中存储有可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现如下步骤:A terminal device, comprising: a memory and a processor, wherein the memory stores computer readable instructions executable on the processor, and the processor implements the following steps when the computer readable instructions are executed :
    获取预设的用于搭建Kubernetes主节点的脚本文件;Obtain the default script file used to build the Kubernetes master node;
    执行所述脚本文件,以根据用户输入的与所述Kubernetes主节点相关的创建参数,生成配置文件;Executing the script file to generate a configuration file according to a creation parameter input by the user related to the Kubernetes master node;
    启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点。Start the SaltStack tool to build the Kubernetes master node according to the configuration file.
  12. 根据权利要求11所述的终端设备,其特征在于,所述启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点,包括:The terminal device according to claim 11, wherein the starting the SaltStack tool to construct the Kubernetes master node according to the configuration file comprises:
    在所述SaltStack工具下配置管理主节点和多个管理从节点,其中,所述管理主节点与所述多个管理从节点连接;Configuring a management master node and a plurality of management slave nodes under the SaltStack tool, wherein the management master node is connected to the plurality of management slave nodes;
    调用所述管理主节点,以使所述多个管理从节点中的一个根据所述配置文件搭建所述Kubernetes主节点。And calling the management master node, so that one of the plurality of management slave nodes constructs the Kubernetes master node according to the configuration file.
  13. 根据权利要求12所述的终端设备,其特征在于,所述调用所述管理主节点,以使所述多个管理从节点中的一个根据所述配置文件搭建所述Kubernetes主节点,包括:The terminal device according to claim 12, wherein the calling the management master node to enable one of the plurality of management slave nodes to construct the Kubernetes master node according to the configuration file comprises:
    检测所述多个管理从节点下是否存在所述Kubernetes主节点;Detecting whether the Kubernetes master node exists under the plurality of management slave nodes;
    若所述多个管理从节点下都不存在所述Kubernetes主节点,则从所述多个管理从节点中选取与所述创建参数对应的管理从节点,作为搭建从节点;If the Kubernetes master node does not exist under the plurality of management slave nodes, selecting a management slave node corresponding to the creation parameter from the plurality of management slave nodes as a slave node;
    在所述搭建从节点下根据所述配置文件搭建所述Kubernetes主节点。Constructing the Kubernetes master node according to the configuration file under the setup slave node.
  14. 根据权利要求11所述的终端设备,所述Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件,其特征在于,所述启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点,包括:The terminal device according to claim 11, wherein the Kubernetes master node comprises a database component, an interface service component, a control component, and a scheduling component, wherein the launching the SaltStack tool to construct the Kubernetes master according to the configuration file Nodes, including:
    通过所述SaltStack工具部署所述数据库组件,并获取与所述创建参数相关的网络配置数据,将所述网络配置数据加载至所述数据库组件;Deploying the database component by using the SaltStack tool, and acquiring network configuration data related to the creation parameter, loading the network configuration data to the database component;
    依次部署所述接口服务组件、所述控制组件以及所述调度组件,并修改所述接口服务组件的服务地址。The interface service component, the control component, and the scheduling component are deployed in sequence, and the service address of the interface service component is modified.
  15. 根据权利要求14所述的终端设备,其特征在于,所述通过所述SaltStack工具部署所述数据库组件,还包括:The terminal device according to claim 14, wherein the deploying the database component by using the SaltStack tool further includes:
    根据所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制对所述数据库组件的访问权限,第二安全证书用于控制对所述接口服务组件的访问权限;Generating a first security certificate and a second security certificate according to the configuration file, where the first security certificate is used to control access rights to the database component, and the second security certificate is used to control access rights to the interface service component ;
    将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。Configuring the first security certificate to the database component and the interface service component and configuring the second security certificate to the interface service component.
  16. 一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,其特征在于,所述计算机可读指令被至少一个处理器执行时实现如下步骤:A computer readable storage medium storing computer readable instructions, wherein the computer readable instructions, when executed by at least one processor, implement the following steps:
    获取预设的用于搭建Kubernetes主节点的脚本文件;Obtain the default script file used to build the Kubernetes master node;
    执行所述脚本文件,以根据用户输入的与所述Kubernetes主节点相关的创建参数,生成配置文件;Executing the script file to generate a configuration file according to a creation parameter input by the user related to the Kubernetes master node;
    启动SaltStack工具,以根据所述配置文件搭建所述Kubernetes主节点。Start the SaltStack tool to build the Kubernetes master node according to the configuration file.
  17. 根据权利要求16所述的计算机可读存储介质,其特征在于,所述计算机可读指令被至少一个处理器执行时实现如下步骤:The computer readable storage medium of claim 16, wherein the computer readable instructions are executed by at least one processor to implement the following steps:
    在所述SaltStack工具下配置管理主节点和多个管理从节点,其中,所述管理主节点与所述多个管理从节点连接;Configuring a management master node and a plurality of management slave nodes under the SaltStack tool, wherein the management master node is connected to the plurality of management slave nodes;
    调用所述管理主节点,以使所述多个管理从节点中的一个根据所述配置文件搭建所述Kubernetes主节点。And calling the management master node, so that one of the plurality of management slave nodes constructs the Kubernetes master node according to the configuration file.
  18. 根据权利要求17所述的计算机可读存储介质,其特征在于,所述计算机可读指令被至少一个处理器执行时实现如下步骤:The computer readable storage medium of claim 17, wherein the computer readable instructions are executed by at least one processor to implement the following steps:
    检测所述多个管理从节点下是否存在所述Kubernetes主节点;Detecting whether the Kubernetes master node exists under the plurality of management slave nodes;
    若所述多个管理从节点下都不存在所述Kubernetes主节点,则从所述多个管理从节点中选取与所述创建参数对应的管理从节点,作为搭建从节点;If the Kubernetes master node does not exist under the plurality of management slave nodes, selecting a management slave node corresponding to the creation parameter from the plurality of management slave nodes as a slave node;
    在所述搭建从节点下根据所述配置文件搭建所述Kubernetes主节点。Constructing the Kubernetes master node according to the configuration file under the setup slave node.
  19. 根据权利要求16所述的计算机可读存储介质,所述Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件,其特征在于,所述计算机可读指令被至少一个处理器执行时实现如下步骤:The computer readable storage medium of claim 16, the Kubernetes master node comprising a database component, an interface service component, a control component, and a scheduling component, wherein the computer readable instructions are implemented by at least one processor The following steps:
    通过所述SaltStack工具部署所述数据库组件,并获取与所述创建参数相关的网络配置数据,将所述网络配置数据加载至所述数据库组件;Deploying the database component by using the SaltStack tool, and acquiring network configuration data related to the creation parameter, loading the network configuration data to the database component;
    依次部署所述接口服务组件、所述控制组件以及所述调度组件,并修改所述接口服务组件的服务地址。The interface service component, the control component, and the scheduling component are deployed in sequence, and the service address of the interface service component is modified.
  20. 根据权利要求19所述的计算机可读存储介质,其特征在于,所述计算机可读指令被至少一个处理器执行时还实现如下步骤:A computer readable storage medium according to claim 19, wherein said computer readable instructions, when executed by at least one processor, further implement the following steps:
    根据所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制对所述数据库组件的访问权限,第二安全证书用于控制对所述接口服务组件的访问权限;Generating a first security certificate and a second security certificate according to the configuration file, where the first security certificate is used to control access rights to the database component, and the second security certificate is used to control access rights to the interface service component ;
    将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。Configuring the first security certificate to the database component and the interface service component and configuring the second security certificate to the interface service component.
PCT/CN2018/093710 2018-03-30 2018-06-29 Method and device for automatically building kubernetes main node, terminal device and computer-readable storage medium WO2019184116A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810276602.8A CN108536519B (en) 2018-03-30 2018-03-30 Method for automatically building Kubernetes main node and terminal equipment
CN201810276602.8 2018-03-30

Publications (1)

Publication Number Publication Date
WO2019184116A1 true WO2019184116A1 (en) 2019-10-03

Family

ID=63482051

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/093710 WO2019184116A1 (en) 2018-03-30 2018-06-29 Method and device for automatically building kubernetes main node, terminal device and computer-readable storage medium

Country Status (2)

Country Link
CN (1) CN108536519B (en)
WO (1) WO2019184116A1 (en)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111444062A (en) * 2020-04-01 2020-07-24 山东汇贸电子口岸有限公司 Method and device for managing master node and slave node of cloud database
CN111880815A (en) * 2020-07-14 2020-11-03 北京中电广通技术服务有限公司 Method for rapidly deploying Kubernets in closed network environment
CN111984623A (en) * 2020-08-14 2020-11-24 北京人大金仓信息技术股份有限公司 Database cluster automatic deployment method, device, medium and electronic equipment
CN112632527A (en) * 2020-12-18 2021-04-09 航天信息股份有限公司 API (application programming interface) testing method and system for service open platform
CN113301069A (en) * 2020-04-07 2021-08-24 阿里巴巴集团控股有限公司 Serverless management system, calling method thereof and cloud native application platform
CN113965546A (en) * 2021-09-10 2022-01-21 济南浪潮数据技术有限公司 Method for setting tenant special DNS server for application by container cloud platform
CN113986881A (en) * 2021-10-29 2022-01-28 济南浪潮数据技术有限公司 A method, system, device and medium for building a dual-active and master-slave synchronization environment
CN114006815A (en) * 2020-07-13 2022-02-01 中移(苏州)软件技术有限公司 Automatic deployment method and device for cloud platform nodes, nodes and storage medium
CN114185646A (en) * 2021-12-13 2022-03-15 深圳壹账通智能科技有限公司 Method, device and equipment for deploying product and readable storage medium
CN114443059A (en) * 2020-10-30 2022-05-06 中国联合网络通信集团有限公司 Deployment method, device and equipment of Kubernetes cluster
CN114493548A (en) * 2022-02-22 2022-05-13 光大科技有限公司 Continuous delivery implementation method and device
CN114679380A (en) * 2021-04-09 2022-06-28 腾讯云计算(北京)有限责任公司 Method and related device for creating edge cluster
CN115022335A (en) * 2022-05-27 2022-09-06 桂林电子科技大学 Kubernetes Pod scheduling method based on multi-objective balanced optimization
EP4095678A1 (en) * 2021-08-20 2022-11-30 Beijing Baidu Netcom Science And Technology Co., Ltd. Method and apparatus of deploying a cluster, device and storage medium
CN116132267A (en) * 2022-12-30 2023-05-16 天翼物联科技有限公司 Public cloud-based Internet of things equipment platform and deployment method thereof
CN117112144A (en) * 2023-09-22 2023-11-24 上海卓悠网络科技有限公司 A method, system and storage medium for deploying k3s on the android system
US11861405B2 (en) 2020-04-29 2024-01-02 Kyndryl, Inc. Multi-cluster container orchestration
CN119225752A (en) * 2024-12-03 2024-12-31 之江实验室 Linux system and its construction method based on RISC-V architecture integrated with PENGLAI trusted execution environment

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109392020A (en) * 2018-10-26 2019-02-26 中山大学 A kind of resource management platform towards 5G mobile network
CN109189569A (en) * 2018-11-02 2019-01-11 郑州云海信息技术有限公司 A kind of Docker method for optimizing scheduling, device, terminal and storage medium
CN111352664B (en) * 2018-12-05 2023-11-03 北京京东尚科信息技术有限公司 Distributed machine learning task starting method, system, equipment and storage medium
CN109753301A (en) * 2018-12-06 2019-05-14 东软集团股份有限公司 Application system dispositions method, device, storage medium and electronic equipment
CN109857644A (en) * 2018-12-30 2019-06-07 贝壳技术有限公司 A kind of method and device of fast construction software testing environment
CN110166278A (en) * 2019-04-09 2019-08-23 平安科技(深圳)有限公司 Kubernetes cluster building method, apparatus, computer equipment and storage medium
CN111144839B (en) * 2019-12-17 2024-02-02 深圳市优必选科技股份有限公司 Project construction method, continuous integration system and terminal equipment
CN115834168B (en) * 2022-11-14 2024-08-13 浪潮云信息技术股份公司 Method and system for realizing public service network based on private network connection
CN118331764B (en) * 2024-06-07 2024-08-09 北京凌云雀科技有限公司 Remote data processing method and device based on Kubernetes platform

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105553737A (en) * 2015-12-25 2016-05-04 浪潮(北京)电子信息产业有限公司 Node management method and system
US20170111241A1 (en) * 2015-10-19 2017-04-20 Draios Inc. Automated service-oriented performance management
CN106850621A (en) * 2017-02-07 2017-06-13 南京云创大数据科技股份有限公司 A kind of method based on container cloud fast construction Hadoop clusters

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102591679B (en) * 2011-11-30 2014-09-17 中国科学院计算机网络信息中心 Quick application software arrangement method for cluster system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170111241A1 (en) * 2015-10-19 2017-04-20 Draios Inc. Automated service-oriented performance management
CN105553737A (en) * 2015-12-25 2016-05-04 浪潮(北京)电子信息产业有限公司 Node management method and system
CN106850621A (en) * 2017-02-07 2017-06-13 南京云创大数据科技股份有限公司 A kind of method based on container cloud fast construction Hadoop clusters

Cited By (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111444062B (en) * 2020-04-01 2023-09-19 山东汇贸电子口岸有限公司 Method and device for managing master node and slave node of cloud database
CN111444062A (en) * 2020-04-01 2020-07-24 山东汇贸电子口岸有限公司 Method and device for managing master node and slave node of cloud database
CN113301069A (en) * 2020-04-07 2021-08-24 阿里巴巴集团控股有限公司 Serverless management system, calling method thereof and cloud native application platform
US11861405B2 (en) 2020-04-29 2024-01-02 Kyndryl, Inc. Multi-cluster container orchestration
CN114006815B (en) * 2020-07-13 2024-01-26 中移(苏州)软件技术有限公司 Automatic deployment method and device for cloud platform nodes, nodes and storage medium
CN114006815A (en) * 2020-07-13 2022-02-01 中移(苏州)软件技术有限公司 Automatic deployment method and device for cloud platform nodes, nodes and storage medium
CN111880815A (en) * 2020-07-14 2020-11-03 北京中电广通技术服务有限公司 Method for rapidly deploying Kubernets in closed network environment
CN111880815B (en) * 2020-07-14 2024-01-23 北京朗玛峰科技有限公司 Method for rapidly deploying Kubernetes in closed network environment
CN111984623B (en) * 2020-08-14 2024-02-09 北京人大金仓信息技术股份有限公司 Automatic deployment method and device for database cluster, medium and electronic equipment
CN111984623A (en) * 2020-08-14 2020-11-24 北京人大金仓信息技术股份有限公司 Database cluster automatic deployment method, device, medium and electronic equipment
CN114443059A (en) * 2020-10-30 2022-05-06 中国联合网络通信集团有限公司 Deployment method, device and equipment of Kubernetes cluster
CN112632527B (en) * 2020-12-18 2024-03-08 航天信息股份有限公司 An API testing method and system for service open platform
CN112632527A (en) * 2020-12-18 2021-04-09 航天信息股份有限公司 API (application programming interface) testing method and system for service open platform
CN114679380A (en) * 2021-04-09 2022-06-28 腾讯云计算(北京)有限责任公司 Method and related device for creating edge cluster
CN114679380B (en) * 2021-04-09 2024-04-26 腾讯云计算(北京)有限责任公司 Method and related device for creating edge cluster
EP4095678A1 (en) * 2021-08-20 2022-11-30 Beijing Baidu Netcom Science And Technology Co., Ltd. Method and apparatus of deploying a cluster, device and storage medium
US20230060053A1 (en) * 2021-08-20 2023-02-23 Beijing Baidu Netcom Science Technology Co., Ltd. Method and apparatus of deploying a cluster, and storage medium
CN113965546A (en) * 2021-09-10 2022-01-21 济南浪潮数据技术有限公司 Method for setting tenant special DNS server for application by container cloud platform
CN113986881A (en) * 2021-10-29 2022-01-28 济南浪潮数据技术有限公司 A method, system, device and medium for building a dual-active and master-slave synchronization environment
CN114185646A (en) * 2021-12-13 2022-03-15 深圳壹账通智能科技有限公司 Method, device and equipment for deploying product and readable storage medium
CN114493548A (en) * 2022-02-22 2022-05-13 光大科技有限公司 Continuous delivery implementation method and device
CN115022335A (en) * 2022-05-27 2022-09-06 桂林电子科技大学 Kubernetes Pod scheduling method based on multi-objective balanced optimization
CN115022335B (en) * 2022-05-27 2024-11-12 桂林电子科技大学 Kubernetes Pod Scheduling Method Based on Multi-Objective Balanced Optimization
CN116132267A (en) * 2022-12-30 2023-05-16 天翼物联科技有限公司 Public cloud-based Internet of things equipment platform and deployment method thereof
CN117112144A (en) * 2023-09-22 2023-11-24 上海卓悠网络科技有限公司 A method, system and storage medium for deploying k3s on the android system
CN117112144B (en) * 2023-09-22 2024-03-12 上海卓悠网络科技有限公司 Method and system for deploying k3s on android system and storage medium
CN119225752A (en) * 2024-12-03 2024-12-31 之江实验室 Linux system and its construction method based on RISC-V architecture integrated with PENGLAI trusted execution environment

Also Published As

Publication number Publication date
CN108536519B (en) 2023-04-07
CN108536519A (en) 2018-09-14

Similar Documents

Publication Publication Date Title
WO2019184116A1 (en) Method and device for automatically building kubernetes main node, terminal device and computer-readable storage medium
WO2019218463A1 (en) Method and apparatus for automatically building kubernetes master node on basis of ansible tool, terminal device, and readable storage medium
CN108549580B (en) Method for automatically deploying Kubernets slave nodes and terminal equipment
JP6935496B2 (en) Management of messaging protocol communication
CN107145380B (en) Virtual resource arranging method and device
US10700947B2 (en) Life cycle management method and device for network service
WO2021147288A1 (en) Container cluster management method, device and system
EP3913859B1 (en) Vnf life cycle management method and apparatus
CN104144073B (en) Master-slave device environment deployment method and master-slave device environment deployment system
WO2017162173A1 (en) Method and device for establishing connection of cloud server cluster
WO2016155394A1 (en) Method and device for establishing link between virtual network functions
CN106375101A (en) A life cycle management method and device
CN104468791B (en) The construction method of private clound IaaS platforms
JP2006107500A (en) Updating software during its execution
US20170300696A1 (en) Software verification method and apparatus
CN106325953A (en) Weblogic cluster one-key automatic deployment method
CN104717233A (en) Database deployment method and device
EP3442201B1 (en) Cloud platform construction method and cloud platform
CN115604120B (en) A multi-cloud cluster resource sharing method, device, equipment and storage medium
CN113127150A (en) Rapid deployment method and device of cloud native system, electronic equipment and storage medium
US9264339B2 (en) Hosted network management
US20210240511A1 (en) Computer-implemented method for reducing service disruption times for a universal customer premise equipment, ucpe, device with resource constraint in a network functions virtualization, nfv, network infrastucture
EP3193253B1 (en) Method, apparatus and system for displaying names of virtual machine
KR101493828B1 (en) Method for virtual machine auto-configuration and method for providing virtual machine auto-configuration service
US10979439B1 (en) Identity management for coordinated devices in a networked environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18911924

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 21.01.2021)

122 Ep: pct application non-entry in european phase

Ref document number: 18911924

Country of ref document: EP

Kind code of ref document: A1