我是靠谱客的博主 从容蜡烛,最近开发中收集的这篇文章主要介绍【kubernetes/k8s源码分析】kubelet cri源码分析1. getRuntimeAndImageServices 函数2. NewKubeGenericRuntimeManager 函数,觉得挺不错的,现在分享给大家,希望可以做个参考。
概述
CRI基本原理
早期的 kubernetes 使用 docker 作为默认的 runtime,后来又加入 rkt,每加入一种新运行时,k8s 都要修改接口。container runtime 加入,不同的容器的实现和功能差异很大。标准就是 CRI(Container RunTime Interface)。k8s 不再关心底层的容器运行时,kubelet只感知到 CRI server,而 CRI server 只需遵循 CRI 标准实现
CRI 接口定义在 k8s.io/cri-api/pkg/apis/services.go,看看具体定义了哪些接口
RuntimeService 接口
RuntimeVersioner,负责返回 runtime 名字,版本以及 API 版本,一个接口函数 Version
- Version(apiVersion string) (*runtimeapi.VersionResponse, error)
ContainerManager,对 container 的操作接口,简单明了
- CreateContainer(podSandboxID string, config *runtimeapi.ContainerConfig, sandboxConfig *runtimeapi.PodSandboxConfig) (string, error)
- StartContainer(containerID string) error
- StopContainer(containerID string, timeout int64) error
- RemoveContainer(containerID string) error
- ListContainers(filter *runtimeapi.ContainerFilter) ([]*runtimeapi.Container, error)
- ContainerStatus(containerID string) (*runtimeapi.ContainerStatus, error)
- UpdateContainerResources(containerID string, resources *runtimeapi.LinuxContainerResources) error
- ExecSync(containerID string, cmd []string, timeout time.Duration) (stdout []byte, stderr []byte, err error)
- Exec(*runtimeapi.ExecRequest) (*runtimeapi.ExecResponse, error)
- Attach(req *runtimeapi.AttachRequest) (*runtimeapi.AttachResponse, error)
- ReopenContainerLog(ContainerID string) error
PodSandboxManager,负责操作 sandbox (Pause 容器或者虚拟机),是线程安全的,包括方法如下:
- RunPodSandbox(config *runtimeapi.PodSandboxConfig, runtimeHandler string) (string, error)
- StopPodSandbox(podSandboxID string) error
- RemovePodSandbox(podSandboxID string) error
- PodSandboxStatus(podSandboxID string) (*runtimeapi.PodSandboxStatus, error)
- ListPodSandbox(filter *runtimeapi.PodSandboxFilter) ([]*runtimeapi.PodSandbox, error)
- PortForward(*runtimeapi.PortForwardRequest) (*runtimeapi.PortForwardResponse, error)
状态查询接口等
// RuntimeService interface should be implemented by a container runtime. // The methods should be thread-safe. type RuntimeService interface { RuntimeVersioner ContainerManager PodSandboxManager ContainerStatsManager // UpdateRuntimeConfig updates runtime configuration if specified UpdateRuntimeConfig(runtimeConfig *runtimeapi.RuntimeConfig) error // Status returns the status of the runtime. Status() (*runtimeapi.RuntimeStatus, error) }
ImageManagerService 接口
定义了镜像的接口,包括查询,下载,删除等操作
// ImageManagerService interface should be implemented by a container image
// manager.
// The methods should be thread-safe.
type ImageManagerService interface {
// ListImages lists the existing images.
ListImages(filter *runtimeapi.ImageFilter) ([]*runtimeapi.Image, error)
// ImageStatus returns the status of the image.
ImageStatus(image *runtimeapi.ImageSpec) (*runtimeapi.Image, error)
// PullImage pulls an image with the authentication config.
PullImage(image *runtimeapi.ImageSpec, auth *runtimeapi.AuthConfig, podSandboxConfig *runtimeapi.PodSandboxConfig) (string, error)
// RemoveImage removes the image.
RemoveImage(image *runtimeapi.ImageSpec) error
// ImageFsInfo returns information of the filesystem that is used to store images.
ImageFsInfo() ([]*runtimeapi.FilesystemUsage, error)
}
RunKubelet
--> createAndInitKubelet
--> NewMainKubelet
--> getRuntimeAndImageServices (第 1 章节讲解)
--> NewKubeGenericRuntimeManager
1. getRuntimeAndImageServices 函数
NewRemoteRuntimeService 实例化 remote runtime 服务,实现了上述的 RuntimeService 接口
NewRemoteImageService 实例化 remote 镜像服务,实现了上述的 ImageManagerService 接口
func getRuntimeAndImageServices(remoteRuntimeEndpoint string, remoteImageEndpoint string, runtimeRequestTimeout metav1.Duration) (internalapi.RuntimeService, internalapi.ImageManagerService, error) {
rs, err := remote.NewRemoteRuntimeService(remoteRuntimeEndpoint, runtimeRequestTimeout.Duration)
if err != nil {
return nil, nil, err
}
is, err := remote.NewRemoteImageService(remoteImageEndpoint, runtimeRequestTimeout.Duration)
if err != nil {
return nil, nil, err
}
return rs, is, err
}1.1 NewRemoteRuntimeService 函数
实现是与 remote endpoint 建立 GRPC 连接,实例化 RemoteRuntimeService,实现了 RuntimeService 接口,实现路径在
pkg/kubelet/remote/remote_runtime.go 中,接口的实现是调用 GRPC 客户端发送 GRPC 请求
// NewRemoteRuntimeService creates a new internalapi.RuntimeService.
func NewRemoteRuntimeService(endpoint string, connectionTimeout time.Duration) (internalapi.RuntimeService, error) {
klog.V(3).Infof("Connecting to runtime service %s", endpoint)
addr, dailer, err := util.GetAddressAndDialer(endpoint)
if err != nil {
return nil, err
}
ctx, cancel := context.WithTimeout(context.Background(), connectionTimeout)
defer cancel()
conn, err := grpc.DialContext(ctx, addr, grpc.WithInsecure(), grpc.WithDialer(dailer), grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(maxMsgSize)))
if err != nil {
klog.Errorf("Connect remote runtime %s failed: %v", addr, err)
return nil, err
}
return &RemoteRuntimeService{
timeout: connectionTimeout,
runtimeClient: runtimeapi.NewRuntimeServiceClient(conn),
logReduction: logreduction.NewLogReduction(identicalErrorDelay),
}, nil
}
1.1.1 RunPodSandbox 创建 sandbox
向 remote server 发送 GRPC RunPodSandboxRequest 请求
// RunPodSandbox creates and starts a pod-level sandbox. Runtimes should ensure
// the sandbox is in ready state.
func (r *RemoteRuntimeService) RunPodSandbox(config *runtimeapi.PodSandboxConfig, runtimeHandler string) (string, error) {
// Use 2 times longer timeout for sandbox operation (4 mins by default)
// TODO: Make the pod sandbox timeout configurable.
ctx, cancel := getContextWithTimeout(r.timeout * 2)
defer cancel()
resp, err := r.runtimeClient.RunPodSandbox(ctx, &runtimeapi.RunPodSandboxRequest{
Config: config,
RuntimeHandler: runtimeHandler,
})
if err != nil {
klog.Errorf("RunPodSandbox from runtime service failed: %v", err)
return "", err
}
if resp.PodSandboxId == "" {
errorMessage := fmt.Sprintf("PodSandboxId is not set for sandbox %q", config.GetMetadata())
klog.Errorf("RunPodSandbox failed: %s", errorMessage)
return "", errors.New(errorMessage)
}
return resp.PodSandboxId, nil
}1.2 NewRemoteImageService 函数
实现方式是与 remote 建立 GRPC 连接,实例化 RemoteImageService,实现了上述的 ImageManagerService 接口
,实现路径在 pkg/kubelet/remote/remote_image.go 中,接口的实现是调用 GRPC 客户端发送 GRPC 请求
// NewRemoteImageService creates a new internalapi.ImageManagerService.
func NewRemoteImageService(endpoint string, connectionTimeout time.Duration) (internalapi.ImageManagerService, error) {
klog.V(3).Infof("Connecting to image service %s", endpoint)
addr, dailer, err := util.GetAddressAndDialer(endpoint)
if err != nil {
return nil, err
}
ctx, cancel := context.WithTimeout(context.Background(), connectionTimeout)
defer cancel()
conn, err := grpc.DialContext(ctx, addr, grpc.WithInsecure(), grpc.WithDialer(dailer), grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(maxMsgSize)))
if err != nil {
klog.Errorf("Connect remote image service %s failed: %v", addr, err)
return nil, err
}
return &RemoteImageService{
timeout: connectionTimeout,
imageClient: runtimeapi.NewImageServiceClient(conn),
}, nil
}
2. NewKubeGenericRuntimeManager 函数
实例化 kubeGenericRuntimeManager,实现了 KubeGenericRuntime 接口,定义在 pkg/kubelet/kuberuntime/kuberuntime_manager.go 中,接口包括,容器运行时,以及命令接口
// NewKubeGenericRuntimeManager creates a new kubeGenericRuntimeManager
func NewKubeGenericRuntimeManager(
recorder record.EventRecorder,
livenessManager proberesults.Manager,
seccompProfileRoot string,
containerRefManager *kubecontainer.RefManager,
machineInfo *cadvisorapi.MachineInfo,
podStateProvider podStateProvider,
osInterface kubecontainer.OSInterface,
runtimeHelper kubecontainer.RuntimeHelper,
httpClient types.HttpGetter,
imageBackOff *flowcontrol.Backoff,
serializeImagePulls bool,
imagePullQPS float32,
imagePullBurst int,
cpuCFSQuota bool,
cpuCFSQuotaPeriod metav1.Duration,
runtimeService internalapi.RuntimeService,
imageService internalapi.ImageManagerService,
internalLifecycle cm.InternalContainerLifecycle,
legacyLogProvider LegacyLogProvider,
runtimeClassManager *runtimeclass.Manager,
) (KubeGenericRuntime, error)赋值 runtime
klet.containerRuntime = runtime klet.streamingRuntime = runtime klet.runner = runtime
最后
以上就是从容蜡烛为你收集整理的【kubernetes/k8s源码分析】kubelet cri源码分析1. getRuntimeAndImageServices 函数2. NewKubeGenericRuntimeManager 函数的全部内容,希望文章能够帮你解决【kubernetes/k8s源码分析】kubelet cri源码分析1. getRuntimeAndImageServices 函数2. NewKubeGenericRuntimeManager 函数所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复