| In the early days of cloud computing,the applications that cloud data centers provide services for users are all running in virtual machines.However,the cost of providing services for users in virtual machines is too high.In order to reduce the cost of servicing users,container technology emerges as the times require,with Docker as the representative.The container can also realize the isolation and control of resources,and multiple containers can share resources such as storage,which greatly reduces the cost.With the increasing size of cloud data centers and users,the demand for excellent container orchestration systems is becoming more and more urgent,and then a number of orchestration systems are taking advantage of the trend,while the Kubernetes system with Google as the background is the leader.The Kubernetes system provides instant coverage of the container,elastic scaling,health detection and high availability,ensuring a complete lifecycle of the container.However,there are shortcomings in K8 s system.That is,the network of the K8 s system has not been unified by the universal scheme,and the existing default network scheme is a flat network.All Pods can communicate with each other.It does not meet the needs of large cloud data centers for multi-tenant network isolation.In view of the existing network problems,during the study of the existing network,this thesis finds that the Kubernetes system needs network isolation in terms of Pod,and the relationship between Pod and tenant is many-to-one,thus associating the relationship between network and subnetwork abstracted from Neutron network system,and realizing two-layer network isolation and three-layer isolation domains respectively,and then combining them.After studying,it is found that the idea of Neutron network can be used in the solution of this thesis,so the network system of this thesis is designed.The system includes a PodNetSet module that is responsible for starting the entire network system with the kubelet and allocating network resources for the Pod,and the TenNetAlloc module for dividing the bandwidth of the tenant to ensure the whole system can be used as the system core to manage the NetManager module of the entire network system,and is responsible for transmitting to the NetManager.The NetCtl module for command and resource configuration information,and PodLink is responsible for making up for the lack of native kube-proxy.The five modules work together to complete the management of the Kubernetes system network.In this thesis,the design framework of the whole network system is introduced in detail,and the design and implementation of each module under the framework are described in detail,and the combination of each module and Kubernetes is designed and implemented at the end of the article.The test environment was built and the function and performance of the network system designed in this thesis were tested.Then it was compared with the original network.Finally,the test results were analyzed and the conclusion was drawn. |
PDF Full Text Request