Kubernetes对Docker的管理是通过一个第三方组件实现的。在Kubernetes1.2中这个第三方组件就是go-dockerclient,这是一个GO语言写的docker客户端,支持Docker remote API,这个项目在https://github.com/fsouza/go-dockerclient中;在Kubernetes1.3中直接使用docker公司提供的client来实现,通过这个client可以实现同Docker Deamon之间的通讯,这个客户端项目在https://github.com/docker/engine-api/中,感兴趣的话可以去看看。
下面是Docker版本同API版本对应关系:
Docker版本 | API版本 |
1.12x | 1.24 |
1.11.x | 1.23 |
1.10.x | |
1.9.x | |
1.8.x | |
1.7.x | |
1.6.x | |
1.5.x | |
1.4.x | |
1.3.x | |
1.2.x |
下面表格第一列是Docker官网上API 1.24版本,第二列是API使用方式,第三列是Kubernetes1.2中使用到的Docker API,第四列是Kubernetes1.3中使用到的Docker API,从这个列表就可以看到kuberneters13都调用了哪些Docker API接口,以及可以实现Docker哪些功能。
Docker API 1.24 | 使用方式 | Kubernetes1.2 | Kubernetes1.3 |
Get container stats based on resource usage | GET /containers/(id)/stats |
|
|
Update a container | POST /containers/(id)/update |
|
|
Rename a container | POST /containers/(id)/rename |
|
|
Retrieving information about files and folders in a container | HEAD /containers/(id)/archive |
|
|
List containers | GET /containers/json | √ | √ |
Inspect a container | GET /containers/(id)/json | √ | √ |
Inspect changes on a container’s filesystem | GET /containers/(id)/changes | √ | √ |
Create a container | POST /containers/create | √ | √ |
Start a container | POST /containers/(id)/start | √ | √ |
Stop a container | POST /containers/(id)/stop | √ | √ |
Restart a container | POST /containers/(id)/restart |
|
|
Pause a container | POST /containers/(id)/pause |
|
|
Unpause a container | POST /containers/(id)/unpause |
|
|
List processes running inside a container | GET /containers/(id)/top |
|
|
Kill a container | POST /containers/(id)/kill | √ | √ |
Remove a container | DELETE /containers/(id) | √ | √ |
Get an archive of a filesystem resource in a container | GET /containers/(id)/archive |
|
|
Extract an archive of files or folders to a directory in a container | PUT /containers/(id)/archive |
|
|
Copy files or folders from a container | POST /containers/(id)/copy,以后会被删除掉,使用archive代替 |
|
|
Wait a container | POST /containers/(id)/wait |
|
|
Create a new image from a container’s changes | POST /commit |
|
|
Attach to a container | POST /containers/(id)/attach | √ | √ |
Attach to a container (websocket) | GET /containers/(id or name)/attach/ws |
|
|
Get container logs | GET /containers/(id)/logs | √ | √ |
Resize a container TTY | POST /containers/(id)/resize |
|
|
Export a container | GET /containers/(id)/export |
|
|
List Images | GET /images/json | √ | √ |
Inspect an image | GET /images/(name)/json | √ | √ |
Get the history of an image | GET /images/(name)/history |
| √ |
Push an image on the registry | POST /images/(name)/push |
|
|
Build image from a Dockerfile | POST /build |
|
|
Create an image | POST /images/create | √ | √ |
Load a tarball with a set of images and tags into docker | POST /images/load |
|
|
Get a tarball containing all images in a repository | GET /images/(name)/get |
|
|
Get a tarball containing all images | GET /images/get |
|
|
Tag an image into a repository | POST /images/(name)/tag |
|
|
Remove an image | DELETE /images/(name) | √ | √ |
Search images | GET /images/search |
|
|
Monitor Docker’s events | GET /events |
|
|
Show the docker version information | GET /version | √ | √ |
Display system-wide information | GET /info | √ | √ |
Ping the docker server | GET /_ping |
|
|
List volumes | GET /volumes |
|
|
Create a volume | POST /volumes/create |
|
|
Inspect a volume | GET /volumes/(name) |
|
|
Remove a volume | DELETE /volumes/(name) |
|
|
List networks | GET /networks |
|
|
Inspect network | GET /networks/<network-id> |
|
|
Create a network | POST /networks/create |
|
|
Remove a network | DELETE /networks/(id) |
|
|
Connect a container to a network | POST /networks/(id)/connect |
|
|
Disconnect a container from a network | POST /networks/(id)/disconnect |
|
|
Check auth configuration | POST /auth |
|
|
Exec Create | POST /containers/(id)/exec | √ | √ |
Exec Start | POST /exec/(id)/start | √ | √ |
Exec Resize | POST /exec/(id)/resize |
|
|
Exec Inspect | GET /exec/(id)/json | √ | √ |
List plugins | GET /plugins |
|
|
Install a plugin | POST /plugins/pull?name=<plugin name> |
|
|
Inspect a plugin | GET /plugins/(plugin name) |
|
|
Enable a plugin | POST /plugins/(plugin name)/enable |
|
|
Disable a plugin | POST /plugins/(plugin name)/disable |
|
|
Remove a plugin | DELETE /plugins/(plugin name) |
|
|
List nodes | GET /nodes |
|
|
Inspect a node | GET /nodes/<id> |
|
|
Remove a node | DELETE /nodes/<id> |
|
|
Update a node | POST /nodes/<id>/update |
|
|
Inspect swarm | GET /swarm |
|
|
Initialize a new swarm | POST /swarm/init |
|
|
Join an existing swarm | POST /swarm/join |
|
|
Leave a swarm | POST /swarm/leave |
|
|
Update a swarm | POST /swarm/update |
|
|
List services | GET /services |
|
|
Create a service | POST /services/create |
|
|
Remove a service | DELETE /services/(id or name) |
|
|
Inspect one or more services | GET /services/(id or name) |
|
|
Update a service | POST /services/(id or name)/update |
|
|
List tasks | GET /tasks |
|
|
Inspect a task | GET /tasks/(task id) |
|
|
从表格中可以看到,Kubernetes1.3中调用了Docker的Get the history of an image接口,调用这个接口的目的是获取镜像的详细历史信息。
另外从表格中可以看到,Kubernetes没有使用到Docker的网络接口,也没有使用到Docker的卷接口,原因是Kubernetes自己定义了Service和POD,自己实现了POD之间的网络和挂载到POD上的卷。
从表格中也可以看到,Kubernetes对Docker容器的管理只有很少的功能,甚至都没有使用到Docker的重启接口,还是因为Kubernetes自己定义的POD,Kubernetes以POD为基本操作单元,而且是Kubernetes从容器集群管理角度设计的,所以不存在对POD里面单个Docker容器的重启操作。
那么我们可以用下面这张图来把POD和容器之间的关系形象化,此图仅供说明问题时的参考,并无实际意义。
我们可以把POD看作是机器里面的操作系统,把容器看作是里面的进程,在操作系统内部进程间是可以通过IPC(Inter-Process Communication)进行通讯的,不同操作系统之间的进程是通过操作系统IP和端口进行通讯的,那么对应到POD和容器,就变成了POD内部容器间事可以通过IPC(Inter-Process Communication)进行通讯的,不同POD之间的容器是通过POD IP和端口进行通讯的。从集群的角度来考虑问题,Kubernetes基本操作单元是POD,不需要关注到POD中的容器,那么我们可以想象一下,如果我们要按照虚拟机的使用方式来使用容器,那样的话应该如何使用Kubernetes呢?可以看下面的图:
这样我们就实现了像虚拟机那样使用容器,我们可以认为POD就是一个虚拟机,只不过在这个虚拟机中只有一个容器。但是如果要对这个虚拟机进行操作的时候我们发现问题来了,从前面的表格中可以看到,Kubernetes对Docker容器的管理只有很少的功能,没有使用到Docker的重启接口,但是如果把容器当作虚拟机用,必然要使用重启功能,抛开Kubernetes的设计理念,我们自己可以扩展Kubernetes对POD重启的实现,实现把容器当作虚拟机来使用的需求。