Network endpoint slicing method and system based on Kubernetes container

A network and endpoint technology, applied in the field of operation control of software applications, can solve problems such as performance degradation, inability to efficiently read/update a single endpoint, etc., and achieve the effects of improving performance, improving scalability, and reducing traffic load

Pending Publication Date: 2020-12-18
中国东盟信息港股份有限公司
View PDF10 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 2. In a large kubernetes cluster, performance drops
Changes to a single endpoint cannot be efficiently read / updated. For example, during a service rolling upgrade, if it is considered that each node will have a kube-proxy listening to the endpoint, the traffic situation will become more severe, because a large number of The endpoint modification operation will trigger the traffic transmission of the listening event

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network endpoint slicing method and system based on Kubernetes container
  • Network endpoint slicing method and system based on Kubernetes container
  • Network endpoint slicing method and system based on Kubernetes container

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] Such as figure 1 and figure 2 As shown, a method for slicing network endpoints based on Kubernetes containers in this embodiment, the Kubernetes cluster loads and runs several modules, and the corresponding relationship between the new EndpointSlice resource and other resources and some restrictions are as follows:

[0029] 1. A service can be mapped to N endpoint slices.

[0030] 2. An endpoint slice contains a maximum of 100 network endpoints (endpoints) by default, and the maximum number can be modified through the configuration in the controllermanager.

[0031] 3. The number of endpoint slice resources is also limited by the resource quota of the namespace, which can protect the Kubernetes control plane and prevent malicious users from attacking the APIServer by creating a service that selects all container groups.

[0032] The method of network endpoint slicing includes the following:

[0033] Step S1, an EndpointSliceController is configured in the controller...

Embodiment 2

[0056] Based on the above-mentioned embodiment 1, a system for slicing network endpoints based on Kubernetes containers in this embodiment will be described below. For detailed description and other examples, please refer to the description of the above-mentioned embodiment 1.

[0057] A system for slicing network endpoints based on Kubernetes containers in this embodiment includes the following content:

[0058] Configuration module: used to configure an EndpointSlice Controller in the controller manager component of the Kubernetes cluster. When the EndpointSlice Controller starts, it monitors Service and Pod resources through the API Server;

[0059] Monitoring operation module: used for EndpointSlice Controller to monitor the occurrence of new, modified or deleted events of Service or Pod, and perform corresponding new, modified or deleted operations on EndpointSlice resources;

[0060] Update rule module: It is used for the Kube-Proxy component to monitor the addition, mod...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network endpoint slicing method based on a Kubernetes container, which belongs to the operation control technology of software application, and comprises the following steps:configuring an EndpointSlice Controller in a controller manger component in a Kubernetes cluster, and monitoring Service and Pod resources through an API Server when the EndpointSlice Controller is started; when the EndpointSlice Controller monitors that the Service or the Pod is subjected to the event of adding, modifying or deleting, the EndpointSlice Resource is subjected to the correspondingoperation of adding, modifying or deleting; and when the Kube-Proxy component monitors that the EndpointSlices are newly added, modified or deleted, the KubeProxy component synchronously and correspondingly updates the rule of the Service function, so that the Service function is realized or prohibited. According to the method, the network endpoint resource EndpointSlice is newly added, when it ismonitored that EndpointSlices are changed, iptables or IPVS rules can be synchronously updated, the actual function of Service is achieved or forbidden, the flow load condition of a large cluster canbe greatly reduced, and the performance of the cluster is improved.

Description

technical field [0001] The invention relates to the technical field of operation control of software applications, in particular to a method for slicing network endpoints based on Kubernetes containers. Background technique [0002] An object of Kubernetes' existing network endpoint (Endpoints) resource contains all network endpoints of a service (Service). A single network endpoint is generally composed of the ip of the container group (Pod) plus the declared port. Whenever a single pod in a service is added / updated / deleted, the entire Endpoints object (even if no other endpoints change) is recomputed, written to storage (etcd), and sent to all watchers (e.g. kube-proxy ). However, this creates two major problems: [0003] 1. Due to the lack of paging and single monitoring / storage design, storing large endpoint information will put pressure on multiple components of the system. Since the K8s storage layer etcd has a hard limit on the size of a single object (the default ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/08
CPCH04L41/082H04L41/0823H04L67/025H04L67/1095H04L67/1097H04L67/1001
Inventor 赵凯麟王志雄韦克璐
Owner 中国东盟信息港股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap