[go: up one dir, main page]

WO2019218463A1 - Method and apparatus for automatically building kubernetes master node on basis of ansible tool, terminal device, and readable storage medium - Google Patents

Method and apparatus for automatically building kubernetes master node on basis of ansible tool, terminal device, and readable storage medium Download PDF

Info

Publication number
WO2019218463A1
WO2019218463A1 PCT/CN2018/097113 CN2018097113W WO2019218463A1 WO 2019218463 A1 WO2019218463 A1 WO 2019218463A1 CN 2018097113 W CN2018097113 W CN 2018097113W WO 2019218463 A1 WO2019218463 A1 WO 2019218463A1
Authority
WO
WIPO (PCT)
Prior art keywords
node
component
master node
configuration file
kubernetes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2018/097113
Other languages
French (fr)
Chinese (zh)
Inventor
邓志弘
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Publication of WO2019218463A1 publication Critical patent/WO2019218463A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45562Creating, deleting, cloning virtual machine instances

Definitions

  • the present application belongs to the field of data processing technologies, and in particular, to a method, a device, a terminal device and a computer readable storage medium for automatically setting up a Kubernetes master node based on an Ansible tool.
  • a container can be understood as a sandbox in which one application runs, and different containers are isolated from each other, but a communication mechanism can be established between the containers.
  • the container technology provided by Docker allows for the same, each container being a separate virtual environment or application.
  • Kubernetes is an open source container orchestration tool that combines the functions of combining several containers into one service and dynamically allocating hosts running on the container, providing great convenience for users to use the container.
  • Kubernetes clusters need to be built.
  • Kubernetes clusters include two types of nodes: master node and slave node.
  • the master node is responsible for the management and scheduling of all resources in the Kubernetes cluster. Therefore, the master node is built first.
  • each step in the setup process requires manual configuration by the user, and the construction efficiency is low.
  • the embodiment of the present application provides a method, an apparatus, a terminal device, and a computer readable storage medium for automatically setting up a Kubernetes master node based on an Ansible tool, so as to solve the problem of low efficiency of building a Kubernetes master node in the prior art.
  • the first aspect of the embodiment of the present application provides a method for automatically setting up a Kubernetes master node based on an Ansible tool, and completing a Kubernetes master node by executing a preset deployment script, including:
  • a second aspect of the embodiments of the present application provides an apparatus for automatically setting up a Kubernetes master node based on an Ansible tool, and may include a unit for implementing the steps of the foregoing method for automatically setting a Kubernetes master node based on an Ansible tool.
  • a third aspect of the embodiments of the present application provides a terminal device, including a memory and a processor, where the computer stores computer readable instructions executable on the processor, the processor executing the computer
  • the steps of the above method for automatically setting up the Kubernetes master node based on the Ansible tool are implemented when the instruction is read.
  • a fourth aspect of the embodiments of the present application provides a computer readable storage medium storing computer readable instructions, which are implemented by a processor to implement the above-described automatic build based on an Ansible tool.
  • the steps of the Kubernetes master node method are implemented by a processor to implement the above-described automatic build based on an Ansible tool.
  • the embodiment of the present application completes the establishment of the Kubernetes master node by executing a preset deployment script, including filling the user-entered creation parameters related to the Kubernetes master node into a preset configuration template, thereby generating a configuration file from multiple available nodes.
  • the available node refers to the available physical node or virtual machine node.
  • the Ansible tool is automatically invoked.
  • the Kubernetes master node is set up in the node to be deployed, and the deployment script is implemented.
  • the automation of the Kubernetes main node has improved the construction efficiency.
  • FIG. 1 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool in Embodiment 1 of the present application;
  • FIG. 2 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool in Embodiment 2 of the present application;
  • FIG. 3 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool in Embodiment 3 of the present application;
  • FIG. 4 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool in Embodiment 4 of the present application;
  • FIG. 5 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool in Embodiment 5 of the present application;
  • FIG. 6 is a structural block diagram of an apparatus for automatically setting up a Kubernetes master node based on an Ansible tool in Embodiment 6 of the present application;
  • FIG. 7 is a schematic diagram of a Kubernetes cluster in Embodiment 7 of the present application.
  • Embodiment 8 is a regional structure diagram based on a Kubernetes cluster in Embodiment 8 of the present application;
  • FIG. 9 is a schematic diagram of a terminal device in Embodiment 9 of the present application.
  • FIG. 1 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool according to an embodiment of the present application. As shown in Figure 1, the method includes the following steps:
  • S101 Add a creation parameter related to the Kubernetes primary node input by the user to the preset configuration template to generate a configuration file.
  • Kubernetes is a container orchestration tool for automated container operations. It enables the deployment and scheduling of containers, as well as inter-cluster extensions.
  • the physical server or virtual machine with Kubernetes tools is called the Kubernetes node.
  • multiple Kubernetes nodes are required to be formed as Kubernetes clusters (Kubernetes) Cluster) to achieve the deployment and management of the container.
  • the Kubernetes master node Kerbernetes Master
  • the Kubernetes master node Kerbernetes Master
  • the Kubernetes cluster usually includes multiple subordinate objects of the Kubernetes master node, that is, multiple Kubernetes Nodes (Kubernetes Node), which are used to actually run the container allocated by the Kubernetes master node.
  • Kubernetes Nodes Kubernetes Node
  • the automatic establishment of the Kubernetes master node is performed by executing a preset deployment script, which is specifically performed by performing the configuration of the code in the configuration process of the Kubernetes master node.
  • the deployment script automatically completes steps S101 to S103.
  • the deployment script is a script file
  • the script file is a combination of a series of actions that control the computer to perform arithmetic operations, in which logical branches can be implemented.
  • the deployment script is written in the Shell language.
  • the deployment script can also be written in other languages suitable for writing script files.
  • the deployment script corresponding to the build body is determined from the pre-stored multiple deployment scripts, and the deployment script is executed.
  • a building body that initiates the building action that is, the terminal device of the user who initiated the building action.
  • the environment of the terminal device may be different, such as the operating system.
  • the terminal device can run under the Windows operating system or the Linux operating system.
  • the code for building the Kubernetes master node may also be different.
  • multiple deployment scripts can be pre-written, each of which corresponds to an environment terminal device.
  • a plurality of deployment scripts are pre-stored, for example, may be stored in a cloud server, and after the building entity issues an instruction to set up a Kubernetes master node, the corresponding deployment is determined from the cloud server according to the environment of the building entity. Scripts and automate the deployment script to improve the applicability of the deployment script to the build body.
  • the user is provided with a setup option for setting up a Kubernetes master node, and the setup option may be presented in the form of a graphical interface or a command line.
  • the setup option may be presented in the form of a graphical interface or a command line.
  • the user is configured to build the Kubernetes master node.
  • an operation of determining a deployment script corresponding to the build body from the plurality of pre-stored deployment scripts is performed.
  • the creation parameters related to the Kubernetes master node input by the user are first added to the preset configuration template, and the configuration file is automatically generated.
  • the creation parameters related to the Kubernetes master node include the attribute parameters of the Kubernetes master node, such as the installation version, the address of the Kubernetes master node, the node identifier (name) of the main Kubernetes node, and the area identifier.
  • the creation parameters also include the composition of the Kubernetes master. Attribute parameters of each node component of the node, etc.
  • the configuration template can be preset according to the content format of the created parameter, and the configuration template includes the name of each content format of the created parameter, so that the user can input the corresponding name. Content, which improves the normativeness of creating parameter inputs and reduces the possibility of creating parameter input errors.
  • S102 Determine, to be deployed, a node to be deployed corresponding to the configuration file, where the available node is an available physical node or a virtual machine node.
  • a resource area stored by a plurality of available nodes is referred to as a public service area
  • the public service area is used to deploy a program or service that provides a specific service for the user, that is, multiple available nodes in the public service area are available.
  • the condition for deploying the Kubernetes master node where the available nodes are available physical nodes or virtual machine nodes. Since the configuration file contains the node identifier (name) of the primary node running Kubernetes and the area identifier, the node corresponding to the configuration file can be determined from multiple available nodes, and the node is used as the node to be deployed.
  • S103 Call the Ansible tool to build the Kubernetes master node in the to-be-deployed node based on the configuration file.
  • the traditional tools such as the kops tool can build the Kubernetes master node, in the specific construction process, the user still needs to manually write code to perform the configuration of the address of the Kubernetes master node.
  • the Ansible tool is invoked, and the Ansible tool automatically builds a Kubernetes master node in the node to be deployed based on the configuration file.
  • the Ansible tool is an automated operation and maintenance management tool based on the Python language. Compared to other tools such as server/client architecture, the Ansible tool does not need to deploy a client agent on the node to be deployed.
  • the Ansible tool can send a secure shell protocol to the node to be deployed (Secure Shell, SSH) commands to implement communication between the node to be deployed and the building entity.
  • SSH Secure Shell
  • the Ansible tool is automatically invoked, and the node components related to the Kubernetes master node are configured in the node to be deployed according to the creation parameters in the configuration file. After the configuration is completed, That is, the Kubernetes master node is successfully built in the node to be deployed.
  • the host may automatically send a configuration file-based query instruction to the management program of the public service area to determine the node to be deployed under the execution of the deployment script, or may be executed under the execution of the deployment script.
  • the building entity directly determines the node to be deployed from among the available nodes based on the configuration file directly through the Ansible tool.
  • the key pair generated by the SSH key command in the construction body can be obtained (including private
  • the key and the public key are distributed to the node to be deployed and stored in the storage space of the node to be deployed, so that the node to be deployed can implement the password-free login.
  • the embodiment shown in FIG. 1 shows that, in the embodiment of the present application, the establishment of the Kubernetes master node is completed by executing a preset deployment script, and specifically, the user-entered creation related to the Kubernetes master node is performed during the execution of the deployment script.
  • Add parameters to the preset configuration template generate a configuration file, determine the node to be deployed corresponding to the configuration file among the available physical nodes or virtual machine nodes, and finally call the Ansible tool to build Kubernetes in the node to be deployed based on the configuration file.
  • the master node realizes the automatic establishment of the Kubernetes master node, which reduces the possibility of human error in the traditional configuration process and improves the building efficiency of the Kubernetes master node.
  • FIG. 2 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool according to Embodiment 2 of the present application.
  • the embodiment refines the process before S102 to obtain S201 ⁇ S202, which are as follows:
  • S201 Detect whether there is a node that is building the Kubernetes master node or has built the Kubernetes master node among the plurality of available nodes.
  • the Kubernetes master node in this step refers to the node that matches the attribute parameters in the configuration file. Specifically, a corresponding detection command is sent to a plurality of available nodes, and feedback of the plurality of available nodes regarding the detection command is received to perform detection by the Kubernetes master node.
  • the nodes to be deployed corresponding to the configuration files are determined to be stopped in the multiple available nodes in order to avoid the waste of resources caused by the repeated construction.
  • the subsequent operation stops the execution of the deployment script; if there are no nodes in the available nodes that are building the Kubernetes master node or the Kubernetes master node, the Kubernetes master node is not created and is executed in multiple available nodes. Determine the operation of the node to be deployed corresponding to the configuration file.
  • FIG. 3 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool according to Embodiment 3 of the present application.
  • the embodiment obtains S301 ⁇ S302 after S103 is refined, and the details are as follows:
  • S301 Obtain a binary configuration file associated with the Kubernetes master node from a binary file server.
  • the Kubernetes master node is built according to the binary configuration file
  • the binary configuration file can be understood as the installation file of the Kubernetes master node, so the binary configuration file is first obtained from the binary file server.
  • the binary file server is a download server independent of the Kubernetes master node and the Kubernetes cluster, which is used to store various types of binary files and various types of scripts.
  • the deployment script can be pre-stored in the binary file server, and the deployment script can be obtained from the binary file server when the Kubernetes primary node needs to be built.
  • S302 Start a script component preset in the Ansible tool, so that the Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures an operating environment of the Kubernetes master node.
  • the script component is a component of the Ansible tool for configuring a remote node, which describes the steps for operating a remote node.
  • the script component can contain a list of multiple elements, each of which is for a host, so the script component allows the Ansible tool to order multiple hosts. Under the element list of the script component, there are task lists (tasks), and each task under the task list is a call to the Ansible tool.
  • the description is performed by one of the node components, and the corresponding configuration task of the node component can be:
  • the configuration of multiple node components of the Kubernetes master node is also required according to the configuration file. After the configuration of multiple node components is completed, the configuration of the operating environment of the Kubernetes master node is completed, that is, the Kubernetes master node is set up.
  • the binary configuration file associated with the Kubernetes master node is first obtained from the binary file server, and the script component in the Ansible tool is started, so that the Ansible tool is pre-processed according to the script component.
  • the task is to complete the installation of the binary configuration file and the configuration of the multiple node components of the Kubernetes master node.
  • the configuration of the Kubernetes master node running environment is completed, and the Kubernetes master is improved by obtaining the binary configuration file.
  • the convenience of the node and the automation of building the Kubernetes master node is further improved by running the preset script component.
  • FIG. 4 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool according to Embodiment 4 of the present application.
  • the S302 is refined to obtain S401 ⁇ S402, which are as follows:
  • S401 Deploy the database component by using the Ansible tool, wherein network configuration data is obtained from the configuration file, and the network configuration data is loaded to the database component.
  • the Kubernetes master node includes a database (Etcd) component, an interface service (Kube ApiServer) component, and a control (Kube). Controller Manager) components and scheduling (Kube Scheduler) components.
  • Etcd database
  • Kube ApiServer interface service
  • Kube Scheduler scheduling
  • FIG. 7 a schematic diagram of a Kubernetes cluster as shown in FIG. 7 is provided.
  • the Master represents the Kubernetes master node
  • the Controller The Manager represents the control component
  • the Scheduler represents the scheduling component
  • the ApiServer represents the interface service component
  • Etcd represents the database component
  • the lowest node represents the Kubernetes slave node.
  • the database component is a distributed key-value storage service that guarantees data consistency through a distributed Raft algorithm and provides a hypertext transfer protocol (HyperText). Transfer Protocol, HTTP) and JavaScript object markup language (JavaScript Object Notation, JSON) Application Programming Interface (API).
  • the database component is used for configuration management, data storage, and as a distributed lock, and the database component is deployed through the Ansible tool.
  • the Ansible tool obtains a binary file corresponding to the database component from the binary configuration file according to the task in the script component, copies the binary file to a binary directory, creates a startup service file of the database component, and creates the startup service file.
  • the parameter file in the configuration file adds the network configuration data in the configuration file to the parameter file, and finally configures the startup service file to be booted.
  • the network configuration data refers to the monitoring uniform resource locator associated with the database component in the configuration file ( Uniform Resource Locator, URL) and notification URL, etc.
  • the listener URL is used by the database component to communicate with the Kubernetes slave node
  • the URL is used for the database component to communicate with the interface service component.
  • S402 Deploy the interface service component, the control component, and the scheduling component in sequence, where an address of the Kubernetes master node is configured according to the configuration file.
  • the interface service component is responsible for data interaction with the database component. It is worth mentioning that, in addition to the interface service component, other node components of the Kubernetes master node do not directly manipulate the database component.
  • the interface service component is the data center of the Kubernetes master node, which manages the application programming interface of the Kubernetes cluster.
  • the process of configuring the interface service component is similar to that of the configuration database component.
  • the service address of the interface service component and the above notification URL are extracted from the configuration file and added to the parameter file.
  • the interface service component can access the database component by telling the URL, and the service address is for the convenience of the interface component and other node components except the interface service component and the database component. Data interaction.
  • the control component is the management and control center of the Kubernetes cluster, ensuring that the status of various resources in the Kubernetes cluster is in a normal state.
  • the control component triggers the scheduling operation, and the control component includes the node controller. (Node Controller) and copy controller (Replication Controller).
  • the scheduling component is responsible for orchestrating the containers in the Kubernetes cluster, and is responsible for dispatching the containers to specific Kubernetes slave nodes.
  • the scheduling component listens to the container through the application programming interface provided by the interface service component, obtains the container to be scheduled, and sorts each Kubernetes slave node according to a preset sorting mechanism, and dispatches the container to the Kubernetes slave node of the first sort.
  • the configuration process of the control component and the scheduling component is similar to the configuration process of the database component described above, except that when the parameter file corresponding to the control component is configured and the parameter file corresponding to the scheduling component is configured, the address of the Kubernetes master node is obtained from the configuration file. And added to the parameter file. It is worth mentioning that the control component and the scheduling component are generally located at the same node, so the address of the configured control component itself and the address of the scheduling component itself are usually the same.
  • DNS Domain Name System
  • a dashboard is created, and the dashboard is a user interface of the Kubernetes cluster, which facilitates the user to view and operate the resources of the Kubernetes cluster through the dashboard, thereby improving the user experience.
  • the Ansible tool sequentially deploys a database component, an interface service component, a control component, and a scheduling component according to tasks in the script component, wherein the configuration file is deployed when the database component is deployed.
  • Obtain the network configuration data and load the network configuration data into the parameter file corresponding to the database component.
  • When deploying the control component and the scheduling component obtain the address of the Kubernetes master node from the configuration file, and load the address to the corresponding component of the control component.
  • the deployment of each node component of the Kubernetes master node is performed in order, which reduces the possibility of error and improves the orderliness of building the Kubernetes master node.
  • FIG. 5 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool according to Embodiment 5 of the present application.
  • the embodiment further includes:
  • S501 Generate a first security certificate and a second security certificate based on the configuration file, where the first security certificate is used to control access rights of the database component, and the second security certificate is used to control access rights of the interface service component. .
  • the first security certificate and the second security are automatically generated according to the configuration file.
  • the certificate, the first security certificate and the second security certificate are all Secure Sockets Layer (Secure Socket Layer, SSL) certificate.
  • the first security certificate is used to control access rights of the database component
  • the second security certificate is used to control access rights of the interface service component.
  • S502 Configure the first security certificate to the database component and the interface service component, and configure the second security certificate to the interface service component.
  • the first security certificate is configured into the database component and the interface service component, the configuration is completed, and the startup service file corresponding to the database component is configured to be booted, and the Kubernetes slave node and the interface service component need to perform data interaction with the database component.
  • the second security certificate is configured into the interface service component, the configuration is completed, and the startup service file corresponding to the interface service component is configured to be booted, and the Kubernetes slave node needs to go through the data before interacting with the interface service component. Verification of the second security certificate. It is worth mentioning that step S501 and step S502 can be written in advance to the task of the Ansible tool script component to implement automatic configuration.
  • the first security certificate and the second security certificate are generated based on the configuration file, and the first security certificate is configured into the database component and the interface service component to control the database component. Access rights, the second security certificate is configured into the interface service component to control the access rights of the interface service component, and the security of the Kubernetes master node and the Kubernetes cluster is improved.
  • the Kubernetes primary node and the Kubernetes cluster may be constructed based on a proprietary network.
  • a regional structure diagram based on the Kubernetes cluster is provided.
  • the user-specific network Virtual Private Cloud (VPC) is a user-created custom private network. Different private networks are logically isolated. Users can create and manage cloud hosts in their own private networks to implement load balancing and secure access control.
  • VPC1 And VPC2 is a proprietary network created by different users.
  • the available area is the area that provides specific services for the cloud platform service, including the public service area and the specific user VPC area.
  • the ECA and SCA in Figure 8 are two instances of the available area, representing East China A and South China A respectively.
  • the public service area is used to deploy a program or service that provides specific services for the user, and can communicate with the user VPC.
  • the public service area includes a resource pool, the resource pool is a collection of available nodes, and the Package Server represents a binary file server, and the master1 in the resource pool. Master2 and so on represent the available nodes, while nodes in VPC1 and VPC2 are used to build Kubernetes slave nodes, and user VPCs of different users are isolated by default.
  • the management area is a general level with respect to the higher level of the available area.
  • the public service area can be managed by the Ansible tool, which can be understood as the above-mentioned construction main body.
  • the Manager in the management area in Figure 8 represents the Kubernetes Manager, which is a hypervisor that can manage the Kubernetes cluster.
  • the DB connected to the Manager in the management area of FIG. 8 represents a database
  • the etcd cluster connected to the Manager represents a database component cluster, wherein the database is used for storing data, and in FIG. 8, the database component has been set up in advance and is being managed.
  • the Kubernetes master node is built in the available nodes of the resource pool. When multiple node components of the Kubernetes master node are deployed, if the database component is involved, only the address of the database component needs to point to the database component cluster.
  • Kubernetes Manager manages multiple available nodes in the public service area by calling the Ansible tool.
  • Kubernetes The Manager selects the node to be deployed corresponding to the configuration file from multiple available nodes in the resource pool by using the Ansible tool, and deploys the Kubernetes master node in the node to be deployed.
  • the node under the user VPC can be configured as a Kubernetes slave node, and the Kubernetes cluster is formed with the Kubernetes master node.
  • the embodiment of the present application ensures the isolation between different Kubernetes clusters by establishing a Kubernetes master node and a Kubernetes cluster under the user's proprietary network.
  • FIG. 6 is a structural block diagram of an apparatus for automatically setting up the Kubernetes master node based on the Ansible tool according to the embodiment of the present application.
  • the apparatus includes:
  • the adding unit 61 is configured to add a creation parameter related to the Kubernetes master node input by the user to the preset configuration template, and generate a configuration file;
  • a determining unit 62 configured to determine, in the plurality of available nodes, a node to be deployed corresponding to the configuration file, where the available node is an available physical node or a virtual machine node;
  • the calling unit 63 is configured to invoke the Ansible tool to build the Kubernetes master node in the to-be-deployed node based on the configuration file.
  • the determining unit 62 further includes:
  • a detecting unit configured to detect whether there is a node that is constructing the Kubernetes master node or has built the Kubernetes master node among the plurality of available nodes;
  • An execution unit configured to determine, if the node of the Kubernetes master node is established or the node that has built the Kubernetes master node, the plurality of available nodes are determined to be corresponding to the configuration file among the plurality of available nodes. The operation of the node to be deployed.
  • the calling unit 63 includes:
  • An obtaining unit configured to obtain, from a binary file server, a binary configuration file associated with the Kubernetes primary node
  • a startup unit configured to start a script component preset in the Ansible tool, so that the Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures a primary node of the Kubernetes Operating environment.
  • the Kubernetes master node includes a database component, an interface service component, a control component, and a scheduling component
  • the startup unit includes:
  • a deployment unit configured to deploy the database component by using the Ansible tool, where network configuration data is obtained from the configuration file, and the network configuration data is loaded to the database component;
  • a deployment unit configured to sequentially deploy the interface service component, the control component, and the scheduling component, wherein the address of the Kubernetes master node is configured according to the configuration file.
  • the terminal device further includes:
  • a certificate generating unit configured to generate a first security certificate and a second security certificate based on the configuration file, where the first security certificate is used to control access rights of the database component, and the second security certificate is used to control the interface service Access rights to components;
  • a configuration unit configured to configure the first security certificate to the database component and the interface service component, and configure the second security certificate to the interface service component.
  • FIG. 9 is a schematic diagram of a terminal device according to an embodiment of the present application.
  • the terminal device 9 of this embodiment includes a processor 90 and a memory 91 in which computer readable instructions 92 executable on the processor 90 are stored, for example, based on an Ansible tool.
  • the program to build the Kubernetes master node.
  • the processor 90 executes the computer readable instructions 92, the steps in the method embodiments for automatically setting up the Kubernetes master node based on the Ansible tool are implemented, for example, steps S101 to S103 shown in FIG.
  • the processor 90 executes the computer readable instructions 92
  • the functions of the units in the apparatus embodiment for automatically setting up the Kubernetes master node based on the Ansible tool are implemented, such as the functions of the units 61 to 63 shown in FIG. 6.
  • the computer readable instructions 92 may be partitioned into one or more modules/units that are stored in the memory 91 and executed by the processor 90, To complete this application.
  • the one or more modules/units may be a series of computer readable instruction segments capable of performing a particular function, the instruction segments being used to describe the execution of the computer readable instructions 92 in the terminal device 9.
  • the computer readable instructions 92 may be partitioned into an add unit, a determination unit, and a call unit, each unit having a specific function as described above.
  • the terminal device may include, but is not limited to, a processor 90 and a memory 91. It will be understood by those skilled in the art that FIG. 9 is only an example of the terminal device 9, does not constitute a limitation of the terminal device 9, may include more or less components than those illustrated, or combine some components, or different components.
  • the terminal device may further include an input/output device, a network access device, a bus, and the like.
  • the so-called processor 90 can be a central processing unit (Central Processing Unit, CPU), can also be other general-purpose processors, digital signal processors (DSP), application specific integrated circuits (Application Specific Integrated Circuit (ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc.
  • the general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
  • the memory 91 may be an internal storage unit of the terminal device 9, such as a hard disk or a memory of the terminal device 9.
  • the memory 91 may also be an external storage device of the terminal device 9, for example, a plug-in hard disk equipped on the terminal device 9, a smart memory card (SMC), and a secure digital (SD). Card, flash card, etc. Further, the memory 91 may also include both an internal storage unit of the terminal device 9 and an external storage device.
  • the memory 91 is configured to store the computer readable instructions and other programs and data required by the terminal device.
  • the memory 91 can also be used to temporarily store data that has been output or is about to be output.
  • each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
  • the integrated unit if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium.
  • a computer readable storage medium A number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present application.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Stored Programmes (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present solution is applicable to the technical field of data processing, and provides a method for automatically building a Kubernetes master node on the basis of an Ansible tool, a terminal device, and a computer-readable storage medium. The method comprises: adding creation parameters input by a user and related to a Kubernetes master node to a preset configuration template to generate a configuration file; determining a node to be deployed corresponding to the configuration file among multiple available nodes, wherein the available nodes are available physical nodes or virtual machine nodes; and invoking an Ansible tool to build the Kubernetes master node in the node to be deployed on the basis of the configuration file. The present solution achieves automatic building of a Kubernetes master node by means of an Ansible tool and improves the building efficiency of the Kubernetes master node.

Description

基于Ansible工具自动搭建Kubernetes主节点的方法、装置、终端设备及可读存储介质Method, device, terminal device and readable storage medium for automatically building Kubernetes master node based on Ansible tool

本申请要求于2018年05月14日提交中国专利局、申请号为201810456299.X、发明名称为“基于Ansible工具自动搭建Kubernetes主节点的方法及终端设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application filed on May 14, 2018, the Chinese Patent Office, the application number is 201810456299.X, and the invention is entitled "Method and terminal device for automatically building the Kubernetes master node based on the Ansible tool". The content is incorporated herein by reference.

技术领域Technical field

本申请属于数据处理技术领域,尤其涉及基于Ansible工具自动搭建Kubernetes主节点的方法、装置、终端设备及计算机可读存储介质。The present application belongs to the field of data processing technologies, and in particular, to a method, a device, a terminal device and a computer readable storage medium for automatically setting up a Kubernetes master node based on an Ansible tool.

背景技术Background technique

传统的虚拟化技术,如hypervisor虚拟化技术在性能和资源使用率等方面存在不足,而容器(container)技术通过将单个操作系统管理的资源划分到孤立的组中,提升了资源使用率,逐渐成为研究热门。容器可理解为一种沙盒,每个容器内运行一个应用,不同的容器相互隔离,但可在容器之间建立通信机制。Docker提供的容器技术允许在同一台,每个容器为一个独立的虚拟环境或应用。Traditional virtualization technologies, such as hypervisor virtualization technology, have shortcomings in terms of performance and resource usage, while container technology improves resource utilization by dividing resources managed by a single operating system into isolated groups. Become a research hotspot. A container can be understood as a sandbox in which one application runs, and different containers are isolated from each other, but a communication mechanism can be established between the containers. The container technology provided by Docker allows for the same, each container being a separate virtual environment or application.

Kubernetes为开源的容器编排工具,其可以实现将若干个容器组合成一个服务以及动态地分配容器运行的主机等功能,为用户使用容器提供了极大的便利。要使用Kubernetes,需要搭建Kubernetes集群,而Kubernetes集群包括主节点和从节点两类节点,其中主节点负责对Kubernetes集群中所有资源进行管控和调度,故首先进行主节点的搭建。但是,在现有技术中搭建Kubernetes主节点时,搭建过程中的每个步骤需要用户进行手动配置,搭建效率低。Kubernetes is an open source container orchestration tool that combines the functions of combining several containers into one service and dynamically allocating hosts running on the container, providing great convenience for users to use the container. To use Kubernetes, Kubernetes clusters need to be built. Kubernetes clusters include two types of nodes: master node and slave node. The master node is responsible for the management and scheduling of all resources in the Kubernetes cluster. Therefore, the master node is built first. However, when the Kubernetes master node is built in the prior art, each step in the setup process requires manual configuration by the user, and the construction efficiency is low.

技术问题technical problem

有鉴于此,本申请实施例提供了基于Ansible工具自动搭建Kubernetes主节点的方法、装置、终端设备及计算机可读存储介质,以解决现有技术中搭建Kubernetes主节点的效率低的问题。In view of this, the embodiment of the present application provides a method, an apparatus, a terminal device, and a computer readable storage medium for automatically setting up a Kubernetes master node based on an Ansible tool, so as to solve the problem of low efficiency of building a Kubernetes master node in the prior art.

技术解决方案Technical solution

本申请实施例的第一方面提供了一种基于Ansible工具自动搭建Kubernetes主节点的方法,通过执行预设的部署脚本完成Kubernetes主节点的搭建,包括:The first aspect of the embodiment of the present application provides a method for automatically setting up a Kubernetes master node based on an Ansible tool, and completing a Kubernetes master node by executing a preset deployment script, including:

将用户输入的与Kubernetes主节点相关的创建参数添加至预设的配置模板,生成配置文件;Adding a user-entered creation parameter related to the Kubernetes master node to a preset configuration template to generate a configuration file;

在多个可用节点中确定与所述配置文件对应的待部署节点,其中,所述可用节点为可用的物理节点或虚拟机节点;Determining a node to be deployed corresponding to the configuration file among a plurality of available nodes, wherein the available node is an available physical node or a virtual machine node;

调用Ansible工具,基于所述配置文件在所述待部署节点中搭建所述Kubernetes主节点。Calling the Ansible tool to build the Kubernetes master node in the to-be-deployed node based on the configuration file.

本申请实施例的第二方面提供了一种基于Ansible工具自动搭建Kubernetes主节点的装置,可以包括用于实现上述基于Ansible工具自动搭建Kubernetes主节点的方法的步骤的单元。A second aspect of the embodiments of the present application provides an apparatus for automatically setting up a Kubernetes master node based on an Ansible tool, and may include a unit for implementing the steps of the foregoing method for automatically setting a Kubernetes master node based on an Ansible tool.

本申请实施例的第三方面提供了一种终端设备,包括存储器以及处理器,所述存储器中存储有可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现上述基于Ansible工具自动搭建Kubernetes主节点的方法的步骤。A third aspect of the embodiments of the present application provides a terminal device, including a memory and a processor, where the computer stores computer readable instructions executable on the processor, the processor executing the computer The steps of the above method for automatically setting up the Kubernetes master node based on the Ansible tool are implemented when the instruction is read.

本申请实施例的第四方面提供了一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,所述计算机可读指令被处理器执行时实现上述基于Ansible工具自动搭建Kubernetes主节点的方法的步骤。A fourth aspect of the embodiments of the present application provides a computer readable storage medium storing computer readable instructions, which are implemented by a processor to implement the above-described automatic build based on an Ansible tool. The steps of the Kubernetes master node method.

有益效果Beneficial effect

本申请实施例通过执行预设的部署脚本完成Kubernetes主节点的搭建,包括将用户输入的与Kubernetes主节点相关的创建参数填充至预设的配置模板,从而生成配置文件,从多个可用节点中确定与配置文件对应的待部署节点,其中,可用节点指的是可用的物理节点或虚拟机节点,最后自动调用Ansible工具,基于配置文件在待部署节点中搭建Kubernetes主节点,通过执行部署脚本实现了Kubernetes主节点的自动化搭建,提升了搭建效率。The embodiment of the present application completes the establishment of the Kubernetes master node by executing a preset deployment script, including filling the user-entered creation parameters related to the Kubernetes master node into a preset configuration template, thereby generating a configuration file from multiple available nodes. Determine the node to be deployed corresponding to the configuration file. The available node refers to the available physical node or virtual machine node. Finally, the Ansible tool is automatically invoked. Based on the configuration file, the Kubernetes master node is set up in the node to be deployed, and the deployment script is implemented. The automation of the Kubernetes main node has improved the construction efficiency.

附图说明DRAWINGS

图1是本申请实施例一中基于Ansible工具自动搭建Kubernetes主节点的方法的实现流程图;1 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool in Embodiment 1 of the present application;

图2是本申请实施例二中基于Ansible工具自动搭建Kubernetes主节点的方法的实现流程图;2 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool in Embodiment 2 of the present application;

图3是本申请实施例三中基于Ansible工具自动搭建Kubernetes主节点的方法的实现流程图;3 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool in Embodiment 3 of the present application;

图4是本申请实施例四中基于Ansible工具自动搭建Kubernetes主节点的方法的实现流程图;4 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool in Embodiment 4 of the present application;

图5是本申请实施例五中基于Ansible工具自动搭建Kubernetes主节点的方法的实现流程图;5 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool in Embodiment 5 of the present application;

图6是本申请实施例六中基于Ansible工具自动搭建Kubernetes主节点的装置的结构框图;6 is a structural block diagram of an apparatus for automatically setting up a Kubernetes master node based on an Ansible tool in Embodiment 6 of the present application;

图7是本申请实施例七中一个Kubernetes集群的示意图;7 is a schematic diagram of a Kubernetes cluster in Embodiment 7 of the present application;

图8是本申请实施例八中基于Kubernetes集群的区域结构图;8 is a regional structure diagram based on a Kubernetes cluster in Embodiment 8 of the present application;

图9是本申请实施例九中终端设备的示意图。FIG. 9 is a schematic diagram of a terminal device in Embodiment 9 of the present application.

本发明的实施方式Embodiments of the invention

为了对本申请的技术特征、目的和效果有更加清楚的理解,现对照附图详细说明本申请的具体实施方式。In order to more clearly understand the technical features, objects and effects of the present application, the specific embodiments of the present application will be described in detail with reference to the accompanying drawings.

请参阅图1,图1是本申请实施例提供的一种基于Ansible工具自动搭建Kubernetes主节点的方法的实现流程图。如图1所示,该方法包括以下步骤:Please refer to FIG. 1. FIG. 1 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool according to an embodiment of the present application. As shown in Figure 1, the method includes the following steps:

S101:将用户输入的与Kubernetes主节点相关的创建参数添加至预设的配置模板,生成配置文件。S101: Add a creation parameter related to the Kubernetes primary node input by the user to the preset configuration template to generate a configuration file.

在本申请实施例中,为了便于说明,首先对Kubernetes相关技术及Kubernetes主节点进行介绍。Kubernetes为一款自动化容器操作的容器编排工具,能够实现对容器的部署和调度,以及节点集群间扩展等功能,将安装有Kubernetes工具的物理服务器或虚拟机称作Kubernetes节点。通常来说,需要多个Kubernetes节点组建为Kubernetes集群(Kubernetes Cluster)以实现对容器的部署和管理。在一个Kubernetes集群内,有且只有一套控制单元,即Kubernetes主节点(Kubernetes Master),主要负责接收请求、资源调度以及进行管理,Kubernetes主节点的组成部分在后文进行具体阐述。除了Kubernetes主节点之外,通常Kubernetes集群内还包括Kubernetes主节点的多个下属对象,即多个Kubernetes从节点(Kubernetes Node),用于实际运行Kubernetes主节点分配的容器。In the embodiment of the present application, for convenience of description, the Kubernetes related technology and the Kubernetes master node are first introduced. Kubernetes is a container orchestration tool for automated container operations. It enables the deployment and scheduling of containers, as well as inter-cluster extensions. The physical server or virtual machine with Kubernetes tools is called the Kubernetes node. In general, multiple Kubernetes nodes are required to be formed as Kubernetes clusters (Kubernetes) Cluster) to achieve the deployment and management of the container. Within a Kubernetes cluster, there is one and only one control unit, the Kubernetes master node (Kubernetes) Master), mainly responsible for receiving requests, resource scheduling, and management. The components of the Kubernetes master node are described in detail later. In addition to the Kubernetes master node, the Kubernetes cluster usually includes multiple subordinate objects of the Kubernetes master node, that is, multiple Kubernetes Nodes (Kubernetes Node), which are used to actually run the container allocated by the Kubernetes master node.

相比于传统的在Kubernetes主节点的配置过程中的每个环节由用户手动编写代码进行配置,在本申请实施例中,通过执行预设的部署脚本完成Kubernetes主节点的自动搭建,具体通过执行部署脚本自动完成步骤S101至S103。值得一提的是,部署脚本为脚本文件,而脚本文件是确定的一系列控制计算机进行运算操作动作的组合,在其中可实现逻辑分支。优选地,部署脚本采用Shell语言编写,当然,根据应用场景不同,部署脚本也可采用其他适于编写脚本文件的语言进行编写。In the embodiment of the present application, the automatic establishment of the Kubernetes master node is performed by executing a preset deployment script, which is specifically performed by performing the configuration of the code in the configuration process of the Kubernetes master node. The deployment script automatically completes steps S101 to S103. It is worth mentioning that the deployment script is a script file, and the script file is a combination of a series of actions that control the computer to perform arithmetic operations, in which logical branches can be implemented. Preferably, the deployment script is written in the Shell language. Of course, depending on the application scenario, the deployment script can also be written in other languages suitable for writing script files.

可选地,从预存的多个部署脚本中确定与搭建主体对应的部署脚本,并执行该部署脚本。要进行Kubernetes主节点的搭建,除了存在待部署节点外,还应存在发起搭建动作的搭建主体,即发起搭建动作的用户的终端设备。而终端设备的环境如操作系统可能存在不同,比如终端设备可以在Windows操作系统下运行,也可以在Linux操作系统下运行,而对于终端设备的不同环境,搭建Kubernetes主节点的代码也会出现不同,进而可预先编写多个部署脚本,每一个部署脚本对应一种环境的终端设备。在本申请实施例中,将多个部署脚本进行预先存储,比如可存储在云服务器中,并在搭建主体发出搭建Kubernetes主节点的指令后,根据搭建主体的环境从云服务器中确定对应的部署脚本,并自动执行该部署脚本,提升了部署脚本对搭建主体的适用性。Optionally, the deployment script corresponding to the build body is determined from the pre-stored multiple deployment scripts, and the deployment script is executed. To build the Kubernetes master node, in addition to the nodes to be deployed, there should be a building body that initiates the building action, that is, the terminal device of the user who initiated the building action. The environment of the terminal device may be different, such as the operating system. For example, the terminal device can run under the Windows operating system or the Linux operating system. For different environments of the terminal device, the code for building the Kubernetes master node may also be different. In turn, multiple deployment scripts can be pre-written, each of which corresponds to an environment terminal device. In the embodiment of the present application, a plurality of deployment scripts are pre-stored, for example, may be stored in a cloud server, and after the building entity issues an instruction to set up a Kubernetes master node, the corresponding deployment is determined from the cloud server according to the environment of the building entity. Scripts and automate the deployment script to improve the applicability of the deployment script to the build body.

可选地,向用户提供搭建Kubernetes主节点的搭建选项,搭建选项可以以图形化界面或者命令行的形式呈现,在获取到用户关于该搭建选项的确认结果,即获取到用户搭建Kubernetes主节点的指令后,执行从预存的多个部署脚本中确定与搭建主体对应的部署脚本的操作。通过向用户提供搭建选项,提升了获取关于搭建Kubernetes主节点的指令的有效性和便捷性。Optionally, the user is provided with a setup option for setting up a Kubernetes master node, and the setup option may be presented in the form of a graphical interface or a command line. After obtaining the confirmation result of the user about the setup option, the user is configured to build the Kubernetes master node. After the instruction, an operation of determining a deployment script corresponding to the build body from the plurality of pre-stored deployment scripts is performed. By providing the user with the build options, the effectiveness and convenience of obtaining instructions for building the main Kubernetes node is improved.

在部署脚本执行过程中,首先将用户输入的与Kubernetes主节点相关的创建参数添加至预设的配置模板,自动生成配置文件。其中,与Kubernetes主节点相关的创建参数包括Kubernetes主节点的属性参数,比如安装版本、Kubernetes主节点的地址、运行Kubernetes主节点的节点标识(名称)以及区域标识等,创建参数还包括构成Kubernetes主节点各个节点组件的属性参数等。在本申请实施例中,由于创建参数的内容格式能够预先确定,故可根据创建参数的内容格式预先设置配置模板,配置模板中包含创建参数各个内容格式的名称,便于用户输入与各个名称对应的内容,从而提升了创建参数输入的规范性,降低了创建参数输入出错的可能。将用户输入的创建参数添加至配置模板后,可生成配置文件,在后续步骤中根据配置文件进行Kubernetes主节点的搭建。During the execution of the deployment script, the creation parameters related to the Kubernetes master node input by the user are first added to the preset configuration template, and the configuration file is automatically generated. The creation parameters related to the Kubernetes master node include the attribute parameters of the Kubernetes master node, such as the installation version, the address of the Kubernetes master node, the node identifier (name) of the main Kubernetes node, and the area identifier. The creation parameters also include the composition of the Kubernetes master. Attribute parameters of each node component of the node, etc. In the embodiment of the present application, since the content format of the created parameter can be determined in advance, the configuration template can be preset according to the content format of the created parameter, and the configuration template includes the name of each content format of the created parameter, so that the user can input the corresponding name. Content, which improves the normativeness of creating parameter inputs and reduces the possibility of creating parameter input errors. After the creation parameters entered by the user are added to the configuration template, a configuration file can be generated, and the Kubernetes master node is built according to the configuration file in the subsequent steps.

S102:在多个可用节点中确定与所述配置文件对应的待部署节点,其中,所述可用节点为可用的物理节点或虚拟机节点。S102: Determine, to be deployed, a node to be deployed corresponding to the configuration file, where the available node is an available physical node or a virtual machine node.

在本申请实施例中,将多个可用节点存放的资源区域称为公共服务区,公共服务区用于部署为用户提供具体服务的程序或服务,即公共服务区内的多个可用节点都具备部署Kubernetes主节点的条件,其中,可用节点为可用的物理节点或虚拟机节点。由于配置文件中包含运行Kubernetes主节点的节点标识(名称)以及区域标识,故可从多个可用节点确定出与配置文件对应的节点,并将该节点作为待部署节点。In the embodiment of the present application, a resource area stored by a plurality of available nodes is referred to as a public service area, and the public service area is used to deploy a program or service that provides a specific service for the user, that is, multiple available nodes in the public service area are available. The condition for deploying the Kubernetes master node, where the available nodes are available physical nodes or virtual machine nodes. Since the configuration file contains the node identifier (name) of the primary node running Kubernetes and the area identifier, the node corresponding to the configuration file can be determined from multiple available nodes, and the node is used as the node to be deployed.

S103:调用Ansible工具,基于所述配置文件在所述待部署节点中搭建所述Kubernetes主节点。S103: Call the Ansible tool to build the Kubernetes master node in the to-be-deployed node based on the configuration file.

传统工具的如kops工具等虽然能够进行对Kubernetes主节点的搭建,但是在具体的搭建环节中,仍需要用户人工编写代码,进行如Kubernetes主节点的地址的配置。在本申请实施例中,调用Ansible工具,Ansible工具基于配置文件自动在待部署节点中搭建Kubernetes主节点。需要说明的是,Ansible工具是基于Python语言实现的自动化运维管理工具,相比于另一些如服务器/客户端架构的工具,Ansible工具不需要在待部署节点上部署客户端代理。在搭建主体上安装Ansible工具后,Ansible工具可通过向待部署节点发送安全外壳协议(Secure Shell,SSH)命令来实现待部署节点与搭建主体间的通信。在部署脚本的执行过程中,当配置文件和待部署节点确定后,自动调用Ansible工具,根据配置文件中的创建参数在待部署节点中对Kubernetes主节点相关的节点组件进行配置,配置完成后,即是在待部署节点中成功搭建Kubernetes主节点。值得一提的是,步骤S102中,可在部署脚本的执行下,搭建主体自动向公共服务区的管理程序发送基于配置文件的查询指令,从而确定待部署节点;也可在部署脚本的执行下,搭建主体直接通过Ansible工具,基于配置文件从多个可用节点中确定待部署节点。Although the traditional tools such as the kops tool can build the Kubernetes master node, in the specific construction process, the user still needs to manually write code to perform the configuration of the address of the Kubernetes master node. In the embodiment of the present application, the Ansible tool is invoked, and the Ansible tool automatically builds a Kubernetes master node in the node to be deployed based on the configuration file. It should be noted that the Ansible tool is an automated operation and maintenance management tool based on the Python language. Compared to other tools such as server/client architecture, the Ansible tool does not need to deploy a client agent on the node to be deployed. After installing the Ansible tool on the build body, the Ansible tool can send a secure shell protocol to the node to be deployed (Secure Shell, SSH) commands to implement communication between the node to be deployed and the building entity. During the execution of the deployment script, after the configuration file and the node to be deployed are determined, the Ansible tool is automatically invoked, and the node components related to the Kubernetes master node are configured in the node to be deployed according to the creation parameters in the configuration file. After the configuration is completed, That is, the Kubernetes master node is successfully built in the node to be deployed. It is worth mentioning that, in step S102, the host may automatically send a configuration file-based query instruction to the management program of the public service area to determine the node to be deployed under the execution of the deployment script, or may be executed under the execution of the deployment script. The building entity directly determines the node to be deployed from among the available nodes based on the configuration file directly through the Ansible tool.

可选地,对待部署节点配置SSH免密登录。在搭建主体上安装Ansible工具后,可将搭建主体看作SSH服务器,将待部署节点看作SSH客户端(这里的SSH服务器和SSH客户端并不代表Ansible工具使用服务器/客户端架构,只是为了方便进行SSH通信,搭建过程的简易性高),为了方便搭建主体和待部署节点之间进行通信,进一步提升搭建效率,可获取在搭建主体中通过SSH密钥命令生成的密钥对(包含私钥和公钥),并将公钥分发至待部署节点,保存在待部署节点的存储空间内,从而使得待部署节点能够实现免密登录。Optionally, configure SSH-free login for the node to be deployed. After installing the Ansible tool on the main body, you can view the building entity as an SSH server and treat the node to be deployed as an SSH client (the SSH server and SSH client here do not represent the Ansible tool to use the server/client architecture, just to It is convenient for SSH communication, and the construction process is highly simple. In order to facilitate communication between the main body and the node to be deployed, and further improve the construction efficiency, the key pair generated by the SSH key command in the construction body can be obtained (including private The key and the public key are distributed to the node to be deployed and stored in the storage space of the node to be deployed, so that the node to be deployed can implement the password-free login.

通过图1所示实施例可知,在本申请实施例中,通过执行预设的部署脚本完成Kubernetes主节点的搭建,具体在部署脚本的执行过程中,将用户输入的与Kubernetes主节点相关的创建参数添加至预设的配置模板,生成配置文件,在多个可用的物理节点或虚拟机节点中确定与配置文件对应的待部署节点,最后调用Ansible工具,基于配置文件在待部署节点中搭建Kubernetes主节点,实现了Kubernetes主节点的自动搭建,减少了传统配置过程中人为出错的可能性,提升了Kubernetes主节点的搭建效率。The embodiment shown in FIG. 1 shows that, in the embodiment of the present application, the establishment of the Kubernetes master node is completed by executing a preset deployment script, and specifically, the user-entered creation related to the Kubernetes master node is performed during the execution of the deployment script. Add parameters to the preset configuration template, generate a configuration file, determine the node to be deployed corresponding to the configuration file among the available physical nodes or virtual machine nodes, and finally call the Ansible tool to build Kubernetes in the node to be deployed based on the configuration file. The master node realizes the automatic establishment of the Kubernetes master node, which reduces the possibility of human error in the traditional configuration process and improves the building efficiency of the Kubernetes master node.

请参阅图2,图2是本申请实施例二提供的一种基于Ansible工具自动搭建Kubernetes主节点的方法的实现流程图。相对于图1对应的实施例,本实施例对S102之前的过程进行细化后得到S201~S202,详述如下:Referring to FIG. 2, FIG. 2 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool according to Embodiment 2 of the present application. With respect to the embodiment corresponding to FIG. 1, the embodiment refines the process before S102 to obtain S201~S202, which are as follows:

S201:检测所述多个可用节点中是否存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点。S201: Detect whether there is a node that is building the Kubernetes master node or has built the Kubernetes master node among the plurality of available nodes.

在从公共服务区的多个可用节点中确定待部署节点之前,首先检测多个可用节点中是否存在正在搭建Kubernetes主节点或已搭建Kubernetes主节点的节点,并根据检测的结果执行不同的操作,其中,本步骤中的Kubernetes主节点是指与配置文件中的属性参数相符的节点。具体地,向多个可用节点发送对应的检测命令,并接收多个可用节点关于检测命令的反馈,以进行Kubernetes主节点的检测。Before determining the node to be deployed from among the plurality of available nodes in the public service area, first detecting whether there are nodes of the plurality of available nodes that are building the Kubernetes master node or the established Kubernetes master node, and performing different operations according to the detected result, The Kubernetes master node in this step refers to the node that matches the attribute parameters in the configuration file. Specifically, a corresponding detection command is sent to a plurality of available nodes, and feedback of the plurality of available nodes regarding the detection command is received to perform detection by the Kubernetes master node.

S202:若所述多个可用节点中不存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点,则执行所述在多个可用节点中确定与所述配置文件对应的待部署节点的操作。S202: If there is no node that is setting up the Kubernetes master node or the Kubernetes master node, the node to be deployed corresponding to the configuration file is determined among the multiple available nodes. The operation of the node.

若多个可用节点中存在正在搭建Kubernetes主节点或已搭建Kubernetes主节点的节点,则为了避免重复搭建带来的资源浪费,停止执行在多个可用节点中确定与配置文件对应的待部署节点及其后续的操作,即停止部署脚本的执行;若多个可用节点中不存在正在搭建Kubernetes主节点或已搭建Kubernetes主节点的节点,则证明Kubernetes主节点未被创建,正常执行在多个可用节点中确定与配置文件对应的待部署节点的操作。If there are nodes in the available nodes that are building the Kubernetes master node or the Kubernetes master node, the nodes to be deployed corresponding to the configuration files are determined to be stopped in the multiple available nodes in order to avoid the waste of resources caused by the repeated construction. The subsequent operation stops the execution of the deployment script; if there are no nodes in the available nodes that are building the Kubernetes master node or the Kubernetes master node, the Kubernetes master node is not created and is executed in multiple available nodes. Determine the operation of the node to be deployed corresponding to the configuration file.

通过图2所示实施例可知,在本申请实施例中,通过检测多个可用节点是否准备搭建或已搭建Kubernetes主节点,有效防止了重复搭建造成的资源浪费。It can be seen from the embodiment shown in FIG. 2 that in the embodiment of the present application, by detecting whether a plurality of available nodes are ready to be built or have built a Kubernetes master node, resource waste caused by repeated construction is effectively prevented.

请参阅图3,图3是本申请实施例三提供的一种基于Ansible工具自动搭建Kubernetes主节点的方法的实现流程图。相对于图1对应的实施例,本实施例对S103细化后得到S301~S302,详述如下:Please refer to FIG. 3. FIG. 3 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool according to Embodiment 3 of the present application. With respect to the embodiment corresponding to FIG. 1, the embodiment obtains S301~S302 after S103 is refined, and the details are as follows:

S301:从二进制文件服务器中获取与所述Kubernetes主节点关联的二进制配置文件。S301: Obtain a binary configuration file associated with the Kubernetes master node from a binary file server.

在本申请实施例中,根据二进制配置文件进行Kubernetes主节点的搭建,二进制配置文件可以理解为Kubernetes主节点的安装文件,故首先从二进制文件服务器中获取该二进制配置文件。其中,二进制文件服务器是独立于Kubernetes主节点以及Kubernetes的集群的下载服务器,用于存放各类二进制文件及各类脚本。另外,可将部署脚本预先存储于二进制文件服务器中,并在需要搭建Kubernetes主节点时,从二进制文件服务器获取该部署脚本。In the embodiment of the present application, the Kubernetes master node is built according to the binary configuration file, and the binary configuration file can be understood as the installation file of the Kubernetes master node, so the binary configuration file is first obtained from the binary file server. Among them, the binary file server is a download server independent of the Kubernetes master node and the Kubernetes cluster, which is used to store various types of binary files and various types of scripts. In addition, the deployment script can be pre-stored in the binary file server, and the deployment script can be obtained from the binary file server when the Kubernetes primary node needs to be built.

S302:启动所述Ansible工具中预设的剧本组件,以使所述Ansible工具根据所述剧本组件在所述待部署节点中安装所述二进制配置文件,并配置所述Kubernetes主节点的运行环境。S302: Start a script component preset in the Ansible tool, so that the Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures an operating environment of the Kubernetes master node.

获取到二进制配置文件后,启动Ansible工具中预设的剧本组件,即Playbooks,以使Ansible工具根据剧本组件在待部署节点中安装二进制配置文件,并配置Kubernetes主节点的运行环境。剧本组件是Ansible工具中用于进行对远程的节点进行配置的组件,其内可描述对远程的节点进行操作的步骤。剧本组件可包含多个元素列表,每个元素列表针对一个主机,故剧本组件可使Ansible工具对多个主机进行有序操作。剧本组件的元素列表下,存在任务列表(tasks),任务列表下的每个任务(task)都是一次对Ansible工具的调用。在本申请实施例中,以待部署节点仅为一个的情况进行说明,则在预设的剧本组件中,只设置一个元素列表,而Kubernetes主节点存在多个节点组件,故在剧本组件单个元素列表的任务列表中,设置与多个节点组件对应的多个配置任务。After obtaining the binary configuration file, start the script component preset in the Ansible tool, that is, Playbooks, so that the Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures the operating environment of the Kubernetes master node. The script component is a component of the Ansible tool for configuring a remote node, which describes the steps for operating a remote node. The script component can contain a list of multiple elements, each of which is for a host, so the script component allows the Ansible tool to order multiple hosts. Under the element list of the script component, there are task lists (tasks), and each task under the task list is a call to the Ansible tool. In the embodiment of the present application, when only one node to be deployed is described, only one element list is set in the preset script component, and the Kubernetes main node has multiple node components, so a single element in the script component. In the task list of the list, multiple configuration tasks corresponding to multiple node components are set.

以其中一个节点组件进行说明,该节点组件对应的配置任务可以是:The description is performed by one of the node components, and the corresponding configuration task of the node component can be:

(1)将二进制配置文件中与该节点组件对应的二进制文件复制至二进制目录下,一般为/usr/bin目录,可理解为安装与该节点组件对应的二进制文件;(1) Copy the binary file corresponding to the node component in the binary configuration file to a binary directory, which is generally a /usr/bin directory, which can be understood as installing a binary file corresponding to the node component;

(2)创建该节点组件对应的启动服务文件,其中,启动服务文件用于启动该节点组件对应的服务;(2) creating a startup service file corresponding to the node component, where the startup service file is used to start a service corresponding to the node component;

(3)创建启动服务文件中的参数文件,其中,参数文件用于描述该节点组件的地址等参数,根据配置文件配置该参数文件;(3) creating a parameter file in the startup service file, wherein the parameter file is used to describe parameters such as the address of the node component, and the parameter file is configured according to the configuration file;

(4)将启动服务文件配置为开机启动,具体可使用systemctl命令进行配置。当上述的(1)、(2)、(3)和(4)完成后,即完成对该节点组件的配置。(4) Configure the startup service file to be booted. You can use the systemctl command to configure it. When the above (1), (2), (3), and (4) are completed, the configuration of the node component is completed.

由上可知,在Ansible工具中预设的剧本组件中,只能预设配置节点组件的步骤和方式,在具体实施中,还需要依据配置文件进行Kubernetes主节点的多个节点组件的配置。当多个节点组件都配置完毕后,完成对Kubernetes主节点的运行环境的配置,即Kubernetes主节点搭建完成。It can be seen from the above that in the script component preset in the Ansible tool, only the steps and methods of configuring the node component can be preset. In the specific implementation, the configuration of multiple node components of the Kubernetes master node is also required according to the configuration file. After the configuration of multiple node components is completed, the configuration of the operating environment of the Kubernetes master node is completed, that is, the Kubernetes master node is set up.

通过图3所示实施例可知,在本申请实施例中,首先从二进制文件服务器中获取与Kubernetes主节点关联的二进制配置文件,启动Ansible工具中的剧本组件,以使Ansible工具根据剧本组件中预设的任务完成二进制配置文件的安装和Kubernetes主节点的多个节点组件的配置,当多个节点组件配置完成后,完成对Kubernetes主节点运行环境的配置,通过获取二进制配置文件提升了搭建Kubernetes主节点的便利性,并且通过运行预设的剧本组件进一步提升了搭建Kubernetes主节点的自动化程度。As shown in the embodiment shown in FIG. 3, in the embodiment of the present application, the binary configuration file associated with the Kubernetes master node is first obtained from the binary file server, and the script component in the Ansible tool is started, so that the Ansible tool is pre-processed according to the script component. The task is to complete the installation of the binary configuration file and the configuration of the multiple node components of the Kubernetes master node. After the configuration of the multiple node components is completed, the configuration of the Kubernetes master node running environment is completed, and the Kubernetes master is improved by obtaining the binary configuration file. The convenience of the node and the automation of building the Kubernetes master node is further improved by running the preset script component.

请参阅图4,图4是本申请实施例四提供的一种基于Ansible工具自动搭建Kubernetes主节点的方法的实现流程图。相对于图3对应的实施例,本实施例在Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件的基础上,对S302细化后得到S401~S402,详述如下:Referring to FIG. 4, FIG. 4 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool according to Embodiment 4 of the present application. With respect to the embodiment corresponding to FIG. 3, in this embodiment, based on the Kubernetes master node including the database component, the interface service component, the control component, and the scheduling component, the S302 is refined to obtain S401~S402, which are as follows:

S401:通过所述Ansible工具部署所述数据库组件,其中,从所述配置文件中获取网络配置数据,并将所述网络配置数据加载至所述数据库组件。S401: Deploy the database component by using the Ansible tool, wherein network configuration data is obtained from the configuration file, and the network configuration data is loaded to the database component.

在本申请实施例中,Kubernetes主节点包括数据库(Etcd)组件、接口服务(Kube ApiServer)组件、控制(Kube Controller Manager)组件以及调度(Kube Scheduler)组件。为了便于解释本申请实施例的内容,提供了如图7所示的一个Kubernetes集群的示意图,在图7中,Master代表Kubernetes主节点,Controller Manager代表控制组件,Scheduler代表调度组件,ApiServer代表接口服务组件,Etcd代表数据库组件,最下方的Node代表Kubernetes从节点。值得一提的是,在搭建Kubernetes主节点,即配置Kubernetes主节点下的各个组件前,需关闭防火墙,基于防火墙策略实现最小化的网络打通,即将搭建主体所在的区域和待部署节点所在的公共服务区之间的网络打通。In the embodiment of the present application, the Kubernetes master node includes a database (Etcd) component, an interface service (Kube ApiServer) component, and a control (Kube). Controller Manager) components and scheduling (Kube Scheduler) components. To facilitate the explanation of the content of the embodiment of the present application, a schematic diagram of a Kubernetes cluster as shown in FIG. 7 is provided. In FIG. 7, the Master represents the Kubernetes master node, and the Controller The Manager represents the control component, the Scheduler represents the scheduling component, the ApiServer represents the interface service component, the Etcd represents the database component, and the lowest node represents the Kubernetes slave node. It is worth mentioning that before setting up the Kubernetes master node, that is, configuring the components under the Kubernetes master node, you need to turn off the firewall. Based on the firewall policy, minimize the network access, and the area where the main body is located and the public node where the node to be deployed is located. The network between the service areas is open.

数据库组件是分布式键值存储服务,通过分布式Raft算法来保证数据一致性,并且提供基于超文本传输协议(HyperText Transfer Protocol,HTTP)和JavaScript 对象标记语言(JavaScript Object Notation,JSON)的应用程序编程接口(Application Programming Interface,API)。在本申请实施例中,数据库组件用于配置管理、数据存储及作为分布式锁,通过Ansible工具进行数据库组件的部署。具体地,Ansible工具依照剧本组件中的任务,从二进制配置文件中获取与数据库组件对应的二进制文件,将该二进制文件复制至二进制目录下,创建数据库组件的启动服务文件,并创建该启动服务文件中的参数文件,将配置文件中的网络配置数据添加至参数文件中,最后将启动服务文件配置为开机启动,其中,网络配置数据是指配置文件中与数据库组件相关的监听统一资源定位符(Uniform Resource Locator,URL)和告知URL等,监听URL用于数据库组件与Kubernetes从节点进行通信,告知URL用于数据库组件与接口服务组件进行通信。The database component is a distributed key-value storage service that guarantees data consistency through a distributed Raft algorithm and provides a hypertext transfer protocol (HyperText). Transfer Protocol, HTTP) and JavaScript object markup language (JavaScript Object Notation, JSON) Application Programming Interface (API). In the embodiment of the present application, the database component is used for configuration management, data storage, and as a distributed lock, and the database component is deployed through the Ansible tool. Specifically, the Ansible tool obtains a binary file corresponding to the database component from the binary configuration file according to the task in the script component, copies the binary file to a binary directory, creates a startup service file of the database component, and creates the startup service file. The parameter file in the configuration file adds the network configuration data in the configuration file to the parameter file, and finally configures the startup service file to be booted. The network configuration data refers to the monitoring uniform resource locator associated with the database component in the configuration file ( Uniform Resource Locator, URL) and notification URL, etc., the listener URL is used by the database component to communicate with the Kubernetes slave node, and the URL is used for the database component to communicate with the interface service component.

S402:依次部署所述接口服务组件、所述控制组件以及所述调度组件,其中,根据所述配置文件配置所述Kubernetes主节点的地址。S402: Deploy the interface service component, the control component, and the scheduling component in sequence, where an address of the Kubernetes master node is configured according to the configuration file.

数据库组件部署完成后,继续部署接口服务组件。如图7所示,在Kubernetes主节点中,接口服务组件负责与数据库组件进行数据交互,值得一提的是,除了接口服务组件外,Kubernetes主节点的其他节点组件不会直接操作数据库组件。接口服务组件是Kubernetes主节点的数据中心,管理Kubernetes集群的应用程序编程接口。配置接口服务组件的过程与配置数据库组件类似,只是在配置接口服务组件对应的参数文件时,主要从配置文件中提取出接口服务组件的服务地址以及上述的告知URL,并添加至参数文件中。通过在接口服务组件的参数文件中配置告知URL,方便接口服务组件能够通过告知URL访问数据库组件,而服务地址是为了方便除接口服务组件和数据库组件之外的其他节点组件能够与接口服务组件进行数据交互。After the database component deployment is complete, continue to deploy the interface service components. As shown in Figure 7, in the Kubernetes master node, the interface service component is responsible for data interaction with the database component. It is worth mentioning that, in addition to the interface service component, other node components of the Kubernetes master node do not directly manipulate the database component. The interface service component is the data center of the Kubernetes master node, which manages the application programming interface of the Kubernetes cluster. The process of configuring the interface service component is similar to that of the configuration database component. When the parameter file corresponding to the interface service component is configured, the service address of the interface service component and the above notification URL are extracted from the configuration file and added to the parameter file. By configuring the notification URL in the parameter file of the interface service component, the interface service component can access the database component by telling the URL, and the service address is for the convenience of the interface component and other node components except the interface service component and the database component. Data interaction.

控制组件为Kubernetes集群的管理控制中心,保证Kubernetes集群中各种资源的状态处于正常状态,当监控到Kubernetes集群中某个资源状态不正常时,控制组件会触发调度操作,控制组件包括节点控制器(Node Controller)和副本控制器(Replication Controller)等。调度组件负责对Kubernetes集群中的容器进行编排,具体负责将容器调度到具体的Kubernetes从节点。调度组件通过接口服务组件提供的应用程序编程接口监听容器,获取待调度容器,并根据预设的排序机制对各个Kubernetes从节点进行排序,将容器调度至排序首位的Kubernetes从节点。对控制组件和调度组件的配置过程与上述对数据库组件的配置过程类似,只是在配置控制组件对应的参数文件以及在配置调度组件对应的参数文件时,从配置文件中获取Kubernetes主节点的地址,并添加至参数文件中。值得一提的是,控制组件和调度组件一般位于同一个节点,故配置的控制组件本身的地址和调度组件本身的地址通常相同。当数据库组件、接口服务组件、控制组件以及调度组件部署完毕后,即表示Kubernetes主节点搭建完成。The control component is the management and control center of the Kubernetes cluster, ensuring that the status of various resources in the Kubernetes cluster is in a normal state. When monitoring the status of a resource in the Kubernetes cluster is abnormal, the control component triggers the scheduling operation, and the control component includes the node controller. (Node Controller) and copy controller (Replication Controller). The scheduling component is responsible for orchestrating the containers in the Kubernetes cluster, and is responsible for dispatching the containers to specific Kubernetes slave nodes. The scheduling component listens to the container through the application programming interface provided by the interface service component, obtains the container to be scheduled, and sorts each Kubernetes slave node according to a preset sorting mechanism, and dispatches the container to the Kubernetes slave node of the first sort. The configuration process of the control component and the scheduling component is similar to the configuration process of the database component described above, except that when the parameter file corresponding to the control component is configured and the parameter file corresponding to the scheduling component is configured, the address of the Kubernetes master node is obtained from the configuration file. And added to the parameter file. It is worth mentioning that the control component and the scheduling component are generally located at the same node, so the address of the configured control component itself and the address of the scheduling component itself are usually the same. When the database component, interface service component, control component, and scheduling component are deployed, the Kubernetes master node is set up.

可选地,在配置完成Kubernetes主节点下的所有节点组件后,创建系统域名系统(Domain Name System,DNS)服务,在Kubernetes集群内部创建DNS服务后,容器之间可通过域名查找服务,便于容器之间构建服务。Optionally, after configuring all the node components under the Kubernetes master node, create a system domain name system (Domain Name System (DNS) service. After the DNS service is created inside the Kubernetes cluster, the domain name lookup service can be used between the containers to facilitate the construction of services between the containers.

可选地,创建dashboard,dashboard是Kubernetes集群的用户界面,便于用户通过dashboard对Kubernetes集群的资源进行查看及操作,提升了用户体验。Optionally, a dashboard is created, and the dashboard is a user interface of the Kubernetes cluster, which facilitates the user to view and operate the resources of the Kubernetes cluster through the dashboard, thereby improving the user experience.

通过图4所示实施例可知,在本申请实施例中,Ansible工具按照剧本组件中的任务依次部署数据库组件、接口服务组件、控制组件以及调度组件,其中,在部署数据库组件时,从配置文件中获取网络配置数据,并将网络配置数据加载至数据库组件对应的参数文件中,在部署控制组件和调度组件时,从配置文件中获取Kubernetes主节点的地址,将该地址加载至控制组件对应的参数文件和调度组件对应的参数文件中,按照次序进行Kubernetes主节点各个节点组件的部署,减少了出错可能,提升了搭建Kubernetes主节点的有序性。As shown in the embodiment shown in FIG. 4, in the embodiment of the present application, the Ansible tool sequentially deploys a database component, an interface service component, a control component, and a scheduling component according to tasks in the script component, wherein the configuration file is deployed when the database component is deployed. Obtain the network configuration data, and load the network configuration data into the parameter file corresponding to the database component. When deploying the control component and the scheduling component, obtain the address of the Kubernetes master node from the configuration file, and load the address to the corresponding component of the control component. In the parameter file corresponding to the parameter file and the scheduling component, the deployment of each node component of the Kubernetes master node is performed in order, which reduces the possibility of error and improves the orderliness of building the Kubernetes master node.

请参阅图5,图5是本申请实施例五提供的一种基于Ansible工具自动搭建Kubernetes主节点的方法的实现流程图。相对于图4对应的实施例,本实施例还包括:Referring to FIG. 5, FIG. 5 is a flowchart of an implementation of a method for automatically setting a Kubernetes master node based on an Ansible tool according to Embodiment 5 of the present application. With respect to the embodiment corresponding to FIG. 4, the embodiment further includes:

S501:基于所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制所述数据库组件的访问权限,第二安全证书用于控制所述接口服务组件的访问权限。S501: Generate a first security certificate and a second security certificate based on the configuration file, where the first security certificate is used to control access rights of the database component, and the second security certificate is used to control access rights of the interface service component. .

在本申请实施例中,由于数据库组件和接口服务组件经常进行数据交互,故为了提升上述两个节点组件的安全性,在部署数据库组件时,根据配置文件自动生成第一安全证书和第二安全证书,第一安全证书和第二安全证书都为安全套接字层(Secure Socket Layer,SSL)证书。其中,第一安全证书用于控制数据库组件的访问权限,第二安全证书用于控制接口服务组件的访问权限。In the embodiment of the present application, since the database component and the interface service component often perform data interaction, in order to improve the security of the two node components, when the database component is deployed, the first security certificate and the second security are automatically generated according to the configuration file. The certificate, the first security certificate and the second security certificate are all Secure Sockets Layer (Secure Socket Layer, SSL) certificate. The first security certificate is used to control access rights of the database component, and the second security certificate is used to control access rights of the interface service component.

S502:将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。S502: Configure the first security certificate to the database component and the interface service component, and configure the second security certificate to the interface service component.

将第一安全证书配置至数据库组件和接口服务组件中,配置完成并将数据库组件对应的启动服务文件配置为开机启动后,Kubernetes从节点和接口服务组件在与数据库组件进行数据交互之前,都需要经过第一安全证书的验证。同理,将第二安全证书配置至接口服务组件中,配置完成并将接口服务组件对应的启动服务文件配置为开机启动后,Kubernetes从节点在与接口服务组件进行数据交互之前,都需要经过第二安全证书的验证。值得一提的是,可将步骤S501和步骤S502预先写入至Ansible工具剧本组件的任务中,以实现自动配置。The first security certificate is configured into the database component and the interface service component, the configuration is completed, and the startup service file corresponding to the database component is configured to be booted, and the Kubernetes slave node and the interface service component need to perform data interaction with the database component. After verification of the first security certificate. Similarly, the second security certificate is configured into the interface service component, the configuration is completed, and the startup service file corresponding to the interface service component is configured to be booted, and the Kubernetes slave node needs to go through the data before interacting with the interface service component. Verification of the second security certificate. It is worth mentioning that step S501 and step S502 can be written in advance to the task of the Ansible tool script component to implement automatic configuration.

通过图5所示实施例可知,在本申请实施例中,基于配置文件生成第一安全证书和第二安全证书,并将第一安全证书配置至数据库组件和接口服务组件中,以控制数据库组件的访问权限,将第二安全证书配置至接口服务组件中,以控制接口服务组件的访问权限,提升了Kubernetes主节点以及Kubernetes集群的安全性。According to the embodiment shown in FIG. 5, in the embodiment of the present application, the first security certificate and the second security certificate are generated based on the configuration file, and the first security certificate is configured into the database component and the interface service component to control the database component. Access rights, the second security certificate is configured into the interface service component to control the access rights of the interface service component, and the security of the Kubernetes master node and the Kubernetes cluster is improved.

在本申请另一实施例中,可基于专有网络实现Kubernetes主节点及Kubernetes集群的搭建,如图8所示,提供了基于Kubernetes集群的区域结构图。首先对图8中的各个结构进行说明,用户专有网络(Virtual Private Cloud,VPC)是用户创建的自定义私有网络,不同的专有网络之间逻辑隔离,用户可在自己的专有网络中创建和管理云主机,实现负载均衡、安全访问控制等功能,VPC1和VPC2是不同用户创建的专有网络。可用区是为云平台服务提供具体服务的区域,包括公共服务区和具体的用户VPC区域,图8中的ECA和SCA为可用区的两个实例,分别代表华东区A和华南区A。公共服务区用于部署为用户提供具体服务的程序或服务,可以与用户VPC互通,公共服务区内包含资源池,资源池为可用节点的集合,Package Server代表二进制文件服务器,资源池内的master1和master2等代表可用节点,而VPC1和VPC2中的node用于构建Kubernetes从节点,不同用户的用户VPC之间默认隔离。管理区是相对于可用区更高一层的统称,能够通过Ansible工具对公共服务区进行管理,可以理解为上述的搭建主体。图8中管理区内的Manager代表Kubernetes Manager,是能够管理Kubernetes集群的管理程序。In another embodiment of the present application, the Kubernetes primary node and the Kubernetes cluster may be constructed based on a proprietary network. As shown in FIG. 8, a regional structure diagram based on the Kubernetes cluster is provided. First, the various structures in Figure 8 are described, the user-specific network (Virtual Private Cloud (VPC) is a user-created custom private network. Different private networks are logically isolated. Users can create and manage cloud hosts in their own private networks to implement load balancing and secure access control. VPC1 And VPC2 is a proprietary network created by different users. The available area is the area that provides specific services for the cloud platform service, including the public service area and the specific user VPC area. The ECA and SCA in Figure 8 are two instances of the available area, representing East China A and South China A respectively. The public service area is used to deploy a program or service that provides specific services for the user, and can communicate with the user VPC. The public service area includes a resource pool, the resource pool is a collection of available nodes, and the Package Server represents a binary file server, and the master1 in the resource pool. Master2 and so on represent the available nodes, while nodes in VPC1 and VPC2 are used to build Kubernetes slave nodes, and user VPCs of different users are isolated by default. The management area is a general level with respect to the higher level of the available area. The public service area can be managed by the Ansible tool, which can be understood as the above-mentioned construction main body. The Manager in the management area in Figure 8 represents the Kubernetes Manager, which is a hypervisor that can manage the Kubernetes cluster.

另外,图8的管理区中与Manager连接的DB代表数据库,与Manager连接的etcd集群代表数据库组件集群,其中,数据库用于存储数据,在图8中,数据库组件已提前搭建好,并在管理区中作为数据库组件集群,后续在资源池的可用节点中搭建Kubernetes主节点,部署Kubernetes主节点的多个节点组件时,若涉及到数据库组件,只需要将数据库组件的地址指向数据库组件集群。如图8所示,Kubernetes Manager通过调用Ansible工具对公共服务区的多个可用节点进行管理,当需要部署Kubernetes主节点时,Kubernetes Manager通过调用Ansible工具,从资源池内的多个可用节点中选取与配置文件对应的待部署节点,并在该待部署节点中部署Kubernetes主节点。部署完成后,可将用户VPC下的节点配置为Kubernetes从节点,与Kubernetes主节点组成Kubernetes集群。本申请实施例通过在用户的专有网络下搭建Kubernetes主节点以及Kubernetes集群,保证了不同Kubernetes集群间的隔离性。In addition, the DB connected to the Manager in the management area of FIG. 8 represents a database, and the etcd cluster connected to the Manager represents a database component cluster, wherein the database is used for storing data, and in FIG. 8, the database component has been set up in advance and is being managed. As a database component cluster in the zone, the Kubernetes master node is built in the available nodes of the resource pool. When multiple node components of the Kubernetes master node are deployed, if the database component is involved, only the address of the database component needs to point to the database component cluster. As shown in Figure 8, Kubernetes Manager manages multiple available nodes in the public service area by calling the Ansible tool. When you need to deploy the Kubernetes master node, Kubernetes The Manager selects the node to be deployed corresponding to the configuration file from multiple available nodes in the resource pool by using the Ansible tool, and deploys the Kubernetes master node in the node to be deployed. After the deployment is complete, the node under the user VPC can be configured as a Kubernetes slave node, and the Kubernetes cluster is formed with the Kubernetes master node. The embodiment of the present application ensures the isolation between different Kubernetes clusters by establishing a Kubernetes master node and a Kubernetes cluster under the user's proprietary network.

对应于上文实施例所述的一种基于Ansible工具自动搭建Kubernetes主节点的方法,图6示出了本申请实施例提供的一种基于Ansible工具自动搭建Kubernetes主节点的装置的一个结构框图,参照图6,该装置包括:Corresponding to the method for automatically setting up the Kubernetes master node based on the Ansible tool according to the above embodiment, FIG. 6 is a structural block diagram of an apparatus for automatically setting up the Kubernetes master node based on the Ansible tool according to the embodiment of the present application. Referring to Figure 6, the apparatus includes:

添加单元61,用于将用户输入的与Kubernetes主节点相关的创建参数添加至预设的配置模板,生成配置文件;The adding unit 61 is configured to add a creation parameter related to the Kubernetes master node input by the user to the preset configuration template, and generate a configuration file;

确定单元62,用于在多个可用节点中确定与所述配置文件对应的待部署节点,其中,所述可用节点为可用的物理节点或虚拟机节点;a determining unit 62, configured to determine, in the plurality of available nodes, a node to be deployed corresponding to the configuration file, where the available node is an available physical node or a virtual machine node;

调用单元63,用于调用Ansible工具,基于所述配置文件在所述待部署节点中搭建所述Kubernetes主节点。The calling unit 63 is configured to invoke the Ansible tool to build the Kubernetes master node in the to-be-deployed node based on the configuration file.

可选地,所述确定单元62,还包括:Optionally, the determining unit 62 further includes:

检测单元,用于检测所述多个可用节点中是否存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点;a detecting unit, configured to detect whether there is a node that is constructing the Kubernetes master node or has built the Kubernetes master node among the plurality of available nodes;

执行单元,用于若所述多个可用节点中不存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点,则执行所述在多个可用节点中确定与所述配置文件对应的待部署节点的操作。An execution unit, configured to determine, if the node of the Kubernetes master node is established or the node that has built the Kubernetes master node, the plurality of available nodes are determined to be corresponding to the configuration file among the plurality of available nodes. The operation of the node to be deployed.

可选地,所述调用单元63,包括:Optionally, the calling unit 63 includes:

获取单元,用于从二进制文件服务器中获取与所述Kubernetes主节点关联的二进制配置文件;An obtaining unit, configured to obtain, from a binary file server, a binary configuration file associated with the Kubernetes primary node;

启动单元,用于启动所述Ansible工具中预设的剧本组件,以使所述Ansible工具根据所述剧本组件在所述待部署节点中安装所述二进制配置文件,并配置所述Kubernetes主节点的运行环境。a startup unit, configured to start a script component preset in the Ansible tool, so that the Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures a primary node of the Kubernetes Operating environment.

可选地,Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件,所述启动单元,包括:Optionally, the Kubernetes master node includes a database component, an interface service component, a control component, and a scheduling component, and the startup unit includes:

部署单元,用于通过所述Ansible工具部署所述数据库组件,其中,从所述配置文件中获取网络配置数据,并将所述网络配置数据加载至所述数据库组件;a deployment unit, configured to deploy the database component by using the Ansible tool, where network configuration data is obtained from the configuration file, and the network configuration data is loaded to the database component;

依次部署单元,用于依次部署所述接口服务组件、所述控制组件以及所述调度组件,其中,根据所述配置文件配置所述Kubernetes主节点的地址。And a deployment unit, configured to sequentially deploy the interface service component, the control component, and the scheduling component, wherein the address of the Kubernetes master node is configured according to the configuration file.

可选地,所述终端设备还包括:Optionally, the terminal device further includes:

证书生成单元,用于基于所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制所述数据库组件的访问权限,第二安全证书用于控制所述接口服务组件的访问权限;a certificate generating unit, configured to generate a first security certificate and a second security certificate based on the configuration file, where the first security certificate is used to control access rights of the database component, and the second security certificate is used to control the interface service Access rights to components;

配置单元,用于将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。And a configuration unit, configured to configure the first security certificate to the database component and the interface service component, and configure the second security certificate to the interface service component.

图9是本申请实施例提供的终端设备的示意图。如图9所示,该实施例的终端设备9包括:处理器90以及存储器91,所述存储器91中存储有可在所述处理器90上运行的计算机可读指令92,例如基于Ansible工具自动搭建Kubernetes主节点的程序。所述处理器90执行所述计算机可读指令92时实现上述各个基于Ansible工具自动搭建Kubernetes主节点的方法实施例中的步骤,例如图1所示的步骤S101至S103。或者,所述处理器90执行所述计算机可读指令92时实现上述基于Ansible工具自动搭建Kubernetes主节点的装置实施例中各单元的功能,例如图6所示单元61至63的功能。FIG. 9 is a schematic diagram of a terminal device according to an embodiment of the present application. As shown in FIG. 9, the terminal device 9 of this embodiment includes a processor 90 and a memory 91 in which computer readable instructions 92 executable on the processor 90 are stored, for example, based on an Ansible tool. The program to build the Kubernetes master node. When the processor 90 executes the computer readable instructions 92, the steps in the method embodiments for automatically setting up the Kubernetes master node based on the Ansible tool are implemented, for example, steps S101 to S103 shown in FIG. Alternatively, when the processor 90 executes the computer readable instructions 92, the functions of the units in the apparatus embodiment for automatically setting up the Kubernetes master node based on the Ansible tool are implemented, such as the functions of the units 61 to 63 shown in FIG. 6.

示例性的,所述计算机可读指令92可以被分割成一个或多个模块/单元,所述一个或者多个模块/单元被存储在所述存储器91中,并由所述处理器90执行,以完成本申请。所述一个或多个模块/单元可以是能够完成特定功能的一系列计算机可读指令段,该指令段用于描述所述计算机可读指令92在所述终端设备9中的执行过程。例如,所述计算机可读指令92可以被分割成添加单元、确定单元及调用单元,各单元具体功能如上所述。Illustratively, the computer readable instructions 92 may be partitioned into one or more modules/units that are stored in the memory 91 and executed by the processor 90, To complete this application. The one or more modules/units may be a series of computer readable instruction segments capable of performing a particular function, the instruction segments being used to describe the execution of the computer readable instructions 92 in the terminal device 9. For example, the computer readable instructions 92 may be partitioned into an add unit, a determination unit, and a call unit, each unit having a specific function as described above.

所述终端设备可包括,但不仅限于,处理器90、存储器91。本领域技术人员可以理解,图9仅仅是终端设备9的示例,并不构成对终端设备9的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件,例如所述终端设备还可以包括输入输出设备、网络接入设备、总线等。The terminal device may include, but is not limited to, a processor 90 and a memory 91. It will be understood by those skilled in the art that FIG. 9 is only an example of the terminal device 9, does not constitute a limitation of the terminal device 9, may include more or less components than those illustrated, or combine some components, or different components. For example, the terminal device may further include an input/output device, a network access device, a bus, and the like.

所称处理器90可以是中央处理单元(Central Processing Unit,CPU),还可以是其他通用处理器、数字信号处理器 (Digital Signal Processor,DSP)、专用集成电路 (Application Specific Integrated Circuit,ASIC)、现成可编程门阵列 (Field-Programmable Gate Array,FPGA) 或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。The so-called processor 90 can be a central processing unit (Central Processing Unit, CPU), can also be other general-purpose processors, digital signal processors (DSP), application specific integrated circuits (Application Specific Integrated Circuit (ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc. The general purpose processor may be a microprocessor or the processor or any conventional processor or the like.

所述存储器91可以是所述终端设备9的内部存储单元,例如终端设备9的硬盘或内存。所述存储器91也可以是所述终端设备9的外部存储设备,例如所述终端设备9上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。进一步地,所述存储器91还可以既包括所述终端设备9的内部存储单元也包括外部存储设备。所述存储器91用于存储所述计算机可读指令以及所述终端设备所需的其他程序和数据。所述存储器91还可以用于暂时地存储已经输出或者将要输出的数据。The memory 91 may be an internal storage unit of the terminal device 9, such as a hard disk or a memory of the terminal device 9. The memory 91 may also be an external storage device of the terminal device 9, for example, a plug-in hard disk equipped on the terminal device 9, a smart memory card (SMC), and a secure digital (SD). Card, flash card, etc. Further, the memory 91 may also include both an internal storage unit of the terminal device 9 and an external storage device. The memory 91 is configured to store the computer readable instructions and other programs and data required by the terminal device. The memory 91 can also be used to temporarily store data that has been output or is about to be output.

另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.

所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。The integrated unit, if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application, in essence or the contribution to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium. A number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present application. The foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .

以上所述,以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围。The above embodiments are only used to explain the technical solutions of the present application, and are not limited thereto; although the present application has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that they can still The technical solutions described in the embodiments are modified, or the equivalents of the technical features are replaced by the equivalents. The modifications and substitutions of the embodiments do not depart from the spirit and scope of the technical solutions of the embodiments of the present application.

Claims (20)

一种基于Ansible工具自动搭建Kubernetes主节点的方法,其特征在于,通过执行预设的部署脚本完成Kubernetes主节点的搭建,包括:A method for automatically setting up a Kubernetes master node based on an Ansible tool, which is characterized in that the Kubernetes master node is built by executing a preset deployment script, including: 将用户输入的与Kubernetes主节点相关的创建参数添加至预设的配置模板,生成配置文件;Adding a user-entered creation parameter related to the Kubernetes master node to a preset configuration template to generate a configuration file; 在多个可用节点中确定与所述配置文件对应的待部署节点,其中,所述可用节点为可用的物理节点或虚拟机节点;Determining a node to be deployed corresponding to the configuration file among a plurality of available nodes, wherein the available node is an available physical node or a virtual machine node; 调用Ansible工具,基于所述配置文件在所述待部署节点中搭建所述Kubernetes主节点。Calling the Ansible tool to build the Kubernetes master node in the to-be-deployed node based on the configuration file. 如权利要求1所述的方法,其特征在于,所述在多个可用节点中确定与所述配置文件对应的待部署节点之前,还包括:The method according to claim 1, wherein the determining, before determining the node to be deployed corresponding to the configuration file among the plurality of available nodes, further comprises: 检测所述多个可用节点中是否存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点;Detecting, among the plurality of available nodes, whether a node that is building the Kubernetes master node or has built the Kubernetes master node exists; 若所述多个可用节点中不存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点,则执行所述在多个可用节点中确定与所述配置文件对应的待部署节点的操作。If the nodes of the Kubernetes master node or the Kubernetes master node are being built, the node to be deployed corresponding to the configuration file is determined among the plurality of available nodes. operating. 如权利要求1所述的方法,其特征在于,所述调用Ansible工具,基于所述配置文件在所述待部署节点中搭建所述Kubernetes主节点,包括:The method of claim 1, wherein the calling the Ansible tool to build the Kubernetes master node in the to-be-deployed node based on the configuration file comprises: 从二进制文件服务器中获取与所述Kubernetes主节点关联的二进制配置文件;Obtaining a binary configuration file associated with the Kubernetes master node from a binary file server; 启动所述Ansible工具中预设的剧本组件,以使所述Ansible工具根据所述剧本组件在所述待部署节点中安装所述二进制配置文件,并配置所述Kubernetes主节点的运行环境。The script component preset in the Ansible tool is started, so that the Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures an operating environment of the Kubernetes master node. 如权利要求3所述的方法,所述Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件,其特征在于,所述启动所述Ansible工具中预设的剧本组件,以使所述Ansible工具根据所述剧本组件在所述待部署节点中安装所述二进制配置文件,并配置所述Kubernetes主节点的运行环境,包括:The method according to claim 3, wherein the Kubernetes master node comprises a database component, an interface service component, a control component, and a scheduling component, wherein the script component preset in the Ansible tool is started to cause the The Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures an operating environment of the Kubernetes master node, including: 通过所述Ansible工具部署所述数据库组件,其中,从所述配置文件中获取网络配置数据,并将所述网络配置数据加载至所述数据库组件;Deploying the database component by using the Ansible tool, wherein network configuration data is obtained from the configuration file, and the network configuration data is loaded to the database component; 依次部署所述接口服务组件、所述控制组件以及所述调度组件,其中,根据所述配置文件配置所述Kubernetes主节点的地址。The interface service component, the control component, and the scheduling component are sequentially deployed, wherein an address of the Kubernetes master node is configured according to the configuration file. 如权利要求4所述的方法,其特征在于,所述方法还包括:The method of claim 4, wherein the method further comprises: 基于所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制所述数据库组件的访问权限,第二安全证书用于控制所述接口服务组件的访问权限;Generating a first security certificate and a second security certificate based on the configuration file, where the first security certificate is used to control access rights of the database component, and the second security certificate is used to control access rights of the interface service component; 将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。Configuring the first security certificate to the database component and the interface service component and configuring the second security certificate to the interface service component. 一种基于Ansible工具自动搭建Kubernetes主节点的装置,其特征在于,通过执行预设的部署脚本完成Kubernetes主节点的搭建,包括:A device for automatically setting up a Kubernetes master node based on an Ansible tool, which is characterized in that the Kubernetes master node is built by executing a preset deployment script, including: 添加单元,用于将用户输入的与Kubernetes主节点相关的创建参数添加至预设的配置模板,生成配置文件;Adding a unit for adding a creation parameter related to the Kubernetes master node input by the user to a preset configuration template to generate a configuration file; 确定单元,用于在多个可用节点中确定与所述配置文件对应的待部署节点,其中,所述可用节点为可用的物理节点或虚拟机节点;a determining unit, configured to determine, in the plurality of available nodes, a node to be deployed corresponding to the configuration file, where the available node is an available physical node or a virtual machine node; 调用单元,用于调用Ansible工具,基于所述配置文件在所述待部署节点中搭建所述Kubernetes主节点。a calling unit, configured to invoke an Ansible tool, and build the Kubernetes master node in the to-be-deployed node based on the configuration file. 如权利要求6所述的装置,其特征在于,所述确定单元,还包括:The apparatus according to claim 6, wherein the determining unit further comprises: 检测单元,用于检测所述多个可用节点中是否存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点;a detecting unit, configured to detect whether there is a node that is constructing the Kubernetes master node or has built the Kubernetes master node among the plurality of available nodes; 执行单元,用于若所述多个可用节点中不存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点,则执行所述在多个可用节点中确定与所述配置文件对应的待部署节点的操作。An execution unit, configured to determine, if the node of the Kubernetes master node is established or the node that has built the Kubernetes master node, the plurality of available nodes are determined to be corresponding to the configuration file among the plurality of available nodes. The operation of the node to be deployed. 如权利要求6所述的装置,其特征在于,所述调用单元,包括:The device according to claim 6, wherein the calling unit comprises: 获取单元,用于从二进制文件服务器中获取与所述Kubernetes主节点关联的二进制配置文件;An obtaining unit, configured to obtain, from a binary file server, a binary configuration file associated with the Kubernetes primary node; 启动单元,用于启动所述Ansible工具中预设的剧本组件,以使所述Ansible工具根据所述剧本组件在所述待部署节点中安装所述二进制配置文件,并配置所述Kubernetes主节点的运行环境。a startup unit, configured to start a script component preset in the Ansible tool, so that the Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures a primary node of the Kubernetes Operating environment. 如权利要求8所述的装置,所述Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件,其特征在于,所述启动单元,包括:The device according to claim 8, wherein the Kubernetes master node comprises a database component, an interface service component, a control component, and a scheduling component, wherein the startup unit comprises: 部署单元,用于通过所述Ansible工具部署所述数据库组件,其中,从所述配置文件中获取网络配置数据,并将所述网络配置数据加载至所述数据库组件;a deployment unit, configured to deploy the database component by using the Ansible tool, where network configuration data is obtained from the configuration file, and the network configuration data is loaded to the database component; 依次部署单元,用于依次部署所述接口服务组件、所述控制组件以及所述调度组件,其中,根据所述配置文件配置所述Kubernetes主节点的地址。And a deployment unit, configured to sequentially deploy the interface service component, the control component, and the scheduling component, wherein the address of the Kubernetes master node is configured according to the configuration file. 如权利要求9所述的装置,其特征在于,还包括:The device of claim 9 further comprising: 证书生成单元,用于基于所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制所述数据库组件的访问权限,第二安全证书用于控制所述接口服务组件的访问权限;a certificate generating unit, configured to generate a first security certificate and a second security certificate based on the configuration file, where the first security certificate is used to control access rights of the database component, and the second security certificate is used to control the interface service Access rights to components; 配置单元,用于将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。And a configuration unit, configured to configure the first security certificate to the database component and the interface service component, and configure the second security certificate to the interface service component. 一种终端设备,其特征在于,包括存储器以及处理器,所述存储器中存储有可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现如下步骤:A terminal device, comprising: a memory and a processor, wherein the memory stores computer readable instructions executable on the processor, and the processor implements the following steps when the computer readable instructions are executed : 将用户输入的与Kubernetes主节点相关的创建参数添加至预设的配置模板,生成配置文件;Adding a user-entered creation parameter related to the Kubernetes master node to a preset configuration template to generate a configuration file; 在多个可用节点中确定与所述配置文件对应的待部署节点,其中,所述可用节点为可用的物理节点或虚拟机节点;Determining a node to be deployed corresponding to the configuration file among a plurality of available nodes, wherein the available node is an available physical node or a virtual machine node; 调用Ansible工具,基于所述配置文件在所述待部署节点中搭建所述Kubernetes主节点。Calling the Ansible tool to build the Kubernetes master node in the to-be-deployed node based on the configuration file. 根据权利要求11所述的终端设备,其特征在于,所述在多个可用节点中确定与所述配置文件对应的待部署节点之前,还包括:The terminal device according to claim 11, wherein before determining the node to be deployed corresponding to the configuration file among the plurality of available nodes, the method further includes: 检测所述多个可用节点中是否存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点;Detecting, among the plurality of available nodes, whether a node that is building the Kubernetes master node or has built the Kubernetes master node exists; 若所述多个可用节点中不存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点,则执行所述在多个可用节点中确定与所述配置文件对应的待部署节点的操作。If the nodes of the Kubernetes master node or the Kubernetes master node are being built, the node to be deployed corresponding to the configuration file is determined among the plurality of available nodes. operating. 根据权利要求11所述的终端设备,其特征在于,所述调用Ansible工具,基于所述配置文件在所述待部署节点中搭建所述Kubernetes主节点,包括:The terminal device according to claim 11, wherein the calling the Ansible tool to build the Kubernetes master node in the node to be deployed based on the configuration file comprises: 从二进制文件服务器中获取与所述Kubernetes主节点关联的二进制配置文件;Obtaining a binary configuration file associated with the Kubernetes master node from a binary file server; 启动所述Ansible工具中预设的剧本组件,以使所述Ansible工具根据所述剧本组件在所述待部署节点中安装所述二进制配置文件,并配置所述Kubernetes主节点的运行环境。The script component preset in the Ansible tool is started, so that the Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures an operating environment of the Kubernetes master node. 根据权利要求13所述的终端设备,所述Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件,其特征在于,所述启动所述Ansible工具中预设的剧本组件,以使所述Ansible工具根据所述剧本组件在所述待部署节点中安装所述二进制配置文件,并配置所述Kubernetes主节点的运行环境,包括:The terminal device according to claim 13, wherein the Kubernetes master node comprises a database component, an interface service component, a control component, and a scheduling component, wherein the script component preset in the Ansible tool is started to make The Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures an operating environment of the Kubernetes master node, including: 通过所述Ansible工具部署所述数据库组件,其中,从所述配置文件中获取网络配置数据,并将所述网络配置数据加载至所述数据库组件;Deploying the database component by using the Ansible tool, wherein network configuration data is obtained from the configuration file, and the network configuration data is loaded to the database component; 依次部署所述接口服务组件、所述控制组件以及所述调度组件,其中,根据所述配置文件配置所述Kubernetes主节点的地址。The interface service component, the control component, and the scheduling component are sequentially deployed, wherein an address of the Kubernetes master node is configured according to the configuration file. 根据权利要求14所述的终端设备,其特征在于,还包括:The terminal device according to claim 14, further comprising: 基于所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制所述数据库组件的访问权限,第二安全证书用于控制所述接口服务组件的访问权限;Generating a first security certificate and a second security certificate based on the configuration file, where the first security certificate is used to control access rights of the database component, and the second security certificate is used to control access rights of the interface service component; 将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。Configuring the first security certificate to the database component and the interface service component and configuring the second security certificate to the interface service component. 一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,其特征在于,所述计算机可读指令被至少一个处理器执行时实现如下步骤:A computer readable storage medium storing computer readable instructions, wherein the computer readable instructions, when executed by at least one processor, implement the following steps: 将用户输入的与Kubernetes主节点相关的创建参数添加至预设的配置模板,生成配置文件;Adding a user-entered creation parameter related to the Kubernetes master node to a preset configuration template to generate a configuration file; 在多个可用节点中确定与所述配置文件对应的待部署节点,其中,所述可用节点为可用的物理节点或虚拟机节点;Determining a node to be deployed corresponding to the configuration file among a plurality of available nodes, wherein the available node is an available physical node or a virtual machine node; 调用Ansible工具,基于所述配置文件在所述待部署节点中搭建所述Kubernetes主节点。Calling the Ansible tool to build the Kubernetes master node in the to-be-deployed node based on the configuration file. 根据权利要求16所述的计算机可读存储介质,其特征在于,所述计算机可读指令被至少一个处理器执行时还实现如下步骤:The computer readable storage medium of claim 16, wherein the computer readable instructions are further executed by the at least one processor to: 检测所述多个可用节点中是否存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点;Detecting, among the plurality of available nodes, whether a node that is building the Kubernetes master node or has built the Kubernetes master node exists; 若所述多个可用节点中不存在正在搭建所述Kubernetes主节点或已搭建所述Kubernetes主节点的节点,则执行所述在多个可用节点中确定与所述配置文件对应的待部署节点的操作。If the nodes of the Kubernetes master node or the Kubernetes master node are being built, the node to be deployed corresponding to the configuration file is determined among the plurality of available nodes. operating. 根据权利要求16所述的计算机可读存储介质,其特征在于,所述计算机可读指令被至少一个处理器执行时实现如下步骤:The computer readable storage medium of claim 16, wherein the computer readable instructions are executed by at least one processor to implement the following steps: 从二进制文件服务器中获取与所述Kubernetes主节点关联的二进制配置文件;Obtaining a binary configuration file associated with the Kubernetes master node from a binary file server; 启动所述Ansible工具中预设的剧本组件,以使所述Ansible工具根据所述剧本组件在所述待部署节点中安装所述二进制配置文件,并配置所述Kubernetes主节点的运行环境。The script component preset in the Ansible tool is started, so that the Ansible tool installs the binary configuration file in the node to be deployed according to the script component, and configures an operating environment of the Kubernetes master node. 根据权利要求18所述的计算机可读存储介质,所述Kubernetes主节点包括数据库组件、接口服务组件、控制组件以及调度组件,其特征在于,所述计算机可读指令被至少一个处理器执行时实现如下步骤:The computer readable storage medium of claim 18, the Kubernetes master node comprising a database component, an interface service component, a control component, and a scheduling component, wherein the computer readable instructions are implemented by at least one processor The following steps: 通过所述Ansible工具部署所述数据库组件,其中,从所述配置文件中获取网络配置数据,并将所述网络配置数据加载至所述数据库组件;Deploying the database component by using the Ansible tool, wherein network configuration data is obtained from the configuration file, and the network configuration data is loaded to the database component; 依次部署所述接口服务组件、所述控制组件以及所述调度组件,其中,根据所述配置文件配置所述Kubernetes主节点的地址。The interface service component, the control component, and the scheduling component are sequentially deployed, wherein an address of the Kubernetes master node is configured according to the configuration file. 根据权利要求19所述的计算机可读存储介质,其特征在于,所述计算机可读指令被至少一个处理器执行时还实现如下步骤:A computer readable storage medium according to claim 19, wherein said computer readable instructions, when executed by at least one processor, further implement the following steps: 基于所述配置文件生成第一安全证书和第二安全证书,其中,第一安全证书用于控制所述数据库组件的访问权限,第二安全证书用于控制所述接口服务组件的访问权限;Generating a first security certificate and a second security certificate based on the configuration file, where the first security certificate is used to control access rights of the database component, and the second security certificate is used to control access rights of the interface service component; 将所述第一安全证书配置至所述数据库组件和所述接口服务组件,并将所述第二安全证书配置至所述接口服务组件。Configuring the first security certificate to the database component and the interface service component and configuring the second security certificate to the interface service component.
PCT/CN2018/097113 2018-05-14 2018-07-25 Method and apparatus for automatically building kubernetes master node on basis of ansible tool, terminal device, and readable storage medium Ceased WO2019218463A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810456299.X 2018-05-14
CN201810456299.XA CN108694053A (en) 2018-05-14 2018-05-14 Build the method and terminal device of Kubernetes host nodes automatically based on Ansible tools

Publications (1)

Publication Number Publication Date
WO2019218463A1 true WO2019218463A1 (en) 2019-11-21

Family

ID=63846399

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/097113 Ceased WO2019218463A1 (en) 2018-05-14 2018-07-25 Method and apparatus for automatically building kubernetes master node on basis of ansible tool, terminal device, and readable storage medium

Country Status (2)

Country Link
CN (1) CN108694053A (en)
WO (1) WO2019218463A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023050956A1 (en) * 2021-09-30 2023-04-06 International Business Machines Corporation Automatic selection of nodes on which to perform tasks

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109392020A (en) * 2018-10-26 2019-02-26 中山大学 A kind of resource management platform towards 5G mobile network
CN111427949B (en) * 2019-01-09 2023-10-20 杭州海康威视数字技术股份有限公司 A method and device for creating big data services
CN109889381B (en) * 2019-02-18 2022-03-18 国家计算机网络与信息安全管理中心 Automatic configuration management method and device based on fort machine
CN111740851B (en) * 2019-03-25 2023-05-09 华为技术有限公司 Configuration message generation method, device and system
CN109976774B (en) * 2019-04-11 2022-07-26 北京启迪区块链科技发展有限公司 Block link point deployment method, device, equipment and storage medium
CN110764788B (en) * 2019-09-10 2023-04-25 武汉联影医疗科技有限公司 Cloud storage deployment method, device, computer equipment and readable storage medium
CN110704164A (en) * 2019-09-30 2020-01-17 珠海市新德汇信息技术有限公司 Cloud native application platform construction method based on Kubernetes technology
CN110990026B (en) * 2019-10-10 2023-03-14 武汉烽火信息集成技术有限公司 Automatic deployment method and system for PaaS platform
CN110750273A (en) * 2019-10-14 2020-02-04 交控科技股份有限公司 Automatic deployment method and system for cloud platform
CN113127009A (en) * 2019-12-30 2021-07-16 航天信息股份有限公司 Automatic deployment method and device for big data management platform
CN111367618A (en) * 2020-03-03 2020-07-03 山东汇贸电子口岸有限公司 Code management method, system, terminal and medium based on docker
CN111610985B (en) * 2020-05-13 2023-05-05 麒麟软件有限公司 Kubernetes cluster rapid deployment method on domestic platform
US11487555B2 (en) * 2020-06-09 2022-11-01 Tencent America LLC Running PBS jobs in kubernetes
CN111708608B (en) * 2020-06-19 2023-04-25 浪潮云信息技术股份公司 Container large cluster rapid deployment method and system based on stable
CN111782341B (en) * 2020-06-30 2024-04-05 北京百度网讯科技有限公司 Method and device for managing clusters
CN112333244A (en) * 2020-10-16 2021-02-05 济南浪潮数据技术有限公司 Cluster mutual trust method, system, equipment and computer readable storage medium
CN114443059A (en) * 2020-10-30 2022-05-06 中国联合网络通信集团有限公司 Deployment method, device and equipment of Kubernetes cluster
CN112346818B (en) * 2020-11-02 2024-08-23 北京新媒传信科技有限公司 Container application deployment method and device, electronic equipment and storage medium
CN112532722B (en) * 2020-11-27 2023-03-24 中国—东盟信息港股份有限公司 Kubernetes cloud native cluster node-based graceful shutdown method
CN112328385B (en) * 2021-01-04 2021-04-06 鹏城实验室 Multi-scene Kubernetes task submission method based on plug-in
CN113127150B (en) * 2021-03-18 2023-10-17 同盾控股有限公司 Rapid deployment method and device of cloud primary system, electronic equipment and storage medium
CN113467794A (en) * 2021-07-23 2021-10-01 烽火通信科技股份有限公司 Method for Magnum to automatically deploy Kubernetes and cloud native application and electronic equipment
CN113518095B (en) * 2021-09-14 2021-12-14 北京华云安信息技术有限公司 SSH cluster deployment method, device, equipment and storage medium
CN113568624A (en) * 2021-09-22 2021-10-29 苏州浪潮智能科技有限公司 A kind of mirror pulling method, system, computer device and readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160366233A1 (en) * 2015-06-10 2016-12-15 Platform9, Inc. Private Cloud as a service
US20170034023A1 (en) * 2015-07-27 2017-02-02 Datagrid Systems, Inc. Techniques for evaluating server system reliability, vulnerability and component compatibility using crowdsourced server and vulnerability data
CN106843837A (en) * 2016-12-21 2017-06-13 中电科华云信息技术有限公司 The construction method of openstack assembly containers
CN106936636A (en) * 2017-03-15 2017-07-07 无锡华云数据技术服务有限公司 A kind of implementation method of the cloud computing test platform of rapid deployment containerization

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10652329B1 (en) * 2014-05-12 2020-05-12 Tintri By Ddn, Inc. Cluster virtual machines
CN105528232A (en) * 2016-01-27 2016-04-27 国家电网公司 A software automatic installation method and system
CN106972962A (en) * 2017-03-22 2017-07-21 北京匡恩网络科技有限责任公司 Collocation method, the apparatus and system of high-availability cluster

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160366233A1 (en) * 2015-06-10 2016-12-15 Platform9, Inc. Private Cloud as a service
US20170034023A1 (en) * 2015-07-27 2017-02-02 Datagrid Systems, Inc. Techniques for evaluating server system reliability, vulnerability and component compatibility using crowdsourced server and vulnerability data
CN106843837A (en) * 2016-12-21 2017-06-13 中电科华云信息技术有限公司 The construction method of openstack assembly containers
CN106936636A (en) * 2017-03-15 2017-07-07 无锡华云数据技术服务有限公司 A kind of implementation method of the cloud computing test platform of rapid deployment containerization

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
LI, JIWEI ET AL.: "Automated Operation and Maintenance under Cloud Computing", JOURNAL OF FRONTIERS OF COMPUTER SCIENCE & TECHNOLOGY, 30 November 2017 (2017-11-30) *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023050956A1 (en) * 2021-09-30 2023-04-06 International Business Machines Corporation Automatic selection of nodes on which to perform tasks
US12124870B2 (en) 2021-09-30 2024-10-22 International Business Machines Corporation Automatic selection of nodes on which to perform tasks

Also Published As

Publication number Publication date
CN108694053A (en) 2018-10-23

Similar Documents

Publication Publication Date Title
WO2019218463A1 (en) Method and apparatus for automatically building kubernetes master node on basis of ansible tool, terminal device, and readable storage medium
CN108536519B (en) Method for automatically building Kubernetes main node and terminal equipment
CN108549580B (en) Method for automatically deploying Kubernets slave nodes and terminal equipment
JP6460798B2 (en) Cloud computing service framework
CN111371579B (en) Cloud platform deployment method, device, server and storage medium
US10153941B2 (en) Distributed operational control in computing systems
US11509646B2 (en) Systems and methods for cloning an agent in a distributed environment
CN107145380B (en) Virtual resource arranging method and device
CN111782232A (en) Cluster deployment method, device, terminal device and storage medium
CA3120996C (en) Synchronization of data between local and remote computing environment buffers
US10416996B1 (en) System and method for translating affliction programming interfaces for cloud platforms
CN102427481A (en) System for managing cloud computing service and cloud computing management method
CN108170508A (en) Batch creates method, apparatus, equipment and its storage medium of virtual machine
US20220156090A1 (en) Provisioning services (pvs) cloud streaming with read cache
CN104281484A (en) VM (virtual machine) migration method and device
CN114968477A (en) Container heat transfer method and container heat transfer device
CN105404530B (en) It is a kind of to realize easy deployment and the system and method using private clound
CN113906392A (en) System and method for providing different versions of virtual applications
US11425203B2 (en) Commissioning a virtualized network function
CN115480910A (en) Multi-cluster resource management method and device and electronic equipment
US11295018B1 (en) File system modification
US20250278258A1 (en) Cloud Initiated Bare Metal as a Service for On-Premises Servers
AU2021202457B2 (en) Provisioning service (PVS) cloud streaming with read cache
CN117472509A (en) Non-containerized application management method based on Kubernetes cluster equipment
CN111427589B (en) A data space deployment method and device for a big data cluster resource management system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18918802

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18918802

Country of ref document: EP

Kind code of ref document: A1