-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2 from ii2day/pr/ii2day/crd-desgin
add crd desgin md
- Loading branch information
Showing
6 changed files
with
218 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| # Desgin | ||
| koffloader 是一个将多个集群网络进行连通的组件,将多个 cilium 集群或 submariner 集群的网络进行打通,并将按照需求将多集群内的 service 进行暴露,以达到应用跨多个集群的网络负载功能。 | ||
|
|
||
| koffloader 可以单独运行在多集群的管理集群上,也可以运行在组网集群中的一个子集群中。 | ||
|
|
||
| # 架构 | ||
|
|
||
| <div style="text-align:center"> | ||
| <img src="../images/arch.png" alt="Your Image Description"> | ||
| </div> | ||
|
|
||
| * koffloader crd 资源: | ||
| * KCluster:集群信息配置,用于存放集群信息,管理多个集群。 | ||
| * ServiceExportPolicy:服务暴露策略,用于配置多集群内的 service 的暴露方式。 | ||
| * KClusterGroup:多集群组网配置,将多个 KCluster 集群组成一个网络。 | ||
|
|
||
| # 功能 | ||
| 1. 多集群连通:将多个 cilium 集群或 submariner 集群进行组网。 | ||
| * cilium: | ||
| * 用户需要将需要组网的集群部署好 cilium,然后将集群的信息配置到 KCluster 资源中。 | ||
| * 将需要组网 KCluster 资源,引用到 KClusterGroup 中,koffloader 通过 watch KClusterGroup,将各个集群组网,开启 clustermesh 功能。 | ||
| * submariner: | ||
| * 用户需要将需要组网的集群部署好 submariner,然后将集群的信息配置到 KCluster 资源中。 | ||
| * 将需要组网 KCluster 资源,引用到 KClusterGroup 中,因在部署 submariner 时,多集群的网络已经组成,koffloader 不会再进行组网操作。 | ||
|
|
||
| 2. 多集群 service 暴露:将子集群的 service 暴露给其他子集群,供其他子集群访问,并带有负载功能。cilium 集群与 submariner 集群对于服务暴露的方式不同,因此,存在以下功能。 | ||
| * cilium: | ||
| * a. 可通过 global 开关,管理 service 是否被暴露给组网集群,该 service 可以在各个子集群中可以被访问。 | ||
| * a. 在开启 global 开关后,可通过 share 开关,管理 service 是否可以被其他子集群访问,此开关意义为当前集群可以访问其他子集群 service,但其他子集群不可以访问当前集群。 | ||
| * b. 可通过 servicer affinity 管理 service 负载优先级,分别为 remote 优先负载远端、local 优先负载本地、none 轮巡方式负载。 | ||
| * submariner: | ||
| * a. 只有一种负载优先级,轮巡负载。 | ||
|
|
||
| 3. 多集群流量调度:当外部流量进入到集群 service 后,将各集群的南北向流量打通,并进行负载均衡。 | ||
| * 通过多集群 service 暴露将 service 进行负载,通过对 service 进行流量入口的配置,以达到多集群 service 的负载功能。 | ||
| * 此功能不由 koffloader 管理,koffloader 同步完 service,由用户自行创建 ingress 或 gateway api。 | ||
| <div style="text-align:center"> | ||
| <img src="../images/koffloader.png" alt="Your Image Description"> | ||
| </div> |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,61 @@ | ||
| # KCluster | ||
|
|
||
| kcluster crd 表示 koffloader 的 cluster 集群资源,存储集群的 kubeconfig 连接信息以及打通集群连接的配置信息。 | ||
|
|
||
| ## Sample YAML | ||
|
|
||
| ```yaml | ||
| apiVersion: koffloader.io/koffloader/v1beta1 | ||
| kind: KCluster | ||
| metadata: | ||
| name: cluster1 | ||
| spec: | ||
| clusterConnector: | ||
| type: cilium/submariner | ||
| ciliumNamespace: kube-system | ||
| kubeconfig: | ||
| secretName: cluster1 | ||
| secretNamespace: koffloader-system | ||
| status: | ||
| kmulticluster: koffloader-clusters | ||
| clusterConnector: cilium | ||
| ``` | ||
| ## KCluster definition | ||
| ### Metadata | ||
| | Field | Description | Schema | Validation | | ||
| |-------|-----------------|---------|------------| | ||
| | name | kcluster 资源名称 | string | required | | ||
| ### Spec | ||
| | Field | Description | Schema | Validation | Values | Default | | ||
| |------------------|----------------------------------------|-----------------------------------------------------------------------------------|------------|-----------|---------| | ||
| | clusterConnector | 指定使用哪种方式打通集群的连通性(cilium 或 submariner) | [koffloaderClusterConnector](./crd-kcluster-zh_CN.md#koffloaderClusterConnector) | required | | | | ||
| | kubeconfig | 集群 kubeconfig 连接信息存储 | [koffloaderClusterConfig](./crd-kcluster-zh_CN.md#koffloaderClusterConfig) | required | | | | ||
| #### koffloaderClusterConnector | ||
| | Field | Description | Schema | Validation | Values | | ||
| |-----------------|----------------|--------|------------|-------------------| | ||
| | type | 指定打通多集群连通性的方式 | string | required | cilium、submariner | | ||
| | ciliumNamespace | cilium 所在的命名空间 | string | optional | | | ||
| #### koffloaderClusterConfig | ||
| | Field | Description | Schema | Validation | Values | | ||
| |-----------------|-------------------------------|--------|------------|----------| | ||
| | secretName | 集群 kubeconfig 存储的 secret 名称 | string | required | | | ||
| | secretNamespace | 集群 kubeconfig 存储的 secret 命名空间 | string | required | | | ||
| ### Status (subresource) | ||
| | Field | Description | Schema | | ||
| |----------------------|-------------------------|----------| | ||
| | kmulticluster | 所属 kmulticluster 资源名称 | string | | ||
| | clusterConnector | 集群连通器类型 | string | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| # KClusterGroup | ||
|
|
||
| KClusterGroup crd 表示多集群连通的配置。 | ||
|
|
||
| ## Sample YAML | ||
|
|
||
| ```yaml | ||
| apiVersion: koffloader.io/koffloader/v1beta1 | ||
| kind: KClusterGroup | ||
| metadata: | ||
| name: koffloader-cluster1 | ||
| spec: | ||
| clusterConnectorType: cilium/submariner | ||
| ciliumClusterMeshServiceType: nodeport | ||
| kclusterSelector: | ||
| matchLabels: | ||
| app: test | ||
| status: | ||
| matchKCluster: | ||
| - cluster1 | ||
| - cluster2 | ||
| clusterConnector: cilium | ||
| ``` | ||
| ## KClusterGroup definition | ||
| ### Metadata | ||
| | Field | Description | Schema | Validation | | ||
| |-------|---------------------|----------|--------------| | ||
| | name | KMultiCluster 资源名称 | string | required | | ||
| ### Spec | ||
| | Field | Description | Schema | Validation | Values | Default | | ||
| |------------------------------|------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------|------------|---------------------------------|---------| | ||
| | kclusterSelector | 指定哪些 kcluster 组成 KMultiCluster 多集群连通 | [labelSelector](https://github.com/kubernetes/kubernetes/blob/v1.29.0/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types.go#L1213) | required | | | | ||
| | clusterConnectorType | 指定打通多集群连通性的方式 | string | required | | | | ||
| | ciliumClusterMeshServiceType | 指定 cilium clustermesh apiserver 的 service 类型 | string | required | NodePort、ClusterIP、LoadBalancer | | | ||
| ### Status (subresource) | ||
| | Field | Description | Schema | | ||
| |--------------------------|---------------------------------|-------------| | ||
| | clusterConnector | 多集群连通性类型 | string | | ||
| | matchKCluster | 哪些 kcluster 资源组成 KMultiCluster | string 数组 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,71 @@ | ||
| # ServiceExportPolicy | ||
|
|
||
| ServiceExportPolicy crd 表示 koffloader 的 service 发现策略。 | ||
|
|
||
| ## Sample YAML | ||
|
|
||
| ```yaml | ||
| apiVersion: koffloader.io/koffloader/v1beta1 | ||
| kind: ServiceExportPolicy | ||
| metadata: | ||
| name: service-policy | ||
| spec: | ||
| serviceSelector: | ||
| matchLabels: | ||
| app: test | ||
| ciliumServiceFeature: | ||
| share: ture | ||
| affinity: remote | ||
| global: true | ||
| kclusterSelector: | ||
| matchLabels: | ||
| app: test | ||
| status: | ||
| matchService: | ||
| - name: test | ||
| namespace: default | ||
| matchKCluster: | ||
| - cluster1 | ||
| - cluster2 | ||
| ``` | ||
| ## ServiceExportPolicy definition | ||
| ### Metadata | ||
| | Field | Description | Schema | Validation | | ||
| |-------|-------------------------------|---------|------------| | ||
| | name | ServiceExportPolicy 资源名称 | string | required | | ||
| ### Spec | ||
| | Field | Description | Schema | Validation | Values | Default | | ||
| |----------------------|------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------|------------|-----------|---------| | ||
| | serviceSelector | 指定哪些 service 需要发现 | [labelSelector](https://github.com/kubernetes/kubernetes/blob/v1.29.0/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types.go#L1213) | required | | | | ||
| | kclusterSelector | 指定哪些 kcluster 生效该策略 | [labelSelector](https://github.com/kubernetes/kubernetes/blob/v1.29.0/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types.go#L1213) | required | | | | ||
| | ciliumServiceFeature | 使用 cilium 进行多集群连通时,service 的发现策略配置 | [ciliumServiceFeature](./crd-kcluster-zh_CN.md#koffloaderClusterConfig) | optional | | | | ||
| #### ciliumServiceFeature | ||
| | Field | Description | Schema | Validation | Values | | ||
| |----------|---------------------------|--------|------------|-------------------| | ||
| | share | service 是否可以被其他集群发现 | bool | optional | | | ||
| | affinity | service 负载的优先级 | string | optional | local,remote,none | | ||
| | global | service 是否作为多集群全局 service | bool | optional | | | ||
| ### Status (subresource) | ||
| | Field | Description | Schema | | ||
| |---------------------|--------------------|-----------------------------------------------------------| | ||
| | matchService | 策略生效在哪些 service | [matchService](./crd-kcluster-zh_CN.md#matchService) 数组 | | ||
| | matchKCluster | 策略生效在哪些 kcluster | string 数组 | | ||
| #### matchService | ||
| | Field | Description | Schema | | ||
| |-----------|-------------------|-----------| | ||
| | name | service 名称 | string | | ||
| | namespace | service 命名空间 | string | |