小屋子大侠
小屋子大侠

k8s概念入门之kubelet-针对1.1.版本阅读

kubelet

kubelet是在每个节点上运行的主要“节点代理”。它可以使用以下之一向apiserver注册该节点:主机名;用于覆盖主机名的标志;或云提供商的特定逻辑。

kubelet根据PodSpec起作用。 PodSpec是一个描述Pod的YAML或JSON对象。 kubelet接收通过各种机制(主要是通过apiserver)提供的PodSpec集合,并确保这些PodSpec中描述的容器正在运行且运行状况良好。 Kubelet不管理不是Kubernetes创建的容器。

kubelet流程

kubelet核心的功能点就是保住每个pod的状态并且运行正常,能够根据apiserver的状态来同步当前的pod的状态,首先查看一下整个流程的概述。

主流程开启
func main() {
	runtime.GOMAXPROCS(runtime.NumCPU())   // 开启cpu对应个数的线程运行
	s := app.NewKubeletServer()   				 // 初始化对象
	s.AddFlags(pflag.CommandLine)

	util.InitFlags()
	util.InitLogs()
	defer util.FlushLogs()

	verflag.PrintAndExitIfRequested()

	if err := s.Run(nil); err != nil { 				// 运行起来
		fmt.Fprintf(os.Stderr, "%v\n", err)
		os.Exit(1)
	}
}

整体的开始代码比较简洁明了,先是初始化,然后直接运行。

// NewKubeletServer will create a new KubeletServer with default values.
func NewKubeletServer() *KubeletServer {
	return &KubeletServer{
		Address:                     net.ParseIP("0.0.0.0"),   // 本机监听的地址
		AuthPath:                    util.NewStringFlag("/var/lib/kubelet/kubernetes_auth"), // deprecated
		CAdvisorPort:                4194,
		CertDirectory:               "/var/run/kubernetes",    // 证书路径
		CgroupRoot:                  "",
		ConfigureCBR0:               false,
		ContainerRuntime:            "docker",   								// 运行时的工具
		CPUCFSQuota:                 false,
		DockerDaemonContainer:       "/docker-daemon",
		DockerExecHandlerName:       "native",
		EnableDebuggingHandlers:     true,
		EnableServer:                true,
		FileCheckFrequency:          20 * time.Second,
		HealthzBindAddress:          net.ParseIP("127.0.0.1"),    // 监控检测的地址
		HealthzPort:                 10248,
		HostNetworkSources:          kubelet.AllSource,
		HostPIDSources:              kubelet.AllSource,
		HostIPCSources:              kubelet.AllSource,
		HTTPCheckFrequency:          20 * time.Second,
		ImageGCHighThresholdPercent: 90,
		ImageGCLowThresholdPercent:  80,
		KubeConfig:                  util.NewStringFlag("/var/lib/kubelet/kubeconfig"),
		LowDiskSpaceThresholdMB:     256,
		MasterServiceNamespace:      api.NamespaceDefault,
		MaxContainerCount:           100,
		MaxPerPodContainerCount:     2,
		MaxOpenFiles:                1000000,
		MinimumGCAge:                1 * time.Minute,
		NetworkPluginDir:            "/usr/libexec/kubernetes/kubelet-plugins/net/exec/",  // 网络插件
		NetworkPluginName:           "",
		NodeStatusUpdateFrequency:   10 * time.Second,
		OOMScoreAdj:                 qos.KubeletOomScoreAdj,
		PodInfraContainerImage:      dockertools.PodInfraContainerImage,
		Port:                ports.KubeletPort,
		ReadOnlyPort:        ports.KubeletReadOnlyPort,
		RegisterNode:        true, // will be ignored if no apiserver is configured
		RegistryBurst:       10,
		ResourceContainer:   "/kubelet",
		RktPath:             "",
		RktStage1Image:      "",
		RootDirectory:       defaultRootDir,
		SerializeImagePulls: true,
		SyncFrequency:       10 * time.Second,   // 同步的频率信息
		SystemContainer:     "",
	}
}

....

// Run runs the specified KubeletServer for the given KubeletConfig.  This should never exit.
// The kcfg argument may be nil - if so, it is initialized from the settings on KubeletServer.
// Otherwise, the caller is assumed to have set up the KubeletConfig object and all defaults
// will be ignored.
func (s *KubeletServer) Run(kcfg *KubeletConfig) error {
	if kcfg == nil {
		cfg, err := s.KubeletConfig()   // 生成配置信息
		if err != nil {
			return err
		}
		kcfg = cfg

		clientConfig, err := s.CreateAPIServerClientConfig()  // 获取连接到AIPServer的配置信息
		if err == nil {
			kcfg.KubeClient, err = client.New(clientConfig)     // 生成访问的实例
		}
		if err != nil && len(s.APIServerList) > 0 {
			glog.Warningf("No API client: %v", err)
		}

		cloud, err := cloudprovider.InitCloudProvider(s.CloudProvider, s.CloudConfigFile)  // 初始化 云服务提供者
		if err != nil {
			return err
		}
		glog.V(2).Infof("Successfully initialized cloud provider: %q from the config file: %q\n", s.CloudProvider, s.CloudConfigFile)
		kcfg.Cloud = cloud
	}

	if kcfg.CAdvisorInterface == nil {
		ca, err := cadvisor.New(s.CAdvisorPort)   // 生成监控相关信息
		if err != nil {
			return err
		}
		kcfg.CAdvisorInterface = ca
	}

	util.ReallyCrash = s.ReallyCrashForTesting
	rand.Seed(time.Now().UTC().UnixNano())

	credentialprovider.SetPreferredDockercfgPath(s.RootDirectory)

	glog.V(2).Infof("Using root directory: %v", s.RootDirectory)

	// TODO(vmarmol): Do this through container config.
	oomAdjuster := oom.NewOomAdjuster()
	if err := oomAdjuster.ApplyOomScoreAdj(0, s.OOMScoreAdj); err != nil {
		glog.Warning(err)
	}

	if err := RunKubelet(kcfg, nil); err != nil {  // 运行kubelet
		return err
	}

	if s.HealthzPort > 0 {   	// 开启监控检测信息
		healthz.DefaultHealthz()
		go util.Until(func() {
			err := http.ListenAndServe(net.JoinHostPort(s.HealthzBindAddress.String(), strconv.Itoa(s.HealthzPort)), nil)
			if err != nil {
				glog.Errorf("Starting health server failed: %v", err)
			}
		}, 5*time.Second, util.NeverStop)
	}

	if s.RunOnce { 		// 是否运行一次 如果运行一次则退出
		return nil
	}

	// run forever
	select {}
}

从流程上看就是通过解析配置文件来,启动访问APIServer的客户端,启动监控信息等。

// RunKubelet is responsible for setting up and running a kubelet.  It is used in three different applications:
//   1 Integration tests
//   2 Kubelet binary
//   3 Standalone 'kubernetes' binary
// Eventually, #2 will be replaced with instances of #3
func RunKubelet(kcfg *KubeletConfig, builder KubeletBuilder) error {
	...

	if builder == nil {
		builder = createAndInitKubelet    	// 创建函数
	}
	if kcfg.OSInterface == nil {
		kcfg.OSInterface = kubecontainer.RealOS{}
	}
	k, podCfg, err := builder(kcfg) 				// 生成配置信息
	if err != nil {
		return fmt.Errorf("failed to create kubelet: %v", err)
	}

	util.ApplyRLimitForSelf(kcfg.MaxOpenFiles)

	// process pods and exit.
	if kcfg.Runonce {
		if _, err := k.RunOnce(podCfg.Updates()); err != nil {
			return fmt.Errorf("runonce failed: %v", err)
		}
		glog.Infof("Started kubelet as runonce")
	} else {
		startKubelet(k, podCfg, kcfg) 				// 如果不是一次运行 则开始循环运行
		glog.Infof("Started kubelet")
	}
	return nil
}

func startKubelet(k KubeletBootstrap, podCfg *config.PodConfig, kc *KubeletConfig) {
	// start the kubelet
	go util.Until(func() { k.Run(podCfg.Updates()) }, 0, util.NeverStop)  	// 监听pod的更新数据

	// start the kubelet server
	if kc.EnableServer { 			// 是否开始server端
		go util.Until(func() {
			k.ListenAndServe(kc.Address, kc.Port, kc.TLSOptions, kc.EnableDebuggingHandlers)
		}, 0, util.NeverStop)
	}
	if kc.ReadOnlyPort > 0 {
		go util.Until(func() {
			k.ListenAndServeReadOnly(kc.Address, kc.ReadOnlyPort)
		}, 0, util.NeverStop)
	}
}

初始化过程主要就是通过createAndInitKubelet来初始化。

func createAndInitKubelet(kc *KubeletConfig) (k KubeletBootstrap, pc *config.PodConfig, err error) {
	// TODO: block until all sources have delivered at least one update to the channel, or break the sync loop
	// up into "per source" synchronizations
	// TODO: KubeletConfig.KubeClient should be a client interface, but client interface misses certain methods
	// used by kubelet. Since NewMainKubelet expects a client interface, we need to make sure we are not passing
	// a nil pointer to it when what we really want is a nil interface.
	var kubeClient client.Interface
	if kc.KubeClient != nil {
		kubeClient = kc.KubeClient
	}

	gcPolicy := kubelet.ContainerGCPolicy{
		MinAge:             kc.MinimumGCAge,
		MaxPerPodContainer: kc.MaxPerPodContainerCount,
		MaxContainers:      kc.MaxContainerCount,
	} 					// 配置gc的频率

	daemonEndpoints := &api.NodeDaemonEndpoints{
		KubeletEndpoint: api.DaemonEndpoint{Port: int(kc.Port)},
	}

	pc = makePodSourceConfig(kc) 				// 生成Pod相关的源文件配置 后续都监听该配置
	k, err = kubelet.NewMainKubelet(
		kc.Hostname,
		kc.NodeName,
		kc.DockerClient,
		kubeClient,
		kc.RootDirectory,
		kc.PodInfraContainerImage,
		kc.SyncFrequency,
		float32(kc.RegistryPullQPS),
		kc.RegistryBurst,
		kc.EventRecordQPS,
		kc.EventBurst,
		gcPolicy,
		pc.SeenAllSources,
		kc.RegisterNode,
		kc.StandaloneMode,
		kc.ClusterDomain,
		kc.ClusterDNS,
		kc.MasterServiceNamespace,
		kc.VolumePlugins,
		kc.NetworkPlugins,
		kc.NetworkPluginName,
		kc.StreamingConnectionIdleTimeout,
		kc.Recorder,
		kc.CAdvisorInterface,
		kc.ImageGCPolicy,
		kc.DiskSpacePolicy,
		kc.Cloud,
		kc.NodeStatusUpdateFrequency,
		kc.ResourceContainer,
		kc.OSInterface,
		kc.CgroupRoot,
		kc.ContainerRuntime,
		kc.RktPath,
		kc.RktStage1Image,
		kc.Mounter,
		kc.Writer,
		kc.DockerDaemonContainer,
		kc.SystemContainer,
		kc.ConfigureCBR0,
		kc.PodCIDR,
		kc.MaxPods,
		kc.DockerExecHandler,
		kc.ResolverConfig,
		kc.CPUCFSQuota,
		daemonEndpoints,
		kc.SerializeImagePulls,
	)

	if err != nil {
		return nil, nil, err
	}

	k.BirthCry()

	k.StartGarbageCollection() 				// 开启垃圾回收

	return k, pc, nil
}

在Pod相关操作中就如下。

func makePodSourceConfig(kc *KubeletConfig) *config.PodConfig {
	// source of all configuration
	cfg := config.NewPodConfig(config.PodConfigNotificationIncremental, kc.Recorder)

	// define file config source
	if kc.ConfigFile != "" {
		glog.Infof("Adding manifest file: %v", kc.ConfigFile)
		config.NewSourceFile(kc.ConfigFile, kc.NodeName, kc.FileCheckFrequency, cfg.Channel(kubelet.FileSource))
	}

	// define url config source
	if kc.ManifestURL != "" {
		glog.Infof("Adding manifest url %q with HTTP header %v", kc.ManifestURL, kc.ManifestURLHeader)
		config.NewSourceURL(kc.ManifestURL, kc.ManifestURLHeader, kc.NodeName, kc.HTTPCheckFrequency, cfg.Channel(kubelet.HTTPSource))
	}
	if kc.KubeClient != nil {
		glog.Infof("Watching apiserver")
		config.NewSourceApiserver(kc.KubeClient, kc.NodeName, cfg.Channel(kubelet.ApiserverSource))  	// 连接APIServer的客户端并监听
	}
	return cfg
}

通过client来监听APIServer对应的Pod的信息的变更。

// NewSourceApiserver creates a config source that watches and pulls from the apiserver.
func NewSourceApiserver(c *client.Client, nodeName string, updates chan<- interface{}) {
	lw := cache.NewListWatchFromClient(c, "pods", api.NamespaceAll, fields.OneTermEqualSelector(client.PodHost, nodeName))
	newSourceApiserverFromLW(lw, updates)   // 监听远端Pod变化
}

// newSourceApiserverFromLW holds creates a config source that watches and pulls from the apiserver.
func newSourceApiserverFromLW(lw cache.ListerWatcher, updates chan<- interface{}) {
	send := func(objs []interface{}) {
		var pods []*api.Pod
		for _, o := range objs {
			pods = append(pods, o.(*api.Pod))
		}
		updates <- kubelet.PodUpdate{Pods: pods, Op: kubelet.SET, Source: kubelet.ApiserverSource} 		// 将更新发送到updates中
	}
	cache.NewReflector(lw, &api.Pod{}, cache.NewUndeltaStore(send, cache.MetaNamespaceKeyFunc), 0).Run() 
}

至此监听Pod的流程完成了,通过updates来进行数据传输。接下来就是查看MainKubelet来生成新的实例。

// New creates a new Kubelet for use in main
func NewMainKubelet(
	hostname string,
	nodeName string,
	dockerClient dockertools.DockerInterface,
	kubeClient client.Interface,
	rootDirectory string,
	podInfraContainerImage string,
	resyncInterval time.Duration,
	pullQPS float32,
	pullBurst int,
	eventQPS float32,
	eventBurst int,
	containerGCPolicy ContainerGCPolicy,
	sourcesReady SourcesReadyFn,
	registerNode bool,
	standaloneMode bool,
	clusterDomain string,
	clusterDNS net.IP,
	masterServiceNamespace string,
	volumePlugins []volume.VolumePlugin,
	networkPlugins []network.NetworkPlugin,
	networkPluginName string,
	streamingConnectionIdleTimeout time.Duration,
	recorder record.EventRecorder,
	cadvisorInterface cadvisor.Interface,
	imageGCPolicy ImageGCPolicy,
	diskSpacePolicy DiskSpacePolicy,
	cloud cloudprovider.Interface,
	nodeStatusUpdateFrequency time.Duration,
	resourceContainer string,
	osInterface kubecontainer.OSInterface,
	cgroupRoot string,
	containerRuntime string,
	rktPath string,
	rktStage1Image string,
	mounter mount.Interface,
	writer kubeio.Writer,
	dockerDaemonContainer string,
	systemContainer string,
	configureCBR0 bool,
	podCIDR string,
	pods int,
	dockerExecHandler dockertools.ExecHandler,
	resolverConfig string,
	cpuCFSQuota bool,
	daemonEndpoints *api.NodeDaemonEndpoints,
	serializeImagePulls bool,
) (*Kubelet, error) {
	if rootDirectory == "" {
		return nil, fmt.Errorf("invalid root directory %q", rootDirectory)
	}
	if resyncInterval <= 0 {
		return nil, fmt.Errorf("invalid sync frequency %d", resyncInterval)
	}
	if systemContainer != "" && cgroupRoot == "" {
		return nil, fmt.Errorf("invalid configuration: system container was specified and cgroup root was not specified")
	}
	dockerClient = dockertools.NewInstrumentedDockerInterface(dockerClient)  // 获取操作接口

	serviceStore := cache.NewStore(cache.MetaNamespaceKeyFunc)
	if kubeClient != nil {
		// TODO: cache.NewListWatchFromClient is limited as it takes a client implementation rather
		// than an interface. There is no way to construct a list+watcher using resource name.
		listWatch := &cache.ListWatch{
			ListFunc: func() (runtime.Object, error) {
				return kubeClient.Services(api.NamespaceAll).List(labels.Everything())
			},
			WatchFunc: func(resourceVersion string) (watch.Interface, error) {
				return kubeClient.Services(api.NamespaceAll).Watch(labels.Everything(), fields.Everything(), resourceVersion)
			},
		}
		cache.NewReflector(listWatch, &api.Service{}, serviceStore, 0).Run() // 新生成一个监控services的信息变化
	}
	serviceLister := &cache.StoreToServiceLister{Store: serviceStore}  // 监控service的变化

	nodeStore := cache.NewStore(cache.MetaNamespaceKeyFunc)
	if kubeClient != nil {
		// TODO: cache.NewListWatchFromClient is limited as it takes a client implementation rather
		// than an interface. There is no way to construct a list+watcher using resource name.
		fieldSelector := fields.Set{client.ObjectNameField: nodeName}.AsSelector()
		listWatch := &cache.ListWatch{
			ListFunc: func() (runtime.Object, error) {
				return kubeClient.Nodes().List(labels.Everything(), fieldSelector) // 查看所有的节点的信息
			},
			WatchFunc: func(resourceVersion string) (watch.Interface, error) {
				return kubeClient.Nodes().Watch(labels.Everything(), fieldSelector, resourceVersion)
			},
		}
		cache.NewReflector(listWatch, &api.Node{}, nodeStore, 0).Run()
	}
	nodeLister := &cache.StoreToNodeLister{Store: nodeStore}  // 监听node的变化情况

	// TODO: get the real node object of ourself,
	// and use the real node name and UID.
	// TODO: what is namespace for node?
	nodeRef := &api.ObjectReference{
		Kind:      "Node",
		Name:      nodeName,
		UID:       types.UID(nodeName),
		Namespace: "",
	}

	containerGC, err := newContainerGC(dockerClient, containerGCPolicy)  // 生成GC容器
	if err != nil {
		return nil, err
	}
	imageManager, err := newImageManager(dockerClient, cadvisorInterface, recorder, nodeRef, imageGCPolicy) 			// 生成镜像管理
	if err != nil { 
		return nil, fmt.Errorf("failed to initialize image manager: %v", err)
	}
	diskSpaceManager, err := newDiskSpaceManager(cadvisorInterface, diskSpacePolicy) // 生成磁盘管理
	if err != nil {
		return nil, fmt.Errorf("failed to initialize disk manager: %v", err)
	}
	statusManager := status.NewManager(kubeClient)  		// 获取状态管理
	readinessManager := kubecontainer.NewReadinessManager()  	
	containerRefManager := kubecontainer.NewRefManager() 

	volumeManager := newVolumeManager() 								// 生成容器卷管理
 
	oomWatcher := NewOOMWatcher(cadvisorInterface, recorder)

	klet := &Kubelet{
		hostname:                       hostname,
		nodeName:                       nodeName,
		dockerClient:                   dockerClient,
		kubeClient:                     kubeClient,
		rootDirectory:                  rootDirectory,
		resyncInterval:                 resyncInterval,
		containerRefManager:            containerRefManager,
		readinessManager:               readinessManager,
		httpClient:                     &http.Client{},
		sourcesReady:                   sourcesReady,
		registerNode:                   registerNode,
		standaloneMode:                 standaloneMode,
		clusterDomain:                  clusterDomain,
		clusterDNS:                     clusterDNS,
		serviceLister:                  serviceLister,
		nodeLister:                     nodeLister,
		runtimeMutex:                   sync.Mutex{},
		runtimeUpThreshold:             maxWaitForContainerRuntime,
		lastTimestampRuntimeUp:         time.Time{},
		masterServiceNamespace:         masterServiceNamespace,
		streamingConnectionIdleTimeout: streamingConnectionIdleTimeout,
		recorder:                       recorder,
		cadvisor:                       cadvisorInterface,
		containerGC:                    containerGC,
		imageManager:                   imageManager,
		diskSpaceManager:               diskSpaceManager,
		statusManager:                  statusManager,
		volumeManager:                  volumeManager,
		cloud:                          cloud,
		nodeRef:                        nodeRef,
		nodeStatusUpdateFrequency:      nodeStatusUpdateFrequency,
		resourceContainer:              resourceContainer,
		os:                             osInterface,
		oomWatcher:                     oomWatcher,
		cgroupRoot:                     cgroupRoot,
		mounter:                        mounter,
		writer:                         writer,
		configureCBR0:                  configureCBR0,
		podCIDR:                        podCIDR,
		pods:                           pods,
		syncLoopMonitor:                util.AtomicValue{},
		resolverConfig:                 resolverConfig,
		cpuCFSQuota:                    cpuCFSQuota,
		daemonEndpoints:                daemonEndpoints,
	}

	if plug, err := network.InitNetworkPlugin(networkPlugins, networkPluginName, &networkHost{klet}); err != nil { 			// 初始化网络插件类
		return nil, err
	} else {
		klet.networkPlugin = plug
	}

	machineInfo, err := klet.GetCachedMachineInfo()
	if err != nil {
		return nil, err
	}

	oomAdjuster := oom.NewOomAdjuster()
	procFs := procfs.NewProcFs()

	// Initialize the runtime.
	switch containerRuntime { 					// 检查使用哪一种运行接口
	case "docker":
		// Only supported one for now, continue.
		klet.containerRuntime = dockertools.NewDockerManager(
			dockerClient,
			recorder,
			readinessManager,
			containerRefManager,
			machineInfo,
			podInfraContainerImage,
			pullQPS,
			pullBurst,
			containerLogsDir,
			osInterface,
			klet.networkPlugin,
			klet,
			klet.httpClient,
			dockerExecHandler,
			oomAdjuster,
			procFs,
			klet.cpuCFSQuota,
			serializeImagePulls,
		)

	case "rkt":
		conf := &rkt.Config{
			Path:               rktPath,
			Stage1Image:        rktStage1Image,
			InsecureSkipVerify: true,
		}
		rktRuntime, err := rkt.New(
			conf,
			klet,
			recorder,
			containerRefManager,
			readinessManager,
			klet.volumeManager,
			serializeImagePulls,
		)
		if err != nil {
			return nil, err
		}
		klet.containerRuntime = rktRuntime

		// No Docker daemon to put in a container.
		dockerDaemonContainer = ""
	default:
		return nil, fmt.Errorf("unsupported container runtime %q specified", containerRuntime)
	}

	// Setup container manager, can fail if the devices hierarchy is not mounted
	// (it is required by Docker however).
	containerManager, err := newContainerManager(mounter, cadvisorInterface, dockerDaemonContainer, systemContainer, resourceContainer)  // 生成镜像管理
	if err != nil {
		return nil, fmt.Errorf("failed to create the Container Manager: %v", err)
	}
	klet.containerManager = containerManager

	go util.Until(klet.syncNetworkStatus, 30*time.Second, util.NeverStop) // 同步网络状态
	if klet.kubeClient != nil {
		// Start syncing node status immediately, this may set up things the runtime needs to run.
		go util.Until(klet.syncNodeStatus, klet.nodeStatusUpdateFrequency, util.NeverStop) // 同步Pod状态
	}

	// Wait for the runtime to be up with a timeout.
	if err := waitUntilRuntimeIsUp(klet.containerRuntime, maxWaitForContainerRuntime); err != nil {
		return nil, fmt.Errorf("timed out waiting for %q to come up: %v", containerRuntime, err)
	}
	klet.lastTimestampRuntimeUp = time.Now()

	klet.runner = klet.containerRuntime
	klet.podManager = newBasicPodManager(klet.kubeClient)  // 获取基础的podManager

	runtimeCache, err := kubecontainer.NewRuntimeCache(klet.containerRuntime)
	if err != nil {
		return nil, err
	}
	klet.runtimeCache = runtimeCache
	klet.podWorkers = newPodWorkers(runtimeCache, klet.syncPod, recorder)  // 新生成一个podWrokers

	metrics.Register(runtimeCache)

	if err = klet.setupDataDirs(); err != nil {
		return nil, err
	}
	if err = klet.volumePluginMgr.InitPlugins(volumePlugins, &volumeHost{klet}); err != nil { 			// 初始化容器卷插件
		return nil, err
	}

	// If the container logs directory does not exist, create it.
	if _, err := os.Stat(containerLogsDir); err != nil {
		if err := osInterface.Mkdir(containerLogsDir, 0755); err != nil {
			glog.Errorf("Failed to create directory %q: %v", containerLogsDir, err)
		}
	}

	klet.backOff = util.NewBackOff(resyncInterval, maxContainerBackOff)
	klet.podKillingCh = make(chan *kubecontainer.Pod, podKillingChannelCapacity)

	return klet, nil
}

通过初始化kubelet实例,然后再调用该实例的Run方法来监听获取的Pod的变化信息。

// Run starts the kubelet reacting to config updates
func (kl *Kubelet) Run(updates <-chan PodUpdate) {
	if kl.logServer == nil {
		kl.logServer = http.StripPrefix("/logs/", http.FileServer(http.Dir("/var/log/")))
	}
	if kl.kubeClient == nil {
		glog.Warning("No api server defined - no node status update will be sent.")
	}

	// Move Kubelet to a container.
	if kl.resourceContainer != "" {
		// Fixme: I need to reside inside ContainerManager interface.
		err := util.RunInResourceContainer(kl.resourceContainer)
		if err != nil {
			glog.Warningf("Failed to move Kubelet to container %q: %v", kl.resourceContainer, err)
		}
		glog.Infof("Running in container %q", kl.resourceContainer)
	}

	if err := kl.imageManager.Start(); err != nil {  	// 开始imageManager
		kl.recorder.Eventf(kl.nodeRef, "KubeletSetupFailed", "Failed to start ImageManager %v", err)
		glog.Errorf("Failed to start ImageManager, images may not be garbage collected: %v", err)
	}

	if err := kl.cadvisor.Start(); err != nil { 			// 开启监控
		kl.recorder.Eventf(kl.nodeRef, "KubeletSetupFailed", "Failed to start CAdvisor %v", err)
		glog.Errorf("Failed to start CAdvisor, system may not be properly monitored: %v", err)
	}

	if err := kl.containerManager.Start(); err != nil { 		// 开启容器管理
		kl.recorder.Eventf(kl.nodeRef, "KubeletSetupFailed", "Failed to start ContainerManager %v", err)
		glog.Errorf("Failed to start ContainerManager, system may not be properly isolated: %v", err)
	}

	if err := kl.oomWatcher.Start(kl.nodeRef); err != nil {
		kl.recorder.Eventf(kl.nodeRef, "KubeletSetupFailed", "Failed to start OOM watcher %v", err)
		glog.Errorf("Failed to start OOM watching: %v", err)
	}

	go util.Until(kl.updateRuntimeUp, 5*time.Second, util.NeverStop)

	// Start a goroutine responsible for killing pods (that are not properly
	// handled by pod workers).
	go util.Until(kl.podKiller, 1*time.Second, util.NeverStop)  // 循环开启检查是否需要杀掉pod

	// Run the system oom watcher forever.
	kl.statusManager.Start()
	kl.syncLoop(updates, kl) 		// 同步所有的更新
}

继续查看syncLoop处理流程。

// syncLoop is the main loop for processing changes. It watches for changes from
// three channels (file, apiserver, and http) and creates a union of them. For
// any new change seen, will run a sync against desired state and running state. If
// no changes are seen to the configuration, will synchronize the last known desired
// state every sync-frequency seconds. Never returns.
func (kl *Kubelet) syncLoop(updates <-chan PodUpdate, handler SyncHandler) {
	glog.Info("Starting kubelet main sync loop.")
	kl.resyncTicker = time.NewTicker(kl.resyncInterval)
	var housekeepingTimestamp time.Time
	for {
		if !kl.containerRuntimeUp() {   // 检查是否启动
			time.Sleep(5 * time.Second)
			glog.Infof("Skipping pod synchronization, container runtime is not up.")
			continue
		}
		if !kl.doneNetworkConfigure() { 		// 检查网络配置
			time.Sleep(5 * time.Second)
			glog.Infof("Skipping pod synchronization, network is not configured")
			continue
		}

		// Make sure we sync first to receive the pods from the sources before
		// performing housekeeping.
		if !kl.syncLoopIteration(updates, handler) {  	// 同步数据
			break
		}
		// We don't want to perform housekeeping too often, so we set a minimum
		// period for it. Housekeeping would be performed at least once every
		// kl.resyncInterval, and *no* more than once every
		// housekeepingMinimumPeriod.
		// TODO (#13418): Investigate whether we can/should spawn a dedicated
		// goroutine for housekeeping
		if !kl.sourcesReady() {
			// If the sources aren't ready, skip housekeeping, as we may
			// accidentally delete pods from unready sources.
			glog.V(4).Infof("Skipping cleanup, sources aren't ready yet.")
		} else if housekeepingTimestamp.IsZero() {
			housekeepingTimestamp = time.Now()
		} else if time.Since(housekeepingTimestamp) > housekeepingMinimumPeriod {
			glog.V(4).Infof("SyncLoop (housekeeping)")
			if err := handler.HandlePodCleanups(); err != nil {
				glog.Errorf("Failed cleaning pods: %v", err)
			}
			housekeepingTimestamp = time.Now()
		}
	}
}

func (kl *Kubelet) syncLoopIteration(updates <-chan PodUpdate, handler SyncHandler) bool {
	kl.syncLoopMonitor.Store(time.Now())
	select {
	case u, open := <-updates: 		// 获取更新信息
		if !open {
			glog.Errorf("Update channel is closed. Exiting the sync loop.")
			return false
		}
		switch u.Op {
		case ADD:
			glog.V(2).Infof("SyncLoop (ADD): %q", kubeletUtil.FormatPodNames(u.Pods))
			handler.HandlePodAdditions(u.Pods)  	// 添加Pod
		case UPDATE:
			glog.V(2).Infof("SyncLoop (UPDATE): %q", kubeletUtil.FormatPodNames(u.Pods))
			handler.HandlePodUpdates(u.Pods) 			// 更新Pod
		case REMOVE:
			glog.V(2).Infof("SyncLoop (REMOVE): %q", kubeletUtil.FormatPodNames(u.Pods))
			handler.HandlePodDeletions(u.Pods) 		// 删除Pod
		case SET:
			// TODO: Do we want to support this?
			glog.Errorf("Kubelet does not support snapshot update")
		}
	case <-kl.resyncTicker.C:
		// Periodically syncs all the pods and performs cleanup tasks.
		glog.V(4).Infof("SyncLoop (periodic sync)")
		handler.HandlePodSyncs(kl.podManager.GetPods())
	}
	kl.syncLoopMonitor.Store(time.Now())
	return true
}

调用的handler的实例最终调用的还是Kubelet实例的方法。

func (kl *Kubelet) HandlePodAdditions(pods []*api.Pod) {
	start := time.Now()
	sort.Sort(podsByCreationTime(pods))
	for _, pod := range pods {
		kl.podManager.AddPod(pod)  		// 通过podManger添加pod
		if isMirrorPod(pod) { 
			kl.handleMirrorPod(pod, start)
			continue
		}
		// Note that allPods includes the new pod since we added at the
		// beginning of the loop.
		allPods := kl.podManager.GetPods()
		// We failed pods that we rejected, so activePods include all admitted
		// pods that are alive and the new pod.
		activePods := kl.filterOutTerminatedPods(allPods) 		// 获取所有的pods
		// Check if we can admit the pod; if not, reject it.
		if ok, reason, message := kl.canAdmitPod(activePods, pod); !ok { // 检查是否正常 否则就拒绝
			kl.rejectPod(pod, reason, message)
			continue
		}
		mirrorPod, _ := kl.podManager.GetMirrorPodByPod(pod)
		kl.dispatchWork(pod, SyncPodCreate, mirrorPod, start) 
	}
}

func (kl *Kubelet) HandlePodUpdates(pods []*api.Pod) {
	start := time.Now()
	for _, pod := range pods {
		kl.podManager.UpdatePod(pod) 				// 通过podManager更新pod
		if isMirrorPod(pod) {
			kl.handleMirrorPod(pod, start)
			continue
		}
		// TODO: Evaluate if we need to validate and reject updates.

		mirrorPod, _ := kl.podManager.GetMirrorPodByPod(pod)
		kl.dispatchWork(pod, SyncPodUpdate, mirrorPod, start)
	}
}

func (kl *Kubelet) HandlePodDeletions(pods []*api.Pod) {
	start := time.Now()
	for _, pod := range pods {
		kl.podManager.DeletePod(pod) 			// 通过podManger删除pod
		if isMirrorPod(pod) {
			kl.handleMirrorPod(pod, start)
			continue
		}
		// Deletion is allowed to fail because the periodic cleanup routine
		// will trigger deletion again.
		if err := kl.deletePod(pod.UID); err != nil {   // 删除pod
			glog.V(2).Infof("Failed to delete pod %q, err: %v", kubeletUtil.FormatPodName(pod), err)
		}
	}
}

通过更新或者添加的pod都会通过podWorker来进行更新。

func (kl *Kubelet) dispatchWork(pod *api.Pod, syncType SyncPodType, mirrorPod *api.Pod, start time.Time) {
	if kl.podIsTerminated(pod) {   // 如果pod已经停止则返回
		return
	}
	// Run the sync in an async worker.
	kl.podWorkers.UpdatePod(pod, mirrorPod, func() {
		metrics.PodWorkerLatency.WithLabelValues(syncType.String()).Observe(metrics.SinceInMicroseconds(start))
	})   // 更新pod或者新增
	// Note the number of containers for new pods.
	if syncType == SyncPodCreate {
		metrics.ContainersPerPodCount.Observe(float64(len(pod.Spec.Containers)))
	}
}

此时就会调用如下UpdatePod函数进行处理。

func (p *podWorkers) managePodLoop(podUpdates <-chan workUpdate) {
	var minRuntimeCacheTime time.Time
	for newWork := range podUpdates {  // 获取更新的信息
		func() {
			defer p.checkForUpdates(newWork.pod.UID, newWork.updateCompleteFn)
			// We would like to have the state of the containers from at least
			// the moment when we finished the previous processing of that pod.
			if err := p.runtimeCache.ForceUpdateIfOlder(minRuntimeCacheTime); err != nil {
				glog.Errorf("Error updating the container runtime cache: %v", err)
				return
			}
			pods, err := p.runtimeCache.GetPods() // 获取pods
			if err != nil {
				glog.Errorf("Error getting pods while syncing pod: %v", err)
				return
			}

			err = p.syncPodFn(newWork.pod, newWork.mirrorPod,
				kubecontainer.Pods(pods).FindPodByID(newWork.pod.UID), newWork.updateType)  // 同步调用pod
			if err != nil {
				glog.Errorf("Error syncing pod %s, skipping: %v", newWork.pod.UID, err)
				p.recorder.Eventf(newWork.pod, "FailedSync", "Error syncing pod, skipping: %v", err)
				return
			}
			minRuntimeCacheTime = time.Now()

			newWork.updateCompleteFn()  // 更新网络
		}()
	}
}

// Apply the new setting to the specified pod. updateComplete is called when the update is completed.
func (p *podWorkers) UpdatePod(pod *api.Pod, mirrorPod *api.Pod, updateComplete func()) {
	uid := pod.UID
	var podUpdates chan workUpdate
	var exists bool

	// TODO: Pipe this through from the kubelet. Currently kubelets operating with
	// snapshot updates (PodConfigNotificationSnapshot) will send updates, creates
	// and deletes as SET operations, which makes updates indistinguishable from
	// creates. The intent here is to communicate to the pod worker that it can take
	// certain liberties, like skipping status generation, when it receives a create
	// event for a pod.
	updateType := SyncPodUpdate

	p.podLock.Lock()
	defer p.podLock.Unlock()
	if podUpdates, exists = p.podUpdates[uid]; !exists {
		// We need to have a buffer here, because checkForUpdates() method that
		// puts an update into channel is called from the same goroutine where
		// the channel is consumed. However, it is guaranteed that in such case
		// the channel is empty, so buffer of size 1 is enough.
		podUpdates = make(chan workUpdate, 1)
		p.podUpdates[uid] = podUpdates

		// Creating a new pod worker either means this is a new pod, or that the
		// kubelet just restarted. In either case the kubelet is willing to believe
		// the status of the pod for the first pod worker sync. See corresponding
		// comment in syncPod.
		updateType = SyncPodCreate   // 如果是新创建
		go func() {
			defer util.HandleCrash()
			p.managePodLoop(podUpdates)  // 调用创建流程
		}()
	}
	if !p.isWorking[pod.UID] {
		p.isWorking[pod.UID] = true  // 设置标志位等信息
		podUpdates <- workUpdate{
			pod:              pod,
			mirrorPod:        mirrorPod,
			updateCompleteFn: updateComplete,
			updateType:       updateType,
		}  // 
	} else {
		p.lastUndeliveredWorkUpdate[pod.UID] = workUpdate{
			pod:              pod,
			mirrorPod:        mirrorPod,
			updateCompleteFn: updateComplete,
			updateType:       updateType,
		}
	}
}

如果新增调用的syncPodFn函数,就是初始化传入的kubelet的syncPod函数。

func (kl *Kubelet) syncPod(pod *api.Pod, mirrorPod *api.Pod, runningPod kubecontainer.Pod, updateType SyncPodType) error {
	podFullName := kubecontainer.GetPodFullName(pod)  // 获取完整信息
	uid := pod.UID
	start := time.Now()
	var firstSeenTime time.Time
	if firstSeenTimeStr, ok := pod.Annotations[ConfigFirstSeenAnnotationKey]; !ok {
		glog.V(3).Infof("First seen time not recorded for pod %q", pod.UID)
	} else {
		firstSeenTime = kubeletTypes.ConvertToTimestamp(firstSeenTimeStr).Get()
	}

	// Before returning, regenerate status and store it in the cache.
	defer func() {
		if isStaticPod(pod) && mirrorPod == nil {   // 判断是否是静态的pod
			// No need to cache the status because the mirror pod does not
			// exist yet.
			return
		}
		status, err := kl.generatePodStatus(pod)  // 获取pod状态
		if err != nil {
			glog.Errorf("Unable to generate status for pod with name %q and uid %q info with error(%v)", podFullName, uid, err)
		} else {
			podToUpdate := pod
			if mirrorPod != nil {
				podToUpdate = mirrorPod
			}
			existingStatus, ok := kl.statusManager.GetPodStatus(podToUpdate.UID)  // 获取状态
			if !ok || existingStatus.Phase == api.PodPending && status.Phase == api.PodRunning &&
				!firstSeenTime.IsZero() {
				metrics.PodStartLatency.Observe(metrics.SinceInMicroseconds(firstSeenTime))
			}
			kl.statusManager.SetPodStatus(podToUpdate, status)  // 设置pod状态
		}
	}()

	// Kill pods we can't run.
	if err := canRunPod(pod); err != nil || pod.DeletionTimestamp != nil {  // 如果pod不能运行则杀掉
		if err := kl.killPod(pod, runningPod); err != nil {
			util.HandleError(err)
		}
		return err
	}

	// Create Mirror Pod for Static Pod if it doesn't already exist
	if isStaticPod(pod) {
		if mirrorPod != nil && !kl.podManager.IsMirrorPodOf(mirrorPod, pod) {
			// The mirror pod is semantically different from the static pod. Remove
			// it. The mirror pod will get recreated later.
			glog.Errorf("Deleting mirror pod %q because it is outdated", podFullName)
			if err := kl.podManager.DeleteMirrorPod(podFullName); err != nil {
				glog.Errorf("Failed deleting mirror pod %q: %v", podFullName, err)
			}
		}
		if mirrorPod == nil {
			glog.V(3).Infof("Creating a mirror pod for static pod %q", podFullName)
			if err := kl.podManager.CreateMirrorPod(pod); err != nil {
				glog.Errorf("Failed creating a mirror pod %q: %v", podFullName, err)
			}

			_, ok := kl.podManager.GetMirrorPodByPod(pod)
			if !ok {
				glog.Errorf("Mirror pod not available")
			}
		}
	}

	if err := kl.makePodDataDirs(pod); err != nil { // 设置pod的运行路径
		glog.Errorf("Unable to make pod data directories for pod %q (uid %q): %v", podFullName, uid, err)
		return err
	}

	// Starting phase:
	ref, err := api.GetReference(pod)
	if err != nil {
		glog.Errorf("Couldn't make a ref to pod %q: '%v'", podFullName, err)
	}

	// Mount volumes.
	podVolumes, err := kl.mountExternalVolumes(pod)  //挂载数据卷
	if err != nil {
		if ref != nil {
			kl.recorder.Eventf(ref, "FailedMount", "Unable to mount volumes for pod %q: %v", podFullName, err)
		}
		glog.Errorf("Unable to mount volumes for pod %q: %v; skipping pod", podFullName, err)
		return err
	}
	kl.volumeManager.SetVolumes(pod.UID, podVolumes)  //设置卷

	// The kubelet is the source of truth for pod status. It ignores the status sent from
	// the apiserver and regenerates status for every pod update, incrementally updating
	// the status it received at pod creation time.
	//
	// The container runtime needs 2 pieces of information from the status to sync a pod:
	// The terminated state of containers (to restart them) and the podIp (for liveness probes).
	// New pods don't have either, so we skip the expensive status generation step.
	//
	// If we end up here with a create event for an already running pod, it could result in a
	// restart of its containers. This cannot happen unless the kubelet restarts, because the
	// delete before the second create would cancel this pod worker.
	//
	// If the kubelet restarts, we have a bunch of running containers for which we get create
	// events. This is ok, because the pod status for these will include the podIp and terminated
	// status. Any race conditions here effectively boils down to -- the pod worker didn't sync
	// state of a newly started container with the apiserver before the kubelet restarted, so
	// it's OK to pretend like the kubelet started them after it restarted.
	//
	// Also note that deletes currently have an updateType of `create` set in UpdatePods.
	// This, again, does not matter because deletes are not processed by this method.

	var podStatus api.PodStatus
	if updateType == SyncPodCreate {
		// This is the first time we are syncing the pod. Record the latency
		// since kubelet first saw the pod if firstSeenTime is set.
		if !firstSeenTime.IsZero() {
			metrics.PodWorkerStartLatency.Observe(metrics.SinceInMicroseconds(firstSeenTime))
		}

		podStatus = pod.Status
		podStatus.StartTime = &unversioned.Time{Time: start}
		kl.statusManager.SetPodStatus(pod, podStatus)  // 如果更新则设置状态
		glog.V(3).Infof("Not generating pod status for new pod %q", podFullName)
	} else {
		var err error
		podStatus, err = kl.generatePodStatus(pod)  // 获取当前状态
		if err != nil {
			glog.Errorf("Unable to get status for pod %q (uid %q): %v", podFullName, uid, err)
			return err
		}
	}

	pullSecrets, err := kl.getPullSecretsForPod(pod)
	if err != nil {
		glog.Errorf("Unable to get pull secrets for pod %q (uid %q): %v", podFullName, uid, err)
		return err
	}

	err = kl.containerRuntime.SyncPod(pod, runningPod, podStatus, pullSecrets, kl.backOff) //同步pod的状态信息
	if err != nil {
		return err
	}

	ingress, egress, err := extractBandwidthResources(pod) // 获取绑定的网络信息
	if err != nil {
		return err
	}
	if egress != nil || ingress != nil {
		if pod.Spec.HostNetwork {
			kl.recorder.Event(pod, "HostNetworkNotSupported", "Bandwidth shaping is not currently supported on the host network")
		} else if kl.shaper != nil {
			status, found := kl.statusManager.GetPodStatus(pod.UID)
			if !found {
				statusPtr, err := kl.containerRuntime.GetPodStatus(pod)
				if err != nil {
					glog.Errorf("Error getting pod for bandwidth shaping")
					return err
				}
				status = *statusPtr
			}
			if len(status.PodIP) > 0 {
				err = kl.shaper.ReconcileCIDR(fmt.Sprintf("%s/32", status.PodIP), egress, ingress)
			}
		} else {
			kl.recorder.Event(pod, "NilShaper", "Pod requests bandwidth shaping, but the shaper is undefined")
		}
	}

	return nil
}

此处就是检查启动之前所有的状态并在检查之后启动,如果此时使用的是docker的接口,则会调用如下正真去启动容器。

// Sync the running pod to match the specified desired pod.
func (dm *DockerManager) SyncPod(pod *api.Pod, runningPod kubecontainer.Pod, podStatus api.PodStatus, pullSecrets []api.Secret, backOff *util.Backoff) error {
	start := time.Now()
	defer func() {
		metrics.ContainerManagerLatency.WithLabelValues("SyncPod").Observe(metrics.SinceInMicroseconds(start))
	}()

	podFullName := kubecontainer.GetPodFullName(pod)
	containerChanges, err := dm.computePodContainerChanges(pod, runningPod, podStatus) // 更改pod状态
	if err != nil {
		return err
	}
	glog.V(3).Infof("Got container changes for pod %q: %+v", podFullName, containerChanges)

	if containerChanges.StartInfraContainer || (len(containerChanges.ContainersToKeep) == 0 && len(containerChanges.ContainersToStart) == 0) {
		if len(containerChanges.ContainersToKeep) == 0 && len(containerChanges.ContainersToStart) == 0 {
			glog.V(4).Infof("Killing Infra Container for %q because all other containers are dead.", podFullName)
		} else {
			glog.V(4).Infof("Killing Infra Container for %q, will start new one", podFullName)
		}

		// Killing phase: if we want to start new infra container, or nothing is running kill everything (including infra container)
		err = dm.KillPod(pod, runningPod)  //如果正在运行则杀掉
		if err != nil {
			return err
		}
	} else {
		// Otherwise kill any containers in this pod which are not specified as ones to keep.
		for _, container := range runningPod.Containers { // 获取正在运行的要保留
			_, keep := containerChanges.ContainersToKeep[kubeletTypes.DockerID(container.ID)]
			if !keep {
				glog.V(3).Infof("Killing unwanted container %+v", container)
				// attempt to find the appropriate container policy
				var podContainer *api.Container
				for i, c := range pod.Spec.Containers {
					if c.Name == container.Name {
						podContainer = &pod.Spec.Containers[i]
						break
					}
				}
				err = dm.KillContainerInPod(container.ID, podContainer, pod) // 如果不保留的则杀掉
				if err != nil {
					glog.Errorf("Error killing container: %v", err)
				}
			}
		}
	}

	// If we should create infra container then we do it first.
	podInfraContainerID := containerChanges.InfraContainerId  // 获取运行的基础容器
	if containerChanges.StartInfraContainer && (len(containerChanges.ContainersToStart) > 0) {
		glog.V(4).Infof("Creating pod infra container for %q", podFullName)
		podInfraContainerID, err = dm.createPodInfraContainer(pod) // 创建Pod

		// Call the networking plugin
		if err == nil {
			err = dm.networkPlugin.SetUpPod(pod.Namespace, pod.Name, podInfraContainerID)  // 设置网络
		}
		if err != nil {
			glog.Errorf("Failed to create pod infra container: %v; Skipping pod %q", err, podFullName)
			return err
		}

		// Setup the host interface (FIXME: move to networkPlugin when ready)
		podInfraContainer, err := dm.client.InspectContainer(string(podInfraContainerID)) // 进入容器
		if err != nil {
			glog.Errorf("Failed to inspect pod infra container: %v; Skipping pod %q", err, podFullName)
			return err
		}
		if err = hairpin.SetUpContainer(podInfraContainer.State.Pid, "eth0"); err != nil {
			glog.Warningf("Hairpin setup failed for pod %q: %v", podFullName, err) // 设置网络
		}

		// Find the pod IP after starting the infra container in order to expose
		// it safely via the downward API without a race and be able to use podIP in kubelet-managed /etc/hosts file.
		pod.Status.PodIP = dm.determineContainerIP(pod.Name, pod.Namespace, podInfraContainer)  // 获取网络IP
	}

	// Start everything
	for idx := range containerChanges.ContainersToStart {
		container := &pod.Spec.Containers[idx]

		// containerChanges.StartInfraContainer causes the containers to be restarted for config reasons
		// ignore backoff
		if !containerChanges.StartInfraContainer && dm.doBackOff(pod, container, podStatus, backOff) {
			glog.V(4).Infof("Backing Off restarting container %+v in pod %v", container, podFullName)
			continue
		}
		glog.V(4).Infof("Creating container %+v in pod %v", container, podFullName)
		err := dm.imagePuller.PullImage(pod, container, pullSecrets) // 拉取镜像
		dm.updateReasonCache(pod, container, "PullImageError", err) // 更新
		if err != nil {
			glog.Warningf("Failed to pull image %q from pod %q and container %q: %v", container.Image, kubecontainer.GetPodFullName(pod), container.Name, err)
			continue
		}

		if container.SecurityContext != nil && container.SecurityContext.RunAsNonRoot {
			err := dm.verifyNonRoot(container)
			dm.updateReasonCache(pod, container, "VerifyNonRootError", err)
			if err != nil {
				glog.Errorf("Error running pod %q container %q: %v", kubecontainer.GetPodFullName(pod), container.Name, err)
				continue
			}
		}

		// TODO(dawnchen): Check RestartPolicy.DelaySeconds before restart a container
		// Note: when configuring the pod's containers anything that can be configured by pointing
		// to the namespace of the infra container should use namespaceMode.  This includes things like the net namespace
		// and IPC namespace.  PID mode cannot point to another container right now.
		// See createPodInfraContainer for infra container setup.
		namespaceMode := fmt.Sprintf("container:%v", podInfraContainerID)
		_, err = dm.runContainerInPod(pod, container, namespaceMode, namespaceMode, getPidMode(pod))  // 运行容器
		dm.updateReasonCache(pod, container, "RunContainerError", err)
		if err != nil {
			// TODO(bburns) : Perhaps blacklist a container after N failures?
			glog.Errorf("Error running pod %q container %q: %v", kubecontainer.GetPodFullName(pod), container.Name, err)
			continue
		}
		// Successfully started the container; clear the entry in the failure
		// reason cache.
		dm.clearReasonCache(pod, container)
	}

	return nil
}

至此,pod的相关的容器的创建工作基本完成。这其中经过了多重的初始化流程,最终通过监听从APIServer传入的信息,来通过podWorkers来进行pod的状态管理,从而完成每个node节点的pod维护工作。

总结

本文只是非常简单的描述了一下kubelet初始化相关的流程,并初步查看了有关pod的一些初始化准备的工作,从而加深kubelet的工作原理,本文其实还有大量的细节未展开学习,如pod的删除更新、容器的网络等详细的流程需要在以后的学习中进一步理解。由于本人才疏学浅,如有错误请批评指正。

你可能感兴趣的:(架构相关,kubernetes)

  • react-intl——react国际化使用方案 苹果酱0567 面试题汇总与解析java开发语言中间件springboot后端
    国际化介绍i18n:internationalization国家化简称,首字母+首尾字母间隔的字母个数+尾字母,类似的还有k8s(Kubernetes)React-intl是React中最受欢迎的库。使用步骤安装#usenpmnpminstallreact-intl-D#useyarn项目入口文件配置//index.tsximportReactfrom"react";importReactDOMf
  • Kubernetes数据持久化 看清所苡看轻 kubernetes(k8s)emptyDirHostPathpvpvckubernetes
    在k8s中,Volume(数据卷)存在明确的生命周期(与包含该数据卷的容器组(pod)相同)。因此Volume的生命周期比同一容器组(pod)中任意容器的生命周期要更长,不管容器重启了多少次,数据都被保留下来。当然,如果pod不存在了,数据卷自然退出了。此时,根据pod所使用的数据卷类型不同,数据可能随着数据卷的退出而删除,也可能被真正持久化,并在下次容器组重启时仍然可以使用。从根本上来说,一个数
  • Kubernetes部署MySQL数据持久化 沫殇-MS KubernetesMySQL数据库kubernetesmysql容器
    一、安装配置NFS服务端1、安装nfs-kernel-server:sudoapt-yinstallnfs-kernel-server2、服务端创建共享目录#列出所有可用块设备的信息lsblk#格式化磁盘sudomkfs-text4/dev/sdb#创建一个目录:sudomkdir-p/data/nfs/mysql#更改目录权限:sudochown-Rnobody:nogroup/data/nfs
  • Kubernetes的3种数据持久化方式 Seal^_^ 【云原生】容器化与编排技术持续集成#Kuberneteskubernetes容器云原生EmptyDir面试HostPath
    Kubernetes的3种数据持久化方式1.EmptyDir2.HostPath3.PersistentVolume(PV)TheBegin点点关注,收藏不迷路Kubernetes提供了几种数据持久化方式,以满足不同场景的需求:1.EmptyDir用途:临时数据存储,Pod内容器间共享。特点:生命周期与Pod相同,Pod删除时数据也删除。2.HostPath用途:访问宿主机特定文件或目录。特点:增
  • 【Kubernetes】常见面试题汇总(十一) summer.335 Kuberneteskubernetes容器云原生
    目录33.简述Kubernetes外部如何访问集群内的服务?34.简述Kubernetesingress?35.简述Kubernetes镜像的下载策略?33.简述Kubernetes外部如何访问集群内的服务?(1)对于Kubernetes,集群外的客户端默认情况,无法通过Pod的IP地址或者Service的虚拟IP地址:虚拟端口号进行访问。(2)通常可以通过以下方式进行访问Kubernetes集群
  • k8s中Service暴露的种类以及用法 听说唐僧不吃肉 K8Skubernetes容器云原生
    一、说明在Kubernetes中,有几种不同的方式可以将服务(Service)暴露给外部流量。这些方式通过定义服务的spec.type字段来确定。二、详解1.ClusterIP定义:默认类型,服务只能在集群内部访问。作用:通过集群内部IP地址暴露服务。示例:spec:type:ClusterIPports:-port:80targetPo
  • Kubernetes 自定义控制器开发 IT回忆录 Kubeneteskubernetes
    目录前言一、CRD二、创建数据库表(Mysql)二、控制器开发1.使用kubernetes的examplecontroller模板2.在controller.go中新增数据表监听方法3.修改tools工具生成资源对象结构体定义这里记录开发k8s控制器的一般方式,controller开发主要使用k8s提供的client-go库进行。前言Controller监听集群内部资源对象的变化,编辑资源对象(增
  • 用kubedam搭建的k8s证书过期处理方法 我滴鬼鬼呀wks k8s1024程序员节
    kubeadm部署的k8s证书过期1、查看证书过期时间kubeadmalphacertscheck-expiration若证书已经过期无法试用kubectl命令建议修改服务器时间到未过期的时间段2、配置kube-controller-manager.yaml文件cat/etc/kubernetes/manifests/kube-controller-manager.yamlapiVersion:v
  • k8s证书过期问题处理 olina_qin kubernetes容器云原生
    k8s证书过期问题处理opensslx509-in/etc/kubernetes/pki/apiserver.crt-noout-dateskubeadmcertsrenewallsystemctlrestartkubeleopensslx509-in/etc/kubernetes/pki/apiserver.crt-noout-text|grep"NotAfter"cp/etc/kubernet
  • Kubernetes Ingress 控制器(Nginx)安装与使用教程 农优影
    KubernetesIngress控制器(Nginx)安装与使用教程kubernetes-ingressNGINXandNGINXPlusIngressControllersforKubernetes项目地址:https://gitcode.com/gh_mirrors/ku/kubernetes-ingress1.项目目录结构及介绍在nginxinc/kubernetes-ingress仓库中,
  • 【K8s】专题十一:Kubernetes 集群证书过期处理方法 行者Sun1989 Kuberneteskubernetes云原生容器
    本文内容均来自个人笔记并重新梳理,如有错误欢迎指正!如果对您有帮助,烦请点赞、关注、转发、订阅专栏!专栏订阅入口Linux专栏|Docker专栏|Kubernetes专栏往期精彩文章【Docker】(全网首发)KylinV10下MySQL容器内存占用异常的解决方法【Docker】(全网首发)KylinV10下MySQL容器内存占用异常的解决方法(续)【Docker】MySQL源码构建Docker镜
  • Docker学习十一:Kubernetes概述 爱打羽球的程序猿 Docker学习系列dockerkubernetes学习
    一、Kubernetes简介2006年,Google提出了云计算的概念,当时的云计算领域还是以虚拟机为代表的云平台。2013年,Docker横空出世,Docker提出了镜像、仓库等核心概念,规范了服务的交付标准,使得复杂服务的落地变得更加简单,之后Docker又定义了OCI标准,Docker在容器领域称为事实的标准。但是,Docker诞生只是帮助定义了开发和交付标准,如果想要在生产环境中大批量的使
  • Cloud Native Weekly | 华为云抢先发布Redis5.0,红帽宣布收购混合云提供商 weixin_34302561 数据库devops大数据
    1——华为云抢先发布Redis5.02——DigitalOceanK8s服务正式上线3——红帽宣布收购混合云提供商NooBaa4——微软发布多项AzureKubernetes服务更新1华为云抢先发布Redis5.012月17日,华为云在DCS2.0的基础上,快人一步,抢先推出了新的Redis5.0产品,这是一个崭新的突破。目前国内在缓存领域的发展普遍停留在Redis4.0阶段,华为云率先发布了Re
  • (k8s)Kubernetes 从0到1容器编排之旅 道不贱卖,法不轻传 kubernetskubernetes容器云原生
    一、引言在当今数字化的浪潮中,Kubernetes如同一艘强大的航船,引领着容器化应用的部署与管理。它以其卓越的灵活性、可扩展性和可靠性,成为众多企业和开发者的首选。然而,要真正发挥Kubernetes的强大威力,仅仅掌握基本操作是远远不够的。本文将带你深入探索Kubernetes使用过程中的奇技妙法,为你开启一段优雅的容器编排之旅。二、高级资源管理之精妙艺术1.资源配额与限制:雕琢资源之美•Ku
  • 【K8S】kubernetes集群架构与组件 奇奇怪怪^ LinuxIT运维服务器linux
    文章目录【K8S】kubernetes集群架构与组件kubernetes组件**master组件**node组件整体流程POD终止过程【K8S】kubernetes集群架构与组件kubernetes组件K8S是属于主从设备模型(Master-slave架构),即有Master节点负责集群的调度、管理和运维,Slave节点是集群中的运算工作负载节点在K8S中,主节点一般被称为Master节点,而从节
  • K8S学习笔记02——K8S组件 沉淅尘 #Docker#K8Skubernetes
    Kubernetes组件一、控制平面组件(ControlPlaneComponents)(1)kube-apiserver(2)etcd(3)kube-scheduler(4)kube-controller-manager(5)cloud-controller-manager二、Node组件1.kubelet2.kube-proxy3.容器运行时(ContainerRuntime)三、插件(Add
  • Kubernetes——组件 窒息う Kuberneteskubernetes容器
    文章目录K8S的优势核心架构角色与功能集群图例K8S的优势能管理大量跨主机容器快速部署应用快速扩展应用无缝对接新的应用节省资源,优化硬件资源的使用核心架构master(管理节点)node(计算节点)images(镜像节点)角色与功能Master功能提供集群的控制对集群进行全局决策检测和响应集群事件Master节点核心组件APIServer是整个系统的对外接口,提供客户端和其他组件调用后端元数据存储
  • Kubernetes组件 汉只只 网络docker大数据分布式hadoop
    Kubernetes核心组件Kubernetes定义了一组构建块,它们可以共同提供部署、维护和扩展应用程序的机制。组成Kubernetes的组件设计为松耦合和可扩展的,这样可以满足多种不同的工作负载。可扩展性在很大程度上由KubernetesAPI提供——它被作为扩展的内部组件以及Kubernetes上运行的容器等使用。Kubernetes主要由以下几个核心组件组成:etcd保存了整个集群的状态;
  • 【Linux 从基础到进阶】Kubernetes 集群搭建与管理 爱技术的小伙子 Linux从基础到进阶linuxkubernetes运维
    Kubernetes集群搭建与管理Kubernetes(简称K8s)是一个用于自动化部署、扩展和管理容器化应用程序的开源平台。它提供了容器编排功能,能够管理大量的容器实例,并支持应用的自动扩展、高可用性和自愈能力。本文将详细介绍如何在CentOS和Ubuntu系统上安装和配置Kubernetes集群,并讲解Kubernetes的基本概念和管理操作。1.Kubernetes基础概念在了解如何搭建Ku
  • 【Kubernetes】常见面试题汇总(十三) summer.335 Kuberneteskubernetes容器云原生
    目录39.简述KubernetesScheduler使用哪两种算法将Pod绑定到worker节点?40.简述Kuberneteskubelet的作用?41.简述Kuberneteskubelet监控Worker节点资源是使用什么组件来实现的?39.简述KubernetesScheduler使用哪两种算法将Pod绑定到worker节点?KubernetesScheduler根据如下两种调度算法将Po
  • Ansible自动化部署kubernetes集群 theo.wu kubernetesansible自动化
    机器环境介绍1.1.机器信息介绍IPhostnameapplicationCPUMemory192.168.204.129k8s-master01etcd,kube-apiserver,kube-controller-manager,kube-scheduler,kubelet,kube-proxy,containerd2C4G192.168.204.130k8s-worker01etcd,kub
  • K8S - Emptydir - 取代ELK 使用fluentd 构建logging saidcar nvd11 K8Skubernetes
    由于k8s的无状态service通常部署在多个POD中,实现多实例面向高并发。但是k8s本身并没有提供集中查询多个pod的日志的功能其中1个常见方案就是ELK.本文的方案是利用fluentdsidecar和emptydir把多个pod的日志导向到bigquery的table中。Emptydir的简介Kubernetes中的EmptyDir是一种用于容器之间共享临时存储的空目录卷类型。EmptyDi
  • kubernetes里面那些事————控制器 背锅攻城师 kuberneteskubernetes容器云原生
    资源-控制器一,控制器作用二,控制器类型2.1,Deployment:无状态应用部署2.2,DaemonSet:确保所有Node运行同一个pod2.3,StatefulSet:有状态应用部署2.4,Job:一次性任务2.5,CronJob:定时任务2.6,pod2.7,service2.8,replicaset2.9,endpoints三,控制器yaml应用3.1,Deployment3.2,Da
  • kubernetes里面那些事—————存储 背锅攻城师 kubernetes容器云原生
    常用数据卷类型一,emptyDir1.1,emptyDir概念1.2,应用场景1.3,yaml示例二,hostPath2.1,hostPath概念2.2,应用场景2.3,yaml示例三,congfigmap3.1,configmap的作用3.2,注意事项:3.3,使用configmap创建java项目配置文件3.4,subPath应用3.5,configmap作为环境变量四,secret4.1,s
  • kubernetes-flannel组件的安装方式 背锅攻城师 kuberneteskubernetes
    使用flannel网络数据转发的过程数据->源容器->宿主机docker0虚拟网卡->flannel0虚拟网卡(UDP封装->etcd->目标容器所在宿主机flannel0->目标容器所在宿主机的docker0虚拟网卡->目标容器文章目录二进制安装flannelyaml文件部署flannel二进制安装flannel一,原有的二进制etcd集群添加配置信息#[Member]ETCD_NAME="et
  • 深入理解Kubernetes:kube-scheduler源码解析 mujingluo kubernetes容器云原生
    Kubernetes的调度器(kube-scheduler)是整个系统中至关重要的组件,它负责将待调度的Pods分配到合适的节点上。本文将深入分析kube-scheduler的源码,揭示其内部工作机制。kube-scheduler的核心功能kube-scheduler的核心功能包括:监听Pod变化:通过KubernetesAPI监听所有未调度的Pods。过滤(Filtering):根据一系列规则(
  • 开源项目 Kubernetes 源码探索与部署指南 邹滢朦
    开源项目Kubernetes源码探索与部署指南kubernetesThisistherepothattracksallpatchestotheOpenShiftdistributionofKubernetesonbranchescorrespondingtoOpenShiftreleases.Seehttps://github.com/openshift/kubernetes/blob/maste
  • 【2023年】云计算金砖牛刀小试4 geekgold 云计算linux容器jenkinskubernetes
    容器云问题1.Kubernetes集群支持Pod优先级抢占,通过抢占式调度策略来实现同一个Node节点内部的Pod对象抢占。在master节点/root目录下编写YAML文件schedule.yaml创建一个抢占式调度策略,具体要求如下:(1)抢占式调度策略名称:high-scheduling;(2)优先级为1000000;(3)不要将该调度策略设置为默认优先调度策略。vischedule.yam
  • 【Kubernetes】(K8S)彻底卸载详细教程 哒哒-blog Kuberneteskubernetes容器云原生
    以下全部操作都是使用root用户进行(非root用户可以使用sudo),并且全部命令都需要在Kubernetes集群的所有节点分别执行:第一步、停止K8S所有节点执行:123systemctlstopkubeletsystemctlstopetcdsystemctlstopdocker第二步、清空K8S集群设置所有节点执行:1kubeadmreset-f第三步、删除K8S相关软件所有节点执行:12
  • 二进制方式部署K8s高可用集群 麻辣头马头 kubernetes容器云原生运维服务器docker网络
    1二进制方式部署K8s高可用集群1.1kubeadm和二进制安装k8s适用场景分析kubeadm是官方提供的开源工具,是一个开源项目,用于快速搭建kubernetes集群,目前是比较方便和推荐使用的。kubeadminit以及kubeadmjoin这两个命令可以快速创建kubernetes集群。Kubeadm初始化k8s,所有的组件都是以pod形式运行的,具备故障自恢复能力。kubeadm是工具,
  • 插入表主键冲突做更新 a-john
    有以下场景: 用户下了一个订单,订单内的内容较多,且来自多表,首次下单的时候,内容可能会不全(部分内容不是必须,出现有些表根本就没有没有该订单的值)。在以后更改订单时,有些内容会更改,有些内容会新增。 问题: 如果在sql语句中执行update操作,在没有数据的表中会出错。如果在逻辑代码中先做查询,查询结果有做更新,没有做插入,这样会将代码复杂化。 解决: mysql中提供了一个sql语
  • Android xml资源文件中@、@android:type、@*、?、@+含义和区别 Cb123456 @+@?@*
    一.@代表引用资源 1.引用自定义资源。格式:@[package:]type/name android:text="@string/hello"   2.引用系统资源。格式:@android:type/name     android:textColor="@android:color/opaque_red"
  • 数据结构的基本介绍 天子之骄 数据结构散列表树、图线性结构价格标签
    数据结构的基本介绍 数据结构就是数据的组织形式,用一种提前设计好的框架去存取数据,以便更方便,高效的对数据进行增删查改。正确选择合适的数据结构,对软件程序的高效执行的影响作用不亚于算法的设计。此外,在计算机系统中数据结构的作用也是非同小可。例如常常在编程语言中听到的栈,堆等,就是经典的数据结构。   经典的数据结构大致如下:   一:线性数据结构 (1):列表 a
  • 通过二维码开放平台的API快速生成二维码 一炮送你回车库 api
     现在很多网站都有通过扫二维码用手机连接的功能,联图网(http://www.liantu.com/pingtai/)的二维码开放平台开放了一个生成二维码图片的Api,挺方便使用的。闲着无聊,写了个前台快速生成二维码的方法。        html代码如下:(二维码将生成在这div下) ? 1  &nbs
  • ImageIO读取一张图片改变大小 3213213333332132 javaIOimageBufferedImage
    package com.demo; import java.awt.image.BufferedImage; import java.io.File; import java.io.IOException; import javax.imageio.ImageIO; /** * @Description 读取一张图片改变大小 * @author FuJianyon
  • myeclipse集成svn(一针见血) 7454103 eclipseSVNMyEclipse
                                     &n
  • 装箱与拆箱----autoboxing和unboxing darkranger J2SE
    4.2 自动装箱和拆箱 基本数据(Primitive)类型的自动装箱(autoboxing)、拆箱(unboxing)是自J2SE 5.0开始提供的功能。虽然为您打包基本数据类型提供了方便,但提供方便的同时表示隐藏了细节,建议在能够区分基本数据类型与对象的差别时再使用。 4.2.1 autoboxing和unboxing 在Java中,所有要处理的东西几乎都是对象(Object)
  • ajax传统的方式制作ajax aijuans Ajax
    //这是前台的代码 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+
  • 只用jre的eclipse是怎么编译java源文件的? avords javaeclipsejdktomcat
    eclipse只需要jre就可以运行开发java程序了,也能自动 编译java源代码,但是jre不是java的运行环境么,难道jre中也带有编译工具? 还是eclipse自己实现的?谁能给解释一下呢问题补充:假设系统中没有安装jdk or jre,只在eclipse的目录中有一个jre,那么eclipse会采用该jre,问题是eclipse照样可以编译java源文件,为什么呢? &nb
  • 前端模块化 bee1314 模块化
    背景: 前端JavaScript模块化,其实已经不是什么新鲜事了。但是很多的项目还没有真正的使用起来,还处于刀耕火种的野蛮生长阶段。   JavaScript一直缺乏有效的包管理机制,造成了大量的全局变量,大量的方法冲突。我们多么渴望有天能像Java(import),Python (import),Ruby(require)那样写代码。在没有包管理机制的年代,我们是怎么避免所
  • 处理百万级以上的数据处理 bijian1013 oraclesql数据库大数据查询
    一.处理百万级以上的数据提高查询速度的方法:        1.应尽量避免在 where 子句中使用!=或<>操作符,否则将引擎放弃使用索引而进行全表扫描。         2.对查询进行优化,应尽量避免全表扫描,首先应考虑在 where 及 o
  • mac 卸载 java 1.7 或更高版本 征客丶 javaOS
    卸载 java 1.7 或更高 sudo rm -rf /Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin 成功执行此命令后,还可以执行 java 与 javac 命令 sudo rm -rf /Library/PreferencePanes/JavaControlPanel.prefPane 成功执行此命令后,还可以执行 java
  • 【Spark六十一】Spark Streaming结合Flume、Kafka进行日志分析 bit1129 Stream
    第一步,Flume和Kakfa对接,Flume抓取日志,写到Kafka中 第二部,Spark Streaming读取Kafka中的数据,进行实时分析   本文首先使用Kakfa自带的消息处理(脚本)来获取消息,走通Flume和Kafka的对接 1. Flume配置 1. 下载Flume和Kafka集成的插件,下载地址:https://github.com/beyondj2ee/f
  • Erlang vs TNSDL bookjovi erlang
          TNSDL是Nokia内部用于开发电信交换软件的私有语言,是在SDL语言的基础上加以修改而成,TNSDL需翻译成C语言得以编译执行,TNSDL语言中实现了异步并行的特点,当然要完整实现异步并行还需要运行时动态库的支持,异步并行类似于Erlang的process(轻量级进程),TNSDL中则称之为hand,Erlang是基于vm(beam)开发,
  • 非常希望有一个预防疲劳的java软件, 预防过劳死和眼睛疲劳,大家一起努力搞一个 ljy325 企业应用
     非常希望有一个预防疲劳的java软件,我看新闻和网站,国防科技大学的科学家累死了,太疲劳,老是加班,不休息,经常吃药,吃药根本就没用,根本原因是疲劳过度。我以前做java,那会公司垃圾,老想赶快学习到东西跳槽离开,搞得超负荷,不明理。深圳做软件开发经常累死人,总有不明理的人,有个软件提醒限制很好,可以挽救很多人的生命。 相关新闻: (1)IT行业成五大疾病重灾区:过劳死平均37.9岁
  • 读《研磨设计模式》-代码笔记-原型模式 bylijinnan java设计模式
    声明: 本文只为方便我个人查阅和理解,详细的分析以及源代码请移步 原作者的博客http://chjavach.iteye.com/ /** * Effective Java 建议使用copy constructor or copy factory来代替clone()方法: * 1.public Product copy(Product p){} * 2.publi
  • 配置管理---svn工具之权限配置 chenyu19891124 SVN
    今天花了大半天的功夫,终于弄懂svn权限配置。下面是今天收获的战绩。 安装完svn后就是在svn中建立版本库,比如我本地的是版本库路径是C:\Repositories\pepos。pepos是我的版本库。在pepos的目录结构 pepos    component    webapps 在conf里面的auth里赋予的权限配置为 [groups]
  • 浅谈程序员的数学修养 comsci 设计模式编程算法面试招聘
                                     浅谈程序员的数学修养
  • 批量执行 bulk collect与forall用法 daizj oraclesqlbulk collectforall
    BULK COLLECT 子句会批量检索结果,即一次性将结果集绑定到一个集合变量中,并从SQL引擎发送到PL/SQL引擎。通常可以在SELECT INTO、 FETCH INTO以及RETURNING INTO子句中使用BULK COLLECT。本文将逐一描述BULK COLLECT在这几种情形下的用法。     有关FORALL语句的用法请参考:批量SQL之 F
  • Linux下使用rsync最快速删除海量文件的方法 dongwei_6688 OS
    1、先安装rsync:yum install rsync 2、建立一个空的文件夹:mkdir /tmp/test 3、用rsync删除目标目录:rsync --delete-before -a -H -v --progress --stats /tmp/test/ log/这样我们要删除的log目录就会被清空了,删除的速度会非常快。rsync实际上用的是替换原理,处理数十万个文件也是秒删。
  • Yii CModel中rules验证规格 dcj3sjt126com rulesyiivalidate
    Yii cValidator主要用法分析:  yii验证rulesit 分类: Yii yii的rules验证 cValidator主要属性 attributes ,builtInValidators,enableClientValidation,message,on,safe,skipOnError  
  • 基于vagrant的redis主从实验 dcj3sjt126com vagrant
    平台: Mac 工具: Vagrant 系统: Centos6.5 实验目的: Redis主从   实现思路 制作一个基于sentos6.5, 已经安装好reids的box, 添加一个脚本配置从机, 然后作为后面主机从机的基础box   制作sentos6.5+redis的box   mkdir vagrant_redis cd vagrant_
  • Memcached(二)、Centos安装Memcached服务器 frank1234 centosmemcached
    一、安装gcc rpm和yum安装memcached服务器连接没有找到,所以我使用的是make的方式安装,由于make依赖于gcc,所以要先安装gcc 开始安装,命令如下,[color=red][b]顺序一定不能出错[/b][/color]: 建议可以先切换到root用户,不然可能会遇到权限问题:su root 输入密码...... rpm -ivh kernel-head
  • Remove Duplicates from Sorted List hcx2013 remove
    Given a sorted linked list, delete all duplicates such that each element appear only once. For example,Given 1->1->2, return 1->2.Given 1->1->2->3->3, return&
  • Spring4新特性——JSR310日期时间API的支持 jinnianshilongnian spring4
    Spring4新特性——泛型限定式依赖注入 Spring4新特性——核心容器的其他改进 Spring4新特性——Web开发的增强 Spring4新特性——集成Bean Validation 1.1(JSR-349)到SpringMVC  Spring4新特性——Groovy Bean定义DSL Spring4新特性——更好的Java泛型操作API  Spring4新
  • 浅谈enum与单例设计模式 247687009 java单例
    在JDK1.5之前的单例实现方式有两种(懒汉式和饿汉式并无设计上的区别故看做一种),两者同是私有构 造器,导出静态成员变量,以便调用者访问。 第一种 package singleton; public class Singleton { //导出全局成员 public final static Singleton INSTANCE = new S
  • 使用switch条件语句需要注意的几点 openwrt cbreakswitch
    1. 当满足条件的case中没有break,程序将依次执行其后的每种条件(包括default)直到遇到break跳出 int main() { int n = 1; switch(n) { case 1: printf("--1--\n"); default: printf("defa
  • 配置Spring Mybatis JUnit测试环境的应用上下文 schnell18 springmybatisJUnit
    Spring-test模块中的应用上下文和web及spring boot的有很大差异。主要试下来差异有: 单元测试的app context不支持从外部properties文件注入属性 @Value注解不能解析带通配符的路径字符串 解决第一个问题可以配置一个PropertyPlaceholderConfigurer的bean。 第二个问题的具体实例是:    
  • Java 定时任务总结一 tuoni javaspringtimerquartztimertask
     Java定时任务总结  一.从技术上分类大概分为以下三种方式:  1.Java自带的java.util.Timer类,这个类允许你调度一个java.util.TimerTask任务;   说明:    java.util.Timer定时器,实际上是个线程,定时执行TimerTask类 &
  • 一种防止用户生成内容站点出现商业广告以及非法有害等垃圾信息的方法 yangshangchuan rank相似度计算文本相似度词袋模型余弦相似度
    本文描述了一种在ITEYE博客频道上面出现的新型的商业广告形式及其应对方法,对于其他的用户生成内容站点类型也具有同样的适用性。   最近在ITEYE博客频道上面出现了一种新型的商业广告形式,方法如下:     1、注册多个账号(一般10个以上)。     2、从多个账号中选择一个账号,发表1-2篇博文
按字母分类: ABCDEFGHIJKLMNOPQRSTUVWXYZ其他