k8s1.4 新特性
来源:互联网 发布:手机绿色上网软件 编辑:程序博客网 时间:2024/06/10 01:33
主题:
1.提高用户体验
添加了kubeadm命令安装集群,更容易了解集群http://kubernetes.io/docs/getting-started-guides/kubeadm/添加api auditlog http://kubernetes.io/docs/admin/audit/
2.有状态应用程序支持
StorageClasses http://kubernetes.io/docs/user-guide/persistent-volumes/
kind: StorageClass
apiVersion: storage.k8s.io/v1beta1
metadata:
name: gold
provisioner: kubernetes.io/cinder
parameters:
type: fast
availability: nova
pod/node affinity/anti-affinity支持 http://kubernetes.io/docs/user-guide/node-selection/
apiVersion: v1
kind: Pod
metadata:
name: with-pod-affinity
annotations:
scheduler.alpha.kubernetes.io/affinity: >
{
"podAffinity": {
"requiredDuringSchedulingIgnoredDuringExecution": [
{
"labelSelector": {
"matchExpressions": [
{
"key": "security",
"operator": "In",
"values": ["S1"]
}
]
},
"topologyKey": "failure-domain.beta.kubernetes.io/zone"
}
]
},
"podAntiAffinity": {
"requiredDuringSchedulingIgnoredDuringExecution": [
{
"labelSelector": {
"matchExpressions": [
{
"key": "security",
"operator": "In",
"values": ["S2"]
}
]
},
"topologyKey": "kubernetes.io/hostname"
}
]
}
}
spec:
containers:
- name: with-pod-affinity
image: gcr.io/google_containers/pause:2.0
3.集群联邦
全局 https GCE/GKE
扩大对混合云的支持包括 rs secrets,namespaces events
4.安全
增加sysctl 支持 http://kubernetes.io/docs/admin/sysctls/
apiVersion: v1
kind: Pod
metadata:
name: sysctl-example
annotations:
security.alpha.kubernetes.io/sysctls: kernel.shm_rmid_forced=1
security.alpha.kubernetes.io/unsafe-sysctls: net.ipv4.route.min_pmtu=1000,kernel.msgmax=1 2 3
集群级别的安全控制 http://kubernetes.io/docs/admin/authorization/
{
"apiVersion": "authorization.k8s.io/v1beta1",
"kind": "SubjectAccessReview",
"status": {
"allowed": false,
"reason": "user does not have read access to the namespace"
}
}
实现:
1.api
audit logs
swagger 2.0
2.Apps:
ScheduledJobs
apiVersion: batch/v2alpha1kind: ScheduledJob
metadata:
name: hello
spec:
schedule: 0/1 * * * ?
jobTemplate:
spec:
template:
spec:
containers:
- name: hello
image: busybox
args:
- /bin/sh
- -c
- date; echo Hello from the Kubernetes cluster
restartPolicy: OnFailure
4.auth
imagepolicywebhook api参数添加:--admission-control=ImagePolicyWebhook
SubjectAccessReview5.clusterlifecircle
Ensure critical cluster infrastructure pods 驱逐其他pod,确保Heapster, DNS等正常运行 http://kubernetes.io/docs/admin/rescheduler/#guaranteed-scheduling-of-critical-add-on-pods
简化kubelet和apiserver之间的认证
kubeadm初始化集群
6.netwrok
保持源ip http://kubernetes.io/docs/user-guide/load-balancer/#caveats-and-limitations-when-preserving-source-ips
7.node
Publish node performance dashboard (分析收集node性能测试结果) 我编译了一个看下效果:http://pan.baidu.com/s/1hrAgjJY
sysctl
AppArmor
kubectl压力大驱逐pod
8,调度podAffinity
StorageClass
quobyte支持 volume https://github.com/kubernetes/kubernetes/tree/master/examples/volumes/quobyte
Azure Data Disk支持
10.ui:
升级dashboard
由server增加默认配置
0 0
- k8s1.4 新特性
- k8s1.4版本kube-dns的改进
- Xcode 4 新特性
- Servlet2.4新特性
- django1.4新特性
- XCode4.4新特性
- ios7新特性--4
- Android4.4新特性
- PHP5.4新特性
- PHP5.4新特性
- php5.4新特性
- Servlet2.4新特性
- Android4.4新特性
- J2EE1.4新特性之EJB2.1的新特性
- kubernetes1.4新特性:支持Docker新特性
- Python2.4 新特性尝鲜
- Python2.4新特性(部分)
- Junit 4新的特性
- 设计模式(20)------状态模式
- ASCII码字符对照表
- 区别是什么
- java接口调用安全策略
- 设计模式(21)------策略模式
- k8s1.4 新特性
- 应用程序无法正常启动(0x000007b)的不常见的解决过程
- hdu 5540/Secrete Master Plan
- 1134: 整数去位 贪心
- 设计模式(22)------模板方法模式
- 集合_java集合框架
- 实现View 滑动的几种方法
- 设计模式(23)------访问者模式
- Python学习总结(5)-模块和包