docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update components in UCP architecture topic (#529)

This commit is contained in:
Jim Galasyn 2018-02-27 14:03:43 -08:00
parent 96054f1770
commit b19b738909
1 changed files with 30 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
ee/ucp/ucp-architecture.md
View File

@ -82,27 +82,35 @@ persist the state of UCP. These are the UCP services running on manager nodes:
| UCP component | Description |
|:----------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ucp-agent | Monitors the node and ensures the right UCP services are running |
| ucp-agent | Monitors the node and ensures the right UCP services are running. |
| ucp-reconcile | When ucp-agent detects that the node is not running the right UCP components, it starts the ucp-reconcile container to converge the node to its desired state. It is expected for the ucp-reconcile container to remain in an exited state when the node is healthy. |
| ucp-auth-api | The centralized service for identity and authentication used by UCP and DTR |
| ucp-auth-store | Stores authentication configurations and data for users, organizations, and teams |
| ucp-auth-worker | Performs scheduled LDAP synchronizations and cleans authentication and authorization data |
| ucp-client-root-ca | A certificate authority to sign client bundles |
| ucp-cluster-root-ca | A certificate authority used for TLS communication between UCP components |
| ucp-controller | The UCP web server |
| ucp-dsinfo | Docker system information collection script to assist with troubleshooting |
| ucp-auth-api | The centralized service for identity and authentication used by UCP and DTR. |
| ucp-auth-store | Stores authentication configurations and data for users, organizations, and teams. |
| ucp-auth-worker | Performs scheduled LDAP synchronizations and cleans authentication and authorization data. |
| ucp-client-root-ca | A certificate authority to sign client bundles. |
| ucp-cluster-root-ca | A certificate authority used for TLS communication between UCP components. |
| ucp-controller | The UCP web server. |
| ucp-dsinfo | Docker system information collection script to assist with troubleshooting. |
| ucp-kv | Used to store the UCP configurations. Don't use it in your applications, since it's for internal use only. Also used by Kubernetes components. |
| ucp-metrics | Used to collect and process metrics for a node, like the disk space available |
| ucp-proxy | A TLS proxy. It allows secure access to the local Docker Engine to UCP components |
| ucp-swarm-manager | Used to provide backwards-compatibility with Docker Swarm |
| ucp-kubelet | The kubernetes node agent running on every node, which is responsible for running kubernetes pods, reporting the health of the node, and monitoring resource usage |
| ucp-kube-apiserver | A master component that serves the Kubernetes API. It persists its state in `etcd` directly, and all other components communicate with API server directly |
| ucp-kube-controller-manager | A master component that manages the desired state of controllers and other Kubernetes objects. It monitors the API server and performs background tasks when needed |
| ucp-kube-proxy | The networking proxy running on every node, which enables pods to contact Kubernetes services and other pods, via cluster IP addresses |
| ucp-kube-scheduler | A master component that handles scheduling of pods. It communicates with the API server only to obtain workloads that need to be scheduled |
| ucp-kube-dns | Provides service discovery for Kubernetes services and pods. A set of three containers deployed via Kubernetes as a single pod |
| ucp-kube-compose | Translates Compose files to Kubernetes objects by using the `CustomResourceDefinition` feature to define Compose stacks as a first-class entities |
| CNI plugin component | Establishes the networking fabric of the cluster. Also used for communication across pods. Configure the CNI plugin by using the `--cni-installer-url` flag. If this flag isn't set, UCP uses a default SDN plugin. |
| ucp-metrics | Used to collect and process metrics for a node, like the disk space available. |
| ucp-proxy | A TLS proxy. It allows secure access to the local Docker Engine to UCP components. |
| ucp-swarm-manager | Used to provide backwards-compatibility with Docker Swarm. |
| ucp-kubelet | The kubernetes node agent running on every node, which is responsible for running kubernetes pods, reporting the health of the node, and monitoring resource usage. |
| ucp-kube-apiserver | A master component that serves the Kubernetes API. It persists its state in `etcd` directly, and all other components communicate with API server directly. |
| ucp-kube-controller-manager | A master component that manages the desired state of controllers and other Kubernetes objects. It monitors the API server and performs background tasks when needed. |
| ucp-kube-proxy | The networking proxy running on every node, which enables pods to contact Kubernetes services and other pods, via cluster IP addresses. |
| ucp-kube-scheduler | A master component that handles scheduling of pods. It communicates with the API server only to obtain workloads that need to be scheduled. |
| k8s_ucp-kubedns | The main Kubernetes DNS Service, used by pods to [resolve service names](https://v1-8.docs.kubernetes.io/docs/concepts/services-networking/dns-pod-service/). Part of the `kube-dns` deployment. Runs on one manager node only. Provides service discovery for Kubernetes services and pods. A set of three containers deployed via Kubernetes as a single pod. |
| k8s_POD_kube-dns | "Pause" container for the `kube-dns` pod. By default, this container is hidden, but you can see it by running `docker ps -a`. |
| k8s_ucp-kube-compose | A custom kubernetes resource component that's responsible for translating Compose files into Kubernetes constructs. Part of the `compose` deployment. Runs on one manager node only. |
| k8s_POD_compose | "Pause" container for the Compose pod. By default, this container is hidden, but you can see it by running `docker ps -a`. |
| k8s_calico-kube-controllers | A cluster-scoped Kubernetes controller used to coordinate calico networking. Runs on one manager node only. |
| k8s_POD_calico-kube-controllers | "Pause" container for the `calico-kube-controllers` pod. By default, this container is hidden, but you can see it by running `docker ps -a`. |
| k8s_install-cni_calico-node | A container that's responsible for installing the Calico CNI plugin binaries and configuration on each host. Part of the `calico-node` daemonset. Runs on all nodes. |
| k8s_calico-node | The Calico node agent, which coordinates networking fabric according to the cluster-wide Calico configuration. Part of the `calico-node` daemonset. Runs on all nodes. Configure the CNI plugin by using the `--cni-installer-url` flag. If this flag isn't set, UCP uses Calico as the default CNI plugin. |
| k8s_POD_calico-node | "Pause" container for the Calico-node pod. By default, this container is hidden, but you can see it by running `docker ps -a`. |
| k8s_ucp-kubedns-sidecar | Health checking and metrics daemon of the Kubernetes DNS Service. Part of the `kube-dns` deployment. Runs on one manager node only. |
| k8s_ucp-dnsmasq-nanny | A dnsmasq instance used in the Kubernetes DNS Service. Part of the `kube-dns` deployment. Runs on one manager node only. |
### UCP components in worker nodes
@ -117,6 +125,9 @@ services running on worker nodes:
| ucp-proxy | A TLS proxy. It allows secure access to the local Docker Engine to UCP components |
| ucp-kubelet | The kubernetes node agent running on every node, which is responsible for running Kubernetes pods, reporting the health of the node, and monitoring resource usage |
| ucp-kube-proxy | The networking proxy running on every node, which enables pods to contact Kubernetes services and other pods, via cluster IP addresses |
| k8s_install-cni_calico-node | A container that's responsible for installing the Calico CNI plugin binaries and configuration on each host. Part of the `calico-node` daemonset. Runs on all nodes. |
| k8s_calico-node | The Calico node agent, which coordinates networking fabric according to the cluster-wide Calico configuration. Part of the `calico-node` daemonset. Runs on all nodes. |
| k8s_POD_calico-node | "Pause" container for the Calico-node pod. By default, this container is hidden, but you can see it by running `docker ps -a`. |
## Volumes used by UCP