docs: update kubernetes docs (#705)

* docs: update kubernetes docs Signed-off-by: Jim Ma <majinjing3@gmail.com>
2021-09-30 18:26:09 +08:00 · 2021-09-30 18:26:09 +08:00 · feaa0a9333
parent 5880f36120
commit feaa0a9333
2 changed files with 54 additions and 46 deletions
--- a/docs/en/ecosystem/Kubernetes-with-Dragonfly.md
+++ b/docs/en/ecosystem/Kubernetes-with-Dragonfly.md
@ -17,17 +17,42 @@ When enable runtime configuration in dragonfly, you can skip [Configure Runtime]

 #### 1. Docker

+> **We did not recommend to using dragonfly with docker in Kubernetes** due to many reasons: 1. no fallback image pulling policy. 2. deprecated in Kubernetes.
 > Because the original `daemonset` in Kubernetes did not support `Surging Rolling Update` policy.
 > When kill current dfdaemon pod, the new pod image can not be pulled anymore.
-> Using Docker with dragonfly, when upgrade dfdaemon, should pull newly dfdaemon image manually, or use [ImagePullJob](https://openkruise.io/docs/user-manuals/imagepulljob).

-> We did not recommend to using dragonfly with docker in k8s due to many reasons: 1. no fallback image pulling policy. 2. deprecated in Kubernetes.
+> If you can not change runtime from docker to others, remind to choose a plan when upgrade dfdaemon:
+>     Option 1: pull newly dfdaemon image manually before upgrade dragonfly, or use [ImagePullJob](https://openkruise.io/docs/user-manuals/imagepulljob) to pull image automate.
+>     Option 2: keep the image registry of dragonfly is different from common registries and add host in `containerRuntime.docker.skipHosts`.

 Dragonfly helm supports config docker automatically.

 Config cases:

-**Case 1: Implicit registries support**
+**Case 1: [Preferred] Arbitrary registries support with restart docker**
+
+Chart customize values.yaml:
+```yaml
+containerRuntime:
+  docker:
+    enable: true
+    # -- Restart docker daemon to redirect traffic to dfdaemon
+    # When containerRuntime.docker.restart=true, containerRuntime.docker.injectHosts and containerRuntime.registry.domains is ignored.
+    # If did not want restart docker daemon, keep containerRuntime.docker.restart=false and containerRuntime.docker.injectHosts=true.
+    restart: true
+    skipHosts:
+    - "127.0.0.1"
+    - "docker.io" # Dragonfly use this image registry to upgrade itself, so we need skip it. Change it in real environment.
+```
+
+This config enables docker pulling images from arbitrary registries via Dragonfly.
+When deploying Dragonfly with above config, dfdaemon will restart docker daemon.
+
+Limitations:
+* Must enable live-restore feature in docker
+* Need restart docker daemon
+
+**Case 2: Implicit registries support without restart docker**

 Chart customize values.yaml:
 ```yaml
@ -49,26 +74,6 @@ When deploying Dragonfly with above config, it's unnecessary to restart docker d
 Limitations:
 * Only support implicit registries

-**Case 2: Arbitrary registries support**
-
-Chart customize values.yaml:
-```yaml
-containerRuntime:
-  docker:
-    enable: true
-    # -- Restart docker daemon to redirect traffic to dfdaemon
-    # When containerRuntime.docker.restart=true, containerRuntime.docker.injectHosts and containerRuntime.registry.domains is ignored.
-    # If did not want restart docker daemon, keep containerRuntime.docker.restart=false and containerRuntime.docker.injectHosts=true.
-    restart: true
-```
-
-This config enables docker pulling images from arbitrary registries via Dragonfly.
-When deploying Dragonfly with above config, dfdaemon will restart docker daemon.
-
-Limitations:
-* Must enable live-restore feature in docker
-* Need restart docker daemon
-
 #### 2. Containerd

 The config of containerd has two version with complicated fields. These are many cases to consider:
--- a/docs/zh-CN/ecosystem/Kubernetes-with-Dragonfly.md
+++ b/docs/zh-CN/ecosystem/Kubernetes-with-Dragonfly.md
@ -16,15 +16,38 @@

 #### 1. Docker

+> **不推荐在 docker 环境中使用蜻蜓**：1. 拉镜像没有 fallback 机制，2. 在未来的 Kubernetes 中已经废弃。
+> 
 > 因为当前 Kubernetes 里的 `daemonset` 并不支持 `Surging Rolling Update` 策略,
 > 一旦旧的 dfdaemon pod 被删除后，新的 dfdaemon 就再也拉取不了了。
-> 当使用 Docker 时，在升级 dfdaemon 的时候，请先手动拉取新的 dfdaemon 镜像，或者使用 [ImagePullJob](https://openkruise.io/docs/user-manuals/imagepulljob)

-> 不推荐在 docker 环境中使用蜻蜓：1. 拉镜像没有 fallback 机制，2. 在未来的 Kubernetes 中已经废弃。
+> 如果无法更换容器运行时的话，那在升级蜻蜓的时候，请从下面两种方案选择比较适合的：
+> 选项1：先手动拉取新的 dfdaemon 镜像，或者使用 [ImagePullJob](https://openkruise.io/docs/user-manuals/imagepulljob) 去自动拉取，
+> 选项2：保持蜻蜓的镜像中心和通用的镜像中心不一样，同时将蜻蜓镜像中心相关的 host 加入 `containerRuntime.docker.skipHosts`。

 Dragonfly Helm 支持自动更改 docker 配置。

-**情况 1: 支持指定仓库**
+**情况 1:【推荐的】支持任意仓库**
+
+定制 values.yaml 文件:
+```yaml
+containerRuntime:
+  docker:
+    enable: true
+    # -- Restart docker daemon to redirect traffic to dfdaemon
+    # When containerRuntime.docker.restart=true, containerRuntime.docker.injectHosts and containerRuntime.registry.domains is ignored.
+    # If did not want restart docker daemon, keep containerRuntime.docker.restart=false and containerRuntime.docker.injectHosts=true.
+    restart: true
+```
+
+此配置允许 Dragonfly 拦截所有 docker 流量。
+使用上述配置部署 Dragonfly 时，dfdaemon 将重新启动 docker。
+
+限制:
+* 必须开启 docker 的 `live-restore` 功能
+* 需要重启 docker daemon
+
+**情况 2: 支持指定仓库**

 定制 values.yaml 文件:
 ```yaml
@ -46,26 +69,6 @@ containerRuntime:
 限制:
 * 只支持指定域名。

-**情况 2: 支持任意仓库**
-
-定制 values.yaml 文件:
-```yaml
-containerRuntime:
-  docker:
-    enable: true
-    # -- Restart docker daemon to redirect traffic to dfdaemon
-    # When containerRuntime.docker.restart=true, containerRuntime.docker.injectHosts and containerRuntime.registry.domains is ignored.
-    # If did not want restart docker daemon, keep containerRuntime.docker.restart=false and containerRuntime.docker.injectHosts=true.
-    restart: true
-```
-
-此配置允许 Dragonfly 拦截所有 docker 流量。
-使用上述配置部署 Dragonfly 时，dfdaemon 将重新启动 docker。
-
-限制:
-* 必须开启 docker 的 `live-restore` 功能
-* 需要重启 docker daemon
-
 #### 2. Containerd

 Containerd 的配置有两个版本，字段复杂。有很多情况需要考虑：