From feaa0a93336d23d0e4580882b332344a491b34cc Mon Sep 17 00:00:00 2001 From: Jim Ma Date: Thu, 30 Sep 2021 18:26:09 +0800 Subject: [PATCH] docs: update kubernetes docs (#705) * docs: update kubernetes docs Signed-off-by: Jim Ma --- .../en/ecosystem/Kubernetes-with-Dragonfly.md | 51 ++++++++++--------- .../ecosystem/Kubernetes-with-Dragonfly.md | 49 +++++++++--------- 2 files changed, 54 insertions(+), 46 deletions(-) diff --git a/docs/en/ecosystem/Kubernetes-with-Dragonfly.md b/docs/en/ecosystem/Kubernetes-with-Dragonfly.md index bc4ee53ab..68af5ea84 100644 --- a/docs/en/ecosystem/Kubernetes-with-Dragonfly.md +++ b/docs/en/ecosystem/Kubernetes-with-Dragonfly.md @@ -17,17 +17,42 @@ When enable runtime configuration in dragonfly, you can skip [Configure Runtime] #### 1. Docker +> **We did not recommend to using dragonfly with docker in Kubernetes** due to many reasons: 1. no fallback image pulling policy. 2. deprecated in Kubernetes. > Because the original `daemonset` in Kubernetes did not support `Surging Rolling Update` policy. > When kill current dfdaemon pod, the new pod image can not be pulled anymore. -> Using Docker with dragonfly, when upgrade dfdaemon, should pull newly dfdaemon image manually, or use [ImagePullJob](https://openkruise.io/docs/user-manuals/imagepulljob). -> We did not recommend to using dragonfly with docker in k8s due to many reasons: 1. no fallback image pulling policy. 2. deprecated in Kubernetes. +> If you can not change runtime from docker to others, remind to choose a plan when upgrade dfdaemon: +> Option 1: pull newly dfdaemon image manually before upgrade dragonfly, or use [ImagePullJob](https://openkruise.io/docs/user-manuals/imagepulljob) to pull image automate. +> Option 2: keep the image registry of dragonfly is different from common registries and add host in `containerRuntime.docker.skipHosts`. Dragonfly helm supports config docker automatically. Config cases: -**Case 1: Implicit registries support** +**Case 1: [Preferred] Arbitrary registries support with restart docker** + +Chart customize values.yaml: +```yaml +containerRuntime: + docker: + enable: true + # -- Restart docker daemon to redirect traffic to dfdaemon + # When containerRuntime.docker.restart=true, containerRuntime.docker.injectHosts and containerRuntime.registry.domains is ignored. + # If did not want restart docker daemon, keep containerRuntime.docker.restart=false and containerRuntime.docker.injectHosts=true. + restart: true + skipHosts: + - "127.0.0.1" + - "docker.io" # Dragonfly use this image registry to upgrade itself, so we need skip it. Change it in real environment. +``` + +This config enables docker pulling images from arbitrary registries via Dragonfly. +When deploying Dragonfly with above config, dfdaemon will restart docker daemon. + +Limitations: +* Must enable live-restore feature in docker +* Need restart docker daemon + +**Case 2: Implicit registries support without restart docker** Chart customize values.yaml: ```yaml @@ -49,26 +74,6 @@ When deploying Dragonfly with above config, it's unnecessary to restart docker d Limitations: * Only support implicit registries -**Case 2: Arbitrary registries support** - -Chart customize values.yaml: -```yaml -containerRuntime: - docker: - enable: true - # -- Restart docker daemon to redirect traffic to dfdaemon - # When containerRuntime.docker.restart=true, containerRuntime.docker.injectHosts and containerRuntime.registry.domains is ignored. - # If did not want restart docker daemon, keep containerRuntime.docker.restart=false and containerRuntime.docker.injectHosts=true. - restart: true -``` - -This config enables docker pulling images from arbitrary registries via Dragonfly. -When deploying Dragonfly with above config, dfdaemon will restart docker daemon. - -Limitations: -* Must enable live-restore feature in docker -* Need restart docker daemon - #### 2. Containerd The config of containerd has two version with complicated fields. These are many cases to consider: diff --git a/docs/zh-CN/ecosystem/Kubernetes-with-Dragonfly.md b/docs/zh-CN/ecosystem/Kubernetes-with-Dragonfly.md index 67d1fc2ba..d8ecbb509 100644 --- a/docs/zh-CN/ecosystem/Kubernetes-with-Dragonfly.md +++ b/docs/zh-CN/ecosystem/Kubernetes-with-Dragonfly.md @@ -16,15 +16,38 @@ #### 1. Docker +> **不推荐在 docker 环境中使用蜻蜓**:1. 拉镜像没有 fallback 机制,2. 在未来的 Kubernetes 中已经废弃。 +> > 因为当前 Kubernetes 里的 `daemonset` 并不支持 `Surging Rolling Update` 策略, > 一旦旧的 dfdaemon pod 被删除后,新的 dfdaemon 就再也拉取不了了。 -> 当使用 Docker 时,在升级 dfdaemon 的时候,请先手动拉取新的 dfdaemon 镜像,或者使用 [ImagePullJob](https://openkruise.io/docs/user-manuals/imagepulljob) -> 不推荐在 docker 环境中使用蜻蜓:1. 拉镜像没有 fallback 机制,2. 在未来的 Kubernetes 中已经废弃。 +> 如果无法更换容器运行时的话,那在升级蜻蜓的时候,请从下面两种方案选择比较适合的: +> 选项1:先手动拉取新的 dfdaemon 镜像,或者使用 [ImagePullJob](https://openkruise.io/docs/user-manuals/imagepulljob) 去自动拉取, +> 选项2:保持蜻蜓的镜像中心和通用的镜像中心不一样,同时将蜻蜓镜像中心相关的 host 加入 `containerRuntime.docker.skipHosts`。 Dragonfly Helm 支持自动更改 docker 配置。 -**情况 1: 支持指定仓库** +**情况 1:【推荐的】支持任意仓库** + +定制 values.yaml 文件: +```yaml +containerRuntime: + docker: + enable: true + # -- Restart docker daemon to redirect traffic to dfdaemon + # When containerRuntime.docker.restart=true, containerRuntime.docker.injectHosts and containerRuntime.registry.domains is ignored. + # If did not want restart docker daemon, keep containerRuntime.docker.restart=false and containerRuntime.docker.injectHosts=true. + restart: true +``` + +此配置允许 Dragonfly 拦截所有 docker 流量。 +使用上述配置部署 Dragonfly 时,dfdaemon 将重新启动 docker。 + +限制: +* 必须开启 docker 的 `live-restore` 功能 +* 需要重启 docker daemon + +**情况 2: 支持指定仓库** 定制 values.yaml 文件: ```yaml @@ -46,26 +69,6 @@ containerRuntime: 限制: * 只支持指定域名。 -**情况 2: 支持任意仓库** - -定制 values.yaml 文件: -```yaml -containerRuntime: - docker: - enable: true - # -- Restart docker daemon to redirect traffic to dfdaemon - # When containerRuntime.docker.restart=true, containerRuntime.docker.injectHosts and containerRuntime.registry.domains is ignored. - # If did not want restart docker daemon, keep containerRuntime.docker.restart=false and containerRuntime.docker.injectHosts=true. - restart: true -``` - -此配置允许 Dragonfly 拦截所有 docker 流量。 -使用上述配置部署 Dragonfly 时,dfdaemon 将重新启动 docker。 - -限制: -* 必须开启 docker 的 `live-restore` 功能 -* 需要重启 docker daemon - #### 2. Containerd Containerd 的配置有两个版本,字段复杂。有很多情况需要考虑: