Merge pull request #27800 from zhiguo-lu/zh-trans-concepts-topology-aware-hints
[zh] translate concepts/Topology Aware Hints
This commit is contained in:
		
						commit
						d29693f1d9
					
				|  | @ -0,0 +1,285 @@ | |||
| --- | ||||
| title: 拓扑感知提示 | ||||
| content_type: concept | ||||
| weight: 45 | ||||
| --- | ||||
| <!--  | ||||
| --- | ||||
| reviewers: | ||||
| - robscott | ||||
| title: Topology Aware Hints | ||||
| content_type: concept | ||||
| weight: 45 | ||||
| --- | ||||
| --> | ||||
| 
 | ||||
| <!-- overview --> | ||||
| 
 | ||||
| {{< feature-state for_k8s_version="v1.21" state="alpha" >}} | ||||
| 
 | ||||
| <!--  | ||||
| _Topology Aware Hints_ enable topology aware routing by including suggestions | ||||
| for how clients should consume endpoints. This approach adds metadata to enable | ||||
| consumers of EndpointSlice and / or and Endpoints objects, so that traffic to | ||||
| those network endpoints can be routed closer to where it originated. | ||||
| 
 | ||||
| For example, you can route traffic within a locality to reduce | ||||
| costs, or to improve network performance. | ||||
| --> | ||||
| _拓扑感知提示_ 包含客户怎么使用服务端点的建议,从而实现了拓扑感知的路由功能。 | ||||
| 这种方法添加了元数据,以启用 EndpointSlice 和/或 Endpoints 对象的调用者, | ||||
| 这样,访问这些网络端点的请求流量就可以在它的发起点附近就近路由。 | ||||
| 
 | ||||
| 例如,你可以在一个地域内路由流量,以降低通信成本,或提高网络性能。 | ||||
| 
 | ||||
| <!-- body --> | ||||
| 
 | ||||
| <!--  | ||||
| ## Motivation | ||||
| --> | ||||
| ## 动机 {#motivation} | ||||
| 
 | ||||
| <!--  | ||||
| Kubernetes clusters are increasingly deployed in multi-zone environments. | ||||
| _Topology Aware Hints_ provides a mechanism to help keep traffic within the zone | ||||
| it originated from. This concept is commonly referred to as "Topology Aware | ||||
| Routing". When calculating the endpoints for a {{< glossary_tooltip term_id="Service" >}}, | ||||
| the EndpointSlice controller considers the topology (region and zone) of each endpoint | ||||
| and populates the hints field to allocate it to a zone. | ||||
| Cluster components such as the {{< glossary_tooltip term_id="kube-proxy" text="kube-proxy" >}} | ||||
| can then consume those hints, and use them to influence how traffic to is routed | ||||
| (favoring topologically closer endpoints). | ||||
| --> | ||||
| Kubernetes 集群越来越多的部署到多区域环境中。 | ||||
| _拓扑感知提示_ 提供了一种把流量限制在它的发起区域之内的机制。 | ||||
| 这个概念一般被称之为 “拓扑感知路由”。 | ||||
| 在计算 {{< glossary_tooltip term_id="Service" >}} 的端点时, | ||||
| EndpointSlice 控制器会评估每一个端点的拓扑(地域和区域),填充提示字段,并将其分配到某个区域。 | ||||
| 集群组件,例如{{< glossary_tooltip term_id="kube-proxy" text="kube-proxy" >}} | ||||
| 就可以使用这些提示信息,并用他们来影响流量的路由(倾向于拓扑上相邻的端点)。 | ||||
| 
 | ||||
| <!--  | ||||
| ## Using Topology Aware Hints | ||||
| --> | ||||
| ## 使用拓扑感知提示 {#using-topology-aware-hints} | ||||
| 
 | ||||
| <!--  | ||||
| If you have [enabled](/docs/tasks/administer-cluster/enabling-topology-aware-hints) the | ||||
| overall feature, you can activate Topology Aware Hints for a Service by setting the | ||||
| `service.kubernetes.io/topology-aware-hints` annotation to `auto`. This tells | ||||
| the EndpointSlice controller to set topology hints if it is deemed safe. | ||||
| Importantly, this does not guarantee that hints will always be set. | ||||
| --> | ||||
| 如果你已经[启用](/zh/docs/tasks/administer-cluster/enabling-topology-aware-hints)了整个特性, | ||||
| 就可以通过把注解 `service.kubernetes.io/topology-aware-hints` 的值设置为 `auto`, | ||||
| 来激活服务的拓扑感知提示功能。 | ||||
| 这告诉 EndpointSlice 控制器在它认为安全的时候来设置拓扑提示。 | ||||
| 重要的是,这并不能保证总会设置提示(hints)。 | ||||
| 
 | ||||
| <!--  | ||||
| ## How it works {#implementation} | ||||
| --> | ||||
| ## 工作原理 {#implementation} | ||||
| 
 | ||||
| <!--  | ||||
| The functionality enabling this feature is split into two components: The | ||||
| EndpointSlice controller and the kube-proxy. This section provides a high level overview | ||||
| of how each component implements this feature. | ||||
| --> | ||||
| 此特性启用的功能分为两个组件:EndpointSlice 控制器和 kube-proxy。 | ||||
| 本节概述每个组件如何实现此特性。 | ||||
| 
 | ||||
| <!--  | ||||
| ### EndpointSlice controller {#implementation-control-plane} | ||||
| --> | ||||
| ### EndpointSlice 控制器 {#implementation-control-plane} | ||||
| 
 | ||||
| <!--  | ||||
| The EndpointSlice controller is responsible for setting hints on EndpointSlices | ||||
| when this feature is enabled. The controller allocates a proportional amount of | ||||
| endpoints to each zone. This proportion is based on the | ||||
| [allocatable](/docs/tasks/administer-cluster/reserve-compute-resources/#node-allocatable) | ||||
| CPU cores for nodes running in that zone. For example, if one zone had 2 CPU | ||||
| cores and another zone only had 1 CPU core, the controller would allocated twice | ||||
| as many endpoints to the zone with 2 CPU cores. | ||||
| --> | ||||
| 此特性开启后,EndpointSlice 控制器负责在 EndpointSlice 上设置提示信息。 | ||||
| 控制器按比例给每个区域分配一定比例数量的端点。 | ||||
| 这个比例来源于此区域中运行节点的 | ||||
| [可分配](/zh/docs/tasks/administer-cluster/reserve-compute-resources/#node-allocatable) | ||||
| CPU 核心数。 | ||||
| 例如,如果一个区域拥有 2 CPU 核心,而另一个区域只有 1 CPU 核心, | ||||
| 那控制器将给那个有 2 CPU 的区域分配两倍数量的端点。 | ||||
| 
 | ||||
| <!--  | ||||
| The following example shows what an EndpointSlice looks like when hints have | ||||
| been populated: | ||||
| --> | ||||
| 以下示例展示了提供提示信息后 EndpointSlice 的样子: | ||||
| 
 | ||||
| ```yaml | ||||
| apiVersion: discovery.k8s.io/v1 | ||||
| kind: EndpointSlice | ||||
| metadata: | ||||
|   name: example-hints | ||||
|   labels: | ||||
|     kubernetes.io/service-name: example-svc | ||||
| addressType: IPv4 | ||||
| ports: | ||||
|   - name: http | ||||
|     protocol: TCP | ||||
|     port: 80 | ||||
| endpoints: | ||||
|   - addresses: | ||||
|       - "10.1.2.3" | ||||
|     conditions: | ||||
|       ready: true | ||||
|     hostname: pod-1 | ||||
|     zone: zone-a | ||||
|     hints: | ||||
|       forZones: | ||||
|         - name: "zone-a" | ||||
| ``` | ||||
| 
 | ||||
| ### kube-proxy {#implementation-kube-proxy} | ||||
| 
 | ||||
| <!--  | ||||
| The kube-proxy component filters the endpoints it routes to based on the hints set by | ||||
| the EndpointSlice controller. In most cases, this means that the kube-proxy is able | ||||
| to route traffic to endpoints in the same zone. Sometimes the controller allocates endpoints | ||||
| from a different zone to ensure more even distribution of endpoints between zones. | ||||
| This would result in some traffic being routed to other zones. | ||||
| --> | ||||
| kube-proxy 组件依据 EndpointSlice 控制器设置的提示,过滤由它负责路由的端点。 | ||||
| 在大多数场合,这意味着 kube-proxy 可以把流量路由到同一个区域的端点。 | ||||
| 有时,控制器从某个不同的区域分配端点,以确保在多个区域之间更平均的分配端点。 | ||||
| 这会导致部分流量被路由到其他区域。 | ||||
| 
 | ||||
| <!--  | ||||
| ## Safeguards | ||||
| --> | ||||
| ## 保护措施 {#safeguards} | ||||
| 
 | ||||
| <!--  | ||||
| The Kubernetes control plane and the kube-proxy on each node apply some | ||||
| safeguard rules before using Topology Aware Hints. If these don't check out, | ||||
| the kube-proxy selects endpoints from anywhere in your cluster, regardless of the | ||||
| zone. | ||||
| --> | ||||
| Kubernetes 控制平面和每个节点上的 kube-proxy,在使用拓扑感知提示功能前,会应用一些保护措施规则。 | ||||
| 如果没有检出,kube-proxy 将无视区域限制,从集群中的任意节点上选择端点。 | ||||
| 
 | ||||
| <!--  | ||||
| 1. **Insufficient number of endpoints:** If there are less endpoints than zones | ||||
|    in a cluster, the controller will not assign any hints. | ||||
| --> | ||||
| 1. **端点数量不足:** 如果一个集群中,端点数量少于区域数量,控制器不创建任何提示。 | ||||
| 
 | ||||
| <!--  | ||||
| 2. **Impossible to achieve balanced allocation:** In some cases, it will be | ||||
|    impossible to achieve a balanced allocation of endpoints among zones. For | ||||
|    example, if zone-a is twice as large as zone-b, but there are only 2 | ||||
|    endpoints, an endpoint allocated to zone-a may receive twice as much traffic | ||||
|    as zone-b. The controller does not assign hints if it can't get this "expected | ||||
|    overload" value below an acceptable threshold for each zone. Importantly this | ||||
|    is not based on real-time feedback. It is still possible for individual | ||||
|    endpoints to become overloaded. | ||||
| --> | ||||
| 2. **不可能实现均衡分配:** 在一些场合中,不可能实现端点在区域中的平衡分配。 | ||||
|    例如,假设 zone-a 比 zone-b 大两倍,但只有 2 个端点, | ||||
|    那分配到 zone-a 的端点可能收到比 zone-b多两倍的流量。 | ||||
|    如果控制器不能确定此“期望的过载”值低于每一个区域可接受的阈值,控制器将不指派提示信息。 | ||||
|    重要的是,这不是基于实时反馈。所以对于单独的端点仍有可能超载。 | ||||
| 
 | ||||
| <!--  | ||||
| 3. **One or more Nodes has insufficient information:** If any node does not have | ||||
|    a `topology.kubernetes.io/zone` label or is not reporting a value for | ||||
|    allocatable CPU, the control plane does not set any topology-aware endpoint | ||||
|    hints and so kube-proxy does not filter endpoints by zone. | ||||
| --> | ||||
| 3. **一个或多个节点信息不足:** 如果任一节点没有设置标签 `topology.kubernetes.io/zone`, | ||||
|    或没有上报可分配的 CPU 数据,控制平面将不会设置任何拓扑感知提示, | ||||
|    继而 kube-proxy 也就不能通过区域过滤端点。 | ||||
| 
 | ||||
| <!--  | ||||
| 4. **One or more endpoints does not have a zone hint:** When this happens, | ||||
|    the kube-proxy assumes that a transition from or to Topology Aware Hints is | ||||
|    underway. Filtering endpoints for a Service in this state would be dangerous | ||||
|    so the kube-proxy falls back to using all endpoints. | ||||
| --> | ||||
| 4. **一个或多个端点没有设置区域提示:** 当这类事情发生时, | ||||
|    kube-proxy 会假设这是正在执行一个从/到拓扑感知提示的转移。 | ||||
|    在这种场合下过滤Service 的端点是有风险的,所以 kube-proxy 回撤为使用所有的端点。 | ||||
| 
 | ||||
| <!--  | ||||
| 5. **A zone is not represented in hints:** If the kube-proxy is unable to find | ||||
|    at least one endpoint with a hint targeting the zone it is running in, it falls | ||||
|    to using endpoints from all zones. This is most likely to happen as you add | ||||
|    a new zone into your existing cluster. | ||||
| --> | ||||
| 5. **不在提示中的区域:** 如果 kube-proxy 不能根据一个指示在它所在的区域中发现一个端点, | ||||
|    它回撤为使用所有节点的端点。当你的集群新增一个新的区域时,这种情况发生概率很高。 | ||||
| 
 | ||||
| <!--  | ||||
| ## Constraints | ||||
| --> | ||||
| ## 限制 {#constraints} | ||||
| 
 | ||||
| <!--  | ||||
| * Topology Aware Hints are not used when either `externalTrafficPolicy` or | ||||
|   `internalTrafficPolicy` is set to `Local` on a Service. It is possible to use | ||||
|   both features in the same cluster on different Services, just not on the same | ||||
|   Service. | ||||
| --> | ||||
| * 当 Service 的 `externalTrafficPolicy` 或 `internalTrafficPolicy` 设置值为 `Local` 时, | ||||
|   拓扑感知提示功能不可用。 | ||||
|   你可以在一个集群的不同服务中使用这两个特性,但不能在同一个服务中这么做。 | ||||
| 
 | ||||
| <!--  | ||||
| * This approach will not work well for Services that have a large proportion of | ||||
|   traffic originating from a subset of zones. Instead this assumes that incoming | ||||
|   traffic will be roughly proportional to the capacity of the Nodes in each | ||||
|   zone. | ||||
| --> | ||||
| * 这种方法不适用于大部分流量来自于一部分区域的服务。 | ||||
|   相反的,这里假设入站流量将根据每个区域中节点的服务能力按比例的分配。 | ||||
| 
 | ||||
| <!--  | ||||
| * The EndpointSlice controller ignores unready nodes as it calculates the | ||||
|   proportions of each zone. This could have unintended consequences if a large | ||||
|   portion of nodes are unready. | ||||
| --> | ||||
| * EndpointSlice 控制器在计算每一个区域的容量比例时,会忽略未就绪的节点。 | ||||
|   在大量节点未就绪的场景下,这样做会带来非预期的结果。 | ||||
| 
 | ||||
| <!--  | ||||
| * The EndpointSlice controller does not take into account {{< glossary_tooltip | ||||
|   text="tolerations" term_id="toleration" >}} when deploying calculating the | ||||
|   proportions of each zone. If the Pods backing a Service are limited to a | ||||
|   subset of Nodes in the cluster, this will not be taken into account. | ||||
| --> | ||||
| * EndpointSlice 控制器在计算每一个区域的部署比例时,并不会考虑 | ||||
|   {{< glossary_tooltip text="容忍度" term_id="toleration" >}}。 | ||||
|   如果服务后台的 Pod 被限制只能运行在集群节点的一个子集上,这些信息并不会被使用。 | ||||
| 
 | ||||
| <!--  | ||||
| * This may not work well with autoscaling. For example, if a lot of traffic is | ||||
|   originating from a single zone, only the endpoints allocated to that zone will | ||||
|   be handling that traffic. That could result in {{< glossary_tooltip | ||||
|   text="Horizontal Pod Autoscaler" term_id="horizontal-pod-autoscaler" >}} | ||||
|   either not picking up on this event, or newly added pods starting in a | ||||
|   different zone. | ||||
| --> | ||||
| * 这种方法和自动扩展机制之间不能很好的协同工作。例如,如果大量流量来源于一个区域, | ||||
|   那只有分配到该区域的端点才可用来处理流量。这会导致 | ||||
|   {{< glossary_tooltip text="Pod 自动水平扩展" term_id="horizontal-pod-autoscaler" >}} | ||||
|   要么不能拾取此事件,要么新增 Pod 被启动到其他区域。 | ||||
| 
 | ||||
| ## {{% heading "whatsnext" %}} | ||||
| 
 | ||||
| <!--  | ||||
| * Read about [enabling Topology Aware Hints](/docs/tasks/administer-cluster/enabling-topology-aware-hints/) | ||||
| * Read [Connecting Applications with Services](/docs/concepts/services-networking/connect-applications-service/) | ||||
| --> | ||||
| * 参阅[启用拓扑感知提示](/zh/docs/tasks/administer-cluster/enabling-topology-aware-hints/) | ||||
| * 参阅[通过服务连通应用](/zh/docs/concepts/services-networking/connect-applications-service/) | ||||
		Loading…
	
		Reference in New Issue