实现一个极简 K8s apiserver

本文实现了一个符合 Kubernetes REST 风格的极简 apiserver,代码量只有 500 行左右。无论是单独运行还是集成到 K8s 集群,它都支持 kubectl 增删改查操作。动手把玩这个 apiserver,可以很好理解 K8s apiserver aggregation 原理,以及 kubectl 与 apiserver 的交互机制

K8s CustomResourceDefinitions (CRD) 原理

K8s CustomResourceDefinition (CRD) 为使用者提供了开箱即用的 REST API 拓展能力。使用方只需创建一份 CRD 声明,kube-apiserver 就会自动提供一套成熟的 HTTP REST API,并直接将 Custom Resources 存储到背后存储(通常是 etcd)中。本文由浅入深,先展示了 CRD 的基本使用方式、kubectl 与对应 Custom API 模块的交互原理,再深入探究 CRD 在 kube-apiserver 内部的实现原理,最后对其特性的利弊做了总结

Enable Kubelet Serving Certificates in Kubernetes Setup by Kubeadmin

Setting up a Kubernetes cluster with a newly deployed metrics server often results in the following error message: Failed to scrape node, err=Get https://172.18.0.3:10250/metrics/resource: x509: cannot validate certificate for 172.18.0.3 because it doesn't contain any IP SANs node=kind-worker. This can be frustrating. In this post, I will demonstrate how to solve this problem in KinD.

Http Range Request and MP4 Video Play in Browser

HTTP range request is a widely used feature when it comes to file resource. Besides covering basic concept of range request, this blog show how HTTP range request works in browsers. Behaviors of Chrome, FireFox and Safari are coverd. several sample HTTP servers written in Golang are used to trick browsers.

Terminate Container in Responsive and Graceful Way

Running application in container as PID 1 is quite common today, shutdown application responsively and gracefully is hard. This article show how PID 1 behave in container and provides serveral ways to make container shutdown as we want.

虚拟网络环境中 Docker MTU 问题及解决方式

在 SDN 网络环境中,如果 docker0 bridge MTU 1500 大于 Host MTU(如 1400)时,会出现「即小包可通,大包不通」的情况,直观来说就是 ping 8.8.8.8 能通,但是网站打不开、apt update 卡住不动、更无法下载文件。本文将复现并教你如何解决该问题