493 lines
644 KiB
Diff
493 lines
644 KiB
Diff
|
From 5cab44aa7709c743a1968ea5ac44863e6cf5434c Mon Sep 17 00:00:00 2001
|
|||
|
|
From: haozi007 <liuhao27@huawei.com>
|
|||
|
|
Date: Thu, 16 Mar 2023 11:41:43 +0800
|
|||
|
|
Subject: [PATCH 28/46] add design docs for cri manager
|
|||
|
|
|
|||
|
|
Signed-off-by: haozi007 <liuhao27@huawei.com>
|
|||
|
|
---
|
|||
|
|
docs/cri_pod_manager_design.md | 432 ++++++++++++++++++
|
|||
|
|
docs/design/isulad_cri_listcontainerstats.svg | 1 +
|
|||
|
|
docs/design/isulad_cri_remove_pod.svg | 1 +
|
|||
|
|
docs/design/isulad_cri_run_pod.svg | 1 +
|
|||
|
|
docs/design/isulad_cri_stop_pod.svg | 1 +
|
|||
|
|
5 files changed, 436 insertions(+)
|
|||
|
|
create mode 100644 docs/cri_pod_manager_design.md
|
|||
|
|
create mode 100644 docs/design/isulad_cri_listcontainerstats.svg
|
|||
|
|
create mode 100644 docs/design/isulad_cri_remove_pod.svg
|
|||
|
|
create mode 100644 docs/design/isulad_cri_run_pod.svg
|
|||
|
|
create mode 100644 docs/design/isulad_cri_stop_pod.svg
|
|||
|
|
|
|||
|
|
diff --git a/docs/cri_pod_manager_design.md b/docs/cri_pod_manager_design.md
|
|||
|
|
new file mode 100644
|
|||
|
|
index 00000000..aa7ac165
|
|||
|
|
--- /dev/null
|
|||
|
|
+++ b/docs/cri_pod_manager_design.md
|
|||
|
|
@@ -0,0 +1,432 @@
|
|||
|
|
+| Author | 刘昊 |
|
|||
|
|
+| ------ | ------------------------------------------ |
|
|||
|
|
+| Date | 2023-03-06 |
|
|||
|
|
+| Email | [liuhao27@huawei.com](liuhao27@huawei.com) |
|
|||
|
|
+
|
|||
|
|
+本文主要对 `iSulad` 的 `CRI` 实现部分进行源码级别的学习和研究,为后续想了解 `CRI` 或者 `iSulad` 的同学提供帮助。
|
|||
|
|
+
|
|||
|
|
+*注:本文以iSulad 2.0.18版本为分析对象。*
|
|||
|
|
+
|
|||
|
|
+本文主要是针对 `CRI` 的 `RuntimeService` 部分,涉及如下接口:
|
|||
|
|
+- `RunPodSandbox`
|
|||
|
|
+- `StopPodSandbox`
|
|||
|
|
+- `RemovePodSandbox`
|
|||
|
|
+- `PodSandboxStatus`
|
|||
|
|
+- `ListPodSandbox`
|
|||
|
|
+- `UpdateRuntimeConfig`
|
|||
|
|
+- `Status`
|
|||
|
|
+- `ContainerStats`
|
|||
|
|
+- `ListContainerStats`
|
|||
|
|
+
|
|||
|
|
+## CRI 代码结构
|
|||
|
|
+
|
|||
|
|
+CRI 涉及代码文件如下:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+// CRI proto文件
|
|||
|
|
+src/api/services/cri/api.proto
|
|||
|
|
+// proto 文件解析生成入口
|
|||
|
|
+cmake/protoc.cmake
|
|||
|
|
+
|
|||
|
|
+// grpc服务注册入口
|
|||
|
|
+src/daemon/entry/connect/grpc/grpc_service.cc
|
|||
|
|
+// cri 镜像部分的封装类
|
|||
|
|
+src/daemon/entry/connect/grpc/runtime_image_service.h
|
|||
|
|
+// cri runtime 部分的封装类
|
|||
|
|
+src/daemon/entry/connect/grpc/runtime_runtime_service.h
|
|||
|
|
+
|
|||
|
|
+// cri 具体实现目录
|
|||
|
|
+src/daemon/entry/cri/
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+### CRI gRPC 服务注册和封装
|
|||
|
|
+
|
|||
|
|
+iSulad `gRPC` 模式下,直接在 `gRPC` 服务初始化时,注册了 `CRI` 服务:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+// src/daemon/entry/connect/grpc/grpc_service.cc
|
|||
|
|
+int Init(const struct service_arguments *args)
|
|||
|
|
+{
|
|||
|
|
+ // 注册CRI runtime服务
|
|||
|
|
+ m_builder.RegisterService(&m_runtimeRuntimeService);
|
|||
|
|
+ // 注册CRI 镜像服务
|
|||
|
|
+ m_builder.RegisterService(&m_runtimeImageService);
|
|||
|
|
+}
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+`CRI` 服务初始化:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+// src/daemon/entry/connect/grpc/runtime_runtime_service.cc
|
|||
|
|
+void RuntimeRuntimeServiceImpl::Init(Network::NetworkPluginConf mConf, isulad_daemon_configs *config, Errors &err)
|
|||
|
|
+{
|
|||
|
|
+ ...
|
|||
|
|
+ // 初始化 CNI 网络插件
|
|||
|
|
+ Network::ProbeNetworkPlugins(mConf.GetPluginConfDir(), mConf.GetPluginBinDir(), &plugins);
|
|||
|
|
+ Network::InitNetworkPlugin(&plugins, mConf.GetPluginName(), mConf.GetHairpinMode(), mConf.GetNonMasqueradeCIDR(), mConf.GetMTU(), &chosen, err);
|
|||
|
|
+
|
|||
|
|
+ // 初始化,CRI 服务具体实现的类
|
|||
|
|
+ RuntimeVersionerService *runtimeVersioner = new RuntimeVersionerServiceImpl(cb);
|
|||
|
|
+ ContainerManagerService *containerManager = new ContainerManagerServiceImpl(cb);
|
|||
|
|
+ PodSandboxManagerService *podSandboxManager = new PodSandboxManagerServiceImpl(podSandboxImage, cb, pluginManager);
|
|||
|
|
+ RuntimeManagerService *runtimeManager = new RuntimeManagerServiceImpl(cb, pluginManager);
|
|||
|
|
+ std::unique_ptr<CRI::CRIRuntimeService> service(
|
|||
|
|
+ new CRIRuntimeServiceImpl(runtimeVersioner, containerManager, podSandboxManager, runtimeManager));
|
|||
|
|
+ rService = std::move(service);
|
|||
|
|
+ // 初始化websocket服务
|
|||
|
|
+ websocket_server_init(err);
|
|||
|
|
+ ...
|
|||
|
|
+}
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+由于 `CRI` 具体实现类,定义在 `src/daemon/entry/cri/` 目录中;iSulad 通过封装的方式,在 `grpc` 服务提供了统一的入口,包括镜像和runtime两个封装类:
|
|||
|
|
+- src/daemon/entry/connect/grpc/runtime_image_service.cc
|
|||
|
|
+- src/daemon/entry/connect/grpc/runtime_runtime_service.cc
|
|||
|
|
+
|
|||
|
|
+## PodSandbox 相关接口
|
|||
|
|
+
|
|||
|
|
+第一部分,对 `CRI` 的新增的 `Pod` 相关的接口进行详细的探讨。
|
|||
|
|
+
|
|||
|
|
+### RunPodSandbox
|
|||
|
|
+
|
|||
|
|
+`RunPodSandbox` 负责 `Pod` 的创建、启动,以及网络环境准备等操作。
|
|||
|
|
+
|
|||
|
|
+相关组件的序列图如下:
|
|||
|
|
+
|
|||
|
|
+```mermaid
|
|||
|
|
+sequenceDiagram
|
|||
|
|
+ kubelet ->> CRI-isula: call RunPod
|
|||
|
|
+ CRI-isula ->> iSulad: create container
|
|||
|
|
+ CRI-isula ->> iSulad: inspect container
|
|||
|
|
+ CRI-isula ->> cni plugin: prepare network
|
|||
|
|
+ cni plugin -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> iSulad: start container
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula -->> kubelet: return
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+源码实现,概要逻辑如下:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+// src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc
|
|||
|
|
+auto PodSandboxManagerServiceImpl::RunPodSandbox(const runtime::v1alpha2::PodSandboxConfig &config, const std::string &runtimeHandler, Errors &error) -> std::string
|
|||
|
|
+{
|
|||
|
|
+ ...
|
|||
|
|
+ // Step1:根据Pod镜像策略,如果镜像不存在,是否下载
|
|||
|
|
+ EnsureSandboxImageExists()
|
|||
|
|
+ // Step2:根据Pod配置,生成Pod对应容器的配置;
|
|||
|
|
+ // 根据runtime选择对应的容器运行时;
|
|||
|
|
+ CreateSandboxContainer()
|
|||
|
|
+ // Step3:标识Pod网络状态为false
|
|||
|
|
+ SetNetworkReady()
|
|||
|
|
+ // Step4:通过inspect获取Pod信息,用于后续流程;
|
|||
|
|
+ // 以及判定Pod状态是否符合预期;
|
|||
|
|
+ InspectContainer()
|
|||
|
|
+ // Step5:判断网络模式为file,是则先创建网络命名空间;
|
|||
|
|
+ // 并且调用CNI插件,设置网络设备;
|
|||
|
|
+ util_mount_namespace()
|
|||
|
|
+ SetupSandboxNetwork()
|
|||
|
|
+ // Step6:启动Pod
|
|||
|
|
+ StartSandboxContainer()
|
|||
|
|
+ // Step7:非file网络模式,则使用容器启动创建的网络名空间;
|
|||
|
|
+ // 然后调用CNI插件,设置网络设备;
|
|||
|
|
+ SetupSandboxNetwork()
|
|||
|
|
+ ...
|
|||
|
|
+}
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+详细的代码走读,代码流程图如下:
|
|||
|
|
+
|
|||
|
|
+<img src="./design/isulad_cri_run_pod.svg" alt="runpod">
|
|||
|
|
+
|
|||
|
|
+### StopPodSandbox
|
|||
|
|
+
|
|||
|
|
+`StopPodSandbox` 负责 `Pod` 的停止,以及网络资源的清理。
|
|||
|
|
+
|
|||
|
|
+相关组件的序列图如下:
|
|||
|
|
+
|
|||
|
|
+```mermaid
|
|||
|
|
+sequenceDiagram
|
|||
|
|
+ kubelet ->> CRI-isula: call StopPod
|
|||
|
|
+ CRI-isula ->> iSulad: get container info
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> iSulad: stop all containers in pod
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> cni plugin: clear cni networks
|
|||
|
|
+ cni plugin -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> iSulad: stop pod
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula -->> kubelet: return
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+源码实现,概要逻辑如下:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+void PodSandboxManagerServiceImpl::StopPodSandbox(const std::string &podSandboxID, Errors &error)
|
|||
|
|
+{
|
|||
|
|
+ // Step1: get real pod ID
|
|||
|
|
+ GetRealSandboxIDToStop(podSandboxID, hostNetwork, name, ns, realSandboxID, stdAnnos, error);
|
|||
|
|
+ // Step2: stop all containers in pod
|
|||
|
|
+ StopAllContainersInSandbox(realSandboxID, error);
|
|||
|
|
+ // Step3: clear cni network
|
|||
|
|
+ ClearCniNetwork(realSandboxID, hostNetwork, ns, name, errlist, stdAnnos, error);
|
|||
|
|
+ // Step4: stop pod
|
|||
|
|
+ StopContainerHelper(realSandboxID, error);
|
|||
|
|
+}
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+详细的代码走读,代码流程图如下:
|
|||
|
|
+
|
|||
|
|
+<img src="./design/isulad_cri_stop_pod.svg" alt="stoppod">
|
|||
|
|
+
|
|||
|
|
+### RemovePodSandbox
|
|||
|
|
+
|
|||
|
|
+`RemovePodSandbox` 负责删除 `Pod` ,包括对应容器的删除和其他数据的清理。
|
|||
|
|
+
|
|||
|
|
+相关组件的序列图如下:
|
|||
|
|
+
|
|||
|
|
+```mermaid
|
|||
|
|
+sequenceDiagram
|
|||
|
|
+ kubelet ->> CRI-isula: call RemovePod
|
|||
|
|
+ CRI-isula ->> iSulad: get container info
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> iSulad: remove all containers in pod
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> iSulad: remove pod
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula -->> kubelet: return
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+源码实现,概要逻辑如下:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+void PodSandboxManagerServiceImpl::RemovePodSandbox(const std::string &podSandboxID, Errors &error)
|
|||
|
|
+{
|
|||
|
|
+ // Step1: get real pod ID
|
|||
|
|
+ GetRealSandboxIDToStop(podSandboxID, hostNetwork, name, ns, realSandboxID, stdAnnos, error);
|
|||
|
|
+ // Step2: remove all containers in pod
|
|||
|
|
+ RemoveAllContainersInSandbox(realSandboxID, errors);
|
|||
|
|
+ // Step3: remove pod
|
|||
|
|
+ DoRemovePodSandbox(realSandboxID, errors);
|
|||
|
|
+}
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+详细的代码走读,代码流程图如下:
|
|||
|
|
+
|
|||
|
|
+<img src="./design/isulad_cri_remove_pod.svg" alt="removepod">
|
|||
|
|
+
|
|||
|
|
+### PodSandboxStatus
|
|||
|
|
+
|
|||
|
|
+`PodSandboxStatus` 负责获取 `Pod` 的状态信息,包括网络信息、创建时间、state、meta-data等等数据。
|
|||
|
|
+
|
|||
|
|
+相关组件的序列图如下:
|
|||
|
|
+
|
|||
|
|
+```mermaid
|
|||
|
|
+sequenceDiagram
|
|||
|
|
+ kubelet ->> CRI-isula: call Pod status
|
|||
|
|
+ CRI-isula ->> iSulad: get pod real ID
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> iSulad: call Inspect Pod
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> CRI-isula: set data from inspect response
|
|||
|
|
+ CRI-isula ->> CNI: call network status
|
|||
|
|
+ CNI -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> CRI-isula: set network ip and so on
|
|||
|
|
+ CRI-isula -->> kubelet: return
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+源码实现,概要逻辑如下:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+std::unique_ptr<runtime::v1alpha2::PodSandboxStatus>
|
|||
|
|
+PodSandboxManagerServiceImpl::PodSandboxStatus(const std::string &podSandboxID, Errors &error)
|
|||
|
|
+{
|
|||
|
|
+ // Step1: get real pod ID
|
|||
|
|
+ GetRealSandboxIDToStop(podSandboxID, hostNetwork, name, ns, realSandboxID, stdAnnos, error);
|
|||
|
|
+ // Step2: inspect pod sandbox
|
|||
|
|
+ InspectContainer(realSandboxID, error, true);
|
|||
|
|
+ // Step3: set status from inspect reponse
|
|||
|
|
+ PodSandboxStatusToGRPC(inspect, realSandboxID, podStatus, error);
|
|||
|
|
+ // Step 3.1 set timestamp
|
|||
|
|
+ podStatus->set_created_at(createdAt);
|
|||
|
|
+ // Step 3.2 set state
|
|||
|
|
+ podStatus->set_state(runtime::v1alpha2::SANDBOX_READY);
|
|||
|
|
+ // Step 3.3 set labels and annotations
|
|||
|
|
+ CRIHelpers::ExtractLabels(inspect->config->labels, *podStatus->mutable_labels());
|
|||
|
|
+ CRIHelpers::ExtractAnnotations(inspect->config->annotations, *podStatus->mutable_annotations());
|
|||
|
|
+ // Step 3.4 set options
|
|||
|
|
+ options->set_network(SharesHostNetwork(inspect));
|
|||
|
|
+ options->set_pid(SharesHostPid(inspect));
|
|||
|
|
+ options->set_ipc(SharesHostIpc(inspect));
|
|||
|
|
+ // Step 3.5 set network status
|
|||
|
|
+ SetSandboxStatusNetwork(inspect, podSandboxID, podStatus, error);
|
|||
|
|
+}
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+详细的代码走读,代码流程图在 [StopPod代码走读中](#stoppodsandbox) 中进行了详细的分析,可以参考对应的部分。
|
|||
|
|
+
|
|||
|
|
+## 通用接口
|
|||
|
|
+
|
|||
|
|
+### UpdateRuntimeConfig
|
|||
|
|
+
|
|||
|
|
+`UpdateRuntimeConfig` 负责对运行配置进行更新,当前只有 `CIDR` 的配置更新。
|
|||
|
|
+
|
|||
|
|
+相关组件的序列图如下:
|
|||
|
|
+
|
|||
|
|
+```mermaid
|
|||
|
|
+sequenceDiagram
|
|||
|
|
+ kubelet ->> CRI-isula: call update runtime config
|
|||
|
|
+ CRI-isula ->> network plugin: update
|
|||
|
|
+ network plugin -->> cni plugin: update
|
|||
|
|
+ cni plugin ->> network plugin: return
|
|||
|
|
+ network plugin -->> CRI-isula: return
|
|||
|
|
+ CRI-isula -->> kubelet: return
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+源码实现,概要逻辑如下:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+// src/daemon/entry/cri/cri_runtime_manager_service_impl.cc
|
|||
|
|
+void RuntimeManagerServiceImpl::UpdateRuntimeConfig(const runtime::v1alpha2::RuntimeConfig &config, Errors & /*error*/)
|
|||
|
|
+{
|
|||
|
|
+ // 设置用户传入的新CIDR值
|
|||
|
|
+ events[NET_PLUGIN_EVENT_POD_CIDR_CHANGE_DETAIL_CIDR] = config.network_config().pod_cidr();
|
|||
|
|
+ // 调用网络插件 --> CNI 网络模块,刷新CIDR配置
|
|||
|
|
+ m_pluginManager->Event(NET_PLUGIN_EVENT_POD_CIDR_CHANGE, events);
|
|||
|
|
+}
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+代码结构比较简单,只是更新了类的一个成员的值;因此,不做详细的分析。
|
|||
|
|
+
|
|||
|
|
+### Status
|
|||
|
|
+
|
|||
|
|
+`Status` 接口,主要用于获取容器引擎的 和 网络模块的状态是否正常。
|
|||
|
|
+
|
|||
|
|
+相关组件的序列图如下:
|
|||
|
|
+
|
|||
|
|
+```mermaid
|
|||
|
|
+sequenceDiagram
|
|||
|
|
+ kubelet ->> CRI-isula: call Status
|
|||
|
|
+ CRI-isula ->> iSulad: call version
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> CRI-isula: set state of runtime
|
|||
|
|
+ CRI-isula ->> network plugin: Status
|
|||
|
|
+ network plugin -->> cni plugin: Status
|
|||
|
|
+ cni plugin ->> network plugin: return
|
|||
|
|
+ network plugin -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> CRI-isula: set state of network
|
|||
|
|
+ CRI-isula -->> kubelet: return
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+源码实现,概要逻辑如下:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+// src/daemon/entry/cri/cri_runtime_manager_service_impl.cc
|
|||
|
|
+auto RuntimeManagerServiceImpl::Status(Errors &error) -> std::unique_ptr<runtime::v1alpha2::RuntimeStatus>
|
|||
|
|
+{
|
|||
|
|
+ // 获取isulad的版本信息
|
|||
|
|
+ m_cb->container.version(nullptr, &response);
|
|||
|
|
+ // 设置对应的状态
|
|||
|
|
+ runtimeReady->set_status(true/false);
|
|||
|
|
+ // 调用网络插件的Status
|
|||
|
|
+ m_pluginManager->Status(error);
|
|||
|
|
+ // 设置对应的状态信息
|
|||
|
|
+ networkReady->set_status(true/false);
|
|||
|
|
+}
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+代码结构比较简单,只是获取两个模块的状态,然后设置返回值;因此,不做详细的分析。
|
|||
|
|
+
|
|||
|
|
+## 容器相关接口
|
|||
|
|
+
|
|||
|
|
+### ContainerStats
|
|||
|
|
+
|
|||
|
|
+`ContainerStats` 负责获取容器的度量数据。
|
|||
|
|
+
|
|||
|
|
+相关组件的序列图如下:
|
|||
|
|
+
|
|||
|
|
+```mermaid
|
|||
|
|
+sequenceDiagram
|
|||
|
|
+ kubelet ->> CRI-isula: call ContainerStats
|
|||
|
|
+ CRI-isula ->> iSulad: call container.stats
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> iSulad: call inspect
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> CRI-isula: set meta-data
|
|||
|
|
+ CRI-isula ->> CRI-isula: set labels and annotations
|
|||
|
|
+ CRI-isula ->> CRI-isula: set file usage
|
|||
|
|
+ CRI-isula ->> CRI-isula: set memory usage
|
|||
|
|
+ CRI-isula ->> CRI-isula: set cpu usage
|
|||
|
|
+ CRI-isula -->> kubelet: return
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+源码实现,概要逻辑如下:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+// src/daemon/entry/cri/cri_container_manager_service_impl.cc
|
|||
|
|
+auto ContainerManagerServiceImpl::ContainerStats(const std::string &containerID, Errors &error)
|
|||
|
|
+-> std::unique_ptr<runtime::v1alpha2::ContainerStats>
|
|||
|
|
+{
|
|||
|
|
+ // 获取容器的stats信息
|
|||
|
|
+ m_cb->container.stats(request, &response);
|
|||
|
|
+ // 转换返回信息为CRI 对应的结果
|
|||
|
|
+ ContainerStatsToGRPC(response, &contStatsVec, error);
|
|||
|
|
+ // inspect容器,获取meta-data信息,设置到返回值中
|
|||
|
|
+ PackContainerStatsAttributes(response->container_stats[i]->id, container, error);
|
|||
|
|
+ // 获取容器使用的文件系统大小等度量数据
|
|||
|
|
+ PackContainerStatsFilesystemUsage(response->container_stats[i]->id, response->container_stats[i]->image_type, timestamp, container);
|
|||
|
|
+ // 设置内存度量数据
|
|||
|
|
+ container->mutable_memory()->mutable_working_set_bytes()->set_value(workingset);
|
|||
|
|
+ container->mutable_memory()->set_timestamp(timestamp);
|
|||
|
|
+ // 设置CPU度量数据
|
|||
|
|
+ container->mutable_cpu()->mutable_usage_core_nano_seconds()->set_value(response->container_stats[i]->cpu_use_nanos);
|
|||
|
|
+ container->mutable_cpu()->set_timestamp(timestamp);
|
|||
|
|
+}
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+
|
|||
|
|
+由于 `ContainerStats` 和 `ListContainerStats` 实现基本一致,因此,详细分析部分放到一起分析,具体见 `ListContainerStats` 章节。
|
|||
|
|
+
|
|||
|
|
+### ListContainerStats
|
|||
|
|
+
|
|||
|
|
+`ListContainerStats` 负责获取多容器的度量数据。
|
|||
|
|
+
|
|||
|
|
+相关组件的序列图如下:
|
|||
|
|
+
|
|||
|
|
+```mermaid
|
|||
|
|
+sequenceDiagram
|
|||
|
|
+ kubelet ->> CRI-isula: call ContainerStats
|
|||
|
|
+ CRI-isula ->> iSulad: call container.stats with filter
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> iSulad: call inspect
|
|||
|
|
+ iSulad -->> CRI-isula: return
|
|||
|
|
+ CRI-isula ->> CRI-isula: set meta-data
|
|||
|
|
+ CRI-isula ->> CRI-isula: set labels and annotations
|
|||
|
|
+ CRI-isula ->> CRI-isula: set file usage
|
|||
|
|
+ CRI-isula ->> CRI-isula: set memory usage
|
|||
|
|
+ CRI-isula ->> CRI-isula: set cpu usage
|
|||
|
|
+ CRI-isula -->> kubelet: return
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+ 跟 `ContainerStats` 唯一的区别是,调用 `container->stats()` 的参数不同,`ListContainerStats` 根据过滤器去获取需要采集度量数据的容器列表,而 `ContainerStats` 只采集确定容器ID 的度量数据。
|
|||
|
|
+
|
|||
|
|
+源码实现,概要逻辑如下:
|
|||
|
|
+
|
|||
|
|
+```c
|
|||
|
|
+// src/daemon/entry/cri/cri_container_manager_service_impl.cc
|
|||
|
|
+void ContainerManagerServiceImpl::ListContainerStats(const runtime::v1alpha2::ContainerStatsFilter *filter, std::vector<std::unique_ptr<runtime::v1alpha2::ContainerStats>> *containerstats, Errors &error)
|
|||
|
|
+{
|
|||
|
|
+ // 根据用户参数,设置stats的过滤条件
|
|||
|
|
+ PackContainerStatsFilter(filter, request, error);
|
|||
|
|
+ // 获取容器的stats信息
|
|||
|
|
+ m_cb->container.stats(request, &response);
|
|||
|
|
+ // 转换返回信息为CRI 对应的结果 --> 与ContainerStats逻辑相同
|
|||
|
|
+ ContainerStatsToGRPC(response, &contStatsVec, error);
|
|||
|
|
+}
|
|||
|
|
+```
|
|||
|
|
+
|
|||
|
|
+详细的代码走读,代码流程图如下:
|
|||
|
|
+
|
|||
|
|
+<img src="./design/isulad_cri_listcontainerstats.svg" alt="listcontainerstats">
|
|||
|
|
+
|
|||
|
|
+
|
|||
|
|
diff --git a/docs/design/isulad_cri_listcontainerstats.svg b/docs/design/isulad_cri_listcontainerstats.svg
|
|||
|
|
new file mode 100644
|
|||
|
|
index 00000000..8781c39a
|
|||
|
|
--- /dev/null
|
|||
|
|
+++ b/docs/design/isulad_cri_listcontainerstats.svg
|
|||
|
|
@@ -0,0 +1 @@
|
|||
|
|
+<svg xmlns="http://www.w3.org/2000/svg" version="1.1" height="2580.9999999999995px" width="1931.0000000000005px" viewBox="-10 -10 1951.0000000000005 2600.9999999999995" content="<mxGraphModel dx="2880" dy="1814" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="0" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0"><root><mxCell id="0"/><mxCell id="1" parent="0"/><mxCell id="185" value="" style="rounded=0;whiteSpace=wrap;html=1;labelBackgroundColor=none;fillColor=#2A2A2A;" parent="1" vertex="1"><mxGeometry x="-610" y="70" width="1930" height="2580" as="geometry"/></mxCell><mxCell id="4" value="" style="edgeStyle=none;html=1;" parent="1" source="2" target="3" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="2" value="&lt;div style=&quot;background-color: rgb(30 , 30 , 30) ; font-family: &amp;#34;consolas&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; line-height: 19px&quot;&gt;&lt;font style=&quot;font-size: 18px&quot; color=&quot;#4d9900&quot;&gt;&lt;b&gt;ListContainerStats&lt;/b&gt;&lt;/font&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="-290" y="130" width="210" height="50" as="geometry"/></mxCell><mxCell id="16" value="" style="edgeStyle=none;html=1;" parent="1" source="3" target="15" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="3" value="&lt;div style=&quot;color: rgb(212 , 212 , 212) ; background-color: rgb(30 , 30 , 30) ; font-family: &amp;#34;consolas&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 14px ; line-height: 19px&quot;&gt;&lt;span style=&quot;color: #dcdcaa&quot;&gt;PackContainerStatsFilter&lt;/span&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="420" y="135" width="210" height="40" as="geometry"/></mxCell><mxCell id="8" value="" style="edgeStyle=none;html=1;" parent="1" source="5" target="7" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="5" value="&lt;div style=&quot;color: rgb(212 , 212 , 212) ; background-color: rgb(30 , 30 , 30) ; font-family: &amp;#34;consolas&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 14px ; line-height: 19px&quot;&gt;&lt;span style=&quot;color: #9cdcfe&quot;&gt;call container&lt;/span&gt;.&lt;span style=&quot;color: #9cdcfe&quot;&gt;stats()&lt;/span&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="450" y="290" width="150" height="50" as="geometry"/></mxCell><mxCell id="10" value="" style="edgeStyle=none;html=1;" parent="1" source="7" target="9" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="13" value="" s
|
|||
|
|
\ No newline at end of file
|
|||
|
|
diff --git a/docs/design/isulad_cri_remove_pod.svg b/docs/design/isulad_cri_remove_pod.svg
|
|||
|
|
new file mode 100644
|
|||
|
|
index 00000000..f470bd17
|
|||
|
|
--- /dev/null
|
|||
|
|
+++ b/docs/design/isulad_cri_remove_pod.svg
|
|||
|
|
@@ -0,0 +1 @@
|
|||
|
|
+<svg xmlns="http://www.w3.org/2000/svg" version="1.1" height="1071px" width="1891px" viewBox="-10 -10 1911 1091" content="<mxGraphModel dx="1128" dy="635" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="0" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0"><root><mxCell id="0"/><mxCell id="1" parent="0"/><mxCell id="82" value="" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="-310" y="180" width="1890" height="1070" as="geometry"/></mxCell><mxCell id="64" style="edgeStyle=none;html=1;entryX=1;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="63" target="24" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="63" value="" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="580" y="480" width="950" height="620" as="geometry"/></mxCell><mxCell id="4" value="" style="edgeStyle=none;html=1;" parent="1" source="2" target="3" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="2" value="&lt;div style=&quot;color: rgb(212 , 212 , 212) ; background-color: rgb(30 , 30 , 30) ; font-family: &amp;#34;consolas&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 14px ; line-height: 19px&quot;&gt;&lt;span style=&quot;color: #dcdcaa&quot;&gt;RemovePodSandbox&lt;/span&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="150" y="240" width="140" height="40" as="geometry"/></mxCell><mxCell id="6" value="" style="edgeStyle=none;html=1;" parent="1" source="3" target="5" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="3" value="&lt;div style=&quot;color: rgb(212 , 212 , 212) ; background-color: rgb(30 , 30 , 30) ; font-family: &amp;#34;consolas&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 14px ; line-height: 19px&quot;&gt;&lt;span style=&quot;color: #dcdcaa&quot;&gt;GetRealContainerOrSandboxID&lt;/span&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="360" y="235" width="230" height="50" as="geometry"/></mxCell><mxCell id="8" value="" style="edgeStyle=none;html=1;" parent="1" source="5" target="7" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="14" style="edgeStyle=none;html=1;entryX=1;entryY=0.5;entryDx=0;entryDy=0;" parent="1" source="5" target="13" edge="1"><mxGeometry relative="1" as="geometry"><Array as="points"><mxPoint x="680" y="405"/></Array></mxGeometry></mxCell><mxCell id="5" value="error?" style="rhombus;whiteSpace=wrap;html=1;rounded=1;" parent="1" vertex="1"><mxGeometry x="640" y="220" w
|
|||
|
|
\ No newline at end of file
|
|||
|
|
diff --git a/docs/design/isulad_cri_run_pod.svg b/docs/design/isulad_cri_run_pod.svg
|
|||
|
|
new file mode 100644
|
|||
|
|
index 00000000..87ffad73
|
|||
|
|
--- /dev/null
|
|||
|
|
+++ b/docs/design/isulad_cri_run_pod.svg
|
|||
|
|
@@ -0,0 +1 @@
|
|||
|
|
+<svg xmlns="http://www.w3.org/2000/svg" version="1.1" height="2991px" width="4170.999999999999px" viewBox="-10 -10 4190.999999999999 3011" content="<mxGraphModel dx="4366" dy="1814" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="0" pageScale="1" pageWidth="827" pageHeight="1169" background="#1A1A1A" math="0" shadow="0"><root><mxCell id="0"/><mxCell id="1" parent="0"/><mxCell id="319" value="" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#1A1A1A;" parent="1" vertex="1"><mxGeometry x="-1500" y="290" width="4170" height="2990" as="geometry"/></mxCell><mxCell id="310" value="" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="-1360" y="1620" width="1040" height="1420" as="geometry"/></mxCell><mxCell id="37" value="" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="1170" y="1025" width="200" height="455" as="geometry"/></mxCell><mxCell id="33" value="" style="whiteSpace=wrap;html=1;aspect=fixed;align=left;" parent="1" vertex="1"><mxGeometry x="900" y="950" width="170" height="170" as="geometry"/></mxCell><mxCell id="7" style="edgeStyle=none;html=1;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="2" target="3" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="2" value="&lt;div style=&quot;color: rgb(212 , 212 , 212) ; background-color: rgb(30 , 30 , 30) ; font-family: &amp;#34;consolas&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 14px ; line-height: 19px&quot;&gt;&lt;span style=&quot;color: #dcdcaa&quot;&gt;RunPodSandbox&lt;/span&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="57.5" y="390" width="135" height="40" as="geometry"/></mxCell><mxCell id="8" style="edgeStyle=none;html=1;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="3" target="4" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="3" value="&lt;div style=&quot;color: rgb(212 , 212 , 212) ; background-color: rgb(30 , 30 , 30) ; font-family: &amp;#34;consolas&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 14px ; line-height: 19px&quot;&gt;&lt;span style=&quot;color: #dcdcaa&quot;&gt;EnsureSandboxImageExists&lt;/span&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="20" y="490" width="210" height="50" as="geometry"/></mxCell><mxCell id="10" style="edgeStyle=none;html=1;entryX=0.5;entryY=0;entryDx=0;entryDy=0;" parent="1" source="4" target="5" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="4" value="&lt;div style=&quot;color: rgb(212 , 212 , 212) ; background-color: rgb(30 , 30 , 30) ; font-family: &amp;
|
|||
|
|
\ No newline at end of file
|
|||
|
|
diff --git a/docs/design/isulad_cri_stop_pod.svg b/docs/design/isulad_cri_stop_pod.svg
|
|||
|
|
new file mode 100644
|
|||
|
|
index 00000000..b0549958
|
|||
|
|
--- /dev/null
|
|||
|
|
+++ b/docs/design/isulad_cri_stop_pod.svg
|
|||
|
|
@@ -0,0 +1 @@
|
|||
|
|
+<svg xmlns="http://www.w3.org/2000/svg" version="1.1" height="3371px" width="3881px" viewBox="-10 -10 3901 3391" content="<mxGraphModel dx="5072" dy="2540" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="0" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0"><root><mxCell id="0"/><mxCell id="1" parent="0"/><mxCell id="219" value="&amp;nbsp;" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="-830" y="40" width="3880" height="3370" as="geometry"/></mxCell><mxCell id="209" value="" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="2670" y="2610" width="350" height="760" as="geometry"/></mxCell><mxCell id="4" value="" style="edgeStyle=none;html=1;" parent="1" source="2" target="3" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="2" value="&lt;div style=&quot;color: rgb(212 , 212 , 212) ; background-color: rgb(30 , 30 , 30) ; font-family: &amp;#34;consolas&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 14px ; line-height: 19px&quot;&gt;&lt;span style=&quot;color: #dcdcaa&quot;&gt;StopPodSandbox&lt;/span&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="-40" y="170" width="130" height="40" as="geometry"/></mxCell><mxCell id="6" value="" style="edgeStyle=none;html=1;" parent="1" source="3" target="5" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="10" value="" style="edgeStyle=none;html=1;" parent="1" source="3" target="9" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="3" value="empty&lt;br&gt;podID?" style="rhombus;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="-15" y="270" width="80" height="80" as="geometry"/></mxCell><mxCell id="5" value="return" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="170" y="285" width="65" height="50" as="geometry"/></mxCell><mxCell id="15" value="" style="edgeStyle=none;html=1;" parent="1" source="9" target="14" edge="1"><mxGeometry relative="1" as="geometry"/></mxCell><mxCell id="9" value="&lt;div style=&quot;color: rgb(212 , 212 , 212) ; background-color: rgb(30 , 30 , 30) ; font-family: &amp;#34;consolas&amp;#34; , &amp;#34;courier new&amp;#34; , monospace ; font-size: 14px ; line-height: 19px&quot;&gt;&lt;span style=&quot;color: #dcdcaa&quot;&gt;GetRealSandboxIDToStop&lt;/span&gt;&lt;/div&gt;" style="rounded=1;whiteSpace=wrap;html=1;" parent="1" vertex="1"><mxGeometry x="-77.5" y="390" width="205" height="40" as="geometry"/></mxCell><mxCell id="1
|
|||
|
|
\ No newline at end of file
|
|||
|
|
--
|
|||
|
|
2.25.1
|
|||
|
|
|