| CPC G06Q 10/08 (2013.01) [G01N 21/90 (2013.01); G06F 3/0484 (2013.01)] | 6 Claims |
|
1. A container image management system for distributed clusters, the system comprising at least one master node and at least one worker node:
wherein:
the at least one master node comprises a container image database, a request input module and a container image management module;
the container image management module is responsive when the container image management module establishes the connection to the container image database, then it is permitted to read/write from/into the container image database;
the container image database is a distributed database configured to store node information of the container image management system;
the request input module is configured to receive request content comprising a request destination and command execution content, the command execution content comprising an execution operation field and an executed container image list;
the container image management module is configured to: generate a public key and a private key used for encrypted authentication; verify whether the request content acquired by the request input module is validated, and store the request content in the container image database if the request content is validated; and determine the request destination in the request content, inquire the container image database to obtain an IP address corresponding to a specified single worker node or a specified group of worker nodes if the request destination is the specified single worker node or the specified group of worker nodes, and transmit the communication secret and the command execution content to the specified single worker node or the specified group of worker nodes according to the IP address corresponding to the specified single worker node or the specified group of worker nodes, operations contained in the command execution content comprising a pull operation, an update operation, a delete operation and a prune operation;
the container image management module is further configured to receive state feedback content transmitted by the specified single worker node or the specified group of worker nodes, and store a receipt time and the state feedback content in the container image database;
the at least one worker node comprises: a container image controller proxy component and a container image repository;
the container image repository is configured to store container images on a worker node, and distinguish different container images by container image names and container image tags;
the container image controller proxy component is configured to transmit the node information of the worker node to the master node, the node information comprising a current state of the worker node, command execution content, command execution time and a command execution state log which are all stored in the distributed database of the master node, the current state of the worker node comprising the node name, the node role, the operating system of the worker node and the kernel version of the operating system, the operation version of a container runtime on the worker node, the time when the worker node joins a cluster, and the time when the worker node is updated;
the container image controller proxy component is further configured to acquire the request content from the master node, the request content comprising the communication secret and the command execution content;
the worker node authenticates the communication secret and executes, on the container image repository, an operation corresponding to the command execution content by calling the container runtime, the container image repository comprising a local container image repository and a container image repository deployed remotely, the operation comprising a pull operation, an update operation, a delete operation and a prune operation; and the worker node transmits the state feedback content to the master node;
if the request content passes the validity check of the master node and if the request destination is a specified single worker node or a specified group of worker nodes, the specified single worker node or specified group of worker nodes corresponding to the IP address receives the command execution content transmitted by the master node; and if the request destination is a specified tag, worker nodes corresponding to the IP address in a worker node list corresponding to the specified tag receives the command execution content transmitted by the master node; and
when the system comprises a plurality of master nodes, each master node is connected to a load balancer in a network, the worker node sets the IP address of the master node as the serving IP address of the load balancer during configuration, and distributed databases running on the plurality of master nodes are used for data synchronization between different master nodes;
the request content acquired from the master node by the container image controller proxy component of the worker node comprises a command execution time and an execution period; if neither the command execution time nor the execution period is set, a corresponding operation is executed immediately; if the request content comprises only the command execution time but not the execution period, the container image control proxy component of the worker node blocks and waits for the command execution time before executing the corresponding operation; if the command execution time is not set but only the execution period is set, the container image controller proxy component of the worker node immediately executes the corresponding operation, and asynchronously enables blocking and indefinitely waits for a next execution period to execute the corresponding operation; and, if both the command execution time and the execution period are set, the container image control proxy component of the worker node blocks and waits for the command execution time before executing the corresponding operation, and the container image control proxy component of the worker node enables blocking and indefinitely waits for a next execution period to execute the corresponding operation after a first execution is completed.
|