I think the first plan is great. It seems that both Istio and dubbo-go use API-Server to implement the registry center in Kubernetes. The request invocation is transparent to the user, and the api is not exposed to users. I think the risk is acceptable.
Thanks, Wenjun Ruan CalvinKirs <[email protected]> 于2021年6月10日周四 下午5:31写道: > > > Kubernetes is the world's most popular container service platform. In a > Kubernetes cluster, DolphinScheduler applications are often deployed in a > way that requires a third-party registry for node registration. But if we > can use Kubernetes to implement node registration, we can reduce the cost > of operation and maintenance greatly. > Therefore, I would like to discuss this FUTURE together. > > > There are two ways to interface with Kubernetes, one is to get information > in the form of Kubernetes API Client, the core of Kubernetes control plane > is API Server, which provides HTTP API for users, different parts of the > cluster and external components of the cluster to communicate with each > other. For DolphinScheduler, it is possible to communicate with the > Kubernetes control plane by using the Kubernetes API Client, > It is important to note that having the application itself interact > directly with the Kubernetes management platform API is inherently a > security risk that could bring down the entire Kubernetes cluster if not > properly configured. > > > Kubernetes DNS is a mechanism provided by Kubernetes to obtain Kubernetes > Service information by means of DNS queries, and the node information of > the service can be obtained by ordinary DNS requests. > This solution avoids direct interaction with Kubernetes APIs and security > issues, but since DNS does not have a notification mechanism like API > Watch, it can only use polling to determine service changes, and there is > still a certain amount of DNS network query pressure in the cluster when > there is no application change. > > > > > What other ideas, or better points, does everyone have about this? > Best Wishes! > CalvinKirs, Apache DolphinScheduler PMC > >
