NetEase Media Container Platform Construction: Cloud Native Implementation Experience and Best Practices

This article shares NetEase Media's container platform construction experience after over a year of exploration. The content covers three main sections: Cloud Native concepts, NetEase Media's infrastructure framework, and container construction solutions.

Cloud Native Overview: Cloud Native was first proposed by Pivotal in 2013, with key characteristics including twelve-factor apps, microservices, self-service agile infrastructure, API-based collaboration, and resilience. CNCF defines Cloud Native as technologies enabling organizations to build and run scalable applications in dynamic cloud environments. Core technologies include containers, service meshes, microservices, immutable infrastructure, and declarative APIs.

Container vs VM: Virtualization provides strong isolation using Hypervisors, while containers use Linux Cgroup and Namespace for lighter isolation. Containers are more suitable for Cloud Native's rapid delivery and iteration, serving as the best carrier for microservices. Key differences include: image size (GB vs MB), resource allocation (cores/G vs 0.5 cores/M), startup time (minutes vs milliseconds), and performance (weaker vs near-native).

Kubernetes Architecture: Kubernetes provides core capabilities including rapid deployment and scaling, application scheduling with automatic failover, load balancing and service discovery, and extension interfaces. Core concepts include Namespace (resource isolation), Node (physical/virtual machines), Pod (smallest deployable unit), Deployment (stateless app management), StatefulSet (stateful app management), and Service (service abstraction).

Infrastructure Requirements: NetEase Media's infrastructure must meet: stability and reliability, process standardization and automation, resource utilization optimization, elasticity for traffic spikes, security, monitoring capabilities, and standardized development frameworks.

Construction Challenges: Before containerization, challenges included manual resource application, inefficient resource utilization, complex scaling processes, and difficulty handling traffic spikes.

Technical Implementation: The article details cluster deployment planning, physical machine initialization (Debian 10, CPU performance mode, ulimit configuration), control plane deployment (kube-apiserver, controller, scheduler, etcd), compute node deployment, container network design using OVS and custom CNI plugins, POD design with health probes, service design using iptables, and Prometheus-based monitoring.

Best Practices: Key recommendations include implementing graceful shutdown handling SIGTERM signals, configuring Readiness and Liveness probes, properly configuring Request/Limit resources, and ensuring applications can obtain correct CPU/memory data within containers.