• Kubernetes中StatefulSet


    root@ubuntu:~/tenant# cat stateful.yaml 
    apiVersion: apps/v1
    kind: StatefulSet
    metadata:
      name: web
    spec:
      serviceName: "nginx"
      replicas: 2
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            image: nginx
            volumeMounts:
            - name: www
              mountPath: /usr/share/nginx/html
      volumeClaimTemplates:
      - metadata:
          name: www
        spec:
          accessModes: [ "ReadWriteOnce" ]
          resources:
            requests:
              storage: 1Gi
    root@ubuntu:~/tenant# kubectl create -f stateful.yaml 
    statefulset.apps/web created
    root@ubuntu:~/tenant# kubectl get statefulsets.apps
    NAME   READY   AGE
    web    0/2     7s
    root@ubuntu:~/tenant# kubectl get pods
    NAME                             READY   STATUS      RESTARTS   AGE
    example-foo-54dc4db9fc-lqz9j     1/1     Running     0          18d
    job-1-nginx-0                    0/1     Completed   0          21d
    test-job-default-nginx-0         1/1     Running     0          14d
    test-job-default-nginx-1         1/1     Running     0          14d
    test-job-default-nginx-2         1/1     Running     0          14d
    test-job-default-nginx-3         1/1     Running     0          14d
    test-job-default-nginx-4         1/1     Running     0          14d
    test-job-default-nginx-5         1/1     Running     0          14d
    test-job-v2-default-nginx-v2-0   1/1     Running     0          14d
    web-0                            0/1     Pending     0          11s
    root@ubuntu:~/tenant# kubectl get persistentvolumes
    No resources found in default namespace.
    root@ubuntu:~/tenant# kubectl get persistentvolumeclaims
    NAME        STATUS    VOLUME   CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    www-web-0   Pending                                                     2m13s
    root@ubuntu:~/tenant# 
    root@ubuntu:~/tenant# kubectl describe pods web-0
    Name:           web-0
    Namespace:      default
    Priority:       0
    Node:           <none>
    Labels:         app=nginx
                    controller-revision-hash=web-744989db8c
                    statefulset.kubernetes.io/pod-name=web-0
    Annotations:    <none>
    Status:         Pending
    IP:             
    IPs:            <none>
    Controlled By:  StatefulSet/web
    Containers:
      nginx:
        Image:        nginx
        Port:         <none>
        Host Port:    <none>
        Environment:  <none>
        Mounts:
          /usr/share/nginx/html from www (rw)
          /var/run/secrets/kubernetes.io/serviceaccount from default-token-cfr6q (ro)
    Conditions:
      Type           Status
      PodScheduled   False 
    Volumes:
      www:
        Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
        ClaimName:  www-web-0
        ReadOnly:   false
      default-token-cfr6q:
        Type:        Secret (a volume populated by a Secret)
        SecretName:  default-token-cfr6q
        Optional:    false
    QoS Class:       BestEffort
    Node-Selectors:  <none>
    Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                     node.kubernetes.io/unreachable:NoExecute for 300s
    Events:
      Type     Reason            Age        From               Message
      ----     ------            ----       ----               -------
      Warning  FailedScheduling  <unknown>  default-scheduler  running "VolumeBinding" filter plugin for pod "web-0": pod has unbound immediate PersistentVolumeClaims
      Warning  FailedScheduling  <unknown>  default-scheduler  running "VolumeBinding" filter plugin for pod "web-0": pod has unbound immediate PersistentVolumeClaims
    root@ubuntu:~/tenant# kubectl get sc
    No resources found in default namespace.
    root@ubuntu:~/tenant# 

    创建存储类

    root@ubuntu:~/tenant# kubectl get sc
    No resources found in default namespace.

    本地卷

     
    kind: StorageClass
    apiVersion: storage.k8s.io/v1
    metadata:
      name: local-storage
    provisioner: kubernetes.io/no-provisioner
    volumeBindingMode: WaitForFirstConsumer

    本地卷还不支持动态制备,然而还是需要创建 StorageClass 以延迟卷绑定, 直到完成 Pod 的调度。这是由 WaitForFirstConsumer 卷绑定模式指定的。

    延迟卷绑定使得调度器在为 PersistentVolumeClaim 选择一个合适的 PersistentVolume 时能考虑到所有 Pod 的调度限制

    cat >nginx-store-class.yaml<<-EOF
    kind: StorageClass
    apiVersion: storage.k8s.io/v1
    metadata:
      name: manual
    provisioner: kubernetes.io/no-provisioner
    volumeBindingMode: WaitForFirstConsumer
    EOF
    root@ubuntu:~/tenant# kubectl create -f  nginx-store-class.yaml 
    storageclass.storage.k8s.io/manual created
    root@ubuntu:~/tenant# kubectl get sc
    NAME     PROVISIONER                    RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
    manual   kubernetes.io/no-provisioner   Delete          WaitForFirstConsumer   false                  8s
    root@ubuntu:~/tenant# 
    Events:
      Type     Reason            Age        From               Message
      ----     ------            ----       ----               -------
      Warning  FailedScheduling  <unknown>  default-scheduler  running "VolumeBinding" filter plugin for pod "web-0": pod has unbound immediate PersistentVolumeClaims
      Warning  FailedScheduling  <unknown>  default-scheduler  running "VolumeBinding" filter plugin for pod "web-0": pod has unbound immediate PersistentVolumeClaims
    root@ubuntu:~/tenant# kubectl get pvc
    NAME            STATUS    VOLUME           CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    task-pv-claim   Bound     task-pv-volume   10Gi       RWO            manual         115m
    www-web-0       Pending                                                             155m
    root@ubuntu:~/tenant# kubectl delete www-web-0
    error: the server doesn't have a resource type "www-web-0"
    root@ubuntu:~/tenant# kubectl delete -f  stateful.yaml 
    statefulset.apps "web" deleted
    root@ubuntu:~/tenant# kubectl get pvc
    NAME            STATUS    VOLUME           CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    task-pv-claim   Bound     task-pv-volume   10Gi       RWO            manual         116m
    www-web-0       Pending                                                             155m
    root@ubuntu:~/tenant# kubectl pvc delete www-web-0
    Error: unknown command "pvc" for "kubectl"
    Run 'kubectl --help' for usage.
    删除掉旧的pvc重新创建即可 root@ubuntu:
    ~/tenant# kubectl delete pvc www-web-0 persistentvolumeclaim "www-web-0" deleted root@ubuntu:~/tenant# kubectl get pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE task-pv-claim Bound task-pv-volume 10Gi RWO manual 116m root@ubuntu:~/tenant# kubectl create -f stateful.yaml statefulset.apps/web created
                     node.kubernetes.io/unreachable:NoExecute for 300s
    Events:
      Type     Reason            Age        From               Message
      ----     ------            ----       ----               -------
      Warning  FailedScheduling  <unknown>  default-scheduler  0/4 nodes are available: 4 node(s) didn't find available persistent volumes to bind.
      Warning  FailedScheduling  <unknown>  default-scheduler  0/4 nodes are available: 4 node(s) didn't find available persistent volumes to bind.
    root@ubuntu:~/tenant# cat  stateful.yaml 
    apiVersion: apps/v1
    kind: StatefulSet
    metadata:
      name: web
    spec:
      serviceName: "nginx"
      replicas: 1
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            image: nginx
            volumeMounts:
            - name: www
              mountPath: /usr/share/nginx/html
      volumeClaimTemplates:
      - metadata:
          name: www
        spec:
          accessModes: [ "ReadWriteOnce" ]
          resources:
            requests:
              storage: 1Gi
          storageClassName: manual
    root@ubuntu:~/tenant# kubectl get  pv 
    NAME             CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                   STORAGECLASS   REASON   AGE
    task-pv-volume   10Gi       RWO            Retain           Bound    default/task-pv-claim   manual                  119m
    root@ubuntu:~/tenant# kubectl get  sc
    NAME               PROVISIONER                    RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
    manual (default)   kubernetes.io/no-provisioner   Delete          WaitForFirstConsumer   false                  73m
    root@ubuntu:~/tenant# kubectl get  pvs
    error: the server doesn't have a resource type "pvs"
    root@ubuntu:~/tenant# kubectl get  pvc
    NAME            STATUS    VOLUME           CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    task-pv-claim   Bound     task-pv-volume   10Gi       RWO            manual         119m
    www-web-0       Pending                                              manual         3m4s
    root@ubuntu:~/tenant# 

    删除所有重建

    root@ubuntu:~/tenant# cat stateful.yaml 
    apiVersion: apps/v1
    kind: StatefulSet
    metadata:
      name: web
    spec:
      serviceName: "nginx"
      replicas: 1
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            image: nginx
            volumeMounts:
            - name: www
              mountPath: /usr/share/nginx/html
      volumeClaimTemplates:
      - metadata:
          name: www
        spec:
          accessModes: [ "ReadWriteOnce" ]
          resources:
            requests:
              storage: 1Gi
          storageClassName: manual
    root@ubuntu:~/tenant# kubectl  delete stateful.yaml   nginx-pvc.yaml   nginx-pv.yaml nginx-store-class.yaml
    error: the server doesn't have a resource type "stateful"
    root@ubuntu:~/tenant# kubectl  delete -f  stateful.yaml   nginx-pvc.yaml   nginx-pv.yaml nginx-store-class.yaml
    error: when paths, URLs, or stdin is provided as input, you may not specify resource arguments as well
    root@ubuntu:~/tenant# kubectl  delete -f  stateful.yaml   
    statefulset.apps "web" deleted
    root@ubuntu:~/tenant# kubectl create -f nginx-store-class.yaml
    Error from server (AlreadyExists): error when creating "nginx-store-class.yaml": storageclasses.storage.k8s.io "manual" already exists
    root@ubuntu:~/tenant# kubectl delete -f nginx-store-class.yaml
    storageclass.storage.k8s.io "manual" deleted
    root@ubuntu:~/tenant# kubectl delete -f nginx-pvc.yaml
    persistentvolumeclaim "task-pv-claim" deleted
    root@ubuntu:~/tenant# kubectl delete -f nginx-pv.yaml
    persistentvolume "task-pv-volume" deleted
    root@ubuntu:~/tenant# kubectl delete  -f nginx-store-class.yaml
    Error from server (NotFound): error when deleting "nginx-store-class.yaml": storageclasses.storage.k8s.io "manual" not found
    root@ubuntu:~/tenant# kubectl create -f nginx-store-class.yaml
    storageclass.storage.k8s.io/manual created
    root@ubuntu:~/tenant# kubectl create -f nginx-pv.yaml
    persistentvolume/task-pv-volume created
    root@ubuntu:~/tenant# kubectl create -f nginx-pvc.yaml
    persistentvolumeclaim/task-pv-claim created
    root@ubuntu:~/tenant# kubectl create -f stateful.yaml 
    statefulset.apps/web created
    root@ubuntu:~/tenant# kubectl get  pods web-0 
    NAME    READY   STATUS              RESTARTS   AGE
    web-0   0/1     ContainerCreating   0          6s
    root@ubuntu:~/tenant# kubectl get  pods web-0 
    NAME    READY   STATUS    RESTARTS   AGE
    web-0   1/1     Running   0          22s
    root@ubuntu:~/tenant# kubectl get  pods web-0 
    root@ubuntu:~/tenant# kubectl get sc
    NAME     PROVISIONER                    RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
    manual   kubernetes.io/no-provisioner   Delete          WaitForFirstConsumer   false                  2m11s
    root@ubuntu:~/tenant# kubectl get pv
    NAME             CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM               STORAGECLASS   REASON   AGE
    task-pv-volume   10Gi       RWO            Retain           Bound    default/www-web-0   manual                  2m3s
    root@ubuntu:~/tenant# kubectl get pvc
    NAME            STATUS    VOLUME           CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    task-pv-claim   Pending                                              manual         119s
    www-web-0       Bound     task-pv-volume   10Gi       RWO            manual         19m
    root@ubuntu:~/tenant# 

     创建2个

    root@ubuntu:~# cat tenant/stateful.yaml 
    apiVersion: apps/v1
    kind: StatefulSet
    metadata:
      name: web
    spec:
      serviceName: "nginx"
      replicas: 2
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            image: nginx
            volumeMounts:
            - name: www
              mountPath: /usr/share/nginx/html
      volumeClaimTemplates:
      - metadata:
          name: www
        spec:
          accessModes: [ "ReadWriteOnce" ]
          resources:
            requests:
              storage: 1Gi
          storageClassName: manual
    root@ubuntu:~/tenant# kubectl create -f stateful.yaml 
    statefulset.apps/web created
    root@ubuntu:~/tenant# kubectl get  pods web-0 
    NAME    READY   STATUS              RESTARTS   AGE
    web-0   0/1     ContainerCreating   0          5s
    
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS      RESTARTS   AGE   IP               NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running     0          19d   10.244.29.26     bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed   0          21d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running     0          14d   10.244.29.3      bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running     0          14d   10.244.29.9      bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running     0          14d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running     0          14d   10.244.29.63     bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running     0          14d   10.244.29.1      bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running     0          14d   10.244.29.2      bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running     0          14d   10.244.29.20     bogon     <none>           <none>
    web-0                            1/1     Running     0          31s   10.244.129.136   centos7   <none>           <none>
    web-1                            0/1     Pending     0          20s   <none>           <none>    <none>           <none>
    root@ubuntu:~/tenant# kubectl describe pods  web-1
    Name:           web-1
    Namespace:      default
    Priority:       0
    Node:           <none>
    Labels:         app=nginx
                    controller-revision-hash=web-744989db8c
                    statefulset.kubernetes.io/pod-name=web-1
    Annotations:    <none>
    Status:         Pending
    IP:             
    IPs:            <none>
    Controlled By:  StatefulSet/web
    Containers:
      nginx:
        Image:        nginx
        Port:         <none>
        Host Port:    <none>
        Environment:  <none>
        Mounts:
          /usr/share/nginx/html from www (rw)
          /var/run/secrets/kubernetes.io/serviceaccount from default-token-cfr6q (ro)
    Conditions:
      Type           Status
      PodScheduled   False 
    Volumes:
      www:
        Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
        ClaimName:  www-web-1
        ReadOnly:   false
      default-token-cfr6q:
        Type:        Secret (a volume populated by a Secret)
        SecretName:  default-token-cfr6q
        Optional:    false
    QoS Class:       BestEffort
    Node-Selectors:  <none>
    Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                     node.kubernetes.io/unreachable:NoExecute for 300s
    Events:
      Type     Reason            Age        From               Message
      ----     ------            ----       ----               -------
      Warning  FailedScheduling  <unknown>  default-scheduler  0/4 nodes are available: 4 node(s) didn't find available persistent volumes to bind.
      Warning  FailedScheduling  <unknown>  default-scheduler  0/4 nodes are available: 4 node(s) didn't find available persistent volumes to bind.
    root@ubuntu:~/tenant# 

    再创建一个pv

    root@ubuntu:~/tenant# cat nginx-pv.yaml
    kind: PersistentVolume
    apiVersion: v1
    metadata:
      name: task-pv-volume2
      labels:
        type: local
    spec:
      storageClassName: manual
      capacity:
        storage: 10Gi
      accessModes:
        - ReadWriteOnce
      hostPath:
        path: "/data2"
    root@ubuntu:~/tenant# kubectl create -f nginx-pv.yaml
    persistentvolume/task-pv-volume2 created
    root@ubuntu:~/tenant# kubectl create -f stateful.yaml 
    statefulset.apps/web created
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS              RESTARTS   AGE   IP             NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running             0          19d   10.244.29.26   bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed           0          21d   10.244.29.19   bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running             0          14d   10.244.29.3    bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running             0          14d   10.244.29.9    bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running             0          14d   10.244.29.19   bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running             0          14d   10.244.29.63   bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running             0          14d   10.244.29.1    bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running             0          14d   10.244.29.2    bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running             0          14d   10.244.29.20   bogon     <none>           <none>
    web-0                            0/1     ContainerCreating   0          3s    <none>         centos7   <none>           <none>
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS              RESTARTS   AGE   IP             NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running             0          19d   10.244.29.26   bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed           0          21d   10.244.29.19   bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running             0          14d   10.244.29.3    bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running             0          14d   10.244.29.9    bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running             0          14d   10.244.29.19   bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running             0          14d   10.244.29.63   bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running             0          14d   10.244.29.1    bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running             0          14d   10.244.29.2    bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running             0          14d   10.244.29.20   bogon     <none>           <none>
    web-0                            0/1     ContainerCreating   0          5s    <none>         centos7   <none>           <none>
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS              RESTARTS   AGE   IP             NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running             0          19d   10.244.29.26   bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed           0          21d   10.244.29.19   bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running             0          14d   10.244.29.3    bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running             0          14d   10.244.29.9    bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running             0          14d   10.244.29.19   bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running             0          14d   10.244.29.63   bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running             0          14d   10.244.29.1    bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running             0          14d   10.244.29.2    bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running             0          14d   10.244.29.20   bogon     <none>           <none>
    web-0                            0/1     ContainerCreating   0          7s    <none>         centos7   <none>           <none>
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS              RESTARTS   AGE   IP             NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running             0          19d   10.244.29.26   bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed           0          21d   10.244.29.19   bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running             0          14d   10.244.29.3    bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running             0          14d   10.244.29.9    bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running             0          14d   10.244.29.19   bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running             0          14d   10.244.29.63   bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running             0          14d   10.244.29.1    bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running             0          14d   10.244.29.2    bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running             0          14d   10.244.29.20   bogon     <none>           <none>
    web-0                            0/1     ContainerCreating   0          9s    <none>         centos7   <none>           <none>
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS              RESTARTS   AGE   IP             NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running             0          19d   10.244.29.26   bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed           0          21d   10.244.29.19   bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running             0          14d   10.244.29.3    bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running             0          14d   10.244.29.9    bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running             0          14d   10.244.29.19   bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running             0          14d   10.244.29.63   bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running             0          14d   10.244.29.1    bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running             0          14d   10.244.29.2    bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running             0          14d   10.244.29.20   bogon     <none>           <none>
    web-0                            0/1     ContainerCreating   0          11s   <none>         centos7   <none>           <none>
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS              RESTARTS   AGE   IP               NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running             0          19d   10.244.29.26     bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed           0          21d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running             0          14d   10.244.29.3      bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running             0          14d   10.244.29.9      bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running             0          14d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running             0          14d   10.244.29.63     bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running             0          14d   10.244.29.1      bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running             0          14d   10.244.29.2      bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running             0          14d   10.244.29.20     bogon     <none>           <none>
    web-0                            1/1     Running             0          13s   10.244.129.138   centos7   <none>           <none>
    web-1                            0/1     ContainerCreating   0          2s    <none>           centos7   <none>           <none>
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS              RESTARTS   AGE   IP               NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running             0          19d   10.244.29.26     bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed           0          21d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running             0          14d   10.244.29.3      bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running             0          14d   10.244.29.9      bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running             0          14d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running             0          14d   10.244.29.63     bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running             0          14d   10.244.29.1      bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running             0          14d   10.244.29.2      bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running             0          14d   10.244.29.20     bogon     <none>           <none>
    web-0                            1/1     Running             0          17s   10.244.129.138   centos7   <none>           <none>
    web-1                            0/1     ContainerCreating   0          6s    <none>           centos7   <none>           <none>
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS              RESTARTS   AGE   IP               NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running             0          19d   10.244.29.26     bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed           0          21d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running             0          14d   10.244.29.3      bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running             0          14d   10.244.29.9      bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running             0          14d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running             0          14d   10.244.29.63     bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running             0          14d   10.244.29.1      bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running             0          14d   10.244.29.2      bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running             0          14d   10.244.29.20     bogon     <none>           <none>
    web-0                            1/1     Running             0          18s   10.244.129.138   centos7   <none>           <none>
    web-1                            0/1     ContainerCreating   0          7s    <none>           centos7   <none>           <none>
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS              RESTARTS   AGE   IP               NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running             0          19d   10.244.29.26     bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed           0          21d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running             0          14d   10.244.29.3      bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running             0          14d   10.244.29.9      bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running             0          14d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running             0          14d   10.244.29.63     bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running             0          14d   10.244.29.1      bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running             0          14d   10.244.29.2      bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running             0          14d   10.244.29.20     bogon     <none>           <none>
    web-0                            1/1     Running             0          21s   10.244.129.138   centos7   <none>           <none>
    web-1                            0/1     ContainerCreating   0          10s   <none>           centos7   <none>           <none>
    root@ubuntu:~/tenant# kubectl get  pods  -o wide
    NAME                             READY   STATUS      RESTARTS   AGE   IP               NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running     0          19d   10.244.29.26     bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed   0          21d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-0         1/1     Running     0          14d   10.244.29.3      bogon     <none>           <none>
    test-job-default-nginx-1         1/1     Running     0          14d   10.244.29.9      bogon     <none>           <none>
    test-job-default-nginx-2         1/1     Running     0          14d   10.244.29.19     bogon     <none>           <none>
    test-job-default-nginx-3         1/1     Running     0          14d   10.244.29.63     bogon     <none>           <none>
    test-job-default-nginx-4         1/1     Running     0          14d   10.244.29.1      bogon     <none>           <none>
    test-job-default-nginx-5         1/1     Running     0          14d   10.244.29.2      bogon     <none>           <none>
    test-job-v2-default-nginx-v2-0   1/1     Running     0          14d   10.244.29.20     bogon     <none>           <none>
    web-0                            1/1     Running     0          27s   10.244.129.138   centos7   <none>           <none>
    web-1                            1/1     Running     0          16s   10.244.129.139   centos7   <none>           <none>
    root@ubuntu:~/tenant# 
    root@ubuntu:~/tenant# kubectl get sc
    NAME     PROVISIONER                    RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
    manual   kubernetes.io/no-provisioner   Delete          WaitForFirstConsumer   false                  10m
    root@ubuntu:~/tenant# kubectl get pv  --2个
    NAME              CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM               STORAGECLASS   REASON   AGE
    task-pv-volume    10Gi       RWO            Retain           Bound    default/www-web-0   manual                  10m
    task-pv-volume2   10Gi       RWO            Retain           Bound    default/www-web-1   manual                  3m26s
    root@ubuntu:~/tenant# kubectl get pvc  --多个
    NAME            STATUS    VOLUME            CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    task-pv-claim   Pending                                               manual         10m
    www-web-0       Bound     task-pv-volume    10Gi       RWO            manual         28m
    www-web-1       Bound     task-pv-volume2   10Gi       RWO            manual         7m11s
    root@ubuntu:~/tenant# 
    root@ubuntu:~/tenant# kubectl exec -it web-1 -- bash
    root@web-1:/# ls /usr/share/nginx/html
    root@web-1:/# touch /usr/share/nginx/html/web-1.txt
    root@web-1:/# ls
    bin  boot  dev  docker-entrypoint.d  docker-entrypoint.sh  etc  home  lib  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
    root@web-1:/# ls /usr/share/nginx/html
    web-1.txt
    root@web-1:/# exit
    exit

    本地volume

    [root@centos7 ~]# ls /data1/
    html  job.yaml  test.txt
    [root@centos7 ~]# ls /data1/
    html  job.yaml  test.txt
    [root@centos7 ~]# ls
    anaconda-ks.cfg  calicoctl  dpdk-19.11  dpdk-19.11.kunpeng.tgz  filter.txt  gcc-7.5.0  iptables2.bak  iptables3.bak  iptables.bak  ndn-cxx  no_filter.txt
    [root@centos7 ~]# ls /data2
    [root@centos7 ~]# ls /data1
    html  job.yaml  test.txt
    [root@centos7 ~]# ls /data1
    html  job.yaml  test.txt
    [root@centos7 ~]# ls /data2
    web-1.txt
    [root@centos7 ~]# 

    删除一个stateful pod

    root@ubuntu:~/c++# kubectl get pods
    NAME                             READY   STATUS      RESTARTS   AGE
    example-foo-54dc4db9fc-lqz9j     1/1     Running     0          19d
    job-1-nginx-0                    0/1     Completed   0          22d
    test-job-default-nginx-0         1/1     Running     0          14d
    test-job-default-nginx-1         1/1     Running     0          14d
    test-job-default-nginx-2         1/1     Running     0          14d
    test-job-default-nginx-3         1/1     Running     0          14d
    test-job-default-nginx-4         1/1     Running     0          14d
    test-job-default-nginx-5         1/1     Running     0          14d
    test-job-v2-default-nginx-v2-0   1/1     Running     0          14d
    web-0                            1/1     Running     0          16h
    web-1                            1/1     Running     0          16h
    root@ubuntu:~/c++# kubectl delete pod  web-0 
    pod "web-0" deleted
    root@ubuntu:~/c++# kubectl get pods
    NAME                             READY   STATUS      RESTARTS   AGE
    example-foo-54dc4db9fc-lqz9j     1/1     Running     0          19d
    job-1-nginx-0                    0/1     Completed   0          22d
    test-job-default-nginx-0         1/1     Running     0          14d
    test-job-default-nginx-1         1/1     Running     0          14d
    test-job-default-nginx-2         1/1     Running     0          14d
    test-job-default-nginx-3         1/1     Running     0          14d
    test-job-default-nginx-4         1/1     Running     0          14d
    test-job-default-nginx-5         1/1     Running     0          14d
    test-job-v2-default-nginx-v2-0   1/1     Running     0          14d
    web-0                            1/1     Running     0          89s
    web-1                            1/1     Running     0          16h
    root@ubuntu:~/c++# 

     

    StatefulSet存储状态

    上面说了StatefulSet可以通过PVC做持久化存储,保证Pod重新调度后还是能访问到相同的持久化数据,在删除Pod时,PVC不会被删除。

    root@ubuntu:~/c++#  kubectl exec web-1 -- sh -c 'echo hello world > /usr/share/nginx/html/index.html'

    修改完后,如果在Pod中访问“http://localhost”,那就会返回“hello world”。

    root@ubuntu:~/c++#  kubectl exec -it web-1  -- curl localhost
    hello world
    root@ubuntu:~/c++# 

    此时如果手动删除web-1这个Pod,然后再次查询Pod,可以看到StatefulSet重新创建了一个名称相同的Pod,通过创建时间4s可以看出web-1是刚刚创建的。

     再次访问该Pod的index.html页面,会发现仍然返回“hello world”,这说明这个Pod仍然是访问相同的存储。

    root@ubuntu:~/c++#  kubectl exec web-1 -- sh -c 'echo hello world > /usr/share/nginx/html/index.html'
    root@ubuntu:~/c++#  kubectl exec -it web-1  -- curl localhost
    hello world
    root@ubuntu:~/c++# kubectl delete pod  web-1 
    pod "web-1" deleted
    root@ubuntu:~/c++# kubectl get pods
    NAME                             READY   STATUS              RESTARTS   AGE
    example-foo-54dc4db9fc-lqz9j     1/1     Running             0          19d
    job-1-nginx-0                    0/1     Completed           0          22d
    test-job-default-nginx-0         1/1     Running             0          14d
    test-job-default-nginx-1         1/1     Running             0          14d
    test-job-default-nginx-2         1/1     Running             0          14d
    test-job-default-nginx-3         1/1     Running             0          14d
    test-job-default-nginx-4         1/1     Running             0          14d
    test-job-default-nginx-5         1/1     Running             0          14d
    test-job-v2-default-nginx-v2-0   1/1     Running             0          14d
    web-0                            1/1     Running             0          5m49s
    web-1                            0/1     ContainerCreating   0          10s
    root@ubuntu:~/c++# kubectl get pods
    NAME                             READY   STATUS      RESTARTS   AGE
    example-foo-54dc4db9fc-lqz9j     1/1     Running     0          19d
    job-1-nginx-0                    0/1     Completed   0          22d
    test-job-default-nginx-0         1/1     Running     0          14d
    test-job-default-nginx-1         1/1     Running     0          14d
    test-job-default-nginx-2         1/1     Running     0          14d
    test-job-default-nginx-3         1/1     Running     0          14d
    test-job-default-nginx-4         1/1     Running     0          14d
    test-job-default-nginx-5         1/1     Running     0          14d
    test-job-v2-default-nginx-v2-0   1/1     Running     0          14d
    web-0                            1/1     Running     0          129m
    web-1                            1/1     Running     0          124m
    root@ubuntu:~/c++#  kubectl exec -it web-1  -- curl localhost
    hello world
    root@ubuntu:~/c++# 

    StatefulSet的网络标识

    StatefulSet创建后,可以看下Pod是有固定名称的,那Headless Service是如何起作用的呢,那就是使用DNS,为Pod提供固定的域名,这样Pod间就可以使用域名访问,即便Pod被重新创建而导致Pod的IP地址发生变化,这个域名也不会发生变化。

    Headless Service创建后,每个Pod的IP都会有下面格式的域名。

    <pod-name>.<svc-name>.<namespace>.svc.cluster.local

    root@ubuntu:~/tenant# ping web-0.nginx.default.svc.cluster.local
    ping: web-0.nginx.default.svc.cluster.local: Name or service not known
    root@ubuntu:~/tenant# ping web-1.nginx.default.svc.cluster.local
    ping: web-1.nginx.default.svc.cluster.local: Name or service not known
    root@ubuntu:~/tenant#

    没有创建headless service

    创建Headless Service

    如前所述,创建Statefulset需要一个Headless Service用于Pod访问,Service的概念会在Service中详细介绍,这里先介绍Headless Service的创建方法。

    使用如下文件描述Headless Service,其中:

    • spec.clusterIP:必须设置为None,表示Headless Service。
    • spec.ports.port:Pod间通信端口号。
    • spec.ports.name:Pod间通信端口名称。
    root@ubuntu:~/tenant# kubectl create -f head_less-svc.yaml 
    service/nginx created
    root@ubuntu:~/tenant# kubectl get svc
    NAME          TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
    kubernetes    ClusterIP   10.96.0.1    <none>        443/TCP   27d
    nginx         ClusterIP   None         <none>        80/TCP    6s
    test-job      ClusterIP   None         <none>        1/TCP     14d
    test-job-v2   ClusterIP   None         <none>        1/TCP     14d
    root@ubuntu:~/tenant# kubectl describe svc  nginx
    Name:              nginx
    Namespace:         default
    Labels:            app=nginx
    Annotations:       <none>
    Selector:          app=nginx
    Type:              ClusterIP
    IP:                None
    Port:              nginx  80/TCP
    TargetPort:        80/TCP
    Endpoints:         10.244.129.142:80,10.244.129.143:80,10.244.29.26:80
    Session Affinity:  None
    Events:            <none>
    root@ubuntu:~/tenant# ping web-1.nginx.default.svc.cluster.local
    ping: web-1.nginx.default.svc.cluster.local: Name or service not known
    root@ubuntu:~/tenant# ping web-0.nginx.default.svc.cluster.local
    ping: web-0.nginx.default.svc.cluster.local: Name or service not known
    root@ubuntu:~/tenant# nslookup nginx.default.svc.cluster.local
    Server:         8.8.8.8
    Address:        8.8.8.8#53
    
    ** server can't find nginx.default.svc.cluster.local: NXDOMAIN
    
    root@ubuntu:~/tenant# 
    root@ubuntu:~/tenant# kubectl create -f head_less-svc.yaml 
    service/nginx created
    root@ubuntu:~/tenant# kubectl get svc
    NAME          TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
    kubernetes    ClusterIP   10.96.0.1    <none>        443/TCP   27d
    nginx         ClusterIP   None         <none>        80/TCP    6s
    test-job      ClusterIP   None         <none>        1/TCP     14d
    test-job-v2   ClusterIP   None         <none>        1/TCP     14d
    root@ubuntu:~/tenant# kubectl describe svc  nginx
    Name:              nginx
    Namespace:         default
    Labels:            app=nginx
    Annotations:       <none>
    Selector:          app=nginx
    Type:              ClusterIP
    IP:                None
    Port:              nginx  80/TCP
    TargetPort:        80/TCP
    Endpoints:         10.244.129.142:80,10.244.129.143:80,10.244.29.26:80
    Session Affinity:  None
    Events:            <none>
    root@ubuntu:~/tenant# ping web-1.nginx.default.svc.cluster.local
    ping: web-1.nginx.default.svc.cluster.local: Name or service not known
    root@ubuntu:~/tenant# ping web-0.nginx.default.svc.cluster.local
    ping: web-0.nginx.default.svc.cluster.local: Name or service not known
    root@ubuntu:~/tenant# nslookup nginx.default.svc.cluster.local
    Server:         8.8.8.8
    Address:        8.8.8.8#53
    
    ** server can't find nginx.default.svc.cluster.local: NXDOMAIN
    
    root@ubuntu:~/tenant# 
    root@ubuntu:~/tenant# kubectl exec -it busybox  -- nslookup web-0.nginx.default.svc.cluster.local
    Server:    10.96.0.10
    Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
    
    Name:      web-0.nginx.default.svc.cluster.local
    Address 1: 10.244.129.142 web-0.nginx.default.svc.cluster.local
    root@ubuntu:~/tenant# kubectl exec -it busybox  -- nslookup web-1.nginx.default.svc.cluster.local
    Server:    10.96.0.10
    Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
    
    Name:      web-1.nginx.default.svc.cluster.local
    Address 1: 10.244.129.143 web-1.nginx.default.svc.cluster.local
    root@ubuntu:~/tenant# 

    删除headless service

    root@ubuntu:~/tenant# kubectl get svc
    NAME          TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
    kubernetes    ClusterIP   10.96.0.1    <none>        443/TCP   27d
    nginx         ClusterIP   None         <none>        80/TCP    36m
    test-job      ClusterIP   None         <none>        1/TCP     14d
    test-job-v2   ClusterIP   None         <none>        1/TCP     14d
    root@ubuntu:~/tenant# kubectl delete svc  nginx
    service "nginx" deleted
    root@ubuntu:~/tenant# kubectl exec -it busybox  -- nslookup nginx.default.svc.cluster.local
    Server:    10.96.0.10
    Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
    
    nslookup: can't resolve 'nginx.default.svc.cluster.local'
    command terminated with exit code 1
    root@ubuntu:~/tenant# kubectl exec -it busybox  -- nslookup web-1.nginx.default.svc.cluster.local
    Server:    10.96.0.10
    Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
    
    nslookup: can't resolve 'web-1.nginx.default.svc.cluster.local'
    command terminated with exit code 1
    root@ubuntu:~/tenant# 

    coredns

    cat >busy.yaml<<-EOF
    apiVersion: v1
    kind: Pod
    metadata:
      name: busybox
      namespace: default
    spec:
      containers:
      - name: busybox
        image: busybox:1.28
        command:
          - sleep
          - "3600"
        imagePullPolicy: IfNotPresent
      restartPolicy: Always
    
    EOF
    root@ubuntu:~/tenant# kubectl get pods
    NAME                             READY   STATUS      RESTARTS   AGE
    busybox                          1/1     Running     0          2m12s
    example-foo-54dc4db9fc-lqz9j     1/1     Running     0          19d
    job-1-nginx-0                    0/1     Completed   0          22d
    test-job-default-nginx-0         1/1     Running     0          14d
    test-job-default-nginx-1         1/1     Running     0          14d
    test-job-default-nginx-2         1/1     Running     0          14d
    test-job-default-nginx-3         1/1     Running     0          14d
    test-job-default-nginx-4         1/1     Running     0          14d
    test-job-default-nginx-5         1/1     Running     0          14d
    test-job-v2-default-nginx-v2-0   1/1     Running     0          14d
    web-0                            1/1     Running     0          157m
    web-1                            1/1     Running     0          152m
    root@ubuntu:~/tenant#  kubectl exec -it busybox  -- ping kubernetes.default
    ping: bad address 'kubernetes.default'
    command terminated with exit code 1
    root@ubuntu:~/tenant# 

     

    root@ubuntu:~/tenant# kubectl exec -it busybox  -- sh
    / # ls
    bin   dev   etc   home  proc  root  run   sys   tmp   usr   var
    / # cat /etc/resolv.conf 
    nameserver 10.96.0.10
    search default.svc.cluster.local svc.cluster.local cluster.local
    options ndots:5
    / # ip a
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop qlen 1000
        link/ipip 0.0.0.0 brd 0.0.0.0
    4: eth0@if41: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1480 qdisc noqueue 
        link/ether 2a:0c:12:56:87:7f brd ff:ff:ff:ff:ff:ff
        inet 10.244.129.145/32 brd 10.244.129.145 scope global eth0
           valid_lft forever preferred_lft forever
        inet6 fe80::280c:12ff:fe56:877f/64 scope link 
           valid_lft forever preferred_lft forever
    / # ping 10.96.0.10
    PING 10.96.0.10 (10.96.0.10): 56 data bytes
    64 bytes from 10.96.0.10: seq=0 ttl=64 time=954.020 ms
    64 bytes from 10.96.0.10: seq=1 ttl=64 time=445.391 ms
    64 bytes from 10.96.0.10: seq=2 ttl=64 time=445.277 ms
    ^C
    --- 10.96.0.10 ping statistics ---
    4 packets transmitted, 3 packets received, 25% packet loss
    round-trip min/avg/max = 445.277/614.896/954.020 ms
    / # 

    解析异常排查

          k8s默认在pod中的resolv.conf中配置的nameserver的ip是kube-dns的svc的ip 使用这个svc ip进行解析域名的时候会提示解析失败 手动把pod中的resolv.conf中的nameserver的ip配置成core-dns pod的ip即可成功解析

         1.查看core-dns的service ip    kubectl get svc -n kube-system   service ip是一个虚拟IP 它是不能够被ping通的

    root@ubuntu:~/tenant#  kubectl get svc -n kube-system 
    NAME       TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE
    kube-dns   ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP,9153/TCP   27d
    root@ubuntu:~/tenant# 

       2.查看core dns的pod ip

    root@ubuntu:~/tenant#  kubectl get pods  -n kube-system -o wide  | grep core
    coredns-546565776c-82jfw                   1/1     Running            0          27d   10.244.243.193   ubuntu    <none>           <none>
    coredns-546565776c-px8bd                   1/1     Running            0          27d   10.244.243.194   ubuntu    <none>           <none>
    root@ubuntu:~/tenant#

      3.查看业务pod中配置的dns服务器地址

    root@ubuntu:~/tenant# kubectl exec -it busybox  -- sh
    / # ls
    bin   dev   etc   home  proc  root  run   sys   tmp   usr   var
    / # cat /etc/resolv.conf 
    nameserver 10.96.0.10
    search default.svc.cluster.local svc.cluster.local cluster.local
    options ndots:5
    / # ip a
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop qlen 1000
        link/ipip 0.0.0.0 brd 0.0.0.0
    4: eth0@if41: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1480 qdisc noqueue 
        link/ether 2a:0c:12:56:87:7f brd ff:ff:ff:ff:ff:ff
        inet 10.244.129.145/32 brd 10.244.129.145 scope global eth0
           valid_lft forever preferred_lft forever
        inet6 fe80::280c:12ff:fe56:877f/64 scope link 
           valid_lft forever preferred_lft forever
    / # ping 10.96.0.10
    PING 10.96.0.10 (10.96.0.10): 56 data bytes
    64 bytes from 10.96.0.10: seq=0 ttl=64 time=954.020 ms
    64 bytes from 10.96.0.10: seq=1 ttl=64 time=445.391 ms
    64 bytes from 10.96.0.10: seq=2 ttl=64 time=445.277 ms
    ^C
    --- 10.96.0.10 ping statistics ---
    4 packets transmitted, 3 packets received, 25% packet loss
    round-trip min/avg/max = 445.277/614.896/954.020 ms

    4、pod 是否可以访问coredns

    coredns所在node无法访问pod

    root@ubuntu:~# ping 10.244.129.145
    PING 10.244.129.145 (10.244.129.145) 56(84) bytes of data.
    ^C
    --- 10.244.129.145 ping statistics ---
    9 packets transmitted, 0 received, 100% packet loss, time 8193ms

    5、查看防火墙

    root@ubuntu:~# kubectl get networkpolicy
    NAME          POD-SELECTOR                                                       AGE
    test-job      volcano.sh/job-name=test-job,volcano.sh/job-namespace=default      14d
    test-job-v2   volcano.sh/job-name=test-job-v2,volcano.sh/job-namespace=default   14d
    root@ubuntu:~# ./calicoctl get networkpolicy
    NAME                     
    calico1-allow-same-org   
    
    root@ubuntu:~# ./calicoctl delete networkpolicy   calico1-allow-same-org
    Successfully deleted 1 'NetworkPolicy' resource(s)
    root@ubuntu:~# ping 10.244.129.145
    PING 10.244.129.145 (10.244.129.145) 56(84) bytes of data.
    64 bytes from 10.244.129.145: icmp_seq=1 ttl=63 time=1208 ms
    64 bytes from 10.244.129.145: icmp_seq=2 ttl=63 time=784 ms
    64 bytes from 10.244.129.145: icmp_seq=3 ttl=63 time=576 ms
    64 bytes from 10.244.129.145: icmp_seq=4 ttl=63 time=576 ms
    ^C
    --- 10.244.129.145 ping statistics ---
    5 packets transmitted, 4 received, 20% packet loss, time 4003ms
    rtt min/avg/max/mdev = 576.779/786.698/1208.463/257.874 ms, pipe 2
    root@ubuntu:~#

    networkpolicy有问题

    / # ping kubernetes.default
    PING kubernetes.default (10.96.0.1): 56 data bytes
    64 bytes from 10.96.0.1: seq=0 ttl=64 time=950.276 ms
    64 bytes from 10.96.0.1: seq=1 ttl=64 time=444.556 ms
    ^C
    --- kubernetes.default ping statistics ---
    3 packets transmitted, 2 packets received, 33% packet loss
    round-trip min/avg/max = 444.556/697.416/950.276 ms
    / # 
    root@ubuntu:~/tenant#  kubectl exec -it busybox  -- ping kubernetes.default
    PING kubernetes.default (10.96.0.1): 56 data bytes
    64 bytes from 10.96.0.1: seq=0 ttl=64 time=950.287 ms
    64 bytes from 10.96.0.1: seq=1 ttl=64 time=444.355 ms
    ^C
    --- kubernetes.default ping statistics ---
    2 packets transmitted, 2 packets received, 0% packet loss
    round-trip min/avg/max = 444.355/697.321/950.287 ms
    root@ubuntu:~/tenant# 
    root@ubuntu:~/tenant# kubectl exec -it busybox  -- nslookup nginx.default.svc.cluster.local
    Server:    10.96.0.10
    Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
    
    Name:      nginx.default.svc.cluster.local
    Address 1: 10.244.129.142 web-0.nginx.default.svc.cluster.local
    Address 2: 10.244.29.26 10-244-29-26.nginx.default.svc.cluster.local
    Address 3: 10.244.129.143 web-1.nginx.default.svc.cluster.local
    root@ubuntu:~/tenant# nslookup nginx.default.svc.cluster.local
    Server:         8.8.8.8
    Address:        8.8.8.8#53
    
    ** server can't find nginx.default.svc.cluster.local: NXDOMAIN
    
    root@ubuntu:~/tenant# 

    Kubernetes里的PersistentVolumeClaim

    Kubernetes的pod本身是无状态的(stateless),生命周期通常比较短,只要出现了异常,Kubernetes就会自动创建一个新的Pod来代替它。

    而容器产生的数据,会随着Pod消亡而自动消失。

    为了实现Pod内数据的存储管理,Kubernetes引入了两个API资源:Persistent Volume(持久卷,以下简称PV)和Persistent Volume Claim(持久卷申请,以下简称PVC)。

    PV是Kubernetes集群中的一种网络存储实现,跟Node一样,也是属于集群的资源。

    PV跟Docker里的Volume(卷)类似,不过会有独立于Pod的生命周期。

    使用kubectl get pv查看列表:

    而PVC是用户的一个请求,跟Pod类似。Pod消费Node的资源,PVC消费PV的资源。

    Pod 能够申请特定的资源(CPU和内存);PVC能够申请特定的尺寸和访问模式,例如可以加载一个读写实例或者多个只读实例,(就是上图kubectl get pvc返回结果的Access Mode这一列的值RWO, ROX等等)而无须感知这些实例背后具体的存储实现。

    Pod配置PersistentVolumeClaim

    1,创建PersistentVolume

    cat >nginx-pv.yaml<<-EOF
    kind: PersistentVolume
    apiVersion: v1
    metadata:
      name: task-pv-volume
      labels:
        type: local
    spec:
      storageClassName: manual
      capacity:
        storage: 10Gi
      accessModes:
        - ReadWriteOnce
      hostPath:
        path: "/mnt/data"
    EOF
    root@ubuntu:~/tenant# kubectl create -f  nginx-pv.yaml 
    persistentvolume/task-pv-volume created
    root@ubuntu:~/tenant# kubectl get pv
    NAME             CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM   STORAGECLASS   REASON   AGE
    task-pv-volume   10Gi       RWO            Retain           Available           manual                  11s
    root@ubuntu:~/tenant# kubectl get pvc
    NAME        STATUS    VOLUME   CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    www-web-0   Pending                                                     24m
    root@ubuntu:~/tenant# 

    2,创建PersistentVolumeClaim

    kind: PersistentVolumeClaim
    apiVersion: v1
    metadata:
      name: task-pv-claim
    spec:
      storageClassName: manual
      accessModes:
        - ReadWriteOnce
      resources:
        requests:
          storage: 3Gi
    root@ubuntu:~/tenant# kubectl create -f  nginx-pvc.yaml 
    persistentvolumeclaim/task-pv-claim created
    root@ubuntu:~/tenant# kubectl get pvc
    NAME            STATUS    VOLUME           CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    task-pv-claim   Bound     task-pv-volume   10Gi       RWO            manual         47s
    www-web-0       Pending                                                             26m
    root@ubuntu:~/tenant# 

    3,创建Pod使用PersistentVolumeClaim

    复制代码
    kind: Pod
    apiVersion: v1
    metadata:
      name: task-pv-pod
    spec:
      volumes:
        - name: task-pv-storage
          persistentVolumeClaim:
           claimName: task-pv-claim
      containers:
        - name: task-pv-container
          image: nginx
          ports:
            - containerPort: 80
              name: "http-server"
          volumeMounts:
            - mountPath: "/usr/share/nginx/html"
              name: task-pv-storage
    复制代码

    容器目录/usr/share/nginx/html已挂载到宿主机/mnt/data

    使用kubectl describe pvc  查看这个persistent volume claim对应生成的persistent volume:

    root@ubuntu:~/tenant# kubectl describe pvc  task-pv-claim
    Name:          task-pv-claim
    Namespace:     default
    StorageClass:  manual
    Status:        Bound
    Volume:        task-pv-volume
    Labels:        <none>
    Annotations:   pv.kubernetes.io/bind-completed: yes
                   pv.kubernetes.io/bound-by-controller: yes
    Finalizers:    [kubernetes.io/pvc-protection]
    Capacity:      10Gi
    Access Modes:  RWO
    VolumeMode:    Filesystem
    Mounted By:    task-pv-pod
    Events:        <none>
    root@ubuntu:~/tenant# cat nginx-pv.yaml 
    kind: PersistentVolume
    apiVersion: v1
    metadata:
      name: task-pv-volume
      labels:
        type: local
    spec:
      storageClassName: manual
      capacity:
        storage: 10Gi
      accessModes:
        - ReadWriteOnce
      hostPath:
        path: "/data"
    root@ubuntu:~/tenant# ls /data
    k8s
    root@ubuntu:~/tenant#
    root@ubuntu:~/tenant# ls /data1/
    a.out    barrier.c  long    office.21-30.flv  test10      test10.ii  test10.s  test11.cpp  test2    test3    test4    test5    test6      test7      test8      test9
    barrier  core       long.c  test              test10.cpp  test10.o   test11    test1.c     test2.c  test3.c  test4.c  test5.c  test6.cpp  test7.cpp  test8.cpp  test9.cpp
    root@ubuntu:~/tenant# 
    root@ubuntu:~/tenant# kubectl apply -f   nginx-pv.yaml
    Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
    The PersistentVolume "task-pv-volume" is invalid: spec.persistentvolumesource: Forbidden: is immutable after creation
    root@ubuntu:~/tenant# 
    root@ubuntu:~/tenant# kubectl create  -f nginx-pv.yaml
    persistentvolume/task-pv-volume created
    root@ubuntu:~/tenant# kubectl create  -f nginx-pvc.yaml
    persistentvolumeclaim/task-pv-claim created
    root@ubuntu:~/tenant# kubectl get pvc
    NAME            STATUS    VOLUME           CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    task-pv-claim   Bound     task-pv-volume   10Gi       RWO            manual         11s
    www-web-0       Pending                                                             39m
    root@ubuntu:~/tenant# kubectl get pv
    NAME             CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                   STORAGECLASS   REASON   AGE
    task-pv-volume   10Gi       RWO            Retain           Bound    default/task-pv-claim   manual                  16s
    root@ubuntu:~/tenant# 
    root@ubuntu:~/tenant# kubectl get pods -o wide
    NAME                             READY   STATUS      RESTARTS   AGE   IP               NODE      NOMINATED NODE   READINESS GATES
    example-foo-54dc4db9fc-lqz9j     1/1     Running     0          18d   10.244.29.26     bogon     <none>           <none>
    job-1-nginx-0                    0/1     Completed   0          21d   10.244.29.19     bogon     <none>           <none>
    task-pv-pod                      1/1     Running     0          35s   10.244.129.133   centos7   <none>           <none>
    root@ubuntu:~# kubectl describe pvc  task-pv-claim
    Name:          task-pv-claim
    Namespace:     default
    StorageClass:  manual
    Status:        Bound
    Volume:        task-pv-volume
    Labels:        <none>
    Annotations:   pv.kubernetes.io/bind-completed: yes
                   pv.kubernetes.io/bound-by-controller: yes
    Finalizers:    [kubernetes.io/pvc-protection]
    Capacity:      10Gi
    Access Modes:  RWO
    VolumeMode:    Filesystem
    Mounted By:    task-pv-pod
    Events:        <none>
    root@ubuntu:~# kubectl cp job.yaml   task-pv-pod:/usr/share/nginx/html
    root@ubuntu:~/tenant# kubectl exec  -it task-pv-pod  -- bash
    root@task-pv-pod:/# ls  /usr/share/nginx/html
    root@task-pv-pod:/# ls  /usr/share/nginx/    
    html
    root@task-pv-pod:/# ls  /usr/share/      
    X11      base-files   bash-completion  ca-certificates  debconf      dict  doc-base  fontconfig  gcc-8  info  keyrings  lintian  man   misc   pam          perl5    polkit-1  sensible-utils  terminfo  zoneinfo
    adduser  base-passwd  bug              common-licenses  debianutils  doc   dpkg      fonts       gdb    java  libc-bin  locale   menu  nginx  pam-configs  pixmaps  readline  tabset          xml       zsh
    root@task-pv-pod:/# ls  /usr/      
    bin  games  include  lib  local  sbin  share  src
    root@task-pv-pod:/# ls  /usr/share/nginx/html
    root@task-pv-pod:/# cd /usr/share/nginx/html
    root@task-pv-pod:/usr/share/nginx/html# ls
    root@task-pv-pod:/usr/share/nginx/html# touch test.txt
    root@task-pv-pod:/usr/share/nginx/html# ls
    test.txt
    root@task-pv-pod:/usr/share/nginx/html# touch html
    root@task-pv-pod:/usr/share/nginx/html# echo "hello" >> html
    root@task-pv-pod:/usr/share/nginx/html# ls
    html  job.yaml  test.txt
    root@task-pv-pod:/usr/share/nginx/html# 

    在pod所在的node查看

    [root@centos7 ~]# ls /data1/
    html  job.yaml  test.txt
    [root@centos7 ~]# 

    再创建一个pod

    root@ubuntu:~/tenant# kubectl create -f  nginx-another-pod.yaml 
    pod/task-pv-another-pod created
    root@ubuntu:~/tenant# kubectl exec  -it task-pv-another-pod  -- bash
    root@task-pv-another-pod:/# ls
    bin  boot  dev  docker-entrypoint.d  docker-entrypoint.sh  etc  home  lib  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
    root@task-pv-another-pod:/# ls /usr/share/nginx/html
    html  job.yaml  test.txt
    root@task-pv-another-pod:/# 
    root@ubuntu:~/tenant# cat nginx-another-pod.yaml
    kind: Pod
    apiVersion: v1
    metadata:
      name: task-pv-another-pod
    spec:
      volumes:
        - name: task-pv-storage
          persistentVolumeClaim:
           claimName: task-pv-claim
      containers:
        - name: task-pv-container
          image: nginx
          ports:
            - containerPort: 80
              name: "http-server"
          volumeMounts:
            - mountPath: "/usr/share/nginx/html"
              name: task-pv-storage
    root@ubuntu:~/tenant# 
    root@ubuntu:~/tenant# kubectl get pv
    NAME             CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                   STORAGECLASS   REASON   AGE
    task-pv-volume   10Gi       RWO            Retain           Bound    default/task-pv-claim   manual                  16m
    root@ubuntu:~/tenant# kubectl get pvc
    NAME            STATUS    VOLUME           CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    task-pv-claim   Bound     task-pv-volume   10Gi       RWO            manual         16m
    www-web-0       Pending                                                             56m
    root@ubuntu:~/tenant# 

    这个例子说明persistent volume claim能够用于在多个pod间共享持久化数据。

    删除两个pod

    root@ubuntu:~/tenant# kubectl delete  -f  nginx-another-pod.yaml 
    pod "task-pv-another-pod" deleted
    root@ubuntu:~/tenant# kubectl delete  -f  nginx-pod.yaml 
    pod "task-pv-pod" deleted
    root@ubuntu:~/tenant# 

    data1目录还在

    [root@centos7 ~]# ls /data1/
    html  job.yaml  test.txt
    [root@centos7 ~]# 

    StatefulSet

    详解 Kubernetes StatefulSet 实现原理

    PV、PVC、StorageClass讲解

    抓包就明白的coreDNS解析

    PersistentVolume/PersistentVolumeClaim

  • 相关阅读:
    Apache安装与属性配置
    Web服务及http协议
    转-httpd 2.4.4 + mysql-5.5.28 + php-5.4.13编译安装过程
    LAMP理论整理
    Rhel6-csync配置文档
    转载Eclipse中Maven WEB工程tomcat项目添加调试
    转载--eclipse git插件安装
    l连接远程桌面
    Aphache VFS
    JMS-activeMQ
  • 原文地址:https://www.cnblogs.com/dream397/p/15071793.html
Copyright © 2020-2023  润新知