1,资源的清单格式:
一级字段:apiVersion(group/version), kind, metadata(name,namespace,labels,annotations, ...), spec,status(只读)
查看字段说明:kubectl explain pods
查看二级字段说明(例):kubectl explain pods.metadata
查看三级字段说明(例):kubectl explain pods.spec.containers
•nodeSelector <map[string]string>:节点标签选择器
•nodeName <string>
•annotations:与label不同的地方在于,它不能用于挑选资源对象,仅用于为对象提供“元数据”
◆Pod生命周期中的重要行为:
•初始化容器
•容器探测:
•liveness:存活性探测
•readiness:就绪性探测
•lifecycle:生命周期;定义启动后(poststart)和终止前(prestop)的钩子行为。
•查看帮助:
kubectl explain pods.spec.containers.livenessProbe
kubectl explain pods.spec.containers.livenessProbe.exec
kubectl explain pods.spec.containers.livenessProbe.httpGet
•Pod的生命周期:
状态:Pending, Running, Failed, Succeeded, Unknown
•restartPolicy: Always, OnFailure, Never. Default to Always.
•探针类型有三种:ExecAction、TCPSocketAction、HTTPGetAction
【yaml创建pod示例】
官方文档:https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/
2,利用yaml文件创建pod
命令:kubectl create -f pod-demo.yaml
删除文件定义的资源:kubectl delete -f pod-demo.yaml
查看pod信息:kubectl describe pods pod-demo
查询出错容器的log:kubectl logs pod-demo busybox #pod-demo中的busybox容器
删除pod:kubectl delete pods pod-demo
进入pod中的某个容器:kubectl exec -it pod-demo -c myapp -- /bin/sh
apiVersion: v1
kind: Pod #自主式pod,删除pod不会重建。
metadata:
name: pod-demo
namespace: default
labels:
app: myapp
tier: frontend
annotations: #添加资源注解
aaabbb.com/created-by: "testuser01"
spec:
container:
- name: myapp
image: qiaomu2020/myapp:v1
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
- name: busybox
image: busybox:latest
imagePullPolicy: IfNotPresent #latest标签的镜像默认策略为always,修改后,节省带宽。
#command: ["/bin/sh","-c","sleep 3600"] #这样的写法也是可以的。
command:
- "bin/sh
- "-c"
- "sleep 1800"
nodeSelector: #给pod添加节点选择器。
disktype: hhd
◆镜像和容器中的命令生效规则如下图:
3,标签相关操作
◆标签:
key=value
key: 字母、数字、_、-、.
value:可以为空,只能字母或数字开头及结尾,中间可使用_、-、.
◆标签选择器:
•等值关系:=,==,!=
•集合关系:
KEY in (VALUE1,VALUE2,...)
KEY notin (VALUE1,VALUE2,...)
KEY
!KEY
•过滤出包含app标签的pod: kubectl get pods -l app --show-labels
•过滤出包含app标签和release标签的pod: kubectl get pods -l release,app
•过滤出包含app=myapp和release=stable的pod: kubectl get pods -l release=stable,app=myapp
•查询结果中显示app标签和Run标签这两列:kubelctl get pods -L app,run
•添加标签/打新标签:kubectl label pods pod-demo release=canary #添加标签/打新标签 release=canary
•修改标签值:kubectl label pods pod-demo release=stable --overwrite #标签值改为stable。
•过滤出release in (canary,beta,alpha)的pod: kubectl get pods -l “release in (canary,beta,alpha)”
◆许多资源支持内嵌字段定义其使用的标签选择器:
matchLabels:直接给定键值
matchExpressions:基于给定的表达式来定义使用标签选择器,{key:"KEY", operator:"OPERATOR",values:[VAL1,VAL2,...]}
•操作符:
In, NotIn:values字段的值必须为非空列表;
Exists, NotExists:values字段的值必须为空列表;
•节点标签选择器,用于指定pod运行于那一类节点上:nodeSelector <map[string]string>
指定node名,用于指定pod运行于那个节点上:nodeName <string>
annotations:资源注解;与label不同的地方在于,它不能用于挑选资源对象,仅用于为对象提供“元数据”。
例:
显示节点的标签列:kubectl get nodes --show-labels
给节点打标签:kubectl label nodes k8snode01 disktype=hhd
查看annotations:kubectl pods describe pod-demo
4,探针
◆liveness 探针的exec使用例
apiVersion: v1
kind: Pod
metadata:
name: liveness-exec-pod
namespace: default
spec:
containers:
- name: liveness-exec-container
image: busybox:latest
imagePullPolicy: IfNotPresent
command: ["/bin/sh","-c","touch /tmp/healthy; sleep 30; rm -f /tmp/healthy; sleep 3600"]
livenessProbe:
exec:
command: ["test","-e","/tmp/healthy"]
initialDelaySeconds: 1 #延迟几秒,开始探测
periodSeconds: 3 #探测周期
●验证
创建pod:kubectl create -f liveness-exec.yaml
•查看pod:
kubectl get pods -w
kubectl describe pods liveness-exec-pod
◆liveness 探针的httpget使用例
apiVersion: v1
kind: Pod #自主式pod,删除pod不会重建。
metadata:
name: liveness-httpget-pod
namespace: default
spec:
containers:
- name: liveness-httpget-container
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- name: http_port
containerPort: 80
livenessProbe:
httpGet:
port: http_port
path: /index.html
initialDelaySeconds: 1 #延迟几秒,开始探测
periodSeconds: 3 #探测周期
●验证
创建pod:kubectl create -f liveness-httpget.yaml
•查看pod:
kubectl get pods -w
kubectl describe pods liveness-httpget-pod
kubectl exec –it liveness-httpget-pod -- /bin/sh
制造问题:接入容器,手动删除index.html.
删除pod: kubectl delete -f liveness-httpget.yaml
◆readiness 探针的httpget使用例
apiVersion: v1
kind: Pod #自主式pod,删除pod不会重建。
metadata:
name: readiness-httpget-pod
namespace: default
spec:
containers:
- name: readiness-httpget-container
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- name: http_port
containerPort: 80
readinessProbe:
httpGet:
port: http_port
path: /index.html
initialDelaySeconds: 1 #延迟几秒,开始探测
periodSeconds: 3 #探测周期
◆lifecycle的poststart使用例
apiVersion: v1
kind: Pod #自主式pod,删除pod不会重建。
metadata:
name: poststart-pod
namespace: default
spec:
containers:
- name: busybox-httpd
image: busybox:latest
imagePullPolicy: IfNotPresent
lifecycle:
postStart:
exec:
command: ["/bin/sh","-c","mkdir -p /data/web/html; echo 'Home Page' >> /data/web/html/index.html"]
#command: ["/bin/httpd"] #注释掉2行,此处要是强依赖poststart的命令,pod会出错的。
#args: ["-f","-h /data/web/html"]
5,Pod控制器:
kind: Pod:为自主式pod,删除pod后不会重建。
ReplicationController:
ReplicaSet:为新一代的ReplicationController,kubenetes不推荐使用。
Deployment:建立在ReplicaSet之上,比其功能更强大。支持滚动更新,回滚等。管理无状态应用最好的控制器,推荐使用。
DaemonSet:部署系统级应用,以守护进程持续运行在集群的一个节点上,且一个节点仅部署一个。
Job:
Cronjob:周期性任务。
StatefulSet:
5.1,ReplicaSet控制器
•查看帮助:
kubectl explain rs
kubectl explain rs.spec.selector
◆ReplicaSet控制器示例(rsdemo.yaml):
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: myapp
namespace: default
spec: #控制器的规格。
replicas: 2
selector:
matchLabels:
app: myapp
release: canary
template:
metadata:
name: myapp-pod
labels:
app: myapp #模板中定义的标签务必包含符合pod选择器中的标签,否则定义无意义。
release: canary
environment: qa
spec: #pod的规格
containers:
- name: myapp-container
image: ikubernetes/myapp:v1
ports:
- name: http
containerPort: 80
查询:kubectl get rs
•动态修改ReplicaSet控制器:kubectl edit rs rsdemo #直接修改控制器,若Pod未重建,更改并未生效。
5.2,Deployment控制器
kubectl explain deploy.spec.template
kubectl rollout –help
◆Deployment控制器示例:
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-deploy
namespace: default
spec:
replicas: 3
selector:
matchLabels:
app: myapp
release: canary
template:
metadata:
labels:
app: myapp
release: canary
spec:
containers:
- name: myapp
image: qiaomu2020/myapp:v2
ports:
- name: http
containerPort: 80
●确认
kubectl apply –f deploy-demo.yaml #apply可以执行多次,create只能执行一次。
kubectl get deploy
kubectl get rs -o wide
•查看详细信息:kubectl describe deploy myapp-deploy
•过滤监视app=myapp:kubectl get pods –l app=myapp -w
•更新镜像:kubectl set image deployment myapp-deploy myapp=qiaomu2020/myapp:v3
•查看滚动历史:kubectl rollout history deployment myapp-deploy
•更新deployment的配置:
kubectl patch deployment myapp-deploy –p ‘{“spec”:{“replicas”:5}}’
kubectl patch deployment myapp-deploy –p ‘{“spec”:{“strategy”:{“rollingUpdate”:{masSurge”:1,”maxUnavailable”:0}}}}’
•回滚到某个历史版本:
kubectl rollout undo deployment myapp-deploy –to-revision=1
5.3,DaemonSet控制器
支持滚动更新。
滚动更新策略:kubectl explain ds.spec.upldateStrategy
◆DaemonSet控制器示例:
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: filetest-ds
namespace: default
spec:
selector:
matchLabels:
app: filetest
release: stable
template:
metadata:
labels:
app: filetest
release: stable
spec:
containers:
- name: filetest
image: qiaomu2020/filetest:2.3-alpine
env:
- name: REDIS_HOST
value: redis.default.svc.cluster.local
- name: REDIS_LOG_LEVEL
value: info
●确认
kubectl apply –f ds-demo.yaml
kubectl expose deployment redis --port=6379
更新镜像:kubectl set image daemonsets filetest-ds filetest=qiaomu2020/filetest:2.3-alpine