Deploy 的控制器定义参数介绍
[root@master manifests]# kubectl explain deploy
KIND: Deployment
VERSION: extensions/v1beta1
DESCRIPTION:
DEPRECATED - This group version of Deployment is deprecated by
apps/v1beta2/Deployment. See the release notes for more information.
Deployment enables declarative updates for Pods and ReplicaSets.
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#resources
kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
metadata <Object> 元数据
Standard object metadata.
spec <Object> 控制器的期望状态定义
Specification of the desired behavior of the Deployment.
status <Object>
Most recently observed status of the Deployment.
deploy的控制器期望状态的定义参数介绍
[root@master manifests]# kubectl explain deploy.spec
KIND: Deployment
VERSION: extensions/v1beta1
RESOURCE: spec <Object>
DESCRIPTION:
Specification of the desired behavior of the Deployment.
DeploymentSpec is the specification of the desired behavior of the
Deployment.
FIELDS:
minReadySeconds <integer>
Minimum number of seconds for which a newly created pod should be ready
without any of its container crashing, for it to be considered available.
Defaults to 0 (pod will be considered available as soon as it is ready)
paused <boolean> 暂停更新
Indicates that the deployment is paused and will not be processed by the
deployment controller.
progressDeadlineSeconds <integer>
The maximum time in seconds for a deployment to make progress before it is
considered to be failed. The deployment controller will continue to process
failed deployments and a condition with a ProgressDeadlineExceeded reason
will be surfaced in the deployment status. Note that progress will not be
estimated during the time a deployment is paused. This is set to the max
value of int32 (i.e. 2147483647) by default, which means "no deadline".
replicas <integer> pod的副本个数
Number of desired pods. This is a pointer to distinguish between explicit
zero and not specified. Defaults to 1.
revisionHistoryLimit <integer> 最多在历史中保留多少版本,默认10个
The number of old ReplicaSets to retain to allow rollback. This is a
pointer to distinguish between explicit zero and not specified. This is set
to the max value of int32 (i.e. 2147483647) by default, which means
"retaining all old RelicaSets".
rollbackTo <Object>
DEPRECATED. The config this deployment is rolling back to. Will be cleared
after rollback is done.
selector <Object>
Label selector for pods. Existing ReplicaSets whose pods are selected by
this will be the ones affected by this deployment.
strategy <Object> 更新策略的定义
The deployment strategy to use to replace existing pods with new ones.
template <Object> -required- pod的定义
Template describes the pods that will be created.
更新策略定义参数介绍
[root@master manifests]# kubectl explain deploy.spec.strategy
KIND: Deployment
VERSION: extensions/v1beta1
RESOURCE: strategy <Object>
DESCRIPTION:
The deployment strategy to use to replace existing pods with new ones.
DeploymentStrategy describes how to replace existing pods with new ones.
FIELDS:
rollingUpdate <Object> 定义滚动策略
Rolling update config params. Present only if DeploymentStrategyType =
RollingUpdate.
type <string>Recreate 重建式更新表示删一个旧的,创建一个新的;RollingUpdate 表示滚动更新
Type of deployment. Can be "Recreate" or "RollingUpdate". Default is
RollingUpdate.
[root@master manifests]# kubectl explain deploy.spec.strategy.rollingUpdate
KIND: Deployment
VERSION: extensions/v1beta1
RESOURCE: rollingUpdate <Object>
DESCRIPTION:
Rolling update config params. Present only if DeploymentStrategyType =
RollingUpdate.
Spec to control the desired behavior of rolling update.
FIELDS:
maxSurge <string> 更新过程中最多超出去pod期望副本几个;取值可以百分比也可以是具体个数
The maximum number of pods that can be scheduled above the desired number
of pods. Value can be an absolute number (ex: 5) or a percentage of desired
pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number
is calculated from percentage by rounding up. By default, a value of 1 is
used. Example: when this is set to 30%, the new RC can be scaled up
immediately when the rolling update starts, such that the total number of
old and new pods do not exceed 130% of desired pods. Once old pods have
been killed, new RC can be scaled up further, ensuring that total number of
pods running at any time during the update is at most 130% of desired pods.
maxUnavailable <string> 最多不可用pod数量
The maximum number of pods that can be unavailable during the update. Value
can be an absolute number (ex: 5) or a percentage of desired pods (ex:
10%). Absolute number is calculated from percentage by rounding down. This
can not be 0 if MaxSurge is 0. By default, a fixed value of 1 is used.
Example: when this is set to 30%, the old RC can be scaled down to 70% of
desired pods immediately when the rolling update starts. Once new pods are
ready, old RC can be scaled down further, followed by scaling up the new
RC, ensuring that the total number of pods available at all times during
the update is at least 70% of desired pods.
控制器pod的定义参数
[root@master manifests]# kubectl explain deploy.spec.template
KIND: Deployment
VERSION: extensions/v1beta1
RESOURCE: template <Object>
DESCRIPTION:
Template describes the pods that will be created.
PodTemplateSpec describes the data a pod should have when created from a
template
FIELDS:
metadata <Object> pod 元数据定义
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
spec <Object> pod 期望状态定义
Specification of the desired behavior of the pod. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
控制器pod 元数据定义
[root@master manifests]# kubectl explain deploy.spec.template.metadata
KIND: Deployment
VERSION: extensions/v1beta1
RESOURCE: metadata <Object>
DESCRIPTION:
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
ObjectMeta is metadata that all persisted resources must have, which
includes all objects users must create.
FIELDS:
annotations <map[string]string>
Annotations is an unstructured key value map stored with a resource that
may be set by external tools to store and retrieve arbitrary metadata. They
are not queryable and should be preserved when modifying objects. More
info: http://kubernetes.io/docs/user-guide/annotations
clusterName <string>
The name of the cluster which the object belongs to. This is used to
distinguish resources with same name and namespace in different clusters.
This field is not set anywhere right now and apiserver is going to ignore
it if set in create or update request.
creationTimestamp <string>
CreationTimestamp is a timestamp representing the server time when this
object was created. It is not guaranteed to be set in happens-before order
across separate operations. Clients may not set this value. It is
represented in RFC3339 form and is in UTC. Populated by the system.
Read-only. Null for lists. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
deletionGracePeriodSeconds <integer>
Number of seconds allowed for this object to gracefully terminate before it
will be removed from the system. Only set when deletionTimestamp is also
set. May only be shortened. Read-only.
deletionTimestamp <string>
DeletionTimestamp is RFC 3339 date and time at which this resource will be
deleted. This field is set by the server when a graceful deletion is
requested by the user, and is not directly settable by a client. The
resource is expected to be deleted (no longer visible from resource lists,
and not reachable by name) after the time in this field, once the
finalizers list is empty. As long as the finalizers list contains items,
deletion is blocked. Once the deletionTimestamp is set, this value may not
be unset or be set further into the future, although it may be shortened or
the resource may be deleted prior to this time. For example, a user may
request that a pod is deleted in 30 seconds. The Kubelet will react by
sending a graceful termination signal to the containers in the pod. After
that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
to the container and after cleanup, remove the pod from the API. In the
presence of network partitions, this object may still exist after this
timestamp, until an administrator or automated process can determine the
resource is fully terminated. If not set, graceful deletion of the object
has not been requested. Populated by the system when a graceful deletion is
requested. Read-only. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
finalizers <[]string>
Must be empty before the object is deleted from the registry. Each entry is
an identifier for the responsible component that will remove the entry from
the list. If the deletionTimestamp of the object is non-nil, entries in
this list can only be removed.
generateName <string>
GenerateName is an optional prefix, used by the server, to generate a
unique name ONLY IF the Name field has not been provided. If this field is
used, the name returned to the client will be different than the name
passed. This value will also be combined with a unique suffix. The provided
value has the same validation rules as the Name field, and may be truncated
by the length of the suffix required to make the value unique on the
server. If this field is specified and the generated name exists, the
server will NOT return a 409 - instead, it will either return 201 Created
or 500 with Reason ServerTimeout indicating a unique name could not be
found in the time allotted, and the client should retry (optionally after
the time indicated in the Retry-After header). Applied only if Name is not
specified. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
generation <integer>
A sequence number representing a specific generation of the desired state.
Populated by the system. Read-only.
initializers <Object>
An initializer is a controller which enforces some system invariant at
object creation time. This field is a list of initializers that have not
yet acted on this object. If nil or empty, this object has been completely
initialized. Otherwise, the object is considered uninitialized and is
hidden (in list/watch and get calls) from clients that haven't explicitly
asked to observe uninitialized objects. When an object is created, the
system will populate this list with the current set of initializers. Only
privileged users may set or modify this list. Once it is empty, it may not
be modified further by any user. DEPRECATED - initializers are an alpha
field and will be removed in v1.15.
labels <map[string]string> 标签定义
Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services. More info: http://kubernetes.io/docs/user-guide/labels
managedFields <[]Object>
ManagedFields maps workflow-id and version to the set of fields that are
managed by that workflow. This is mostly for internal housekeeping, and
users typically shouldn't need to set or understand this field. A workflow
can be the user's name, a controller's name, or the name of a specific
apply path like "ci-cd". The set of fields is always in the version that
the workflow used when modifying the object. This field is alpha and can be
changed or removed without notice.
name <string> 名字定义
Name must be unique within a namespace. Is required when creating
resources, although some resources may allow a client to request the
generation of an appropriate name automatically. Name is primarily intended
for creation idempotence and configuration definition. Cannot be updated.
More info: http://kubernetes.io/docs/user-guide/identifiers#names
namespace <string> 名称空间的定义
Namespace defines the space within each name must be unique. An empty
namespace is equivalent to the "default" namespace, but "default" is the
canonical representation. Not all objects are required to be scoped to a
namespace - the value of this field for those objects will be empty. Must
be a DNS_LABEL. Cannot be updated. More info:
http://kubernetes.io/docs/user-guide/namespaces
ownerReferences <[]Object>
List of objects depended by this object. If ALL objects in the list have
been deleted, this object will be garbage collected. If this object is
managed by a controller, then an entry in this list will point to this
controller, with the controller field set to true. There cannot be more
than one managing controller.
resourceVersion <string>
An opaque value that represents the internal version of this object that
can be used by clients to determine when objects have changed. May be used
for optimistic concurrency, change detection, and the watch operation on a
resource or set of resources. Clients must treat these values as opaque and
passed unmodified back to the server. They may only be valid for a
particular resource or set of resources. Populated by the system.
Read-only. Value must be treated as opaque by clients and . More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
selfLink <string>
SelfLink is a URL representing this object. Populated by the system.
Read-only.
uid <string>
UID is the unique in time and space value for this object. It is typically
generated by the server on successful creation of a resource and is not
allowed to change on PUT operations. Populated by the system. Read-only.
More info: http://kubernetes.io/docs/user-guide/identifiers#uids
控制器pod期望状态定义
[root@master manifests]# kubectl explain deploy.spec.template.spec
KIND: Deployment
VERSION: extensions/v1beta1
RESOURCE: spec <Object>
DESCRIPTION:
Specification of the desired behavior of the pod. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
PodSpec is a description of a pod.
FIELDS:
activeDeadlineSeconds <integer>
Optional duration in seconds the pod may be active on the node relative to
StartTime before the system will actively try to mark it failed and kill
associated containers. Value must be a positive integer.
affinity <Object>
If specified, the pod's scheduling constraints
automountServiceAccountToken <boolean>
AutomountServiceAccountToken indicates whether a service account token
should be automatically mounted.
containers <[]Object> -required- pod 里容器相关定义
List of containers belonging to the pod. Containers cannot currently be
added or removed. There must be at least one container in a Pod. Cannot be
updated.
dnsConfig <Object>
Specifies the DNS parameters of a pod. Parameters specified here will be
merged to the generated DNS configuration based on DNSPolicy.
dnsPolicy <string>
Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are
'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS
parameters given in DNSConfig will be merged with the policy selected with
DNSPolicy. To have DNS options set along with hostNetwork, you have to
specify DNS policy explicitly to 'ClusterFirstWithHostNet'.
enableServiceLinks <boolean>
EnableServiceLinks indicates whether information about services should be
injected into pod's environment variables, matching the syntax of Docker
links. Optional: Defaults to true.
hostAliases <[]Object>
HostAliases is an optional list of hosts and IPs that will be injected into
the pod's hosts file if specified. This is only valid for non-hostNetwork
pods.
hostIPC <boolean>
Use the host's ipc namespace. Optional: Default to false.
hostNetwork <boolean>
Host networking requested for this pod. Use the host's network namespace.
If this option is set, the ports that will be used must be specified.
Default to false.
hostPID <boolean>
Use the host's pid namespace. Optional: Default to false.
hostname <string>
Specifies the hostname of the Pod If not specified, the pod's hostname will
be set to a system-defined value.
imagePullSecrets <[]Object>
ImagePullSecrets is an optional list of references to secrets in the same
namespace to use for pulling any of the images used by this PodSpec. If
specified, these secrets will be passed to individual puller
implementations for them to use. For example, in the case of docker, only
DockerConfig type secrets are honored. More info:
https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod
initContainers <[]Object>
List of initialization containers belonging to the pod. Init containers are
executed in order prior to containers being started. If any init container
fails, the pod is considered to have failed and is handled according to its
restartPolicy. The name for an init container or normal container must be
unique among all containers. Init containers may not have Lifecycle
actions, Readiness probes, or Liveness probes. The resourceRequirements of
an init container are taken into account during scheduling by finding the
highest request/limit for each resource type, and then using the max of of
that value or the sum of the normal containers. Limits are applied to init
containers in a similar fashion. Init containers cannot currently be added
or removed. Cannot be updated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
nodeName <string>
NodeName is a request to schedule this pod onto a specific node. If it is
non-empty, the scheduler simply schedules this pod onto that node, assuming
that it fits resource requirements.
nodeSelector <map[string]string>
NodeSelector is a selector which must be true for the pod to fit on a node.
Selector which must match a node's labels for the pod to be scheduled on
that node. More info:
https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
preemptionPolicy <string>
PreemptionPolicy is the Policy for preempting pods with lower priority. One
of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset.
This field is alpha-level and is only honored by servers that enable the
NonPreemptingPriority feature.
priority <integer>
The priority value. Various system components use this field to find the
priority of the pod. When Priority Admission Controller is enabled, it
prevents users from setting this field. The admission controller populates
this field from PriorityClassName. The higher the value, the higher the
priority.
priorityClassName <string>
If specified, indicates the pod's priority. "system-node-critical" and
"system-cluster-critical" are two special keywords which indicate the
highest priorities with the former being the highest priority. Any other
name must be defined by creating a PriorityClass object with that name. If
not specified, the pod priority will be default or zero if there is no
default.
readinessGates <[]Object>
If specified, all readiness gates will be evaluated for pod readiness. A
pod is ready when all its containers are ready AND all conditions specified
in the readiness gates have status equal to "True" More info:
https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md
restartPolicy <string>
Restart policy for all containers within the pod. One of Always, OnFailure,
Never. Default to Always. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
runtimeClassName <string>
RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group,
which should be used to run this pod. If no RuntimeClass resource matches
the named class, the pod will not be run. If unset or empty, the "legacy"
RuntimeClass will be used, which is an implicit class with an empty
definition that uses the default runtime handler. More info:
https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md This is a
beta feature as of Kubernetes v1.14.
schedulerName <string>
If specified, the pod will be dispatched by specified scheduler. If not
specified, the pod will be dispatched by default scheduler.
securityContext <Object>
SecurityContext holds pod-level security attributes and common container
settings. Optional: Defaults to empty. See type description for default
values of each field.
serviceAccount <string>
DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.
Deprecated: Use serviceAccountName instead.
serviceAccountName <string>
ServiceAccountName is the name of the ServiceAccount to use to run this
pod. More info:
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
shareProcessNamespace <boolean>
Share a single process namespace between all of the containers in a pod.
When this is set containers will be able to view and signal processes from
other containers in the same pod, and the first process in each container
will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both
be set. Optional: Default to false. This field is beta-level and may be
disabled with the PodShareProcessNamespace feature.
subdomain <string>
If specified, the fully qualified Pod hostname will be
"<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>". If not
specified, the pod will not have a domainname at all.
terminationGracePeriodSeconds <integer>
Optional duration in seconds the pod needs to terminate gracefully. May be
decreased in delete request. Value must be non-negative integer. The value
zero indicates delete immediately. If this value is nil, the default grace
period will be used instead. The grace period is the duration in seconds
after the processes running in the pod are sent a termination signal and
the time when the processes are forcibly halted with a kill signal. Set
this value longer than the expected cleanup time for your process. Defaults
to 30 seconds.
tolerations <[]Object>
If specified, the pod's tolerations.
volumes <[]Object>
List of volumes that can be mounted by containers belonging to the pod.
More info: https://kubernetes.io/docs/concepts/storage/volumes
控制器pod 容器相关定义
[root@master manifests]# kubectl explain deploy.spec.template.spec.containers
KIND: Deployment
VERSION: extensions/v1beta1
RESOURCE: containers <[]Object>
DESCRIPTION:
List of containers belonging to the pod. Containers cannot currently be
added or removed. There must be at least one container in a Pod. Cannot be
updated.
A single application container that you want to run within a pod.
FIELDS:
args <[]string>
Arguments to the entrypoint. The docker image's CMD is used if this is not
provided. Variable references $(VAR_NAME) are expanded using the
container's environment. If a variable cannot be resolved, the reference in
the input string will be unchanged. The $(VAR_NAME) syntax can be escaped
with a double $$, ie: $$(VAR_NAME). Escaped references will never be
expanded, regardless of whether the variable exists or not. Cannot be
updated. More info:
https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
command <[]string>
Entrypoint array. Not executed within a shell. The docker image's
ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME)
are expanded using the container's environment. If a variable cannot be
resolved, the reference in the input string will be unchanged. The
$(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME).
Escaped references will never be expanded, regardless of whether the
variable exists or not. Cannot be updated. More info:
https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
env <[]Object>
List of environment variables to set in the container. Cannot be updated.
envFrom <[]Object>
List of sources to populate environment variables in the container. The
keys defined within a source must be a C_IDENTIFIER. All invalid keys will
be reported as an event when the container is starting. When a key exists
in multiple sources, the value associated with the last source will take
precedence. Values defined by an Env with a duplicate key will take
precedence. Cannot be updated.
image <string> 镜像定义
Docker image name. More info:
https://kubernetes.io/docs/concepts/containers/images This field is
optional to allow higher level config management to default or override
container images in workload controllers like Deployments and StatefulSets.
imagePullPolicy <string> 镜像的获取方法定义
Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always
if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated.
More info:
https://kubernetes.io/docs/concepts/containers/images#updating-images
lifecycle <Object>
Actions that the management system should take in response to container
lifecycle events. Cannot be updated.
livenessProbe <Object>
Periodic probe of container liveness. Container will be restarted if the
probe fails. Cannot be updated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
name <string> -required-
Name of the container specified as a DNS_LABEL. Each container in a pod
must have a unique name (DNS_LABEL). Cannot be updated.
ports <[]Object> 容器里暴露端口的定义
List of ports to expose from the container. Exposing a port here gives the
system additional information about the network connections a container
uses, but is primarily informational. Not specifying a port here DOES NOT
prevent that port from being exposed. Any port which is listening on the
default "0.0.0.0" address inside a container will be accessible from the
network. Cannot be updated.
readinessProbe <Object>
Periodic probe of container service readiness. Container will be removed
from service endpoints if the probe fails. Cannot be updated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
resources <Object>
Compute Resources required by this container. Cannot be updated. More info:
https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
securityContext <Object>
Security options the pod should run with. More info:
https://kubernetes.io/docs/concepts/policy/security-context/ More info:
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
stdin <boolean>
Whether this container should allocate a buffer for stdin in the container
runtime. If this is not set, reads from stdin in the container will always
result in EOF. Default is false.
stdinOnce <boolean>
Whether the container runtime should close the stdin channel after it has
been opened by a single attach. When stdin is true the stdin stream will
remain open across multiple attach sessions. If stdinOnce is set to true,
stdin is opened on container start, is empty until the first client
attaches to stdin, and then remains open and accepts data until the client
disconnects, at which time stdin is closed and remains closed until the
container is restarted. If this flag is false, a container processes that
reads from stdin will never receive an EOF. Default is false
terminationMessagePath <string>
Optional: Path at which the file to which the container's termination
message will be written is mounted into the container's filesystem. Message
written is intended to be brief final status, such as an assertion failure
message. Will be truncated by the node if greater than 4096 bytes. The
total message length across all containers will be limited to 12kb.
Defaults to /dev/termination-log. Cannot be updated.
terminationMessagePolicy <string>
Indicate how the termination message should be populated. File will use the
contents of terminationMessagePath to populate the container status message
on both success and failure. FallbackToLogsOnError will use the last chunk
of container log output if the termination message file is empty and the
container exited with an error. The log output is limited to 2048 bytes or
80 lines, whichever is smaller. Defaults to File. Cannot be updated.
tty <boolean>
Whether this container should allocate a TTY for itself, also requires
'stdin' to be true. Default is false.
volumeDevices <[]Object>
volumeDevices is the list of block devices to be used by the container.
This is a beta feature.
volumeMounts <[]Object>
Pod volumes to mount into the container's filesystem. Cannot be updated.
workingDir <string>
Container's working directory. If not specified, the container runtime's
default will be used, which might be configured in the container image.
Cannot be updated.
编写deploy的yaml文件,并且启动pod
[root@master manifests]# cat deploy.yaml
apiVersion: apps/v1 api版本
kind: Deployment
metadata: 控制器元数据
name: myapp-dp
namespace: default
spec: 控制器期望状态
replicas: 10 pod副本个数
revisionHistoryLimit: 5 保留5个历史版本
selector: 选择标签选择器
matchLabels: 使用的标签选择器
app: myapp-cx 定义的标签
cx: yl
strategy: 更新策相关定义
rollingUpdate: 更新策略方式定义
maxSurge: 3 #表示每次更新时允许最多比期望状态pod个数多出3个
type: RollingUpdate 采用上面定义的更新方式更新
template: pod 的定义
metadata: pod 元数据定义
labels: 标签定义
app: myapp-cx
cx: yl
name: myapp-dp
namespace: default
spec: pod 期望状态定义
containers: pod 里容器定义
- name: myapp-f 名字
image: ikubernetes/myapp:v1 镜像
ports: 暴露端口定义
- name: httpd 端口名字
containerPort: 80 容器里暴露端口
livenessProbe: 容器状态探针定义
tcpSocket: 使用tcpSocket方式
port: 80 测80端口
启动;声明式创建
[root@master manifests]# kubectl apply -f deploy.yaml
查看
[root@master manifests]# kubectl get deploy NAME READY UP-TO-DATE AVAILABLE AGE myapp 1/1 1 1 16d myapp-dp 10/10 10 10 14m nginx 1/1 1 1 16d
更新pod 副本个数为3个
[root@master manifests]# vim deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-dp
namespace: default
spec:
replicas: 3 副本数调整为3个
revisionHistoryLimit: 5
selector:
matchLabels:
app: myapp-cx
cx: yl
strategy:
rollingUpdate:
maxSurge: 3
type: RollingUpdate
template:
metadata:
labels:
app: myapp-cx
cx: yl
name: myapp-dp
namespace: default
spec:
containers:
- name: myapp-f
image: ikubernetes/myapp:v1
ports:
- name: httpd
containerPort: 80
livenessProbe:
tcpSocket:
port: 80
[root@master manifests]# kubectl apply -f deploy.yaml 更新
deployment.apps/myapp-dp configured
[root@master manifests]# kubectl get deploy 查看
NAME READY UP-TO-DATE AVAILABLE AGE
myapp 1/1 1 1 16d
myapp-dp 3/3 3 3 19m
nginx 1/1 1 1 16d
查看这个控制器的信息
[root@master manifests]# kubectl describe deploy myapp-dp
Name: myapp-dp
Namespace: default
CreationTimestamp: Sat, 10 Aug 2019 17:47:36 +0800
Labels: <none>
Annotations: deployment.kubernetes.io/revision: 1
kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"myapp-dp","namespace":"
default"},"spec":{"replicas":3,"re...Selector: app=myapp-cx,cx=yl
Replicas: 3 desired | 3 updated | 3 total | 3 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 3 max surge #更新策略
Pod Template:
Labels: app=myapp-cx
cx=yl
Containers:
myapp-f:
Image: ikubernetes/myapp:v1
Port: 80/TCP
Host Port: 0/TCP
Liveness: tcp-socket :80 delay=0s timeout=1s period=10s #success=1 #failure=3
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: myapp-dp-d86f5c644 (3/3 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 21m deployment-controller Scaled up replica set myapp-dp-d86f5c644 to 10
Normal ScalingReplicaSet 2m46s deployment-controller Scaled down replica set myapp-dp-d86f5c644 to 3
版本更新操作
[root@master manifests]# vim deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-dp
namespace: default
spec:
replicas: 3
revisionHistoryLimit: 5
selector:
matchLabels:
app: myapp-cx
cx: yl
strategy:
rollingUpdate:
maxSurge: 3
type: RollingUpdate
template:
metadata:
labels:
app: myapp-cx
cx: yl
name: myapp-dp
namespace: default
spec:
containers:
- name: myapp-f
image: ikubernetes/myapp:v2 由v1 改v2
ports:
- name: httpd
containerPort: 80
livenessProbe:
tcpSocket:
port: 80
[root@master manifests]# kubectl apply -f deploy.yaml
deployment.apps/myapp-dp configured
查看更新结果
[root@master manifests]# kubectl get rs -o wide NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp-dp-5ffd8b95f9 3 3 3 2m16s myapp-f ikubernetes/myapp:v2 app=myapp-cx,cx=yl,pod-template-hash=5ffd8b95f9 版本更新 myapp-dp-d86f5c644 0 0 0 33m myapp-f ikubernetes/myapp:v1 app=myapp-cx,cx=yl,pod-template-hash=d86f5c644 保留历史版本
跟历史版本相关的操作帮助
[root@master manifests]# kubectl rollout --help Manage the rollout of a resource. Valid resource types include: * deployments * daemonsets * statefulsets Examples: # Rollback to the previous deployment kubectl rollout undo deployment/abc # Check the rollout status of a daemonset kubectl rollout status daemonset/foo Available Commands: history 显示 rollout 历史 pause 标记提供的 resource 为中止状态 restart Restart a resource resume 继续一个停止的 resource status 显示 rollout 的状态 undo 撤销上一次的 rollout Usage: kubectl rollout SUBCOMMAND [options] Use "kubectl <command> --help" for more information about a given command. Use "kubectl options" for a list of global command-line options (applies to all commands
查看历史版本
[root@master manifests]# kubectl rollout history deploy myapp-dp deployment.extensions/myapp-dp REVISION CHANGE-CAUSE 1 <none> 2 <none>
通过打补丁方式更新pod副本个数
[root@master manifests]# kubectl patch deploy myapp-dp -p '{"spec":{"replicas":5}}'
deployment.extensions/myapp-dp patched
[root@master manifests]# kubectl get rs -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
myapp-dp-5ffd8b95f9 5 5 5 13m myapp-f ikubernetes/myapp:v2 app=myapp-cx,cx=yl,pod-template-hash=5ffd8b95f9 修改为5个
myapp-dp-d86f5c644 0 0 0 44m myapp-f ikubernetes/myapp:v1 app=myapp-cx,cx=yl,pod-template-hash=d86f5c644
通过打补丁方式修改更新策略
[root@master manifests]# kubectl patch deploy myapp-dp -p '{"spec":{"strategy":{"rollingUpdate":{"maxSurge":1,"maxUnavailable":0}}}}'
deployment.extensions/myapp-dp patched
[root@master manifests]# kubectl describe deploy myapp-dp
Name: myapp-dp
Namespace: default
CreationTimestamp: Sat, 10 Aug 2019 17:47:36 +0800
Labels: app=myapp-cx
cx=yl
Annotations: deployment.kubernetes.io/revision: 2
kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"myapp-dp","namespace":"default"},"spec":{"replicas":3,"re...
Selector: app=myapp-cx,cx=yl
Replicas: 5 desired | 5 updated | 5 total | 5 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 0 max unavailable, 1 max surge 更新策略
Pod Template:
Labels: app=myapp-cx
cx=yl
Containers:
myapp-f:
Image: ikubernetes/myapp:v2
Port: 80/TCP
Host Port: 0/TCP
Liveness: tcp-socket :80 delay=0s timeout=1s period=10s #success=1 #failure=3
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Progressing True NewReplicaSetAvailable
Available True MinimumReplicasAvailable
OldReplicaSets: <none>
NewReplicaSet: myapp-dp-5ffd8b95f9 (5/5 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 56m deployment-controller Scaled up replica set myapp-dp-d86f5c644 to 10
Normal ScalingReplicaSet 37m deployment-controller Scaled down replica set myapp-dp-d86f5c644 to 3
Normal ScalingReplicaSet 25m deployment-controller Scaled up replica set myapp-dp-5ffd8b95f9 to 3
Normal ScalingReplicaSet 25m deployment-controller Scaled down replica set myapp-dp-d86f5c644 to 2
Normal ScalingReplicaSet 25m deployment-controller Scaled down replica set myapp-dp-d86f5c644 to 1
Normal ScalingReplicaSet 24m deployment-controller Scaled down replica set myapp-dp-d86f5c644 to 0
Normal ScalingReplicaSet 11m deployment-controller Scaled up replica set myapp-dp-5ffd8b95f9 to 5
使用 kubectl set image 更新镜像版本了,并且只更新一个版本,金丝雀发布方式
[root@master manifests]# kubectl set image deploy myapp-dp myapp-f=ikubernetes/myapp:v3 && kubectl rollout pause deploy myapp-dp deployment.extensions/myapp-dp image updated deployment.extensions/myapp-dp paused [root@master ~]# kubectl get pods -l app=myapp-cx -w NAME READY STATUS RESTARTS AGE myapp-dp-5ffd8b95f9-5fctb 1/1 Running 0 19m myapp-dp-5ffd8b95f9-mxcwk 1/1 Running 0 32m myapp-dp-5ffd8b95f9-pzzv7 1/1 Running 0 32m myapp-dp-5ffd8b95f9-rfhmf 1/1 Running 0 19m myapp-dp-5ffd8b95f9-wblsj 1/1 Running 0 32m myapp-dp-758bf787f4-lrbzj 0/1 Pending 0 0s myapp-dp-758bf787f4-lrbzj 0/1 Pending 0 0s myapp-dp-758bf787f4-lrbzj 0/1 ContainerCreating 0 0s myapp-dp-758bf787f4-lrbzj 1/1 Running 0 12s [root@master ~]# curl 10.244.1.52 Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a> [root@master ~]# curl 10.244.1.51 Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a> [root@master ~]# curl 10.244.2.32 Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a> [root@master ~]# curl 10.244.2.33 Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a> [root@master ~]# curl 10.244.2.34 Hello MyApp | Version: v3 | <a href="hostname.html">Pod Name</a> 只更新一个
继续下面的更新操作
[root@master manifests]# kubectl rollout resume deploy myapp-dp 继续这个控制器的更新操作 deployment.extensions/myapp-dp resumed
监控更新状态 [root@master ~]# kubectl get pods -l app=myapp-cx -w NAME READY STATUS RESTARTS AGE myapp-dp-5ffd8b95f9-5fctb 1/1 Running 0 19m myapp-dp-5ffd8b95f9-mxcwk 1/1 Running 0 32m myapp-dp-5ffd8b95f9-pzzv7 1/1 Running 0 32m myapp-dp-5ffd8b95f9-rfhmf 1/1 Running 0 19m myapp-dp-5ffd8b95f9-wblsj 1/1 Running 0 32m myapp-dp-758bf787f4-lrbzj 0/1 Pending 0 0s myapp-dp-758bf787f4-lrbzj 0/1 Pending 0 0s myapp-dp-758bf787f4-lrbzj 0/1 ContainerCreating 0 0s myapp-dp-758bf787f4-lrbzj 1/1 Running 0 12s myapp-dp-5ffd8b95f9-rfhmf 1/1 Terminating 0 29m myapp-dp-758bf787f4-zwp6c 0/1 Pending 0 0s myapp-dp-758bf787f4-zwp6c 0/1 Pending 0 0s myapp-dp-758bf787f4-zwp6c 0/1 ContainerCreating 0 0s myapp-dp-5ffd8b95f9-rfhmf 0/1 Terminating 0 29m myapp-dp-5ffd8b95f9-rfhmf 0/1 Terminating 0 29m myapp-dp-5ffd8b95f9-rfhmf 0/1 Terminating 0 29m myapp-dp-758bf787f4-zwp6c 1/1 Running 0 11s myapp-dp-5ffd8b95f9-5fctb 1/1 Terminating 0 30m myapp-dp-758bf787f4-t8bpk 0/1 Pending 0 0s myapp-dp-758bf787f4-t8bpk 0/1 Pending 0 0s myapp-dp-758bf787f4-t8bpk 0/1 ContainerCreating 0 0s myapp-dp-5ffd8b95f9-5fctb 0/1 Terminating 0 30m myapp-dp-758bf787f4-t8bpk 1/1 Running 0 1s myapp-dp-5ffd8b95f9-mxcwk 1/1 Terminating 0 43m myapp-dp-758bf787f4-n24d9 0/1 Pending 0 0s myapp-dp-758bf787f4-n24d9 0/1 Pending 0 0s myapp-dp-758bf787f4-n24d9 0/1 ContainerCreating 0 0s myapp-dp-5ffd8b95f9-5fctb 0/1 Terminating 0 30m myapp-dp-5ffd8b95f9-5fctb 0/1 Terminating 0 30m myapp-dp-5ffd8b95f9-mxcwk 0/1 Terminating 0 43m myapp-dp-758bf787f4-n24d9 1/1 Running 0 1s myapp-dp-5ffd8b95f9-wblsj 1/1 Terminating 0 43m myapp-dp-758bf787f4-n5hzm 0/1 Pending 0 0s myapp-dp-758bf787f4-n5hzm 0/1 Pending 0 0s myapp-dp-758bf787f4-n5hzm 0/1 ContainerCreating 0 0s myapp-dp-758bf787f4-n5hzm 1/1 Running 0 1s myapp-dp-5ffd8b95f9-wblsj 0/1 Terminating 0 43m myapp-dp-5ffd8b95f9-pzzv7 1/1 Terminating 0 43m myapp-dp-5ffd8b95f9-pzzv7 0/1 Terminating 0 43m myapp-dp-5ffd8b95f9-mxcwk 0/1 Terminating 0 43m myapp-dp-5ffd8b95f9-mxcwk 0/1 Terminating 0 43m myapp-dp-5ffd8b95f9-wblsj 0/1 Terminating 0 43m myapp-dp-5ffd8b95f9-wblsj 0/1 Terminating 0 43m myapp-dp-5ffd8b95f9-pzzv7 0/1 Terminating 0 43m myapp-dp-5ffd8b95f9-pzzv7 0/1 Terminating 0 43m
监控更新状态 [root@master ~]# kubectl rollout status deploy myapp-dp Waiting for deployment "myapp-dp" rollout to finish: 1 out of 5 new replicas have been updated... Waiting for deployment spec update to be observed... Waiting for deployment spec update to be observed... Waiting for deployment "myapp-dp" rollout to finish: 1 out of 5 new replicas have been updated... Waiting for deployment "myapp-dp" rollout to finish: 2 out of 5 new replicas have been updated... Waiting for deployment "myapp-dp" rollout to finish: 2 out of 5 new replicas have been updated... Waiting for deployment "myapp-dp" rollout to finish: 2 out of 5 new replicas have been updated... Waiting for deployment "myapp-dp" rollout to finish: 3 out of 5 new replicas have been updated... Waiting for deployment "myapp-dp" rollout to finish: 3 out of 5 new replicas have been updated... Waiting for deployment "myapp-dp" rollout to finish: 3 out of 5 new replicas have been updated... Waiting for deployment "myapp-dp" rollout to finish: 4 out of 5 new replicas have been updated... Waiting for deployment "myapp-dp" rollout to finish: 4 out of 5 new replicas have been updated... Waiting for deployment "myapp-dp" rollout to finish: 4 out of 5 new replicas have been updated... Waiting for deployment "myapp-dp" rollout to finish: 1 old replicas are pending termination... Waiting for deployment "myapp-dp" rollout to finish: 1 old replicas are pending termination... deployment "myapp-dp" successfully rolled out
查看更新pod
[root@master manifests]# kubectl get rs -o wide NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp-dp-5ffd8b95f9 0 0 0 46m myapp-f ikubernetes/myapp:v2 app=myapp-cx,cx=yl,pod-template-hash=5ffd8b95f9 myapp-dp-758bf787f4 5 5 5 13m myapp-f ikubernetes/myapp:v3 app=myapp-cx,cx=yl,pod-template-hash=758bf787f4 更新到v3 版 myapp-dp-d86f5c644 0 0 0 77m myapp-f ikubernetes/myapp:v1 app=myapp-cx,cx=yl,pod-template-hash=d86f5c644
回滚操作帮助介绍
[root@master manifests]# kubectl rollout undo --help
Rollback to a previous rollout.
Examples:
# Rollback to the previous deployment
kubectl rollout undo deployment/abc 默认回滚上一个版本
# Rollback to daemonset revision 3
kubectl rollout undo daemonset/abc --to-revision=3 这是指定回滚到那个版本,结合历史版本操作
# Rollback to the previous deployment with dry-run
kubectl rollout undo --dry-run=true deployment/abc
Options:
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
--dry-run=false: If true, only print the object that would be sent, without sending it.
-f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
-k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
-o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
-R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
--template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
--to-revision=0: The revision to rollback to. Default to 0 (last revision).
Usage:
kubectl rollout undo (TYPE NAME | TYPE/NAME) [flags] [options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
查看历史版本
[root@master manifests]# kubectl rollout history deploy myapp-dp
deployment.extensions/myapp-dp
REVISION CHANGE-CAUSE
1 <none>
2 <none>
3 <none>
回滚具体操作方法
[root@master manifests]# kubectl rollout undo deploy myapp-dp --to-revision=1 deployment.extensions/myapp-dp rolled back [root@master manifests]# kubectl get rs -o wide NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp-dp-5ffd8b95f9 0 0 0 55m myapp-f ikubernetes/myapp:v2 app=myapp-cx,cx=yl,pod-template-hash=5ffd8b95f9 myapp-dp-758bf787f4 0 0 0 22m myapp-f ikubernetes/myapp:v3 app=myapp-cx,cx=yl,pod-template-hash=758bf787f4 myapp-dp-d86f5c644 5 5 5 86m myapp-f ikubernetes/myapp:v1 app=myapp-cx,cx=yl,pod-template-hash=d86f5c644 回滚这个版本了