当前位置: 移动技术网 > 科技>操作系统>Linux > kubernetes系列06—kubernetes资源清单定义入门

kubernetes系列06—kubernetes资源清单定义入门

2019年01月25日  | 移动技术网科技  | 我要评论

本文收录在

1、认识kubernetes资源

1.1 常用资源/对象

  •  workload工作负载型资源:pod,replicaset,deployment,statefulset,daemonset,job...
  •  服务器发现及均衡:service,lngress...
  •  配置与存储:volume,csi
    •  configmap,secret
    •  downwardapi
  •  集群级资源
    •  namespace,node,role,clusterrole,rolebinding,clusterrolebinding
  •  元数据型资源
    •  hpa,podtemplate,limitrange

 

1.2 创建资源的方法

  •  apiserver 仅接受json格式的资源定义;
  •  yaml格式提供配置清单apiserver 可自动将其转为json格式,而后再提交;

 

1.3 大部分(主流)资源的配置清单:有5个一级字段组成

  •  apiservergroup/version
    •  查询当前支持哪些apiserver$ kubectl api-versions
  •  kind:资源类别
  •  metadata:元数据
    •  name:名称
    •  namespace:名称空间
    •  labels:标签
    •  annotation:资源注解
    •  selflink:每个资源的引用path/api/group/version/namespaces/namespace/type/name
  •  spec:期望的状态(disired state),期望资源应该用于什么特性
  •  status:当前状态(current state),本字段由kubernetes集群维护,用户不能自己定义

 

1.4 使用kubectl explain查询每个资源如何配置

1)例如查询如何定义pod资源

[root@master ~]# kubectl explain pod
kind:     pod
version:  v1

description:
     pod is a collection of containers that can run on a host. this resource is
     created by clients and scheduled onto hosts.

fields:
   apiversion	<string>
... ...
   kind	<string>
... ...

   metadata	<object>
... ...
   spec	<object>
... ...
   status	<object>
... ...

  

2)能一级一级进入查询;如查询定义pod metadata字段

[root@master ~]# kubectl explain pod.spec
kind:     pod
version:  v1

resource: spec <object>

description:
... ...

fields:
... ..
   affinity	<object>
... ...
[root@master ~]# kubectl explain pod.spec.containers
kind:     pod
version:  v1

resource: containers <[]object>

description:
... ...
fields:
   args	<[]string>
... ...
   command	<[]string>
... ...

自己定义资源时,不清楚如何定义,可以进行快速的查询

 

1.5 示例

1)查询集群中的pod(上篇创建的pod

[root@master ~]# kubectl get pods
name                          ready     status    restarts   age
client                        1/1       running   0          4h
myapp-848b5b879b-9slqg        1/1       running   0          46m
myapp-848b5b879b-wtrjr        1/1       running   0          46m
myapp-848b5b879b-z2sqc        1/1       running   0          46m

  

2-o yaml输出为yaml格式,查看pod创建的操作

[root@master ~]# kubectl get pod myapp-848b5b879b-9slqg -o yaml
apiversion: v1  #api版本
kind: pod  #资源类别
metadata:  #元数据
  annotations:
    cni.projectcalico.org/podip: 10.244.1.60/32
  labels:
    pod-template-hash: "4046164356"
    run: myapp
  name: myapp-848b5b879b-9slqg
  namespace: default
... ...
  selflink: /api/v1/namespaces/default/pods/myapp-848b5b879b-9slqg
spec:  #规格、规范;期望资源应该用于什么特性;期望目标状态
... ...
status:  #当前状态
... ...

  

1.6 演示:基于yaml格式文件,创建pod

[root@master ~]# mkdir manifests
[root@master ~]# cd manifests/

 

1)编写pod-demo.yaml文件

创建2个容器,一个运行nginx;一个在busybox中执行sleep命令

[root@master manifests]# vim pod-demo.yaml 
apiversion: v1
kind: pod
metadata:
  name: pod-demo
  namespace: default
  #labels: {app:myapp, tier:frontend} #映射可以写为{}形式;
  labels: #也可以在下边分级写
    app: myapp
    tier: frontend
spec:
  containers:
  - name: myapp
    image: ikubernetes/myapp:v1
  - name: busybox
    image: busybox:latest
    #command: ["/bin/sh","-c","sleep 3600"]  #列表可以写为[]形式;
    command: #也可以在下边分级写,要加-
    - "/bin/sh"
    - "-c"
    - "sleep 3600"

  

2)基于pod-demo.yaml 文件创建create pod

[root@master manifests]# kubectl create -f pod-demo.yaml 
pod/pod-demo created

  

3)验证

查询创建pod的信息

[root@master manifests]# kubectl create -f pod-demo.yaml
pod/pod-demo created
[root@master manifests]# kubectl get pods -o wide
name       ready     status    restarts   age       ip            node
pod-demo   2/2       running   0          1m        10.244.1.61   node1
---查看详细信息
[root@master manifests]# kubectl describe pods pod-demo
name:               pod-demo
namespace:          default
... ...

访问pod中的服务

[root@master manifests]# curl 10.244.1.61
hello myapp | version: v1 | <a href="hostname.html">pod name</a>
---查询pod产生的日志
[root@master manifests]# kubectl logs pod-demo myapp
192.168.130.104 - - [23/jan/2019:05:35:35 +0000] "get / http/1.1" 200 65 "-" "curl/7.29.0" "-"

基于yaml文件删除pod

[root@master manifests]# kubectl delete -f pod-demo.yaml 
pod "pod-demo" deleted
[root@master manifests]# kubectl get pods
no resources found.

  

2pod资源

2.1 pod资源常用选项

  •  metadata.label:标签
    •  key=value
      •  key:字母、数字、_-.
      •  value:可以为空,只能字母或数字开头及结尾,中间可使用字母、数字、_-.
  •  metadata.annotations:资源注解
  •  spec.containers <[]object>
    •  - name:容器名称
    •    image:镜像
    •    imagepullpolicy:下载镜像规则,若镜像时latest标签,默认是always;否则默认ifnotpresen
      •  always总是镜像,never不下载镜像,ifnotpresent本地有则不下载
    •  ports:从容器中公开的端口列表
      •  containerportpod中服务的端口号
      •  hostip:暴露绑定在主机哪个ip
      •  hostport:暴露在主机的端口号
      •  name:暴露这个端口的名称
    •  args:参数
    •  command:执行命令
  •  spec.nodeselector:节点标签选择器

 

2.2 演示

1)修改pod-demo.yaml文件

[root@master manifests]# vim pod-demo.yaml 
apiversion: v1
kind: pod
metadata:
  name: pod-demo
  namespace: default
  #labels: {app:myapp, tier:frontend} #映射可以写为{}形式;
  labels: #也可以在下边分级写
    app: myapp
    tier: frontend
  annotations:
    along.com/created-by: "cluster admin"
spec:
  containers:
  - name: myapp
    image: ikubernetes/myapp:v1
    ports:
    - name: http
      containerport: 80
    - name: https
      containerport: 443
  - name: busybox
    image: busybox:latest
    imagepullpolicy: ifnotpresent
    #command: ["/bin/sh","-c","sleep 3600"]  #列表可以写为[]形式;
    command: #也可以在下边分级写,要加-
    - "/bin/sh"
    - "-c"
    - "sleep 3600"
  nodeselector:
    disktype: ssd

  

2)将node1节点打上disktype=ssd的标签

[root@master manifests]# kubectl label node node1 disktype=ssd
[root@master manifests]# kubectl get nodes node1 --show-labels
name      status    roles     age       version   labels
node1     ready     <none>    140d      v1.11.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,disktype=ssd,kubernetes.io/hostname=node1

  

3)基于yaml文件创建pod

[root@master manifests]# kubectl create -f pod-demo.yaml 
pod/pod-demo created

  

4)验证

--- pod只会创建到node1节点上,因为node1的disktype=ssd标签
[root@master manifests]# kubectl get pod -o wide
name       ready     status    restarts   age       ip            node
pod-demo   2/2       running   0          11s       10.244.1.68   node1
--- -l 指定标签,实现标签过滤
[root@master manifests]# kubectl get pods --show-labels -l app
name       ready     status    restarts   age       labels
pod-demo   2/2       running   0          30s       app=myapp,tier=frontend

  

3pod健康检测

3.1 pod健康检测介绍

  •  pod健康检测分为存活性探测、 就绪型探测;这在生产环境几乎是必须配置的;
  •  如果没有就绪型探测;pod一启动就会被分配用户流量;若pod中的服务像tomcat等,需要时间启动;就会导致有一定时间,用户访问不到服务;
  •  如果没有存活性探测:pod中服务一旦失败,没有检测,不会将容器重启关闭;也会导致用户访问服务失败。

 

3.2 pod健康检测选项

1)在spec字段下、containers字段配置,可使用explain查看详细用法

$ kubectl explain pod.spec.containers.

  •  livenessprobe 存活性探测
    •  exec:指定检测的命令
    •  failurethreshold:连续失败次数被认为失败,默认为3,最小值为1
    •  httpget:指定要执行的http请求
    •  initialdelayseconds:在容器启动多少秒后再检测
    •  periodseconds:每隔多少秒探测一次;默认为10秒。最低限度值是1
    •  successthreshold:连续成功次数认为服务正常
    •  tcpsocket:定涉及tcp端口的操作
    •  timeoutseconds:探测超时的秒数,默认为1
  •  readinessprobe 就绪型探测(和livenessprobe 存活性探测选项一样)

 

2pod中容器挂了,是否重启pod

$ kubectl explain pod.spec.restartpolicy.   

  • always:总是重启(默认)
  • onfailure:只有容器状态为错误时,才重启
  • never:绝不重启

 

3.3 演示:exec方式实现存活性探测

1)编写yaml文件

当探测到/tmp/healthy文件不存在时,认为服务故障;

容器在30秒后执行删除/tmp/healthy文件

[root@master manifests]# vim liveness-exec.yaml
apiversion: v1
kind: pod
metadata:
  name: liveness-exec-pod
  namespace: default
spec:
  containers:
  - name: liveness-exec-container
    image: busybox:latest
    imagepullpolicy: ifnotpresent
    command: ["/bin/sh","-c","touch /tmp/healthy; sleep 30; rm -f /tmp/healthy; sleep 3600"]
    livenessprobe:
      exec:
        command: ["test","-e","/tmp/healthy"]
      initialdelayseconds: 1  #在容器启动后1秒开始检测
      periodseconds: 3  #每隔3秒探测一次
  restartpolicy: always  #总是重启pod

  

2)创建运行pod

[root@master manifests]# kubectl create -f liveness-exec.yaml 
pod/liveness-exec-pod created
[root@master manifests]# kubectl get pods
name                ready     status        restarts   age
liveness-exec-pod   1/1       running       0          6s

  

3)等30s,容器就会检测失败,重启pod;使用describe可以查看详细信息

[root@master manifests]# kubectl describe pods liveness-exec-pod
... ...
    state:          running
      started:      wed, 23 jan 2019 16:58:09 +0800
    last state:     terminated  #上次状态为终止
      reason:       error
      exit code:    137
      started:      wed, 23 jan 2019 16:57:01 +0800
      finished:     wed, 23 jan 2019 16:58:09 +0800
    ready:          true
    restart count:  1  #重启次数1次
    liveness:       exec [test -e /tmp/healthy] delay=1s timeout=1s period=3s #success=1 #failure=3
... ...

  

3.4 演示:httpget方式实现存活性探测

1)编写yaml文件,创建并运行pod

当探测不到容器内80端口,和提供80端口的/文件时,认为服务故障;

[root@master manifests]# vim liveness-httpget.yaml
apiversion: v1
kind: pod
metadata:
  name: liveness-httpget-pod
  namespace: default
spec:
  containers:
  - name: liveness-exec-container
    image: ikubernetes/myapp:v1
    ports:
    - name: http
      containerport: 80
    livenessprobe:
      httpget:
        port: http
        path: /
      initialdelayseconds: 1
      periodseconds: 3
  restartpolicy: always
[root@master manifests]# kubectl create -f liveness-httpget.yaml
pod/liveness-httpget-pod created

  

2)手动连入容器,删除文件

[root@master manifests]# kubectl exec -it liveness-httpget-pod -- /bin/sh
/ # rm -f /usr/share/nginx/html/

  

3)容器会检测失败,重启pod;使用describe可以查看详细信息

[root@master manifests]# kubectl describe pods liveness-httpget-pod
... ...
    port:           80/tcp
    host port:      0/tcp
    state:          running
      started:      wed, 23 jan 2019 17:10:03 +0800
    last state:     terminated  #上次状态为终止
      reason:       completed
      exit code:    0
      started:      wed, 23 jan 2019 17:08:22 +0800
      finished:     wed, 23 jan 2019 17:10:03 +0800
    ready:          true
    restart count:  1  #重启次数1次
    liveness:       http-get http://:http/ delay=1s timeout=1s period=3s #success=1 #failure=3
... ...

  

3.5 演示:exec方式实现就绪性探测

1)编写yaml文件,创建启动容器

当探测到/tmp/healthy文件不存在时,就认为服务就绪不成功;pod启动失败;

[root@master manifests]# vim readiness-exec.yaml
apiversion: v1
kind: pod
metadata:
  name: readiness-exec-pod
  namespace: default
spec:
  containers:
  - name: readiness-exec-container
    image: busybox:latest
    imagepullpolicy: ifnotpresent
    #command: ["/bin/sh","-c","touch /tmp/healthy; sleep 30; rm -f /tmp/healthy; sleep 3600"]
    command: ["sleep 3600"]
    readinessprobe:
      exec:
        command: ["test","-e","/tmp/healthy"]
      periodseconds: 3
  restartpolicy: always
[root@master manifests]# kubectl create -f readiness-exec.yaml
pod/readiness-exec-pod created

  

2)查看,pod启动就绪失败

[root@master ~]# kubectl get pods
name                 ready     status              restarts   age
readiness-exec-pod   0/1       runcontainererror   1          12s

  

4pod启动前/后钩子

4.1 介绍

  •  pod在启动前后都可以设置钩子hook;在spec.containers.lifecycle字段下设置;
  •  poststart:创建容器后立即调用poststart操作;如果失败,根据重启策略终止;
  •  prestop:在容器终止之前立即调用prestop操作,该容器在处理程序完成后终止

 

4.2 语法

$ kubectl explain pod.spec.containers.lifecycle

  •  poststart
    •  exec:指定了要采取的命令;
    •  httpget:指定要执行的http请求;
    •  tcpsocket:指定涉及tcp端口的操作
  •  prestop (和poststart命令一样)

 

4.3 演示:使用exec设置pod启动前钩子

1)编写yaml文件,创建启动容器

启动容器前,先创建准备一个httpd服务的主页面文件/tmp/

[root@master manifests]# vim poststart-pod.yaml
apiversion: v1
kind: pod
metadata:
  name: poststart-pod
  namespace: default
spec:
  containers:
  - name:  poststart-container
    image: busybox:latest
    imagepullpolicy: ifnotpresent
    lifecycle:
      poststart:
        exec:
          command: ['/bin/sh','-c','echo hello > /tmp/']
    command: ['/bin/sh','-c','/bin/httpd -f -h /tmp']
[root@master manifests]# kubectl create -f poststart-pod.yaml 
pod/poststart-pod created

  

2)验证,访问服务

[root@master ~]# kubectl get pods -o wide
name            ready     status    restarts   age       ip            node
poststart-pod   1/1       running   0          26s       10.244.2.69   node2
[root@master ~]# curl 10.244.2.69
hello

  

 

您可能感兴趣的文章:

如对本文有疑问, 点击进行留言回复!!

相关文章:

验证码:
最近更新的文章
大家感兴趣的文章
移动技术网