关键词:
资源:对象
- workload:Pod、ReplicaSet、Deployment、StatefulSet、DaemonSet、Job、Cronjob,…
- 服务发现及均衡:Service、Ingress
- 配置及存储:Volume、CSI
- ConfigMap、Secret
- DownwardAPI
- 集群级资源
- NameSpace、Node、Role、ClusterRole、RoleBinding、ClusterRoleBinding
- 元数据型资源
- HPA、PodTemplate、LimitRange
#获取apiServer所支持的apiversion
[root@master ~]# kubectl api-versions
admissionregistration.k8s.io/v1
apiextensions.k8s.io/v1
apiregistration.k8s.io/v1
apps/v1
authentication.k8s.io/v1
authorization.k8s.io/v1
autoscaling/v1
autoscaling/v2beta1
autoscaling/v2beta2
batch/v1
batch/v1beta1
certificates.k8s.io/v1
coordination.k8s.io/v1
discovery.k8s.io/v1
discovery.k8s.io/v1beta1
events.k8s.io/v1
events.k8s.io/v1beta1
flowcontrol.apiserver.k8s.io/v1beta1
networking.k8s.io/v1
node.k8s.io/v1
node.k8s.io/v1beta1
policy/v1
policy/v1beta1
rbac.authorization.k8s.io/v1
scheduling.k8s.io/v1
storage.k8s.io/v1
storage.k8s.io/v1beta1
v1
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 0/1 Error 0 23h
client-7c75c79d7c-h9994 0/1 CrashLoopBackOff 19 (2m14s ago) 23h
nginx 1/1 Running 2 (9m13s ago) 37h
nginx-deploy-7c948bcff4-jclqg 1/1 Running 1 (9m11s ago) 24h
nginx-deploy-7c948bcff4-mczxp 1/1 Running 1 (9m13s ago) 24h
#输出为yaml格式
[root@master ~]# kubectl get pods nginx -o yaml
#版本号,group/版本号,默认group为核心组
apiVersion: v1
#kind表示使用何种资源
kind: Pod
#元数据
metadata:
creationTimestamp: "2021-11-07T00:16:21Z"
labels:
run: nginx
name: nginx
namespace: default
resourceVersion: "17833"
uid: 8f1cd26f-b981-428f-a156-a92b7dee2cfd
#特性
spec:
containers:
#容器使用的镜像
- image: nginx:1.14
imagePullPolicy: IfNotPresent
#容器名称
name: nginx
ports:
- containerPort: 80
protocol: TCP
resources:
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-85lz5
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: node2
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-85lz5
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
#当前资源的当前状态
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2021-11-07T00:16:21Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2021-11-08T14:01:53Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2021-11-08T14:01:53Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2021-11-07T00:16:21Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://ef084460d6dc3183abd768dc89dbbbb0d9a0fab5809220d02f97e9230819ddff
image: nginx:1.14
imageID: docker-pullable://nginx@sha256:f7988fb6c02e0ce69257d9bd9cf37ae20a60f1df7563c3a2a6abe24160306b8d
lastState:
terminated:
containerID: docker://05be395a286ac086568ec8a80a8ce017c8165a46e0e27e2f7be1e302e1c5c2d2
exitCode: 255
finishedAt: "2021-11-08T14:01:16Z"
reason: Error
startedAt: "2021-11-07T13:18:48Z"
name: nginx
ready: true
restartCount: 2
started: true
state:
running:
startedAt: "2021-11-08T14:01:52Z"
hostIP: 192.168.88.103
phase: Running
podIP: 10.244.1.6
podIPs:
- ip: 10.244.1.6
qosClass: BestEffort
startTime: "2021-11-07T00:16:21Z"
#kubectl proxy命令就可以使API server监听在本地的8001端口上
[root@master ~]# kubectl proxy
Starting to serve on 127.0.0.1:8001
#通过curl访问本地资源,会返回json格式配置信息
[root@master ~]# curl http://localhost:8001/api/v1/namespaces/default/pods/myapp-7b595df7fc-9d92c
创建资源的方法:
- apiServer仅接收JSON格式的资源定义
- yaml格式提供配置清单,apiserver自动转化为JSON格式,然后提交
资源的配置清单
- apiVersion[group/version]
- kind:资源类别
- metadata:元数据
- name:必须是唯一的
- namespace:名称空间
- labels:标签
- annotation:注解
- 每个资源的引用PATH
- /api/GROUP/version/namespaces/namespace/type/name
- spec:期望的状态,disired state
- status:当前状态(current state)本字段由kubernetes集群维护
#通过explain来查看pods资源如何定义
[root@master ~]# kubectl explain pods
KIND: Pod
VERSION: v1
DESCRIPTION:
Pod is a collection of containers that can run on a host. This resource is
created by clients and scheduled onto hosts.
FIELDS:
... ...
metadata <Object>
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
... ...
#查看资源二级定义
[root@master ~]# kubectl explain pods.metadata
KIND: Pod
VERSION: v1
RESOURCE: metadata <Object>
DESCRIPTION:
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
ObjectMeta is metadata that all persisted resources must have, which
includes all objects users must create.
FIELDS:
annotations <map[string]string>
Annotations is an unstructured key value map stored with a resource that
may be set by external tools to store and retrieve arbitrary metadata. They
are not queryable and should be preserved when modifying objects. More
info: http://kubernetes.io/docs/user-guide/annotations
通过yaml创建pod
#yaml文件--注:yaml文件书写时,参数后面记得有空格
#通过kubectl explain查看配置属性,如有列表数据([]objects)书写yaml文件时可以使用[],对象数据使用
#通过kubectl explain查看配置属性,参数后面加【-required-】表示此参数为必须项
apiVersion: v1
kind: Pod
metadata:
name: pod-demo
namespace: default
labels:
app: myapp
tier: frontend
spec:
containers:
- name: nginx-new
image: nginx:1.14
- name: busybox
image: busybox:latest
command:
- "/bin/sh"
- "-c"
- "sleep 3600"
#通过yaml创建pod
[root@master manifests]# kubectl create -f nginx.yaml
pod/pod-demo created
[root@master manifests]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 0/1 Error 0 24h
client-7c75c79d7c-h9994 0/1 Completed 32 (5m25s ago) 24h
nginx 1/1 Running 2 (73m ago) 38h
nginx-deploy-7c948bcff4-jclqg 1/1 Running 1 (73m ago) 25h
nginx-deploy-7c948bcff4-mczxp 1/1 Running 1 (73m ago) 25h
pod-demo 2/2 Running 0 8s
#删除pod第一种方法
[root@master manifests]# kubectl delete -f nginx.yaml
pod "pod-demo" deleted
#删除pod第二种方法
[root@master manifests]# kubectl delete pod-demo
#查看日志
[root@master manifests]# kubectl logs pod-demo busybox
/bin/sh: can't create /usr/share/nginx/html/index.html: nonexistent directory
#-l 或 --selector 标签过滤,获取对应标签的资源列表
[root@master ~]# kubectl get pods --selector app=nginx-deploy
NAME READY STATUS RESTARTS AGE
nginx-deploy-7c948bcff4-jclqg 1/1 Running 2 (46m ago) 2d
nginx-deploy-7c948bcff4-mczxp 1/1 Running 2 (46m ago) 2d
#-L显示多个标签的值
[root@master ~]# kubectl get pods -L app,run
NAME READY STATUS RESTARTS AGE APP RUN
client 0/1 Error 0 47h client
client-7c75c79d7c-h9994 0/1 CrashLoopBackOff 47 (20s ago) 47h client
nginx 1/1 Running 3 (48m ago) 2d14h nginx
nginx-deploy-7c948bcff4-jclqg 1/1 Running 2 (48m ago) 2d nginx-deploy
nginx-deploy-7c948bcff4-mczxp 1/1 Running 2 (48m ago) 2d nginx-deploy
#kubectl label给指定的资源打标签
[root@master ~]# kubectl label pods nginx release=tye
pod/nginx labeled
# 查看标签设置情况
[root@master ~]# kubectl get pods -l release --show-labels
NAME READY STATUS RESTARTS AGE LABELS
nginx 1/1 Running 3 (52m ago) 2d14h release=tye,run=nginx
#如果设置标签时,标签已经存在值,需要使用--overwrite参数,否则不能进行修改
[root@master ~]# kubectl label pods nginx release=edison
error: 'release' already has a value (tye), and --overwrite is false
[root@master ~]# kubectl label pods nginx release=edison --overwrite
pod/nginx labeled
[root@master ~]# kubectl get pods -l release --show-labels
NAME READY STATUS RESTARTS AGE LABELS
nginx 1/1 Running 3 (54m ago) 2d14h release=edison,run=nginx
[root@master ~]# kubectl label pods nginx-deploy-7c948bcff4-jclqg release=tye
pod/nginx-deploy-7c948bcff4-jclqg labeled
[root@master ~]# kubectl get pods -l release
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 3 (61m ago) 2d14h
nginx-deploy-7c948bcff4-jclqg 1/1 Running 2 (61m ago) 2d
[root@master ~]# kubectl get pods -l release --show-labels
NAME READY STATUS RESTARTS AGE LABELS
nginx 1/1 Running 3 (61m ago) 2d14h release=edison,run=nginx
nginx-deploy-7c948bcff4-jclqg 1/1 Running 2 (61m ago) 2d app=nginx-deploy,pod-template-hash=7c948bcff4,release=tye
[root@master ~]# kubectl get pods -l release,app --show-labels
NAME READY STATUS RESTARTS AGE LABELS
nginx-deploy-7c948bcff4-jclqg 1/1 Running 2 (62m ago) 2d app=nginx-deploy,pod-template-hash=7c948bcff4,release=tye
[root@master ~]# kubectl get pods -l release=edison,run=nginx --show-labels
NAME READY STATUS RESTARTS AGE LABELS
nginx 1/1 Running 3 (62m ago) 2d14h release=edison,run=nginx
[root@master ~]# kubectl get pods -l release!=edison --show-labels
NAME READY STATUS RESTARTS AGE LABELS
client 0/1 Error 0 47h run=client
client-7c75c79d7c-h9994 0/1 CrashLoopBackOff 49 (4m54s ago) 47h app=client,pod-template-hash=7c75c79d7c
nginx-deploy-7c948bcff4-jclqg 1/1 Running 2 (63m ago) 2d app=nginx-deploy,pod-template-hash=7c948bcff4,release=tye
nginx-deploy-7c948bcff4-mczxp 1/1 Running 2 (63m ago) 2d app=nginx-deploy,pod-template-hash=7c948bcff4
#查找标签release为edison或tye的pod
[root@master ~]# kubectl get pods -l " release in (edison,tye)" --show-labels
NAME READY STATUS RESTARTS AGE LABELS
nginx 1/1 Running 3 (76m ago) 2d14h release=edison,run=nginx
nginx-deploy-7c948bcff4-jclqg 1/1 Running 2 (76m ago) 2d app=nginx-deploy,pod-template-hash=7c948bcff4,release=tye
#查找标签release非edison和tye的pod
[root@master ~]# kubectl get pods -l " release notin (edison,tye)" --show-labels
NAME READY STATUS RESTARTS AGE LABELS
client 0/1 Error 0 2d run=client
client-7c75c79d7c-h9994 0/1 CrashLoopBackOff 52 (4m5s ago) 2d app=client,pod-template-hash=7c75c79d7c
nginx-deploy-7c948bcff4-mczxp 1/1 Running 2 (77m ago) 2d app=nginx-deploy,pod-template-hash=7c948bcff4,release=dizzy
#查看node列表并显示标签
[root@master ~]# kubectl get node --show-labels
NAME STATUS ROLES AGE VERSION LABELS
master Ready control-plane,master 2d23h v1.22.3 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=master,kubernetes.io/os=linux,node-role.kubernetes.io/control-plane=,node-role.kubernetes.io/master=,node.kubernetes.io/exclude-from-external-load-balancers=
node1 Ready <none> 2d23h v1.22.3 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node1,kubernetes.io/os=linux
node2 Ready <none> 2d23h v1.22.3 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node2,kubernetes.io/os=linux
资源配置清单
自主式Pod资源
Pod资源:
spec.containers <[]Object>
- name
image
imagePullPolicy
Always:如果镜像标签【:latest】,默认使用此项
Never:总是不下载,需要用户手动下载镜像
IfNotPresent:如果镜像不使用latest,则使用此项,如果本地存在则不下载,不存在则从registry下载。
command:
labels:
key = value
key:字母、数字、_、-、.
value:可以为空,字母,数字开头及结尾,中间可使用字母,数字,下划线
标签选择器:
等值关系:=,==,!=
集合关系:
key in (value1,value2…)
key not in (value1,value2…)
key
!key不存在此键
许多资源支持内嵌字段定义标签选择器
matchLabels:直接给定键值
matchExpressions:基于给定的表达式来定义使用标签选择器,key:“key”,operator:“operator”,values:[value1,value2…]
操作符:
in,notin:values字段必须为非空列表
Exists,NotExists:values字段的值必须为空列表
[root@master ~]# kubectl explain pods.spec | grep nodeSelector
nodeSelector <map[string]string>
节点标签选择器:资源运行于指定的node节点上
nodeSelector <map[string]string>
NodeSelector is a selector which must be true for the pod to fit on a node.
Selector which must match a node’s labels for the pod to be scheduled on
that node. More info:
https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
指定node运行资源
nodeName
NodeName is a request to schedule this pod onto a specific node. If it is
non-empty, the scheduler simply schedules this pod onto that node, assuming
that it fits resource requirements.
annotations:
与label不同的地方,它不能用于挑选资源对象,仅用于为对象提供“元数据”
#在yaml文件的metadata中添加以下行
annotations:
tye.com/createby: cluster admin
[root@master manifests]# kubectl describe pods pod-demo
Name: pod-demo
Namespace: default
Priority: 0
Node: node2/192.168.88.103
Start Time: Tue, 09 Nov 2021 10:07:07 -0500
Labels: app=myapp
tier=frontend
Annotations: tye.com/createby: cluster admin
Pod的生命周期:
状态:
Pending:调试尚未完成
Running:运行状态
Failed:失败
Successed:
Unknown:
Pod生命周期中的重要行为:
初使化容器
容器探测
liveness:存活探测
readiness:
RestartPolicy:重启策略
Always:自动重启
OnFailure:
Never:不重启
Default to Always:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
探针类型
- ExecAction
- TCPSocketAction
- HTTPGetAction
#Exec探针yaml文件,判断目录是否存在
apiVersion: v1
kind: Pod
metadata:
name: liveness-exec-pod
namespace: default
spec:
containers:
- name: liveness-exec-container
image: busybox:latest
imagePullPolicy: IfNotPresent
command: ["/bin/sh","-c","touch /tmp/healty;sleep 30;rm -rf /tmp/healty;sleep 3600"]
livenessProbe:
exec:
command: ["test","-e","/tmp/healty"]
initialDelaySeconds: 2
periodSeconds: 3
#查看pod信息
[root@master manifests]# kubectl describe pod liveness-exec-pod
Name: liveness-exec-pod
Namespace: default
Priority: 0
Node: node1/192.168.88.102
Start Time: Wed, 10 Nov 2021 08:51:30 -0500
Labels: <none>
Annotations: <none>
Status: Running
IP: 10.244.3.14
IPs:
IP: 10.244.3.14
Containers:
liveness-exec-container:
Container ID: docker://09cfbe11120e3ff96c0cacfc5f83569a599dcfad1486581ce3215f3bc36d6343
Image: busybox:latest
Image ID: docker-pullable://busybox@sha256:139abcf41943b8bcd4bc5c42ee71ddc9402c7ad69ad9e177b0a9bc4541f14924
Port: <none>
Host Port: <none>
Command:
/bin/sh
-c
touch /tmp/healty;sleep 30;rm -rf /tmp/healty;sleep 3600
State: Running
Started: Wed, 10 Nov 2021 08:53:48 -0500
Last State: Terminated
Reason: Error
Exit Code: 137
Started: Wed, 10 Nov 2021 08:52:39 -0500
Finished: Wed, 10 Nov 2021 08:53:48 -0500
Ready: True
Restart Count: 2
Liveness: exec [test -e /tmp/healty] delay=2s timeout=1s period=3s #success=1 #failure=3
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-t76fk (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kube-api-access-t76fk:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 2m44s default-scheduler Successfully assigned default/liveness-exec-pod to node1
Warning Unhealthy 56s (x6 over 2m11s) kubelet Liveness probe failed:
Normal Killing 56s (x2 over 2m5s) kubelet Container liveness-exec-container failed liveness probe, will be restarted
Normal Pulled 26s (x3 over 2m44s) kubelet Container image "busybox:latest" already present on machine
Normal Created 26s (x3 over 2m44s) kubelet Created container liveness-exec-container
Normal Started 26s (x3 over 2m44s) kubelet Started container liveness-exec-container
readiness
#readiness-yaml文件
apiVersion: v1
kind: Pod
metadata:
name: readiness-httpget-pod
namespace: default
spec:
containers:
- name: readiness-exec-container
image: nginx:1.14
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
readinessProbe:
httpGet:
port: http
path: /index.html
initialDelaySeconds: 2
periodSeconds: 3
Pod控制器
ReplicaSet:管理无状态的Pod副本
- 用户期望的Pod副本数
- 标签选择器, 以便服务和管理Pod资源
- Pod模板:
Deployment:控制ReplicaSet
DaemonSet:
Job:一次性作业
CronJob:
StatefulSet:
TPR(Third Party Resources)
CDR(Custom Defined Resources)
Operator:
Helm:
通过yaml文件创建ReplicaSet
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: myapp
namespace: default
spec:
replicas: 2
selector:
matchLabels:
app: myapp
release: tye
template:
metadata:
name: myapp-pod
labels:
app: myapp
release: tye
enviroment: qa
spec:
containers:
- name: myapp-container
image: nginx:1.14
ports:
- name: http
containerPort: 80
[root@master manifests]# kubectl create -f rs-demo.yaml
replicaset.apps/myapp created
#查看ReplicaSet
[root@master manifests]# kubectl get rs
NAME DESIRED CURRENT READY AGE
client-7c75c79d7c 1 1 0 3d
myapp 2 2 2 5s
nginx-deploy-7c948bcff4 2 2 2 3d1h
[root@master manifests]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myapp-5v76c 1/1 Running 0 8m16s
myapp-ftfnd 1/1 Running 0 8m16s
#RS扩容
#通过kubectl edit rs [rsname]接修改replicas = [num]数量即可
#deploy-pod.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-deploy
namespace: default
spec:
replicas: 3
selector:
matchLabels:
app: myapp
release: tye
template:
metadata:
labels:
app: myapp
release: tye
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v2
ports:
- name: http
containerPort: 80
#应用一个配置至资源上,如果资源不存在则创建,如果存在则更新
[root@master manifests]# kubectl apply -f deploy-pod.yaml
#kubectl patch打补丁
[root@master ~]# kubectl patch deploy myapp-deploy -p '"spec":"replicas":5'
deployment.apps/myapp-deploy patched
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myapp-deploy-545b89888c-6gd2h 1/1 Running 0 11m
myapp-deploy-545b89888c-r49rk 1/1 Running 0 10m
myapp-deploy-545b89888c-svswl 1/1 Running 0 4s
myapp-deploy-545b89888c-vz967 1/1 Running 0 4s
myapp-deploy-545b89888c-zxcr5 1/1 Running 0 10m
[root@master manifests]# kubectl patch deployment myapp-deploy -p '"spec":"strategy":"rollingUpdate":"maxSurge":1,"maxUnavailable":0'
deployment.apps/myapp-deploy patched
[root@master manifests]# kubectl describe deploy myapp-deploy
Name: myapp-deploy
Namespace: default
CreationTimestamp: Thu, 11 Nov 2021 08:57:29 -0500
Labels: <none>
Annotations: deployment.kubernetes.io/revision: 2
Selector: app=myapp,release=tye
Replicas: 5 desired | 5 updated | 5 total | 5 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 0 max unavailable, 1 max surge
[root@master manifests]# kubectl set image deployment myapp-deploy myapp=ikubernetes/myapp:v3 && kubectl rollout pause deployment myapp-deploy
deployment.apps/myapp-deploy image updated
deployment.apps/myapp-deploy paused
[root@master ~]# kubectl get pods -l app=myapp -w
NAME READY STATUS RESTARTS AGE
myapp-deploy-545b89888c-6gd2h 1/1 Running 0 21m
myapp-deploy-545b89888c-r49rk 1/1 Running 0 20m
myapp-deploy-545b89888c-svswl 1/1 Running 0 10m
myapp-deploy-545b89888c-vz967 1/1 Running 0 10m
myapp-deploy-545b89888c-zxcr5 1/1 Running 0 20m
myapp-deploy-fbd4c499b-m9258 0/1 Pending 0 0s
myapp-deploy-fbd4c499b-m9258 0/1 Pending 0 0s
myapp-deploy-fbd4c499b-m9258 0/1 ContainerCreating 0 0s
myapp-deploy-fbd4c499b-m9258 1/1 Running 0 18s
#继续更新
[root@master manifests]# kubectl rollout resume deployment myapp-deploy
deployment.apps/myapp-deploy resumed
#监视deployment
[root@master manifests]# kubectl rollout status deployment myapp-deploy
Waiting for deployment "myapp-deploy" rollout to finish: 1 out of 5 new replicas have been updated...
[root@master manifests]# kubectl get rs -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
myapp-deploy-545b89888c 0 0 0 28m myapp ikubernetes/myapp:v2 app=myapp,pod-template-hash=545b89888c,release=tye
myapp-deploy-7dfc7b4f66 0 0 0 52m myapp ikubernetes/myapp:v1 app=myapp,pod-template-hash=7dfc7b4f66,release=tye
myapp-deploy-fbd4c499b 5 5 5 4m24s myapp ikubernetes/myapp:v3 app=myapp,pod-template-hash=fbd4c499b,release=tye
#查看回滚历史版本
[root@master manifests]# kubectl rollout history deployment myapp-deploy
deployment.apps/myapp-deploy
REVISION CHANGE-CAUSE
1 <none>
2 <none>
3 <none>
#回滚至第1版
[root@master manifests]# kubectl rollout undo deployment myapp-deploy --to-revision=1
deployment.apps/myapp-deploy rolled back
[root@master manifests]# kubectl rollout history deployment myapp-deploy
deployment.apps/myapp-deploy
REVISION CHANGE-CAUSE
2 <none>
3 <none>
4 <none>
#查看当前正在工作的deployment是v1版
[root@master manifests]# kubectl get rs -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
myapp-deploy-545b89888c 0 0 0 34m myapp ikubernetes/myapp:v2 app=myapp,pod-template-hash=545b89888c,release=tye
myapp-deploy-7dfc7b4f66 5 5 5 58m myapp ikubernetes/myapp:v1 app=myapp,pod-template-hash=7dfc7b4f66,release=tye
myapp-deploy-fbd4c499b 0 0 0 10m myapp ikubernetes/myapp:v3 app=myapp,pod-template-hash=fbd4c499b,release=tye
DeamonSet
[root@node1 ~]# docker pull ikubernetes/filebeat:5.6.5-alpine
5.6.5-alpine: Pulling from ikubernetes/filebeat
e6faa08065ed: Pull complete
1956334c4aa9: Pull complete
f3f537aca9dd: Pull complete
Digest: sha256:530f31ebf9194b0400303320579cafe21da890bd06446746fcedc2b65875e4eb
Status: Downloaded newer image for ikubernetes/filebeat:5.6.5-alpine
docker.io/ikubernetes/filebeat:5.6.5-alpine
# DaemonSet的yaml文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: redis
role: logstor
template:
metadata:
labels:
app: redis
role: logstor
spec:
containers:
- name: redis
image: redis:4.0-alpine
ports:
- name: redis
containerPort: 6379
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: myapp-ds
namespace: default
spec:
selector:
matchLabels:
app: filebeat
release: stable
template:
metadata:
labels:
app: filebeat
release: stable
spec:
containers:
- name: myapp
image: ikubernetes/filebeat:5.6.5-alpine
env:
- name: REDIS_HOST
value: redis.default.svc.cluster.local
- name: REDIS_LOG_LEVEL
value: info
[root@master manifests]# kubectl apply -f ds-demo.yaml
daemonset.apps/myapp-ds created
kubernetes学习笔记3资源清单
kubernetes对象:pod|service|replicaset|deployment|statefulset|daemonset|job|cronjob服务发现及均衡,service|ingress配置与存储,volume|CSI|ComfigMap|Secret|DownwardAPI集群级资源,namespace|node|role|ClusterRole|RoleBindin 查看详情
kubernetes(k8s)之编写资源清单(代码片段)
资源清单一级目录什么叫资源清单如何创建资源编写资源清单模板(格式)资源清单参数说明自主式Pod资源清单一级目录什么叫资源清单k8s中所有的内容都抽象为资源,资源实例化之后,叫做对象。在k8s中,... 查看详情
linux企业运维——kubernetespod资源清单
Linux企业运维——Kubernetes(三)Pod资源清单文章目录Linux企业运维——Kubernetes(三)Pod资源清单1、资源1.1、资源分类1.2、资源清单2、实践操作2.1、构建资源清单2.2、imagePullPolicy镜像拉取策略2.3、containerPort+hostP... 查看详情
linux学习-kubernetes之service(代码片段)
Service的三种代理模式userspace:1.1-iptables:1.10-ipvs:1.11+Service类型ExternalNameClusterIPNodePortLoadBlance资源记录SVC_NAME.NS_NAME.DOMAIN.LTD.默认:svc.cluster.local.ClusterIP#查看service定义[root@master~]#kubectlexplainsvc#创建一个deploym... 查看详情
k8s之资源清单定义基础(代码片段)
第1章创建资源的方法1.1用命令的方式创建创建一个pod为例kubectlcreatepodapp1.2资源清单定义注意:apiserver只接受JSON格式的格式定义的资源,yaml写的配置清单spiserver会自动将其转化为JSON格式然后再次进行提交为什么我们写资源清单方... 查看详情
k8s学习-资源清单(代码片段)
4、kubernetes使用4.1、资源清单api文档、api描述4.1.2、说明必须存在的属性主要的对象额外的参数项例子vimmy-app.ymlapiVersion:v1#kubectlapi-versions查看支持的版本#类型,如:Pod|ReplicationController|Deployment|Service|Ingresskind:Podmetadata:name:my-app 查看详情
docker&kubernetes❀kubernetes集群yaml语法与不同等级属性资源配置清单参数查询方法(代码片段)
文章目录1、资源配置清单2、YAML文件相关属性获取方式2.1一级属性2.2二级属性1、资源配置清单下面为一个nginxPod的YAML文件,以此为例:apiVersion:v1#必选,版本号,例如v1kind:Pod#必选,Podmetadata:#必选,元数据... 查看详情
云原生之kubernetes实战k8s集群核心资源对象之pod
【云原生之kubernetes实战】k8s集群核心资源对象之Pod一、Pod介绍1.pod简介2.pod的特点3.pod在k8s的应用4.k8s中的业务访问请求二、Pod的yaml文件清单中详细解释三、检查本地k8s集群状态1.检查系统pod状态2.检查工作节点状态四、使用kubectl... 查看详情
linux学习-kubernetes之secret和configmap(代码片段)
Secret将加密数据存储在etcd,Pod容器可以通过挂载Volume方式或通过变量方式访问#通过yaml创建SecretapiVersion:v1kind:Secretmetadata:name:mysecrettype:Opaquedata:username:bG90dXM=#以bash64方式加密usernamepassword:MTIzNDU2#以bash64方式加 查看详情
docker&kubernetes❀kubernetes集群实践与部署笔记知识点梳理
Kubernetes集群基本组件与工作流程Kubernetes集群安装部署过程与常见的错误解决方法Kubernetes集群资源的管理与配置Kubernetes集群YAML语法与不同等级属性资源配置清单参数查询方法Kubernetes集群资源Pod资源配置清单Kubernetes集群Pod生命... 查看详情
docker&kubernetes❀kubernetes集群service资源配置清单(代码片段)
文章目录1、基本概念1.1Userspace模式1.2Iptables模式1.3Ipvs模式(推荐使用)2、服务类型2.1服务类型3、服务使用方法3.1环境准备3.2ClusterIP类型3.2.1Endpoint3.2.2SessionAffinity3.3Headless类型3.4NodePort类型3.5LoadBalancer类型3.6ExternalName类 查看详情
kubernetes(k8s)资源管理/清单配置基础
控制平面:API-Service:运行于6443端口接入master节点地址的6443端口进行交互用户认证,双向认证SchedulerController工作平面:kube-proxy每个节点都有 核心资源:PodPodControllerdeploymentService 和解循环(ReconciliationLoop)客户端向APIServer... 查看详情
Kubernetes 清单 Terraform
】Kubernetes清单Terraform【英文标题】:KubernetesManifestTerraform【发布时间】:2022-01-1507:22:58【问题描述】:我正在尝试使用kubernetes_manifestterraform资源创建一个KubernetesIngress对象。它抛出以下错误:│Error:FailedtomorphmanifesttoOAPItype││w... 查看详情
docker&kubernetes❀kubernetes集群pod调度方式资源配置清单(代码片段)
文章目录1、调度方式产生背景2、定向调度2.1NodeName2.2NodeSelector3、亲和性调度3.1NodeAffinity3.1.1Required硬限制3.1.2Preferred软限制3.1.3注意事项3.2PodAffinity3.2.1测试环境准备3.2.2Required硬限制3.2.3Preferred软限制3.3PodAntiAffinity3.3.1Required硬 查看详情
docker&kubernetes❀kubernetes集群pod调度方式资源配置清单(代码片段)
文章目录1、调度方式产生背景2、定向调度2.1NodeName2.2NodeSelector3、亲和性调度3.1NodeAffinity3.1.1Required硬限制3.1.2Preferred软限制3.1.3注意事项3.2PodAffinity3.2.1测试环境准备3.2.2Required硬限制3.2.3Preferred软限制3.3PodAntiAffinity3.3.1Required硬 查看详情
linux企业运维——kubernetes(十五)容器资源限制(代码片段)
Linux企业运维——Kubernetes(十五)容器资源限制文章目录Linux企业运维——Kubernetes(十五)容器资源限制1、基本概念2、内存限制3、CPU限制4、为namespace设置资源限制5、为namespace设置资源配额6、为namespace配置Pod配... 查看详情
kubernetes学习总结(30)——kubernetesyaml最佳实践和策略(代码片段)
前言Kubernetesv工作负载最常用YAML格式的文件来定义。YAML的问题之一就是很难描述清单文件之间的约束或关系。如果你希望检查是否已从受信任的注册表中提取部署到群集中的所有映像,该怎么办?如何防止没有Pod安全策... 查看详情
kubernetes学习总结(30)——kubernetesyaml最佳实践和策略(代码片段)
前言Kubernetesv工作负载最常用YAML格式的文件来定义。YAML的问题之一就是很难描述清单文件之间的约束或关系。如果你希望检查是否已从受信任的注册表中提取部署到群集中的所有映像,该怎么办?如何防止没有Pod安全策... 查看详情