一、前言
在 Kubernetes 中,Pod 控制器是一种控制器对象,负责管理一组相关联的 Pod,并确保它们按照用户定义的规范进行运行。Pod 控制器负责 Pod 的创建、更新和删除,并确保它们的副本数保持在用户指定的范围内,Kubernetes 中常见的几种 Pod 控制器有以下几种ReplicaSet、Deployment、StatefulSet、DaemonSet、Job 和 CronJob
二、使用
deployment
Deployment 构建在 ReplicaSet 之上,提供了对 Pod 的声明式部署和更新。Deployment 允许用户定义应用程序的期望状态,并处理部署的滚动更新。它还支持回滚操作,以便在更新过程中发生问题时回滚到先前的稳定状态,用于部署无状态服务
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: api-gateway
name: api-gateway
namespace: java-service
spec:
replicas: 2
progressDeadlineSeconds: 600
minReadySeconds: 10
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
selector:
matchLabels:
app: api-gateway
template:
metadata:
labels:
app: api-gateway
spec:
containers:
- name: api-gateway
image: harbor.apex.com/jdk/api-gateway:1.0.6
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8888
readinessProbe:
tcpSocket:
port: 8888
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 2
successThreshold: 1
failureThreshold: 2
livenessProbe:
tcpSocket:
port: 8888
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
failureThreshold: 2
restartPolicy: Always
daemonset
DaemonSet 用于在 Kubernetes 集群的每个节点上运行一个副本的 Pod。它通常用于部署运行系统级任务的 Pod,如日志收集、监控、网络代理等。DaemonSet 中的 Pod 在节点加入和离开集群时会自动调度和删除
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: filebeat
namespace: elk
labels:
app: filebeat
spec:
selector:
matchLabels:
app: filebeat
template:
metadata:
labels:
app: filebeat
spec:
serviceAccountName: filebeat
terminationGracePeriodSeconds: 30
containers:
- name: filebeat
image: elastic/filebeat:7.17.10
args: [
"-c", "/etc/filebeat.yml",
"-e",
]
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
securityContext:
runAsUser: 0
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 100m
memory: 100Mi
statefulset
StatefulSet 用于管理有状态应用程序,如数据库。与 ReplicaSet 不同,StatefulSet 中的每个 Pod 都有唯一的标识符和稳定的网络标识符。StatefulSet 确保 Pod 的创建和删除顺序,并提供持久性存储,以便在 Pod 重新调度或故障转移时保留数据
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: rabbitmq
namespace: rabbitmq
spec:
podManagementPolicy: Parallel #所有pod并行执行
serviceName: rabbitmq-headless #使用无头服务的svc
selector:
matchLabels:
app: rabbitmq
replicas: 3 #副本数3
template:
metadata:
labels:
app: rabbitmq
annotations:
pod.alpha.kubernetes.io/initialized: "true"
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "app"
operator: In
values:
- rabbitmq
topologyKey: "kubernetes.io/hostname"
serviceAccountName: rabbitmq
terminationGracePeriodSeconds: 10
containers:
- name: rabbitmq
image: rabbitmq:3.10-management
securityContext:
runAsUser: 1000
resources:
limits:
cpu: 2
memory: 2Gi
requests:
cpu: 1
memory: 1Gi
volumeMounts:
- name: config-volume
mountPath: /etc/rabbitmq
- name: rabbitmq-data
mountPath: /var/lib/rabbitmq/mnesia
ports:
- name: http
protocol: TCP
containerPort: 15672
- name: amqp
protocol: TCP
containerPort: 5672
livenessProbe:
exec:
command: ["rabbitmq-diagnostics", "status"]
initialDelaySeconds: 60
periodSeconds: 60
timeoutSeconds: 5
readinessProbe:
exec:
command: ["rabbitmq-diagnostics", "status"]
initialDelaySeconds: 20
periodSeconds: 60
timeoutSeconds: 5
imagePullPolicy: Always
volumes:
- name: config-volume
configMap:
name: rabbitmq-config
items:
- key: rabbitmq.conf
path: rabbitmq.conf
- key: enabled_plugins
path: enabled_plugins
volumeClaimTemplates:
- metadata:
name: rabbitmq-data
spec:
storageClassName: "rabbitmq-pv"
accessModes: [ "ReadWriteMany" ]
resources:
requests:
storage: 30Gi
job、cronjob
Job 用于一次性任务的批处理作业,而 CronJob 用于周期性执行任务的作业。它们负责创建一个或多个 Pod 来执行任务,并在任务完成后终止 Pod。CronJob 可以按照预定的时间表周期性地执行 Job
apiVersion: batch/v1
kind: Job
metadata:
name: data-backup-job
spec:
template:
spec:
containers:
- name: backup-container
image: backup-image
# 填写容器的其它配置
restartPolicy: OnFailure
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: data-cleanup-cronjob
spec:
schedule: "0 0 * * *" #每天凌晨执行数据清理任务
jobTemplate:
spec:
template:
spec:
containers:
- name: cleanup-container
image: cleanup-image
# 填写容器的其它配置
restartPolicy: OnFailure
# 设置 CronJob 的执行计划为每天凌晨执行