#学习及引用地址:https://kubesphere.com.cn/learn/level_2/lesson_1/content/
资源的创建方式
- 命令行
- ymal
- dashboard界面
Namesapce
名称空间 = Namespace,用来隔离资源
- 命令行创建与删除
kubectl create ns hello
kubectl delete ns hello
- ymal创建与删除
kubectl apply -f ns.yaml
kubectl delete -f ns.yaml
- ymal示例:(apiVersion默认V1,kind创建的是Namespace,metadata:name:名称空间的名字)
apiVersion: v1
kind: Namespace
metadata:
name: hello
Pod
运行中的一组容器,Pod是kubernetes中应用的最小单位.
一个pod可以装多个docker镜像
- 命令行
#创建pod,默认创建在default名称空间
kubectl run mynginx --image=nginx
# 查看default名称空间的Pod
kubectl get pod
# 描述
kubectl describe pod 你自己的Pod名字
# 删除
kubectl delete pod Pod名字
# 查看Pod的运行日志
kubectl logs Pod名字
# 每个Pod - k8s都会分配一个ip
kubectl get pod -owide
# 使用Pod的ip+pod里面运行容器的端口
curl 192.168.169.136
# ps:集群中的任意一个机器以及任意的应用都能通过Pod分配的ip来访问这个Pod
- ymal示例1(一个pod放一个镜像:1个nginx)
apiVersion: v1
kind: Pod
metadata:
labels:
run: mynginx
name: mynginx
# namespace: default
spec:
containers:
- image: nginx
name: mynginx
- ymal示例2(一个pod放两个镜像:1个nginx、1个tomcat)
apiVersion: v1
kind: Pod
metadata:
labels:
run: myapp
name: myapp
spec:
containers:
- image: nginx
name: nginx
- image: tomcat:8.5.68
name: tomcat
yaml2启动的pod应用如下图所示,但是还不能被外部访问。
Deployment
控制Pod,使Pod拥有多副本,自愈,扩缩容等能力
# 尝试清除所有Pod,比较下面两个命令有何不同效果?
# 单纯启动pod命令
kubectl run mynginx --image=nginx
# 使用deployment启动pod,这种方式有自愈能力
kubectl create deployment mytomcat --image=tomcat:8.5.68
多副本
- 命令行启动(3个副本,
replicas
)
kubectl create deployment my-dep --image=nginx --replicas=3
- yaml启动(关键参数:
kind: Deployment
、replicas: 3
,注意:
后一定要有空格)
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: my-dep
name: my-dep
spec:
replicas: 3
selector:
matchLabels:
app: my-dep
template:
metadata:
labels:
app: my-dep
spec:
containers:
- image: nginx
name: nginx
扩缩容
deployment 部署模式下,能随时扩缩容
- 命令行
# 方式一
kubectl scale --replicas=5 deployment/my-dep
# 在命令行里修改ymal配置文件
kubectl edit deployment my-dep
#找到并修改 replicas
自愈&故障转移
● 停机
● 删除Pod
● 容器崩溃
● …
滚动更新
一个pod一个pod更新,成功启动一个pod后才杀死之前的pod,保证实时可用。
- 命令行
kubectl set image deployment/my-dep nginx=nginx:1.16.1 --record
kubectl rollout status deployment/my-dep
-ymal修改
# 修改 kubectl edit deployment/my-dep
版本回退
k8s会自动保存pod的版本,随时回退
#历史记录
kubectl rollout history deployment/my-dep
#查看某个历史详情
kubectl rollout history deployment/my-dep --revision=2
#回滚(回到上次)
kubectl rollout undo deployment/my-dep
#回滚(回到指定版本)
kubectl rollout undo deployment/my-dep --to-revision=2
Service
将一组 Pods 公开为网络服务的抽象方法。
- 命令行创建
#暴露Deploy
kubectl expose deployment my-dep --port=8000 --target-port=80
#使用标签检索Pod
kubectl get pod -l app=my-dep
- ymal创建
apiVersion: v1
kind: Service
metadata:
labels:
app: my-dep
name: my-dep
spec:
selector:
app: my-dep
ports:
- port: 8000
protocol: TCP
targetPort: 80
ClusterIP
type: ClusterIP
的意思是,可以在K8S之间调用
- 命令行
# 等同于没有--type的
kubectl expose deployment my-dep --port=8000 --target-port=80 --type=ClusterIP
-ymal
apiVersion: v1
kind: Service
metadata:
labels:
app: my-dep
name: my-dep
spec:
ports:
- port: 8000
protocol: TCP
targetPort: 80
selector:
app: my-dep
type: ClusterIP
NodePort
type: NodePort
的意思是,可以用k8s任意的Node节点IP加端口的形式,被外部访问,并且还可以负载均衡!
NodePort范围在: 30000-32767
之间
- 命令行
kubectl expose deployment my-dep --port=8000 --target-port=80 --type=NodePort
- ymal
apiVersion: v1
kind: Service
metadata:
labels:
app: my-dep
name: my-dep
spec:
ports:
- port: 8000
protocol: TCP
targetPort: 80
selector:
app: my-dep
type: NodePort
Ingress
Service的统一网关入口 — Ingress
Ingress安装
下载ymal,修改,安装:
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.47.0/deploy/static/provider/baremetal/deploy.yaml
#修改镜像
vi deploy.yaml
#将image的值改为如下值:
registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/ingress-nginx-controller:v0.46.0
# 检查安装的结果
kubectl get pod,svc -n ingress-nginx
# 最后别忘记把svc暴露的端口要放行
修改后的ymal如下:
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
---
# Source: ingress-nginx/templates/controller-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
helm.sh/chart: ingress-nginx-3.33.0
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.47.0
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller
name: ingress-nginx
namespace: ingress-nginx
automountServiceAccountToken: true
---
# Source: ingress-nginx/templates/controller-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
labels:
helm.sh/chart: ingress-nginx-3.33.0
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.47.0
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: controller
name: ingress-nginx-controller
namespace: ingress-nginx
data:
---
# Source: ingress-nginx/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
helm.sh/chart: ingress-nginx-3.33.0
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/version: 0.47.0
app.kubernetes.io/managed-by: Helm
name: ingress-nginx
rules:
- apiGroups:
- ''
resources:
- configmaps
- endpoints
- nodes
- pods
- secrets
verbs:
- list
- watch
- apiGroups:
- ''
resources:
- nodes
verbs:
- get
- apiGroups:
- ''
resources:
- services
verbs:
- get