k8s常用命令
pod分类
自主式Pod
知我管理的pod,创建以后任然需要提交给apiserver,由apiserver就收后借助于调度器至指定的node节点,由node启动pod,如果pod出现故障,重启容器由kubectl来完成,如果node节点出现故障,那么pod将消失。
控制器管理的pod
常见的pod控制器
RepilcationController
当启动一个pod时,这个pod如果不够用可以启动一个副本,而后由控制器来管理同一类型pod的各种副本与对象。一旦副本少了就会自动增加,采取多退少补的规则,支持滚动更新
ReplicaSet
由一个名叫Deploymnet的声明更新的控制器来管理
Deployment
Deployment只能管理无状态的应用
StateFulSet
有状态的副本集,可以管理有状态的应用
DaemonSet
如果需要在每个node上运行一个副本的时候可以用DaemonSet
网络模型
四种网络
Docker容器和Docker容器之间的网络
在k8s中每个Pod中管理着一组Docker容器,这些Docker容器共享同一个网络命名空间。
Pod中的每个Docker容器拥有与Pod相同的IP和port地址空间,并且由于他们在同一个网络命名空间,他们之间可以通过localhost相互访问。 什么机制让同一个Pod内的多个docker容器相互通信那?其实是使用Docker的一种网络模型:–net=container
Pod与Pod之间的网络
k8s中,每个Pod拥有一个ip地址,不同的Pod之间可以直接使用改ip与彼此进行通讯
在同一个Node上,从Pod的视角看,它存在于自己的网络命名空间中,并且需要与该Node上的其他网络命名空间上的Pod进行通信。
Pod与Service之间的网络
通过网桥这里把veth0和veth1组成为一个以太网,他们直接是可以直接通信的,另外这里通过veth对让pod1的eth0和veth0、pod2的eth0和veth1关联起来,从而让pod1和pod2相互通信。
Pod 1通过自己默认的以太网设备eth0发送一个数据包,eth0把数据传递给veth0,数据包到达网桥后,网桥通过转发表把数据传递给veth1,然后虚拟设备veth1直接把包传递给Pod2网络命名空间中的虚拟设备eth0.
Internet与Service之间的网络
首先pod1通过自己的以太网设备eth0把数据包发送到关联到root命名空间的veth0上,然后数据包被Node1上的网桥设备cbr0接受到,网桥查找转发表发现找不到pod4的Mac地址,则会把包转发到默认路由(root命名空间的eth0设备),然后数据包经过eth0就离开了Node1,被发送到网络。
数据包到达Node2后,首先会被root命名空间的eth0设备,然后通过网桥cbr0把数据路由到虚拟设备veth1,最终数据表会被流转到与veth1配对的另外一端(pod4的eth0)
k8s主要由以下几个核心组件组成:
- etcd保存了整个集群的状态;
- apiserver提供了资源操作的唯一入口,并提供认证、授权、访问控制、API注册和发现等机制;
- controller manager负责维护集群的状态,比如故障检测、自动扩展、滚动更新等;
- scheduler负责资源的调度,按照预定的调度策略将Pod调度到相应的机器上;
- kubelet负责维护容器的生命周期,同时也负责Volume(CVI)和网络(CNI)的管理;
- Container runtime负责镜像管理以及Pod和容器的真正运行(CRI);
- kube-proxy负责为Service提供cluster内部的服务发现和负载均衡;
k8s常用命令
create创建命令
[root@master ~]# kubectl create --help
........
Available Commands:
clusterrole Create a ClusterRole.
clusterrolebinding 为一个指定的 ClusterRole 创建一个 ClusterRoleBinding
configmap 从本地 file, directory 或者 literal value 创建一个 configmap
cronjob Create a cronjob with the specified name.
deployment Create a deployment with the specified name.
ingress Create an ingress with the specified name.
job Create a job with the specified name.
namespace 创建一个指定名称的 namespace
poddisruptionbudget 创建一个指定名称的 pod disruption budget.
priorityclass Create a priorityclass with the specified name.
quota 创建一个指定名称的 quota.
role Create a role with single rule.
rolebinding 为一个指定的 Role 或者 ClusterRole创建一个 RoleBinding
secret 使用指定的 subcommand 创建一个 secret
service 使用指定的 subcommand 创建一个 service.
serviceaccount 创建一个指定名称的 service account
........
[root@master ~]# kubectl create deployment --help
Examples:
# Create a deployment named my-dep that runs the busybox image.
kubectl create deployment my-dep --image=busybox
# Create a deployment with command
kubectl create deployment my-dep --image=busybox -- date
# Create a deployment named my-dep that runs the nginx image with 3 replicas.
kubectl create deployment my-dep --image=nginx --replicas=3
# Create a deployment named my-dep that runs the busybox image and expose port 5701.
kubectl create deployment my-dep --image=busybox --port=5701
创建一个deployment类型nginx的容器
[root@master ~]# kubectl create deployment nginx --image nginx
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6799fc88d8-cfgpr 1/1 Running 2 21h
创建多个deployment类型容器
[root@master ~]# kubectl create deployment myapp --image nginx --replicas 3
deployment.apps/myapp created
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myapp-6d8d776547-25mzl 1/1 Running 0 50s
myapp-6d8d776547-jth49 1/1 Running 0 50s
myapp-6d8d776547-s62lx 1/1 Running 0 50s
nginx-6799fc88d8-cfgpr 1/1 Running 2 21h
创建一个deployment类型的容器并暴露端口 80
[root@master ~]# kubectl create deployment test --image nginx --port 80
deployment.apps/test created
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myapp-6d8d776547-25mzl 1/1 Running 0 7m11s
myapp-6d8d776547-jth49 1/1 Running 0 7m11s
myapp-6d8d776547-s62lx 1/1 Running 0 7m11s
nginx-6799fc88d8-cfgpr 1/1 Running 2 22h
test-7968d6985c-2gmxt 1/1 Running 0 18s
映射容器端口
[root@master ~]# kubectl expose deployment myapp --port 8080 --target-port 80
service/myapp exposed
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 22h
myapp ClusterIP 10.99.62.73 <none> 8080/TCP 31s
nginx NodePort 10.97.131.40 <none> 80:30133/TCP 22h
[root@master ~]# curl 10.99.62.73:8080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
查看容器的yaml格式
[root@master ~]# kubectl get deployment myapp -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
creationTimestamp: "2021-12-19T13:05:06Z"
generation: 1
labels:
app: myapp
managedFields:
- apiVersion: apps/v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:labels:
.: {}
f:app: {}
f:spec:
f:progressDeadlineSeconds: {}
f:replicas: {}
f:revisionHistoryLimit: {}
f:selector: {}
f:strategy:
f:rollingUpdate:
.: {}
f:maxSurge: {}
f:maxUnavailable: {}
f:type: {}
f:template:
f:metadata:
f:labels:
.: {}
f:app: {}
f:spec:
f:containers:
k:{"name":"nginx"}:
.: {}
f:image: {}
f:imagePullPolicy: {}
f:name: {}
f:resources: {}
f:terminationMessagePath: {}
f:terminationMessagePolicy: {}
f:dnsPolicy: {}
f:restartPolicy: {}
f:schedulerName: {}
f:securityContext: {}
f:terminationGracePeriodSeconds: {}
manager: kubectl-create
operation: Update
time: "2021-12-19T13:05:06Z"
- apiVersion: apps/v1
fieldsType: FieldsV1
fieldsV1:
f:metadata:
f:annotations:
.: {}
f:deployment.kubernetes.io/revision: {}
f:status:
f:availableReplicas: {}
f:conditions:
.: {}
k:{"type":"Available"}:
.: {}
f:lastTransitionTime: {}
f:lastUpdateTime: {}
f:message: {}
f:reason: {}
f:status: {}
f:type: {}
k:{"type":"Progressing"}:
.: {}
f:lastTransitionTime: {}
f:lastUpdateTime: {}
f:message: {}
f:reason: {}
f:status: {}
f:type: {}
f:observedGeneration: {}
f:readyReplicas: {}
f:replicas: {}
f:updatedReplicas: {}
manager: kube-controller-manager
operation: Update
time: "2021-12-19T13:05:55Z"
name: myapp
namespace: default
resourceVersion: "23791"
uid: a40391ab-d0aa-4bec-95bc-259839b5b808
spec:
progressDeadlineSeconds: 600
replicas: 3
revisionHistoryLimit: 10
selector:
matchLabels:
app: myapp
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: myapp
spec:
containers:
- image: nginx
imagePullPolicy: Always
name: nginx
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
status:
availableReplicas: 3
conditions:
- lastTransitionTime: "2021-12-19T13:05:55Z"
lastUpdateTime: "2021-12-19T13:05:55Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2021-12-19T13:05:06Z"
lastUpdateTime: "2021-12-19T13:05:55Z"
message: ReplicaSet "myapp-6d8d776547" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 3
replicas: 3
updatedReplicas: 3
删除容器
删除deployment,svc类型
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myapp-6d8d776547-25mzl 1/1 Running 0 95m
myapp-6d8d776547-jth49 1/1 Running 0 95m
myapp-6d8d776547-s62lx 1/1 Running 0 95m
nginx-6799fc88d8-cfgpr 1/1 Running 2 23h
test-7968d6985c-2gmxt 1/1 Running 0 88m
[root@master ~]# kubectl delete deployment,svc myapp
deployment.apps "myapp" deleted
service "myapp" deleted
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6799fc88d8-cfgpr 1/1 Running 2 23h
test-7968d6985c-2gmxt 1/1 Running 0 89m
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 24h
nginx NodePort 10.97.131.40 <none> 80:30133/TCP 23h
只删除deployment
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 24h
nginx NodePort 10.97.131.40 <none> 80:30133/TCP 23h
[root@master ~]# kubectl delete deployment nginx
deployment.apps "nginx" deleted
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
test-7968d6985c-2gmxt 1/1 Running 0 103m
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 24h
nginx NodePort 10.97.131.40 <none> 80:30133/TCP 23h
#删除svc
[root@master ~]# kubectl delete svc nginx
service "nginx" deleted
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
test-7968d6985c-2gmxt 1/1 Running 0 104m
run创建
[root@master ~]# kubectl run nginx --image nginx
pod/nginx created
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 0/1 ContainerCreating 0 5s
test-7968d6985c-2gmxt 1/1 Running 0 109m
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 118s
test-7968d6985c-2gmxt 1/1 Running 0 111m
#删除
[root@master ~]# kubectl delete pod nginx
pod "nginx" deleted
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
test-7968d6985c-2gmxt 1/1 Running 0 132m
[root@mas
2369
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
