DaemonSet控制器
它会在集群中的各个节点上运行单一的Pod副本,比较适合部署那些为节点本身提供服务或者执行维护的pod。
DaemonSet控制器的一些典型用法包括但不限于以下几个方面:
- 运行集群存储Daemon控制器,比如在每个node上运行ceph等
- 在每个node上运行日志收集Daemon控制器,比如logstash
- 在每个node上运行监控Daemon控制器,比如Prometheus Node Exporter。
在每一台节点上都启动http服务,并将它作为DaaemonSet控制器进行部署。
1.创建daemonset控制器
[root@master ~]# vi testdaemonset.yaml
[root@master ~]# vi testdaemonset.yaml
apiVersion: apps/v1 #表示使用的API版本,此处用的是K8s的稳定版
kind: DaemonSet #表示创建的资源对象,此处创建的是DaemonSet
metadata: #资源对象的元数据,一个资源对象可以包含多个元数据,此处采用的元数据为name
name: testdaemonset #表示当前资源的名称
spec: #表示资源对象的具体设置
selector: #自定义一个或多个标签,对Pod起到筛选作用,会选择与标签定义相匹配的Pod
matchLabels:
example: deploymenthttp
template: #Pod模板
metadata:
labels:
example: deploymenthttp
spec:
containers:
- name: httpd
image: httpd:2.2
ports:
- containerPort: 80 #通过Container的属性将80端口进行暴露
hostPort: 8081 #映射到宿主机的8081端口
protocol: TCP
[root@master ~]# kubectl apply -f testdaemonset.yaml
daemonset.apps/testdaemonset created
[root@master ~]# kubectl get daemonset
NAME(控制器名称) DESIRED(预期pod数) CURRENT(当前的pod数) READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
testdaemonset 2 2 2 2 2 <none> 56s
[root@master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
testdaemonset-4crzq 1/1 Running 0 2m29s 10.244.0.42 master <none> <none>
testdaemonset-7vs2l 1/1 Running 0 2m29s 10.244.1.50 worker1 <none> <none>
//在前的结果中可以看到pod数量为2,但是我们并没有指定pod副本数,因为我们的node节点数量是两个,Daemonset会为每一台node分配一个pod,此时通过两个节点访问http发现均可以访问
[root@master ~]# kubectl get daemonset --namespace=kube-system //查看k8s系统本身的命名空间
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
kube-proxy 3 3 3 3 3 kubernetes.io/os=linux 13d
[root@master ~]# kubectl get daemonset kube-proxy --namespace=kube-system -o yaml //获取运行pod的配置,查看k8s系统级的daemonset控制器需要加上--namespace=kube-system
apiVersion: apps/v1
kind: DaemonSet
metadata:
annotations:
deprecated.daemonset.template.generation: "1"
creationTimestamp: "2022-11-10T03:05:02Z"
generation: 1
labels:
k8s-app: kube-proxy
name: kube-proxy
namespace: kube-system
resourceVersion: "332127"
uid: c41a1d6c-5248-42c5-97f8-bbc9bb50a678
spec:
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: kube-proxy
template:
metadata:
creationTimestamp: null
labels:
k8s-app: kube-proxy
spec:
containers:
- command:
- /usr/local/bin/kube-proxy
- --config=/var/lib/kube-proxy/config.conf
- --hostname-override=$(NODE_NAME)
env:
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
image: registry.aliyuncs.com/google_containers/kube-proxy:v1.22.2
imagePullPolicy: IfNotPresent
name: kube-proxy
resources: {}
securityContext:
privileged: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/lib/kube-proxy
name: kube-proxy
- mountPath: /run/xtables.lock
name: xtables-lock
- mountPath: /lib/modules
name: lib-modules
readOnly: true
dnsPolicy: ClusterFirst
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
priorityClassName: system-node-critical
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: kube-proxy
serviceAccountName: kube-proxy
terminationGracePeriodSeconds: 30
tolerations:
- operator: Exists
volumes:
- configMap:
defaultMode: 420
name: kube-proxy
name: kube-proxy
- hostPath:
path: /run/xtables.lock
type: FileOrCreate
name: xtables-lock
- hostPath:
path: /lib/modules
type: ""
name: lib-modules
updateStrategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
type: RollingUpdate
status:
currentNumberScheduled: 3
desiredNumberScheduled: 3
numberAvailable: 3
numberMisscheduled: 0
numberReady: 3
observedGeneration: 1
updatedNumberScheduled: 3
2.daemonset控制器的更新
它的更新方式也有两种:
(1)RollingUpdate:当使用这种方式进行更新时,在更新Daemonset控制器模板后,旧的daemonset pod将被终止,并且将以受控方式自动创建DaemonSet pod,只支持maxUnavailable
(2)OnDelete:这是向后兼容的默认更新方式。当使用这种方式更新时,在更新DaemonSet控制器模板后,只有手动删除旧的控制器POD后,才会创建新的pod.
以OnDelete的方式进行更新,将http的版本更新至2.4
[root@master ~]# vi testdaemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: testdaemonset
spec:
selector:
matchLabels:
example: deploymenthttp
template:
metadata:
labels:
example: deploymenthttp
spec:
containers:
- name: httpd
image: httpd:2.4
ports:
- containerPort: 80
hostPort: 8081
protocol: TCP
updateStrategy:
type: OnDelete
[root@master ~]# kubectl apply -f testdaemonset.yaml
daemonset.apps/testdaemonset configured
[root@master ~]# kubectl get daemonset //可以发现目前的更新还是为0,依旧是旧版本
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
testdaemonset 2 2 2 0 2 <none> 50m
[root@master ~]# kubectl get pods -o wide //会发现此时的pod也依旧为旧版
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
testdaemonset-4crzq 1/1 Running 0 52m 10.244.0.42 master <none> <none>
testdaemonset-7vs2l 1/1 Running 0 52m 10.244.1.50 worker1 <none> <none>
[root@master ~]# kubectl delete pod testdaemonset-7vs2l //删除pod触发更新
pod "testdaemonset-7vs2l" deleted
[root@master ~]# kubectl get pods -o wide //删除完毕之后,会发现有一个新的pod正在创建
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
testdaemonset-4crzq 1/1 Running 0 54m 10.244.0.42 master <none> <none>
testdaemonset-5887h 1/1 Running 0 28s 10.244.1.51 worker1 <none> <none>
[root@master ~]# kubectl get daemonset //再次查看控制器发现已经更新的了一个pod
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
testdaemonset 2 2 2 1 2 <none> 55m
//我们可以重复上述的操作继续更新剩下的pod
[root@master ~]# kubectl delete pod testdaemonset-4crzq
pod "testdaemonset-4crzq" deleted
[root@master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
testdaemonset-5887h 1/1 Running 0 2m51s 10.244.1.51 worker1 <none> <none>
testdaemonset-wnkkb 1/1 Running 0 24s 10.244.0.43 master <none> <none>
[root@master ~]# kubectl get daemonset
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
testdaemonset 2 2 2 2 2 <none> 57m
//由上可以看出所有的pod均已被更新