官方支持整理
# kubectl explain pod
KIND: Pod
VERSION: v1
DESCRIPTION:
Pod is a collection of containers that can run on a host. This resource is
created by clients and scheduled onto hosts.
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata <Object>
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
spec <Object>
Specification of the desired behavior of the pod. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
status <Object>
Most recently observed status of the pod. This data may not be up to date.
Populated by the system. Read-only. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
KIND: Pod
VERSION: v1
DESCRIPTION:
Pod is a collection of containers that can run on a host. This resource is
created by clients and scheduled onto hosts.
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata <Object>
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
spec <Object>
Specification of the desired behavior of the pod. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
status <Object>
Most recently observed status of the pod. This data may not be up to date.
Populated by the system. Read-only. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
种类:pod #类型
版本:v1 #版本
描述:
Pod是可以在主机上运行的容器集合。此资源是
由客户端创建并安排到主机上。
领域:
apiVersion<string> #api 版本V1 可以https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md 查看
APIVersion定义了
对象服务器应将识别的架构转换为最新的内部架构
并且可以拒绝未识别的值。更多信息:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
种类<string> #种类 pod
Kind是表示此对象的REST资源的字符串值
代表。服务器可以从客户端提交的端点推断出这一点
请求。无法更新。在CamelCase中。更多信息:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-种类
元数据<对象> #pod的详细信息
标准对象的元数据。更多信息:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
spec<对象> #pod中容器的信息
吊舱所需行为的规范。更多信息:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-和状态
状态<对象> #状态信息 ,只读不用管
最近观察到的吊舱状态。此数据可能不是最新的。
由系统填充。只读。更多信息:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-和状态
##################################################################
apiVersion: v1 #必选,版本号,例如v1
kind: Pod #必选,Pod
metadata: #必选,元数据
spec: #必选,Pod中容器的详细定义
####################################################################
# kubectl explain pod.metadata
KIND: Pod
VERSION: v1
RESOURCE: metadata <Object> #关于metadata解释
DESCRIPTION:
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
ObjectMeta is metadata that all persisted resources must have, which
includes all objects users must create.
FIELDS:
annotations <map[string]string>
Annotations is an unstructured key value map stored with a resource that
may be set by external tools to store and retrieve arbitrary metadata. They
are not queryable and should be preserved when modifying objects. More
info: http://kubernetes.io/docs/user-guide/annotations
clusterName <string>
The name of the cluster which the object belongs to. This is used to
distinguish resources with same name and namespace in different clusters.
This field is not set anywhere right now and apiserver is going to ignore
it if set in create or update request.
creationTimestamp <string>
CreationTimestamp is a timestamp representing the server time when this
object was created. It is not guaranteed to be set in happens-before order
across separate operations. Clients may not set this value. It is
represented in RFC3339 form and is in UTC.
Populated by the system. Read-only. Null for lists. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
deletionGracePeriodSeconds <integer>
Number of seconds allowed for this object to gracefully terminate before it
will be removed from the system. Only set when deletionTimestamp is also
set. May only be shortened. Read-only.
deletionTimestamp <string>
DeletionTimestamp is RFC 3339 date and time at which this resource will be
deleted. This field is set by the server when a graceful deletion is
requested by the user, and is not directly settable by a client. The
resource is expected to be deleted (no longer visible from resource lists,
and not reachable by name) after the time in this field, once the
finalizers list is empty. As long as the finalizers list contains items,
deletion is blocked. Once the deletionTimestamp is set, this value may not
be unset or be set further into the future, although it may be shortened or
the resource may be deleted prior to this time. For example, a user may
request that a pod is deleted in 30 seconds. The Kubelet will react by
sending a graceful termination signal to the containers in the pod. After
that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
to the container and after cleanup, remove the pod from the API. In the
presence of network partitions, this object may still exist after this
timestamp, until an administrator or automated process can determine the
resource is fully terminated. If not set, graceful deletion of the object
has not been requested.
Populated by the system when a graceful deletion is requested. Read-only.
More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
finalizers <[]string>
Must be empty before the object is deleted from the registry. Each entry is
an identifier for the responsible component that will remove the entry from
the list. If the deletionTimestamp of the object is non-nil, entries in
this list can only be removed. Finalizers may be processed and removed in
any order. Order is NOT enforced because it introduces significant risk of
stuck finalizers. finalizers is a shared field, any actor with permission
can reorder it. If the finalizer list is processed in order, then this can
lead to a situation in which the component responsible for the first
finalizer in the list is waiting for a signal (field value, external
system, or other) produced by a component responsible for a finalizer later
in the list, resulting in a deadlock. Without enforced ordering finalizers
are free to order amongst themselves and are not vulnerable to ordering
changes in the list.
generateName <string>
GenerateName is an optional prefix, used by the server, to generate a
unique name ONLY IF the Name field has not been provided. If this field is
used, the name returned to the client will be different than the name
passed. This value will also be combined with a unique suffix. The provided
value has the same validation rules as the Name field, and may be truncated
by the length of the suffix required to make the value unique on the
server.
If this field is specified and the generated name exists, the server will
NOT return a 409 - instead, it will either return 201 Created or 500 with
Reason ServerTimeout indicating a unique name could not be found in the
time allotted, and the client should retry (optionally after the time
indicated in the Retry-After header).
Applied only if Name is not specified. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
generation <integer>
A sequence number representing a specific generation of the desired state.
Populated by the system. Read-only.
labels <map[string]string>
Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services. More info: http://kubernetes.io/docs/user-guide/labels
managedFields <[]Object>
ManagedFields maps workflow-id and version to the set of fields that are
managed by that workflow. This is mostly for internal housekeeping, and
users typically shouldn't need to set or understand this field. A workflow
can be the user's name, a controller's name, or the name of a specific
apply path like "ci-cd". The set of fields is always in the version that
the workflow used when modifying the object.
name <string>
Name must be unique within a namespace. Is required when creating
resources, although some resources may allow a client to request the
generation of an appropriate name automatically. Name is primarily intended
for creation idempotence and configuration definition. Cannot be updated.
More info: http://kubernetes.io/docs/user-guide/identifiers#names
namespace <string>
Namespace defines the space within which each name must be unique. An empty
namespace is equivalent to the "default" namespace, but "default" is the
canonical representation. Not all objects are required to be scoped to a
namespace - the value of this field for those objects will be empty.
Must be a DNS_LABEL. Cannot be updated. More info:
http://kubernetes.io/docs/user-guide/namespaces
ownerReferences <[]Object>
List of objects depended by this object. If ALL objects in the list have
been deleted, this object will be garbage collected. If this object is
managed by a controller, then an entry in this list will point to this
controller, with the controller field set to true. There cannot be more
than one managing controller.
resourceVersion <string>
An opaque value that represents the internal version of this object that
can be used by clients to determine when objects have changed. May be used
for optimistic concurrency, change detection, and the watch operation on a
resource or set of resources. Clients must treat these values as opaque and
passed unmodified back to the server. They may only be valid for a
particular resource or set of resources.
Populated by the system. Read-only. Value must be treated as opaque by
clients and . More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
selfLink <string>
SelfLink is a URL representing this object. Populated by the system.
Read-only.
DEPRECATED Kubernetes will stop propagating this field in 1.20 release and
the field is planned to be removed in 1.21 release.
uid <string>
UID is the unique in time and space value for this object. It is typically
generated by the server on successful creation of a resource and is not
allowed to change on PUT operations.
Populated by the system. Read-only. More info:
http://kubernetes.io/docs/user-guide/identifiers#uids
描述:
标准对象的元数据。更多信息:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
ObjectMeta是所有持久化资源必须具有的元数据
包括用户必须创建的所有对象。
领域:
注释<map[string]string> ##注释,可写可不写,就是注释
注释是存储在资源中的非结构化键值映射
以存储和检索任意元数据。他们
不可查询,在修改对象时应保留。更多
信息:http://kubernetes.io/docs/user-guide/annotations
clusterName<string> ##对象所属群集的名称 不同集群中具有相同名称和命名空间的资源。 就一个集群,先不管
对象所属群集的名称。这用于
区分不同集群中具有相同名称和命名空间的资源。
此字段目前未设置在任何位置,apiserver将忽略
如果在创建或更新请求中设置。
创建时间戳<string> # 客户端不能设置此值 只读 不用设置
CreationTimestamp是表示服务器时间的时间戳
对象已创建。不能保证在下单前就设置好
跨单独的操作。客户端不能设置此值。它是
以RFC3339格式表示,并且是UTC格式。
由系统填充。只读。列表为空。更多信息:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
deleteGracePeriodSeconds<integer> # 只读 不用设置
允许此对象在此之前正常终止的秒数
将从系统中删除。仅当deleteTimestamp也为
设置只能缩短。只读。
删除时间戳<string> #不能由客户端直接设置 只读 不用设置
DeleteTimestamp是RFC 3339日期和时间,该资源将被删除
删除。此字段由服务器在适当删除时设置
并且不能由客户端直接设置。这个
预期资源将被删除(不再从资源列表中可见,
并且不能通过名称到达)
终结器列表为空。只要终结器列表包含项目,
删除被阻止。设置deleteTimestamp后,此值可能不会
未设置或设置在未来,尽管可能会缩短或
可以在该时间之前删除该资源。例如,用户可以
请求在30秒内删除一个pod。Kubelet将通过
向吊舱中的容器发送优美的终止信号。之后
30秒后,Kubelet将发送硬终止信号(SIGKILL)
清理后,从API中移除pod。在
存在网络分区,此对象在此之后可能仍然存在
时间戳,直到管理员或自动化进程可以确定
资源完全终止。如果未设置,则优雅地删除对象
尚未请求。
当请求适当删除时由系统填充。只读。
更多信息:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
终结器<[]string> #从注册表中删除对象之前必须为空
从注册表中删除对象之前必须为空。每个条目都是
将从中删除条目的负责组件的标识符
列表中。如果对象的deleteTimestamp为非nil
只能删除此列表。可在中处理和删除定稿
任何订单。订单未执行,因为它会带来以下重大风险
定影器卡住。终结器是一个共享字段,任何具有权限的参与者
可以重新排序。如果按顺序处理终结器列表,则可以
导致以下情况:
列表中的终结器正在等待信号(字段值,外部
系统或其他),由稍后负责终结器的组件生成
导致死锁。没有强制排序终结器
可以自由订购,不易订购
列表中的更改。
generateName<string># 仅在未指定名称时应用
GenerateName是可选前缀,由服务器使用,用于生成
仅当未提供“名称”字段时,才使用唯一名称。如果此字段为
使用时,返回给客户端的名称将与名称不同
通过。此值还将与唯一后缀组合。提供的
值与“名称”字段具有相同的验证规则,可能会被截断
通过使值在
服务器
如果指定了此字段并且生成的名称存在,则服务器将
不返回409-相反,它将返回201 Created或500 with
原因ServerTimeout指示在中找不到唯一名称
分配的时间,客户端应重试(可选地在时间之后
在Retry After报头中指示)。
仅在未指定名称时应用。更多信息:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
生成<integer># 只读 所需状态的特定生成的序列号
表示所需状态的特定生成的序列号。
由系统填充。只读 。
标签<map[string]string>
可用于组织和分类的字符串键和值的映射
(范围和选择)对象。可以匹配复制控制器的选择器
和服务。更多信息:http://kubernetes.io/docs/user-guide/labels
managedFields<[]对象> #这主要用于内部内务管理 用户通常不需要设置或理解此字段
ManagedFields将工作流id和版本映射到
由该工作流管理。这主要用于内部内务管理,以及
用户通常不需要设置或理解此字段。工作流
可以是用户名称、控制器名称或特定的名称
应用路径,如“ci-cd”。字段集始终处于
修改对象时使用的工作流。
name<string> # 必要 pod 名字
名称在命名空间中必须唯一。创建时需要
资源,尽管一些资源可能允许客户端请求
自动生成适当的名称。名称主要用于
用于创建幂等性和配置定义。无法更新。
更多信息:http://kubernetes.io/docs/user-guide/identifiers#names
命名空间<string> #选择命名空间
命名空间定义了每个名称必须唯一的空间。一个空的
命名空间等同于“默认”命名空间,但“默认”是
规范表示。并非所有对象都需要限定为
namespace-这些对象的该字段值将为空。
必须是DNS_LABEL。无法更新。更多信息:
http://kubernetes.io/docs/user-guide/namespaces
ownerReferences<[]对象> #
此对象依赖的对象列表。如果列表中的所有对象都具有
删除后,此对象将被垃圾收集。如果此对象是
由控制器管理,则此列表中的条目将指向
控制器,控制器字段设置为true。不能再多了
多个管理控制器。
资源版本<string> #只读
表示此对象的内部版本的不透明值
客户端可以使用它来确定对象何时已更改。可使用
对于乐观并发、更改检测和监视操作
资源或一组资源。客户必须将这些值视为不透明和
未经修改传回服务器。它们可能仅对
特定资源或资源集。
由系统填充。只读。值必须被视为不透明
客户端和。更多信息:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-控制和一致性
selfLink<string> #只读 将停止使用
SelfLink是表示此对象的URL。由系统填充。
只读。
弃用的Kubernetes将在1.20版本中停止传播该字段
该字段计划在1.21版本中删除。
uid<string> #只读
UID是此对象在时间和空间上的唯一值。它通常是
由服务器在成功创建资源时生成,而不是
允许在PUT操作时更改。
由系统填充。只读。更多信息:
http://kubernetes.io/docs/user-guide/identifiers#uids
##################################################################
apiVersion: v1 #必选,版本号,例如v1
kind: Pod #必选,Pod
metadata: #必选,元数据
annotations: <map[string]string> #注释,可写可不写,就是注释 可选
clusterName: <string> #对象所属群集的名称 不同集群中具有相同名称和命名空间的资源 可选
finalizers: <[]string> #从注册表中删除对象之前必须为空。每个条目都是将从中删除条目的负责组件的标识符列表中 可选
generateName: <string> #可选 ,由服务器使用,用于生成仅当未提供“名称”字段时,才使用唯一名称
labels: <map[string]string> #可用于组织和分类的字符串键和值的映射(范围和选择)对象。可以匹配复制控制器的选择器和服务。
name: <string> #名称在命名空间中必须唯一。创建时需要资源,尽管一些资源可能允许客户端请求自动生成适当的名称。名称主要用于用于创建幂等性和配置定义。
namespace <string> #名词空间
spec: #必选,Pod中容器的详细定义
####################################################################
apiVersion: v1 #必选,版本号,例如v1
kind: Pod #必选,Pod
metadata: #必选,元数据
name: prometheus #必选,Pod名称
namespace: #必选,Pod所属的命名空间
labels: #自定义标签
app: prometheus #自定义标签名字
spec: #必选,Pod中容器的详细定义
KIND: Pod
VERSION: v1
RESOURCE: spec <Object>
DESCRIPTION:
Specification of the desired behavior of the pod. More
https://git.k8s.io/community/contributors/devel/sig-artions.md#spec-and-status
PodSpec is a description of a pod.
FIELDS:
activeDeadlineSeconds <integer>
Optional duration in seconds the pod may be active on
StartTime before the system will actively try to mark
associated containers. Value must be a positive intege
affinity <Object>
If specified, the pod's scheduling constraints
automountServiceAccountToken <boolean>
AutomountServiceAccountToken indicates whether a servi
should be automatically mounted.
containers <[]Object> -required-
List of containers belonging to the pod. Containers ca
added or removed. There must be at least one container
updated.
dnsConfig <Object>
Specifies the DNS parameters of a pod. Parameters spec
merged to the generated DNS configuration based on DNS
dnsPolicy <string>
Set DNS policy for the pod. Defaults to "ClusterFirst"
'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' o
parameters given in DNSConfig will be merged with the
DNSPolicy. To have DNS options set along with hostNetw
specify DNS policy explicitly to 'ClusterFirstWithHost
enableServiceLinks <boolean>
EnableServiceLinks indicates whether information about
injected into pod's environment variables, matching th
links. Optional: Defaults to true.
ephemeralContainers <[]Object>
List of ephemeral containers run in this pod. Ephemera
run in an existing pod to perform user-initiated actio
This list cannot be specified when creating a pod, and
modified by updating the pod spec. In order to add an
to an existing pod, use the pod's ephemeralcontainers
field is alpha-level and is only honored by servers th
EphemeralContainers feature.
hostAliases <[]Object>
HostAliases is an optional list of hosts and IPs that
the pod's hosts file if specified. This is only valid
pods.
hostIPC <boolean>
Use the host's ipc namespace. Optional: Default to fal
hostNetwork <boolean>
Host networking requested for this pod. Use the host's
If this option is set, the ports that will be used mus
Default to false.
hostPID <boolean>
Use the host's pid namespace. Optional: Default to fal
hostname <string>
Specifies the hostname of the Pod If not specified, th
be set to a system-defined value.
imagePullSecrets <[]Object>
ImagePullSecrets is an optional list of references to
namespace to use for pulling any of the images used by
specified, these secrets will be passed to individual
implementations for them to use. For example, in the c
DockerConfig type secrets are honored. More info:
https://kubernetes.io/docs/concepts/containers/images#ecrets-on-a-pod
initContainers <[]Object>
List of initialization containers belonging to the pod
executed in order prior to containers being started. I
fails, the pod is considered to have failed and is han
restartPolicy. The name for an init container or norma
unique among all containers. Init containers may not h
actions, Readiness probes, Liveness probes, or Startup
resourceRequirements of an init container are taken in
scheduling by finding the highest request/limit for ea
then using the max of of that value or the sum of the
Limits are applied to init containers in a similar fas
cannot currently be added or removed. Cannot be update
https://kubernetes.io/docs/concepts/workloads/pods/ini
nodeName <string>
NodeName is a request to schedule this pod onto a spec
non-empty, the scheduler simply schedules this pod ont
that it fits resource requirements.
nodeSelector <map[string]string>
NodeSelector is a selector which must be true for the
Selector which must match a node's labels for the pod
that node. More info:
https://kubernetes.io/docs/concepts/configuration/assi
overhead <map[string]string>
Overhead represents the resource overhead associated w
a given RuntimeClass. This field will be autopopulated
the RuntimeClass admission controller. If the RuntimeC
controller is enabled, overhead must not be set in Pod
RuntimeClass admission controller will reject Pod crea
have the overhead already set. If RuntimeClass is conf
in the PodSpec, Overhead will be set to the value defi
corresponding RuntimeClass, otherwise it will remain u
zero. More info:
https://git.k8s.io/enhancements/keps/sig-node/20190226
field is alpha-level as of Kubernetes v1.16, and is on
that enable the PodOverhead feature.
preemptionPolicy <string>
PreemptionPolicy is the Policy for preempting pods wit
of Never, PreemptLowerPriority. Defaults to PreemptLow
This field is beta-level, gated by the NonPreemptingPr
priority <integer>
The priority value. Various system components use this
priority of the pod. When Priority Admission Controlle
prevents users from setting this field. The admission
this field from PriorityClassName. The higher the valu
priority.
priorityClassName <string>
If specified, indicates the pod's priority. "system-no
"system-cluster-critical" are two special keywords whi
highest priorities with the former being the highest p
name must be defined by creating a PriorityClass objec
not specified, the pod priority will be default or zer
default.
readinessGates <[]Object>
If specified, all readiness gates will be evaluated fo
pod is ready when all its containers are ready AND all
in the readiness gates have status equal to "True" Mor
https://git.k8s.io/enhancements/keps/sig-network/0007-
restartPolicy <string>
Restart policy for all containers within the pod. One
Never. Default to Always. More info:
https://kubernetes.io/docs/concepts/workloads/pods/podolicy
runtimeClassName <string>
RuntimeClassName refers to a RuntimeClass object in th
which should be used to run this pod. If no RuntimeCla
the named class, the pod will not be run. If unset or
RuntimeClass will be used, which is an implicit class
definition that uses the default runtime handler. More
https://git.k8s.io/enhancements/keps/sig-node/runtime-
beta feature as of Kubernetes v1.14.
schedulerName <string>
If specified, the pod will be dispatched by specified
specified, the pod will be dispatched by default sched
securityContext <Object>
SecurityContext holds pod-level security attributes an
settings. Optional: Defaults to empty. See type descri
values of each field.
serviceAccount <string>
DeprecatedServiceAccount is a depreciated alias for Se
Deprecated: Use serviceAccountName instead.
serviceAccountName <string>
ServiceAccountName is the name of the ServiceAccount t
pod. More info:
https://kubernetes.io/docs/tasks/configure-pod-containaccount/
setHostnameAsFQDN <boolean>
If true the pod's hostname will be configured as the p
than the leaf name (the default). In Linux containers,
the FQDN in the hostname field of the kernel (the node
utsname). In Windows containers, this means setting th
hostname for the registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\T
FQDN. If a pod does not have FQDN, this has no effect.
shareProcessNamespace <boolean>
Share a single process namespace between all of the co
When this is set containers will be able to view and s
other containers in the same pod, and the first proces
will not be assigned PID 1. HostPID and ShareProcessNa
be set. Optional: Default to false.
subdomain <string>
If specified, the fully qualified Pod hostname will be
"<hostname>.<subdomain>.<pod namespace>.svc.<cluster d
specified, the pod will not have a domainname at all.
terminationGracePeriodSeconds <integer>
Optional duration in seconds the pod needs to terminat
decreased in delete request. Value must be non-negativ
zero indicates delete immediately. If this value is ni
period will be used instead. The grace period is the d
after the processes running in the pod are sent a term
the time when the processes are forcibly halted with a
this value longer than the expected cleanup time for y
to 30 seconds.
tolerations <[]Object>
If specified, the pod's tolerations.
topologySpreadConstraints <[]Object>
TopologySpreadConstraints describes how a group of pod
across topology domains. Scheduler will schedule pods
by the constraints. All topologySpreadConstraints are
volumes <[]Object>
List of volumes that can be mounted by containers belo
More info: https://kubernetes.io/docs/concepts/storag
种类:pod
版本:v1
资源:规范<对象>
描述:
pod所需行为的规范。更多
https://git.k8s.io/community/contributors/devel/sig-artions.md#spec-和状态
PodSpec是对pod的描述。
领域:
activeDeadlineSeconds<integer> #可选持续时间(秒),吊舱可能处于活动状态
可选持续时间(秒),吊舱可能处于活动状态
系统将主动尝试标记之前的StartTime
相关容器。值必须为正整数
亲和力<对象> #pod的调度约束
如果指定,pod的调度约束
automountServiceAccountToken<boolean># 指示服务应自动安装。
AutomountServiceAccountToken指示服务
应自动安装。
容器<〔〕对象>-必需-# 属于容器的容器列表
属于容器的容器列表。容器ca
添加或删除。必须至少有一个容器
更新。
dnsConfig<对象>#指定pod的DNS参数
指定pod的DNS参数。参数规格
合并到基于DNS生成的DNS配置
dnsPolicy<string> #为pod设置DNS策略
为pod设置DNS策略。默认为“ClusterFirst”
“ClusterFirstWithHostNet”、“Cluster First”、“Default”o
DNSConfig中给出的参数将与
DNS政策。将DNS选项与hostNetw一起设置
将DNS策略显式指定为“ClusterFirstWithHost”
enableServiceLinks<boolean> # 默认为true。
EnableServiceLinks指示有关
注入到pod的环境变量中,匹配th
链接。可选:默认为true。
临时容器<[]对象> #此容器中运行的临时容器列表
此容器中运行的临时容器列表。只在短期内有用的事物
在现有pod中运行以执行用户发起的操作
创建pod时无法指定此列表,并且
通过更新pod规范进行修改。为了添加
对于现有的pod,使用pod的临时容器
字段为alpha级别,仅由以下服务器使用
EphemeralContainers功能。
主机别名<[]对象># 是可选的主机和IP列表pod的hosts文件(如果指定)This is only valid pods.
HostAliases是可选的主机和IP列表
pod的hosts文件(如果指定)。这仅有效
豆荚。
主机IPC<boolean> #使用主机的ipc命名空间
使用主机的ipc命名空间。可选:默认为fal
主机网络<boolean># 此pod请求主机网络
此pod请求主机网络。使用主机的
如果设置了此选项,将使用的端口
默认为false。
主机PID<boolean> #使用主机的pid命名空间
使用主机的pid命名空间。可选:默认为fal
主机名<string> #指定Pod的主机名
指定Pod的主机名。如果未指定,则
设置为系统定义的值。
imagePullSecrets<[〕对象> #提取所使用的任何图像的命名空间指定
ImagePullSecrets是一个可选的引用列表
用于提取所使用的任何图像的命名空间
指定,这些机密将传递给个人
实现供他们使用。例如,在c
DockerConfig类型机密受到尊重。更多信息:
https://kubernetes.io/docs/concepts/containers/images#ecrets-吊舱上
initContainers<[〕对象># 属于pod的初始化容器列表
属于pod的初始化容器列表
在容器启动之前按顺序执行。我
失败,pod被认为已失败,并且是han
restartPolicy。init容器或norma的名称
在所有容器中都是独一无二的。初始容器可能不会
动作、就绪探测、活跃探测或启动
resource接受init容器的需求
通过查找ea的最高请求/限制进行调度
然后使用该值的最大值或
限制适用于类似fas中的init容器
当前无法添加或删除。无法更新
https://kubernetes.io/docs/concepts/workloads/pods/ini
nodeName<string># 是将此pod调度到规范的请求
NodeName是将此pod调度到规范的请求
非空时,调度器简单地调度这个pod ont
它符合资源需求。
nodeSelector<map〔string〕string> #一个选择器,对于必须与pod的节点标签匹配的选择器
NodeSelector是一个选择器,对于
必须与pod的节点标签匹配的选择器
该节点。更多信息:
https://kubernetes.io/docs/concepts/configuration/assi
overhead <map[string]string>#字段将自动填充
RuntimeClass准入控制器
开销表示与w相关的资源开销
给定的RuntimeClass。此字段将自动填充
RuntimeClass准入控制器。如果RuntimeC
控制器已启用,不能在Pod中设置开销
RuntimeClass准入控制器将拒绝Pod crea
已经设置了开销。如果RuntimeClass为conf
在PodSpec中,开销将设置为defi值
对应的RuntimeClass,否则它将保持为u
零更多信息:
https://git.k8s.io/enhancements/keps/sig-node/20190226
从Kubernetes v1.16开始,该字段为alpha级别,并且处于启用状态
启用PodOverhead功能。
抢占策略<string> #抢占pods的策略永远,先占较低优先级
PreemptionPolicy是抢占pods的策略
永远,先占较低优先级。默认为PreemptLow
此字段为beta级别,由NonPreemptingPr选通
优先级<integer>#优先级值。各种系统组件使用此pod的优先级
优先级值。各种系统组件使用此
pod的优先级。当优先级允许可控时
阻止用户设置此字段。录取通知书
PriorityClassName中的此字段。值越高
优先事项
优先级ClassName<string># #系统编号 “系统群集关键”是两个特殊的关键字
如果指定,则指示吊舱的优先级。“系统编号
“系统群集关键”是两个特殊的关键字
最高优先级,前者为最高p
必须通过创建PriorityClass对象来定义名称
未指定,pod优先级将为默认值或zer
违约
readinesGates<[]对象> #评估所有准备状态门
如果指定,将评估所有准备状态门
当所有容器都准备好时,吊舱就准备好了
准备状态门中的状态等于“真”Mor
https://git.k8s.io/enhancements/keps/sig-network/0007-
restartPolicy<string> #重新启动pod内所有容器的策略
重新启动pod内所有容器的策略。一
从不默认为“始终”。更多信息:
https://kubernetes.io/docs/concepts/workloads/pods/podolicy
运行时ClassName<string> #用来运行这个pod
RuntimeClassName引用
应该用来运行这个吊舱。如果没有RuntimeCla
命名类,pod将不会运行。如果未设置或
将使用RuntimeClass,这是一个隐式类
使用默认运行时处理程序的定义。更多
https://git.k8s.io/enhancements/keps/sig-node/runtime-
Kubernetes v1.14的beta特性。
schedulerName<string> #pod将由指定的
如果指定,pod将由指定的
指定时,pod将按默认调度
securityContext<对象> #保存pod级别的安全属性 可选
SecurityContext保存pod级别的安全属性
设置。可选:默认为空。参见类型descri
每个字段的值。
serviceAccount<string> # 是Se的折旧别名 已弃用请改用serviceAccountName。
DeprecatedServiceAccount是Se的折旧别名
已弃用:请改用serviceAccountName。
serviceAccountName<string> #ServiceAccount t的名称
ServiceAccountName是ServiceAccount t的名称
豆荚更多信息:
https://kubernetes.io/docs/tasks/configure-pod-containaccount/
setHostnameAsFQDN<boolean> #pod的主机名将配置为p
如果为true,则pod的主机名将配置为p
而不是叶名称(默认值)。在Linux容器中,
内核(节点)的主机名字段中的FQDN
utsname)。在Windows容器中,这意味着设置
注册表项的主机名
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\T
FQDN。如果一个pod没有FQDN,这将无效。
shareProcessNamespace<boolean> #所有co之间共享单个进程命名空间容器将能够查看和同一容器中的其他容器,以及第一个进程将不会分配PID
在所有co之间共享单个进程命名空间
设置此选项后,容器将能够查看和
同一容器中的其他容器,以及第一个进程
将不会分配PID 1。HostPID和ShareProcessNa
设置。可选:默认为false。
子域<string>
如果指定,则完全限定的Pod主机名将为
“<hostname>.<subdomain>.<pod-namespace>.svc.<cluster d
指定后,pod将完全没有域名。
terminationGracePeriodSeconds<integer>#pod 可选持续时间(秒),吊舱需要终止
可选持续时间(秒),吊舱需要终止
删除请求减少。值必须为非负数
零表示立即删除。如果该值为ni
将改用句号。宽限期为d
在pod中运行的进程被发送一个术语之后
使用
该值比y的预期清理时间长
至30秒。
公差<[]对象>
如果指定,吊舱的公差。
topologySpreadConstraints<[〕对象> #调度程序将调度pod受约束
TopologySpreadConstraints描述了一组pod
跨拓扑域。调度程序将调度pod
受约束。所有拓扑SpreadConstraints都是
卷<[]对象>
可由以下容器装入的卷列表
更多信息:https://kubernetes.io/docs/concepts/storag
##################################################################
apiVersion: v1 #必选,版本号,例如v1
kind: Pod #必选,Pod
metadata: #必选,元数据
annotations: <map[string]string> #注释,可写可不写,就是注释 可选
clusterName: <string> #对象所属群集的名称 不同集群中具有相同名称和命名空间的资源 可选
finalizers: <[]string> #从注册表中删除对象之前必须为空。每个条目都是将从中删除条目的负责组件的标识符列表中 可选
generateName: <string> #可选 ,由服务器使用,用于生成仅当未提供“名称”字段时,才使用唯一名称
labels: <map[string]string> #可用于组织和分类的字符串键和值的映射(范围和选择)对象。可以匹配复制控制器的选择器和服务。
name: <string> #名称在命名空间中必须唯一。创建时需要资源,尽管一些资源可能允许客户端请求自动生成适当的名称。名称主要用于用于创建幂等性和配置定义。
namespace <string> #名词空间
spec: #必选,Pod中容器的详细定义
activeDeadlineSeconds<integer> #可选持续时间(秒),吊舱可能处于活动状态
affinity <Object> #pod的调度约束
automountServiceAccountToken <boolean> # 指示服务应自动安装。
containers <[]Object> -required- # 属于容器的容器列表
dnsConfig <Object> #指定pod的DNS参数
dnsPolicy <string> #为pod设置DNS策略
enableServiceLinks <boolean> #指示有关注入到pod的环境变量中,匹配th链接
ephemeralContainers <[]Object> ##此容器中运行的临时容器列表
hostAliases <[]Object> # 是可选的主机和IP列表pod的hosts文件(如果指定)This is only valid pods
hostIPC <boolean> ##使用主机的ipc命名空间
hostNetwork <boolean> # 此pod请求主机网络
hostPID <boolean> #使用主机的pid命名空间
hostname <string> #指定Pod的主机名
imagePullSecrets <[]Object> #提取所使用的任何图像的命名空间指定
initContainers <[]Object> # 属于pod的初始化容器列表
nodeName <string> # 是将此pod调度到规范的请求
nodeSelector <map[string]string> # 一个选择器,对于必须与pod的节点标签匹配的选择器
overhead <map[string]string> # 字段将自动填充
preemptionPolicy <string> #抢占pods的策略永远,先占较低优先级
priority <integer> #优先级值。各种系统组件使用此pod的优先级
priorityClassName <string> #系统编号 “系统群集关键”是两个特殊的关键字
readinessGates <[]Object> #评估所有准备状态门
restartPolicy <string> #重新启动pod内所有容器的策略
runtimeClassName <string> #用来运行这个pod
schedulerName <string> #pod将由指定的
securityContext <Object> #保存pod级别的安全属性 可选
serviceAccount <string> # 是Se的折旧别名 已弃用请改用serviceAccountName。
serviceAccountName <string> #ServiceAccount t的名称
setHostnameAsFQDN <boolean> #pod的主机名将配置为p
shareProcessNamespace <boolean> #所有co之间共享单个进程命名空间容器将能够查看和同一容器中的其他容器,以及第一个进程将不会分配PID
subdomain <string> #如果指定,则完全限定的Pod主机名将为“<hostname>.<subdomain>.<pod-namespace>.svc.<cluster 指定后,pod将完全没有域名。
terminationGracePeriodSeconds <integer> ##pod 可选持续时间(秒),pod需要终止
tolerations <[]Object> #如果指定,pod的公差。
topologySpreadConstraints <[]Object> # #调度程序将调度pod受约束
volumes <[]Object> #可由以下容器装入的卷列表
####################################################################
apiVersion: v1 #必选,版本号,例如v1
kind: Pod #必选,Pod
metadata: #必选,元数据
name: prometheus #必选,Pod名称
namespace: #必选,Pod所属的命名空间
labels: #自定义标签
app: prometheus #自定义标签名字
spec: #必选,Pod中容器的详细定义
nodeName: k8s-master01
containers: #必选,Pod中容器列表
volumes: #定义一组挂载设备
###########################################################
# kubectl explain pod.spec.containers
KIND: Pod
VERSION: v1
RESOURCE: containers <[]Object>
DESCRIPTION:
List of containers belonging to the pod. Containers cannot currently be
added or removed. There must be at least one container in a Pod. Cannot be
updated.
A single application container that you want to run within a pod.
FIELDS:
args <[]string>
Arguments to the entrypoint. The docker image's CMD is used if this is not
provided. Variable references $(VAR_NAME) are expanded using the
container's environment. If a variable cannot be resolved, the reference in
the input string will be unchanged. The $(VAR_NAME) syntax can be escaped
with a double $$, ie: $$(VAR_NAME). Escaped references will never be
expanded, regardless of whether the variable exists or not. Cannot be
updated. More info:
https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
command <[]string>
Entrypoint array. Not executed within a shell. The docker image's
ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME)
are expanded using the container's environment. If a variable cannot be
resolved, the reference in the input string will be unchanged. The
$(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME).
Escaped references will never be expanded, regardless of whether the
variable exists or not. Cannot be updated. More info:
https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
env <[]Object>
List of environment variables to set in the container. Cannot be updated.
envFrom <[]Object>
List of sources to populate environment variables in the container. The
keys defined within a source must be a C_IDENTIFIER. All invalid keys will
be reported as an event when the container is starting. When a key exists
in multiple sources, the value associated with the last source will take
precedence. Values defined by an Env with a duplicate key will take
precedence. Cannot be updated.
image <string>
Docker image name. More info:
https://kubernetes.io/docs/concepts/containers/images This field is
optional to allow higher level config management to default or override
container images in workload controllers like Deployments and StatefulSets.
imagePullPolicy <string>
Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always
if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated.
More info:
https://kubernetes.io/docs/concepts/containers/images#updating-images
lifecycle <Object>
Actions that the management system should take in response to container
lifecycle events. Cannot be updated.
livenessProbe <Object>
Periodic probe of container liveness. Container will be restarted if the
probe fails. Cannot be updated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
name <string> -required-
Name of the container specified as a DNS_LABEL. Each container in a pod
must have a unique name (DNS_LABEL). Cannot be updated.
ports <[]Object>
List of ports to expose from the container. Exposing a port here gives the
system additional information about the network connections a container
uses, but is primarily informational. Not specifying a port here DOES NOT
prevent that port from being exposed. Any port which is listening on the
default "0.0.0.0" address inside a container will be accessible from the
network. Cannot be updated.
readinessProbe <Object>
Periodic probe of container service readiness. Container will be removed
from service endpoints if the probe fails. Cannot be updated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
resources <Object>
Compute Resources required by this container. Cannot be updated. More info:
https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
securityContext <Object>
Security options the pod should run with. More info:
https://kubernetes.io/docs/concepts/policy/security-context/ More info:
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
startupProbe <Object>
StartupProbe indicates that the Pod has successfully initialized. If
specified, no other probes are executed until this completes successfully.
If this probe fails, the Pod will be restarted, just as if the
livenessProbe failed. This can be used to provide different probe
parameters at the beginning of a Pod's lifecycle, when it might take a long
time to load data or warm a cache, than during steady-state operation. This
cannot be updated. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
stdin <boolean>
Whether this container should allocate a buffer for stdin in the container
runtime. If this is not set, reads from stdin in the container will always
result in EOF. Default is false.
stdinOnce <boolean>
Whether the container runtime should close the stdin channel after it has
been opened by a single attach. When stdin is true the stdin stream will
remain open across multiple attach sessions. If stdinOnce is set to true,
stdin is opened on container start, is empty until the first client
attaches to stdin, and then remains open and accepts data until the client
disconnects, at which time stdin is closed and remains closed until the
container is restarted. If this flag is false, a container processes that
reads from stdin will never receive an EOF. Default is false
terminationMessagePath <string>
Optional: Path at which the file to which the container's termination
message will be written is mounted into the container's filesystem. Message
written is intended to be brief final status, such as an assertion failure
message. Will be truncated by the node if greater than 4096 bytes. The
total message length across all containers will be limited to 12kb.
Defaults to /dev/termination-log. Cannot be updated.
terminationMessagePolicy <string>
Indicate how the termination message should be populated. File will use the
contents of terminationMessagePath to populate the container status message
on both success and failure. FallbackToLogsOnError will use the last chunk
of container log output if the termination message file is empty and the
container exited with an error. The log output is limited to 2048 bytes or
80 lines, whichever is smaller. Defaults to File. Cannot be updated.
tty <boolean>
Whether this container should allocate a TTY for itself, also requires
'stdin' to be true. Default is false.
volumeDevices <[]Object>
volumeDevices is the list of block devices to be used by the container.
volumeMounts <[]Object>
Pod volumes to mount into the container's filesystem. Cannot be updated.
workingDir <string>
Container's working directory. If not specified, the container runtime's
default will be used, which might be configured in the container image.
Cannot be updated.
种类:吊舱
版本:v1
资源:容器<〔〕对象>
描述: #属于容器的容器列表
属于容器的容器列表。容器当前不能
添加或删除。Pod中必须至少有一个容器。不能是
更新。
要在pod中运行的单个应用程序容器。
领域:
args<[]字符串> #入口点的参数如果不是,则使用docker映像的CMD
入口点的参数。如果不是,则使用docker映像的CMD
假如变量引用$(VAR_NAME)使用
容器的环境。如果无法解析变量
输入字符串将保持不变。$(VAR_NAME)语法可以转义
带有双$$,即:$$(VAR_NAME)。转义引用将永远不会
展开,而不管变量是否存在。不能是
更新。更多信息:
https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-外壳中的命令
命令<[]string> ##入口点数组 如果未提供,则使用ENTRYPOINT。
入口点数组。未在shell中执行。码头工人的形象
如果未提供,则使用ENTRYPOINT。变量引用$(VAR_NAME)
使用容器的环境进行扩展。如果变量不能
解析后,输入字符串中的引用将保持不变。这个
$(VAR_NAME)语法可以用双$$进行转义,即:$$(VAR_NAME)。
转义引用将永远不会展开,无论
变量是否存在。无法更新。更多信息:
https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-外壳中的命令
env<[]对象> #要在容器中设置的环境变量列表
要在容器中设置的环境变量列表。无法更新。
envFrom<[]对象> #用于填充容器中环境变量的源列表
用于填充容器中环境变量的源列表。这个
源中定义的键必须是C_IDENTIFIER。所有无效密钥将
当容器启动时,报告为事件。当密钥存在时
在多个源中,与最后一个源关联的值将
优先由具有重复键的环境定义的值将采用
优先无法更新。
image<string> #image Docker图像名称
Docker图像名称。更多信息:
https://kubernetes.io/docs/concepts/containers/images此字段为
可选,允许更高级别的配置管理默认或覆盖
工作负载控制器(如Deployments和StatefulSets)中的容器映像。
imagePullPolicy<string> #图像拉取策略 默认为“始终” 否则为IfNotPresent。无法更新
图像拉取策略。永远,永远,如果不存在。默认为“始终”
if:指定了最新标记,否则为IfNotPresent。无法更新。
更多信息:
https://kubernetes.io/docs/concepts/containers/images#updating-图像
生命周期<对象># 管理系统应对集装箱应采取的措施生命周期事件
管理系统应对集装箱应采取的措施
生命周期事件。无法更新。
livenessProbe<对象> #容器活度的定期探测
容器活度的定期探测。如果
探测失败。无法更新。更多信息:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-探针
name<string>-必填项- #指定为DNS_LABEL的容器的名称
指定为DNS_LABEL的容器的名称。吊舱中的每个容器
必须具有唯一的名称(DNS_LABEL)。无法更新。
端口<[]对象> #要从容器中公开的端口列表
要从容器中公开的端口列表。在这里暴露一个端口
系统有关网络连接的附加信息容器
使用,但主要是信息性的。不在此处指定端口不会
防止该端口暴露。正在侦听的任何端口
容器内的默认“0.0.0.0”地址将从
网络无法更新。
readinesProbe<对象> #定期检查集装箱服务准备情况
定期检查集装箱服务准备情况。容器将被移除
如果探测失败,则从服务端点发送。无法更新。更多信息:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-探针
资源<对象> #计算此容器所需的资源
计算此容器所需的资源。无法更新。更多信息:
https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
securityContext<对象> #pod应该使用的安全选项
pod应该使用的安全选项。更多信息:
https://kubernetes.io/docs/concepts/policy/security-context/更多信息:
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
startupProbe<对象>
StartupProbe表示Pod已成功初始化。如果
如果指定,则在成功完成之前不会执行其他探测。
如果此探测失败,Pod将重新启动,就像
livenessProbe失败。这可用于提供不同的探针
Pod生命周期开始时的参数,这可能需要很长时间
加载数据或预热缓存的时间比稳态操作期间长。这
无法更新。更多信息:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-探针
stdin<boolean> #此容器是否应为容器中的stdin分配缓冲区
此容器是否应为容器中的stdin分配缓冲区
运行时。如果未设置此项,则从容器中的stdin读取的内容将始终
导致EOF。默认值为false。
stdinOnce<boolean> #容器运行时是否应在完成后关闭stdin通道
容器运行时是否应在完成后关闭stdin通道
已由单个附件打开。当stdin为true时,stdin流将
在多个连接会话中保持打开。如果stdinOnce被设置为true,
stdin在容器启动时打开,直到第一个客户机
连接到stdin,然后保持打开并接受数据,直到客户端
断开,此时stdin关闭并保持关闭,直到
容器重新启动。如果此标志为false,容器将处理
从stdin读取永远不会收到EOF。默认值为false
终止消息路径<string> #可选:容器终止到的文件的路径
可选:容器终止到的文件的路径
将要写入的消息装入容器的文件系统。消息
writed旨在是简短的最终状态,例如断言失败
消息如果大于4096字节,将被节点截断。这个
所有容器的总消息长度将限制为12kb。
默认为/dev/termination log。无法更新。
terminationMessagePolicy<string> #指示应如何填充终止消息
指示应如何填充终止消息。文件将使用
用于填充容器状态消息的terminationMessagePath的内容
无论是成功还是失败。FallbackToLogsOnError将使用最后一个区块
如果终止消息文件为空,并且
容器退出时出错。日志输出限制为2048字节或
80行,以较小者为准。默认为“文件”。无法更新。
tty<布尔值>#此容器是否应该为自己分配TTY
此容器是否应该为自己分配TTY,还需要
“stdin”为true。默认值为false。
volumeDevices<[]对象> #volumeDevices是容器要使用的块设备列表
volumeDevices是容器要使用的块设备列表。
volumeMounts<[]对象> #要装入容器文件系统的Pod卷
要装入容器文件系统的Pod卷。无法更新。
工作目录<string># 容器的工作目录。如果未指定,则容器运行时将使用默认值
容器的工作目录。如果未指定,则容器运行时
将使用默认值,这可能在容器映像中配置。
无法更新。
##################################################################
apiVersion: v1 #必选,版本号,例如v1
kind: Pod #必选,Pod
metadata: #必选,元数据
annotations: <map[string]string> #注释,可写可不写,就是注释 可选
clusterName: <string> #对象所属群集的名称 不同集群中具有相同名称和命名空间的资源 可选
finalizers: <[]string> #从注册表中删除对象之前必须为空。每个条目都是将从中删除条目的负责组件的标识符列表中 可选
generateName: <string> #可选 ,由服务器使用,用于生成仅当未提供“名称”字段时,才使用唯一名称
labels: <map[string]string> #可用于组织和分类的字符串键和值的映射(范围和选择)对象。可以匹配复制控制器的选择器和服务。
name: <string> #名称在命名空间中必须唯一。创建时需要资源,尽管一些资源可能允许客户端请求自动生成适当的名称。名称主要用于用于创建幂等性和配置定义。
namespace <string> #名词空间
spec: #必选,Pod中容器的详细定义
activeDeadlineSeconds<integer> #可选持续时间(秒),吊舱可能处于活动状态
affinity <Object> #pod的调度约束
automountServiceAccountToken <boolean> # 指示服务应自动安装。
containers <[]Object> -required- # 属于容器的容器列表
- args <[]string> #入口点的参数如果不是,则使用docker映像的CMD
command <[]string> ##入口点数组 如果未提供,则使用ENTRYPOINT。
env <[]Object> #要在容器中设置的环境变量列表
envFrom <[]Object> #用于填充容器中环境变量的源列表
image <string> #image Docker image名称
imagePullPolicy <string> #图像拉取策略 默认为“始终” 否则为IfNotPresent。无法更新
lifecycle <Object> # 管理系统应对集装箱应采取的措施生命周期事件
livenessProbe <Object> #容器活度的定期探测
name <string> -required- #指定为DNS_LABEL的容器的名称
ports <[]Object> #要从容器中公开的端口列表
readinessProbe <Object> #定期检查集装箱服务准备情况
resources <Object> #计算此容器所需的资源
securityContext <Object> #pod应该使用的安全选项
startupProbe <Object> #成功完成之前不会执行其他探测。如果此探测失败,Pod将重新启动
stdin <boolean> #此容器是否应为容器中的stdin分配缓冲区
stdinOnce <boolean> # #容器运行时是否应在完成后关闭stdin通道
terminationMessagePath <string> #可选:容器终止到的文件的路径
terminationMessagePolicy <string> # #指示应如何填充终止消息
tty <boolean> #此容器是否应该为自己分配TTY
volumeDevices <[]Object> #volumeDevices是容器要使用的块设备列表
volumeMounts <[]Object> #要装入容器文件系统的Pod卷
workingDir <string> # 容器的工作目录。如果未指定,则容器运行时将使用默认值
dnsConfig <Object> #指定pod的DNS参数
dnsPolicy <string> #为pod设置DNS策略
enableServiceLinks <boolean> #指示有关注入到pod的环境变量中,匹配th链接
ephemeralContainers <[]Object> ##此容器中运行的临时容器列表
hostAliases <[]Object> # 是可选的主机和IP列表pod的hosts文件(如果指定)This is only valid pods
hostIPC <boolean> ##使用主机的ipc命名空间
hostNetwork <boolean> # 此pod请求主机网络
hostPID <boolean> #使用主机的pid命名空间
hostname <string> #指定Pod的主机名
imagePullSecrets <[]Object> #提取所使用的任何图像的命名空间指定
initContainers <[]Object> # 属于pod的初始化容器列表
nodeName <string> # 是将此pod调度到规范的请求
nodeSelector <map[string]string> # 一个选择器,对于必须与pod的节点标签匹配的选择器
overhead <map[string]string> # 字段将自动填充
preemptionPolicy <string> #抢占pods的策略永远,先占较低优先级
priority <integer> #优先级值。各种系统组件使用此pod的优先级
priorityClassName <string> #系统编号 “系统群集关键”是两个特殊的关键字
readinessGates <[]Object> #评估所有准备状态门
restartPolicy <string> #重新启动pod内所有容器的策略
runtimeClassName <string> #用来运行这个pod
schedulerName <string> #pod将由指定的
securityContext <Object> #保存pod级别的安全属性 可选
serviceAccount <string> # 是Se的折旧别名 已弃用请改用serviceAccountName。
serviceAccountName <string> #ServiceAccount t的名称
setHostnameAsFQDN <boolean> #pod的主机名将配置为p
shareProcessNamespace <boolean> #所有co之间共享单个进程命名空间容器将能够查看和同一容器中的其他容器,以及第一个进程将不会分配PID
subdomain <string> #如果指定,则完全限定的Pod主机名将为“<hostname>.<subdomain>.<pod-namespace>.svc.<cluster 指定后,pod将完全没有域名。
terminationGracePeriodSeconds <integer> ##pod 可选持续时间(秒),pod需要终止
tolerations <[]Object> #如果指定,pod的公差。
topologySpreadConstraints <[]Object> # #调度程序将调度pod受约束
volumes <[]Object> #可由以下容器装入的卷列表
####################################################################
apiVersion: v1 #必选,版本号,例如v1
kind: Pod #必选,Pod
metadata: #必选,元数据
name: prometheus #必选,Pod名称
namespace: #必选,Pod所属的命名空间
labels: #自定义标签
app: prometheus #自定义标签名字
spec: #必选,Pod中容器的详细定义
nodeName: k8s-master01
containers: #必选,Pod中容器列表
- name: prometheus #必选,容器名称
image: prom/prometheus #必选,容器的镜像名称
imagePullPolicy: IfNotPresent #获取镜像的策略 Alawys表示下载镜像 IfnotPresent表示优先使用本地镜像,>否则下载镜像,Nerver表示仅使用本地镜像
ports: #需要暴露的端口库号列表
- name: prometheus #端口号名称
containerPort: 9090 #容器需要监听的端口号
protocol: TCP #端口协议,支持TCP和UDP,默认TCP
volumeMounts: #挂载持久存储卷
- name: volume #挂载设备的名字,与volumes[*].name 需要对应
mountPath: /etc/prometheus/prometheus.yml #挂载到容器的某个路径下
volumes: #定义一组挂载设备
- name: volume #定义一个挂载设备的名字
hostPath:
path: /etc/prometheus/prometheus.yml
type: FileOrCreate
##################################################################################################
#########################################
kubernetes 关于prometheus 安装的yaml文件
prometheus_Deployment.yaml
apiVersion: apps/v1 #指定api版本标签
kind: Deployment #定义资源的类型/角色,deployment为控制器
metadata: #定义资源的元数据信息
name: myprometheus #定义资源的名称,在同一个namespace空间中必须是唯一的
labels: #定义资源标签
app: prometheus
version: v1.0
name: wangzhuangzhuang
spec:
#restartPolicy: Always
#nodeName: k8s-node1
replicas: 4 #定义副本数量
selector: #定义选择器
matchLabels: #匹配上面的标签
app: prometheus #匹配模板名称
template: #定义模板
metadata:
labels:
app: prometheus
spec:
containers:
- name: prometheus #容器名,与标签名要相同
image: prom/prometheus #容器使用的镜像以及版本
imagePullPolicy: IfNotPresent
strategy:
type: RollingUpdate #滚动更新策略
rollingUpdate:
maxUnavailable: 25%
maxSurge: 25%
# resources: #资源管理
# requests: #容器运行时,最低资源需求,也就是说最少需要多少资源容器才能正常运行
# cpu: 0.1 #CPU资源(核数),两种方式,浮点数或者是整数+m,0.1=100m,最少值为0.001核(1m)
# memory: 32Mi #内存使用量
# limits: #资源限制
# cpu: 0.5
# memory: 1000Mi
# ports:
# - containerPort: 9090 #定义容器的对外端口
# name: prometheus #名称
# protocol: TCP
# livenessProbe: #pod内容器健康检查的设置
# httpGet: #通过httpget检查健康,返回200-399之间,则认为容器正常
# #path:
# #port: 80
# host: 127.0.0.1:9090 #主机地址
# scheme: HTTP
# initialDelaySeconds: 180 #表明第一次检测在容器启动后多长时间后开始
# timeoutSeconds: 5 #检测的超时时间
# periodSeconds: 15 #检查间隔时间
#volumeMounts: #挂载持久存储卷
# - name: volume #挂载设备的名字,与volumes[*].name 需要对应
# mountPath: /data #挂载到容器的某个路径下
# readOnly: True
#volumes: #定义一组挂载设备
#- name: volume #定义一个挂载设备的名字
# #meptyDir: {}
# hostPath:
# path: /opt #挂载设备类型为hostPath,路径为宿主机下的/opt,这里设备类型支持很多种
#spec:
# containers: #定义容器信息
#- name: prometheus #容器名,与标签名要相同
# image: prom/prometheus #容器使用的镜像以及版本
#ports:
#- containerPort: 9090 #定义容器的对外端口
prometheus_pod1.yaml
apiVersion: v1 #必选,版本号,例如v1
kind: Pod #必选,Pod
metadata: #必选,元数据
name: prometheus #必选,Pod名称
namespace: #必选,Pod所属的命名空间
labels: #自定义标签
name: prometheus #自定义标签名字
spec: #必选,Pod中容器的详细定义
nodeName: k8s-master01
containers: #必选,Pod中容器列表
- name: prometheus #必选,容器名称
image: prom/prometheus #必选,容器的镜像名称
imagePullPolicy: IfNotPresent #获取镜像的策略 Alawys表示下载镜像 IfnotPresent表示优先使用本地镜像,否则下载镜像,Nerver表示仅使用本地镜像
ports: #需要暴露的端口库号列表
- name: prometheus #端口号名称
containerPort: 9090 #容器需要监听的端口号
hostPort: 9091 #容器所在主机需要监听的端口号,默认与Container相同
protocol: TCP #端口协议,支持TCP和UDP,默认TCP
volumeMounts: #挂载持久存储卷
- name: volume #挂载设备的名字,与volumes[*].name 需要对应
mountPath: /etc/prometheus/prometheus.yml #挂载到容器的某个路径下
volumes: #定义一组挂载设备
- name: volume #定义一个挂载设备的名字
hostPath:
path: /etc/prometheus/prometheus.yml
type: FileOrCreate
# configMap:
# name: prometheus.yaml
# items:
# - key: prometheus.yaml
prometheus_pod2.yaml
apiVersion: v1 #必选,版本号,例如v1
kind: Pod #必选,Pod
metadata: #必选,元数据
name: prometheus #必选,Pod名称
namespace: #必选,Pod所属的命名空间
labels: #自定义标签
name: prometheus #自定义标签名字
spec: #必选,Pod中容器的详细定义
nodeName: k8s-master01
containers: #必选,Pod中容器列表
- name: prometheus #必选,容器名称
image: prom/prometheus #必选,容器的镜像名称
imagePullPolicy: IfNotPresent #获取镜像的策略 Alawys表示下载镜像 IfnotPresent表示优先使用本地镜像,否则下载镜像,Nerver表示仅使用本地镜像
ports: #需要暴露的端口库号列表
- name: prometheus #端口号名称
containerPort: 9090 #容器需要监听的端口号
hostPort: 9091 #容器所在主机需要监听的端口号,默认与Container相同
protocol: TCP #端口协议,支持TCP和UDP,默认TCP
volumeMounts: #挂载持久存储卷
- name: volume #挂载设备的名字,与volumes[*].name 需要对应
mountPath: /etc/prometheus/prometheus.yaml #挂载到容器的某个路径下
subPath: prometheus.yaml
volumes: #定义一组挂载设备
- name: volume #定义一个挂载设备的名字
hostPath:
path: /etc/prometheus/prometheus.yaml
type: Directory
prometheus_service.yaml
apiVersion: v1
kind: Service
metadata:
namespace:
name: prometheus
spec:
selector:
app: prometheus
type: NodePort
ports:
- protocol: TCP
port: 9091
targetPort: 9090
nodePort: 30090
1788
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
