原链接 https://blog.csdn.net/bbwangj/article/details/81812675
deploy控制RS,RS控制Pod,这一整套,向外提供稳定可靠的Service。
1、Pod:
Pod是一个逻辑概念,它是Kubernetes资源调度的单元,一般会把一组功能强相关的容器逻辑上称之为一个pod,Pod就是所说的实例。作为一个逻辑概念,pod本身没有资源,pod中的容器具有资源,创建pod,可以通过定义pod模块。
Pod是一组紧密关联的容器集合,它们共享PID、IPC、Network和UTS namespace,是Kubernetes调度的基本单位。Pod的设计理念是支持多个容器在一个Pod中共享网络和文件系统,可以通过进程间通信和文件共享这种简单高效的方式组合完成服务.
缺点: 不支持高并发, 高可用, 当Pod当机后无法自动恢复。
-
{
-
"kind":
"Pod",(资源类型)
-
"apiVersion":
"v1", (资源版本)
-
"metadata": {
-
"name":
"app-tomcat", (名字,唯一)
-
"namespace":
"default", (命名空间默认
default)
-
"labels": {
-
"name":
"app-tomcat" (label做为标识,可以跟RC,Service关联对应)
-
}
-
},
-
"spec": {
-
"containers": [
-
{
-
"name":
"app-tomcat", (自定义镜像名称)
-
"image":
"tomcat", (要拉取的镜像)
-
"command": [ (运行容器时,要运行的命令)
-
"/bin/bash",
-
"/opt/apache-tomcat-7.0.57/bin/catalina.sh",
-
"run"
-
],
-
"env": [ (环境变量K,V)
-
{
-
"name":
"url_addr",
-
"value":
"http://192.168.54.66:8080/paas/jsp/index.jsp"
-
}
-
],
-
"resources": { (对容器资源限制)
-
"limits": {
-
"cpu":
"1",
-
"memory":
"1073741824"
-
},
-
"requests": {
-
"cpu":
"100m",
-
"memory":
"104857600"
-
}
-
},
-
"imagePullPolicy":
"Always" (获取镜像策略Always,Never,IfNotPresent)
-
}
-
],
-
"restartPolicy":
"Always", (pod重启策略,Always,OnFailure,Never)
-
"dnsPolicy":
"ClusterFirst",
-
"nodeSelector": { (选择将该pod调度到包含这些label的Node上)
-
"group":
"node1"
-
}
-
}
-
}
Pod的状态
pods生命周期
状态
描述
Pending
容器尚未启动成功,它包括从pod被创建到调度、然后到拉镜像开始部署这个过程
Running
容器启动成功
Succeeded
容器退出,返回码是0,并且容器不会再被重新启动
Failed
容器异常退出
Unknown
状态未知,获取不到容器的状态,当出现异常时会有这种状态,例如pod所在的机器故障,或者pod所在的机器上Kubernetes的组件异常。
<p> </p>
创建Pod
# vi pod.yaml
-
apiVersion: v1
-
kind: Pod
-
metadata:
-
name: demo
-
spec:
-
containers:
-
- image: httpd
-
name: httpd
-
imagePullPolicy: Always
# kubectl create -f pod.yaml
查看Pod
# kubectl get pods
-
NAME READY STATUS RESTARTS AGE
-
demo
1/
1 Running
0
8d
# kubectl describe pods
删除Pod
# kubectl delete pod demo
2、ReplicationController
ReplicationController(简称rc)是pod的复制抽象,用于解决pod的扩容缩容问题。通常,分布式应用为了性能或高可用性的考虑,需要复制多份资源,并且根据负载情况动态伸缩。通过replicationController,我们可以指定一个应用需要几份复制,Kubernetes将为每份复制创建一个pod,并且保证实际运行pod数量总是与该复制数量相等(例如,当前某个pod宕机时,自动创建新的pod来替换)。
RC中selector设置一个label,去关联pod的label,selector的label与pod的label相同,那么该pod就是该rc的一个实例;RC中Replicas设置副本数大小,系统根据该值维护pod的副本数。
Replicaset在继承Pod的所有特性的同时, 它可以利用预先创建好的模板定义副本数量并自动控制, 通过改变Pod副本数量实现Pod的扩容和缩容
缺点: 无法修改template模板, 也就无法发布新的镜像版本
RC模块(内置pod模块):
-
{
-
"kind":
"ReplicationController",
-
"apiVersion":
"v1",
-
"metadata": {
-
"name":
"app-tomcat",
-
"namespace":
"default",
-
"labels": {
-
"name":
"app-tomcat"
-
}
-
},
-
"spec": {
-
"replicas":
2(副本数),
-
"selector": {
-
"name":
"app-tomcat(选择的pod的label)"
-
},
-
"template": {
-
"metadata": {
-
"labels": {
-
"name":
"app-tomcat(pod的label)"
-
}
-
},
-
"spec": {
-
"containers": [
-
{
-
"name":
"kaifa2-group-tomcat",
-
"image":
"192.168.54.64:5000/tomcat-248:V1.0",
-
"command": [
-
"/bin/bash",
-
"/opt/apache-tomcat-7.0.57/bin/catalina.sh",
-
"run"
-
],
-
"env": [
-
{
-
"name":
"url_addr",
-
"value":
"http://192.168.54.64:8080/paas/jsp/index.jsp"
-
}
-
],
-
"resources": {
-
"limits": {
-
"cpu":
"1",
-
"memory":
"1073741824"
-
},
-
"requests": {
-
"cpu":
"100m",
-
"memory":
"104857600"
-
}
-
},
-
"imagePullPolicy":
"Always"
-
}
-
],
-
"restartPolicy":
"Always",
-
"nodeSelector": {
-
"group":
"node1"
-
}
-
}
-
}
-
}
-
}
创建Replicaset
# vi replicaset.yaml
apiVersion: apps/v1 kind: ReplicaSet metadata: name: demo-rc labels: app: demo-rc spec: replicas: 2 selector: matchLabels: app: demo-rc template: metadata: labels: app: demo-rc spec: containers: - name: httpd image: httpd imagePullPolicy: Always
# kubectl create -f replicaset.yaml
查看replicaset
# kubectl get replicaset
NAME READY STATUS RESTARTS AGE demo-rc 1/1 Running 0 8d
# kubectl describe replicaset
删除replicaset
# kubectl delete replicaset demo-rc
3、Service
service是pod的路由代理抽象,用于解决pod之间的服务发现问题,即上下游pod之间使用的问题。传统部署方式中,实例所在的主机ip(或者dns名字)一般是不会改变的,但是pod的运行状态可动态变化(比如容器重启、切换机器了、缩容过程中被终止了等),所以访问端不能以写死IP的方式去访问该pod提供的服务。service的引入旨在保证pod的动态变化对访问端透明,访问端只需要知道service的地址,由service来提供代理。
Service的模板:
-
{
-
"kind":
"Service",
-
"apiVersion":
"v1",
-
"metadata": {
-
"name":
"tomcat-yefp",
-
"namespace":
"default",
-
"labels": {
-
"name":
"tomcat-yefp"
-
}
-
},
-
"spec": {
-
"ports": [
-
{
-
"protocol":
"TCP",
-
"port":
8080(访问端口),
-
"targetPort":
8080
-
}
-
],
-
"selector": {
-
"name":
"app-tomcat(选择的pod的label)"
-
},
-
"type":
"ClusterIP",
-
"sessionAffinity":
"None"
-
}
-
}
EndPoint
Endpoint是可被访问的服务端点,即一个状态为running的pod,它是service访问的落点,只有service关联的pod才可能成为endpoint。
Endpoint、service和pod的关系:
更改NodePort限制
Kubernetes默认对外的NodePort限制范围为30000-32767, 这里如果要使用一些常用的端口(80, 8080, 443)需将这个范围放大.
# vi /etc/kubernetes/manifests/kube-apiserver.yaml
在--service-cluster-ip-range与insecure-port间添加如下node port配置
- --service-cluster-ip-range=10.96.0.0/12
- --service-node-port-range=0-32767
- --insecure-port=0
重启服务
# systemctl restart kubelet
创建Service
# vi svc.yaml
-
apiVersion: v1
-
kind: Service
-
metadata:
-
name: demo
-
spec:
-
type: NodePort
-
ports:
-
- port:
80
-
nodePort:
80
-
selector:
-
app: httpd-demo
# kubectl create -f svc.yaml
Tip: 如果要对某一Pod或deployment添加对外访问端口, 这里service添加的selector的键值需与之相对应.
查看开放端口
# kubectl get svc demo
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
demo NodePort 10.100.96.157 <none> 80:80/TCP 1h
# kubectl describe service demo
Name: demo
Namespace: default
Labels: <none>
Annotations: <none>
Selector: app=httpd-demo
Type: NodePort
IP: 10.100.96.157
Port: <unset> 80/TCP
TargetPort: 80/TCP
NodePort: <unset> 80/TCP
Endpoints: 10.244.0.36:80,10.244.0.37:80
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
4、Deployment
Deployment在继承Pod和Replicaset的所有特性的同时, 它可以实现对template模板进行实时滚动更新并具备我们线上的Application life circle的特性.
创建Deployment
# vi deployment.yaml
-
apiVersion: apps/v1
-
kind: Deployment
-
metadata:
-
name: httpd-deployment
-
labels:
-
app: httpd-deployment
-
spec:
-
replicas:
2
-
selector:
-
matchLabels:
-
app: httpd-demo
-
template:
-
metadata:
-
labels:
-
app: httpd-demo
-
spec:
-
containers:
-
- name: httpd
-
image: httpd
-
imagePullPolicy: Always
-
ports:
-
- containerPort:
80
-
env:
-
- name: VERSION
-
value:
"v1"
# kubectl create -f deployment.yaml
查看Deployment
# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
httpd-deployment 2 2 2 2 8d
# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
httpd-deployment-956697567-8mqch 1/1 Running 0 8d 10.244.0.36 kube-master
httpd-deployment-956697567-wcbs6 1/1 Running 0 8d 10.244.0.37 kube-master
# kubectl describe deployment
更新deployment
通过此命令可以呼出vi编辑器对模板进行编辑.
# kubectl edit -f deployment.yaml
通过此命令使当前编辑结果生效.
# kubectl apply -f deployment.yaml
再次查看可以看到老版本的deployment已经下架, 新版本的已经生效.
# kubectl get deployment
NAME DESIRED CURRENT READY AGE
httpd-deployment-6b98d94474 0 0 0 1m
httpd-deployment-956697567 2 2 2 7m
扩容与缩容
可以修改replicas的赋值对deployment进行扩容与缩容
# kubectl scale deployment/httpd-deployment --replicas=1
删除deployment
# kubectl delete deployment httpd-deployment
5、Lable
Label是attach到Pod的一对键/值对,用来传递用户定义的属性。比如,你可能创建了一个"tier"和“app”标签,通过Label(tier=frontend, app=myapp)来标记前端Pod容器,使用Label(tier=backend, app=myapp)标记后台Pod。然后可以使用Selectors选择带有特定Label的Pod,让具体某一个Pod或者Deployment去使用某一个Service实现特定的网络配置.