什么是资源?
k8s中所有的内容都抽象为资源,资源实例化之后,叫做对象。
什么是资源清单?
在k8s中,一般使用yaml格式的文件来创建符合我们预期期望的pod,这样的yaml文件我们一般称为资源清单
资源清单的格式
[k8s@server1 ~]$ kubectl explain pod
KIND: Pod
VERSION: v1
DESCRIPTION:
Pod is a collection of containers that can run on a host. This resource is
created by clients and scheduled onto hosts.
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata <Object>
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
spec <Object>
Specification of the desired behavior of the pod. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
status <Object>
Most recently observed status of the pod. This data may not be up to date.
Populated by the system. Read-only. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
一个pod必须要有apiVersion,kind,metadata,spec
apiVersion:k8s api的版本,指明api资源属于那个群组和版本,同一个组可以有多个版本,目前基本是V1,可以使用kubectl api-versions命令查询
[k8s@server1 ~]$ kubectl api-versions
admissionregistration.k8s.io/v1
admissionregistration.k8s.io/v1beta1
apiextensions.k8s.io/v1
apiextensions.k8s.io/v1beta1
apiregistration.k8s.io/v1
apiregistration.k8s.io/v1beta1
apps/v1
authentication.k8s.io/v1
authentication.k8s.io/v1beta1
authorization.k8s.io/v1
authorization.k8s.io/v1beta1
autoscaling/v1
autoscaling/v2beta1
autoscaling/v2beta2
batch/v1
batch/v1beta1
certificates.k8s.io/v1
certificates.k8s.io/v1beta1
coordination.k8s.io/v1
coordination.k8s.io/v1beta1
discovery.k8s.io/v1beta1
events.k8s.io/v1
events.k8s.io/v1beta1
extensions/v1beta1
flowcontrol.apiserver.k8s.io/v1beta1
networking.k8s.io/v1
networking.k8s.io/v1beta1
node.k8s.io/v1
node.k8s.io/v1beta1
policy/v1beta1
rbac.authorization.k8s.io/v1
rbac.authorization.k8s.io/v1beta1
scheduling.k8s.io/v1
scheduling.k8s.io/v1beta1
storage.k8s.io/v1
storage.k8s.io/v1beta1
v1
前面是组,后面是版本
kind(String):yaml文件定义的资源类型和角色,比如Pod
metadata(Object):元数据对象,固定值就写metadata
metadata.name(String):元数据对象的名字,由我们编写,如定义Pod的名字
metadata.namespace:元数据对象的命名空间,由我们自身定义
Spec(Object):详细定义对象,固定值就写Spec
spec.containers:Spec对象的容器列表定义,是个列表
spec.containers[].name(String):定义容器的名字
spec.containers[].image(String):容器用到的镜像名称
上面的属性可以通过kubectl explain 查看
通过清单部署nginx
apiVersion: v1
kind: Pod
metadata:
name: pod1
spec:
containers:
- name: nginx
image: nginx:1.18.0
imagePullPolicy: IfNotPresent
- 创建与删除
[k8s@server1 ~]$ kubectl apply -f pod.yml
pod/pod1 created
[k8s@server1 ~]$ kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
default pod1 1/1 Running 0 9s
[k8s@server1 ~]$ kubectl delete -f pod.yml
pod "pod1" deleted
[k8s@server1 ~]$ kubectl get pod
No resources found in default namespace.
- 升级
[k8s@server1 ~]$ cat pod.yml
apiVersion: v1
kind: Pod
metadata:
name: pod1
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
[k8s@server1 ~]$ kubectl apply -f pod.yml
pod/pod1 created
[k8s@server1 ~]$ kubectl describe pod1
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 18s default-scheduler Successfully assigned default/pod1 to server3
Normal Pulled 16s kubelet Container image "nginx:latest" already present on machine
Normal Created 15s kubelet Created container nginx
Normal Started 14s kubelet Started container nginx
- 添加资源限制
因为用的是自主式单一pod,不允许直接更新,需要先删除pod
apiVersion: v1
kind: Pod
metadata:
name: pod1
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: "0.5"
memory: "25M"
limits:
cpu: "1"
memory: "50M"
[k8s@server1 ~]$ kubectl describe pod pod1
Limits:
cpu: 1
memory: 50M
Requests:
cpu: 500m
memory: 25M
- 设置网络
apiVersion: v1
kind: Pod
metadata:
name: pod1
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: "0.5"
memory: "25M"
limits:
cpu: "1"
memory: "50M"
hostNetwork: true
[root@server2 ~]# netstat -antlup | grep :80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4072/nginx: master
tcp6 0 0 :::80 :::* LISTEN 4072/nginx: master
- pod 特性 :在一个pod内部 容器间可以相互通信,并且使用一个存储
apiVersion: v1
kind: Pod
metadata:
name: pod1
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: "0.5"
memory: "25M"
limits:
cpu: "1"
memory: "50M"
- name: busyboxplus
image: busyboxplus
imagePullPolicy: IfNotPresent
tty: true
stdin: true
[k8s@server1 ~]$ kubectl apply -f pod.yml
pod/pod1 created
[k8s@server1 ~]$ kubectl get pod
NAME READY STATUS RESTARTS AGE
demo 0/1 Completed 0 49m
pod1 2/2 Running 0 19s
[k8s@server1 ~]$ kubectl attach pod1 -c busyboxplus -it
If you don't see a command prompt, try pressing enter.
/ # curl localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
/ # Session ended, resume using 'kubectl attach pod1 -c busyboxplus -i -t' command when the pod is running