Job
工作类型的Pod
提高Job工作效率的方法:并发Pod
completions: 8 #最终Pod数量
parallelism: 2 #并发Pod数量
apiVersion: batch/v1
kind: Job
metadata:
name: myjob
spec:
completions: 8
parallelism: 2
template:
metadata:
name: myjob
spec:
containers:
- name: hello
image: busybox
command: ['echo','hello k8s job!']
restartPolicy: OnFailure
定时的工作任务(资源类型为CronJob)
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: myjob
spec:
schedule: '*/1 * * * *'
jobTemplate:
spec:
template:
spec:
containers:
- name: hello
image: busybox
command: ['echo','hello k8s job!']
restartPolicy: OnFailure
这个版本不能运行
更改api版本配置文件
添加api版本
vim /etc/kubernetes/manifests/kube-apiserver.yaml
- --runtime-config=batch/v2alpha1=true
重启kubectl
systemctl restart kubelet.service
查看api版本
kubectl api-versions
然后将apiVersion改为 apiVersion: batch/v2alpha1
注意:CronJob资源对象,有时会发生没有Pod运行的情况,这是正常的。k8s官方也注意到了这个问题,并在积极努力的完善这个资源对象。
Secret资源对象
特殊存储。
用来存储比较敏感的信息,不如数据库的用户名和密码或者密钥。
username:root
password:123.com
1)–from-literal(文字)
kubectl create secret generic mysecret1 --from-literal=username=root --from-literal=password=123.com
2)–from-file(文件)
echo root > username
echo 123.com > password
kubectl create secret generic mysecret2 --from-file=username --from-file=password
3)–from-env-file
cat > env.txt <<EOF
username=root
password=123.com
EOF
kubectl create secret generic mysecret3 --from-env-file=env.txt
4)通过yaml文件的方式创建
首先数据进行加密
[root@master ~]# echo root | base64
cm9vdAo=
[root@master ~]# echo 123.com | base64
MTIzLmNvbQo=
编写yaml文件
apiVersion: v1
kind: Secret
metadata:
name: mysecret4
data:
username: cm9vdAo=
password: MTIzLmNvbQo=
Secret资源的引用:
1)以Volume的方式挂载
apiVersion: v1
kind: Pod
metadata:
name: secret-pod
spec:
containers:
- name: secret-pod
image: busybox
args:
- /bin/sh
- -c
- sleep 10000
volumeMounts:
- name: test
mountPath: '/etc/test'
readOnly: true
volumes:
- name: test
secret:
secretName: mysecret4
更改挂载的目录,并且将文件改名
apiVersion: v1
kind: Pod
metadata:
name: secret-pod
spec:
containers:
- name: secret-pod
image: busybox
args:
- /bin/sh
- -c
- sleep 10000
volumeMounts:
- name: test
mountPath: '/etc/test'
readOnly: true
volumes:
- name: test
secret:
secretName: mysecret4
items:
- key: username
path: group/my-username #相对路径,相对于mountPath: '/etc/test',相当于 '/etc/test/group/my-username‘
- key: password
path: group/my-password
这种挂载方式的特征就是:会有数据的实时同步。即secret资源更新之后,引用这个资源的对象也会更新。
2)以环境变量的方式引用Secret。
apiVersion: v1
kind: Pod
metadata:
name: new-pod
spec:
containers:
- name: new-pod
image: busybox
args:
- /bin/sh
- -c
- sleep 10000
env:
- name: SECRET_USERNAME
valueFrom:
secretKeyRef:
name: mysecret4
key: username
- name: SECRET_PASSWORD
valueFrom:
secretKeyRef:
name: mysecret4
key: password
注意:以环境变量的方式引用Secret资源的数据,虽然比volume挂载的方式查看数据要方便快捷很多,但它不支持数据的实时同步、更新。
ConfigMap:
1)–from-literal
kubectl create configmap myconfigmap1 --from-literal=config1=test1 --from-literal=config2=yunjisuan
2)–from-file
echo bdqn > config1
echo yunjisuan > config2
kubectl create configmap myconfigmap2 --from-file=config1 --from-file=config2
3)–from-env-file
[root@master ~]# cat env.txt
config1=test1
config2=yunjisuan
kubectl create configmap myconfigmap3 --from-env-file=env.txt
4)通过yaml文件的方式创建
apiVersion: v1
kind: ConfigMap
metadata:
name: myconfigmap4
data:
config1: test1
config2: yunjisuan
引用ConfigMap里的数据
1)以Volume挂载的方式
apiVersion: v1
kind: Pod
metadata:
name: configmap-pod
spec:
containers:
- name: configmap-pod
image: busybox
args:
- /bin/sh
- -c
- sleep 10000
volumeMounts:
- name: test
mountPath: '/etc/test'
readOnly: true
volumes:
- name: test
configMap:
name: myconfigmap4
2)以环境变量的方式引用ConfigMap
apiVersion: v1
kind: Pod
metadata:
name: configmap-pod
spec:
containers:
- name: configmap-pod
image: busybox
args:
- /bin/sh
- -c
- sleep 10000
env:
- name: CONFIG_1
valueFrom:
configMapKeyRef:
name: myconfigmap4
key: config1
- name: CONFIG_2
valueFrom:
configMapKeyRef:
name: myconfigmap4
key: config2