文章目录
- 控制器
- Deployment
- Deploy 图例
- 资源对象案例
- DaemonSet控制器
- DS图例
- 资源对象案例
- Job/CronJob控制器
- Job图例
- 资源对象案例
- CJ图例
- 资源对象案例
- StatefulSet控制器
- STS图例
- 资源对象案例
- HorizontalPodAutoscaling
- HPA图例
- 资源对象案例
控制器
- 控制器是k8s内置的管理工具。可以帮助用户实现Pod的自动部署、自维护、扩容、滚动更新等功能的自动化程序
- 为什么要使用控制器
- 有大量的Pod需要维护管理
- 需要维护Pod的健康状态
- 控制器可以像机器人一样可以替用户完成维护管理的工作
Deployment
- 最常用的无状态服务控制器,由Deployment、ReplicaSet、Pod组成、支持集群扩容缩容、滚动、更新、自动维护Pod可用性及副本数量等功能
- ReplicaSet 和 Pod 由 Deployment 自动管理,用户无需干预(通过标签管理)
Deploy 图例
Deployment
ReplicaSet
Pod
Pod
Pod
资源对象案例
[root@master ~]# vim mydeploy.yaml
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: myweb
spec:
replicas: 2 # 副本数量
selector: # 定义标签选择器
matchLabels: # 同样支持matchExpressions表达式语法
app: myhttp # ReplicaSet通过标签来确定哪个Pod由它来管理
template: # 定义用来创建Pod的模板
metadata:
labels: # 名称由控制器生成,只能定义标签
app: myhttp
spec:
restartPolicy: Always
containers:
- name: apache
image: myos:httpd
ports:
- name:
protocol: TCP
containerPort: 80
[root@master ~]# kubectl apply -f mydeploy.yaml
deployment.apps/myweb created
[root@master ~]# kubectl get deployments.apps
NAME READY UP-TO-DATE AVAILABLE AGE
myweb 2/2 2 2 68s
[root@master ~]# kubectl get replicasets.apps
NAME DESIRED CURRENT READY AGE
myweb-64b544dcbc 2 2 2 73s
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myweb-64b544dcbc-5mhqn 1/1 Running 0 76s
myweb-64b544dcbc-nt6tz 1/1 Running 0 76s
# 创建服务访问集群
[root@master ~]# vim websvc.yaml
---
kind: Service
apiVersion: v1
metadata:
name: websvc
spec:
type: ClusterIP
clusterIP: 10.245.1.80
selector:
app: myhttp
ports:
- protocol: TCP
port: 80
targetPort: 80
[root@master ~]# kubectl apply -f websvc.yaml
service/websvc created
[root@master ~]# curl -m 3 http://10.245.1.80
Welcome to The Apache.
# 自维护自治理
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myweb-64b544dcbc-5mhqn 1/1 Running 0 4m16s
myweb-64b544dcbc-nt6tz 1/1 Running 0 4m16s
# Pod 被删除后,Deploy 会自动创建新的 Pod 来维护集群的完整性
[root@master ~]# kubectl delete pod myweb-64b544dcbc-5mhqn
pod "myweb-64b544dcbc-5mhqn" deleted
# 如果想关闭应用,需要删除控制器,单独删除Pod无效
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myweb-64b544dcbc-g8l9p 1/1 Running 0 3s
myweb-64b544dcbc-nt6tz 1/1 Running 0 4m25s
# 集群扩容缩容,动态更新集群副本数量
[root@master ~]# kubectl scale deployment myweb --replicas=1
deployment.apps/myweb scaled
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myweb-64b544dcbc-nt6tz 1/1 Running 0 5m46s
[root@master ~]# kubectl scale deployment myweb --replicas=3
deployment.apps/myweb scaled
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myweb-64b544dcbc-5sf5z 1/1 Running 0 3s
myweb-64b544dcbc-6r6dw 1/1 Running 0 3s
myweb-64b544dcbc-nt6tz 1/1 Running 0 5m56s
历史版本、滚动更新
# 添加注释信息(没有特殊用途,仅仅是注释信息)
[root@master ~]# kubectl annotate deployments.apps myweb kubernetes.io/change-cause="httpd.v1"
deployment.apps/myweb annotated
# 查看更新策略
[root@master ~]# kubectl get deployments.apps myweb -o yaml
... ...
metadata:
annotations: # 注释信息
kubernetes.io/change-cause: httpd.v1 # 该信息会显示在历史版本中
... ...
spec:
revisionHistoryLimit: 10 # 保留10个历史版本
strategy: # 更新策略
rollingUpdate: # 滚动更新策略
maxSurge: 25% # 允许最大副本25%超量
maxUnavailable: 25% # 允许最小副本25%不足
type: RollingUpdate # 更新方式 [Recreate, RollingUpdate]
# RollingUpdate更新方式会创建新的ReplicaSet,逐渐替换旧ReplicaSet里的Pod,这样可以保证用户服务不中断
# 修改镜像,滚动更新集群
[root@master ~]# curl -m 3 http://10.245.1.80
Welcome to The Apache.
[root@master ~]# sed 's,\(image: \).*,\1myos:nginx,' mydeploy.yaml |kubectl apply -f -
deployment.apps/myweb configured
# 更新注释信息
[root@master ~]# kubectl annotate deployments.apps myweb kubernetes.io/change-cause="nginx.v1"
deployment.apps/myweb annotated
[root@master ~]# kubectl get replicasets.apps
NAME DESIRED CURRENT READY AGE
myweb-5bfdc888d7 2 2 2 3m46s
myweb-64b544dcbc 0 0 0 12m
[root@master ~]# curl -m 3 http://10.245.1.80
Nginx is running !
# 历史版本与回滚(回滚是使用过去的配置,而不是回到过去)
# 查看历史版本
[root@master ~]# kubectl rollout history deployment myweb
deployment.apps/myweb
REVISION CHANGE-CAUSE
1 httpd.v1
2 nginx.v1
# 回滚到版本1
[root@master ~]# kubectl rollout undo deployment myweb --to-revision=1
deployment.apps/myweb rolled back
[root@master ~]# kubectl rollout history deployment myweb
deployment.apps/myweb
REVISION CHANGE-CAUSE
2 nginx.v1 # 因为回滚是使用过去的配置,而不是回到过去,所以没有版本1
3 httpd.v1
# 验证回滚
[root@master ~]# curl -m 3 http://10.245.1.80
Welcome to The Apache.
# 删除控制器方法1
[root@master ~]# kubectl delete deployments.apps myweb
deployment.apps "myweb" deleted
# 删除控制器方法2
[root@master ~]# kubectl delete -f mydeploy.yaml
deployment.apps "myweb" deleted
DaemonSet控制器
- 无法自定义副本数量
- 所创建的Pod与Node节点绑定
- 每个Node上都会运行一个Pod
- 当有新Node加入集群时,会为他新增Pod副本,当Node从集群移除时,这些Pod也会被回收,典型应用:kube-proxy、flannel
DS图例
node
Pod
node
Pod
node
Pod
DaemonSet
资源对象案例
- DaemonSet的资源文件只和Deployments的资源文件区别在资源类型kind和有无副本数量replicas
[root@master ~]# vim myds.yaml
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: myds
spec:
selector:
matchLabels:
app: myhttp
template:
metadata:
labels:
app: myhttp
spec:
restartPolicy: Always
containers:
- name: apache
image: myos:httpd
ports:
- name:
protocol: TCP
containerPort: 80
[root@master ~]# kubectl apply -f myds.yaml
daemonset.apps/myds created
[root@master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
myds-4wt72 1/1 Running 0 31s 10.244.3.14 node-0003
myds-lwq8l 1/1 Running 0 31s 10.244.2.17 node-0002
myds-msrcx 1/1 Running 0 31s 10.244.1.11 node-0001
# master节点上没有Pod是因为daemonset受到污点策略的影响
[root@master ~]# kubectl -n kube-system get pods -l k8s-app=kube-proxy -o wide
NAME READY STATUS RESTARTS AGE IP NODE ...
kube-proxy-57v4b 1/1 Running 6 (18h ago) 12d 192.168.1.52 node-0002 ...
kube-proxy-b4757 1/1 Running 6 (18h ago) 12d 192.168.1.53 node-0003 ...
kube-proxy-dqrwx 1/1 Running 6 (18h ago) 12d 192.168.1.50 master ...
kube-proxy-flj28 1/1 Running 6 (18h ago) 12d 192.168.1.51 node-0001 ...
# 删除DS控制器
[root@master ~]# kubectl delete -f myds.yaml
daemonset.apps "myds" deleted
Job/CronJob控制器
- Job是一个单任务控制器,负责执行一次任务,保证任务在一个或多个Pod上执行成功
- CronJob像是Job的升级版,他是基于时间管理的Job控制器
Job图例
Job
Pod
资源对象案例
[root@master ~]# vim myjob.yaml
---
kind: Job
apiVersion: batch/v1
metadata:
name: myjob
spec:
template:
spec:
restartPolicy: OnFailure # 重启策略 [OnFailure, Never],Job不支持Always
containers:
- name: myjob
image: myos:latest
command: ["/bin/sleep", "30"]
[root@master ~]# kubectl apply -f myjob.yaml
job.batch/myjob created
[root@master ~]# kubectl get jobs.batch
NAME COMPLETIONS DURATION AGE
myjob 0/1 3s 3s
[root@master ~]# kubectl get pods -l job-name=myjob
NAME READY STATUS RESTARTS AGE
myjob--1-kz8mk 1/1 Running 0 6s
[root@master ~]# sleep 30
[root@master ~]# kubectl get pods -l job-name=myjob
NAME READY STATUS RESTARTS AGE
myjob--1-kz8mk 0/1 Completed 0 58s
[root@master ~]# kubectl get jobs.batch
NAME COMPLETIONS DURATION AGE
myjob 1/1 31s 64s
# 删除Job控制器
[root@master ~]# kubectl delete -f myjob.yaml
job.batch "myjob" deleted
CJ图例
Job
Pod
Job
Pod
Job
Pod
CronJob
资源对象案例
[root@master ~]# vim mycj.yaml
---
kind: CronJob
apiVersion: batch/v1
metadata:
name: mycronjob
spec:
schedule: "*/1 * * * 1-5" # 使用格林威治时间,需要自己换算
jobTemplate:
spec:
template:
spec:
restartPolicy: OnFailure # 重启策略,只支持[OnFailure, Never]
containers:
- name: myjob
image: myos:latest
command: ["/bin/sleep", "30"]
[root@master ~]# kubectl apply -f mycj.yaml
cronjob.batch/mycronjob created
[root@master ~]# kubectl get cronjobs.batch
NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE
mycronjob */1 * * * 1-5 False 0 <none> 4s
[root@master ~]# kubectl get jobs.batch
No resources found in default namespace.
[root@master ~]# kubectl get pods
No resources found in default namespace.
[root@master ~]# sleep 60
[root@master ~]# kubectl get jobs.batch
NAME COMPLETIONS DURATION AGE
mycronjob-27605367 0/1 0s 0s
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mycronjob-27605367--1-ps6r8 1/1 Running 0 3s
[root@master ~]# kubectl get jobs.batch
NAME COMPLETIONS DURATION AGE
mycronjob-27605367 0/1 12s 12s
[root@master ~]# sleep 200
# 保留三次结果,多余的会被删除
[root@master ~]# kubectl get jobs.batch
NAME COMPLETIONS DURATION AGE
mycronjob-27605367 1/1 31s 3m30s
mycronjob-27605368 1/1 31s 2m30s
mycronjob-27605369 1/1 31s 90s
mycronjob-27605370 0/1 30s 30s
[root@master ~]# kubectl get jobs.batch
NAME COMPLETIONS DURATION AGE
mycronjob-27605368 1/1 31s 2m33s
mycronjob-27605369 1/1 31s 93s
mycronjob-27605370 1/1 31s 33s
# 删除CJ控制器
[root@master ~]# kubectl delete -f mycj.yaml
cronjob.batch "mycronjob" deleted
StatefulSet控制器
- StatefulSet旨在与有状态的应用及分布式系统一起使用,涉及了Headless服务、存储卷、DNS等相关知识点,是一个宽泛而复杂的话题
- Headless服务
- 在配置StatefulSets的时候首先要定义一个Headless的服务
- 在创建Pod的时候会自动把 <Pod名称> 注册为域名
STS图例
StatusfulSet
Pod
Pod
Pod
headless
资源对象案例
# 配置headless服务
[root@master ~]# vim mysvc.yaml
---
kind: Service
apiVersion: v1
metadata:
name: mysvc
spec:
type: ClusterIP # 类型
clusterIP: None # 不分配clusterIP
selector:
app: myhttp
ports:
- protocol: TCP
port: 80
targetPort: 80
[root@master ~]# kubectl apply -f mysvc.yaml
service/mysvc created
[root@master ~]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
mysvc ClusterIP None <none> 80/TCP 61s
# 创建statefulset控制器,与Deployment不同点只有,kind和有无serviceName
[root@master ~]# vim mysts.yaml
---
kind: StatefulSet
apiVersion: apps/v1
metadata:
name: mysts
spec:
serviceName: "mysvc" # 绑定headless服务名称
selector:
matchExpressions: # 标签匹配表达式
- key: app # 键的名称
operator: In # 匹配策略,支持[In, Noth, Exists, DoesNoExist]
values: # 映射的值
- myhttp # 值
replicas: 3
template:
metadata:
labels:
app: myhttp
spec:
restartPolicy: Always
containers:
- name: apache
image: myos:httpd
imagePullPolicy: Always
ports:
- protocol: TCP
containerPort: 80
[root@master ~]# kubectl apply -f mysts.yaml
statefulset.apps/mysts created
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mysts-0 1/1 Running 0 4s
mysts-1 1/1 Running 0 3s
mysts-2 1/1 Running 0 2s
[root@master ~]# host mysts-0.mysvc.default.svc.cluster.local 10.245.0.10
Using domain server:
Name: 10.245.0.10
Address: 10.245.0.10#53
Aliases:
mysts-0.mysvc.default.svc.cluster.local has address 10.244.3.81
[root@master ~]# host mysvc.default.svc.cluster.local 10.245.0.10
Using domain server:
Name: 10.245.0.10
Address: 10.245.0.10#53
Aliases:
mysvc.default.svc.cluster.local has address 10.244.2.10
mysvc.default.svc.cluster.local has address 10.244.1.12
mysvc.default.svc.cluster.local has address 10.244.3.11
[root@master ~]# curl -m 3 http://10.244.2.10/info.php
<pre>
Array
(
[REMOTE_ADDR] => 10.244.0.0
[REQUEST_METHOD] => GET
[HTTP_USER_AGENT] => curl/7.29.0
[REQUEST_URI] => /info.php
)
php_host: mysts-2
1229
# 删除sts控制器
[root@master ~]# kubectl delete -f mysts.yaml -f mysvc.yaml
statefulset.apps "mysts" deleted
service "mysvc" deleted
HorizontalPodAutoscaling
- HorizontalPodAutoscaling简称HPA,可以在Kubernetes集群中基于CPU利用率或其他应用程序的度量指标实现水平伸缩的功能,自动缩放Pod的数量
- 控制器会周期性的获取平均利用率
- 与目标值相比较后来调整副本数量
HPA图例
Pod cluster
Pod
Pod
Pod
ReplicaSet
HorizontalPodAutoscaler
Deployment
资源对象案例
# 为 Deploy 模板添加资源配额
[root@master ~]# vim mydeploy.yaml
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: myweb
spec:
replicas: 1
selector:
matchLabels:
app: myhttp
template:
metadata:
labels:
app: myhttp
spec:
restartPolicy: Always
containers:
- name: apache
image: myos:httpd
ports:
- name:
protocol: TCP
containerPort: 80
resources: # 必须指定资源最小配额,否则HPA控制器不监控
requests:
cpu: "200m"
---
kind: Service
apiVersion: v1
metadata:
name: websvc
spec:
type: ClusterIP
clusterIP: 10.245.1.80
selector:
app: myhttp
ports:
- protocol: TCP
port: 80
targetPort: 80
# 使用 Deploy 和 Cluster IP 创建集群
[root@master ~]# kubectl apply -f mydeploy.yaml
deployment.apps/myweb created
service/websvc created
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myweb-5946bb4c68-c8tm2 1/1 Running 0 2m43s
[root@master ~]# curl -s http://10.245.1.80
Welcome to The Apache.
# 创建 HPA 控制器
[root@master ~]# vim myhpa.yaml
---
kind: HorizontalPodAutoscaler
apiVersion: autoscaling/v1
metadata:
name: myweb
spec:
minReplicas: 1 # 最少保留的副本数量
maxReplicas: 3 # 最大创建的副本数量
scaleTargetRef: # 监控的资源对象
kind: Deployment # 资源对象类型
apiVersion: apps/v1 # 版本
name: myweb # 资源对象名称
targetCPUUtilizationPercentage: 50 # 警戒值,节点总资源的50%
[root@master ~]# kubectl apply -f myhpa.yaml
horizontalpodautoscaler.autoscaling/myweb created
# 刚刚创建 unknown 是正常现象,采集的是5分钟的平均值,最多等待 300s 就可以正常获取数据
[root@master ~]# kubectl get horizontalpodautoscalers.autoscaling
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
myweb Deployment/myweb <unknown>/50% 1 3 0 4s
[root@master ~]# kubectl get horizontalpodautoscalers.autoscaling
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
myweb Deployment/myweb 0%/50% 1 3 1 71s
扩容测试
# 终端 1 访问提高负载
[root@master ~]# while true;do
curl -s "http://10.245.1.80/info.php?id=50000"
sleep 1
done
# 终端 2 监控 HPA 变化
[root@master ~]# kubectl get hpa -w
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
myweb Deployment/myweb 0%/50% 1 3 1 8m21s
myweb Deployment/myweb 49%/50% 1 3 1 9m
myweb Deployment/myweb 56%/50% 1 3 1 9m15s
myweb Deployment/myweb 56%/50% 1 3 2 9m30s
myweb Deployment/myweb 37%/50% 1 3 2 9m45s
myweb Deployment/myweb 32%/50% 1 3 2 10m
myweb Deployment/myweb 41%/50% 1 3 2 11m
myweb Deployment/myweb 48%/50% 1 3 2 11m
myweb Deployment/myweb 51%/50% 1 3 2 11m
myweb Deployment/myweb 59%/50% 1 3 2 11m
myweb Deployment/myweb 58%/50% 1 3 3 12m
myweb Deployment/myweb 42%/50% 1 3 3 12m
myweb Deployment/myweb 34%/50% 1 3 3 12m
# 停止访问,让CPU空闲,为了防止集群抖动,副本不会立即释放,必须300妙内的平均负载小于警戒值,才会开始释放副本,副本达到最小值时候停止释放
# 如果 300s 内平均负载小于标准值,就会自动缩减集群规模
[root@master ~]# kubectl get hpa -w
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
myweb Deployment/myweb 38%/50% 1 3 3 19m
myweb Deployment/myweb 21%/50% 1 3 3 20m
myweb Deployment/myweb 17%/50% 1 3 3 21m
myweb Deployment/myweb 7%/50% 1 3 3 22m
myweb Deployment/myweb 0%/50% 1 3 3 23m
myweb Deployment/myweb 0%/50% 1 3 2 25m
myweb Deployment/myweb 0%/50% 1 3 1 28m
[root@master ~]# kubectl get horizontalpodautoscalers.autoscaling
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
myweb Deployment/myweb 0%/50% 1 3 1 5m41s
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myweb-5946bb4c68-f9tw9 1/1 Running 0 6m40s