文章目录

  • 控制器
  • Deployment
  • Deploy 图例
  • 资源对象案例
  • DaemonSet控制器
  • DS图例
  • 资源对象案例
  • Job/CronJob控制器
  • Job图例
  • 资源对象案例
  • CJ图例
  • 资源对象案例
  • StatefulSet控制器
  • STS图例
  • 资源对象案例
  • HorizontalPodAutoscaling
  • HPA图例
  • 资源对象案例


控制器

  • 控制器是k8s内置的管理工具。可以帮助用户实现Pod的自动部署、自维护、扩容、滚动更新等功能的自动化程序
  • 为什么要使用控制器
  • 有大量的Pod需要维护管理
  • 需要维护Pod的健康状态
  • 控制器可以像机器人一样可以替用户完成维护管理的工作

Deployment

  • 最常用的无状态服务控制器,由Deployment、ReplicaSet、Pod组成、支持集群扩容缩容、滚动、更新、自动维护Pod可用性及副本数量等功能
  • ReplicaSet 和 Pod 由 Deployment 自动管理,用户无需干预(通过标签管理)

Deploy 图例






Deployment

ReplicaSet

Pod

Pod

Pod


资源对象案例

[root@master ~]# vim mydeploy.yaml
---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: myweb
spec:
  replicas: 2				# 副本数量
  selector:					# 定义标签选择器
    matchLabels:			# 同样支持matchExpressions表达式语法
      app: myhttp			# ReplicaSet通过标签来确定哪个Pod由它来管理
  template:					# 定义用来创建Pod的模板
    metadata:
      labels:				# 名称由控制器生成,只能定义标签
        app: myhttp
    spec:
      restartPolicy: Always
      containers:
      - name: apache
        image: myos:httpd
        ports:
        - name:
          protocol: TCP
          containerPort: 80

[root@master ~]# kubectl apply -f mydeploy.yaml 
deployment.apps/myweb created
[root@master ~]# kubectl get deployments.apps 
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
myweb   2/2     2            2           68s
[root@master ~]# kubectl get replicasets.apps 
NAME               DESIRED   CURRENT   READY   AGE
myweb-64b544dcbc   2         2         2       73s
[root@master ~]# kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
myweb-64b544dcbc-5mhqn   1/1     Running   0          76s
myweb-64b544dcbc-nt6tz   1/1     Running   0          76s

# 创建服务访问集群
[root@master ~]# vim websvc.yaml
---
kind: Service
apiVersion: v1
metadata:
  name: websvc
spec:
  type: ClusterIP
  clusterIP: 10.245.1.80
  selector:
    app: myhttp
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

[root@master ~]# kubectl apply -f websvc.yaml 
service/websvc created
[root@master ~]# curl -m 3 http://10.245.1.80
Welcome to The Apache.

# 自维护自治理
[root@master ~]# kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
myweb-64b544dcbc-5mhqn   1/1     Running   0          4m16s
myweb-64b544dcbc-nt6tz   1/1     Running   0          4m16s

# Pod 被删除后,Deploy 会自动创建新的 Pod 来维护集群的完整性
[root@master ~]# kubectl delete pod myweb-64b544dcbc-5mhqn 
pod "myweb-64b544dcbc-5mhqn" deleted
# 如果想关闭应用,需要删除控制器,单独删除Pod无效
[root@master ~]# kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
myweb-64b544dcbc-g8l9p   1/1     Running   0          3s
myweb-64b544dcbc-nt6tz   1/1     Running   0          4m25s

# 集群扩容缩容,动态更新集群副本数量
[root@master ~]# kubectl scale deployment myweb --replicas=1
deployment.apps/myweb scaled
[root@master ~]# kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
myweb-64b544dcbc-nt6tz   1/1     Running   0          5m46s
[root@master ~]# kubectl scale deployment myweb --replicas=3
deployment.apps/myweb scaled
[root@master ~]# kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
myweb-64b544dcbc-5sf5z   1/1     Running   0          3s
myweb-64b544dcbc-6r6dw   1/1     Running   0          3s
myweb-64b544dcbc-nt6tz   1/1     Running   0          5m56s

历史版本、滚动更新

# 添加注释信息(没有特殊用途,仅仅是注释信息)
[root@master ~]# kubectl annotate deployments.apps myweb kubernetes.io/change-cause="httpd.v1"
deployment.apps/myweb annotated

# 查看更新策略
[root@master ~]# kubectl get deployments.apps myweb -o yaml
... ...
metadata:
  annotations:								# 注释信息
    kubernetes.io/change-cause: httpd.v1	# 该信息会显示在历史版本中
... ...
spec:
  revisionHistoryLimit: 10		# 保留10个历史版本
  strategy:						# 更新策略
    rollingUpdate:				# 滚动更新策略
      maxSurge: 25%				# 允许最大副本25%超量
      maxUnavailable: 25%		# 允许最小副本25%不足
    type: RollingUpdate			# 更新方式 [Recreate, RollingUpdate]
# RollingUpdate更新方式会创建新的ReplicaSet,逐渐替换旧ReplicaSet里的Pod,这样可以保证用户服务不中断

# 修改镜像,滚动更新集群
[root@master ~]# curl -m 3 http://10.245.1.80
Welcome to The Apache.
[root@master ~]# sed 's,\(image: \).*,\1myos:nginx,' mydeploy.yaml |kubectl apply -f -
deployment.apps/myweb configured
# 更新注释信息
[root@master ~]# kubectl annotate deployments.apps myweb kubernetes.io/change-cause="nginx.v1"
deployment.apps/myweb annotated
[root@master ~]# kubectl get replicasets.apps 
NAME               DESIRED   CURRENT   READY   AGE
myweb-5bfdc888d7   2         2         2       3m46s
myweb-64b544dcbc   0         0         0       12m
[root@master ~]# curl -m 3 http://10.245.1.80
Nginx is running !

# 历史版本与回滚(回滚是使用过去的配置,而不是回到过去)
# 查看历史版本
[root@master ~]# kubectl rollout history deployment myweb 
deployment.apps/myweb 
REVISION  CHANGE-CAUSE
1         httpd.v1
2         nginx.v1
# 回滚到版本1
[root@master ~]# kubectl rollout undo deployment myweb --to-revision=1
deployment.apps/myweb rolled back
[root@master ~]# kubectl rollout history deployment myweb 
deployment.apps/myweb 
REVISION  CHANGE-CAUSE
2         nginx.v1		# 因为回滚是使用过去的配置,而不是回到过去,所以没有版本1
3         httpd.v1

# 验证回滚
[root@master ~]# curl -m 3 http://10.245.1.80
Welcome to The Apache.

# 删除控制器方法1
[root@master ~]# kubectl delete deployments.apps myweb 
deployment.apps "myweb" deleted
# 删除控制器方法2
[root@master ~]# kubectl delete -f mydeploy.yaml
deployment.apps "myweb" deleted

DaemonSet控制器

  • 无法自定义副本数量
  • 所创建的Pod与Node节点绑定
  • 每个Node上都会运行一个Pod
  • 当有新Node加入集群时,会为他新增Pod副本,当Node从集群移除时,这些Pod也会被回收,典型应用:kube-proxy、flannel

DS图例








node

Pod

node

Pod

node

Pod

DaemonSet


资源对象案例

  • DaemonSet的资源文件只和Deployments的资源文件区别在资源类型kind和有无副本数量replicas
[root@master ~]# vim myds.yaml
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: myds
spec:
  selector:
    matchLabels:
      app: myhttp
  template:
    metadata:
      labels:
        app: myhttp
    spec:
      restartPolicy: Always
      containers:
      - name: apache
        image: myos:httpd
        ports:
        - name:
          protocol: TCP
          containerPort: 80

[root@master ~]# kubectl apply -f myds.yaml 
daemonset.apps/myds created
[root@master ~]# kubectl get pods -o wide
NAME         READY   STATUS    RESTARTS   AGE   IP            NODE
myds-4wt72   1/1     Running   0          31s   10.244.3.14   node-0003
myds-lwq8l   1/1     Running   0          31s   10.244.2.17   node-0002
myds-msrcx   1/1     Running   0          31s   10.244.1.11   node-0001
# master节点上没有Pod是因为daemonset受到污点策略的影响
[root@master ~]# kubectl -n kube-system get pods -l k8s-app=kube-proxy -o wide
NAME               READY   STATUS    RESTARTS      AGE   IP             NODE        ...
kube-proxy-57v4b   1/1     Running   6 (18h ago)   12d   192.168.1.52   node-0002   ...
kube-proxy-b4757   1/1     Running   6 (18h ago)   12d   192.168.1.53   node-0003   ...
kube-proxy-dqrwx   1/1     Running   6 (18h ago)   12d   192.168.1.50   master      ...
kube-proxy-flj28   1/1     Running   6 (18h ago)   12d   192.168.1.51   node-0001   ...

# 删除DS控制器
[root@master ~]# kubectl delete -f myds.yaml 
daemonset.apps "myds" deleted

Job/CronJob控制器

  • Job是一个单任务控制器,负责执行一次任务,保证任务在一个或多个Pod上执行成功
  • CronJob像是Job的升级版,他是基于时间管理的Job控制器

Job图例



Job

Pod


资源对象案例

[root@master ~]# vim myjob.yaml 
---
kind: Job
apiVersion: batch/v1
metadata:
  name: myjob
spec:
  template:
    spec:
      restartPolicy: OnFailure   # 重启策略 [OnFailure, Never],Job不支持Always
      containers:
      - name: myjob
        image: myos:latest
        command: ["/bin/sleep", "30"]

[root@master ~]# kubectl apply -f myjob.yaml 
job.batch/myjob created
[root@master ~]# kubectl get jobs.batch 
NAME    COMPLETIONS   DURATION   AGE
myjob   0/1           3s         3s
[root@master ~]# kubectl get pods -l job-name=myjob
NAME             READY   STATUS    RESTARTS   AGE
myjob--1-kz8mk   1/1     Running   0          6s
[root@master ~]# sleep 30
[root@master ~]# kubectl get pods -l job-name=myjob
NAME             READY   STATUS      RESTARTS   AGE
myjob--1-kz8mk   0/1     Completed   0          58s
[root@master ~]# kubectl get jobs.batch 
NAME    COMPLETIONS   DURATION   AGE
myjob   1/1           31s        64s

# 删除Job控制器
[root@master ~]# kubectl delete -f myjob.yaml 
job.batch "myjob" deleted

CJ图例








Job

Pod

Job

Pod

Job

Pod

CronJob


资源对象案例

[root@master ~]# vim mycj.yaml
---
kind: CronJob
apiVersion: batch/v1
metadata:
  name: mycronjob
spec:
  schedule: "*/1 * * * 1-5"				# 使用格林威治时间,需要自己换算
  jobTemplate:
    spec:
      template:
        spec:
          restartPolicy: OnFailure		# 重启策略,只支持[OnFailure, Never]
          containers:
          - name: myjob
            image: myos:latest
            command: ["/bin/sleep", "30"]

[root@master ~]# kubectl apply -f mycj.yaml 
cronjob.batch/mycronjob created
[root@master ~]# kubectl get cronjobs.batch 
NAME        SCHEDULE        SUSPEND   ACTIVE   LAST SCHEDULE   AGE
mycronjob   */1 * * * 1-5   False     0        <none>          4s
[root@master ~]# kubectl get jobs.batch 
No resources found in default namespace.
[root@master ~]# kubectl get pods
No resources found in default namespace.
[root@master ~]# sleep 60
[root@master ~]# kubectl get jobs.batch 
NAME                 COMPLETIONS   DURATION   AGE
mycronjob-27605367   0/1           0s         0s
[root@master ~]# kubectl get pods
NAME                          READY   STATUS    RESTARTS   AGE
mycronjob-27605367--1-ps6r8   1/1     Running   0          3s
[root@master ~]# kubectl get jobs.batch 
NAME                 COMPLETIONS   DURATION   AGE
mycronjob-27605367   0/1           12s        12s
[root@master ~]# sleep 200

# 保留三次结果,多余的会被删除
[root@master ~]# kubectl get jobs.batch 
NAME                 COMPLETIONS   DURATION   AGE
mycronjob-27605367   1/1           31s        3m30s
mycronjob-27605368   1/1           31s        2m30s
mycronjob-27605369   1/1           31s        90s
mycronjob-27605370   0/1           30s        30s
[root@master ~]# kubectl get jobs.batch 
NAME                 COMPLETIONS   DURATION   AGE
mycronjob-27605368   1/1           31s        2m33s
mycronjob-27605369   1/1           31s        93s
mycronjob-27605370   1/1           31s        33s

# 删除CJ控制器
[root@master ~]# kubectl delete -f mycj.yaml 
cronjob.batch "mycronjob" deleted

StatefulSet控制器

  • StatefulSet旨在与有状态的应用及分布式系统一起使用,涉及了Headless服务、存储卷、DNS等相关知识点,是一个宽泛而复杂的话题
  • Headless服务
  • 在配置StatefulSets的时候首先要定义一个Headless的服务
  • 在创建Pod的时候会自动把 <Pod名称> 注册为域名

STS图例








StatusfulSet

Pod

Pod

Pod

headless


资源对象案例

# 配置headless服务
[root@master ~]# vim mysvc.yaml 
---
kind: Service
apiVersion: v1
metadata:
  name: mysvc
spec:
  type: ClusterIP		# 类型
  clusterIP: None		# 不分配clusterIP
  selector:
    app: myhttp
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

[root@master ~]# kubectl apply -f mysvc.yaml 
service/mysvc created
[root@master ~]# kubectl get service
NAME         TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)   AGE
mysvc        ClusterIP   None          <none>        80/TCP    61s

# 创建statefulset控制器,与Deployment不同点只有,kind和有无serviceName
[root@master ~]# vim mysts.yaml
---
kind: StatefulSet
apiVersion: apps/v1
metadata:
  name: mysts
spec:
  serviceName: "mysvc"		# 绑定headless服务名称
  selector:
    matchExpressions:		# 标签匹配表达式
    - key: app				# 键的名称
      operator: In			# 匹配策略,支持[In, Noth, Exists, DoesNoExist]
      values:				# 映射的值
      - myhttp				# 值
  replicas: 3
  template:
    metadata:
      labels:
        app: myhttp
    spec:
      restartPolicy: Always
      containers:
      - name: apache
        image: myos:httpd
        imagePullPolicy: Always
        ports:
        - protocol: TCP
          containerPort: 80

[root@master ~]# kubectl apply -f mysts.yaml 
statefulset.apps/mysts created
[root@master ~]# kubectl get pods
NAME      READY   STATUS    RESTARTS   AGE
mysts-0   1/1     Running   0          4s
mysts-1   1/1     Running   0          3s
mysts-2   1/1     Running   0          2s

[root@master ~]# host mysts-0.mysvc.default.svc.cluster.local 10.245.0.10
Using domain server:
Name: 10.245.0.10
Address: 10.245.0.10#53
Aliases: 

mysts-0.mysvc.default.svc.cluster.local has address 10.244.3.81
[root@master ~]# host mysvc.default.svc.cluster.local 10.245.0.10
Using domain server:
Name: 10.245.0.10
Address: 10.245.0.10#53
Aliases: 

mysvc.default.svc.cluster.local has address 10.244.2.10
mysvc.default.svc.cluster.local has address 10.244.1.12
mysvc.default.svc.cluster.local has address 10.244.3.11

[root@master ~]# curl -m 3 http://10.244.2.10/info.php
<pre>
Array
(
    [REMOTE_ADDR] => 10.244.0.0
    [REQUEST_METHOD] => GET
    [HTTP_USER_AGENT] => curl/7.29.0
    [REQUEST_URI] => /info.php
)
php_host:       mysts-2
1229

# 删除sts控制器
[root@master ~]# kubectl delete -f mysts.yaml -f mysvc.yaml 
statefulset.apps "mysts" deleted
service "mysvc" deleted

HorizontalPodAutoscaling

  • HorizontalPodAutoscaling简称HPA,可以在Kubernetes集群中基于CPU利用率或其他应用程序的度量指标实现水平伸缩的功能,自动缩放Pod的数量
  • 控制器会周期性的获取平均利用率
  • 与目标值相比较后来调整副本数量

HPA图例


Pod cluster







Pod

Pod

Pod

ReplicaSet

HorizontalPodAutoscaler

Deployment


资源对象案例

# 为 Deploy 模板添加资源配额
[root@master ~]# vim mydeploy.yaml 
---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: myweb
spec:
  replicas: 1
  selector:
    matchLabels:
      app: myhttp
  template:
    metadata:
      labels:
        app: myhttp
    spec:
      restartPolicy: Always
      containers:
      - name: apache
        image: myos:httpd
        ports:
        - name:
          protocol: TCP
          containerPort: 80
        resources:			# 必须指定资源最小配额,否则HPA控制器不监控
          requests:
            cpu: "200m"

---
kind: Service
apiVersion: v1
metadata:
  name: websvc
spec:
  type: ClusterIP
  clusterIP: 10.245.1.80
  selector:
    app: myhttp
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

# 使用 Deploy 和 Cluster IP 创建集群
[root@master ~]# kubectl apply -f mydeploy.yaml
deployment.apps/myweb created
service/websvc created
[root@master ~]# kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
myweb-5946bb4c68-c8tm2   1/1     Running   0          2m43s
[root@master ~]# curl -s http://10.245.1.80
Welcome to The Apache.

# 创建 HPA 控制器
[root@master ~]# vim myhpa.yaml 
---
kind: HorizontalPodAutoscaler
apiVersion: autoscaling/v1
metadata:
  name: myweb
spec:
  minReplicas: 1		# 最少保留的副本数量
  maxReplicas: 3		# 最大创建的副本数量
  scaleTargetRef:		# 监控的资源对象
    kind: Deployment	# 资源对象类型
    apiVersion: apps/v1	# 版本
    name: myweb			# 资源对象名称
  targetCPUUtilizationPercentage: 50	# 警戒值,节点总资源的50%

[root@master ~]# kubectl apply -f myhpa.yaml 
horizontalpodautoscaler.autoscaling/myweb created

# 刚刚创建 unknown 是正常现象,采集的是5分钟的平均值,最多等待 300s 就可以正常获取数据
[root@master ~]# kubectl get horizontalpodautoscalers.autoscaling 
NAME    REFERENCE          TARGETS         MINPODS   MAXPODS   REPLICAS   AGE
myweb   Deployment/myweb   <unknown>/50%   1         3         0          4s

[root@master ~]# kubectl get horizontalpodautoscalers.autoscaling 
NAME    REFERENCE          TARGETS         MINPODS   MAXPODS   REPLICAS   AGE
myweb   Deployment/myweb   0%/50%          1         3         1          71s

扩容测试

# 终端 1 访问提高负载
[root@master ~]# while true;do
    curl -s "http://10.245.1.80/info.php?id=50000"
    sleep 1
done
# 终端 2 监控 HPA 变化
[root@master ~]# kubectl get hpa -w
NAME    REFERENCE          TARGETS   MINPODS   MAXPODS   REPLICAS   AGE
myweb   Deployment/myweb   0%/50%    1         3         1          8m21s
myweb   Deployment/myweb   49%/50%   1         3         1          9m
myweb   Deployment/myweb   56%/50%   1         3         1          9m15s
myweb   Deployment/myweb   56%/50%   1         3         2          9m30s
myweb   Deployment/myweb   37%/50%   1         3         2          9m45s
myweb   Deployment/myweb   32%/50%   1         3         2          10m
myweb   Deployment/myweb   41%/50%   1         3         2          11m
myweb   Deployment/myweb   48%/50%   1         3         2          11m
myweb   Deployment/myweb   51%/50%   1         3         2          11m
myweb   Deployment/myweb   59%/50%   1         3         2          11m
myweb   Deployment/myweb   58%/50%   1         3         3          12m
myweb   Deployment/myweb   42%/50%   1         3         3          12m
myweb   Deployment/myweb   34%/50%   1         3         3          12m
# 停止访问,让CPU空闲,为了防止集群抖动,副本不会立即释放,必须300妙内的平均负载小于警戒值,才会开始释放副本,副本达到最小值时候停止释放
# 如果 300s 内平均负载小于标准值,就会自动缩减集群规模
[root@master ~]# kubectl get hpa -w
NAME    REFERENCE          TARGETS   MINPODS   MAXPODS   REPLICAS   AGE
myweb   Deployment/myweb   38%/50%   1         3         3          19m
myweb   Deployment/myweb   21%/50%   1         3         3          20m
myweb   Deployment/myweb   17%/50%   1         3         3          21m
myweb   Deployment/myweb    7%/50%   1         3         3          22m
myweb   Deployment/myweb    0%/50%   1         3         3          23m
myweb   Deployment/myweb    0%/50%   1         3         2          25m
myweb   Deployment/myweb    0%/50%   1         3         1          28m
[root@master ~]# kubectl get horizontalpodautoscalers.autoscaling 
NAME    REFERENCE          TARGETS   MINPODS   MAXPODS   REPLICAS   AGE
myweb   Deployment/myweb   0%/50%    1         3         1          5m41s
[root@master ~]# kubectl get pods
NAME                       READY     STATUS    RESTARTS  AGE
myweb-5946bb4c68-f9tw9     1/1       Running   0         6m40s