一、pod概念
1. pod类型
① 自主式pod:由yaml文件来创建的pod,也是pod自己去控制自己,防止pod备控制器杀死(一般很少用到)
② 控制器管理的pod:由Kubernetes控制器管理的pod,controllers在集群上管理和运行pod对象,通过label-selector相关联,pod通过控制器实现应用运维,如伸缩,升级等
2. pod控制类型
① ReplicationController用来确保容器应用的副本数始终保持在用户定义的副本数,即如果有容器异常退出,会自动创建新的pod来替代;而如果异常多出来的容器也会自动回收。建议是用ReplicaSet替代ReplicationController
② ReplicaSet跟ReplicationController没有本质的不同,只是名字不一样,并且ReplicaSet支持集合式的selector,虽然ReplicaSet可以独立使用,但一般还是建议使用Deployment来自动管理ReplicaSet,这样无需担心跟其他机制的不兼容问题(比如ReplicaSet不支持rolling-update但Deployment支持)
③ Deployment为pod和ReplicaSet提供了一个声明式定义方法,用来替代以前的ReplicationController来方便的管理应用。典型的应用场景包括:
- 定义Deployment来创建pod和ReplicaSet
- 滚动升级和回滚应用
- 扩容和伸缩
- 暂停和继续Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: default
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: daocloud.io/library/nginx:1.13.0-alpine
ports:
- containerPort: 80root@master:/home/pod-yaml# kubectl get pods,deploy,rs -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/nginx-deployment-d68cf6b55-dgxk9 1/1 Running 0 143m 10.244.2.9 node2 <none> <none>
pod/nginx-deployment-d68cf6b55-pddmb 1/1 Running 0 143m 10.244.2.8 node2 <none> <none>
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
deployment.apps/nginx-deployment 2/2 2 2 143m nginx daocloud.io/library/nginx:1.13.0-alpine app=nginx
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
replicaset.apps/nginx-deployment-d68cf6b55 2 2 2 143m nginx daocloud.io/library/nginx:1.13.0-alpine app=nginx,pod-template-hash=d68cf6b55③ Horizontal Pod Autoscaling仅适用于Deployment和ReplicaSet,在v1版本中仅支持根据pod的cpu利用率扩所容
④ StatefulSet是为了解决有状态服务的问题(对应Deployments和ReplicaSets是为无状态服务而设计),其应用场景包括:
- 稳定的持久化存储,即pod重新调度后还是能访问到相同的持久化数据,基于PVC来实现
- 稳定的网络标志,即pod重新调度后其PodName和HostName不变,基于Headless Service(即没有Cluster IP的Service)来实现
- 有序部署,有序扩展,即pod是有顺序的,在部署或者扩展的时候要依据定义的顺序依次进行(即从0到N-1,在下一个pod运行之前所有之前的pod必须都是Running和Ready状态),基于init containers实现
- 有序收缩,有序删除(即从N-1到0)
StatefulSet身份(唯一网络标识符)三要素:
- 域名
- 主机名
- 存储(PVC)
ClusterIP A记录格式:<service-name>.<namespace-name>.svc.cluster.local
ClusterIP=None A记录格式:<statefulsetName-index>.<service-name>.<namespace-name>.svc.cluster.local
示例:nginx-statefulset-0.nginx.default.svc.cluster.localapiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: nginx-statefulset
namespace: default
spec:
serviceName: nginx
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: daocloud.io/library/nginx:1.13.0-alpine
ports:
- containerPort: 80pod NAME是不变的,这样可以保证pod有一个唯一固定的域名:
root@master:/home/pod-yaml# kubectl create -f statefulset.yaml
service/nginx created
statefulset.apps/nginx-statefulset created
root@master:/home/pod-yaml# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-statefulset-0 1/1 Running 0 7s
nginx-statefulset-1 1/1 Running 0 5s
nginx-statefulset-2 1/1 Running 0 3s
root@master:/home/pod-yaml# kubectl delete pod nginx-statefulset-0
pod "nginx-statefulset-0" deleted
root@master:/home/pod-yaml# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-statefulset-0 1/1 Running 0 4s
nginx-statefulset-1 1/1 Running 0 70s
nginx-statefulset-2 1/1 Running 0 68s⑤ DaemonSet确保全部(或者一些)Node上运行一个pod的副本。当有Node加入集群时,也会为他们新增一个pod。当有Node从集群移除时,这些pod也会被回收。删除DaemonSet将会删除它创建的所有pod。使用DaemonSet的一些典型用法:
- 运行集群存储daemon,例如在每个Node上运行glusterd、ceph
- 在每个Node上运行日志收集daemon,例如fluentd、logstash
- 在每个Node上运行监控daemon,例如Prometheus Node Exporter
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: filebeat-daemonset
labels:
app: filebeat
spec:
selector:
matchLabels:
app: filebeat
template:
metadata:
labels:
app: filebeat
spec:
containers:
- name: logs
image: daocloud.io/library/nginx:1.13.0-alpine
ports:
- containerPort: 80
volumeMounts:
- name: varlog
mountPath: /tmp/log
volumes:
- name: varlog
hostPath:
path: /var/logroot@master:/home/pod-yaml# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
filebeat-daemonset-bfcdd 1/1 Running 0 3m3s 10.244.1.26 node1 <none> <none>
filebeat-daemonset-px94w 1/1 Running 0 3m3s 10.244.2.15 node2 <none> <none>
root@master:/home/pod-yaml# kubectl exec -it filebeat-daemonset-bfcdd -- /bin/sh
/ # cd /tmp/log/
/tmp/log # ls
alternatives.log cloud-init-output.log faillog lastlog unattended-upgrades vmware-network.5.log vmware-vmsvc-root.3.log
apt cloud-init.log installer lxd vmware-network.1.log vmware-network.6.log vmware-vmsvc-root.log
auth.log containers journal pods vmware-network.2.log vmware-network.log vmware-vmtoolsd-root.log
bootstrap.log dist-upgrade kern.log syslog vmware-network.3.log vmware-vmsvc-root.1.log wtmp
btmp dpkg.log landscape tallylog vmware-network.4.log vmware-vmsvc-root.2.log⑥ Job负责批处理任务,即仅执行一次的任务,它保证批处理任务的一个或多个pod成功结束,应用场景:离线数据处理,视频解码等业务
apiVersion: batch/v1
kind: Job
metadata:
name: pi
spec:
template:
spec:
containers:
- name: pi
image: perl
command: ["perl", "-Mbignum=bpi", "-wle", "print bpi(10)"]
restartPolicy: Never
backoffLimit: 4root@master:/home/pod-yaml# kubectl get pods
NAME READY STATUS RESTARTS AGE
pi-h9dr9 0/1 Completed 0 12m
root@master:/home/pod-yaml# kubectl logs pi-h9dr9
3.141592654⑦ Cron Job管理基于时间的Job,即
- 在给定时间点只运行一次
- 周期性地给定时间点运行
- 应用场景:通知,备份
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: hello
spec:
schedule: "*/1 * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: hello
image: busybox
args:
- /bin/sh
- -c
- date; echo Hello from the Kubernetes cluster
restartPolicy: OnFailureroot@master:/home/pod-yaml# kubectl create -f cronjob.yaml
cronjob.batch/hello created
root@master:/home/pod-yaml# kubectl get cronjob
NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE
hello */1 * * * * False 0 17s 30s
root@master:/home/pod-yaml# kubectl get pods
NAME READY STATUS RESTARTS AGE
hello-1589135400-hzs6q 0/1 Completed 0 28s
root@master:/home/pod-yaml# kubectl logs hello-1589135400-hzs6q
Sun May 10 18:30:10 UTC 2020
Hello from the Kubernetes cluster
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
