Kubernetes的Pod资源
Kubernetes命令
| 选项 | 作用 |
|---|---|
| -n | 指定名称空间 |
| -f | 指定资源清单 |
| -c | 指定连接POD中的容器 |
| -o | 查看pod指定格式信息 |
| -w | 动态查看,在查看日志或详细信息时 |
1)查看资源
kubectl get 资源名
kubectl get ns(namespace)
kubectl get node
kubectl get pod
2)创建资源
kubectl create 资源名 名称空间名字 --image(可指定镜像)
kubectl create ns 名称空间名字
3)给资源打标签
kubectl label 资源名 key=value
kubectl label pod key=value
kubectl label node key=value
4)删除资源
kubectl delete 资源名 名称空间
kubectl delete ns 名称空间
5)查看资源相关信息(排错)
kubectl describe 资源名
6)查看日志
kubectl logs pod pod名
7)启动pod
kubectl run pod
8)连接pod
kubectl exec -it pod名字 -- /bin/bash
9)连接pod中的指定容器
kubectl exec -it pod名字 -c 容器名 -- /bin/bashPod沉浸式体验
# 创建一个控制器资源
[root@master-1 ~]# kubectl create deployment nginx --image=nginx:alpine
# 指定副本数量
--replicas=10
# 创建10个nginx
[root@master-1 ~]# kubectl create deployment nginx10 --image=nginx:alpine --replicas=10
[root@master-1 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-565785f75c-vrgg7 1/1 Running 0 2m49s
nginx10-6cc8ffd95b-29zsb 1/1 Running 0 107s
nginx10-6cc8ffd95b-56v9d 1/1 Running 0 107s
nginx10-6cc8ffd95b-6gt8p 1/1 Running 0 106s
nginx10-6cc8ffd95b-95j69 1/1 Running 0 106s
nginx10-6cc8ffd95b-k8797 1/1 Running 0 107s
nginx10-6cc8ffd95b-l8lqw 1/1 Running 0 106s
nginx10-6cc8ffd95b-mhzgh 1/1 Running 0 107s
nginx10-6cc8ffd95b-nqjnx 1/1 Running 0 106s
nginx10-6cc8ffd95b-r5bpg 1/1 Running 0 107s
nginx10-6cc8ffd95b-vf4qw 1/1 Running 0 107s
# 查看pod指定格式信息(常用)
[root@master-1 ~]# kubectl get pod -o name
[root@master-1 ~]# kubectl get pod -o wide
[root@master-1 ~]# kubectl get pod -o json
[root@master-1 ~]# kubectl get pod -o yaml
# 将yaml语法导出
[root@master-1 ~]# kubectl get pod nginx10-6cc8ffd95b-29zsb -o yaml > /root/nginx-test.yaml
# 使用资源清单启动pod
[root@master-1 ~]# vim nginx-test.yml
apiVersion: v1
kind: Pod
metadata:
name: nginx10-test
namespace: default
spec:
containers:
- image: nginx:alpine
imagePullPolicy: IfNotPresent
name: nginx-test
## 启动容器(如果配置有变化,可以自动更新)
[root@master-1 ~]# kubectl apply -f nginx-test.yaml (二次运行)
## 启动容器(无法二次运行)
[root@master-1 ~]# kubectl create -f nginx-test.yaml (无法二次运行)
## 查看
[root@master-1 ~]# kubectl get pod nginx10-test
NAME READY STATUS RESTARTS AGE
nginx10-test 1/1 Running 0 86s
# 删除控制器中的pod
[root@master-1 ~]# kubectl delete deployments nginx10
# 自己编写资源清单实践
[root@master-1 ~]# cat suibian.yml
apiVersion: "v1"
kind: "Namespace"
metadata:
name: ljy
---
apiVersion: "v1"
kind: "Pod"
metadata:
name: nginx-niuniu
namespace: ljy
labels:
nginx: nn
spec:
containers:
- image: nginx:alpine
imagePullPolicy: IfNotPresent
name: nginx
# 查看pod
[root@master-1 ~]# kubectl get pod -n ljy
NAME READY STATUS RESTARTS AGE
nginx-niuniu 1/1 Running 0 26s
# 单pod启动多容器
[root@master-1 ~]# vim suibian.yml
apiVersion: "v1"
kind: "Namespace"
metadata:
name: ljy
---
apiVersion: "v1"
kind: "Pod"
metadata:
name: nginx-niuniu
namespace: ljy
labels:
nginx: nn
spec:
containers:
- name: nginx
image: nginx:alpine
imagePullPolicy: IfNotPresent
- name: busybox
imagePullPolicy: IfNotPresent
image: busybox
command: ["/bin/tail","-f","/etc/hosts"]
# 查看pod
[root@master-1 ~]# kubectl get pod -n ljy
NAME READY STATUS RESTARTS AGE
nginx-niuniu 2/2 Running 0 18s资源清单详解
# API的版本号(接口)
apiVersion: v1
#部署的资源类型
kind: Pod
# 元数据信息
metadata:
# 资源的名称(pod名字)
name: nginx81
# 指定的名称空间(给pod启动在哪个名称空间)
namespace: default
# 打标签
labels:
标签名 key: value
nginx: nn
# 自定义Pod资源的配置
spec:
#定义容器相关信息
containers:
# 定义容器的名称
- name: nginx01 c1
# 定义容器基于哪个镜像,启动
image: nginx:1.18
# 镜像拉取规则
imagePullPolicy: Always(#总是拉取镜像)
Never(#永远不拉取镜像)
IfNotPresent(#如果不存在就拉取镜像,存在就不拉取镜像)Kubernetes标签使用
## 查看标签
--show-labels
[root@master-1 ~]# kubectl get pod -n ljy --show-labels
NAME READY STATUS RESTARTS AGE LABELS
nginx-niuniu 1/1 Running 0 17m nginx=nn
## 打标签(node)
[root@master-1 ~]# kubectl label nodes node-1 CPU=1c
## 打标签(pod)
[root@master-1 ~]# kubectl label pod -n ljy nginx-niuniu nginx=niuniu
## 使用资源清单打标签
metadata:
labels:
nginx: nn
## 删除标签
[root@master-1 ~]# kubectl label nodes node-1 CPU-
## 根据标签找pod
[root@master-1 ~]# kubectl get pod --selector=nginx=nn -n ljy
NAME READY STATUS RESTARTS AGE
nginx-niuniu 1/1 Running 0 29m
## 根据标签删除
kubectl delete pod -l nginx=nn重新认识Pod
共享网络
POD内的容器使用Container模式共享根容器的网络
容器看到的网络设备信息和根容器完全相同
POD内的多个容器可以使用localhost进行网络通讯
POD内的多个容器不能绑定相同的端口
POD的生命周期和根容器一样,如果根容器退出了,POD就退出了
# 测试一个pod中运行两个容器
[root@master-1 ~]# vim suibian.yml
apiVersion: "v1"
kind: "Namespace"
metadata:
name: ljy
---
apiVersion: "v1"
kind: "Pod"
metadata:
name: nginx-niuniu
namespace: ljy
labels:
nginx: nn
spec:
containers:
- name: nginx
image: nginx:alpine
imagePullPolicy: IfNotPresent
- name: busybox
imagePullPolicy: IfNotPresent
image: busybox
command: ["/bin/tail","-f","/etc/hosts"]
# 指定pod启动在某个节点上
spec:
# 指定node名为node-1的机器上,启动pod
nodeName: node-1
# 指定node标签为nginx: nn的机器上,启动pod
nodeSelector:
nginx: nn
containers:
- name: nginx
image: nginx:alpine
imagePullPolicy: IfNotPresent
- name: busybox
imagePullPolicy: IfNotPresent
image: busybox
command: ["/bin/tail","-f","/etc/hosts"]共享存储(挂载)
默认情况下一个POD内的容器文件系统是互相隔离的
如果想让一个POD容器共享文件那么只需要定义一个Volume,然后两个容器分别挂载到这个Volume中
hostPath:将容器中的目录挂载到宿主机上指定的目录,为容器之间共享存储,具有数据持久化
emptyDir:在宿主机找个临时目录挂载,只为容器之间共享存储,无法数据持久化
# hostPath
[root@master-1 ~]# cat suibian.yml
apiVersion: "v1"
kind: "Namespace"
metadata:
name: ljy
---
apiVersion: "v1"
kind: "Pod"
metadata:
name: nginx-niuniu
namespace: ljy
labels:
nginx: nn
spec:
volumes:
- name: Guazai01
hostPath:
path: /data/test01
volumes:
- name: Guazai02
hostPath:
path: /data/test02
containers:
- name: nginx
image: nginx:alpine
imagePullPolicy: IfNotPresent
volumeMounts:
- name: Guazai01
mountPath: /var/log/nginx/
- name: busybox
imagePullPolicy: IfNotPresent
image: busybox
command: ["/bin/tail","-f","/etc/hosts"]
volumeMounts:
- name: Guazai01
mountPath: /opt/test
# emptyDir
[root@master-1 ~]# cat suibian.yml
apiVersion: "v1"
kind: "Namespace"
metadata:
name: ljy
---
apiVersion: "v1"
kind: "Pod"
metadata:
name: nginx-niuniu
namespace: ljy
labels:
nginx: nn
spec:
volumes:
- name: Guazai01
hostPath:
path: /data/test01
volumes:
- name: Guazai02
emptyDir: {}
containers:
- name: nginx
image: nginx:alpine
imagePullPolicy: IfNotPresent
volumeMounts:
- name: Guazai02
mountPath: /var/log/nginx/
- name: busybox
imagePullPolicy: IfNotPresent
image: busybox
command: ["/bin/tail","-f","/etc/hosts"]
volumeMounts:
- name: Guazai02
mountPath: /opt/test使用资源清单启动mysql
[root@master-1 tmp]# mkdir /data
[root@master-1 tmp]# cd /data/
[root@master-1 data]# vim mysql.yml
apiVersion: "v1"
kind: "Pod"
metadata:
name: mysql57
spec:
nodeName: node-1
volumes:
- name: mysql-data
hostPath:
path: /data/mysql
containers:
- name: mysql-container
image: mysql:5.7
imagePullPolicy: IfNotPresent
env:
- name: MYSQL_ROOT_PASSWORD
value: '123'
- name: MYSQL_DATABASE
value: 'wordpress'
- name: MYSQL_USER
value: 'wp_user'
- name: MYSQL_PASSWORD
value: '123'
args:
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_unicode_ci
volumeMounts:
- name: mysql-data
mountPath: /var/lib/mysqlPod对容器的封装和应用
第一种:全部放一个pod里
第二种:Wordpress和MySQL分开
那么如何扩容呢?如果第一种方案大家会发现没有办法很好的扩容,因为数据库和wordpress已经绑定成一个整体了,扩容wordpress就得扩容mysql。而第二种方案就要灵活的多。
Pod的生命周期
initCoantainers 初始化容器
初始化容器是指,在主容器启动之前,我们可以让他做一些准备工作。
比如:
1.两个容器做了共享存储,那么我们可以让它先启动一个容器,来对目录进行更改用户和授权
2.容器需要连接数据库,那么可以让初始化容器检测数据库是否可以正常连接,如果可以再启动主容器
初始化容器应用示例
[root@master-1 ~]# vim /opt/nginx-init.yaml
apiVersion: "v1"
kind: "Pod"
metadata:
name: nginx-init
spec:
volumes:
- name: nginx-data
emptyDir: {}
initContainers:
- name: nginx-init-container
image: busybox
imagePullPolicy: IfNotPresent
args: ['/bin/sh','-c','echo k8s nginx init > /usr/share/nginx/html/index.html']
volumeMounts:
- name: nginx-data
mountPath: /usr/share/nginx/html/
containers:
- name: nginx-container
image: nginx:alpine
imagePullPolicy: IfNotPresent
volumeMounts:
- name: nginx-data
mountPath: /usr/share/nginx/html/钩子
Poststart
cni:容器网络接口
cri:容器运行时接口
csi:容器存储接口
## hook
Poststart:在容器启动创建后,立即执行,但时间不能太长,否则容器不会是running状态
exec:执行命令
httpGet:检测http
tcpSocket:检测端口
## Poststart应用示例
[root@master-1 tmp]# vim poststart.yml
apiVersion: v1
kind: Pod
metadata:
name: nginx-poststart
labels:
name: nginx-poststart
spec:
containers:
- name: nginx-poststart
image: nginx:alpine
imagePullPolicy: IfNotPresent
lifecycle:
postStart:
exec:
command:
- "/bin/sh"
- "-c"
- "echo k8s poststart > /usr/share/nginx/html/index.html"
[root@master-1 tmp]# curl 10.2.2.28
k8s poststartprestop
prestop:在容器停止前,执行一些命令,主要用于优雅关闭程序
exec:执行命令
httpGet:检测http
tcpSocket:检测端口
## prestop应用示例
[root@master-1 tmp]# vim prestop.yml
apiVersion: v1
kind: Pod
metadata:
name: nginx-poststart
labels:
name: nginx-poststart
spec:
volumes:
- name: test
hostPath:
path: /data/nginx
containers:
- name: nginx-prestop
image: nginx:alpine
imagePullPolicy: IfNotPresent
volumeMounts:
- name: test
mountPath: /usr/share/nginx/html/
lifecycle:
preStop:
exec:
command:
- "/bin/sh"
- "-c"
- "echo bye > /usr/share/nginx/html/index.html"
postStart:
exec:
command:
- "/bin/sh"
- "-c"
- "echo k8s prestop > /usr/share/nginx/html/index.html"
[root@master-1 tmp]# curl 10.2.2.29
k8s prestop健康检查探针
initialDelaySeconds: 第一次执行探针需要在容器启动后等待的时候时间
periodSeconds: 容器启动后每隔多少秒执行一次存活探针
timeoutSeconds: 探针超时时间,默认1秒,最小1秒
successThreshold: 探针失败后最少连续探测成功多少次才被认定成功,默认1次,如果是liveness必须为1
failureThreshold: 探针成功后被视为失败的探测的最小连续失败次数。默认3次。最小值为1存活态探针(livenessProbe)
存活态探针(存活性探针):检测pod中容器的应用是否存活
exec:执行命令检测
httpGet:检测http
tcpSocket:检测端口
## 存活态探针示例(exec)
apiVersion: v1
kind: Pod
metadata:
name: liveness
labels:
name: liveness
spec:
volumes:
- name: test
hostPath:
path: /data/test
containers:
- name: liveness
image: nginx:alpine
imagePullPolicy: IfNotPresent
volumeMounts:
- name: test
mountPath: /usr/share/nginx/html/
lifecycle:
postStart:
exec:
command:
- "/bin/sh"
- "-c"
- "echo test liveness > /usr/share/nginx/html/index.html"
livenessProbe:
exec:
command:
- "/bin/sh"
- "-c"
- "cat /usr/share/nginx/html/index.html"
initialDelaySeconds: 3
periodSeconds: 1
resources:
limits:
memory: "128Mi"
cpu: "500m"
## 存活态探针示例(httpGet)
apiVersion: v1
kind: Pod
metadata:
name: liveness
labels:
name: liveness
spec:
volumes:
- name: test
hostPath:
path: /data/test
containers:
- name: liveness
image: nginx:alpine
imagePullPolicy: IfNotPresent
volumeMounts:
- name: test
mountPath: /usr/share/nginx/html/
lifecycle:
postStart:
exec:
command:
- "/bin/sh"
- "-c"
- "echo test liveness > /usr/share/nginx/html/index.html"
livenessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 3
periodSeconds: 1
resources:
limits:
memory: "128Mi"
cpu: "500m"
# 存活态探针测试(自动恢复)
[root@node-1 test]# ll
total 4
-rw-r--r-- 1 root root 14 Sep 21 16:36 index.html
[root@node-1 test]# rm -f index.html
[root@node-1 test]# ll
total 0
[root@node-1 test]# ll
total 0
[root@node-1 test]# ll
total 4
-rw-r--r-- 1 root root 14 Sep 21 16:37 index.html
[root@node-1 test]# ll
total 4
-rw-r--r-- 1 root root 14 Sep 21 16:37 index.html就绪态探针(readinessProbe)
就绪态探针(就绪性探针):检测pod中容器的应用是否都准备就绪,未准备就绪时,是不对外提供服务(不开放流量)
exec:执行命令检测
httpGet:检测http
tcpSocket:检测端口
# 就绪态探针示例
apiVersion: v1
kind: Pod
metadata:
name: livenss-pod
spec:
containers:
- name: livenss-pod
image: nginx:alpine
lifecycle:
postStart:
exec:
command:
- "/bin/sh"
- "-c"
- "sleep 100;echo ok > /usr/share/nginx/html/health.html"
readinessProbe:
httpGet:
path: /actuator/health
port: 8080
initialDelaySeconds: 5
timeoutSeconds: 3
periodSeconds: 3
successThreshold: 3
failureThreshold: 3
livenessProbe:
httpGet:
path: /health.html
port: 80
initialDelaySeconds: 3
periodSeconds: 3
resources:
limits:
memory: "128Mi"
cpu: "500m"
# 检测
## 启动时curl了以后是404
[root@master-1 tmp]# curl 10.2.2.31/health.html
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.21.5</center>
</body>
</html>
## 启动时curl初始的index是welcome to nginx
[root@master-1 tmp]# curl 10.2.2.31
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
## 启动后100秒以后重新curl
[root@master-1 tmp]# curl 10.2.2.31/health.html
okservice中添加clusterIP尝试
[root@master-1 tmp]# vim livenessprode.yml
apiVersion: v1
kind: Pod
metadata:
name: liveness
labels:
name: liveness
spec:
volumes:
- name: test
hostPath:
path: /data/test
containers:
- name: liveness
image: nginx:alpine
imagePullPolicy: IfNotPresent
volumeMounts:
- name: test
mountPath: /usr/share/nginx/html/
lifecycle:
postStart:
exec:
command:
- "/bin/sh"
- "-c"
- "echo test liveness > /usr/share/nginx/html/index.html"
livenessProbe:
exec:
command:
- "/bin/sh"
- "-c"
- "cat /usr/share/nginx/html/index.html"
initialDelaySeconds: 3
periodSeconds: 1
resources:
limits:
memory: "128Mi"
cpu: "500m"
---
apiVersion: v1
kind: Service
metadata:
name: nginx-svc
spec:
type: ClusterIP
ports:
- protocol: TCP
port: 80
targetPort: 80
selector:
app: nginx
# 启动pod
[root@master-1 tmp]# kubectl apply -f livenessprode.yml
pod/liveness created
service/nginx-svc created
# 查看service
[root@master-1 tmp]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 3d5h
nginx-svc ClusterIP 10.1.160.35 <none> 80/TCP 15s
# 查看endpoints
[root@master-1 tmp]# kubectl get endpoints
NAME ENDPOINTS AGE
kubernetes 10.0.0.110:6443 3d5h
nginx-svc 10.2.1.5:80 72s
# curl集群ip显示集群内nginx页面
[root@master-1 tmp]# curl 10.1.160.35
<h1>Welcome to nginx!</h1>wordpress与mysql搭建(存活态探针)
mysql搭建
apiVersion: "v1"
kind: "Namespace"
metadata:
name: wordpress
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
namespace: wordpress
labels:
app: mysql
spec:
replicas: 1
selector:
matchLabels:
app: mysql
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: mysql
spec:
containers:
- image: mysql:5.7
name: mysql
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3306
name: dbport
env: #环境编排,进入数据库中创建Wordpress数据库和WordPress用户
- name: MYSQL_ROOT_PASSWORD
value: PassWord
- name: MYSQL_DATABASE
value: wordpress
- name: MYSQL_USER
value: wordpress
- name: MYSQL_PASSWORD
value: wordpress
volumeMounts:
- name: db
mountPath: /var/lib/mysql #mysql数据存放的容器目录
resources: {}
volumes:
- name: db
hostPath:
path: /var/lib/mysql #容器目录中的数据映射到本地目录中
status: {}
---
apiVersion: v1
kind: Service
metadata:
name: mysql
namespace: wordpress
spec:
selector:
app: mysql
ports:
- name: mysqlport
protocol: TCP
port: 3306
targetPort: dbport# 查看mysql暴露出的ip是什么
[root@master-1 ~]# kubectl get pod -n wordpress -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
mysql-67457648cd-flctn 1/1 Running 0 3m50s 10.2.2.24 node-2 <none> <none>wordpress搭建(存活态探针)
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress
namespace: wordpress
labels:
app: wordpress
spec:
replicas: 1
selector:
matchLabels:
app: wordpress
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: wordpress
spec:
containers:
- name: wordpress
image: wordpress
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
name: wdport
env:
- name: WORDPRESS_DB_HOST
value: 10.2.2.24:3306 #连接数据库,这里的ip地址查看mysql启动时的ip
- name: WORDPRESS_DB_USER
value: wordpress
- name: WORDPRESS_DB_PASSWORD
value: wordpress
livenessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 30
periodSeconds: 10
status: {}
---
apiVersion: v1
kind: Service
metadata:
name: wordpress
namespace: wordpress
spec:
type: NodePort
selector:
app: wordpress
ports:
- name: wordpressport
protocol: TCP
port: 80
targetPort: wdport
# 查看对外暴露的端口
[root@master-1 ~]# kubectl get svc -n wordpress
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
mysql ClusterIP 10.1.147.212 <none> 3306/TCP 5m54s
wordpress NodePort 10.1.235.4 <none> 80:30886/TCP 91s
存活态探针测试
连接
# 删除配置文件
root@wordpress-7897cdc46d-wm6mc:/var/www/html# rm -fr wp-config.php 
过后会自动拉起
