Kubernetes学习之路(六)之创建K8S应用
一、Deployment的概念
K8S本身并不提供网络的功能,所以需要借助第三方网络插件进行部署K8S中的网络,以打通各个节点中容器的互通。
POD,是K8S中的一个逻辑概念,K8S管理的是POD,一个POD中包含多个容器,容器之间通过localhost互通。而POD需要ip地址。每个POD都有一个标签
POD–>RC–>RS–>Deployment (发展历程)
Deployment,表示用户对K8S集群的一次更新操作。Deployment是一个比RS应用模式更广的API对象。用于保证Pod的副本的数量。
可以是创建一个新的服务,更新一个新的服务,也可以是滚动升级一个服务。滚动升级一个服务。实际是创建一个新的RS,然后将新的RS中副本数增加到理想状态,将旧的RS中的副本数减小到0的复合操作; 这样的一个复合操作用一个RS是不太好描述的,所以用一个更通用的Deployment来描述。
RC、RS和Deployment只是保证了支撑服务的POD数量,但是没有解决如何访问这些服务的问题。一个POD只是一个运行服务的实例,随时可以能在一个节点上停止,在另一个节点以一个新的IP启动一个新的POD,因此不能以确定的IP和端口号提供服务。
要稳定地提供服务需要服务发现和负载均衡能力。服务发现完成的工作,是针对客户端访问的服务,找到对应的后端服务实例。
在K8S的集中当中,客户端需要访问的服务就是Service对象。每个Service会对应一个集群内部有效的虚拟IP,集群内部通过虚拟IP访问一个服务。
二、创建K8S的第一个应用
[root@linux-node1 ~]# kubectl run net-test --image=alpine --replicas= sleep #创建名称为net-test的应用,镜像指定为alpine,副本数为2个
deployment.apps "net-test" created
[root@linux-node1 ~]# kubectl get pod -o wide #查看pod的状态信息,此时是API Server从etcd中读取这些数据
NAME READY STATUS RESTARTS AGE IP NODE
net-test-7b949fc785-2v2qz / Running 56s 10.2.87.2 192.168.56.120
net-test-7b949fc785-6nrhm / ContainerCreating 56s <none> 192.168.56.130
[root@linux-node1 ~]# kubectl get deployment net-test
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
net-test 22h
kubectl get deployment命令可以查看net-test的状态,输出显示两个副本正常运行。还可以在创建的过程中,通过kubectl describe deployment net-test了解详细的信息。
[root@linux-node1 ~]# kubectl describe deployment net-test
Name: net-test
Namespace: default
CreationTimestamp: Thu, Aug :: +
Labels: run=net-test
Annotations: deployment.kubernetes.io/revision=
Selector: run=net-test
Replicas: desired | updated | total | available | unavailable
StrategyType: RollingUpdate
MinReadySeconds:
RollingUpdateStrategy: max unavailable, max surge
Pod Template:
Labels: run=net-test
Containers:
net-test:
Image: alpine
Port: <none>
Host Port: <none>
Args:
sleep Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: net-test-5767cb94df (/ replicas created)
Events: <none>
Events是Deployment的日志,记录整个RelicaSet的启动过程,从上面的创建过程,可以看到Deployment是通过ReplicaSet来管理Pod。
[root@linux-node1 ~]# kubectl get replicaset #获取副本集信息
NAME DESIRED CURRENT READY AGE
net-test-5767cb94df 23h [root@linux-node1 ~]# kubectl describe replicaset net-test-5767cb94df #查看副本集的详细信息
Name: net-test-5767cb94df
Namespace: default
Selector: pod-template-hash=,run=net-test
Labels: pod-template-hash=
run=net-test
Annotations: deployment.kubernetes.io/desired-replicas=
deployment.kubernetes.io/max-replicas=
deployment.kubernetes.io/revision=
Controlled By: Deployment/net-test #指明ReplicaSet是由Deployment net-test创建
Replicas: current / desired
Pods Status: Running / Waiting / Succeeded / Failed
Pod Template:
Labels: pod-template-hash=
run=net-test
Containers:
net-test:
Image: alpine
Port: <none>
Host Port: <none>
Args:
sleep Environment: <none>
Mounts: <none>
Volumes: <none>
Events: <none> #Events可以查看到两个副本Pod的创建过程 [root@linux-node1 ~]# kubectl get pod #获取Pod信息,可以看到2个副本都处于Running状态
NAME READY STATUS RESTARTS AGE
net-test-5767cb94df-djt98 / Running 22h
net-test-5767cb94df-zb8m4 / Running 23h [root@linux-node1 ~]# kubectl describe pod net-test-5767cb94df-djt98 #查看pod的详细信息
Name: net-test-5767cb94df-djt98
Namespace: default
Node: 192.168.56.13/192.168.56.13
Start Time: Thu, Aug :: +
Labels: pod-template-hash=
run=net-test
Annotations: <none>
Status: Running
IP: 10.2.73.3
Controlled By: ReplicaSet/net-test-5767cb94df
Containers:
net-test:
Container ID: docker://c8e267326ed80f3cbe8111377c74dd1f016beaef513196b941165e180a5d5733
Image: alpine
Image ID: docker-pullable://alpine@sha256:7043076348bf5040220df6ad703798fd8593a0918d06d3ce30c6c93be117e430
Port: <none>
Host Port: <none>
Args:
sleep State: Running
Started: Thu, Aug :: +
Ready: True
Restart Count:
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-mnqx5 (ro)
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
Volumes:
default-token-mnqx5:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-mnqx5
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: <none>
Events: <none>
Controlled By
指明此 Pod 是由 ReplicaSet/net-test-5767cb94df 创建。Events
记录了 Pod 的启动过程。如果操作失败(比如 image 不存在),也能在这里查看到原因。
总结创建的过程:
(1)用户通过kubectl创建Deployment
(2)Deployment创建ReplicaSet
(3)ReplicaSet创建Pod
如图:
三、K8S创建资源的两种方式
Kubernetes 支持两种方式创建资源:
(1)用kubectl命令直接创建,在命令行中通过参数指定资源的属性。此方式简单直观,比较适合临时测试或实验使用。
kubectl run net-test --image=alpine --replicas= sleep
(2)通过配置文件和kubectl create创建。在配置文件中描述了应用的信息和需要达到的预期状态。
kubectl create -f nginx-deployment.yaml
四、以Deployment YAML方式创建Nginx服务
- 1、创建deployment
[root@linux-node1 ~]# vim nginx-deployment.yaml #使用yaml的方式进行创建应用
apiVersion: apps/v1 #apiVersion是当前配置格式的版本
kind: Deployment #kind是要创建的资源类型,这里是Deploymnet
metadata: #metadata是该资源的元数据,name是必须的元数据项
name: nginx-deployment
labels:
app: nginx
spec: #spec部分是该Deployment的规则说明
replicas: 3 #relicas指定副本数量,默认为1
selector:
matchLabels:
app: nginx
template: #template定义Pod的模板,这是配置的重要部分
metadata: #metadata定义Pod的元数据,至少要顶一个label,label的key和value可以任意指定
labels:
app: nginx
spec: #spec描述的是Pod的规则,此部分定义pod中每一个容器的属性,name和image是必需的
containers:
- name: nginx
image: nginx:1.13.
ports:
- containerPort: [root@linux-node1 ~]# kubectl create -f nginx-deployment.yaml #创建nginx-deployment应用
deployment.apps "nginx-deployment" created
- 2、查看deployment
[root@linux-node1 ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
net-test 32m
nginx-deployment 3 3 3 0 10s [root@linux-node1 ~]# kubectl describe deployment nginx-deployment #查看deployment详情
Name: nginx-deployment
Namespace: default
CreationTimestamp: Thu, Aug :: +
Labels: app=nginx
Annotations: deployment.kubernetes.io/revision=
Selector: app=nginx
Replicas: desired | updated | total | available | unavailable
StrategyType: RollingUpdate
MinReadySeconds:
RollingUpdateStrategy: % max unavailable, % max surge
Pod Template:
Labels: app=nginx
Containers:
nginx:
Image: nginx:1.13.
Port: /TCP
Host Port: /TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available False MinimumReplicasUnavailable
Progressing True ReplicaSetUpdated
OldReplicaSets: <none>
NewReplicaSet: nginx-deployment-6c45fc49cb (/ replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 1m deployment-controller Scaled up replica set nginx-deployment-6c45fc49cb to
- 3、查看Pod
[root@linux-node1 ~]# kubectl get pod #查看pod在状态,正在创建中,此时应该正在拉取镜像
NAME READY STATUS RESTARTS AGE
net-test-5767cb94df-djt98 / Running 22m
net-test-5767cb94df-hcwv7 / Unknown 34m
net-test-5767cb94df-zb8m4 / Running 34m
nginx-deployment-6c45fc49cb-dmc22 / ContainerCreating 2m
nginx-deployment-6c45fc49cb-fd8xm / ContainerCreating 2m
nginx-deployment-6c45fc49cb-sc8sh / ContainerCreating 2m [root@linux-node1 ~]# kubectl describe pod nginx-deployment-6c45fc49cb-dmc22 #查看具体某个pod的状态信息 [root@linux-node1 ~]# kubectl get pod -o wide #创建成功,状态为Running
NAME READY STATUS RESTARTS AGE IP NODE
net-test-5767cb94df-djt98 / Running 24m 10.2.73.3 192.168.56.13
net-test-5767cb94df-hcwv7 / Unknown 36m 10.2.10.2 192.168.56.12
net-test-5767cb94df-zb8m4 / Running 36m 10.2.73.2 192.168.56.13
nginx-deployment-6c45fc49cb-dmc22 1/1 Running 0 4m 10.2.73.6 192.168.56.13
nginx-deployment-6c45fc49cb-fd8xm 1/1 Running 0 4m 10.2.73.4 192.168.56.13
nginx-deployment-6c45fc49cb-sc8sh 1/1 Running 0 4m 10.2.73.5 192.168.56.13
Deployment、ReplicaSet、Pod 都已经就绪。如果要删除这些资源,执行 kubectl delete deployment nginx-deployment
或者 kubectl delete -f nginx-deployment.yaml
。
- 4、测试Pod访问
[root@linux-node1 ~]# curl --head http://10.2.73.6
HTTP/1.1 OK
Server: nginx/1.13.12
Date: Thu, Aug :: GMT
Content-Type: text/html
Content-Length:
Last-Modified: Mon, Apr :: GMT
Connection: keep-alive
ETag: "5acb8e45-264"
Accept-Ranges: bytes
- 5、更新Deployment
[root@linux-node1 ~]# kubectl set image deployment/nginx-deployment nginx=nginx:1.15. --record #nginx的版本升级,由1.13.2升级为1.15.2,记录需要加参数--record
deployment.apps "nginx-deployment" image updated [root@linux-node1 ~]# kubectl get deployment -o wide #查看更新后的deployment,可以看到当前4个副本,说明还在滚动升级中
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
net-test 39m net-test alpine run=net-test
nginx-deployment 6m nginx nginx:1.15.2 app=nginx
- 6、查看更新历史
[root@linux-node1 ~]# kubectl rollout history deployment/nginx-deployment #查看更新历史记录
deployments "nginx-deployment"
REVISION CHANGE-CAUSE
<none>
kubectl set image deployment/nginx-deployment nginx=nginx:1.15. --record=true
- 7、查看具体某一个版本的升级历史
[root@linux-node1 ~]# kubectl rollout history deployment/nginx-deployment --revision=
deployments "nginx-deployment" with revision #
Pod Template:
Labels: app=nginx
pod-template-hash=
Containers:
nginx:
Image: nginx:1.13.
Port: /TCP
Host Port: /TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
- 8、查看更新后的Deployment,并进行访问
[root@linux-node1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
net-test-5767cb94df-djt98 / Running 30m 10.2.73.3 192.168.56.13
net-test-5767cb94df-hcwv7 / Unknown 42m 10.2.10.2 192.168.56.12
net-test-5767cb94df-zb8m4 / Running 42m 10.2.73.2 192.168.56.13
nginx-deployment-64749d4b59-djttr 1/1 Running 0 37s 10.2.73.8 192.168.56.13
nginx-deployment-64749d4b59-jp7fw 1/1 Running 0 3m 10.2.73.7 192.168.56.13
nginx-deployment-64749d4b59-q4fsn 1/1 Running 0 33s 10.2.73.9 192.168.56.13
[root@linux-node1 ~]# curl --head http://10.2.73.7
HTTP/1.1 OK
Server: nginx/1.15.2 #版本已经升级为1.15.2
Date: Thu, Aug :: GMT
Content-Type: text/html
Content-Length:
Last-Modified: Tue, Jul :: GMT
Connection: keep-alive
ETag: "5b572365-264"
Accept-Ranges: bytes
- 9、快速回滚到上一个版本
[root@linux-node1 ~]# kubectl rollout undo deployment/nginx-deployment #回滚上一个版本
deployment.apps "nginx-deployment" [root@linux-node1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
net-test-5767cb94df-djt98 / Running 32m 10.2.73.3 192.168.56.13
net-test-5767cb94df-hcwv7 / Unknown 43m 10.2.10.2 192.168.56.12
net-test-5767cb94df-zb8m4 / Running 43m 10.2.73.2 192.168.56.13
nginx-deployment-6c45fc49cb-b9h84 / Running 24s 10.2.73.11 192.168.56.13
nginx-deployment-6c45fc49cb-g4mrg / Running 26s 10.2.73.10 192.168.56.13
nginx-deployment-6c45fc49cb-k29kq / Running 21s 10.2.73.12 192.168.56.13
[root@linux-node1 ~]# curl --head http://10.2.73.10
HTTP/1.1 OK
Server: nginx/1.13.12
Date: Thu, Aug :: GMT
Content-Type: text/html
Content-Length:
Last-Modified: Mon, Apr :: GMT
Connection: keep-alive
ETag: "5acb8e45-264"
Accept-Ranges: bytes 回滚完成,每一次更新或者回滚ip都会变化,所以需要通过vip进行访问,这就引入了service
- 10、使用service的vip进行访问应用
[root@linux-node1 ~]# vim nginx-service.yaml #使用yaml方式创建service
kind: Service
apiVersion: v1
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port:
targetPort: [root@linux-node1 ~]# kubectl create -f nginx-service.yaml #创建service
service "nginx-service" created [root@linux-node1 ~]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> /TCP 4h
nginx-service ClusterIP 10.1.213.126 <none> /TCP 15s #这个就是vip [root@linux-node2 ~]# curl --head http://10.1.213.126 #在node2节点上进行访问vip测试,在node1上无法访问是因为没有安装kube-proxy导致无法访问
HTTP/1.1 OK
Server: nginx/1.13.
Date: Thu, Aug :: GMT
Content-Type: text/html
Content-Length:
Last-Modified: Mon, Apr :: GMT
Connection: keep-alive
ETag: "5acb8e45-264"
Accept-Ranges: bytes [root@linux-node2 ~]# ipvsadm -Ln
IP Virtual Server version 1.2. (size=)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.1.0.1: rr persistent
-> 192.168.56.11: Masq
TCP 10.1.213.126: rr
-> 10.2.73.10: Masq
-> 10.2.73.11: Masq
-> 10.2.73.12: Masq 查看LVS状态可以看到,当访问VIP:10.1.213.126时,会进行负载均衡到各个pod
- 11、扩容到5个节点
[root@linux-node1 ~]# kubectl scale deployment nginx-deployment --replicas 5 #对应用的副本数进行扩容,直接指定副本数为5
deployment.extensions "nginx-deployment" scaled [root@linux-node1 ~]# kubectl get pod #查看pod状态,可以看到已经增加到5个副本
NAME READY STATUS RESTARTS AGE
net-test-5767cb94df-djt98 / Running 38m
net-test-5767cb94df-hcwv7 / Unknown 50m
net-test-5767cb94df-zb8m4 / Running 50m
nginx-deployment-6c45fc49cb-b9h84 / Running 6m
nginx-deployment-6c45fc49cb-g4mrg / Running 7m
nginx-deployment-6c45fc49cb-k29kq / Running 6m
nginx-deployment-6c45fc49cb-n9qkx / Running 24s
nginx-deployment-6c45fc49cb-xpx9s / Running 24s [root@linux-node2 ~]# ipvsadm -Ln
IP Virtual Server version 1.2. (size=)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.1.0.1: rr persistent
-> 192.168.56.11: Masq
TCP 10.1.213.126: rr
-> 10.2.73.10: Masq
-> 10.2.73.11: Masq
-> 10.2.73.12: Masq
-> 10.2.73.13: Masq
-> 10.2.73.14: Masq
Kubernetes学习之路(六)之创建K8S应用的更多相关文章
- Kubernetes学习之路目录
Kubernetes基础篇 环境说明 版本说明 系统环境 Centos 7.2 Kubernetes版本 v1.11.2 Docker版本 v18.09 Kubernetes学习之路(一)之概念和架构 ...
- Kubernetes学习之路(一)之概念和架构解析和证书创建和分发
1.Kubernetes的重要概念 转自:CloudMan老师公众号<每天5分钟玩转Kubernetes>https://item.jd.com/26225745440.html Clus ...
- Kubernetes学习之路(五)之Flannel网络二进制部署和测试
一.K8S的ip地址 Node IP:节点设备的IP,如物理机,虚拟机等容器宿主的实际IP. Pod IP:Pod的IP地址,是根据docker0网络IP段进行分配的. Cluster IP:Serv ...
- Kubernetes学习之路(七)之Coredns和Dashboard二进制部署
一.CoreDNS部署 在 Cluster 中,除了可以通过 Cluster IP 访问 Service,Kubernetes 还提供了更为方便的 DNS 访问. (1)编辑coredns.yaml文 ...
- Kubernetes学习之路(十七)之statefulset控制器
目录 一.statefulset简介 二.为什么要有headless?? 三.为什么要 有volumeClainTemplate?? 四.statefulSet使用演示 (1)查看statefulse ...
- Kubernetes学习之路(十八)之认证、授权和准入控制
API Server作为Kubernetes网关,是访问和管理资源对象的唯一入口,其各种集群组件访问资源都需要经过网关才能进行正常访问和管理.每一次的访问请求都需要进行合法性的检验,其中包括身份验证. ...
- Kubernetes学习之路(十六)之存储卷
目录 一.存储卷的概念和类型 二.emptyDir存储卷演示 三.hostPath存储卷演示 四.nfs共享存储卷演示 五.PVC和PV的概念 六.NFS使用PV和PVC 1.配置nfs存储 2.定义 ...
- Kubernetes学习之路(二十)之K8S组件运行原理详解总结
目录 一.看图说K8S 二.K8S的概念和术语 三.K8S集群组件 1.Master组件 2.Node组件 3.核心附件 四.K8S的网络模型 五.Kubernetes的核心对象详解 1.Pod资源对 ...
- Kubernetes学习之路(27)之k8s 1.15.2 部署
目录 一.环境准备 二.软件安装 三.部署master节点 四.部署node节点 五.集群状态检测 一.环境准备 IP地址 节点角色 CPU Memory Hostname Docker versio ...
随机推荐
- C# 队列(Queue) 和堆栈(Stack)
队列 (Queue) ...
- [翻译] OCMaskedTextField
OCMaskedTextField https://github.com/OmerCora/OCMaskedTextField Simple class to display dynamically ...
- 如何打包ipa文件
如何打包ipa文件 1. 新建一个工程 // // RootViewController.m // YouXianMing // // Copyright (c) 2014年 Y.X. All rig ...
- sonarQube常见问题及分析
阻断1.Close this"FileInputStream" in a "finally" clause.在finally中关闭FileInputStream ...
- Python学习---django-debug-tools安装
[官网]http://django-debug-toolbar.readthedocs.io/en/1.2/installation.html [更多安装参考]http://blog.csdn.net ...
- Bootstrap后台管理框架
B-JUI http://www.xknaan.com/ B-JUI 前端框架,基于Bootstrap的Jquery UI框架,核心思想脱胎于DWZ(j-ui). BJUI_SSM_DEMO 基于 ...
- 奇怪的.strip(alir) #()里面有东西 待问老师........
#关于strips = "alirrijgbskbbbbbar"s1 = s.strip("alir") # strip 去空格,strip(sth),括号里有 ...
- grep命令.md
grep命令 简介 Linux系统中grep命令是一种强大的文本搜索工具,它能使用正则表达式搜索文本,并把匹 配的行打印出来.grep全称是Global Regular Expression Prin ...
- TortoiseGit需要重复填写用户名和密码的问题
命令行执行: git config --global credential.helper store 即可
- 965. Univalued Binary Tree
题目来源: https://leetcode.com/problems/univalued-binary-tree/submissions/ 自我感觉难度/真实难度: 题意: 分析: 自己的代码: c ...