4、kubernetes应用入门
本随笔接前两两章,建立离master主节点和node01、node02、node03三个节点
kubectl子命令
master ~]# kubectl
kubectl controls the Kubernetes cluster manager. Find more information at: https://kubernetes.io/docs/reference/kubectl/overview/ Basic Commands (Beginner):
create Create a resource from a file or from stdin. //增
expose Take a replication controller, service, deployment or pod and expose it as a new Kubernetes Service
run Run a particular image on the cluster
set Set specific features on objects Basic Commands (Intermediate):
explain Documentation of resources
get Display one or many resources //查
edit Edit a resource on the server //改
delete Delete resources by filenames, stdin, resources and names, or by resources and label selector //删除 Deploy Commands:
rollout Manage the rollout of a resource //滚动
scale Set a new size for a Deployment, ReplicaSet, Replication Controller, or Job //手动改变应用程序的规模
autoscale Auto-scale a Deployment, ReplicaSet, or ReplicationController //自动改变,即创建HPA Cluster Management Commands: //集群管理
certificate Modify certificate resources.
cluster-info Display cluster info //集群信息
top Display Resource (CPU/Memory/Storage) usage.
cordon Mark node as unschedulable //标记一个节点不可被调用
uncordon Mark node as schedulable //标记节点可被调用
drain Drain node in preparation for maintenance
taint Update the taints on one or more nodes //给节点增加污点,作用是控制是否被调用 Troubleshooting and Debugging Commands:
describe Show details of a specific resource or group of resources //描述资源的详细信息,例如 master ~]# kubectl describe node node01
logs Print the logs for a container in a pod
attach Attach to a running container
exec Execute a command in a container
port-forward Forward one or more local ports to a pod
proxy Run a proxy to the Kubernetes API server
cp Copy files and directories to and from containers.
auth Inspect authorization Advanced Commands:
diff Diff live version against would-be applied version
apply Apply a configuration to a resource by filename or stdin
patch Update field(s) of a resource using strategic merge patch
replace Replace a resource by filename or stdin
wait Experimental: Wait for a specific condition on one or many resources.
convert Convert config files between different API versions
kustomize Build a kustomization target from a directory or a remote url. Settings Commands:
label Update the labels on a resource
annotate Update the annotations on a resource
completion Output shell completion code for the specified shell (bash or zsh) Other Commands:
api-resources Print the supported API resources on the server
api-versions Print the supported API versions on the server, in the form of "group/version"
config Modify kubeconfig files
plugin Provides utilities for interacting with plugins.
version Print the client and server version information Usage:
kubectl [flags] [options] Use "kubectl <command> --help" for more information about a given command.
Use "kubectl options" for a list of global command-line options (applies to all commands).
描述一个资源的详细信息
[root@master ~]# kubectl describe node master
Name: master
Roles: master
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/arch=amd64
kubernetes.io/hostname=master
kubernetes.io/os=linux
node-role.kubernetes.io/master=
Annotations: flannel.alpha.coreos.com/backend-data: {"VtepMAC":"2e:6c:70:78:ed:70"}
flannel.alpha.coreos.com/backend-type: vxlan
flannel.alpha.coreos.com/kube-subnet-manager: true
flannel.alpha.coreos.com/public-ip: 192.168.184.141
kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
node.alpha.kubernetes.io/ttl:
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Fri, May :: +
Taints: node-role.kubernetes.io/master:NoSchedule //表示只要不是master的组件都不能调度到master上
Unschedulable: false
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
MemoryPressure False Mon, Jun :: + Fri, May :: + KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Mon, Jun :: + Fri, May :: + KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Mon, Jun :: + Fri, May :: + KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Mon, Jun :: + Mon, Jun :: + KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 192.168.184.141
Hostname: master
Capacity:
cpu:
ephemeral-storage: 12786Mi
hugepages-1Gi:
hugepages-2Mi:
memory: 1867048Ki
pods:
Allocatable:
cpu:
ephemeral-storage:
hugepages-1Gi:
hugepages-2Mi:
memory: 1764648Ki
pods:
System Info:
Machine ID: 45c658713b3b423387314d097b36aa61
System UUID: 7C8C4D56--E896-C85E-040A2FCEF804
Boot ID: 474da659--4a63-a5f9-2e436260b3d2
Kernel Version: 3.10.-.el7.x86_64
OS Image: CentOS Linux (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://18.9.6
Kubelet Version: v1.14.2
Kube-Proxy Version: v1.14.2
PodCIDR: 10.244.0.0/
Non-terminated Pods: ( in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE
--------- ---- ------------ ---------- --------------- ------------- ---
kube-system coredns-fb8b8dccf-42b7j 100m (%) (%) 70Mi (%) 170Mi (%) 3d1h
kube-system coredns-fb8b8dccf-bjv95 100m (%) (%) 70Mi (%) 170Mi (%) 3d1h
kube-system etcd-master (%) (%) (%) (%) 3d1h
kube-system kube-apiserver-master 250m (%) (%) (%) (%) 3d1h
kube-system kube-controller-manager-master 200m (%) (%) (%) (%) 3d1h
kube-system kube-flannel-ds-amd64-w4jfh 100m (%) 100m (%) 50Mi (%) 50Mi (%) 2d18h
kube-system kube-proxy-f88gd (%) (%) (%) (%) 3d1h
kube-system kube-scheduler-master 100m (%) (%) (%) (%) 3d1h
Allocated resources:
(Total limits may be over percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 850m (%) 100m (%)
memory 190Mi (%) 390Mi (%)
ephemeral-storage (%) (%)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Starting 14m kubelet, master Starting kubelet.
Normal NodeHasSufficientMemory 14m kubelet, master Node master status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 14m kubelet, master Node master status is now: NodeHasNoDiskPressure
Normal NodeHasSufficientPID 14m kubelet, master Node master status is now: NodeHasSufficientPID
Normal NodeNotReady 14m kubelet, master Node master status is now: NodeNotReady
Normal NodeAllocatableEnforced 14m kubelet, master Updated Node Allocatable limit across pods
Normal NodeReady 14m kubelet, master Node master status is now: NodeReady
[root@master ~]# kubectl version //查看客户端和服务器端的版本
Client Version: version.Info{Major:"", Minor:"", GitVersion:"v1.14.2", GitCommit:"66049e3b21efe110454d67df4fa62b08ea79a19b", GitTreeState:"clean",
BuildDate:"2019-05-16T16:23:09Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"", Minor:"", GitVersion:"v1.14.2", GitCommit:"66049e3b21efe110454d67df4fa62b08ea79a19b", GitTreeState:"clean",
BuildDate:"2019-05-16T16:14:56Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}
[root@master ~]# kubectl cluster-info //查看集群信息
Kubernetes master is running at https://192.168.184.141:6443 //向外输出的API Server地址
KubeDNS is running at https://192.168.184.141:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
//相当于CoreDNS,运行获取路径时,从集群外部访问的执行端口转发的代理的访问方式 To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
三个重要的附件:kube-proxy、CoreDNS、flannel
如何对k8s集群进行增删改查
[root@master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port= --replicas= --dry-run=true
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version.
Use kubectl run --generator=run-pod/v1 or kubectl create instead.
deployment.apps/nginx-deploy created (dry run) //deployment.apps表示类别,在deployment控制器下控制的应用程序apps,叫nginx-deploy
[root@master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port= --replicas=
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
deployment.apps/nginx-deploy created
[root@master ~]# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deploy / 88s
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deploy-55d8d67cf-r45d4 / Running 3m12s //nginx-deploy(名称)-55d8d67cf-r45d4(hash码)
[root@master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deploy-55d8d67cf-r45d4 / Running 5m26s 10.244.1.2 node03 <none> <none>
[root@node03 ~]# ifconfig
cni0: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450 //创建的pod属于cni0桥
inet 10.244.1.1 netmask 255.255.255.0 broadcast 0.0.0.0 //这里是24为掩码,即10.244.1是网络地址,是整个大网10.244.0.0的子网,10.244.1.0/24专供node03上的pod使用
inet6 fe80:::d6ff:fec3:8c48 prefixlen scopeid 0x20<link>
ether 2a::d6:c3:8c: txqueuelen (Ethernet)
RX packets bytes (28.0 B)
RX errors dropped overruns frame
TX packets bytes (648.0 B)
TX errors dropped overruns carrier collisions docker0: flags=<UP,BROADCAST,MULTICAST> mtu 1500 //创建的pod地址不属于docker0桥的
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether ::fa:b6:: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions flannel.1: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 10.244.1.0 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 fe80::8cfe:edff:fe64:fa7 prefixlen scopeid 0x20<link>
ether 8e:fe:ed::0f:a7 txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
[root@node02 ~]# ifconfig //没有cni0桥是因为这里还没有创建pod
docker0: flags=<UP,BROADCAST,MULTICAST> mtu
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether ::0f:c0:cc:e7 txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions 。。。。 flannel.1: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 10.244.2.0 netmask 255.255.255.255 broadcast 0.0.0.0 //子网:10.244.2.0/24专供node02上的pod使用
inet6 fe80::80c1:b0ff:fe56:d03c prefixlen scopeid 0x20<link>
ether :c1:b0::d0:3c txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
[root@node01 ~]# ifconfig
docker0: flags=<UP,BROADCAST,MULTICAST> mtu
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether ::7d::0a: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
flannel.1: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 10.244.3.0 netmask 255.255.255.255 broadcast 0.0.0.0 //子网:10.244.3.0/24专供node01上的pod使用
inet6 fe80::909c:12ff:fe96: prefixlen scopeid 0x20<link>
ether :9c:::: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
[root@node01 ~]# curl 10.244.1.2 //pod运行在node03上,但是在node01、master、node02上都是可以访问的
<!DOCTYPE html> //因为master、node01、node02和node03都处于同一网段中,但是pod的地址只能在k8s集群内部使用;
<html> //pod的客户端分为两类:1、其他pod,2、集群外部的客户端
<head>
<title>Welcome to nginx!</title>
<style>
。。。。。。。
[root@master ~]# kubectl get pod //已存在的pod
NAME READY STATUS RESTARTS AGE
nginx-deploy-55d8d67cf-r45d4 / Running 58m
[root@master ~]# kubectl delete pod nginx-deploy-55d8d67cf-r45d4 //删除pod
pod "nginx-deploy-55d8d67cf-r45d4" deleted
[root@master ~]# kubectl get pod //删除后会立马创建新的pod,引文pod资源是控制器管理的,如果pod资源不够时,控制器会自动创建一个新的pod
NAME READY STATUS RESTARTS AGE
nginx-deploy-55d8d67cf-tfppt / ContainerCreating 6s
[root@master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deploy-55d8d67cf-tfppt / Running 5m45s 10.244.2.2 node02 <none> <none>
//这次是创建在node02上,但是node02由于没有镜像,所以要先下载镜像
node02 ~]# ifconfig //上述将已经存在的pod删除后,又新建一个pod,这样就改变了pod的IP,但是服务仍然存在,所以以IP地址访问是不可以的,因此应该给pod一个固定端点,
cni0: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450 //当客户端访问时,只需要访问它的固定端点,固定端点由service提供。
inet 10.244.2.1 netmask 255.255.255.0 broadcast 0.0.0.0
inet6 fe80::1cf7:fcff:fe37:bfd2 prefixlen scopeid 0x20<link>
ether 1e:f7:fc::bf:d2 txqueuelen (Ethernet)
RX packets bytes (28.0 B)
RX errors dropped overruns frame
TX packets bytes (648.0 B)
TX errors dropped overruns carrier collisions
flannel.1: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 10.244.2.0 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 fe80::80c1:b0ff:fe56:d03c prefixlen scopeid 0x20<link>
ether :c1:b0::d0:3c txqueuelen (Ethernet)
RX packets bytes (1.1 KiB)
RX errors dropped overruns frame
TX packets bytes (506.0 B)
TX errors dropped overruns carrier collisions
master ~]# kubectl expose --help //expose暴漏的端口(创建或者代理) 是service_port
Usage:
kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP|SCTP] [--target-port=number-or-name] //[--port=port]指service的端口
[--name=name] [--external-ip=external-ip-of-service] [--type=type] [options] //[--name=name]是service的名称,[--type=type]是service的类型
[--port=port]指服务的端口(service有自己的地址),[--target-port=number-or-name]目标端口是pod的端口
service是为pod提供一个固定访问端点,但这个端点不支持外部访问,只能在集群内部的节点上才能被访问,这种端点大多时候是被pod客户端访问的。pod客户端在访问
服务时,是可以基于service的名称来访问的(IP地址是动态生成的),但是pod客户端必须能解析这个service名称。解析时就需要依赖CoreDNS服务。
service只有一个servic IP,只能在集群内被各pod客户端访问,而不能突破集群边界,被集群外部的客户端访问
master ~]# kubectl expose deployment nginx-deploy --name=nginx --port=80 --target-port=80 --protocol=TCP
service/nginx exposed //nginx是服务名称,是nginx-deploy创建的pod资源
//deployment是控制器,将控制器相关的pod资源即nginx-deployment创建为一个服务,服务名是nginx。
[root@master ~]# kubectl get svc //svc是service的缩写,查看创建的服务
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> /TCP 3d15h
nginx ClusterIP 10.96.75.49 <none> 80/TCP 2m41s
service是为pod提供一个固定访问端点,但这个端点不支持外部访问,只能在集群内部的节点上才能被访问,这种端点大多时候是被pod客户端访问的。
pod客户端在访问服务时,是可以基于service的名称来访问的(IP地址是动态生成的),但是pod客户端必须能解析这个service名称。
解析时就需要依赖CoreDNS服务。CoreDNS地址是可以查询的,但一般并不会直接使用地址,而是使用CoreDNS的服务名称。
master ~]# kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-fb8b8dccf-42b7j / Running 3d15h 10.244.0.2 master <none> <none>
coredns-fb8b8dccf-bjv95 / Running 3d15h 10.244.0.3 master <none> <none>
etcd-master / Running 3d15h 192.168.184.141 master <none> <none>
kube-apiserver-master / Running 3d15h 192.168.184.141 master <none> <none>
kube-controller-manager-master / Running 3d15h 192.168.184.141 master <none> <none>
kube-flannel-ds-amd64-4z7ht / Running 18h 192.168.184.144 node03 <none> <none>
kube-flannel-ds-amd64-k4rxq / Running 18h 192.168.184.142 node01 <none> <none>
kube-flannel-ds-amd64-w4jfh / Running 3d8h 192.168.184.141 master <none> <none>
kube-flannel-ds-amd64-ztbm6 / Running 2d21h 192.168.184.143 node02 <none> <none>
kube-proxy-f88gd / Running 3d15h 192.168.184.141 master <none> <none>
kube-proxy-kvd9x / Running 18h 192.168.184.144 node03 <none> <none>
kube-proxy-qqhpx / Running 18h 192.168.184.142 node01 <none> <none>
kube-proxy-zsnz5 / Running 2d21h 192.168.184.143 node02 <none> <none>
kube-scheduler-master / Running 3d15h 192.168.184.141 master <none> <none>
[root@master ~]# kubectl get svc -n kube-system //查看kube-system名称空间中的服务
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 <none> /UDP,/TCP,/TCP 3d15h
为了演示效果CoreDNS解析效果,再启动一个pod作为客户端使用
[root@master ~]# kubectl run client --image=busybox --replicas= -it --restart=Never
If you don't see a command prompt, try pressing enter.
/ # cat /etc/resolv.conf
nameserver 10.96.0.10 //IP解析地址指向10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local //svc.cluster.local表示k8s集群的本地pod资源的特定后缀,default表示pod所属的名称空间的名字,
options ndots: / # //所以如果基于服务的名称进行解析时,一定要使用完整的服务名称。如果服务名称不完整,搜索域是不一样的
master ~]# yum install bind-utils
master ~]# dig -t A nginx.default.svc.cluster.local @10.96.0.10 //根据服务全名,通过CoreDNS服务将service的IP解析出来 ; <<>> DiG 9.9.-RedHat-9.9.-.el7_6 <<>> -t A nginx.default.svc.cluster.local @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
;; flags: qr aa rd; QUERY: , ANSWER: , AUTHORITY: , ADDITIONAL:
;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION:
; EDNS: version: , flags:; udp:
;; QUESTION SECTION:
;nginx.default.svc.cluster.local. IN A ;; ANSWER SECTION:
nginx.default.svc.cluster.local. 5 IN A 10.96.75.49 //根据service服务(nginx)名称将service的IP解析出来 ;; Query time: msec
;; SERVER: 10.96.0.10#(10.96.0.10)
;; WHEN: Tue Jun :: CST
;; MSG SIZE rcvd:
[root@master ~]# kubectl run client --image=busybox --replicas= -it --restart=Never
If you don't see a command prompt, try pressing enter.
/ # cat /etc/resolv.conf
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:
/ # wget nginx
Connecting to nginx (10.96.75.49:80) //根据service名称解析出来service的IP
index.html % |***********************************************************************************************| :: ETA
/ # wget -O - -q http://nginx:80/ //此时这里的80端口被调度到pod的port上
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
</html>
下面将pod手动宕机,测试使用同一个service名称(nginx)是否还可以访问
[root@master ~]# kubectl get pods //查询pod的名称
NAME READY STATUS RESTARTS AGE
client / Running 36m
nginx-deploy-55d8d67cf-tfppt / Running 5h35m
[root@master ~]# kubectl delete pods nginx-deploy-55d8d67cf-tfppt //删除pod
pod "nginx-deploy-55d8d67cf-tfppt" deleted
[root@master ~]# kubectl get pods 再次查看,控制器已经新建了一个pod
NAME READY STATUS RESTARTS AGE
client / Running 36m
nginx-deploy-55d8d67cf-hlj9v / ContainerCreating 11s
[root@master ~]# kubectl get pods //新建的pod已经运行
NAME READY STATUS RESTARTS AGE
client / Running 37m
nginx-deploy-55d8d67cf-hlj9v / Running 37s
/ # wget -O - -q http://nginx:80/ //再次使用service服务的名称进行访问nginx服务,还是可以访问的,这就是通过标签和标签选择器关联pod资源,而不是基于IP地址来选择的。
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
</body>
master ~]# kubectl expose deployment nginx-deploy --name=nginx --port=80 --target-port=80 --protocol=TCP
上述实验说明了只要是nginx-deploy创建的pod,一律都纳入到服务的后端中去,这就是service可以为pod提供固定的访问端点。
service是iptables规则或者ipvs规则
[root@master ~]# kubectl get pods -o wide //目前服务运行在node01上,但是在其他节点(node02或node03)都是可以查看相关规则的
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
client / Running 6h12m 10.244.1.3 node03 <none> <none>
nginx-deploy-55d8d67cf-hlj9v / Running 5h36m 10.244.3.2 node01 <none> <none>
[root@master ~]# kubectl get svc //主要关注的不是pod自身,而是svc,service生成后即nginx会生成iptables或ipvs规则,把所有访问10.96.75.49:80的都调度至
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE //nginx用标签选择器关联到的各pod后端。
kubernetes ClusterIP 10.96.0.1 <none> /TCP 3d22h nginx ClusterIP 10.96.75.49 <none> 80/TCP 6h45m
如何查看标签选择器关联到哪些客户端?
[root@master ~]# kubectl describe svc nginx //下面显示的资源都是可以被改变的
Name: nginx
Namespace: default
Labels: run=nginx-deploy
Annotations: <none>
Selector: run=nginx-deploy //选择器选择那些所有拥有run标签,且值=nginx-deploy的pod资源
Type: ClusterIP
IP: 10.96.75.49 //比如IP地址改变后,解析结果也会自动修改,这里的变化会立即CoreDNS的解析记录当中,如果把这个服务删除了,这个地址也是发生变化的
Port: <unset> /TCP
TargetPort: 80/TCP
Endpoints: 10.244.3.2:80 //如果pod资源被删除,这里会发生相应的变化
Session Affinity: None
Events: <none>
[root@master ~]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
client / Running 7h4m run=client
nginx-deploy-55d8d67cf-hlj9v / Running 6h27m pod-template-hash=55d8d67cf,run=nginx-deploy
//当此标签被删除时,再创建是依然要有此标签才能被选中,而不是根据IP地址被选中
首先使用kubectl run创建一个pod,比如这个pod运行的是nginx,此时nginx只能对集群内的节点提供访问功能,集群外的节点是无法访问的;所以就需要创建一个service,由service通过pod的标签关联pod,然后对集群外部提供服务。
以上就是service的意义
控制器是根据标签选择器来关联到pod资源上的
[root@master]# kubectl describe deployment nginx-deploy
Name: nginx-deploy
Namespace: default
CreationTimestamp: Tue, Jun :: +
Labels: run=nginx-deploy
Annotations: deployment.kubernetes.io/revision:
Selector: run=nginx-deploy
Replicas: desired | updated | total | available | unavailable
StrategyType: RollingUpdate
MinReadySeconds:
RollingUpdateStrategy: % max unavailable, % max surge
Pod Template:
Labels: run=nginx-deploy
Containers:
nginx-deploy:
Image: nginx:1.14-alpine
Port: /TCP
Host Port: /TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Progressing True NewReplicaSetAvailable
Available True MinimumReplicasAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-deploy-55d8d67cf (/ replicas created)
Events: <none>
一个创建好的deployment控制器的副本数量是可以动态修改的
[root@master ~]# kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2 //创建新的控制器,副本是2
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
deployment.apps/myapp created
[root@master ~]# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
myapp / 5m38s
nginx-deploy / 10d
[root@master ~]# kubectl get deployment -w //-w表示监控
NAME READY UP-TO-DATE AVAILABLE AGE
myapp / 95s
nginx-deploy / 10d
[root@master ~]# kubectl get pods -o wide //新创建的pod在不同的节点上,同时他们的网络也是不同的
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
client / Error 9d <none> node03 <none> <none>
client1 / Completed 9d 10.244.2.3 node02 <none> <none>
myapp-5bc569c47d-24qfh 1/1 Running 0 7m29s 10.244.2.4 node02 <none> <none>
myapp-5bc569c47d-7ql96 1/1 Running 0 7m29s 10.244.1.4 node03 <none> <none>
nginx-deploy-55d8d67cf-hlj9v / Running 9d 10.244.3.5 node01 <none> <none>
[root@master ~]# kubectl run client2 --image=busybox --replicas=1 -it --restart=Never //应该为pod提供固定的访问端点,即service
If you don't see a command prompt, try pressing enter.
/ # wget -O - -q 10.244.2.4
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # wget -O - -q 10.244.1.4
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # wget -O - -q 10.244.1.4/hostname.html
myapp-5bc569c47d-7ql96
/ # wget -O - -q 10.244.2.4/hostname.html
myapp-5bc569c47d-24qfh
为pod创建固定访问端点
[root@master ~]# kubectl expose deployment myapp --name=myapp --port=80
service/myapp exposed
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> /TCP 13d
myapp ClusterIP 10.96.152.130 <none> 80/TCP 7s
nginx ClusterIP 10.96.75.49 <none> /TCP 9d
随机调度不同节点上的pod
/ # wget -O - -q myapp
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # wget -O - -q myapp/hostname.html
myapp-5bc569c47d-7ql96
/ # wget -O - -q myapp/hostname.html
myapp-5bc569c47d-24qfh
/ # wget -O - -q myapp/hostname.html
myapp-5bc569c47d-24qfh
/ # wget -O - -q myapp/hostname.html
myapp-5bc569c47d-7ql96
/ # wget -O - -q myapp/hostname.html
myapp-5bc569c47d-24qfh
/ # wget -O - -q myapp/hostname.html
myapp-5bc569c47d-7ql96
/ # while true; do wget -O - -q myapp/hostname.html; sleep ; done
myapp-5bc569c47d-7ql96
myapp-5bc569c47d-24qfh
myapp-5bc569c47d-24qfh
myapp-5bc569c47d-7ql96
myapp-5bc569c47d-24qfh
myapp-5bc569c47d-7ql96
pod是动态变动的,可以进行扩展或者缩小
master ~]# kubectl scale --help
Usage:
kubectl scale [--resource-version=version] [--current-replicas=count] --replicas=COUNT (-f FILENAME | TYPE NAME)
master ~]# kubectl scale --replicas= deployment myapp //将控制器myapp的副本数量增加到5
deployment.extensions/myapp scaled
[root@master ~]# kubectl get pods //查看副本是五个
NAME READY STATUS RESTARTS AGE
client / Error 9d
client1 / Completed 9d
client2 / Running 65m
myapp-5bc569c47d-24qfh 1/1 Running 0 75m
myapp-5bc569c47d-7ql96 1/1 Running 0 75m
myapp-5bc569c47d-bdpxf 1/1 Running 0 69s
myapp-5bc569c47d-ftrgc 1/1 Running 0 69s
myapp-5bc569c47d-qlk7f 0/1 Running 0 69s
nginx-deploy-55d8d67cf-hlj9v / Running 9d
/ # while true; do wget -O - -q myapp/hostname.html; sleep ; done //这里可以把5个pod都可以访问到
myapp-5bc569c47d-ftrgc
myapp-5bc569c47d-24qfh
myapp-5bc569c47d-ftrgc
myapp-5bc569c47d-bdpxf
myapp-5bc569c47d-qlk7f
myapp-5bc569c47d-qlk7f
myapp-5bc569c47d-7ql96
myapp-5bc569c47d-bdpxf
myapp-5bc569c47d-qlk7f
myapp-5bc569c47d-qlk7f
myapp-5bc569c47d-7ql96
[root@master ~]# kubectl scale --replicas=3 deployment myapp //缩减pod副本数量
deployment.extensions/myapp scaled
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client / Error 9d
client1 / Completed 9d
client2 / Error 78m
client3 / Running 2m46s
myapp-5bc569c47d-24qfh 1/1 Running 0 88m
myapp-5bc569c47d-7ql96 1/1 Running 0 88m
myapp-5bc569c47d-bdpxf 1/1 Running 0 14m
nginx-deploy-55d8d67cf-hlj9v / Running 9d
/ # while true; do wget -O - -q myapp/hostname.html; sleep ; done //缩减后只调度剩下三个pod
myapp-5bc569c47d-24qfh
myapp-5bc569c47d-7ql96
myapp-5bc569c47d-7ql96
myapp-5bc569c47d-bdpxf
myapp-5bc569c47d-24qfh
myapp-5bc569c47d-bdpxf
下面将myapp滚动升级到V2版本
/ # while true; do wget -O - -q myapp; sleep ; done
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
master ~]# kubectl set image --help
Usage:
kubectl set image (-f FILENAME | TYPE NAME) CONTAINER_NAME_1=CONTAINER_IMAGE_1 ... CONTAINER_NAME_N=CONTAINER_IMAGE_N
[root@master ~]# kubectl get pods //首先查看升级哪些pod
NAME READY STATUS RESTARTS AGE
client / Error 9d
client1 / Completed 9d
client2 / Error 119m
client3 / Running 43m
myapp-5bc569c47d-24qfh / Running 129m
myapp-5bc569c47d-7ql96 / Running 129m
myapp-5bc569c47d-bdpxf / Running 55m
nginx-deploy-55d8d67cf-hlj9v / Running 9d
master ~]# kubectl describe pods myapp-5bc569c47d-24qfh //可以显示升级容器的相关信息
Name: myapp-5bc569c47d-24qfh
Namespace: default
Priority:
PriorityClassName: <none>
Node: node02/192.168.184.143
Start Time: Fri, Jun :: +
Labels: pod-template-hash=5bc569c47d
run=myapp
Annotations: <none>
Status: Running
IP: 10.244.2.4
Controlled By: ReplicaSet/myapp-5bc569c47d
Containers: //容器名称
myapp:
Container ID: docker://698843132d3a70585e8065470f97ae1d74ece31ae04749c57b9e93a66fe99d91
Image: ikubernetes/myapp:v1
Image ID: docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
Port: <none>
Host Port: <none>
State: Running
Started: Fri, Jun :: +
Ready: True
Restart Count:
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-fckpp (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-fckpp:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-fckpp
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events: <none>
修改控制器下面对应的容器,并指明所要升级到的镜像版本
[root@master ~]# kubectl set image deployment myapp myapp=ikubernetes/myapp:v2
deployment.extensions/myapp image updated
[root@master ~]# kubectl rollout status deployment myapp //这里显示已经更新完成
deployment "myapp" successfully rolled out
此时控制器的版本已经升级到V2版本了
/ # while true; do wget -O - -q myapp; sleep ; done
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
此时查看各pod的名称,已经发生了改变
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client / Error 10d
client1 / Completed 9d
client2 / Error 3h45m
client3 / Running 149m
myapp-86984b4c7c-24tmb 1/1 Running 0 97m
myapp-86984b4c7c-clqhw 1/1 Running 0 96m
myapp-86984b4c7c-crzfj 1/1 Running 0 97m
nginx-deploy-55d8d67cf-hlj9v / Running 10d
升级故障可以做回滚
回滚有两种方法:
1、直接修改版本
master ~]# kubectl set image deployment myapp myapp=ikubernetes/myapp:v1
2、使用命令
master ~]# kubectl rollout --help
Examples:
# Rollback to the previous deployment
kubectl rollout undo deployment/abc # Check the rollout status of a daemonset
kubectl rollout status daemonset/foo Available Commands:
history View rollout history
pause Mark the provided resource as paused
resume Resume a paused resource
status Show the status of the rollout
undo Undo a previous rollout Usage:
kubectl rollout SUBCOMMAND [options] Use "kubectl <command> --help" for more information about a given command.
Use "kubectl options" for a list of global command-line options (applies to all commands).
master ~]# kubectl rollout undo --help //
Usage: //指明回滚到哪一个版本,如果不指明就回滚到上一个版本
kubectl rollout undo (TYPE NAME | TYPE/NAME) [flags] [options]
[root@master ~]# kubectl rollout undo deployment myapp
deployment.extensions/myapp rolled back
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client3 / Running 157m
myapp-5bc569c47d-5cdpw 1/1 Running 0 7s
myapp-5bc569c47d-c4gr2 1/1 Running 0 11s
myapp-5bc569c47d-njr5w 1/1 Running 0 9s //上述三个是运行回滚后的版本的pod
myapp-86984b4c7c-24tmb 0/1 Terminating 0 105m //结束此前版本
nginx-deploy-55d8d67cf-hlj9v / Running 10d
/ # while true; do wget -O - -q myapp; sleep ; done //此时已经运行的是V1版本了
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
如果想要在进群外部(比如浏览器)访问集群服务,该如何做?
可以将service类型修改为NodePort即可
master ~]# kubectl edit svc myapp
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
creationTimestamp: "2019-06-14T02:35:03Z"
labels:
run: myapp
name: myapp
namespace: default
resourceVersion: ""
selfLink: /api/v1/namespaces/default/services/myapp
uid: 039652cc-8e4d-11e9-a017-000c29cef804
spec:
clusterIP: 10.96.152.130
ports:
- port:
protocol: TCP
targetPort:
selector:
run: myapp
sessionAffinity: None
type: ClusterIP --> 将ClusterIP 修改为NodePort
status:
loadBalancer: {}
修改成功后显示:service/myapp edited
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> /TCP 13d
myapp NodePort 10.96.152.130 <none> :/TCP 3h15m //30327是每一个节点的这个端口都可以访问myapp
nginx ClusterIP 10.96.75.49 <none> /TCP 10d
每一个节点都可以访问
并且是负载均衡的
4、kubernetes应用入门的更多相关文章
- Kubernetes快速入门
二.Kubernetes快速入门 (1)Kubernetes集群的部署方法及部署要点 (2)部署Kubernetes分布式集群 (3)kubectl使用基础 1.简介 kubectl就是API ser ...
- Kubernetes 从入门到进阶实战教程 (2021 最新万字干货版)
作者:oonamao 毛江云,腾讯 CSIG 应用开发工程师原文:来源腾讯技术工程,https://tinyurl.com/ya3ennxf 写在前面 笔者今年 9 月从端侧开发转到后台开发,第一个系 ...
- Kubernetes Helm入门指南
什么是Helm?这可不是暗黑破坏神里装备的名称:头盔,而是Kubernetes的一个包管理工具,用来简化Kubernetes应用的部署和管理.我们Helm和Kubernetes的关系,我们可以理解成y ...
- 002.Kubernetes简单入门实例
一 环境准备 1.1 基础环境 Kubernetes模式:单机版 系统环境:CentOS 7/172.24.9.157 部署方式:yum快速部署 其他设置:开启NTP.关闭防火墙及SELinux 二 ...
- (三)Kubernetes 快速入门
Kubernetes的核心对象 API Server提供了RESTful风格的编程接口,其管理的资源是Kubernetes API中的端点,用于存储某种API对象的集合,例如,内置Pod资源是包含了所 ...
- kubernetes从入门到放弃(二)
kubernetes对象之pod 1.pod的认识 Pod直译是豆荚,可以把容器想像成豆荚里的豆子,把一个或多个关系紧密的豆子包在一起就是豆荚(一个Pod).在Kubernetes中我们不会直接操作容 ...
- K8s / Kubernetes 从入门到入门
Kubernetes介绍 1.背景介绍 云计算飞速发展 - IaaS - PaaS - SaaS Docker技术突飞猛进 - 一次构建,到处运行 - 容器的快速轻量 - 完整的生态环境 2.什么是k ...
- Azure Kubernetes Service 入门
一,引言 上一节,我们使用Azure CLI 创建了Azure Resource Group 和 Azure Container Registry 资源,并且将本地的一个叫 “k8s.net.demo ...
- 容器编排系统之Kubernetes基础入门
一.kubernetes简介 1.什么是kubernetes?它是干什么用的? kubernetes是google公司用go语言开发的一套容器编排系统,简称k8s:它主要用于容器编排:所谓容器编排简单 ...
随机推荐
- C++面试高频题
作者:守望者1028链接:https://www.nowcoder.com/discuss/55353来源:牛客网 面试高频题: 校招过程中参考过牛客诸位大佬的面经,但是具体哪一块是参考谁的我也忘记了 ...
- The Preliminary Contest for ICPC Asia Nanjing 2019 B. super_log (广义欧拉降幂)
In Complexity theory, some functions are nearly O(1)O(1), but it is greater then O(1)O(1). For examp ...
- HashSet与HashMap源代码深度剖析
HashSet源码分析: 先来看一下它的构造方法: 呃~~居然它的底层是用HashMap来实现的,颠覆三观,那它究竟是如何来用的呢?继续来往下跟: 对于HashSet而言是没有key->valu ...
- Java运行环境绿色部署配置
这个Java的绿色安装配置,还有从未自己的使用电脑说起来. 最近电脑运行慢,很长时间没有清理及维护了,而且有可能中毒或木马了,所以就把系统进行了Ghost还原了,所以原来安装的jdk环境也无法使用了, ...
- 第六章 组件 59 组件切换-使用Vue提供的component元素实现组件切换
<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8&quo ...
- Array 对象-sort()
Array 对象-sort() sort方法对数组成员进行排序,默认是按照字典顺序排序.排序后,原数组将被改变. sort方法不是按照大小排序,而是按照字典顺序.也就是说,数值会被先转成字符串,再按照 ...
- wcPro--WordCount扩展
Github:https://github.com/whoNamedCody/wcPro PSP表格 PSP2.1 PSP阶段 预估耗时 (分钟) 实际耗时 (分钟) Planning 计划 ...
- 小程序swiper组件的bindchange方法重复执行问题
这是官方文档的说法给出了swiper组件一直来回滑动的bug原因 以下是修正方法 <swiper autoplay="{{autoplay}}" interval=" ...
- [Functional Programming] Add, Mult, Pow, isZero
const log = console.log; // zero :: &fa.a const zero = f => x => x; // zero is F // once : ...
- bootstrap与IE、360浏览器的兼容问题
bootstrap样式在IE.360浏览器无法正常显示,之前使用的一个基于bootstrap的插件在IE.360浏览器也无法正常使用. bootstrap3支持的浏览器有: Chrome (Mac.W ...