RESTful
GET, PUT, DELETE, POST, ...
kubectl run, get, edit, ...
资源: 对象
workload: Pod, ReplicaSet, Deployment, StatefulSet, Daemon Set, Job, Cronjob, ...
服务发现及均衡: Service, Ingress, ...
配置与存储: Volume, CSI
ConfigMap, Secret,
DownwardAPI
集群级资源
Namespace, Node, Role, ClusterRole, RoleBinding, ClusterRoleBinding
元数据型资源
HPA, PodTemplate, LimitRange
group/version, core
创建资源的方法:
apiserver仅接收JSON格式的自由定义;
yaml格式提供配置清单,apiserver可自动将其转为json格式,而后再提交;
大部分资源的配置清单:
apiVersion: group/version
$ kubectl api-versions
kind: 资源类别
metadata: 元数据
name
namespace
labels
annotations:资源骤减
每个资源的引用PATH
/api/GROUP/VERSION/namespaces/NAMESPACE/TYPE/NAME
spec: 期望的状态, disired state
status: 当前状态, current state, 本字段由kubernetes集群维护;
deployment示例:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
# Unique key of the Deployment instance
name: deployment-example
spec:
# 2 Pods should exist at all times.
replicas: 2
template:
metadata:
labels:
# Apply this label to pods and default
# the Deployment label selector to this value
app: nginx
spec:
containers:
- name: nginx
# Run this image
image: nginx:1.12
service示例:
kind: Service
apiVersion: v1
metadata:
# Unique key of the Service instance
name: nginx-example
spec:
ports:
# Accept traffic sent to port 80
- name: http
port: 80
targetPort: 80
selector:
# Loadbalance traffic across Pods matching
# this label selector
app: nginx
# Create an HA proxy in the cloud provider
# with an External IP address - *Only supported
# by some cloud providers*
type: LoadBalancer
资源:(属性:值)
apiVersion: groupname/version
kind:种类,Pod/Service/Deployment/ReplicationController/...
metadata:元数据, object
name:名称
namespace:名称空间,默认为default
labels:标签
annotations:注解
spec: 定义期望的目标状态
用户定义时使用的核心字段;
status:当前状态
是由kubernetes系统自动维护,管理员不能人为修改;
kubernetes的核心目标在于:让每个资源的当前状态无限接近于由用户定义的目标状态;
资源管理动作:CRUD
kubectl
create
delete
get
edit, replace
kubectl
apply:增、改
delete
patch
get
master:
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 4h
myapp-848b5b879b-4cd8x 1/1 Running 0 2h
myapp-848b5b879b-rt8bs 1/1 Running 0 2h
myapp-848b5b879b-wmgd8 1/1 Running 0 2h
nginx-deploy-5b595999-n52b5 1/1 Running 0 4h
[root@master ~]# kubectl get pod myapp-848b5b879b-4cd8x -o yaml #-o输出为yaml格式
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: 2020-05-02T09:32:49Z
generateName: myapp-848b5b879b-
labels:
pod-template-hash: "4046164356"
run: myapp
name: myapp-848b5b879b-4cd8x
namespace: default
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: myapp-848b5b879b
uid: b92a8b6f-8c4a-11ea-b69f-000c2967e570
resourceVersion: "216774"
selfLink: /api/v1/namespaces/default/pods/myapp-848b5b879b-4cd8x
uid: e37f141b-8c57-11ea-b69f-000c2967e570
spec:
containers:
- image: ikubernetes/myapp:v1
imagePullPolicy: IfNotPresent
name: myapp
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: default-token-xvxpl
readOnly: true
dnsPolicy: ClusterFirst
nodeName: node02.smoke.com
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: default-token-xvxpl
secret:
defaultMode: 420
secretName: default-token-xvxpl
status:
conditions:
- lastProbeTime: null
lastTransitionTime: 2020-05-02T09:32:49Z
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: 2020-05-02T09:32:51Z
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: null
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: 2020-05-02T09:32:49Z
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://63f8c59547ad44e22c778526becb7aa3cdda7bc9531a52033c85fa30513ac154
image: ikubernetes/myapp:v1
imageID: docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
lastState: {}
name: myapp
ready: true
restartCount: 0
state:
running:
startedAt: 2020-05-02T09:32:51Z
hostIP: 172.20.0.67
phase: Running
podIP: 10.244.2.8
qosClass: BestEffort
startTime: 2020-05-02T09:32:49Z
[root@master ~]# kubectl api-versions #查看api-server支持的版本
admissionregistration.k8s.io/v1beta1
apiextensions.k8s.io/v1beta1
apiregistration.k8s.io/v1
apiregistration.k8s.io/v1beta1
apps/v1
apps/v1beta1
apps/v1beta2
authentication.k8s.io/v1
authentication.k8s.io/v1beta1
authorization.k8s.io/v1
authorization.k8s.io/v1beta1
autoscaling/v1
autoscaling/v2beta1
batch/v1
batch/v1beta1
certificates.k8s.io/v1beta1
events.k8s.io/v1beta1
extensions/v1beta1
networking.k8s.io/v1
policy/v1beta1
rbac.authorization.k8s.io/v1
rbac.authorization.k8s.io/v1beta1
scheduling.k8s.io/v1beta1
storage.k8s.io/v1
storage.k8s.io/v1beta1
v1
[root@master ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 172.20.0.70:10010 *:*
LISTEN 0 128 127.0.0.1:38974 *:*
LISTEN 0 128 127.0.0.1:10248 *:*
LISTEN 0 128 127.0.0.1:10249 *:*
LISTEN 0 128 127.0.0.1:2379 *:*
LISTEN 0 128 127.0.0.1:10251 *:*
LISTEN 0 128 127.0.0.1:10252 *:*
LISTEN 0 128 127.0.0.1:2380 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 128 [::]:30308 [::]:*
LISTEN 0 128 [::]:10250 [::]:*
LISTEN 0 128 [::]:6443 [::]:*
LISTEN 0 128 [::]:10256 [::]:*
[root@master ~]# kubectl explain pods #查看pods该如何定义
[root@master ~]# kubectl explain pods.metadata #查看pods的metadata怎么定义
[root@master ~]# kubectl explain pods.spec
[root@master ~]# kubectl explain pods.spec.containers
[root@master ~]# kubectl explain pods.spec.containers.livenessProbe #查看存活性探测怎么定义
[root@master ~]# mkdir manifests
[root@master ~]# cd manifests/
[root@master manifests]# vim pod-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod-demo
namespace: default
labels:
app: myapp
tier: frontend
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v1
- name: busybox
image: busybox:latest
command:
- "/bin/sh"
- "-c"
- "echo $(date) >> /usr/share/nginx/html/index.html; sleep 5"
[root@master manifests]# kubectl create -f pod-demo.yaml #创建资源
[root@master manifests]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 5h
myapp-848b5b879b-4cd8x 1/1 Running 0 3h
myapp-848b5b879b-rt8bs 1/1 Running 0 3h
myapp-848b5b879b-wmgd8 1/1 Running 0 3h
nginx-deploy-5b595999-n52b5 1/1 Running 0 5h
pod-demo 2/2 Running 1 21s
[root@master manifests]# kubectl describe pods pod-demo
Name: pod-demo
Namespace: default
Priority: 0
PriorityClassName: <none>
Node: node02.smoke.com/172.20.0.67
Start Time: Sat, 02 May 2020 21:18:11 +0800
Labels: app=myapp
tier=frontend
Annotations: <none>
Status: Running
IP: 10.244.2.9
Containers:
myapp:
Container ID: docker://b144822bd9f293511cd87c092c31391e84e3656df221fc4e8d0f977bc1c0ed9c
Image: ikubernetes/myapp:v1
Image ID: docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
Port: <none>
Host Port: <none>
State: Running
Started: Sat, 02 May 2020 21:18:12 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-xvxpl (ro)
busybox:
Container ID: docker://0791a0402fb1d94115cc4e3e22b697976ce184bf80d1f9322729e34c0df9f65f
Image: busybox:latest
Image ID: docker-pullable://busybox@sha256:a8cf7ff6367c2afa2a90acd081b484cbded349a7076e7bdf37a05279f276bc12
Port: <none>
Host Port: <none>
Command:
/bin/sh
-c
echo $(date) >> /usr/share/nginx/html/index.html; sleep 5
State: Waiting
Reason: CrashLoopBackOff
Last State: Terminated
Reason: Completed
Exit Code: 0
Started: Sat, 02 May 2020 21:19:07 +0800
Finished: Sat, 02 May 2020 21:19:12 +0800
Ready: False
Restart Count: 2
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-xvxpl (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
default-token-xvxpl:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-xvxpl
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 1m default-scheduler Successfully assigned default/pod-demo to node02.smoke.com
Normal Pulled 1m kubelet, node02.smoke.com Container image "ikubernetes/myapp:v1" already present on machine
Normal Created 1m kubelet, node02.smoke.com Created container
Normal Started 1m kubelet, node02.smoke.com Started container
Normal Pulling 47s (x3 over 1m) kubelet, node02.smoke.com pulling image "busybox:latest"
Normal Pulled 31s (x3 over 1m) kubelet, node02.smoke.com Successfully pulled image "busybox:latest"
Normal Created 31s (x3 over 1m) kubelet, node02.smoke.com Created container
Normal Started 31s (x3 over 1m) kubelet, node02.smoke.com Started container
Warning BackOff 11s (x3 over 1m) kubelet, node02.smoke.com Back-off restarting failed container
[root@master manifests]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 6h
myapp-848b5b879b-4cd8x 1/1 Running 0 4h
myapp-848b5b879b-rt8bs 1/1 Running 0 4h
myapp-848b5b879b-wmgd8 1/1 Running 0 4h
nginx-deploy-5b595999-n52b5 1/1 Running 0 6h
pod-demo 1/2 CrashLoopBackOff 7 15m
[root@master manifests]# curl 10.244.2.9
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[root@master manifests]# kubectl logs pod-demo myapp #查看pod-demo中myapp的访问日志
10.244.0.0 - - [02/May/2020:13:34:56 +0000] "GET / HTTP/1.1" 200 65 "-" "curl/7.29.0" "-"
[root@master manifests]# kubectl logs pod-demo busybox #查看pod-demo中busybox的日志
/bin/sh: can't create /usr/share/nginx/html/index.html: nonexistent directory
[root@master manifests]# kubectl exec --help
[root@master manifests]# kubectl exec -it pod-demo -c myapp -- /bin/sh #在myapp执行/bin/sh命令
/ # ls /usr/share/nginx/html/
50x.html index.html
/ # cat /usr/share/nginx/html/index.html
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # exit
[root@master manifests]# kubectl delete pod pod-demo #删除pod-demo
[root@master manifests]# vim pod-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod-demo
namespace: default
labels:
app: myapp
tier: frontend
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v1
- name: busybox
image: busybox:latest
command:
- "/bin/sh"
- "-c"
- "sleep 3600"
[root@master manifests]# kubectl create -f pod-demo.yaml
[root@master manifests]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 6h
myapp-848b5b879b-4cd8x 1/1 Running 0 4h
myapp-848b5b879b-rt8bs 1/1 Running 0 4h
myapp-848b5b879b-wmgd8 1/1 Running 0 4h
nginx-deploy-5b595999-n52b5 1/1 Running 0 6h
pod-demo 2/2 Running 0 1m
[root@master manifests]# kubectl delete -f pod-demo.yaml #删除pod-demo.yaml所定义的资源
浙公网安备 33010602011771号