這裡寫目錄标題
- 一、控制器
-
- 1.1 Pod與控制器之間的關系
- 1.2 Deployment 無狀态
- 1.3 SatefulSet 有狀态
-
- 有狀态和無狀态差別
- 正常service和無頭服務差別
- 總結
- 1.4 DaemonSet
- 1.5 Job
- 1.6 CronJob
一、控制器
控制器:又稱之為工作負載,分别包含以下類型控制器
1:Deployment
2:StatefulSet
3:DaemonSet
4:Job
5:CronJob
1.1 Pod與控制器之間的關系
controllers:在叢集上管理和運作容器的對象通過label-selector相關聯
Pod通過控制器實作應用的運維,如伸縮,更新等
1.2 Deployment 無狀态
部署無狀态應用
管理Pod和ReplicaSet
具有上線部署、副本設定、滾動更新、復原等功能
提供聲明式更新,例如隻更新一個新的Image
應用場景:web服務
#檢視控制器
[[email protected] demo]# kubectl edit deployment/nginx-deployment
spec:
progressDeadlineSeconds: 600
replicas: 3 #副本集
revisionHistoryLimit: 10
selector:
matchLabels:
app: nginx
strategy:
rollingUpdate: #滾動更新政策
maxSurge: 25% #最大建立pod數
maxUnavailable: 25% #最大删除pod數
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: nginx
spec:
containers: # 容器
- image: nginx:1.15.4 #鏡像
imagePullPolicy: IfNotPresent
name: nginx-deployment
namespace: default
resourceVersion: "880370"
selfLink: /apis/extensions/v1beta1/namespaces/default/deployments/nginx-deployment
uid: d5f1ec3d-50cd-11ea-895a-000c297a15fb
[[email protected] demo]# kubectl create -f nginx-deployment.yaml
[[email protected] demo]# kubectl create -f nginx-deployment.yaml
deployment.apps/nginx-deployment created
[[email protected] demo]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deployment-d55b94fd-5tz7l 1/1 Running 0 3s
nginx-deployment-d55b94fd-w6zcf 1/1 Running 0 3s
nginx-deployment-d55b94fd-wcbjc 1/1 Running 0 3s
[[email protected] demo]# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx-deployment-d55b94fd-5tz7l 1/1 Running 0 18s
pod/nginx-deployment-d55b94fd-w6zcf 1/1 Running 0 18s
pod/nginx-deployment-d55b94fd-wcbjc 1/1 Running 0 18s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 7d8h
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-deployment 3 3 3 3 18s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-deployment-d55b94fd 3 3 3 18s #Replicaset 是控制版本,副本數,復原就是通過此來實作
[[email protected] demo]# kubectl rollout history deployment.apps/nginx-deployment #檢視曆史版本
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
1 <none>
1.3 SatefulSet 有狀态
部署有狀态應用
解決Pod獨立生命周期,保持Pod啟動順序和唯一性
穩定,唯一的網絡辨別符,持久存儲(例如:etcd配置檔案,節點位址發生變化,将無法使用)
有序,優雅的部署和擴充、删除和終止(例如:mysql主從關系,先啟動主,再啟動從)
有序,滾動更新
應用場景:資料庫
https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ #官網文檔
有狀态和無狀态差別
無狀态:
1)deployment 認為所有的pod都是一樣的
2)不用考慮順序的要求
3)不用考慮在哪個node節點上運作
4)可以随意擴容和縮容
有狀态
1)執行個體之間有差别,每個執行個體都有自己的獨特性,中繼資料不同,例如etcd,zookeeper
2)執行個體之間不對等的關系,以及依靠外部存儲的應用。
正常service和無頭服務差別
service:一組Pod通路政策,提供cluster-IP群集之間通訊,還提供負載均衡和服務發現。
Headless service 無頭服務,不需要cluster-IP,直接綁定具體的Pod的IP
[[email protected] demo]# kubectl create -f nginx-service.yaml #無狀态服務,service有叢集ip
service/nginx-service created
[[email protected] demo]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 7d8h
nginx-service NodePort 10.0.0.196 <none> 80:41690/TCP 11s #有叢集ip
#在node節點上操作
[[email protected] ~]# systemctl restart flanneld.service
[[email protected] ~]# systemctl restart docker
[[email protected] ~]# curl 10.0.0.196
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[[email protected] ~]# systemctl restart flanneld.service
[[email protected] ~]# systemctl restart docker
[[email protected] ~]# curl 10.0.0.196
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
#無頭模式部署——headless方式(因為Pod動态IP位址,是以常用于綁定DNS通路)
[[email protected] demo]# vim headless.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None #設定為none
selector:
app: nginx
[[email protected] demo]# kubectl get service # 擷取無頭模式服務
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 7d8h
nginx ClusterIP None <none> 80/TCP 55s #叢集ip為none
nginx-service NodePort 10.0.0.196 <none> 80:41690/TCP 12m
複制coredns.yaml到master01的root家目錄
https://www.kubernetes.org.cn/4694.html
[[email protected] ~]# vim coredns.yaml
# Warning: This is a file generated from the base underscore template file: coredns.yaml.base
apiVersion: v1
kind: ServiceAccount
metadata:
name: coredns
namespace: kube-system
labels:
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
kubernetes.io/bootstrapping: rbac-defaults
addonmanager.kubernetes.io/mode: Reconcile
name: system:coredns
rules:
- apiGroups:
- ""
resources:
- endpoints
- services
- pods
- namespaces
verbs:
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
addonmanager.kubernetes.io/mode: EnsureExists
name: system:coredns
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:coredns
subjects:
- kind: ServiceAccount
name: coredns
namespace: kube-system
---
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
labels:
addonmanager.kubernetes.io/mode: EnsureExists
data:
Corefile: |
.:53 {
errors
health
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
upstream
fallthrough in-addr.arpa ip6.arpa
}
prometheus :9153
proxy . /etc/resolv.conf
cache 30
loop
reload
loadbalance
}
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: coredns
namespace: kube-system
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
kubernetes.io/name: "CoreDNS"
spec:
# replicas: not specified here:
# 1. In order to make Addon Manager do not reconcile this replicas parameter.
# 2. Default is 1.
# 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on.
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
k8s-app: kube-dns
template:
metadata:
labels:
k8s-app: kube-dns
annotations:
seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
spec:
serviceAccountName: coredns
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: "CriticalAddonsOnly"
operator: "Exists"
containers:
- name: coredns
image: coredns/coredns:1.2.2
imagePullPolicy: IfNotPresent
resources:
limits:
memory: 170Mi
requests:
cpu: 100m
memory: 70Mi
args: [ "-conf", "/etc/coredns/Corefile" ]
volumeMounts:
- name: config-volume
mountPath: /etc/coredns
readOnly: true
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
- containerPort: 9153
name: metrics
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
securityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- NET_BIND_SERVICE
drop:
- all
readOnlyRootFilesystem: true
dnsPolicy: Default
volumes:
- name: config-volume
configMap:
name: coredns
items:
- key: Corefile
path: Corefile
---
apiVersion: v1
kind: Service
metadata:
name: kube-dns
namespace: kube-system
annotations:
prometheus.io/port: "9153"
prometheus.io/scrape: "true"
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
kubernetes.io/name: "CoreDNS"
spec:
selector:
k8s-app: kube-dns
clusterIP: 10.0.0.2
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
protocol: TCP
[[email protected] ~]# kubectl create -f coredns.yaml
serviceaccount/coredns created
clusterrole.rbac.authorization.k8s.io/system:coredns created
clusterrolebinding.rbac.authorization.k8s.io/system:coredns created
configmap/coredns created
deployment.extensions/coredns created
service/kube-dns created
[[email protected] ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-56684f94d6-wjnft 1/1 Running 0 72s
kubernetes-dashboard-7dffbccd68-n4hgt 1/1 Running 6 6d16h
[[email protected] demo]# vim pod3.yaml
apiVersion: v1
kind: Pod
metadata:
name: dns-test
spec:
containers:
- name: busybox
image: busybox:1.28.4
args:
- /bin/sh
- -c
- sleep 36000
restartPolicy: Never
[[email protected] demo]# kubectl create -f pod3.yaml
pod/dns-test created
[[email protected] demo]# kubectl get pods
NAME READY STATUS RESTARTS AGE
dns-test 1/1 Running 0 28s
[[email protected] demo]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 7d9h
nginx ClusterIP None <none> 80/TCP 30s
nginx-service NodePort 10.0.0.196 <none> 80:43943/TCP 4s
[[email protected] demo]# kubectl exec -it dns-test sh
/ # nslookup kubernetes
Server: 10.0.0.2
Address 1: 10.0.0.2 kube-dns.kube-system.svc.cluster.local
Name: kubernetes
Address 1: 10.0.0.1 kubernetes.default.svc.cluster.local
/ # nslookup nginx-service
Server: 10.0.0.2
Address 1: 10.0.0.2 kube-dns.kube-system.svc.cluster.local
Name: nginx-service
Address 1: 10.0.0.196 nginx-service.default.svc.cluster.local
[[email protected] demo]# vim sts.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None ###
selector:
app: nginx
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: nginx-statefulset
namespace: default
spec:
serviceName: nginx ###
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
//清理所有pod
[[email protected] demo]# kubectl delete -f .
[[email protected] demo]# kubectl create -f sts.yaml
service/nginx created
statefulset.apps/nginx-statefulset created
[[email protected] demo]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-statefulset-0 1/1 Running 0 4m3s
nginx-statefulset-1 1/1 Running 0 3m46s
nginx-statefulset-2 1/1 Running 0 3m22s
[[email protected] demo]# kubectl get pods,svc
NAME READY STATUS RESTARTS AGE
pod/nginx-statefulset-0 1/1 Running 0 4m30s
pod/nginx-statefulset-1 1/1 Running 0 4m13s
pod/nginx-statefulset-2 1/1 Running 0 3m49s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 7d9h
service/nginx ClusterIP None <none> 80/TCP 4m29s
[[email protected] demo]# kubectl apply -f pod3.yaml
pod/dns-test created
[[email protected] demo]# kubectl create -f pod3.yaml
pod/dns-test created
[[email protected] demo]# kubectl exec -it dns-test sh
/ # nslookup nginx-statefulset-0.nginx
Server: 10.0.0.2
Address 1: 10.0.0.2 kube-dns.kube-system.svc.cluster.local
Name: nginx-statefulset-0.nginx
Address 1: 172.17.36.2 nginx-statefulset-0.nginx.default.svc.cluster.local
/ # nslookup nginx-statefulset-1.nginx
Server: 10.0.0.2
Address 1: 10.0.0.2 kube-dns.kube-system.svc.cluster.local
Name: nginx-statefulset-1.nginx
Address 1: 172.17.94.2 nginx-statefulset-1.nginx.default.svc.cluster.local
/ # nslookup nginx-statefulset-2.nginx
Server: 10.0.0.2
Address 1: 10.0.0.2 kube-dns.kube-system.svc.cluster.local
Name: nginx-statefulset-2.nginx
Address 1: 172.17.36.5 nginx-statefulset-2.nginx.default.svc.cluster.local
總結
StatefulSet與Deployment差別:有身份的!
身份三要素:
域名 nginx-statefulset-0.nginx
主機名 nginx-statefulset-0
存儲(PVC)
1.4 DaemonSet
在每一個Node上運作一個Pod
新加入的Node也同樣會自動運作一個Pod
應用場景:Agent
https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
//官方案例(監控)
[[email protected] demo]# vim ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.15.4
ports:
- containerPort: 80
[[email protected] demo]# kubectl apply -f ds.yaml
daemonset.apps/nginx-deployment created
#DaemonSet會在每個node節點都建立一個Pod
[[email protected] demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
nginx-deployment-b67bq 1/1 Running 0 34s 172.17.94.4 192.168.200.110 <none>
nginx-deployment-pzmbp 1/1 Running 0 34s 172.17.36.6 192.168.200.120 <none>
1.5 Job
Job分為普通任務(Job)和定時任務(CronJob)
一次性執行
應用場景:離線資料處理,視訊解碼等業務
https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
[[email protected] demo]# vim job.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: pi
spec:
template:
spec:
containers:
- name: pi
image: perl
command: ["perl", "-Mbignum=bpi", "-wle", "print bpi(2000)"]
restartPolicy: Never
backoffLimit: 4
[[email protected] demo]# kubectl apply -f job.yaml
job.batch/pi created
[[email protected] demo]# kubectl get pods -w
NAME READY STATUS RESTARTS AGE
pi-49zcz 0/1 ContainerCreating 0 31s
pi-49zcz 1/1 Running 0 76s
pi-49zcz 0/1 Completed 0 79s
[[email protected] demo]# kubectl logs pi-49zcz
3.1415926535897932384626433832795028841971693993751058209749445923078164062862089986280348253421170679821480865132823066470938446095505822317253594081284811174502841027019385211055596446229489549303819644288109756659334461284756482337867831652712019091456485669234603486104543266482133936072602491412737245870066063155881748815209209628292540917153643678925903600113305305488204665213841469519415116094330572703657595919530921861173819326117931051185480744623799627495673518857527248912279381830119491298336733624406566430860213949463952247371907021798609437027705392171762931767523846748184676694051320005681271452635608277857713427577896091736371787214684409012249534301465495853710507922796892589235420199561121290219608640344181598136297747713099605187072113499999983729780499510597317328160963185950244594553469083026425223082533446850352619311881710100031378387528865875332083814206171776691473035982534904287554687311595628638823537875937519577818577805321712268066130019278766111959092164201989380952572010654858632788659361533818279682303019520353018529689957736225994138912497217752834791315155748572424541506959508295331168617278558890750983817546374649393192550604009277016711390098488240128583616035637076601047101819429555961989467678374494482553797747268471040475346462080466842590694912933136770289891521047521620569660240580381501935112533824300355876402474964732639141992726042699227967823547816360093417216412199245863150302861829745557067498385054945885869269956909272107975093029553211653449872027559602364806654991198818347977535663698074265425278625518184175746728909777727938000816470600161452491921732172147723501414419735685481613611573525521334757418494684385233239073941433345477624168625189835694855620992192221842725502542568876717904946016534668049886272327917860857843838279679766814541009538837863609506800642251252051173929848960841284886269456042419652850222106611863067442786220391949450471237137869609563643719172874677646575739624138908658326459958133904780275901
[[email protected] demo]# kubectl get job
NAME COMPLETIONS DURATION AGE
pi 1/1 79s 2m17s
[[email protected] demo]# kubectl delete -f job.yaml
job.batch "pi" deleted
1.6 CronJob
周期性任務,像Linux的Crontab一樣。
周期性任務
應用場景:通知,備份
https://kubernetes.io/docs/tasks/job/automated-tasks-with-cron-jobs/
示例:
//每分鐘列印hello
[[email protected] demo]# vim cronjob.yaml
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: hello
spec:
schedule: "*/1 * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: hello
image: busybox
args:
- /bin/sh
- -c
- date; echo Hello from the Kubernetes cluster
restartPolicy: OnFailure
[[email protected] demo]# kubectl create -f cronjob.yaml
cronjob.batch/hello created
[[email protected] demo]# kubectl get cronjob
NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE
hello */1 * * * * False 0 <none> 8s
[[email protected] demo]# kubectl get pods
NAME READY STATUS RESTARTS AGE
dns-test 1/1 Running 0 16m
hello-1602735600-x7gvh 0/1 Completed 0 36s
[[email protected] demo]# kubectl logs hello-1602735600-x7gvh
Thu Oct 15 04:20:06 UTC 2020
Hello from the Kubernetes cluster
[[email protected] demo]# kubectl get pods -w 等待一分鐘後又會再執行一次
NAME READY STATUS RESTARTS AGE
hello-1602735600-x7gvh 0/1 Completed 0 93s
hello-1602735660-5pz9f 0/1 Completed 0 33s