Kubernetes Pod

创建和访问Pod

kubectl create namespace demo
kubectl create -f demo_pod.yaml
kubectl -n demo get pods
kubectl -n demo get pods -o wide  #详细
kubectl -n demo exec -ti myblog -c myblog bash  #进入容器
kubectl -n demo describe pod myblog  #查看pod的明细信息及事件
kubectl apply -f demo-pod.yaml    #更新服务版本
kubectl delete -f demo_pod.yaml    #根据文件删
kubectl delete pod myblog      #根据NAME删
kubectl label node slave1 component=mysql #为节点打标签

ConfigMap

管理应用的配置文件或者环境变量

vi /opt/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: myblog
  namespace: demo
data:
  MYSQL_HOST: "192.168.188.9"
  MYSQL_PORT: "3306"
kubectl create -f configmap.yaml
kubectl -n demo get configmap

Secret

管理敏感类的信息

vi /opt/secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: myblog
  namespace: demo
type: Opaque
data:
  MYSQL_USER: cm9vdA==		#注意加-n参数, echo -n root|base64
  MYSQL_PASSWD: MTIzNDU2
kubectl create -f secret.yaml
kubectl -n demo get secret

镜像拉取策略

  • Always,总是拉取镜像,即使本地有镜像也从仓库拉取
  • IfNotPresent ,本地有则使用本地镜像,本地没有则去仓库拉取
  • Never,只使用本地镜像,本地没有则报错
spec:
  containers:
  - name: myblog
    image: 192.168.188.8:5000/myblog:v1
    imagePullPolicy: IfNotPresent

Pod资源限制

resources:
      requests:
    #容器使用的最小资源需求,作用于schedule阶段
        memory: 100Mi
        cpu: 50m
      limits:
     #容器能使用资源的最大值
        memory: 500Mi
        cpu: 100m

RestartPolicy

  • Always:当容器失败时,由kubelet自动重启该容器;
  • OnFailure:当容器终止运行且退出码不为0时,有kubelet自动重启该容器;
  • Never:不论容器运行状态如何,kubelet都不会重启该容器。

服务健康检查

  • exec:通过执行命令来检查服务是否正常,回值为0则表示容器健康
  • httpGet方式:通过发送http请求检查服务是否正常,返回200-399状态码则表明容器健康
  • tcpSocket:通过容器的IP和Port执行TCP检查,如果能够建立TCP连接,则表明容器健康
 livenessProbe:
       #Pod是否为running状态
      httpGet:
        path: /blog/index/
        port: 8002
        scheme: HTTP
      initialDelaySeconds: 10  # 容器启动后第一次执行探测是需要等待多少秒
      periodSeconds: 15 	# 执行探测的频率
      timeoutSeconds: 2		# 探测超时时间
    readinessProbe: 
    #容器的Ready是否为True
      httpGet: 
        path: /blog/index/
        port: 8002
        scheme: HTTP
      initialDelaySeconds: 10 
      timeoutSeconds: 2
      periodSeconds: 15

Pod数据持久化

spec:
  volumes: 
  - name: mysql-data
    hostPath: 
      path: /opt/mysql/data
  nodeSelector:   # 使用节点选择器将Pod调度到指定label的节点
    component: mysql
  containers:
  - name: mysql
    image: 192.168.188.8:5000/mysql:5.7
    ports:
    - containerPort: 3306
    env:
    - name: MYSQL_ROOT_PASSWORD
      value: "123456"
    - name: MYSQL_DATABASE
      value: "myblog"
    volumeMounts:
    - name: mysql-data
      mountPath: /var/lib/mysql

实战

准备配置文件

vi /opt/mysql.yaml
apiVersion: v1
kind: Pod
metadata:
  name: mysql
  namespace: demo
  labels:
    component: mysql
spec:
  hostNetwork: true	# 声明pod的网络模式为host模式,效果通docker run --net=host
  volumes: 
  - name: mysql-data
    hostPath: 
      path: /opt/mysql/data
  nodeSelector:   # 使用节点选择器将Pod调度到指定label的节点
    component: mysql
  containers:
  - name: mysql
    image: 192.168.188.8:5000/mysql:5.7
    ports: 
    - containerPort: 3306
    env:
    - name: MYSQL_USER
      valueFrom:
        secretKeyRef:
          name: myblog
          key: MYSQL_USER
    - name: MYSQL_ROOT_PASSWORD
      valueFrom:
        secretKeyRef:
          name: myblog
          key: MYSQL_PASSWD
    - name: MYSQL_DATABASE
      value: "myblog"
    resources:
      requests:
        memory: 100Mi
        cpu: 50m
      limits:
        memory: 500Mi
        cpu: 100m
    readinessProbe:
      tcpSocket:
        port: 3306
      initialDelaySeconds: 5
      periodSeconds: 10
    livenessProbe:
      tcpSocket:
        port: 3306
      initialDelaySeconds: 15
      periodSeconds: 20
    volumeMounts:
    - name: mysql-data
      mountPath: /var/lib/mysql
vi  /opt/myblog.yaml
apiVersion: v1
kind: Pod
metadata:
  name: myblog
  namespace: demo
  labels:
    component: myblog
spec:
  containers:
  - name: myblog
    image: 192.168.188.8:5000/myblog:v1
    imagePullPolicy: IfNotPresent
    env:
    - name: MYSQL_HOST
      valueFrom:
        configMapKeyRef:
          name: myblog
          key: MYSQL_HOST
    - name: MYSQL_PORT
      valueFrom:
        configMapKeyRef:
          name: myblog
          key: MYSQL_PORT
    - name: MYSQL_USER
      valueFrom:
        secretKeyRef:
          name: myblog
          key: MYSQL_USER
    - name: MYSQL_PASSWD
      valueFrom:
        secretKeyRef:
          name: myblog
          key: MYSQL_PASSWD
    resources:
      requests:
        memory: 100Mi
        cpu: 50m
      limits:
        memory: 500Mi
        cpu: 100m
    livenessProbe:
      httpGet:
        path: /blog/index/
        port: 8002
        scheme: HTTP
      initialDelaySeconds: 10  # 容器启动后第一次执行探测是需要等待多少秒
      periodSeconds: 15 	# 执行探测的频率
      timeoutSeconds: 2		# 探测超时时间
    readinessProbe: 
      httpGet: 
        path: /blog/index/
        port: 8002
        scheme: HTTP
      initialDelaySeconds: 10 
      timeoutSeconds: 2
      periodSeconds: 15

部署

kubectl -n demo  create -f mysql.yaml
kubectl -n demo  create -f myblog.yaml

发表评论