创建和访问Pod
kubectl create namespace demo
kubectl create -f demo_pod.yaml
kubectl -n demo get pods
kubectl -n demo get pods -o wide #详细
kubectl -n demo exec -ti myblog -c myblog bash #进入容器
kubectl -n demo describe pod myblog #查看pod的明细信息及事件
kubectl apply -f demo-pod.yaml #更新服务版本
kubectl delete -f demo_pod.yaml #根据文件删
kubectl delete pod myblog #根据NAME删
kubectl label node slave1 component=mysql #为节点打标签
ConfigMap
管理应用的配置文件或者环境变量
vi /opt/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: myblog
namespace: demo
data:
MYSQL_HOST: "192.168.188.9"
MYSQL_PORT: "3306"
kubectl create -f configmap.yaml
kubectl -n demo get configmap
Secret
管理敏感类的信息
vi /opt/secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: myblog
namespace: demo
type: Opaque
data:
MYSQL_USER: cm9vdA== #注意加-n参数, echo -n root|base64
MYSQL_PASSWD: MTIzNDU2
kubectl create -f secret.yaml
kubectl -n demo get secret
镜像拉取策略
- Always,总是拉取镜像,即使本地有镜像也从仓库拉取
- IfNotPresent ,本地有则使用本地镜像,本地没有则去仓库拉取
- Never,只使用本地镜像,本地没有则报错
spec:
containers:
- name: myblog
image: 192.168.188.8:5000/myblog:v1
imagePullPolicy: IfNotPresent
Pod资源限制
resources:
requests:
#容器使用的最小资源需求,作用于schedule阶段
memory: 100Mi
cpu: 50m
limits:
#容器能使用资源的最大值
memory: 500Mi
cpu: 100m
RestartPolicy
- Always:当容器失败时,由kubelet自动重启该容器;
- OnFailure:当容器终止运行且退出码不为0时,有kubelet自动重启该容器;
- Never:不论容器运行状态如何,kubelet都不会重启该容器。
服务健康检查
- exec:通过执行命令来检查服务是否正常,回值为0则表示容器健康
- httpGet方式:通过发送http请求检查服务是否正常,返回200-399状态码则表明容器健康
- tcpSocket:通过容器的IP和Port执行TCP检查,如果能够建立TCP连接,则表明容器健康
livenessProbe:
#Pod是否为running状态
httpGet:
path: /blog/index/
port: 8002
scheme: HTTP
initialDelaySeconds: 10 # 容器启动后第一次执行探测是需要等待多少秒
periodSeconds: 15 # 执行探测的频率
timeoutSeconds: 2 # 探测超时时间
readinessProbe:
#容器的Ready是否为True
httpGet:
path: /blog/index/
port: 8002
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 2
periodSeconds: 15
Pod数据持久化
spec:
volumes:
- name: mysql-data
hostPath:
path: /opt/mysql/data
nodeSelector: # 使用节点选择器将Pod调度到指定label的节点
component: mysql
containers:
- name: mysql
image: 192.168.188.8:5000/mysql:5.7
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
- name: MYSQL_DATABASE
value: "myblog"
volumeMounts:
- name: mysql-data
mountPath: /var/lib/mysql
实战
准备配置文件
vi /opt/mysql.yaml
apiVersion: v1
kind: Pod
metadata:
name: mysql
namespace: demo
labels:
component: mysql
spec:
hostNetwork: true # 声明pod的网络模式为host模式,效果通docker run --net=host
volumes:
- name: mysql-data
hostPath:
path: /opt/mysql/data
nodeSelector: # 使用节点选择器将Pod调度到指定label的节点
component: mysql
containers:
- name: mysql
image: 192.168.188.8:5000/mysql:5.7
ports:
- containerPort: 3306
env:
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: myblog
key: MYSQL_USER
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: myblog
key: MYSQL_PASSWD
- name: MYSQL_DATABASE
value: "myblog"
resources:
requests:
memory: 100Mi
cpu: 50m
limits:
memory: 500Mi
cpu: 100m
readinessProbe:
tcpSocket:
port: 3306
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 3306
initialDelaySeconds: 15
periodSeconds: 20
volumeMounts:
- name: mysql-data
mountPath: /var/lib/mysql
vi /opt/myblog.yaml
apiVersion: v1
kind: Pod
metadata:
name: myblog
namespace: demo
labels:
component: myblog
spec:
containers:
- name: myblog
image: 192.168.188.8:5000/myblog:v1
imagePullPolicy: IfNotPresent
env:
- name: MYSQL_HOST
valueFrom:
configMapKeyRef:
name: myblog
key: MYSQL_HOST
- name: MYSQL_PORT
valueFrom:
configMapKeyRef:
name: myblog
key: MYSQL_PORT
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: myblog
key: MYSQL_USER
- name: MYSQL_PASSWD
valueFrom:
secretKeyRef:
name: myblog
key: MYSQL_PASSWD
resources:
requests:
memory: 100Mi
cpu: 50m
limits:
memory: 500Mi
cpu: 100m
livenessProbe:
httpGet:
path: /blog/index/
port: 8002
scheme: HTTP
initialDelaySeconds: 10 # 容器启动后第一次执行探测是需要等待多少秒
periodSeconds: 15 # 执行探测的频率
timeoutSeconds: 2 # 探测超时时间
readinessProbe:
httpGet:
path: /blog/index/
port: 8002
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 2
periodSeconds: 15
部署
kubectl -n demo create -f mysql.yaml
kubectl -n demo create -f myblog.yaml