摘要:所以,我们使用或访问是不合适的,我们需要提供一个固定及端口。创建一个用法创建现在,我们就可以在节点上通过访问。我们创建一个客户端,来测试查看的解析,发现是。在浏览器访问发现是可以访问的未截图使用任意的均可
创建一个deployment
[root@master ~]# kubectl run --help Create and run a particular image, possibly replicated. Creates a deployment or job to manage the created container(s). Usage: kubectl run NAME --image=image [--env="key=value"] [--port=port] [--replicas=replicas] [--dry-run=bool] [--overrides=inline-json] [--command] -- [COMMAND] [args...] [options]
使用如下命令:
[root@master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1 --dry-run=true deployment.apps/nginx-deploy created (dry run) [root@master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1 deployment.apps/nginx-deploy created [root@master ~]# kubectl get deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE nginx-deploy 1 1 1 1 7s [root@master ~]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE nginx-deploy-5b595999-nzlmj 1/1 Running 0 1m 10.244.2.14 node02
创建了一个名为 nginx-deploy 的deployment,副本设置为1, 查看pod,发现生成了一个nginx的pod,且该pod运行在node02上,ip为 10.244.2.14 ,检查node02的网络
[root@node02 ~]# ip a|grep -A5 cni0 5: cni0:mtu 1450 qdisc noqueue state UP qlen 1000 link/ether 0a:58:0a:f4:02:01 brd ff:ff:ff:ff:ff:ff inet 10.244.2.1/24 scope global cni0 valid_lft forever preferred_lft forever inet6 fe80::980e:b1ff:fee7:a26f/64 scope link valid_lft forever preferred_lft forever 8: veth23ea238e@if3: mtu 1450 qdisc noqueue master cni0 state UP link/ether 32:26:f6:cb:a0:9f brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::3026:f6ff:fecb:a09f/64 scope link valid_lft forever preferred_lft forever
可以发现,pod是跑在cni网桥上的。
Pod此时可以在节点端通过Pod ip访问。
当我们删除这个pod后,Deployment会重新创建一个pod,该pod的ip就会变化。
[root@master ~]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE nginx-deploy-5b595999-nzlmj 1/1 Running 0 1m 10.244.2.14 node02[root@master ~]# kubectl delete pod nginx-deploy-5b595999-nzlmj pod "nginx-deploy-5b595999-nzlmj" deleted [root@master ~]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE nginx-deploy-5b595999-z76bn 1/1 Running 0 4s 10.244.1.16 node01
所以,我们使用pod ip或pod hostname访问是不合适的,我们需要提供一个固定ip及端口。service可以满足要求。
创建一个service用法
[root@master ~]# kubectl expose --help Expose a resource as a new Kubernetes service. Usage: kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP] [--target-port=number-or-name] [--name=name] [--external-ip=external-ip-of-service] [--type=type] [options]
创建service
[root@master ~]# kubectl expose deployment nginx-deploy --name=nginx --port=80 --target-port=80 --protocol=TCP service/nginx exposed [root@master ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1443/TCP 8h nginx ClusterIP 10.101.41.108 80/TCP 7s
现在,我们就可以在节点上通过ip 10.101.41.108 访问。在节点外部无法访问。
这类地址,更多时候是被pod客户端访问的。
我们创建一个pod客户端,来测试:
[root@master ~]# kubectl run client --image=busybox --replicas=1 -it --restart=Never If you don"t see a command prompt, try pressing enter. / # cat /etc/resolv.conf nameserver 10.96.0.10 search default.svc.cluster.local svc.cluster.local cluster.local options ndots:5 / #
查看pod的dns解析,发现nameserver是 10.96.0.10 。这个ip是coredns的service ip。
[root@master ~]# kubectl get svc -n kube-system -o wide NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR kube-dns ClusterIP 10.96.0.1053/UDP,53/TCP 9h k8s-app=kube-dns
此时,在busybox这个pod里,我们可以直接通过service name nginx 访问之前创建的service,而不是service的ip:port。
# busybox里 / # wget nginx Connecting to nginx (10.101.41.108:80) index.html 100% |**************************************************************************************| 612 0:00:00 ETA / # wget -O - -q http://nginx:80Welcome to nginx!
注意: 10.101.41.108是nginx的service的ip。
此时,我们人为将nginx的pod搞挂。
[root@master ~]# kubectl delete pod nginx-deploy-5b595999-z76bn pod "nginx-deploy-5b595999-z76bn" deleted [root@master ~]# kubectl get pods NAME READY STATUS RESTARTS AGE client 1/1 Running 0 8m nginx-deploy-5b595999-j6p8g 1/1 Running 0 4s
再次在busybox里面访问nginx
# busybox里 / # wget -O - -q http://nginx:80Welcome to nginx!
nginx依旧可以访问。
可以通过如下命令,获取service后端的pod ip
[root@master ~]# kubectl describe service nginx Name: nginx Namespace: default Labels: run=nginx-deploy Annotations:动态修改Selector: run=nginx-deploy Type: ClusterIP IP: 10.101.41.108 Port: 80/TCP TargetPort: 80/TCP Endpoints: 10.244.2.17:80 Session Affinity: None Events:
我们创建一个 myapp 的deployment
[root@master ~]# kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2 deployment.apps/myapp created [root@master ~]# kubectl get pods NAME READY STATUS RESTARTS AGE client 1/1 Running 0 17m myapp-848b5b879b-4dz7h 1/1 Running 0 7s myapp-848b5b879b-wjktr 1/1 Running 0 7s nginx-deploy-5b595999-j6p8g 1/1 Running 0 8m [root@master ~]# kubectl get deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE myapp 2 2 2 2 28s nginx-deploy 1 1 1 1 38m
创建一个 myapp-svc 的service
[root@master ~]# kubectl expose deployment myapp --name=myapp-svc --port=80 service/myapp-svc exposed [root@master ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1443/TCP 9h myapp-svc ClusterIP 10.105.155.237 80/TCP 7s nginx ClusterIP 10.101.41.108 80/TCP 28m
这时候,在busybox pod里可以通过myapp-svc来访问
# busybox pod里 # 10.244.1.17是pod的ip / # wget -O - -q 10.244.1.17 Hello MyApp | Version: v1 | Pod Name / # wget -O - -q myapp-svc Hello MyApp | Version: v1 | Pod Name
/ # while true; do wget -O - -q myapp-svc/hostname.html; sleep 1;done myapp-848b5b879b-wjktr myapp-848b5b879b-wjktr myapp-848b5b879b-4dz7h myapp-848b5b879b-wjktr myapp-848b5b879b-4dz7h myapp-848b5b879b-4dz7h
可以发现,后端的pod会有两个。
动态修改将deployment myapp的副本修改为5个。
[root@master ~]# kubectl scale --replicas=5 deployment myapp deployment.extensions/myapp scaled [root@master ~]# kubectl get pods NAME READY STATUS RESTARTS AGE client 1/1 Running 0 24m myapp-848b5b879b-28crc 1/1 Running 0 6s myapp-848b5b879b-4dz7h 1/1 Running 0 7m myapp-848b5b879b-9dp4m 1/1 Running 0 6s myapp-848b5b879b-g4pzd 1/1 Running 0 6s myapp-848b5b879b-wjktr 1/1 Running 0 7m nginx-deploy-5b595999-j6p8g 1/1 Running 0 16m
此时,在busybox pod里访问:
/ # while true; do wget -O - -q myapp-svc/hostname.html; sleep 1;done myapp-848b5b879b-g4pzd # 1 myapp-848b5b879b-9dp4m # 2 myapp-848b5b879b-9dp4m myapp-848b5b879b-wjktr # 3 myapp-848b5b879b-28crc # 4 myapp-848b5b879b-4dz7h # 5 myapp-848b5b879b-28crc myapp-848b5b879b-4dz7h
缩减为3个
[root@master ~]# kubectl scale --replicas=3 deployment myapp deployment.extensions/myapp scaled [root@master ~]# kubectl get pods NAME READY STATUS RESTARTS AGE client 1/1 Running 0 26m myapp-848b5b879b-28crc 0/1 Terminating 0 2m myapp-848b5b879b-4dz7h 1/1 Running 0 9m myapp-848b5b879b-9dp4m 1/1 Running 0 2m myapp-848b5b879b-g4pzd 0/1 Terminating 0 2m myapp-848b5b879b-wjktr 1/1 Running 0 9m nginx-deploy-5b595999-j6p8g 1/1 Running 0 18m滚动更新
现在更新pod的镜像
## 镜像的具体信息可以通过kubectl describe pod pod_name获取 [root@master ~]# kubectset image deployment myapp myapp=ikubernetes/myapp:v2 deployment.extensions/myapp image updated [root@master ~]# kubectl rollout status deployment myapp Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination... Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination... Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination... Waiting for deployment "myapp" rollout to finish: 4 of 5 updated replicas are available... deployment "myapp" successfully rolled out
在busybox pod上观察
Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v2 | Pod Name
可以发现,会有一段时间v1和v2版本会共存,后续更新完毕后,所有pod版本都会变为v2版本。
回滚可以直接修改image
也可以使用undo
master节点上执行undo
[root@master ~]# kubectl get pods NAME READY STATUS RESTARTS AGE client 1/1 Running 0 34m myapp-74c94dcb8c-5hflp 1/1 Running 0 3m myapp-74c94dcb8c-6klpb 1/1 Running 0 3m myapp-74c94dcb8c-gsrbj 1/1 Running 0 3m myapp-74c94dcb8c-jfzzr 1/1 Running 0 3m myapp-74c94dcb8c-p55sz 1/1 Running 0 3m nginx-deploy-5b595999-j6p8g 1/1 Running 0 26m [root@master ~]# kubectl rollout undo deployment myapp deployment.extensions/myapp [root@master ~]# kubectl get pods NAME READY STATUS RESTARTS AGE client 1/1 Running 0 36m myapp-848b5b879b-5bvtk 1/1 Running 0 34s myapp-848b5b879b-8dh6r 1/1 Running 0 33s myapp-848b5b879b-dzsxq 1/1 Running 0 35s myapp-848b5b879b-gbrqg 1/1 Running 0 35s myapp-848b5b879b-vh4l9 1/1 Running 0 35s nginx-deploy-5b595999-j6p8g 1/1 Running 0 28m
可以发现myapp的pod全部改变了。去busybox pod中查看:
Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v2 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name
自动扩缩容: 依赖资源使用状态。
在集群外访问修改svc myapp-svc
kubectl edit svc myapp-svc # 将type: ClusterIP修改为 type: NodePort
之后,查看svc
[root@master ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1443/TCP 9h myapp-svc NodePort 10.105.155.237 80:30724/TCP 24m nginx ClusterIP 10.101.41.108 80/TCP 53m
发现myapp-svc绑定了30724端口。
在windows浏览器访问url nodeIP:30724 发现是可以访问的(未截图)
使用任意node的ip均可
[root@master ~]# while true; do wget -O - -q 192.168.18.128:30724; sleep 0.3;done Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name ^C [root@master ~]# while true; do wget -O - -q 192.168.18.129:30724; sleep 0.3;done Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name ^C [root@master ~]# while true; do wget -O - -q 192.168.18.130:30724; sleep 0.3;done Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name Hello MyApp | Version: v1 | Pod Name
文章版权归作者所有,未经允许请勿转载,若此文章存在违规行为,您可以联系管理员删除。
转载请注明本文地址:https://www.ucloud.cn/yun/32701.html
摘要:解决了密码密钥等敏感数据的配置问题,使用可以避免把这些敏感数据以明文的形式暴露到镜像或者中。可以以或者环境变量的方式使用。 Secret解决了密码、token、密钥等敏感数据的配置问题,使用Secret可以避免把这些敏感数据以明文的形式暴露到镜像或者Pod Spec中。 Secret可以以Volume或者环境变量的方式使用。 使用如下命令行创建一个secret: kubectl cre...
摘要:解决了密码密钥等敏感数据的配置问题,使用可以避免把这些敏感数据以明文的形式暴露到镜像或者中。可以以或者环境变量的方式使用。 Secret解决了密码、token、密钥等敏感数据的配置问题,使用Secret可以避免把这些敏感数据以明文的形式暴露到镜像或者Pod Spec中。 Secret可以以Volume或者环境变量的方式使用。 使用如下命令行创建一个secret: kubectl cre...
摘要:解决了密码密钥等敏感数据的配置问题,使用可以避免把这些敏感数据以明文的形式暴露到镜像或者中。可以以或者环境变量的方式使用。 Secret解决了密码、token、密钥等敏感数据的配置问题,使用Secret可以避免把这些敏感数据以明文的形式暴露到镜像或者Pod Spec中。 Secret可以以Volume或者环境变量的方式使用。 使用如下命令行创建一个secret: kubectl cre...
摘要:相关基于项目和项目,并遵循应用的十二因素风格。相关在设计上,项目尽量保持驱动和模块化,以便模块支持不同的实现方案。相关不仅可以管理众多虚拟机,其计算服务还支持对的驱动,管理引擎的子项目还可用于通过模板管理容器。现已整合公司所支持的项目。 整理自《Docker技术入门与实践》 PaaS(Platform as a Service) PaaS 是希望提供一个统一的可供所有软件直接运行而无需...
摘要:的本身是无状态的生命周期通常比较短,只要出现了异常,就会自动创建一个新的来代替它。为了实现内数据的存储管理,引入了两个资源持久卷,以下简称和持久卷申请,以下简称。跟里的卷类似,不过会有独立于的生命周期。 Kubernetes的pod本身是无状态的(stateless),生命周期通常比较短,只要出现了异常,Kubernetes就会自动创建一个新的Pod来代替它。 而容器产生的数据,会随着...
阅读 2161·2021-09-04 16:40
阅读 1452·2021-08-13 15:07
阅读 3605·2019-08-30 15:53
阅读 3194·2019-08-30 13:11
阅读 1069·2019-08-29 17:22
阅读 1811·2019-08-29 12:47
阅读 1469·2019-08-29 11:27
阅读 2221·2019-08-26 18:42