-
Kubernetes(k8s)的Namespace和Pod实战入门
1. Namespace
1.1 Namespace介绍
- Namespace是kubernetes系统中的一种资源,是用来实现多套系统的资源隔离。比如开发环境和测试环境的资源隔离
- 不同Namespace的Pod不能相互访问,同一Namespace的Pod可以相互访问。通过Namespace进行统一的管理
- kubernetes的资源配额机制,限定不同Namespace能占用的CPU、内存资源使用量等。通过kubernetes的授权机制,将不同的Namespace交给不同租户进行管理
kubernetes默认创建的namespace
[root@k8s-master ~]# kubectl get namespace NAME STATUS AGE default Active 2d3h kube-node-lease Active 2d3h kube-public Active 2d3h kube-system Active 2d3h [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- default:所有未指定Namespace的对象都会被分配在default命名空间
- kube-node-lease:用于集群节点之间的心跳维护
- kube-public:此命名空间的资源可以被所有人访问,包括未认证用户
- kube-system:所有由kubernetes系统创建的资源都处于这个命名空间
1.2 Namespace的Kubectl命令行操作
1.2.1 查看所有的命名空间
[root@k8s-master ~]# kubectl get ns- 1
1.2.2 查看指定的命名空间
也可以指定以json或yaml格式查看结果
[root@k8s-master ~]# kubectl get namespace default -o wide NAME STATUS AGE default Active 2d5h [root@k8s-master ~]#- 1
- 2
- 3
- 4
1.2.3 查看命名空间的详情
其中resource quota是针对命名空间做的资源限制。LimitRange resource是针对命名空间中每个组件做的资源限制
[root@k8s-master ~]# kubectl describe namespace default Name: default Labels: kubernetes.io/metadata.name=default Annotations: <none> Status: Active No resource quota. No LimitRange resource. [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
1.2.4 创建命名空间
[root@k8s-master ~]# kubectl create namespace dev namespace/dev created [root@k8s-master ~]#- 1
- 2
- 3
1.2.5 删除命名空间
该namespace下的其它资源也会被删除
[root@k8s-master ~]# kubectl delete ns dev namespace "dev" deleted [root@k8s-master ~]#- 1
- 2
- 3
1.3 Namespace的Kubectl配置文件操作
新建ns-dev.yaml,内容如下:
apiVersion: v1 kind: Namespace metadata: name: dev- 1
- 2
- 3
- 4
1.3.1 通过命令式对象配置进行创建和删除
[root@k8s-master ~]# kubectl create -f ns-dev.yaml namespace/dev created [root@k8s-master ~]# kubectl delete -f ns-dev.yaml namespace "dev" deleted [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
2. Pod
2.1 Pod的介绍
Pod是kubernetes集群进行管理的最小单元,程序要运行必须部署在容器中,而容器必须存在于Pod中,一个Pod中可以运行一个或多个容器。其中pause是根容器
查看K8s系统自己运行的Pod。pods资源加s不加s都一样
[root@k8s-master ~]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE calico-kube-controllers-57d95cb479-5zppz 1/1 Running 1 (2d8h ago) 2d8h calico-node-2m8xb 1/1 Running 1 (2d8h ago) 2d8h calico-node-jnll4 1/1 Running 1 (2d8h ago) 2d8h calico-node-v6zcv 1/1 Running 1 (2d8h ago) 2d8h coredns-7f74c56694-snzmv 1/1 Running 1 (2d8h ago) 2d8h coredns-7f74c56694-whh84 1/1 Running 1 (2d8h ago) 2d8h etcd-k8s-master 1/1 Running 1 (2d8h ago) 2d8h kube-apiserver-k8s-master 1/1 Running 1 (2d8h ago) 2d8h kube-controller-manager-k8s-master 1/1 Running 1 (2d8h ago) 2d8h kube-proxy-9gc7d 1/1 Running 1 (2d8h ago) 2d8h kube-proxy-f9w7h 1/1 Running 1 (2d8h ago) 2d8h kube-proxy-s8rwk 1/1 Running 1 (2d8h ago) 2d8h kube-scheduler-k8s-master 1/1 Running 1 (2d8h ago) 2d8h [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
2.2 Pod的Kubectl命令行操作
2.2.1 创建并运行Pod
[root@k8s-master ~]# kubectl create ns dev namespace/dev created [root@k8s-master ~]# kubectl run my-nginx --image=nginx:latest --port=80 --namespace=dev pod/my-nginx created [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
2.2.2 查询所有Pod的基本信息
[root@k8s-master ~]# kubectl get pods -n dev -o wide -w NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES my-nginx 1/1 Running 0 70s 10.244.169.134 k8s-node2 <none> <none>- 1
- 2
- 3
- 4
2.2.3 查看Pod的详细信息
可以查看Pod的启动日志
[root@k8s-master ~]# kubectl describe pod my-nginx -n dev Name: my-nginx Namespace: dev Priority: 0 Node: k8s-node2/192.168.23.162 Start Time: Sat, 14 May 2022 22:03:47 +0800 Labels: run=my-nginx Annotations: cni.projectcalico.org/containerID: 516ad8c4489408f6de6cb0558e266da6eac0600a6fa1ea907818856d8e5e98d5 cni.projectcalico.org/podIP: 10.244.169.134/32 cni.projectcalico.org/podIPs: 10.244.169.134/32 Status: Running IP: 10.244.169.134 IPs: IP: 10.244.169.134 Containers: my-nginx: Container ID: containerd://fcf04016250a93e27a07b5380d88ce878dc56da4a47107378dbd5d3bb3244d4f Image: nginx:latest Image ID: docker.io/library/nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31 Port: 80/TCP Host Port: 0/TCP State: Running Started: Sat, 14 May 2022 22:04:03 +0800 Ready: True Restart Count: 0 Environment: <none> Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-srfct (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: kube-api-access-srfct: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 3607 ConfigMapName: kube-root-ca.crt ConfigMapOptional: <nil> DownwardAPI: true QoS Class: BestEffort Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 99s default-scheduler Successfully assigned dev/my-nginx to k8s-node2 Normal Pulling 99s kubelet Pulling image "nginx:latest" Normal Pulled 84s kubelet Successfully pulled image "nginx:latest" in 15.437873591s Normal Created 84s kubelet Created container my-nginx Normal Started 84s kubelet Started container my-nginx [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
2.2.4 访问pod中容器提供的服务
[root@k8s-master ~]# curl 10.244.169.134:80 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> html { color-scheme: light dark; } body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
2.2.5 查看pod的日志
[root@k8s-master ~]# kubectl logs -f my-nginx -n dev- 1
2.2.6 删除指定的Pod
[root@k8s-master ~]# kubectl delete pod my-nginx -n dev pod "my-nginx" deleted [root@k8s-master ~]#- 1
- 2
- 3
2.3 Pod的Kubectl配置文件操作
新建pod-nginx.yaml,内容如下:
[root@k8s-master ~]# cat pod-nginx.yaml apiVersion: v1 kind: Pod metadata: name: nginx-pod namespace: dev spec: containers: - image: nginx:latest imagePullPolicy: IfNotPresent name: nginx-container ports: - name: nginx-port containerPort: 80 protocol: TCP [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
2.3.1 通过命令式对象配置进行创建和删除
[root@k8s-master ~]# kubectl create -f pod-nginx.yaml pod/nginx-pod created [root@k8s-master ~]# [root@k8s-master ~]# kubectl delete -f pod-nginx.yaml pod "nginx-pod" deleted [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
3. Label
3.1 Label的介绍
虽然Namespace可以起到隔离,但是不同Namespace的Pod不能相互访问。Label作用就是在资源上添加标识,用来对它们进行区分和选择。实现资源的多纬度分组,以便灵活、方便地进行资源分配、调度、配置和部署等管理工作
Label的特点:
- 一个Label会以key:value键值对的形式附加到各种资源对象上,如Node、Pod、Service等
- 一个资源对象可以定义任意数量的Label,同一个Label也可以被添加到任意数量的资源对象上
- Label可以在资源对象定义时添加,也可以在资源对象创建后动态的添加或删除
3.2 Label的定义和筛选
一些常用的Label标签示例如下:
- 版本标签:“version”:”release”, ”version”:”stable”
- 环境标签:“env”:”dev”, “env”:”test”, “env”:”pro
- 架构标签:“tier”:”frontend”, ”tier”:”backend”
Label的筛选需要用到Label Selector,共两种
-
基于等式的Label Selector
- env=test:选择所有Label中的key=“env”并且value=“test”的资源对象
- env!=test:选择所Label中的key=“env”并且value!=“test”的资源对象
-
基于集合的Label Selector
- env in (dev,test):选择所有Label中的key=“env”并且value=“dev”或value=“test”的资源对象
- env not in (dev,test):选择所有Label中的key=“env”并且value!=“dev”和value!=“test”的资源对象
-
标签的选择条件可以使用多个,此时将多个Label Selector进行组合,使用逗号
,进行分隔即可。- env=test,version!=stable:选择所有Label中的key=“env”并且value=“test”,并且key=“version”并且value!=“stable”的资源对象
3.3 Lable的Kubectl命令行操作
3.3.1 为资源打标签
[root@k8s-master ~]# kubectl label pod my-nginx version=1.0 -n dev pod/my-nginx labeled [root@k8s-master ~]#- 1
- 2
- 3
3.3.2 更新资源的标签
[root@k8s-master ~]# kubectl label pod my-nginx version=2.0 -n dev --overwrite pod/my-nginx labeled [root@k8s-master ~]#- 1
- 2
- 3
3.3.3 查看Pod所有标签
[root@k8s-master ~]# kubectl get pod -n dev --show-labels NAME READY STATUS RESTARTS AGE LABELS my-nginx 1/1 Running 0 84s run=my-nginx,version=2.0 [root@k8s-master ~]#- 1
- 2
- 3
- 4
3.3.4 筛选Pod标签
[root@k8s-master ~]# kubectl get pod -l version=2.0 -n dev --show-labels NAME READY STATUS RESTARTS AGE LABELS my-nginx 1/1 Running 0 117s run=my-nginx,version=2.0 [root@k8s-master ~]#- 1
- 2
- 3
- 4
3.3.5 删除标签
[root@k8s-master ~]# kubectl label pod my-nginx version- -n dev pod/my-nginx unlabeled [root@k8s-master ~]#- 1
- 2
- 3
3.4 Lable的Kubectl配置文件操作
新建pod-nginx.yaml,内容如下:
apiVersion: v1 kind: Pod metadata: name: nginx-pod namespace: dev labels: version: "3.0" env: "test" spec: containers: - image: nginx:latest imagePullPolicy: IfNotPresent name: nginx-container ports: - name: nginx-port containerPort: 80 protocol: TCP- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
3.4.1 通过命令式对象配置进行创建和删除
[root@k8s-master ~]# kubectl create -f pod-nginx.yaml pod/nginx-pod created [root@k8s-master ~]# [root@k8s-master ~]# kubectl get pod -n dev --show-labels NAME READY STATUS RESTARTS AGE LABELS nginx-pod 1/1 Running 0 10s env=test,version=3.0 [root@k8s-master ~]# [root@k8s-master ~]# kubectl delete -f pod-nginx.yaml pod "nginx-pod" deleted [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
4. Deployment
4.1 Deployment的介绍
- kubernetes很少直接控制Pod,一般通过Pod控制器来完成的
- Pod控制器用于Pod的管理,确保Pod资源符合预期的状态,当Pod的资源出现故障的时候,会尝试进行重启或重建Pod。比如预期启动3个nginx pod,挂了一个,又会重启一个
- 这里我们只介绍Deployment这一种Pod控制器。Pod上定义Label,Deployment通过Label Selector进行Pod的选择
4.2 Deployment的Kubectl命令行操作
4.2.1 创建指定名称的deployement
[root@k8s-master ~]# kubectl create ns dev namespace/dev created [root@k8s-master ~]# [root@k8s-master ~]# kubectl create deployment my-nginx --image=nginx -n dev deployment.apps/my-nginx created [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
4.2.2 将deploy的一个pod拓展到4个pod
[root@k8s-master ~]# kubectl scale deployment my-nginx --replicas=4 -n dev deployment.apps/my-nginx scaled [root@k8s-master ~]#- 1
- 2
- 3
4.2.3 查看deployment的信息
[root@k8s-master ~]# kubectl get deploy -n dev NAME READY UP-TO-DATE AVAILABLE AGE my-nginx 4/4 4 4 4m2s [root@k8s-master ~]# [root@k8s-master ~]# kubectl get pod -n dev NAME READY STATUS RESTARTS AGE my-nginx-7cddc5685c-5mtfx 1/1 Running 0 104s my-nginx-7cddc5685c-8wj5d 1/1 Running 0 4m11s my-nginx-7cddc5685c-hz258 1/1 Running 0 104s my-nginx-7cddc5685c-zxrnh 1/1 Running 0 104s [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
4.2.4 查看deployment的详细信息
[root@k8s-master ~]# kubectl describe deployment my-nginx -n dev Name: my-nginx Namespace: dev CreationTimestamp: Sun, 15 May 2022 10:05:03 +0800 Labels: app=my-nginx Annotations: deployment.kubernetes.io/revision: 1 Selector: app=my-nginx Replicas: 4 desired | 4 updated | 4 total | 4 available | 0 unavailable StrategyType: RollingUpdate MinReadySeconds: 0 RollingUpdateStrategy: 25% max unavailable, 25% max surge Pod Template: Labels: app=my-nginx Containers: nginx: Image: nginx Port: <none> Host Port: <none> Environment: <none> Mounts: <none> Volumes: <none> Conditions: Type Status Reason ---- ------ ------ Progressing True NewReplicaSetAvailable Available True MinimumReplicasAvailable OldReplicaSets: <none> NewReplicaSet: my-nginx-7cddc5685c (4/4 replicas created) Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal ScalingReplicaSet 4m32s deployment-controller Scaled up replica set my-nginx-7cddc5685c to 1 Normal ScalingReplicaSet 2m5s deployment-controller Scaled up replica set my-nginx-7cddc5685c to 4 [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
4.2.5 删除deployment
deployment控制器删除,deployment下的pod也会被删除
[root@k8s-master ~]# kubectl delete deployment my-nginx -n dev deployment.apps "my-nginx" deleted [root@k8s-master ~]#- 1
- 2
- 3
4.3 Deployment的Kubectl配置文件操作
新建nginx-deploy.yaml,内容如下:
apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deploy namespace: dev spec: replicas: 3 selector: matchLabels: run: nginx-pod template: metadata: labels: run: nginx-pod spec: containers: - image: nginx name: nginx-container imagePullPolicy: IfNotPresent ports: - containerPort: 80 protocol: TCP name: nginx-port- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
4.3.1 通过命令式对象配置进行创建和删除
[root@k8s-master ~]# kubectl create -f nginx-deploy.yaml deployment.apps/nginx-deploy created [root@k8s-master ~]# [root@k8s-master ~]# kubectl delete -f nginx-deploy.yaml deployment.apps "nginx-deploy" deleted [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
5. Service
5.1 Service的介绍
利用Deployment创建一组Pod提供高可用性的服务,每个Pod都会分配一个单独的IP地址,但却存在如下问题:
- Pod的IP会随着Pod的重建而变化
- Pod的IP仅在K8s集群所在服务器能访问,其它服务器不能访问
Service可以解决这个问题。Service可以看做是一组同类的Pod对外的访问接口,应用可以方便的实现服务发现和负载均衡
5.2 Service的Kubectl命令行操作
5.2.1 暴露Service
[root@k8s-master ~]# [root@k8s-master ~]# kubectl create deployment nginx-deploy --image=nginx --replicas=3 -n dev deployment.apps/nginx-deploy created [root@k8s-master ~]# [root@k8s-master ~]# kubectl expose deployment nginx-deploy --name=nginx-svc --type=ClusterIP --port=80 --target-port=80 -n dev service/nginx-svc exposed [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
说明如下:
- 默认是ClusterIP模式。会产生一个Service的IP,在Service的生命周期内,这个IP是不会变化的。该IP只能K8s集群所在服务器访问
- Service创建的时候通过Deployment进行创建。提供服务的时候Service直接通过Label Selector选择Pod提供服务
--port参数是Service的端口,--target-port是Pod中服务的端口
--type=NodePort参数说明:
能够K8s集群外部所在服务器访问,查看Service的信息如下:[root@k8s-master ~]# kubectl get service -n dev -o wide NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR nginx-svc NodePort 10.96.74.31 <none> 80:30182/TCP 6s app=nginx-deploy [root@k8s-master ~]#- 1
- 2
- 3
- 4
访问http://k8s集群任意节点IP:30182,都可以访问
5.2.2 查看Service
[root@k8s-master ~]# kubectl get service -n dev -o wide NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR nginx-svc ClusterIP 10.96.149.66 <none> 80/TCP 3m55s app=nginx-deploy [root@k8s-master ~]#- 1
- 2
- 3
- 4
5.2.3 访问Service暴露的服务
[root@k8s-master ~]# curl 10.96.149.66:80 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> html { color-scheme: light dark; } body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
5.2.4 删除服务
[root@k8s-master ~]# kubectl delete service nginx-svc -n dev service "nginx-svc" deleted [root@k8s-master ~]#- 1
- 2
- 3
5.3 Service的Kubectl配置文件操作
新建nginx-svc.yaml,内容如下。clusterIP不写会随机创建一个
apiVersion: v1 kind: Service metadata: name: nginx-svc namespace: dev spec: clusterIP: 10.96.68.58 ports: - port: 80 protocol: TCP targetPort: 80 selector: app: nginx-deploy type: ClusterIP- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
4.3.1 通过命令式对象配置进行创建和删除
[root@k8s-master ~]# kubectl create -f nginx-svc.yaml service/nginx-svc created [root@k8s-master ~]# [root@k8s-master ~]# kubectl delete -f nginx-svc.yaml service "nginx-svc" deleted [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
-
相关阅读:
学习网络编程No.6【将服务器日志和守护进程化】
cnpm安装步骤
PyTorch官方文档学习笔记(备忘)
【JavaEE初阶】 线程池详解与实现
maven打包命令打出的可执行的jar包和可依赖的jar包的区别
恩智浦与长城汽车、蔚来、小鹏和中汽创智等车企和供应商密集签约
903三农问题概论真题10、11、1
嵌入式开发和后端开发如何选择?
TCP重头戏来!了!(1) —— 小林图解学习摘记
深入理解安卓ARouter:集成与应用
- 原文地址:https://blog.csdn.net/yy8623977/article/details/124769617
