3. kubernetes资源——pod
pod是k8s集群所能管理的最小单位相当于装载容器的箱子实际应用:一个pod对应一个容器底层设计: k8s会使用pause镜像自动创建一个管理容器,用于容器的管理操作(IP、持久化)
·
kubernetes资源——pod
一、namespace 命名空间
对资源进行分组
1、查看命名空间
[root@k8s-master ~]# kubectl get ns
NAME STATUS AGE
default Active 45h
kube-node-lease Active 45h
kube-public Active 45h
kube-system Active 45h
// 默认使用default命名空间
[root@k8s-master ~]# kubectl get pod
No resources found in default namespace.
[root@k8s-master ~]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-5fc7d6cf67-jg28l 1/1 Running 1 (16m ago) 45h
calico-node-2wdsg 1/1 Running 1 (16m ago) 45h
calico-node-dt9n9 1/1 Running 1 (41h ago) 45h
calico-node-nskx9 1/1 Running 1 (16m ago) 45h
coredns-5f98f8d567-ghrpr 1/1 Running 1 (17m ago) 45h
coredns-5f98f8d567-txgzh 1/1 Running 1 (17m ago) 45h
etcd-k8s-master.linux.com 1/1 Running 1 (17m ago) 45h
kube-apiserver-k8s-master.linux.com 1/1 Running 1 (17m ago) 45h
kube-controller-manager-k8s-master.linux.com 1/1 Running 1 (17m ago) 45h
kube-proxy-945mx 1/1 Running 1 (16m ago) 45h
kube-proxy-hmnrm 1/1 Running 1 (16m ago) 45h
kube-proxy-j5hnw 1/1 Running 1 (41h ago) 45h
kube-scheduler-k8s-master.linux.com 1/1 Running 1 (17m ago) 45h
2、创建命名空间
2.1 命令行方式
[root@k8s-master ~]# kubectl create ns game
namespace/game created
[root@k8s-master ~]# kubectl get ns
NAME STATUS AGE
default Active 45h
game Active 26s
kube-node-lease Active 45h
kube-public Active 45h
kube-system Active 45h
2.2 编排 yaml文件
apiVersion: v1
kind: Namespace
metadata:
name: web
[root@k8s-master namespace]# kubectl create -f web.yaml
namespace/web created
[root@k8s-master namespace]# kubectl get ns
NAME STATUS AGE
default Active 22h
game Active <invalid>
kube-node-lease Active 22h
kube-public Active 22h
kube-system Active 22h
web Active 14s
[root@k8s-master namespace]# kubectl delete -f web.yaml
namespace "web" deleted
二、pod
1. pod介绍
pod是k8s集群所能管理的最小单位
相当于装载容器的箱子
实际应用:一个pod对应一个容器
底层设计: k8s会使用pause镜像自动创建一个管理容器,用于容器的管理操作(IP、持久化)
2、创建pod
apiVersion: v1
kind: Pod
metadata:
name: test1-pod
namespace: web
spec:
containers:
- name: test1-pod
image: centos:7
imagePullPolicy: IfNotPresent
command:
- sleep
- "3600"
[root@k8s-master podTest]# kubectl create -f test1-pod.yaml
pod/test1-pod created
[root@k8s-master ~]# kubectl get pod -n web
NAME READY STATUS RESTARTS AGE
test1-pod 1/1 Running 0 3m42s
3、pod常用管理命令
3.1 查看pod
[root@k8s-master ~]# kubectl get pod
No resources found in default namespace.
[root@k8s-master ~]# kubectl get pod -n web
NAME READY STATUS RESTARTS AGE
test1-pod 1/1 Running 0 5m13s
[root@k8s-master ~]# kubectl get pod -n web -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
test1-pod 1/1 Running 0 5m34s 10.88.201.193 k8s-node01.linux.com <none> <none>
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-5fc7d6cf67-64t6d 1/1 Running 0 5m5s
kube-system calico-node-7q4g9 1/1 Running 0 5m5s
kube-system calico-node-s9mzk 1/1 Running 0 5m5s
kube-system calico-node-spbn7 1/1 Running 0 5m5s
kube-system coredns-5f98f8d567-9dp6s 1/1 Running 0 121d
kube-system coredns-5f98f8d567-vm5lr 1/1 Running 0 121d
kube-system etcd-k8s-master.linux.com 1/1 Running 0 121d
kube-system kube-apiserver-k8s-master.linux.com 1/1 Running 0 121d
kube-system kube-controller-manager-k8s-master.linux.com 1/1 Running 0 121d
kube-system kube-proxy-7mm59 1/1 Running 0 121d
kube-system kube-proxy-bqs59 1/1 Running 0 121d
kube-system kube-proxy-l8rbw 1/1 Running 0 121d
kube-system kube-scheduler-k8s-master.linux.com 1/1 Running 0 121d
web test1-pod 1/1 Running 0 7m8s
3.2 查看pod创建过程
[root@k8s-master ~]# kubectl describe pod test1-pod -n web
Name: test1-pod
Namespace: web
Priority: 0
Service Account: default
Node: k8s-node01.linux.com/192.168.140.11
Start Time: Thu, 25 Jul 2024 10:36:28 +0800
Labels: <none>
Annotations: cni.projectcalico.org/containerID: 037da75c3014be7189264121e0545b47236eeac293fe6dd0d5f573c957d8854a
cni.projectcalico.org/podIP: 10.88.201.193/32
cni.projectcalico.org/podIPs: 10.88.201.193/32
Status: Running
IP: 10.88.201.193
IPs:
IP: 10.88.201.193
Containers:
test1-pod:
Container ID: containerd://3aac04ec29b3f296236e0b6ab30427570adc677a9e1ff6f4416265a50d4b7c28
Image: centos:7
Image ID: sha256:eeb6ee3f44bd0b5103bb561b4c16bcb82328cfe5809ab675bb17ab3a16c517c9
Port: <none>
Host Port: <none>
Command:
sleep
3600
State: Running
Started: Thu, 25 Jul 2024 10:38:41 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-phlsw (ro)
Conditions:
Type Status
PodReadyToStartContainers True
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kube-api-access-phlsw:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 10m default-scheduler Successfully assigned web/test1-pod to k8s-node01.linux.com
Warning FailedCreatePodSandBox 10m kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "2d096cf4d2efb1d03d177ca4e98af323886172eca46c5956ebb98b9c440528d6": plugin type="calico" failed (add): error getting ClusterInformation: connection is unauthorized: Unauthorized
Normal SandboxChanged 8m29s (x11 over 10m) kubelet Pod sandbox changed, it will be killed and re-created.
Normal Pulled 8m28s kubelet Container image "centos:7" already present on machine
Normal Created 8m28s kubelet Created container test1-pod
Normal Started 8m28s kubelet Started container test1-pod
3.3 查看日志
[root@k8s-master ~]# kubectl logs test1-pod -n web
3.4 连接登录
[root@k8s-master ~]# kubectl exec -ti test1-pod -n web bash
3.5 物理机、pod间拷贝文件
[root@k8s-master ~]# kubectl cp file01 test1-pod:/file01 -n web
[root@k8s-master ~]# kubectl exec -ti test1-pod -n web ls /
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
anaconda-post.log dev file01 lib media opt root sbin sys usr
bin etc home lib64 mnt proc run srv tmp var
[root@k8s-master ~]#
4、pod常用选项
- 指定容器名称
name: xxxx
- 指定镜像名称
image: xxxxx
- 指定镜像下载策略
imagePullPolicy: [Always|IfNotPresent|Never]
- 指定容器自动执行的命令
command:
- sleep
- "3600"
- 指定命令的参数
command:
- sleep
args:
- "3600"
- 说明容器中的服务端口
ports:
- containerPort: 80
- 传递环境变量
env:
- name: 变量名称
value: 值
- 资源限制
resources:
requests:
cpu: "2000m"
memory: "2G"
limits:
cpu: "4000m"
memory: "4G"
1000毫核 = 1核
三、pod健康状态检测机制
1、健康状态检查探针
-
livenessprobe
检测pod是否正常启动 -
readnessprobe
检测pod是否能正常接收请求
2、健康状态检查的方式
- httpGet
发送http请求,检测状态码200-400间,说明服务健康,否则不健康
readinessProbe:
httpGet:
path: /test
port: 80
scheme: HTTP
initialDelaySeconds: 10 // 延迟时间
periodSeconds: 10 // 周期,频率
successThreshold: 3 // 故障后恢复的检测次数
timeoutSeconds: 1 // 超时时间
- tcpSocket
针对所有tcp服务
livenessProbe:
tcpSocket:
port: 6379
initialDelaySeconds: 10 // 延迟时间
periodSeconds: 10 // 周期,频率
successThreshold: 3 // 故障后恢复的检测次数
timeoutSeconds: 1 // 超时时间
- exec
执行shell命令,判断命令的状态码
readinessProbe:
exec:
- rpm
- -q
- httpd
initialDelaySeconds: 10 // 延迟时间
periodSeconds: 10 // 周期,频率
successThreshold: 3 // 故障后恢复的检测次数
timeoutSeconds: 1 // 超时时间
apiVersion: v1
kind: Pod
metadata:
name: web_db
spec:
containers:
- name: mysql
image: mysql:8.0
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: "2"
memory: "4Gi"
requests:
cpu: "1"
memory: "2Gi"
readinessProbe:
exec:
command:
- mysqladmin
- ping
initialDelaySeconds: 5
periodSeconds: 2
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
11
0- 0
已为社区贡献4条内容
所有评论(0)