第152天学习打卡(Kubernetes Service 部署有状态应用 部署守护进程 job corejob Secret ConfigMap )
Service(定义一组pod的访问规则)1.service存在的意义(1)防止Pod失联(服务发现)(2)定义一组Pod访问策略(负载均衡)2.Pod和Service关系3.常用service类型#[root@master ~]# kubectl expose --help使用这个命令可以查看类型Type for this service: ClusterIP, NodePort, LoadBa
·
Service(定义一组pod的访问规则)
1.service存在的意义
(1)防止Pod失联(服务发现)
(2)定义一组Pod访问策略(负载均衡)
2.Pod和Service关系
3.常用service类型
#[root@master ~]# kubectl expose --help 使用这个命令可以查看类型
Type for this service: ClusterIP, NodePort, LoadBalancer
(1) ClusterIP:集群内部进行使用
[root@master ~]# kubectl expose deployment web --port=80 --target-port=80 --dry-run=client -o yaml > service1.yaml
[root@master ~]# ls
10-flannel.conflist admin.conf deploy.yaml.1 kube-flannel.yml service1.yaml web.yaml
10-kubeadm.conf deploy.yaml ingress-nginx-rule.yaml recommended.yaml web1.yaml
[root@master ~]# cat service1.yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: web
name: web
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: web
status:
loadBalancer: {}
[root@master ~]# kubectl apply -f service1.yaml
service/web created
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d18h
nginx NodePort 10.98.160.67 <none> 80:32169/TCP 2d19h
tomcat NodePort 10.105.92.64 <none> 8080:30513/TCP 2d19h
web ClusterIP 10.97.199.113 <none> 80/TCP 18s
web1 NodePort 10.111.154.60 <none> 80:32594/TCP 17h
[root@master ~]#
在节点进行访问(内部访问):
[root@node01 ~]# curl 10.111.154.60
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
(2)NodePort:对外访问应用使用
[root@master ~]# vim service1.yaml
遇到的错误: 原因是前面已经设置过web1不能再次用web1这个名字了,换一个就可以了
[root@master ~]# kubectl apply -f service1.yaml
The Service "web1" is invalid:
* metadata.resourceVersion: Invalid value: "": must be specified for an update
* spec.clusterIPs[0]: Invalid value: []string(nil): primary clusterIP can not be unset
[root@master ~]# vim service1.yaml #这里换成了web2
[root@master ~]# kubectl apply -f service1.yaml
service/web2 created
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d18h
nginx NodePort 10.98.160.67 <none> 80:32169/TCP 2d19h
tomcat NodePort 10.105.92.64 <none> 8080:30513/TCP 2d19h
web ClusterIP 10.97.199.113 <none> 80/TCP 9m35s
web1 NodePort 10.111.154.60 <none> 80:32594/TCP 17h
web2 NodePort 10.108.138.180 <none> 80:32474/TCP 22s
(3)LoadBalancer:对外访问应用使用,公有云
node内网部署应用,外网一般不能访问到的
- 找到一台可以进行外网访问机器,安装nginx,反向代理
- 手动把可以访问节点添加到nginx里面
LoadBalance:访问公有云,把负载均衡做到,编写控制器
无状态和有状态
1.无状态:
- 认为Pod都是一样的
- 没有顺序要求
- 不用考虑在哪个node上运行
- 随意进行伸缩和扩展
2.有状态
- 上面的所有的因素都要考虑到
- 让每个pod独立,保持pod启动顺序和唯一性
- 唯一的网络标识,持久存储
- 有序,比如mysql主从
部署有状态应用
无头service
- ClusterIP: none
(1)SatefulSet部署有状态应用
**这里有一个错误:错误的原因是我的master里面原本就有一个nginx,然后sts.yaml文件里面创建的nginx就会失败,在查看service的时候就查看不到nginx ClusterIP None **
解决办法:删掉原来的nginx,再重新传入sts.yaml文件进行创建
Warning: resource services/nginx is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
statefulset.apps/nginx-statefulset created
The Service "nginx" is invalid:
* spec.clusterIPs[0]: Invalid value: []string{"None"}: may not change once set
* spec.clusterIPs[0]: Invalid value: "None": may not be set to 'None' for NodePort services
[root@master ~]# ls
10-flannel.conflist admin.conf deploy.yaml.1 kube-flannel.yml service1.yaml web1.yaml
10-kubeadm.conf deploy.yaml ingress-nginx-rule.yaml recommended.yaml sts.yaml web.yaml
[root@master ~]# cat sts.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: nginx-statefulset
namespace: default
spec:
serviceName: nginx
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
[root@master ~]# kubectl apply -f sts.yaml
Warning: resource services/nginx is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
statefulset.apps/nginx-statefulset created
The Service "nginx" is invalid:
* spec.clusterIPs[0]: Invalid value: []string{"None"}: may not change once set
* spec.clusterIPs[0]: Invalid value: "None": may not be set to 'None' for NodePort services
#查看pod,有三个pod,每个都是唯一的名称
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6799fc88d8-kqfmm 1/1 Running 3 2d20h
nginx-statefulset-0 1/1 Running 0 4m11s
nginx-statefulset-1 1/1 Running 0 3m53s
nginx-statefulset-2 1/1 Running 0 3m34s
tomcat-7d987c7694-8sjkd 1/1 Running 2 2d20h
web-5bb6fd4c98-4lsd2 1/1 Running 0 66m
web-5bb6fd4c98-vtfnm 1/1 Running 0 66m
[root@master ~]#
#查看创建的无头service
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d19h
nginx NodePort 10.98.160.67(未能创建成功) <none> 80:32169/TCP 2d20h
tomcat NodePort 10.105.92.64 <none> 8080:30513/TCP 2d20h
web ClusterIP 10.97.199.113 <none> 80/TCP 66m
web1 NodePort 10.111.154.60 <none> 80:32594/TCP 18h
web2 NodePort 10.108.138.180 <none> 80:32474/TCP 56m
解决办法:
[root@master ~]# kubectl get deployNAME READY UP-TO-DATE AVAILABLE AGEnginx 1/1 1 1 2d20htomcat 1/1 1 1 2d20hweb 2/2 2 2 80m[root@master ~]# kubectl delete deployment nginxdeployment.apps "nginx" deleted[root@master ~]# kubectl get servicesNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d19hnginx NodePort 10.98.160.67 <none> 80:32169/TCP 2d20htomcat NodePort 10.105.92.64 <none> 8080:30513/TCP 2d20hweb ClusterIP 10.97.199.113 <none> 80/TCP 70mweb1 NodePort 10.111.154.60 <none> 80:32594/TCP 18hweb2 NodePort 10.108.138.180 <none> 80:32474/TCP 60m[root@master ~]# kubectl delete services nginxservice "nginx" deleted[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEnginx-statefulset-0 1/1 Running 0 20mnginx-statefulset-1 1/1 Running 0 19mnginx-statefulset-2 1/1 Running 0 19mtomcat-7d987c7694-8sjkd 1/1 Running 2 2d20hweb-5bb6fd4c98-4lsd2 1/1 Running 0 82mweb-5bb6fd4c98-vtfnm 1/1 Running 0 82m[root@master ~]# rm sts.yamlrm: remove regular file ‘sts.yaml’? y[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEnginx-statefulset-0 1/1 Running 0 20mnginx-statefulset-1 1/1 Running 0 20mnginx-statefulset-2 1/1 Running 0 20mtomcat-7d987c7694-8sjkd 1/1 Running 2 2d20hweb-5bb6fd4c98-4lsd2 1/1 Running 0 82mweb-5bb6fd4c98-vtfnm 1/1 Running 0 82m[root@master ~]# kubectl delete pods nginx-statefulset-0pod "nginx-statefulset-0" deleted[root@master ~]# kubectl delete pods nginx-statefulset-1pod "nginx-statefulset-1" deleted[root@master ~]# kubectl delete pods nginx-statefulset-2pod "nginx-statefulset-2" deleted
再次重新传入sts.yaml
[root@master ~]# rz[root@master ~]# kubectl apply -f sts.yamlservice/nginx createdstatefulset.apps/nginx-statefulset unchanged# 查看pod,有三个pod,每个都是唯一的名称[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEnginx-statefulset-0 1/1 Running 0 3m20snginx-statefulset-1 1/1 Running 0 3m3snginx-statefulset-2 1/1 Running 0 2m46stomcat-7d987c7694-8sjkd 1/1 Running 2 2d20hweb-5bb6fd4c98-4lsd2 1/1 Running 0 88mweb-5bb6fd4c98-vtfnm 1/1 Running 0 88m#查看创建的无头service[root@master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d19hnginx ClusterIP None (可以看到为None) <none> 80/TCP 3m21stomcat NodePort 10.105.92.64 <none> 8080:30513/TCP 2d20hweb ClusterIP 10.97.199.113 <none> 80/TCP 78mweb1 NodePort 10.111.154.60 <none> 80:32594/TCP 19hweb2 NodePort 10.108.138.180 <none> 80:32474/TCP 69m
deployment 和statefueset区别:
deployment:是无状态应用
statefueset:有身份的(唯一标识的):
根据主机名 + 按照一定规则生成域名
每个Pod有唯一主机名
唯一域名:
格式:主机名称.service名称.名称空间.svc.cluster.local
例如:nginx-statefulset-0.nginx.defalut.svc.cluster.local
部署守护进程DaemonSet
- 每个node上运行一个pod,新加入的node也会运行同一个pod,保证所有节点上都有同一个pod目的是打散
- 例子:在每个node节点安装数据采集工具
首先删除master里面多余的文件
[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEnginx-statefulset-0 1/1 Running 0 3m20snginx-statefulset-1 1/1 Running 0 3m3snginx-statefulset-2 1/1 Running 0 2m46stomcat-7d987c7694-8sjkd 1/1 Running 2 2d20hweb-5bb6fd4c98-4lsd2 1/1 Running 0 88mweb-5bb6fd4c98-vtfnm 1/1 Running 0 88m[root@master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d19hnginx ClusterIP None <none> 80/TCP 3m21stomcat NodePort 10.105.92.64 <none> 8080:30513/TCP 2d20hweb ClusterIP 10.97.199.113 <none> 80/TCP 78mweb1 NodePort 10.111.154.60 <none> 80:32594/TCP 19hweb2 NodePort 10.108.138.180 <none> 80:32474/TCP 69m[root@master ~]# kubectl delete statefulset --allstatefulset.apps "nginx-statefulset" deleted[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEtomcat-7d987c7694-8sjkd 1/1 Running 2 2d21hweb-5bb6fd4c98-4lsd2 1/1 Running 0 116mweb-5bb6fd4c98-vtfnm 1/1 Running 0 116m[root@master ~]# kubectl delete svc nginxservice "nginx" deleted[root@master ~]# kubectl delete svc webservice "web" deleted[root@master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d20htomcat NodePort 10.105.92.64 <none> 8080:30513/TCP 2d21hweb1 NodePort 10.111.154.60 <none> 80:32594/TCP 19hweb2 NodePort 10.108.138.180 <none> 80:32474/TCP 96m[root@master ~]# kubectl delete svc web1service "web1" deleted[root@master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d20htomcat NodePort 10.105.92.64 <none> 8080:30513/TCP 2d21hweb2 NodePort 10.108.138.180 <none> 80:32474/TCP 96m[root@master ~]# kubectl delete svc web2service "web2" deleted[root@master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d20htomcat NodePort 10.105.92.64 <none> 8080:30513/TCP 2d21h[root@master ~]# kubectl delete svc tomcatservice "tomcat" deleted[root@master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d20h
第一步导入ds.yaml文件
[root@master ~]# rz[root@master ~]# ls10-flannel.conflist admin.conf deploy.yaml.1 ingress-nginx-rule.yaml recommended.yaml sts.yaml web.yaml10-kubeadm.conf deploy.yaml ds.yaml kube-flannel.yml service1.yaml web1.yaml[root@master ~]# cat ds.yamlapiVersion: apps/v1kind: DaemonSetmetadata: name: ds-test labels: app: filebeatspec: selector: matchLabels: app: filebeat template: metadata: labels: app: filebeat spec: containers: - name: logs image: nginx ports: - containerPort: 80 volumeMounts: - name: varlog mountPath: /tmp/log volumes: - name: varlog hostPath: path: /var/log[root@master ~]# kubectl apply -f ds.yamldaemonset.apps/ds-test created[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 26sds-test-bq68t 1/1 Running 0 26sds-test-rsd2r 1/1 Running 0 26stomcat-7d987c7694-8sjkd 1/1 Running 2 2d21hweb-5bb6fd4c98-4lsd2 1/1 Running 0 124mweb-5bb6fd4c98-vtfnm 1/1 Running 0 124m
[root@master ~]# kubectl exec -it ds-test-bjdsg bash kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.root@ds-test-bjdsg:/# ls /tmp/loganaconda cloud-init-output.log dmesg lastlog rhsm tallylogaudit cloud-init.log dmesg.old maillog sa tunedboot.log cloudinit-deploy.log ecs_network_optimization.log maillog-20210606 secure wtmpboot.log-20210606 containers grubby messages secure-20210606 yum.logbtmp cron grubby_prune_debug messages-20210606 spoolerchrony cron-20210606 journal pods spooler-20210606root@ds-test-bjdsg:/# exitexit[root@master ~]#
守护进程是保证在每个node里面会运行一个pod,作为后台进程。可以看到ds.yaml文件里面没有指定副本数,而ds的pod确是3个。就是现在有3个node
job(一次性任务)
[root@master ~]# rz[root@master ~]# ls10-flannel.conflist admin.conf deploy.yaml.1 ingress-nginx-rule.yaml kube-flannel.yml service1.yaml web1.yaml10-kubeadm.conf deploy.yaml ds.yaml job.yaml recommended.yaml sts.yaml web.yaml[root@master ~]# cat job.yamlapiVersion: batch/v1kind: Jobmetadata: name: pispec: template: spec: containers: - name: pi image: perl command: ["perl", "-Mbignum=bpi", "-wle", "print bpi(2000)"] restartPolicy: Never backoffLimit: 4[root@master ~]# kubectl create -f job.yamljob.batch/pi created[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 29mds-test-bq68t 1/1 Running 0 29mds-test-rsd2r 1/1 Running 0 29mpi-klx2r 0/1 ContainerCreating 0 12stomcat-7d987c7694-8sjkd 1/1 Running 2 2d21hweb-5bb6fd4c98-4lsd2 1/1 Running 0 154mweb-5bb6fd4c98-vtfnm 1/1 Running 0 154m[root@master ~]# kubectl get pods -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESds-test-bjdsg 1/1 Running 0 30m 10.244.2.26 node02 <none> <none>ds-test-bq68t 1/1 Running 0 30m 10.244.1.25 node01 <none> <none>ds-test-rsd2r 1/1 Running 0 30m 10.244.3.19 node03 <none> <none>pi-klx2r 0/1 ContainerCreating 0 43s <none> node02 <none> <none>tomcat-7d987c7694-8sjkd 1/1 Running 2 2d21h 10.244.1.6 node01 <none> <none>web-5bb6fd4c98-4lsd2 1/1 Running 0 154m 10.244.2.22 node02 <none> <none>web-5bb6fd4c98-vtfnm 1/1 Running 0 154m 10.244.1.21 node01 <none> <none>[root@master ~]# kubectl get jobsNAME COMPLETIONS DURATION AGEpi 1/1 85s 3m6s[root@master ~]# kubectl get pods -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESds-test-bjdsg 1/1 Running 0 34m 10.244.2.26 node02 <none> <none>ds-test-bq68t 1/1 Running 0 34m 10.244.1.25 node01 <none> <none>ds-test-rsd2r 1/1 Running 0 34m 10.244.3.19 node03 <none> <none>pi-klx2r 0/1 Completed 0 4m42s 10.244.2.27 node02 <none> <none>tomcat-7d987c7694-8sjkd 1/1 Running 2 2d21h 10.244.1.6 node01 <none> <none>web-5bb6fd4c98-4lsd2 1/1 Running 0 158m 10.244.2.22 node02 <none> <none>web-5bb6fd4c98-vtfnm 1/1 Running 0 158m 10.244.1.21 node01 <none> <none>[root@master ~]# kubectl logs pi-klx2r#查看日志
在node02节点上进行了镜像拉取
[root@node02 ~]# docker pull perlUsing default tag: latestlatest: Pulling from library/perlDigest: sha256:5c615fff95850d01e37931e85191f2b32373d9cbcffe88e083325872f64366bcStatus: Image is up to date for perl:latestdocker.io/library/perl:latest[root@node02 ~]#
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-L7XJdYUU-1623317632740)(C:\Users\HP\AppData\Roaming\Typora\typora-user-images\image-20210609182818434.png)]
[root@master ~]# kubectl delete -f job.yamljob.batch "pi" deleted[root@master ~]# kubectl get jobsNo resources found in default namespace.
corejob(定时任务)
croejob.yaml
apiVersion: batch/v1beta1kind: CronJobmetadata: name: hellospec: schedule: "*/1 * * * *" jobTemplate: spec: template: spec: containers: - name: hello image: busybox args: - /bin/sh - -c - date; echo Hello from the Kubernetes cluster restartPolicy: OnFailure
[root@master ~]# rz [root@master ~]# kubectl apply -f cronjob.yamlcronjob.batch/hello created[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 97mds-test-bq68t 1/1 Running 0 97mds-test-rsd2r 1/1 Running 0 97mhello-1623235380-qmfd2 0/1 Completed 0 79shello-1623235440-whdqs 0/1 Completed 0 19stomcat-7d987c7694-8sjkd 1/1 Running 2 2d22hweb-5bb6fd4c98-4lsd2 1/1 Running 0 3h41mweb-5bb6fd4c98-vtfnm 1/1 Running 0 3h41m[root@master ~]# kubectl get cronjobNAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGEhello */1 * * * * False 0 62s 3m10s[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 99mds-test-bq68t 1/1 Running 0 99mds-test-rsd2r 1/1 Running 0 99mhello-1623235440-whdqs 0/1 Completed 0 2m32shello-1623235500-wrxmw 0/1 Completed 0 91shello-1623235560-ww2fk 0/1 Completed 0 31stomcat-7d987c7694-8sjkd 1/1 Running 2 2d22hweb-5bb6fd4c98-4lsd2 1/1 Running 0 3h43mweb-5bb6fd4c98-vtfnm 1/1 Running 0 3h43m[root@master ~]# kubectl logs hello-1623235440-whdqsWed Jun 9 10:44:24 UTC 2021Hello from the Kubernetes cluster
pod不会越来越多,因为completed表示那个pod已经不在了
Secret
作用:加密数据存在etcd里面,让pod容器以挂载volume方式进行访问
场景:凭证
base64编码:
[root@master ~]# echo -n 'admin' | base64 #echo:做输出YWRtaW4=
1.创建secret加密数据
secret.yaml
apiVersion: v1kind: Secretmetadata: name: mysecrettype: Opaquedata: username: YWRtaW4= password: MWYyZDFlMmU2N2Rm
[root@master ~]# rz[root@master ~]# ls10-flannel.conflist cronjob.yaml ds.yaml kube-flannel.yml service1.yaml web.yaml10-kubeadm.conf deploy.yaml ingress-nginx-rule.yaml recommended.yaml sts.yamladmin.conf deploy.yaml.1 job.yaml secret.yaml web1.yaml[root@master ~]# kubectl create -f secret.yamlsecret/mysecret created[root@master ~]# kubectl get secretNAME TYPE DATA AGEdefault-token-pf7bm kubernetes.io/service-account-token 3 3d22hmysecret Opaque 2 14s[root@master ~]#
2.以变量形式挂载到pod容器中
[root@master ~]# rz[root@master ~]# ls10-flannel.conflist cronjob.yaml ds.yaml kube-flannel.yml secret.yaml web1.yaml10-kubeadm.conf deploy.yaml ingress-nginx-rule.yaml recommended.yaml service1.yaml web.yamladmin.conf deploy.yaml.1 job.yaml secret-var.yaml sts.yaml[root@master ~]# kubectl apply -f secret-var.yamlpod/mypod created[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 133mds-test-bq68t 1/1 Running 0 133mds-test-rsd2r 1/1 Running 0 133mhello-1623237480-nw2lm 0/1 Completed 0 3m8shello-1623237540-t68qr 0/1 Completed 0 2m7shello-1623237600-tdk8t 0/1 Completed 0 67shello-1623237660-xm2m9 0/1 ContainerCreating 0 6smypod 0/1 ContainerCreating 0 19stomcat-7d987c7694-8sjkd 1/1 Running 2 2d23hweb-5bb6fd4c98-4lsd2 1/1 Running 0 4h18mweb-5bb6fd4c98-vtfnm 1/1 Running 0 4h18m[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 134mds-test-bq68t 1/1 Running 0 134mds-test-rsd2r 1/1 Running 0 134mhello-1623237540-t68qr 0/1 Completed 0 2m34shello-1623237600-tdk8t 0/1 Completed 0 94shello-1623237660-xm2m9 0/1 Completed 0 33smypod 1/1 Running 0 46stomcat-7d987c7694-8sjkd 1/1 Running 2 2d23hweb-5bb6fd4c98-4lsd2 1/1 Running 0 4h18mweb-5bb6fd4c98-vtfnm 1/1 Running 0 4h18m[root@master ~]# kubectl exec -it mypod bashkubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.root@mypod:/# echo $SECRET_USERNAMEadminroot@mypod:/# echo $SECRET_PASSWORD1f2d1e2e67df
3.以Volume形式挂载pod容器中
[root@master ~]# rz[root@master ~]# kubectl apply -f secret-vol.yamlpod/mypod created[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 145mds-test-bq68t 1/1 Running 0 145mds-test-rsd2r 1/1 Running 0 145mhello-1623238140-2tgl4 0/1 Completed 0 3m8shello-1623238200-559qd 0/1 Completed 0 2m8shello-1623238260-xlfzh 0/1 Completed 0 68shello-1623238320-t4w2z 0/1 ContainerCreating 0 7smypod 0/1 ContainerCreating 0 20stomcat-7d987c7694-8sjkd 1/1 Running 2 2d23hweb-5bb6fd4c98-4lsd2 1/1 Running 0 4h29mweb-5bb6fd4c98-vtfnm 1/1 Running 0 4h29m[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 145mds-test-bq68t 1/1 Running 0 145mds-test-rsd2r 1/1 Running 0 145mhello-1623238140-2tgl4 0/1 Completed 0 3m28shello-1623238200-559qd 0/1 Completed 0 2m28shello-1623238260-xlfzh 0/1 Completed 0 88shello-1623238320-t4w2z 0/1 Completed 0 27smypod 1/1 Running 0 40stomcat-7d987c7694-8sjkd 1/1 Running 2 2d23hweb-5bb6fd4c98-4lsd2 1/1 Running 0 4h29mweb-5bb6fd4c98-vtfnm 1/1 Running 0 4h29m[root@master ~]# kubectl exec -it mypod bashkubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.root@mypod:/# ls /etc/foopassword usernameroot@mypod:/# cd /etc/foo root@mypod:/etc/foo# cat password1f2d1e2e67dfroot@mypod:/etc/foo# cat usernameadminroot@mypod:/etc/foo#
ConfigMap
作用:存储不加密数据到etcd,让pod以变量或者volume挂载到容器中
场景:配置文件
首先先删除里面的不用的文件
adminroot@mypod:/etc/foo# exitexit[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 152mds-test-bq68t 1/1 Running 0 152mds-test-rsd2r 1/1 Running 0 152mhello-1623238620-flbdr 0/1 Completed 0 2m43shello-1623238680-7kvk7 0/1 Completed 0 103shello-1623238740-pj5zq 0/1 Completed 0 42smypod 1/1 Running 0 7m48stomcat-7d987c7694-8sjkd 1/1 Running 2 2d23hweb-5bb6fd4c98-4lsd2 1/1 Running 0 4h36mweb-5bb6fd4c98-vtfnm 1/1 Running 0 4h36m[root@master ~]# kubectl delete secret --allsecret "default-token-pf7bm" deletedsecret "mysecret" deleted[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 153mds-test-bq68t 1/1 Running 0 153mds-test-rsd2r 1/1 Running 0 153mhello-1623238620-flbdr 0/1 Completed 0 3m20shello-1623238680-7kvk7 0/1 Completed 0 2m20shello-1623238740-pj5zq 0/1 Completed 0 79shello-1623238800-hzp9z 0/1 ContainerCreating 0 19smypod 1/1 Running 0 8m25stomcat-7d987c7694-8sjkd 1/1 Running 2 2d23hweb-5bb6fd4c98-4lsd2 1/1 Running 0 4h37mweb-5bb6fd4c98-vtfnm 1/1 Running 0 4h37m[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-bjdsg 1/1 Running 0 153mds-test-bq68t 1/1 Running 0 153mds-test-rsd2r 1/1 Running 0 153mhello-1623238680-7kvk7 0/1 Completed 0 2m43shello-1623238740-pj5zq 0/1 Completed 0 102shello-1623238800-hzp9z 0/1 Completed 0 42smypod 1/1 Running 0 8m48stomcat-7d987c7694-8sjkd 1/1 Running 2 2d23hweb-5bb6fd4c98-4lsd2 1/1 Running 0 4h37mweb-5bb6fd4c98-vtfnm 1/1 Running 0 4h37m[root@master ~]# kubectl delete Pod --allpod "ds-test-bjdsg" deletedpod "ds-test-bq68t" deletedpod "ds-test-rsd2r" deletedpod "hello-1623238740-pj5zq" deletedpod "hello-1623238800-hzp9z" deletedpod "hello-1623238860-prcr7" deletedpod "mypod" deletedpod "tomcat-7d987c7694-8sjkd" deletedpod "web-5bb6fd4c98-4lsd2" deletedpod "web-5bb6fd4c98-vtfnm" deleted[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-489bb 1/1 Running 0 29sds-test-4rvcr 1/1 Running 0 34sds-test-nx6kt 1/1 Running 0 38shello-1623238920-5zwh4 0/1 Completed 0 5stomcat-7d987c7694-kw6xs 1/1 Running 0 41sweb-5bb6fd4c98-9zqzg 1/1 Running 0 41sweb-5bb6fd4c98-d7gqr 1/1 Running 0 41s[root@master ~]#
1.创建配置文件
[root@master ~]# rz[root@master ~]# ls10-flannel.conflist cronjob.yaml ds.yaml kube-flannel.yml secret-var.yaml service1.yaml web.yaml10-kubeadm.conf deploy.yaml ingress-nginx-rule.yaml recommended.yaml secret-vol.yaml sts.yamladmin.conf deploy.yaml.1 job.yaml redis.properties secret.yaml web1.yaml[root@master ~]# cat redis.propertiesredis.host=127.0.0.1redis.port=6379redis.password=123456
2.创建configmap
[root@master ~]# kubectl create configmap redis-config --from-file=redis.propertiesconfigmap/redis-config created[root@master ~]# kubectl get configmapNAME DATA AGEkube-root-ca.crt 1 3d23hredis-config 1 57s[root@master ~]# kubectl describe configmap redis-config #查看详细信息Name: redis-configNamespace: defaultLabels: <none>Annotations: <none>Data====redis.properties:----redis.host=127.0.0.1redis.port=6379redis.password=123456Events: <none>[root@master ~]#
3.以Volume挂载到pod容器中
[root@master ~]# rz[root@master ~]# ls10-flannel.conflist cm.yaml deploy.yaml.1 job.yaml redis.properties secret.yaml web1.yaml10-kubeadm.conf cronjob.yaml ds.yaml kube-flannel.yml secret-var.yaml service1.yaml web.yamladmin.conf deploy.yaml ingress-nginx-rule.yaml recommended.yaml secret-vol.yaml sts.yaml[root@master ~]# kubectl apply -f cm.yamlpod/mypod created[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-489bb 1/1 Running 0 23mds-test-4rvcr 1/1 Running 0 23mds-test-nx6kt 1/1 Running 0 23mhello-1623240120-bmvzz 0/1 Completed 0 2m50shello-1623240180-wj9tn 0/1 Completed 0 110shello-1623240240-57chm 0/1 Completed 0 49smypod 0/1 ContainerCreating 0 13stomcat-7d987c7694-kw6xs 1/1 Running 0 23mweb-5bb6fd4c98-9zqzg 1/1 Running 0 23mweb-5bb6fd4c98-d7gqr 1/1 Running 0 23m[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-489bb 1/1 Running 0 23mds-test-4rvcr 1/1 Running 0 23mds-test-nx6kt 1/1 Running 0 23mhello-1623240120-bmvzz 0/1 Completed 0 3m18shello-1623240180-wj9tn 0/1 Completed 0 2m18shello-1623240240-57chm 0/1 Completed 0 77shello-1623240300-f7s9w 0/1 ContainerCreating 0 17smypod 0/1 Completed 0 41stomcat-7d987c7694-kw6xs 1/1 Running 0 23mweb-5bb6fd4c98-9zqzg 1/1 Running 0 23mweb-5bb6fd4c98-d7gqr 1/1 Running 0 23m[root@master ~]# kubectl logs mypodredis.host=127.0.0.1redis.port=6379redis.password=123456
4.以变量形式挂载到pod容器中
(1)创建yaml,声明变量信息,configmap创建
(2)以变量挂载
root@master ~]# rz[root@master ~]# ls10-flannel.conflist cm.yaml deploy.yaml.1 job.yaml recommended.yaml secret-vol.yaml sts.yaml10-kubeadm.conf cronjob.yaml ds.yaml kube-flannel.yml redis.properties secret.yaml web1.yamladmin.conf deploy.yaml ingress-nginx-rule.yaml myconfig.yaml secret-var.yaml service1.yaml web.yaml[root@master ~]# cat myconfig.yamlapiVersion: v1kind: ConfigMapmetadata: name: myconfig namespace: defaultdata: special.level: info special.type: hello[root@master ~]# kubectl apply -f myconfig.yamlconfigmap/myconfig created[root@master ~]# kubetcl get myconfig.yaml-bash: kubetcl: command not found[root@master ~]# kubectl get configmapNAME DATA AGEkube-root-ca.crt 1 3d23hmyconfig 2 67sredis-config 1 23m
[root@master ~]# rz[root@master ~]# ls10-flannel.conflist config-var.yaml ds.yaml myconfig.yaml secret-vol.yaml web1.yaml10-kubeadm.conf cronjob.yaml ingress-nginx-rule.yaml recommended.yaml secret.yaml web.yamladmin.conf deploy.yaml job.yaml redis.properties service1.yamlcm.yaml deploy.yaml.1 kube-flannel.yml secret-var.yaml sts.yaml[root@master ~]# kubectl apply -f config-var.yamlpod/mypod created[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-489bb 1/1 Running 0 38mds-test-4rvcr 1/1 Running 0 38mds-test-nx6kt 1/1 Running 0 38mhello-1623241020-lfsc8 0/1 Completed 0 2m34shello-1623241080-j9ts8 0/1 Completed 0 94shello-1623241140-lqwzz 0/1 Completed 0 33smypod 0/1 ContainerCreating 0 12stomcat-7d987c7694-kw6xs 1/1 Running 0 38mweb-5bb6fd4c98-9zqzg 1/1 Running 0 38mweb-5bb6fd4c98-d7gqr 1/1 Running 0 38m[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEds-test-489bb 1/1 Running 0 38mds-test-4rvcr 1/1 Running 0 38mds-test-nx6kt 1/1 Running 0 38mhello-1623241020-lfsc8 0/1 Completed 0 2m47shello-1623241080-j9ts8 0/1 Completed 0 107shello-1623241140-lqwzz 0/1 Completed 0 46smypod 0/1 Completed 0 25stomcat-7d987c7694-kw6xs 1/1 Running 0 38mweb-5bb6fd4c98-9zqzg 1/1 Running 0 38mweb-5bb6fd4c98-d7gqr 1/1 Running 0 38m[root@master ~]# kubectl get configmapNAME DATA AGEkube-root-ca.crt 1 3d23hmyconfig 2 5m48sredis-config 1 28m[root@master ~]# kubectl logs mypodinfo hello[root@master ~]#
B站学习网址:k8s教程由浅入深-尚硅谷_哔哩哔哩_bilibili
开源、云原生的融合云平台
更多推荐
0
0- 0
已为社区贡献1条内容
所有评论(0)