一、namespace 命名空间

对资源进行分组

1、查看命名空间

[root@k8s-master ~]# kubectl get ns
NAME              STATUS   AGE
default           Active   45h
kube-node-lease   Active   45h
kube-public       Active   45h
kube-system       Active   45h

// 默认使用default命名空间 
[root@k8s-master ~]# kubectl get pod 
No resources found in default namespace.

[root@k8s-master ~]# kubectl get pod -n kube-system 
NAME                                           READY   STATUS    RESTARTS      AGE
calico-kube-controllers-5fc7d6cf67-jg28l       1/1     Running   1 (16m ago)   45h
calico-node-2wdsg                              1/1     Running   1 (16m ago)   45h
calico-node-dt9n9                              1/1     Running   1 (41h ago)   45h
calico-node-nskx9                              1/1     Running   1 (16m ago)   45h
coredns-5f98f8d567-ghrpr                       1/1     Running   1 (17m ago)   45h
coredns-5f98f8d567-txgzh                       1/1     Running   1 (17m ago)   45h
etcd-k8s-master.linux.com                      1/1     Running   1 (17m ago)   45h
kube-apiserver-k8s-master.linux.com            1/1     Running   1 (17m ago)   45h
kube-controller-manager-k8s-master.linux.com   1/1     Running   1 (17m ago)   45h
kube-proxy-945mx                               1/1     Running   1 (16m ago)   45h
kube-proxy-hmnrm                               1/1     Running   1 (16m ago)   45h
kube-proxy-j5hnw                               1/1     Running   1 (41h ago)   45h
kube-scheduler-k8s-master.linux.com            1/1     Running   1 (17m ago)   45h

2、创建命名空间

2.1 命令行方式

[root@k8s-master ~]# kubectl create ns game
namespace/game created

[root@k8s-master ~]# kubectl get ns
NAME              STATUS   AGE
default           Active   45h
game              Active   26s
kube-node-lease   Active   45h
kube-public       Active   45h
kube-system       Active   45h

2.2 编排 yaml文件

apiVersion: v1
kind: Namespace
metadata:
    name: web
[root@k8s-master namespace]# kubectl create -f web.yaml 
namespace/web created

[root@k8s-master namespace]# kubectl get ns
NAME              STATUS   AGE
default           Active   22h
game              Active   <invalid>
kube-node-lease   Active   22h
kube-public       Active   22h
kube-system       Active   22h
web               Active   14s

[root@k8s-master namespace]# kubectl delete -f web.yaml 
namespace "web" deleted

二、pod

1. pod介绍

pod是k8s集群所能管理的最小单位
相当于装载容器的箱子
实际应用:一个pod对应一个容器
底层设计: k8s会使用pause镜像自动创建一个管理容器,用于容器的管理操作(IP、持久化)

2、创建pod

apiVersion: v1
kind: Pod
metadata:
    name: test1-pod
    namespace: web
spec:
    containers:
      - name: test1-pod
        image: centos:7
        imagePullPolicy: IfNotPresent
        command:
        - sleep
        - "3600"
[root@k8s-master podTest]# kubectl create -f test1-pod.yaml 
pod/test1-pod created

[root@k8s-master ~]# kubectl get pod -n web
NAME        READY   STATUS    RESTARTS   AGE
test1-pod   1/1     Running   0          3m42s

3、pod常用管理命令

3.1 查看pod

[root@k8s-master ~]# kubectl get pod
No resources found in default namespace.

[root@k8s-master ~]# kubectl get pod -n web
NAME        READY   STATUS    RESTARTS   AGE
test1-pod   1/1     Running   0          5m13s

[root@k8s-master ~]# kubectl get pod -n web -o wide 
NAME        READY   STATUS    RESTARTS   AGE     IP              NODE                   NOMINATED NODE   READINESS GATES
test1-pod   1/1     Running   0          5m34s   10.88.201.193   k8s-node01.linux.com   <none>           <none>
[root@k8s-master ~]# 

[root@k8s-master ~]# kubectl get pod -A 
NAMESPACE     NAME                                           READY   STATUS    RESTARTS   AGE
kube-system   calico-kube-controllers-5fc7d6cf67-64t6d       1/1     Running   0          5m5s
kube-system   calico-node-7q4g9                              1/1     Running   0          5m5s
kube-system   calico-node-s9mzk                              1/1     Running   0          5m5s
kube-system   calico-node-spbn7                              1/1     Running   0          5m5s
kube-system   coredns-5f98f8d567-9dp6s                       1/1     Running   0          121d
kube-system   coredns-5f98f8d567-vm5lr                       1/1     Running   0          121d
kube-system   etcd-k8s-master.linux.com                      1/1     Running   0          121d
kube-system   kube-apiserver-k8s-master.linux.com            1/1     Running   0          121d
kube-system   kube-controller-manager-k8s-master.linux.com   1/1     Running   0          121d
kube-system   kube-proxy-7mm59                               1/1     Running   0          121d
kube-system   kube-proxy-bqs59                               1/1     Running   0          121d
kube-system   kube-proxy-l8rbw                               1/1     Running   0          121d
kube-system   kube-scheduler-k8s-master.linux.com            1/1     Running   0          121d
web           test1-pod                                      1/1     Running   0          7m8s

3.2 查看pod创建过程

[root@k8s-master ~]# kubectl describe pod test1-pod -n web 
Name:             test1-pod
Namespace:        web
Priority:         0
Service Account:  default
Node:             k8s-node01.linux.com/192.168.140.11
Start Time:       Thu, 25 Jul 2024 10:36:28 +0800
Labels:           <none>
Annotations:      cni.projectcalico.org/containerID: 037da75c3014be7189264121e0545b47236eeac293fe6dd0d5f573c957d8854a
                  cni.projectcalico.org/podIP: 10.88.201.193/32
                  cni.projectcalico.org/podIPs: 10.88.201.193/32
Status:           Running
IP:               10.88.201.193
IPs:
  IP:  10.88.201.193
Containers:
  test1-pod:
    Container ID:  containerd://3aac04ec29b3f296236e0b6ab30427570adc677a9e1ff6f4416265a50d4b7c28
    Image:         centos:7
    Image ID:      sha256:eeb6ee3f44bd0b5103bb561b4c16bcb82328cfe5809ab675bb17ab3a16c517c9
    Port:          <none>
    Host Port:     <none>
    Command:
      sleep
      3600
    State:          Running
      Started:      Thu, 25 Jul 2024 10:38:41 +0800
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-phlsw (ro)
Conditions:
  Type                        Status
  PodReadyToStartContainers   True 
  Initialized                 True 
  Ready                       True 
  ContainersReady             True 
  PodScheduled                True 
Volumes:
  kube-api-access-phlsw:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason                  Age                   From               Message
  ----     ------                  ----                  ----               -------
  Normal   Scheduled               10m                   default-scheduler  Successfully assigned web/test1-pod to k8s-node01.linux.com
  Warning  FailedCreatePodSandBox  10m                   kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "2d096cf4d2efb1d03d177ca4e98af323886172eca46c5956ebb98b9c440528d6": plugin type="calico" failed (add): error getting ClusterInformation: connection is unauthorized: Unauthorized
  Normal   SandboxChanged          8m29s (x11 over 10m)  kubelet            Pod sandbox changed, it will be killed and re-created.
  Normal   Pulled                  8m28s                 kubelet            Container image "centos:7" already present on machine
  Normal   Created                 8m28s                 kubelet            Created container test1-pod
  Normal   Started                 8m28s                 kubelet            Started container test1-pod

3.3 查看日志

[root@k8s-master ~]# kubectl logs test1-pod -n web

3.4 连接登录

[root@k8s-master ~]# kubectl exec -ti test1-pod -n web bash

3.5 物理机、pod间拷贝文件

[root@k8s-master ~]# kubectl cp file01 test1-pod:/file01 -n web

[root@k8s-master ~]# kubectl exec -ti test1-pod -n web ls /
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
anaconda-post.log  dev	file01	lib    media  opt   root  sbin	sys  usr
bin		   etc	home	lib64  mnt    proc  run   srv	tmp  var
[root@k8s-master ~]# 

4、pod常用选项

  • 指定容器名称
name: xxxx
  • 指定镜像名称
image: xxxxx
  • 指定镜像下载策略
imagePullPolicy: [Always|IfNotPresent|Never]
  • 指定容器自动执行的命令
command:
 - sleep
 - "3600"
  • 指定命令的参数
command:
 - sleep
args:
 - "3600"
  • 说明容器中的服务端口
ports:
 - containerPort: 80
  • 传递环境变量
env:
 - name: 变量名称
  value:
  • 资源限制
resources:
		requests:
				cpu: "2000m"
				memory: "2G"
		limits:
				cpu: "4000m"
				memory: "4G"

1000毫核 = 1核

三、pod健康状态检测机制

1、健康状态检查探针

  • livenessprobe
    检测pod是否正常启动

  • readnessprobe
    检测pod是否能正常接收请求

2、健康状态检查的方式

  • httpGet
    发送http请求,检测状态码200-400间,说明服务健康,否则不健康
        readinessProbe:
          httpGet:
            path: /test
            port: 80
            scheme: HTTP
          initialDelaySeconds: 10			// 延迟时间
          periodSeconds: 10						// 周期,频率
          successThreshold: 3					// 故障后恢复的检测次数
          timeoutSeconds: 1						// 超时时间
  • tcpSocket
    针对所有tcp服务
        livenessProbe:
          tcpSocket:
            port: 6379
          initialDelaySeconds: 10			// 延迟时间
          periodSeconds: 10						// 周期,频率
          successThreshold: 3					// 故障后恢复的检测次数
          timeoutSeconds: 1						// 超时时间
  • exec
    执行shell命令,判断命令的状态码
        readinessProbe:
          exec:
            - rpm 
            - -q
            - httpd
          initialDelaySeconds: 10			// 延迟时间
          periodSeconds: 10						// 周期,频率
          successThreshold: 3					// 故障后恢复的检测次数
          timeoutSeconds: 1						// 超时时间
apiVersion: v1
kind: Pod
metadata:
  name: web_db
spec:
  containers:
  - name: mysql
    image: mysql:8.0
    imagePullPolicy: IfNotPresent
    resources:
      limits:
        cpu: "2"
        memory: "4Gi"
      requests:
        cpu: "1"
        memory: "2Gi"
    readinessProbe:
      exec:
        command:
        - mysqladmin
        - ping
      initialDelaySeconds: 5
      periodSeconds: 2
Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐