概念

常用命令

本部分通过一个示例展示 K8S 的基本操作，具体包括：创建集群、部署应用、外部访问应用、扩展应用、升级应用等。

kubectl version
kubectl version --short

kubectl cluster-info
kubectl cluster-info dump

kubectl get nodes
kubectl get nodes -o wide
kubectl get nodes -o wide --show-labels

kubectl get pods
kubectl get pods --all-namespaces
kubectl get pods --all-namespaces -o wide
kubectl get pods --all-namespaces --show-labels

kubectl create deployment helloworld --image=gcr.io/google-samples/kubernetes-bootcamp:v1

kubectl get all

$ kubectl proxy
Starting to serve on 127.0.0.1:8001

curl http://127.0.0.1:8001/version
curl http://127.0.0.1:8001/api/v1/namespaces/default/pods/$POD_NAME

kubectl logs helloworld-7bf845589-mb92f

kubectl exec helloworld-7bf845589-mb92f env
kubectl exec helloworld-7bf845589-mb92f ip a
kubectl exec helloworld-7bf845589-mb92f hostname
kubectl exec helloworld-7bf845589-mb92f curl http://127.0.0.1:8080

kubectl exec -it helloworld-7bf845589-mb92f bash

kubectl get svc

kubectl expose deployment helloworld --type='NodePort' --port=8080

curl http://192.168.100.101:31012

kubectl describe deployment helloworld
kubectl describe pod/helloworld-7bf845589-mb92f
kubectl describe service/helloworld
kubectl describe replicaset helloworld-7bf845589

kubectl get pod --show-labels
kubectl get pod helloworld-7bf845589-mb92f --show-labels
kubectl label pod helloworld-7bf845589-mb92f tester=kylin
kubectl get pods -l tester=kylin
kubectl label pod helloworld-7bf845589-mb92f tester-

kubectl get rs

kubectl scale deployment/helloworld --replicas=4

kubectl set image deployments/helloworld kubernetes-bootcamp=gcr.io/google-samples/kubernetes-bootcamp:v2

kubectl rollout status deployments/helloworld

kubectl rollout undo deployment/helloworld
kubectl rollout history deployments/helloworld

kubectl delete all --all

容器类型

Init Containers

Init Containers 是 APP Containers 启动之前运行的容器，特点：

• 一个 POD 中可以有多个 Init Containers

• Init Containers 总是运行结束后退出

• 每一个 init container 必需运行成功退出后，下一个 container 才可以运行

// 1. pod yaml
cat <<EOF > ./pod-init.yaml
apiVersion: v1
kind: Pod
metadata:
  name: myapp-pod
  labels:
    app: myapp
spec:
  containers:
  - name: myapp-container
    image: busybox:1.28
    command: ['sh', '-c', 'echo The app is running! && sleep 3600']
  initContainers:
  - name: init-myservice
    image: busybox:1.28
    command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;']
  - name: init-mydb
    image: busybox:1.28
    command: ['sh', '-c', 'until nslookup mydb; do echo waiting for mydb; sleep 2; done;']
EOF

// 2. create pod
kubectl create -f pod-init.yaml

// 3. get pods
# kubectl get pods --no-headers
myapp-pod   0/1   Init:0/2   0     44s

// 4. get pod details
kubectl describe pod myapp-pod

// 5. create svc 1
cat <<EOF > ./svc-1.yaml
apiVersion: v1
kind: Service
metadata:
  name: myservice
spec:
  ports:
  - protocol: TCP
    port: 80
    targetPort: 9376
EOF

kubectl create -f svc-1.yaml

// 6. get pods
# kubectl get pods --no-headers
myapp-pod   0/1   Init:1/2   0     7m10s

// 7. create svc2
cat <<EOF > ./svc-2.yaml
apiVersion: v1
kind: Service
metadata:
  name: mydb
spec:
  ports:
  - protocol: TCP
    port: 80
    targetPort: 9377
EOF

kubectl create -f svc-2.yaml

// 8. get pods
# kubectl get pods --no-headers
myapp-pod   1/1   Running   0     9m27s

Static Pod

// 1. yaml
cat <<EOF > ./myservice.yaml
apiVersion: v1
kind: Pod
metadata:
  name: myservice
spec:
  containers:
    - name: myservice
      image: nginx
      ports:
        - name: web
          containerPort: 80
          protocol: TCP
EOF

// 2. place to manifests
cd /etc/kubernetes/manifests/
cp myservice.yaml ./

// 3. verify the manifests path
# cat /var/lib/kubelet/config.yaml | grep staticPodPath
staticPodPath: /etc/kubernetes/manifests

// 4. restart service
systemctl restart kubelet

Pod 中多个容器

// 1. yaml
cat <<EOF > ./containers.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: kucc4
  name: kucc4
spec:
  containers:
  - image: nginx
    name: nginx
  - image: redis
    name: redis
  - image: memcached
    name: memcached
  - image: consul
    name: consul
EOF

// 2. create
kubectl create -f containers.yaml

// 3. get pods
# kubectl get pods -l run=kucc4 --no-headers
kucc4   4/4   Running   0     80s

// 4. view specific contains log
kubectl logs kucc4 redis

亲和性策略

nodeSelector

kubectl label node machine03.example.com disk=ssd

kubectl get nodes -l disk=ssd

// create pod yaml
cat <<EOF > ./pod-nginx.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: nginx
  name: nginx
spec:
  containers:
  - image: nginx
    name: nginx
    ports:
    - containerPort: 80
    resources: {}
  nodeSelector:
    disk: ssd
  dnsPolicy: ClusterFirst
  restartPolicy: Always
EOF

// create pod
kubectl create -f pod-nginx.yaml

# kubectl get pods -o wide --no-headers
nginx   1/1   Running   0     64s   192.168.208.224   machine03.example.com   <none>   <none>

Node affinity

kubectl label node machine03.example.com example.com/zone=zone1

kubectl get nodes -l example.com/zone=zone1

// create pod yaml
cat <<EOF > ./pod-nginx.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: nginx
  name: nginx
spec:
  containers:
  - image: nginx
    name: nginx
    ports:
    - containerPort: 80
    resources: {}
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
       nodeSelectorTerms:
       - matchExpressions:
         - key: example.com/zone
           operator: In
           values:
           - zone1
           - zone2
      preferredDuringSchedulingIgnoredDuringExecution:
      - weight: 1
        preference:
          matchExpressions:
          - key: example.com/disk
            operator: In
            values:
            - ssd
  dnsPolicy: ClusterFirst
  restartPolicy: Always
EOF

// create pod
kubectl create -f pod-nginx.yaml

# kubectl get pods -o wide --no-headers
nginx   1/1   Running   0     64s   192.168.208.224   machine03.example.com   <none>   <none>

Pod affinity

nodeName

// create pod yaml
cat <<EOF > ./pod-nginx.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: nginx
  name: nginx
spec:
  containers:
  - image: nginx
    name: nginx
    ports:
    - containerPort: 80
    resources: {}
  nodeName: machine02.example.com
  dnsPolicy: ClusterFirst
  restartPolicy: Always
EOF

// create pod
kubectl create -f pod-nginx.yaml

# kubectl get pods -o wide --no-headers
nginx   1/1   Running   0     20s   192.168.251.35   machine02.example.com   <none>   <none>

DaemonSet

// create daemonset yaml
cat <<EOF > ./daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: nginx
spec:
  selector:
    matchLabels:
      name: nginx
  template:
    metadata:
      labels:
        name: nginx
    spec:
      containers:
      - name: nginx
        image: nginx
EOF

// create
kubectl create -f daemonset.yaml

# kubectl get pods -o wide --no-headers
nginx-8x4tq   1/1   Running   0     57s   192.168.251.38    machine02.example.com   <none>   <none>
nginx-krp9l   1/1   Running   0     57s   192.168.208.225   machine03.example.com   <none>   <none>

Tolerations

// create pod yaml
cat <<EOF > ./pod-nginx.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: nginx
  name: nginx
spec:
  containers:
  - image: nginx
    name: nginx
    ports:
    - containerPort: 80
    resources: {}
  tolerations:
  - key: "node-role.kubernetes.io/master"
    operator: "Exists"
    effect: "NoSchedule"
  dnsPolicy: ClusterFirst
  restartPolicy: Always
EOF

// create pod
kubectl create -f pod-nginx.yaml

# kubectl get pods -o wide --no-headers