第一章、k8s中的資源
1.什么叫資源?
k8s中所有的內容都抽象為資源, 資源實例化之后,叫做對象
2.在k8s中有哪些資源?
工作負載型資源(workload): Pod ReplicaSet Deployment StatefulSet DaemonSet Job CronJob (ReplicationController在v1.11版本被廢棄)
服務發現及負載均衡型資源(ServiceDiscovery LoadBalance): Service Ingress, ...
配置與存儲型資源: Volume(存儲卷) CSI(容器存儲接口,可以擴展各種各樣的第三方存儲卷)
特殊類型的存儲卷:ConfigMap(當配置中心來使用的資源類型)Secret(保存敏感數據) DownwardAPI(把外部環境中的信息輸出給容器)
以上這些資源都是配置在名稱空間級別
集群級資源:Namespace Node Role ClusterRole RoleBinding(角色綁定) ClusterRoleBinding(集群角色綁定)
元數據型資源:HPA(Pod水平擴展) PodTemplate(Pod模板,用於讓控制器創建Pod時使用的模板) LimitRange(用來定義硬件資源限制的)
第二章、資源清單
1.什么是資源清單
在k8s中,一般使用yaml格式的文件來創建符合我們預期期望的pod,這樣的yaml文件我們一般稱為資源清單
2.資源清單的格式
apiVersion: group/apiversion # 如果沒有給定group名稱,那么默認為croe,可以使用kubectl api-versions 獲取當前k8s版本上所有的apiVersion版本信息(每個版本可能不同) kind: #資源類別 metadata: #資源元數據 name namespace #k8s自身的namespace lables annotations #主要目的是方便用戶閱讀查找 spec:期望的狀態(disired state) status:當前狀態,本字段有kubernetes自身維護,用戶不能去定義
#配置清單主要有五個一級字段,其中status用戶不能定義,有k8s自身維護
3.獲取資源的apiVersion版本及資源配置的幫助
1)獲取apiVersion版本信息
[root@k8s-master01 ~]# kubectl api-versions admissionregistration.k8s.io/v1beta1 apiextensions.k8s.io/v1beta1 apiregistration.k8s.io/v1 apiregistration.k8s.io/v1beta1 apps/v1 apps/v1beta1 apps/v1beta2 authentication.k8s.io/v1 authentication.k8s.io/v1beta1 authorization.k8s.io/v1 authorization.k8s.io/v1beta1 autoscaling/v1 autoscaling/v2beta1 batch/v1 ......(以下省略)
2)獲取資源的apiVersion版本信息
[root@k8s-master01 ~]# kubectl explain pod KIND: Pod VERSION: v1 .....(以下省略) [root@k8s-master01 ~]# kubectl explain Ingress KIND: Ingress VERSION: extensions/v1beta1
#可以看到出來,不同的資源可能屬於不同的apiVersion版本
3)獲取資源配置清單中字段設置幫助文檔(以pod為例)
獲取pod資源的配置清單一級字段
[root@k8s-master01 ~]# kubectl explain pod KIND: Pod VERSION: v1 DESCRIPTION: Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts. FIELDS: apiVersion <string> APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources kind <string> Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
........
........
獲取pod資源的配置清單二級級其他級別的字段
[root@k8s-master01 ~]# kubectl explain pod.metadata #查看一級字段中有哪些二級字段,字段的上下級以 "." 定義 KIND: Pod VERSION: v1 RESOURCE: metadata <Object> DESCRIPTION: Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. ........
-------------
[root@k8s-master01 ~]# kubectl explain pod.metadata.labels #查看二級字段中有哪些三級字段 KIND: Pod VERSION: v1 FIELD: labels <map[string]string> DESCRIPTION: Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
字段配置的格式
幫助信息中常見格式如下: apiVersion <string> #表示字符串類型 metadata <Object> #表示需要嵌套多層字段 labels <map[string]string> #表示由k:v組成的映射 finalizers <[]string> #表示字串列表 ownerReferences <[]Object> #表示對象列表
hostPID <boolean> #布爾類型
priority <integer> #整型
name <string> -required- #如果類型后面接 -required-,表示為必填字段
第四章、創建一個配置清單實例
1.以pod為例,創建一個簡單的yaml文件
[root@k8s-master01 ~]# mkdir manifests [root@k8s-master01 ~]# cd manifests/ [root@k8s-master01 manifests]# cat pod-demo.yaml apiVersion: v1 kind: Pod metadata: name: pod-demo labels: app: myapp #給自己打上標簽 tier: frontend spec: containers: #創建了兩個容器 - name: nginx image: ikubernetes/myapp:v1 - name: tomcat image: tomcat:7-alpine [root@k8s-master01 manifests]# kubectl create -f pod-demo.yaml #使用create 子命令以yaml文件的方式啟動pod [root@k8s-master01 manifests]# kubectl get pod #主要查看pod的狀態是否支持,因為有一個以上的pod,READY段需要注意pod中的容器是否全部就緒 NAME READY STATUS RESTARTS AGE ...... pod-demo 2/2 Running 0 2h
為了便於訪問,我們再創建一個service便於外部訪問測試
[root@k8s-master01 manifests]# cat svc-demo.yaml apiVersion: v1 kind: Service #主要類型 metadata: name: test-service labels: app1: nginx app2: tomcat spec: ports: #暴露的端口設置 - name: nginx port: 80 #service的端口 targetPort: 80 #pod上暴露的端口 nodePort: 32080 #Node上暴露的端口,需要注意的是,Node只能暴露30000-32767之間的端口 - name: tomcat port: 8080 targetPort: 8080 nodePort: 32088 selector: app: myapp type: NodePort #service 端口暴露的類型,默認是ClusterIP [root@k8s-master01 manifests]# kubectl create -f svc-demo.yaml
[root@k8s-master01 manifests]# kubectl get svc -o wide #查看svc的狀態
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
.......
test-service NodePort 10.108.230.27 <none> 80:32080/TCP,8080:32088/TCP 22m app=myapp #根據暴露的端口,加上任意集群的IP地址進行訪問
2.pod資源清單示例
[root@k8s-master01 ~]# kubectl get pod #查看集群中pod的狀態,選取一個之前使用命令行狀態下創建的pod NAME READY STATUS RESTARTS AGE client 0/1 Completed 0 19h myapp-6d6f569fd5-rtgt9 1/1 Running 0 19h myapp-6d6f569fd5-tjpfn 1/1 Running 0 19h myapp-6d6f569fd5-tqq5z 1/1 Running 0 19h nginx 1/1 Running 0 16h nginx-deploy-7db697dfbd-2qh7v 1/1 Running 0 20h nginx-deploy-7db697dfbd-gskcv 1/1 Running 0 20h nginx-deploy-7db697dfbd-ssws8 1/1 Running 0 20h [root@k8s-master01 ~]# kubectl get pod nginx-deploy-7db697dfbd-2qh7v -o yaml #使用 -o 參數 加yaml,可以將資源的配置以 yaml的格式輸出出來,也可以使用json,輸出為json格式 apiVersion: v1 kind: Pod metadata: creationTimestamp: 2018-10-30T05:40:55Z generateName: nginx-deploy-7db697dfbd- labels: pod-template-hash: "3862538968" run: nginx-deploy name: nginx-deploy-7db697dfbd-2qh7v namespace: default ownerReferences: - apiVersion: extensions/v1beta1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: nginx-deploy-7db697dfbd uid: 0eef9e1c-dbf0-11e8-8969-5254001b07db resourceVersion: "15622" selfLink: /api/v1/namespaces/default/pods/nginx-deploy-7db697dfbd-2qh7v uid: 5ee94f2a-dc06-11e8-8969-5254001b07db spec: containers: - image: nginx:1.14-alpine imagePullPolicy: IfNotPresent name: nginx-deploy ports: - containerPort: 80 protocol: TCP resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: default-token-tcwjz readOnly: true dnsPolicy: ClusterFirst nodeName: k8s-node02 restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: default serviceAccountName: default terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: default-token-tcwjz secret: defaultMode: 420 secretName: default-token-tcwjz status: conditions: - lastProbeTime: null lastTransitionTime: 2018-10-30T05:40:55Z status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: 2018-10-30T05:41:06Z status: "True" type: Ready - lastProbeTime: null lastTransitionTime: 2018-10-30T05:40:55Z status: "True" type: PodScheduled containerStatuses: - containerID: docker://b75740e5919bd975755b256c83e03b63ea95cf2307ffc606abd03b59fea6634a image: docker.io/nginx:1.14-alpine imageID: docker-pullable://docker.io/nginx@sha256:8976218be775f4244df2a60a169d44606b6978bac4375192074cefc0c7824ddf lastState: {} name: nginx-deploy ready: true restartCount: 0 state: running: startedAt: 2018-10-30T05:41:06Z hostIP: 172.16.150.214 phase: Running podIP: 10.244.2.7 qosClass: BestEffort startTime: 2018-10-30T05:40:55Z