docker容器編排工具
k8s,messos,swarm(目前幾乎只有k8s一家獨大)
k8s最主要的4大功能: #https://kubernetes.io/zh
1:故障自愈
重新啟動失敗的容器。
2:服務發現和負載均衡
3:灰度發布,一鍵回滾
4:自動伸縮(自動擴容和自動縮容)
使用簡單的命令或者UI,或者根據CPU使用情況,自動調整應用程序副本數
=====================================================================
創建第一個k8s容器
k8s的容器 叫 Pod :
(最小的單位是Pod,一個Pod就是一個容器)
1:編寫一個pod文件
[root@k8s-master ~]# vim k8s_pod.yml
apiVersion: v1 #定義k8s api的版本v1
kind: Pod #kind資源 Pod
metadata: #屬性,名字叫nginx,標簽叫app : web(鍵值對)
name: nginx
labels:
app: web
spec: #詳細
containers: #容器信息
- name: nginx #容器叫nginx
image: 192.168.6.129:5000/nginx:latest #使用的鏡像
ports: #容器開放的端口
- containerPort: 80
2:下載一個nginx, 然后打tag。在push到我們的私有倉庫上面。
[root@k8s-master ~]# docker pull nginx
Using default tag: latest
Trying to pull repository docker.io/library/nginx ...
latest: Pulling from docker.io/library/nginx
8d691f585fa8: Pull complete
5b07f4e08ad0: Pull complete
abc291867bca: Pull complete
Digest: sha256:922c815aa4df050d4df476e92daed4231f466acc8ee90e0e774951b0fd7195a4
[root@k8s-master ~]# docker tag nginx:latest 192.168.6.129:5000/nginx:latest
[root@k8s-master ~]#
[root@k8s-master ~]#
[root@k8s-master ~]# docker push 192.168.6.129:5000/busybox:latest
The push refers to a repository [192.168.6.129:5000/busybox]
1da8e4c8d307: Pushed
latest: digest: sha256:679b1c1058c1f2dc59a3ee70eed986a88811c0205c8ceea57cec5f22d2c3fbb1 size: 527
[root@k8s-master ~]#
3: 創建
[root@k8s-master ~]# kubectl create -f k8s_pod.yml
pod "nginx" created
[root@k8s-master ~]#
如果報錯,請修改 :
[root@k8s-master ~]# vim /etc/kubernetes/apiserver
刪除ServiceAccount字段。
重啟k8s - api
[root@k8s-master ~]# systemctl restart kube-apiserver.service
4: 查詢pod
[root@k8s-master ~]# kubectl get pod #一直處於創建,肯定不正常,正常應該是1/1
NAME READY STATUS RESTARTS AGE
nginx 0/1 ContainerCreating 0 4m
5: k8s pod排錯命令 describe
[root@k8s-master ~]# kubectl describe pod nginx
Name: nginx
Namespace: default
Node: k8s-node-2/192.168.6.131
Start Time: Sat, 16 Nov 2019 22:51:44 +0800
.........
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
5m 5m 1 {default-scheduler } Normal Scheduled Successfully assigned nginx to k8s-node-2
5m 2m 5 {kubelet k8s-node-2} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
4m 9s 19 {kubelet k8s-node-2} Warning FailedSynError syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
#證書沒有
#解決方法
1: 下載 官方的rpm
[root@k8s-master ~]#wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
2: 導入
[root@k8s-master ~]#rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem
3:安裝完成后,我們把這個鏡像 pull下來 ,鏡像有點大,下載會比較慢
[root@k8s-master ~]#docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
4: 打tag 把 pod-infrastructure:latest 傳到我們的私有倉庫
[root@k8s-master ~]#docker tag registry.access.redhat.com/rhel7/pod-infrastructure:latest 192.168.6.129:5000/pod-infrastructure:latest
[root@k8s-master ~]#docker push 192.168.6.129:5000/pod-infrastructure:latest
5:如下操作,在兩台node-1 。Node-2 上面操作
修改k8s配置,把紅帽官網的下載地址,改成我們的私有倉庫的鏡像地址
[root@k8s-node-1 ~]# vim /etc/kubernetes/kubelet
改成我們私有倉庫的:
6:重啟kubelet
[root@k8s-node-1 ~]# systemctl restart kubelet.service
#再去主看剛才pod狀態
[root@k8s-master ~]# kubectl describe pod nginx
11m 40s 7 {kubelet k8s-node-2} spec.containers{nginx} Normal Pulling pulling image "192.168.6.129:5000/nginx:latest"
11m 33s 2 {kubelet k8s-node-2} Warning MissingClusterDNS kubelet does not have ClusterDNS IP configured and cannot create Pod using "ClusterFirst" policy. Falling back to DNSDefault policy.
33s 33s 1 {kubelet k8s-node-2} spec.containers{nginx} Normal Pulled Successfully pulled image "192.168.6.129:5000/nginx:latest"
33s 33s 1 {kubelet k8s-node-2} spec.containers{nginx} Normal Created Created container with docker id 1ed4475247b1; Security:[seccomp=unconfined]
32s 32s 1 {kubelet k8s-node-2} spec.containers{nginx} Normal Started Started container with docker id 1ed4475247b1
#狀態改變了,1/1 Runing 了
[root@k8s-master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 1d
[root@k8s-master ~]#
查看更詳細信息:
Kubectl get pod -o wide
Node-2 : 會發現pod容器起了兩個 (起一個pod,docker就會創建兩個)
Docker 啟動了兩個容器:
192.168.6.129:5000/nginx:latest (docker inspect 會發現沒有IP)
192.168.6.129:5000/pod-infrastructure:latest (docker inspect 有IP地址)
這里就是用到了Container 網絡共享。
具體請看:https://www.cnblogs.com/jim-xu/p/11795406.html
《注意:》
兩個容器要死就會一起死,要活一起活