1. k8s-pod常用管理命令
-
創建Pod:
kubectl apply -f pod.yaml kubectl run nginx --image=nginx -
查看Pod:
kubectl get pods kubectl describe pod <Pod名稱> -
查看日志:
kubectl logs <Pod名稱> [-c CONTAINER] kubectl logs <Pod名稱> [-c CONTAINER] -f -
進入容器終端:
kubectl exec <Pod名稱> [-c CONTAINER] --bash -
刪除Pod:
kubectl delete <Pod名稱> -
導出pod的yaml配置文件
[root@k8s-master yaml]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-6799fc88d8-s5wvx 1/1 Running 1 40h test-5f655598-5jfrt 1/1 Running 1 20h test-5f655598-bhhm4 1/1 Running 1 20h test-5f655598-v5l8f 1/1 Running 1 20h web-674477549d-flj78 1/1 Running 1 39h web-674477549d-m7lsj 1/1 Running 1 23h web-674477549d-stk84 1/1 Running 1 23h [root@k8s-master yaml]# kubectl get pods web-674477549d-flj78 -o yaml >web-pod.yaml
2. k8s-pod案例
2.1 實現網絡共享
2.1.1 導出配置文件,進行編寫案例
-
編寫導出的web-pod.yaml文件進行測試
[root@k8s-master yaml]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-6799fc88d8-s5wvx 1/1 Running 1 40h test-5f655598-5jfrt 1/1 Running 1 20h test-5f655598-bhhm4 1/1 Running 1 20h test-5f655598-v5l8f 1/1 Running 1 20h web-674477549d-flj78 1/1 Running 1 39h web-674477549d-m7lsj 1/1 Running 1 23h web-674477549d-stk84 1/1 Running 1 23h [root@k8s-master yaml]# kubectl get pods web-674477549d-flj78 -o yaml >web-pod.yaml [root@k8s-master yaml]# vim web-pod.yaml [root@k8s-master yaml]# cat web-pod.yaml apiVersion: v1 kind: Pod metadata: labels: app: pod-test name: pod-net-test namespace: default spec: containers: - image: busybox imagePullPolicy: Always name: pod-test command: ["/bin/sh"] args: - "-c" - "sleep 3000000" - image: nginx name: web
2.1.2 啟動配置文件
[root@k8s-master yaml]# kubectl apply -f web-pod.yaml
pod/pod-net-test created
2.1.3 監控pod是否啟動
[root@k8s-master yaml]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6799fc88d8-s5wvx 1/1 Running 1 41h
pod-net-test 0/2 ContainerCreating 0 19s
test-5f655598-5jfrt 1/1 Running 1 21h
test-5f655598-bhhm4 1/1 Running 1 21h
test-5f655598-v5l8f 1/1 Running 1 21h
web-674477549d-flj78 1/1 Running 1 40h
web-674477549d-m7lsj 1/1 Running 1 23h
web-674477549d-stk84 1/1 Running 1 23h
[root@k8s-master yaml]# kubectl get pods -w
NAME READY STATUS RESTARTS AGE
nginx-6799fc88d8-s5wvx 1/1 Running 1 41h
pod-net-test 2/2 Running 0 89s
test-5f655598-5jfrt 1/1 Running 1 21h
test-5f655598-bhhm4 1/1 Running 1 21h
test-5f655598-v5l8f 1/1 Running 1 21h
web-674477549d-flj78 1/1 Running 1 40h
web-674477549d-m7lsj 1/1 Running 1 23h
web-674477549d-stk84 1/1 Running 1 23h
- 注釋:這里注意一下,可以是 “-w ” 持續監聽pod狀態
2.1.4 進入pod
[root@k8s-master pod]# kubectl exec -it pods/pod-net-test -c pod-test -- /bin/sh
Defaulting container name to pod-test.
Use 'kubectl describe pod/pod-net-test -n default' to see all of the containers in this pod.
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 5A:C1:FA:25:85:C0
inet addr:10.244.169.139 Bcast:10.244.169.139 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1480 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:446 (446.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 :::80 :::* LISTEN -
- 注釋:
- exec: 進入參數
- -it: 分配一個偽終端
- pod-net-test: 為容器名稱
- -c pod-test: 指定容器名稱pod-test
- -- /bin/sh: 為使用的環境變量
2.1.5 我們驗證文件是不是nginx
-
我們進入nginx的容器里面,修改index.html文件進行驗證
[root@k8s-master yaml]# kubectl exec -it pod-net-test -c web -- /bin/bash root@pod-net-test:/# cd /usr/share/nginx/html/ root@pod-net-test:/usr/share/nginx/html# ls 50x.html index.html root@pod-net-test:/usr/share/nginx/html# echo 'pod-test' >index.html -
退出nginx容器,進入busybox進行wget下載,驗證文件是否是pod-test
[root@k8s-master yaml]# kubectl exec -it pod-net-test -c pod-test -- /bin/sh / # netstat -lntup Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN - tcp 0 0 :::80 :::* LISTEN - / # wget http://127.0.0.1:80 Connecting to 127.0.0.1:80 (127.0.0.1:80) saving to 'index.html' index.html 100% |************************************************************************************************************************************************| 9 0:00:00 ETA 'index.html' saved / # cat index.html pod-test -
小結:
-
我們在nginx啟動的時候,沒有ip add等相關命令,我們通過修改index.html文件進行驗證
-
注意使用進入命令的時候,一定要使用 “-c ” 參數區分進入那個容器
-
2.2 實現共享存儲
2.2.1 導出配置文件,進行編寫案例
-
進入目錄
[root@k8s-master ~]# cd /root/yaml/ [root@k8s-master yaml]# ll 總用量 24 -rw-r--r-- 1 root root 389 11月 27 21:22 my-deploy.yaml -rw-r--r-- 1 root root 3722 11月 28 10:48 my-get-deploy.yaml -rw-r--r--. 1 root root 538 11月 27 17:00 service-test.yaml -rw-r--r-- 1 root root 792 11月 29 08:09 web-disk-pod.yaml -rw-r--r-- 1 root root 302 11月 28 13:39 web-pod.yaml -rw-r--r--. 1 root root 777 11月 27 16:32 yaml-test.yaml -
編寫pod-volume-test.yaml配置文件
[root@k8s-master yaml]# vim pod-volume-test.yaml [root@k8s-master yaml]# cat pod-volume-test.yaml apiVersion: v1 kind: Pod metadata: labels: app: test name: pod-volume-test namespace: default spec: containers: - image: busybox imagePullPolicy: Always name: test command: ["/bin/sh"] args: - "-c" - "sleep 3000000" volumeMounts: #掛載到容器內部的存儲卷配置 - name: log # 引用pod定義的共享存儲卷的名稱 mountPath: /data #共享路徑文件夾 - image: nginx name: web volumeMounts: #掛載到容器內部的存儲卷配置 - name: log # 引用pod定義的共享存儲卷的名稱 mountPath: /data #共享路徑文件夾 #建立共享存儲卷 volumes: - name: log #共享存儲卷名稱 emptyDir: {}
2.2.2 創建共享磁盤
[root@k8s-master yaml]# mkdir -p /data
2.2.3 啟動服務
[root@k8s-master yaml]# kubectl apply -f pod-volume-test.yaml
pod/pod-volume-test created
2.2.4 查看服務是否啟動
[root@k8s-master yaml]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6799fc88d8-tfgfr 1/1 Running 0 30m
pod-volume-test 2/2 Running 0 2m37s
test-5f655598-j9rth 1/1 Running 0 30m
test-5f655598-kpp8k 1/1 Running 0 30m
test-5f655598-t6mfg 1/1 Running 0 30m
web-674477549d-7gqfr 1/1 Running 0 30m
web-674477549d-cttbc 1/1 Running 0 30m
web-674477549d-rrfqd 1/1 Running 0 30m
2.2.5 驗證數據卷是否被共享
-
進入pod容器,在web容器創建一個index.html,文件內容為 "pod volume test"
[root@k8s-master yaml]# kubectl exec -it pod-volume-test -c web -- /bin/bash root@pod-volume-test:/# cd /data/ root@pod-volume-test:/data# touch index.html root@pod-volume-test:/data# echo 'pod volume test ' >index.html root@pod-volume-test:/data# ls index.html -
進入容器test進行驗證,/data目錄下面是否有index.html文件,內容是否 “pod volume test”
[root@k8s-master yaml]# kubectl exec -it pod-volume-test -c test -- /bin/sh / # cd /data/ /data # ls index.html /data # cat index.html pod volume test
2.2.6 查看日志
-
查看web日志
[root@k8s-master ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-6799fc88d8-tfgfr 1/1 Running 0 54m pod-volume-test 2/2 Running 0 26m test-5f655598-j9rth 1/1 Running 0 54m test-5f655598-kpp8k 1/1 Running 0 54m test-5f655598-t6mfg 1/1 Running 0 54m web-674477549d-7gqfr 1/1 Running 0 54m web-674477549d-cttbc 1/1 Running 0 54m web-674477549d-rrfqd 1/1 Running 0 54m [root@k8s-master ~]# kubectl logs pod-volume-test -c web -f /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh 10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf 10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh /docker-entrypoint.sh: Configuration complete; ready for start up上面開啟監聽日志,
-
進入test測試終端,進行訪問測試
[root@k8s-master yaml]# kubectl exec -it pod-volume-test -c test -- /bin/sh /data # cd /tmp/ /tmp # wget http://127.0.0.1 Connecting to 127.0.0.1 (127.0.0.1:80) saving to 'index.html' index.html 100% |******************************************************************************************************************************************************************************************************************************| 612 0:00:00 ETA 'index.html' saved /tmp # cat index.html <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> -
查看監控日志情況
[root@k8s-master ~]# kubectl logs pod-volume-test -c web -f /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh 10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf 10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh /docker-entrypoint.sh: Configuration complete; ready for start up 127.0.0.1 - - [29/Nov/2020:03:51:12 +0000] "GET / HTTP/1.1" 200 612 "-" "Wget" "-"發現已經有日志了
3. k8s-pod字段詳解
# yaml格式的pod定義文件完整內容:
apiVersion: v1 #必選,版本號,例如v1
kind: Pod #必選,Pod
metadata: #必選,元數據
name: string #必選,Pod名稱
namespace: string #必選,Pod所屬的命名空間
labels: #自定義標簽
- name: string #自定義標簽名字
annotations: #自定義注釋列表
- name: string
spec: #必選,Pod中容器的詳細定義
containers: #必選,Pod中容器列表
- name: string #必選,容器名稱
image: string #必選,容器的鏡像名稱
imagePullPolicy: [Always | Never | IfNotPresent] #獲取鏡像的策略 Alawys表示下載鏡像 IfnotPresent表示優先使用本地鏡像,否則下載鏡像,Nerver表示僅使用本地鏡像
command: [string] #容器的啟動命令列表,如不指定,使用打包時使用的啟動命令
args: [string] #容器的啟動命令參數列表
workingDir: string #容器的工作目錄
volumeMounts: #掛載到容器內部的存儲卷配置
- name: string #引用pod定義的共享存儲卷的名稱,需用volumes[]部分定義的的卷名
mountPath: string #存儲卷在容器內mount的絕對路徑,應少於512字符
readOnly: boolean #是否為只讀模式
ports: #需要暴露的端口庫號列表
- name: string #端口號名稱
containerPort: int #容器需要監聽的端口號
hostPort: int #容器所在主機需要監聽的端口號,默認與Container相同
protocol: string #端口協議,支持TCP和UDP,默認TCP
env: #容器運行前需設置的環境變量列表
- name: string #環境變量名稱
value: string #環境變量的值
resources: #資源限制和請求的設置
limits: #資源限制的設置
cpu: string #Cpu的限制,單位為core數,將用於docker run --cpu-shares參數
memory: string #內存限制,單位可以為Mib/Gib,將用於docker run --memory參數
requests: #資源請求的設置
cpu: string #Cpu請求,容器啟動的初始可用數量
memory: string #內存清楚,容器啟動的初始可用數量
livenessProbe: #對Pod內個容器健康檢查的設置,當探測無響應幾次后將自動重啟該容器,檢查方法有exec、httpGet和tcpSocket,對一個容器只需設置其中一種方法即可
exec: #對Pod容器內檢查方式設置為exec方式
command: [string] #exec方式需要制定的命令或腳本
httpGet: #對Pod內個容器健康檢查方法設置為HttpGet,需要制定Path、port
path: string
port: number
host: string
scheme: string
HttpHeaders:
- name: string
value: string
tcpSocket: #對Pod內個容器健康檢查方式設置為tcpSocket方式
port: number
initialDelaySeconds: 0 #容器啟動完成后首次探測的時間,單位為秒
timeoutSeconds: 0 #對容器健康檢查探測等待響應的超時時間,單位秒,默認1秒
periodSeconds: 0 #對容器監控檢查的定期探測時間設置,單位秒,默認10秒一次
successThreshold: 0
failureThreshold: 0
securityContext:
privileged: false
restartPolicy: [Always | Never | OnFailure] #Pod的重啟策略,Always表示一旦不管以何種方式終止運行,kubelet都將重啟,OnFailure表示只有Pod以非0退出碼退出才重啟,Nerver表示不再重啟該Pod
nodeSelector: obeject #設置NodeSelector表示將該Pod調度到包含這個label的node上,以key:value的格式指定
imagePullSecrets: #Pull鏡像時使用的secret名稱,以key:secretkey格式指定
- name: string
hostNetwork: false #是否使用主機網絡模式,默認為false,如果設置為true,表示使用宿主機網絡
volumes: #在該pod上定義共享存儲卷列表
- name: string #共享存儲卷名稱 (volumes類型有很多種)
emptyDir: {} #類型為emtyDir的存儲卷,與Pod同生命周期的一個臨時目錄。為空值
hostPath: string #類型為hostPath的存儲卷,表示掛載Pod所在宿主機的目錄
path: string #Pod所在宿主機的目錄,將被用於同期中mount的目錄
secret: #類型為secret的存儲卷,掛載集群與定義的secre對象到容器內部
scretname: string
items:
- key: string
path: string
configMap: #類型為configMap的存儲卷,掛載預定義的configMap對象到容器內部
name: string
items:
- key: string
path: string