一、Deployment 定义
1、简介
[root@k8smaster manifests]# kubectl explain deploy(也可以写作deployment) KIND: Deployment VERSION: extensions/v1beta1 #属于该群组,但是1.10包括1.11版本中其已经被摞到另外一个群组 apps/v1 版中,因此这个文档的版本是落后于我们k8s自身的。 DESCRIPTION: DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. #此版本也是老版的,当前1.11版本为apps/v1 See the release notes for more information. Deployment enables declarative updates for Pods and ReplicaSets. FIELDS: apiVersion <string> APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources kind <string> Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds metadata <Object> Standard object metadata. spec <Object> Specification of the desired behavior of the Deployment. status <Object> Most recently observed status of the Deployment.
deployment.spec 简介
[root@k8smaster manifests]# kubectl explain deployment.spec KIND: Deployment VERSION: extensions/v1beta1 RESOURCE: spec <Object> DESCRIPTION: Specification of the desired behavior of the Deployment. DeploymentSpec is the specification of the desired behavior of the Deployment. FIELDS: minReadySeconds <integer> Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready) paused <boolean> #暂停,默认都是不暂停的上来就更新 Indicates that the deployment is paused and will not be processed by the deployment controller. progressDeadlineSeconds <integer> The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. This is not set by default. replicas <integer> Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. revisionHistoryLimit <integer> #我们在滚动更新中最多在历史中保存过去多少个历史版本,默认为10个 The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. rollbackTo <Object> DEPRECATED. The config this deployment is rolling back to. Will be cleared after rollback is done. selector <Object> Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment. strategy <Object> #更新策略 The deployment strategy to use to replace existing pods with new ones. template <Object> -required- Template describes the pods that will be created.
deployment.spec.strategy #更新策略
[root@k8smaster manifests]# kubectl explain deployment.spec.strategy KIND: Deployment VERSION: extensions/v1beta1 RESOURCE: strategy <Object> DESCRIPTION: The deployment strategy to use to replace existing pods with new ones. DeploymentStrategy describes how to replace existing pods with new ones. FIELDS: rollingUpdate <Object> #滚动更新 Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. type <string> Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. #重建式更新Recreate,还有滚动更新RollingUpdate,若使用RollingUpdate,还可以控制更新粒度
deployment.spec.strategy.rollingUpdate #更新粒度
[root@k8smaster manifests]# kubectl explain deployment.spec.strategy.rollingUpdate KIND: Deployment VERSION: extensions/v1beta1 RESOURCE: rollingUpdate <Object> DESCRIPTION: Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. Spec to control the desired behavior of rolling update. FIELDS: maxSurge <string> #对应的更新过程中最多能超出所指定的目标副本数有几个,有两种取值方式,第一直接指定数量,第二百分比。
The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. By default, a value of 1 is used. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is atmost 130% of desired pods. maxUnavailable <string>#表示最多有几个不可用,和上述一样也是两种取值方式 The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. By default, a fixed value of 1 is used. Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old RC can be scaled down further, followed by scaling up the new RC, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.
2、deployment具体操作
[root@k8smaster manifests]# cat deploy-demo.yaml apiVersion: apps/v1 kind: Deployment metadata: name: myapp-deploy namespace: default spec: replicas: 2 selector: matchLabels: app: myapp release: canary template: metadata: labels: app: myapp release: canary spec: containers: - name: myapp image: ikubernetes/myapp:v1 ports: - name: http containerPort: 80 [root@k8smaster manifests]# kubectl get deployment -o wide NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR myapp-deploy 2 2 2 2 1m myapp ikubernetes/myapp:v1 app=myapp,release=canary [root@k8smaster manifests]# kubectl get rs -o wide #会发现自动创建了rs NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp-deploy-69b47bc96d #后面的数值为模板的哈希值 2 2 2 1m myapp ikubernetes/myapp:v1 app=myapp,pod-template-hash=2560367528,release=canary [root@k8smaster manifests]# kubectl get pods -o wide --show-labels NAME READY STATUS RESTARTS AGE IP NODE LABELS liveness-httpget-pod 1/1 Running 1 1d 10.244.2.18 k8snode2 <none> myapp-deploy-69b47bc96d-47b9t #会发现pod命名由rs + 后面一串随机字符组成 1/1 Running 0 5m 10.244.1.29 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-bnqk9 1/1 Running 0 5m 10.244.2.24 k8snode2 app=myapp,pod-template-hash=2560367528,release=canary poststart-pod 1/1 Running 8 1d 10.244.2.21 k8snode2 <none> readiness-httpget-pod 1/1 Running 0 1d 10.244.2.19 k8snode2 <none>
a、在更新应用时可以直接通过编辑配置文件来实现,编辑后再次执行apply -f deploy-demo.yaml即可,但是create就不行了。其原理为每一次变化其将同步至api server中,api server发现与etcd中的状态不同从而改变etcd从而实现修改他的期望状态。从而将现有状态不断逼近期望状态。
[root@k8smaster manifests]# kubectl get pods -o wide --show-labels NAME READY STATUS RESTARTS AGE IP NODE LABELS liveness-httpget-pod 1/1 Running 1 1d 10.244.2.18 k8snode2 <none> myapp-deploy-69b47bc96d-47b9t 1/1 Running 0 5m 10.244.1.29 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-bnqk9 1/1 Running 0 5m 10.244.2.24 k8snode2 app=myapp,pod-template-hash=2560367528,release=canary poststart-pod 1/1 Running 8 1d 10.244.2.21 k8snode2 <none> readiness-httpget-pod 1/1 Running 0 1d 10.244.2.19 k8snode2 <none> [root@k8smaster manifests]# sed -i 's/replicas: 2/replicas: 3/g' deploy-demo.yaml [root@k8smaster manifests]# kubectl apply -f deploy-demo.yaml deployment.apps/myapp-deploy configured [root@k8smaster manifests]# kubectl get pods -o wide --show-labels NAME READY STATUS RESTARTS AGE IP NODE LABELS liveness-httpget-pod 1/1 Running 1 1d 10.244.2.18 k8snode2 <none> myapp-deploy-69b47bc96d-47b9t 1/1 Running 0 15m 10.244.1.29 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-75jgw 1/1 Running 0 16s 10.244.1.30 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-bnqk9 1/1 Running 0 15m 10.244.2.24 k8snode2 app=myapp,pod-template-hash=2560367528,release=canary poststart-pod 1/1 Running 8 1d 10.244.2.21 k8snode2 <none> readiness-httpget-pod 1/1 Running 0 1d 10.244.2.19 k8snode2 <none>
[root@k8smaster manifests]# kubectl describe deploy myapp-deploy Name: myapp-deploy Namespace: default CreationTimestamp: Thu, 16 May 2019 14:14:58 +0800 Labels: <none> Annotations(注释): deployment.kubernetes.io/revision=1 #我们每一次apply版本发生变化时的信息都会被保存在其中。 kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"myapp-deploy","namespace":"default" },"spec":{"replicas":3,"selector":{...Selector: app=myapp,release=canary Replicas: 3 desired | 3 updated | 3 total | 3 available | 0 unavailable StrategyType: RollingUpdate #默认的更新策略为滚动更新 MinReadySeconds: 0 RollingUpdateStrategy: 25% max unavailable, 25% max surge #滚动更新的中心策略是最多不可用25%,最多多出25% Pod Template: Labels: app=myapp release=canary Containers: myapp: Image: ikubernetes/myapp:v1 Port: 80/TCP Host Port: 0/TCP Environment: <none> Mounts: <none> Volumes: <none> Conditions: Type Status Reason ---- ------ ------ Progressing True NewReplicaSetAvailable Available True MinimumReplicasAvailable OldReplicaSets: <none> NewReplicaSet: myapp-deploy-69b47bc96d (3/3 replicas created) Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal ScalingReplicaSet 18m deployment-controller Scaled up replica set myapp-deploy-69b47bc96d to 2 Normal ScalingReplicaSet 2m deployment-controller Scaled up replica set myapp-deploy-69b47bc96d to 3
3、滚动更新
a、直接修改yaml文件后再执行 kubectl apply -f deploy-demo.yaml
[root@k8smaster manifests]# sed -i 's#image: ikubernetes/myapp:v1#image: ikubernetes/myapp:v2#g' deploy-demo.yaml [root@k8smaster manifests]# kubectl apply -f deploy-demo.yaml deployment.apps/myapp-deploy configured #另起一个窗口动态监测更新过程 [root@k8smaster manifests]# kubectl get pods -o wide --show-labels -l app=myapp -w NAME READY STATUS RESTARTS AGE IP NODE LABELS myapp-deploy-69b47bc96d-47b9t 1/1 Running 0 24m 10.244.1.29 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-75jgw 1/1 Running 0 8m 10.244.1.30 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-bnqk9 1/1 Running 0 24m 10.244.2.24 k8snode2 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-67f6f6b4dc-6hbjh 0/1 Pending 0 0s <none> <none> app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-6hbjh 0/1 Pending 0 0s <none> k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-6hbjh 0/1 ContainerCreating 0 0s <none> k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-6hbjh 1/1 Running 0 1s 10.244.1.31 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-69b47bc96d-75jgw 1/1 Terminating 0 14m 10.244.1.30 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-67f6f6b4dc-bqtpz 0/1 Pending 0 0s <none> <none> app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-bqtpz 0/1 Pending 0 0s <none> k8snode2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-bqtpz 0/1 ContainerCreating 0 0s <none> k8snode2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-69b47bc96d-75jgw 0/1 Terminating 0 14m 10.244.1.30 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-67f6f6b4dc-bqtpz 1/1 Running 0 2s 10.244.2.25 k8snode2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-69b47bc96d-47b9t 1/1 Terminating 0 30m 10.244.1.29 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-67f6f6b4dc-xb6qw 0/1 Pending 0 0s <none> <none> app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-xb6qw 0/1 Pending 0 0s <none> k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-xb6qw 0/1 ContainerCreating 0 0s <none> k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-69b47bc96d-75jgw 0/1 Terminating 0 14m 10.244.1.30 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-75jgw 0/1 Terminating 0 14m 10.244.1.30 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-67f6f6b4dc-xb6qw 1/1 Running 0 1s 10.244.1.32 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-69b47bc96d-47b9t 0/1 Terminating 0 30m 10.244.1.29 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-bnqk9 1/1 Terminating 0 30m 10.244.2.24 k8snode2 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-bnqk9 0/1 Terminating 0 30m 10.244.2.24 k8snode2 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-47b9t 0/1 Terminating 0 30m 10.244.1.29 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-47b9t 0/1 Terminating 0 30m 10.244.1.29 k8snode1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-bnqk9 0/1 Terminating 0 30m 10.244.2.24 k8snode2 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-69b47bc96d-bnqk9 0/1 Terminating 0 30m 10.244.2.24 k8snode2 app=myapp,pod-template-hash=2560367528,release=canary [root@k8smaster manifests]# kubectl get rs -o wide #发现老版本rs依然存在,只是运行的pod为0 NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp-deploy-67f6f6b4dc 3 3 3 2m myapp ikubernetes/myapp:v2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-69b47bc96d 0 0 0 33m myapp ikubernetes/myapp:v1 app=myapp,pod-template-hash=2560367528,release=canary #查看deployment的滚动历史 [root@k8smaster manifests]# kubectl rollout history deployment myapp-deploy deployments "myapp-deploy" REVISION CHANGE-CAUSE 1 <none> 2 <none>
b、通过patch命令,其补的一定是对象的json格式的内容
[root@k8smaster manifests]# kubectl patch deployment myapp-deploy -p '{"spec":{"replicas":5}}' deployment.extensions/myapp-deploy patched [root@k8smaster manifests]# kubectl get pods -o wide --show-labels NAME READY STATUS RESTARTS AGE IP NODE LABELS liveness-httpget-pod 1/1 Running 1 1d 10.244.2.18 k8snode2 <none> myapp-deploy-67f6f6b4dc-6hbjh 1/1 Running 0 14m 10.244.1.31 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-9hhb4 1/1 Running 0 36s 10.244.1.33 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-bqtpz 1/1 Running 0 14m 10.244.2.25 k8snode2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-xb6qw 1/1 Running 0 14m 10.244.1.32 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-z54x6 1/1 Running 0 36s 10.244.2.26 k8snode2 app=myapp,pod-template-hash=2392926087,release=canary poststart-pod 1/1 Running 9 1d 10.244.2.21 k8snode2 <none> readiness-httpget-pod 1/1 Running 0 1d 10.244.2.19 k8snode2 <none> #另起一个shell查看更新过程 [root@k8smaster manifests]# kubectl get pods -o wide --show-labels -l app=myapp -w NAME READY STATUS RESTARTS AGE IP NODE LABELS myapp-deploy-67f6f6b4dc-6hbjh 1/1 Running 0 11m 10.244.1.31 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-bqtpz 1/1 Running 0 11m 10.244.2.25 k8snode2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-xb6qw 1/1 Running 0 11m 10.244.1.32 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-z54x6 0/1 Pending 0 0s <none> <none> app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-9hhb4 0/1 Pending 0 0s <none> <none> app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-z54x6 0/1 Pending 0 0s <none> k8snode2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-9hhb4 0/1 Pending 0 0s <none> k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-z54x6 0/1 ContainerCreating 0 0s <none> k8snode2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-9hhb4 0/1 ContainerCreating 0 0s <none> k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-z54x6 1/1 Running 0 2s 10.244.2.26 k8snode2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-9hhb4 1/1 Running 0 2s 10.244.1.33 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary
c、设置更新过程中最多超出1个,最多0个不可用
[root@k8smaster manifests]# kubectl patch deployment myapp-deploy -p '{"spec":{"strategy":{"rollingUpdate":{"maxSurge":1,"maxUnavailable":0}}}}' deployment.extensions/myapp-deploy patched [root@k8smaster manifests]# kubectl edit deployment myapp-deploy #可以进入看到更新后的属性 Edit cancelled, no changes made. [root@k8smaster manifests]# kubectl describe deployment myapp-deploy Name: myapp-deploy Namespace: default CreationTimestamp: Thu, 16 May 2019 14:14:58 +0800 Labels: app=myapp release=canary Annotations: deployment.kubernetes.io/revision=2 kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"myapp-deploy","namespace":"default" },"spec":{"replicas":3,"selector":{...Selector: app=myapp,release=canary Replicas: 5 desired | 5 updated | 5 total | 5 available | 0 unavailable StrategyType: RollingUpdate MinReadySeconds: 0 RollingUpdateStrategy: 0 max unavailable, 1 max surge Pod Template: Labels: app=myapp release=canary Containers: myapp: Image: ikubernetes/myapp:v2 Port: 80/TCP Host Port: 0/TCP Environment: <none> Mounts: <none> Volumes: <none> Conditions: Type Status Reason ---- ------ ------ Progressing True NewReplicaSetAvailable Available True MinimumReplicasAvailable OldReplicaSets: <none> NewReplicaSet: myapp-deploy-67f6f6b4dc (5/5 replicas created) Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal ScalingReplicaSet 56m deployment-controller Scaled up replica set myapp-deploy-69b47bc96d to 2 Normal ScalingReplicaSet 40m deployment-controller Scaled up replica set myapp-deploy-69b47bc96d to 3 Normal ScalingReplicaSet 26m deployment-controller Scaled up replica set myapp-deploy-67f6f6b4dc to 1 Normal ScalingReplicaSet 26m deployment-controller Scaled down replica set myapp-deploy-69b47bc96d to 2 Normal ScalingReplicaSet 26m deployment-controller Scaled up replica set myapp-deploy-67f6f6b4dc to 2 Normal ScalingReplicaSet 26m deployment-controller Scaled down replica set myapp-deploy-69b47bc96d to 1 Normal ScalingReplicaSet 26m deployment-controller Scaled up replica set myapp-deploy-67f6f6b4dc to 3 Normal ScalingReplicaSet 26m deployment-controller Scaled down replica set myapp-deploy-69b47bc96d to 0 Normal ScalingReplicaSet 12m deployment-controller Scaled up replica set myapp-deploy-67f6f6b4dc to 5
d、通过使用set image命令
[root@k8smaster manifests]# kubectl set image deployment myapp-deploy myapp=ikubernetes/myapp:v3 && kubectl rollout pause #设置后立马暂停deployment myapp-deploy,这样就只会更新一个镜像为v3的pod。(金丝雀发布) deployment.extensions/myapp-deploy image updated deployment.extensions/myapp-deploy paused #另起一个窗口观察 [root@k8smaster manifests]# kubectl get pods -o wide --show-labels -l app=myapp -w NAME READY STATUS RESTARTS AGE IP NODE LABELS myapp-deploy-67f6f6b4dc-6hbjh 1/1 Running 0 23m 10.244.1.31 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-9hhb4 1/1 Running 0 9m 10.244.1.33 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-bqtpz 1/1 Running 0 23m 10.244.2.25 k8snode2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-xb6qw 1/1 Running 0 23m 10.244.1.32 k8snode1 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-67f6f6b4dc-z54x6 1/1 Running 0 9m 10.244.2.26 k8snode2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-6bdcd6755d-n4qbt 0/1 Pending 0 0s <none> <none> app=myapp,pod-template-hash=2687823118,release=canary myapp-deploy-6bdcd6755d-n4qbt 0/1 Pending 0 0s <none> k8snode1 app=myapp,pod-template-hash=2687823118,release=canary myapp-deploy-6bdcd6755d-n4qbt 0/1 ContainerCreating 0 1s <none> k8snode1 app=myapp,pod-template-hash=2687823118,release=canary myapp-deploy-6bdcd6755d-n4qbt 0/1 ErrImagePull 0 2s 10.244.1.34 k8snode1 app=myapp,pod-template-hash=2687823118,release=canary myapp-deploy-6bdcd6755d-n4qbt 0/1 ImagePullBackOff 0 3s 10.244.1.34 k8snode1 app=myapp,pod-template-hash=2687823118,release=canary myapp-deploy-6bdcd6755d-n4qbt 0/1 ErrImagePull 0 29s 10.244.1.34 k8snode1 app=myapp,pod-template-hash=2687823118,release=canary myapp-deploy-6bdcd6755d-n4qbt 0/1 ImagePullBackOff 0 39s 10.244.1.34 k8snode1 app=myapp,pod-template-hash=2687823118,release=canary myapp-deploy-6bdcd6755d-n4qbt 1/1 Running 0 46s 10.244.1.34 k8snode1 app=myapp,pod-template-hash=2687823118,release=canary
[root@k8smaster manifests]# kubectl rollout status deployment myapp-deploy #监视更新变化目前显示一个被更新 Waiting for deployment "myapp-deploy" rollout to finish: 1 out of 5 new replicas have been updated... #当确定新版本使用没问题时,解除暂停更新的操作继续更新 [root@k8smaster ~]# kubectl rollout resume deployment myapp-deploy deployment.extensions/myapp-deploy resumed #另一个窗口查看更新情况 [root@k8smaster manifests]# kubectl rollout status deployment myapp-deploy Waiting for deployment "myapp-deploy" rollout to finish: 1 out of 5 new replicas have been updated... Waiting for deployment spec update to be observed... Waiting for deployment spec update to be observed... Waiting for deployment "myapp-deploy" rollout to finish: 1 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 1 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 2 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 2 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 3 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 3 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 3 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 3 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 4 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 4 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 1 old replicas are pending termination... Waiting for deployment "myapp-deploy" rollout to finish: 1 old replicas are pending termination... deployment "myapp-deploy" successfully rolled out
[root@k8smaster manifests]# kubectl get rs -o wide #此时查看rs版本 NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp-deploy-67f6f6b4dc 0 0 0 51m myapp ikubernetes/myapp:v2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-69b47bc96d 0 0 0 1h myapp ikubernetes/myapp:v1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-6bdcd6755d 5 5 5 17m myapp ikubernetes/myapp:v3 app=myapp,pod-template-hash=2687823118,release=canary [root@k8smaster manifests]# kubectl rollout history deployment myapp-deploy #查看历史更新版本 deployments "myapp-deploy" REVISION CHANGE-CAUSE 1 <none> 2 <none> 3 <none>
4、回滚(可在上面的kubectl中加入--record=true参数,这样CHANG-CAUSE就可以记录当前版本中所进行的操作了。)
[root@k8smaster ~]# kubectl rollout history deployment myapp-deploy #查看当前版本 deployments "myapp-deploy" REVISION CHANGE-CAUSE 1 <none> 2 <none> 3 <none> [root@k8smaster ~]# kubectl rollout undo deployment myapp-deploy --to-revision=1 #回滚到版本1 deployment.extensions/myapp-deploy [root@k8smaster ~]# kubectl rollout history deployment myapp-deploy #查看回滚后的版本,当前版本变为了4,前一个为版本3 deployments "myapp-deploy" REVISION CHANGE-CAUSE 2 <none> 3 <none> 4 <none> [root@k8smaster ~]# kubectl get rs -o wide #可以看到当前pod运行的镜像为v1 NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp-deploy-67f6f6b4dc 0 0 0 1h myapp ikubernetes/myapp:v2 app=myapp,pod-template-hash=2392926087,release=canary myapp-deploy-69b47bc96d 5 5 5 1h myapp ikubernetes/myapp:v1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-6bdcd6755d 0 0 0 27m myapp ikubernetes/myapp:v3 app=myapp,pod-template-hash=2687823118,release=canary
二、DaemonSet,其作用在于,在整个集群的每一个节点上只运行某个指定pod的一个并且只能是一个副本,或者只能是在集群中某些符合选择器的节点上每一个节点只运行一个指定的副本。用于实现系统级的管理功能,可以直接把节点上的某个目录作为存储卷关联至pod中让pod实现某些管理功能。比如EFK中的Filebeat
1、现在启动一个redis并通过filebeat收集日志
[root@k8smaster manifests]# cat ds-demo.yaml apiVersion: apps/v1 kind: Deployment metadata: name: redis namespace: default spec: replicas: 1 selector: matchLabels: app: redis role: logstor template: metadata: labels: app: redis role: logstor spec: containers: - name: redis image: redis:4.0-alpine ports: - name: redis containerPort: 6379 --- apiVersion: apps/v1 kind: DaemonSet metadata: name: filebeat-ds namespace: default spec: selector: matchLabels: app: filebeat release: stable template: metadata: labels: app: filebeat release: stable spec: containers: - name: filebeat image: ikubernetes/filebeat:5.6.5-alpine #该镜像有个要求就是其内部必须要使用环境变量,该环境变量必须要指明我们redis主机和redis日志级别是什么 env: - name: REDIS_HOST value: redis.default.svc.cluster.local #这是一个域名,redis(服务名).default(名称空间).svc.cluster.local(这是本地k8s集群内建的本地域名后缀) - name: REDIS_LOG_LEVEL value: info [root@k8smaster manifests]# kubectl expose deployment redis --port=6379 #通过命名创建service service/redis exposed [root@k8smaster manifests]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 8d myapp NodePort 10.106.171.207 <none> 80:30935/TCP 7d nginx ClusterIP 10.103.127.92 <none> 80/TCP 8d redis ClusterIP 10.99.71.69 <none> 6379/TCP 6s
a、各pod之间的调用方式为通过service的主机名,而且调用时传递给调用者的方法为使用环境变量来进行配置。
b、各filebeat一定是各自运行在一个节点上
[root@k8smaster manifests]# kubectl get pods -l app=filebeat -o wide NAME READY STATUS RESTARTS AGE IP NODE filebeat-ds-2dh99 1/1 Running 0 19m 10.244.2.32 k8snode2 filebeat-ds-vbsmg 1/1 Running 0 19m 10.244.1.42 k8snode1
c、ds也支持滚动更新
d、通过set image更新镜像
[root@k8smaster manifests]# kubectl set image daemonsets filebeat-ds filebeat=ikubernetes/filebeat:5.6.6-alpine daemonset.extensions/filebeat-ds image updated [root@k8smaster manifests]# kubectl get pods -w NAME READY STATUS RESTARTS AGE filebeat-ds-2dh99 1/1 Running 0 25m filebeat-ds-f5drs 0/1 ContainerCreating 0 11s liveness-httpget-pod 1/1 Running 1 3d myapp-deploy-69b47bc96d-6x987 1/1 Running 0 1d myapp-deploy-69b47bc96d-f2cjq 1/1 Running 0 1d myapp-deploy-69b47bc96d-tlq6v 1/1 Running 0 1d myapp-deploy-69b47bc96d-vx46z 1/1 Running 0 1d myapp-deploy-69b47bc96d-vzdpt 1/1 Running 0 1d poststart-pod 1/1 Running 17 2d readiness-httpget-pod 1/1 Running 0 2d redis-5b5d6fbbbd-kk782 1/1 Running 0 28m filebeat-ds-f5drs 1/1 Running 0 30s filebeat-ds-2dh99 1/1 Terminating 0 26m filebeat-ds-2dh99 0/1 Terminating 0 26m filebeat-ds-2dh99 0/1 Terminating 0 26m filebeat-ds-2dh99 0/1 Terminating 0 26m filebeat-ds-n9hgz 0/1 Pending 0 0s filebeat-ds-n9hgz 0/1 ContainerCreating 0 0s filebeat-ds-n9hgz 1/1 Running 0 34s
e、ds中的pod可以设置共享宿主机的名称空间(hostNetwork),IPC,PID等
[root@k8smaster manifests]# kubectl explain pods.spec KIND: Pod VERSION: v1 RESOURCE: spec <Object> DESCRIPTION: Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status PodSpec is a description of a pod. FIELDS: activeDeadlineSeconds <integer> Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer. affinity <Object> If specified, the pod's scheduling constraints automountServiceAccountToken <boolean> AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. containers <[]Object> -required- List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated. dnsConfig <Object> Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy. dnsPolicy <string> Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'. hostAliases <[]Object> HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods. hostIPC <boolean> #共享宿主机的IPC Use the host's ipc namespace. Optional: Default to false. hostNetwork <boolean> #共享宿主机的网络名称空间 Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false. hostPID <boolean> #共享宿主机的PID Use the host's pid namespace. Optional: Default to false. hostname <string> Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value. imagePullSecrets <[]Object> ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod initContainers <[]Object> List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, or Liveness probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ nodeName <string> NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements. nodeSelector <map[string]string> NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ priority <integer> The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority. priorityClassName <string> If specified, indicates the pod's priority. "system-node-critical" and "system-cluster-critical" are two special keywords which indicate the highest priorities with the former being the highest priority. Any other name must be defined by creating a PriorityClass object with that name. If not specified, the pod priority will be default or zero if there is no default. readinessGates <[]Object> If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to "True" More info: https://github.com/kubernetes/community/blob/master/keps/sig-network/0007-pod-ready%2B%2B.md restartPolicy <string> Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy schedulerName <string> If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler. securityContext <Object> SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field. serviceAccount <string> DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead. serviceAccountName <string> ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ shareProcessNamespace <boolean> Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false. This field is alpha-level and is honored only by servers that enable the PodShareProcessNamespace feature. subdomain <string> If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>". If not specified, the pod will not have a domainname at all. terminationGracePeriodSeconds <integer> Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds. tolerations <[]Object> If specified, the pod's tolerations. volumes <[]Object> List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes