zoukankan      html  css  js  c++  java
  • 华为云 Kubernetes 管理员实训 五 课后作业

    练习1

    部署一个Deployment应用,使用secret普通卷,该应用启动依赖此secret。
    Deployment的名称为<hwcka-005-1-你的华为云id>
    将所用命令、创建的Deployment及secret的完整yaml截图上传,注意体现依赖特性,如secret删除后,应用无法启动。

    首先准备一个自定义的docker镜像
    vi a.sh

    #!/bin/sh
    
    user=$(cat /etc/secret-volume/username)
    password=`cat /etc/secret-volume/password`
    
    if [ "$user" = 'epm-user' -a "$password" = '123456' ]; then
        echo 'Correct username and password! This busybox will serve you for 3600 seconds.'
        sleep 3600
    else
        echo 'Incorrect username or password! This app will exit immediately.'
        exit 1
    fi
    

    vi Dockerfile

    FROM busybox:1.28
    
    COPY a.sh /tmp/
    
    ENTRYPOINT ["/bin/sh","-c","/tmp/a.sh"]
    

    构建镜像,给镜像打标签,推送镜像

    docker build -t mybox:v1 .
    
    docker tag mybox:v1 192.168.202.130:80/dev/mybox:v1
    
    docker push 192.168.202.130:80/dev/mybox:v1
    

    vi secret.yaml

    apiVersion: v1
    kind: Secret
    metadata:
      name: test-secret
    data:
      username: ZXBtLXVzZXI=
      password: MTIzNDU2
    [root@svn ch5]# cat secret.yaml
    apiVersion: v1
    kind: Secret
    metadata:
      name: test-secret
    data:
      username: ZXBtLXVzZXI=
      password: MTIzNDU2
    

    vi secret-pod.yaml

    apiVersion: v1
    kind: Pod
    metadata:
      name: secret-test-pod
    spec:
      containers:
        - name: test-container
          image: 192.168.202.130/dev/mybox:v1
          volumeMounts:
            # name must match the volume name below
            - name: secret-volume
              mountPath: /etc/secret-volume
      # The secret data is exposed to Containers in the Pod through a Volume.
      volumes:
        - name: secret-volume
          secret:
            secretName: test-secret
    

    直接运行kubectl apply -f secret-pod.yaml,此时因为缺少secret,运行失败。

    [root@svn ch5]# kubectl get pod
    NAME              READY   STATUS              RESTARTS   AGE
    busybox           1/1     Running             16         23h
    secret-test-pod   0/1     ContainerCreating   0          9m1s
    
    [root@svn ch5]# kubectl logs -f secret-test-pod
    Error from server (BadRequest): container "test-container" in pod "secret-test-pod" is waiting to start: ContainerCreating
    
    [root@svn ch5]# kubectl logs secret-test-pod
    // omitted 
    Events:
      Type     Reason       Age                  From                      Message
      ----     ------       ----                 ----                      -------
      Normal   Scheduled    10m                  default-scheduler         Successfully assigned default/secret-test-pod to app.centos7.com
      Warning  FailedMount  116s (x12 over 10m)  kubelet, app.centos7.com  MountVolume.SetUp failed for volume "secret-volume" : secret "test-secret" not found
      Warning  FailedMount  78s (x4 over 8m7s)   kubelet, app.centos7.com  Unable to mount volumes for pod "secret-test-pod_default(949a1255-acfc-11e9-87b5-000c29ad265c)": timeout expired waiting for volumes to attach or mount for pod "default"/"secret-test-pod". list of unmounted volumes=[secret-volume]. list of unattached volumes=[secret-volume default-token-52b6b]
    

    先运行kubectl apply -f secret.yaml,再运行kubectl apply -f secret-pod.yaml,则一切正常。

    [root@svn ch5]# kubectl get pod
    NAME              READY   STATUS    RESTARTS   AGE
    busybox           1/1     Running   16         23h
    secret-test-pod   1/1     Running   0          3s
    
    

    练习2

    部署一个statefulset应用,使用持久化卷,通过pvc声明所需的存储大小10G及访问模式为RWX。
    Deployment的名称为<hwcka-005-2-你的华为云id>
    将所用命令、创建的statefulset及pvc的完整yaml和证明该应用有在存储中写内容的截图上传

    vi mybox-pv.yaml

    apiVersion: v1
    kind: PersistentVolume
    metadata:
      name: mybox-pv-volume
      labels:
        type: local
    spec:
      storageClassName: manual
      capacity:
        storage: 10Gi
      accessModes:
        - ReadWriteMany
      hostPath:
        path: "/tmp"
    ---
    apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: mybox-pv-claim
    spec:
      storageClassName: manual
      accessModes:
        - ReadWriteMany
      resources:
        requests:
          storage: 10Gi
    
    

    vi mybox-deploy.yaml

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      creationTimestamp: null
      labels:
        app: mybox
      name: mybox
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: mybox
      strategy: {}
      template:
        metadata:
          creationTimestamp: null
          labels:
            app: mybox
        spec:
          containers:
          - image: busybox:1.28
            name: busybox
            command:
              - sleep
              - "3600"
            volumeMounts:
            - name: mybox-persistent-storage
              mountPath: /tmp/
          volumes:
          - name: mybox-persistent-storage
            persistentVolumeClaim:
              claimName: mybox-pv-claim
    

    运行kubectl -f mybox-pv.yamlkubectl apply -f mybox-deploy.yaml
    然后以命令kubectl exec -it mybox-95c474b84-9qvkv -- sh进入Pod。

    echo `date` > /tmp/joyo.txt
    echo hi >> /tmp/joyo.txt
    

    即使是kubectl delete -f mybox-deploy.yaml之后,在Deployment曾经运行的主机上,仍然可以

    // cat /tmp/joyo.txt
    Tue Jul 23 04:42:50 UTC 2019
    hi
    
  • 相关阅读:
    (转)viso 形状搜索 无法使用 的解决办法
    Visio 2003 直线需要相交时的设置方法
    C# Serialport执行close()方法时,程序卡死的解决办法
    RabbitMQ核心技术总结
    kafka核心原理总结
    hadoop的价值在哪里
    从程序员小仙飞升上神,java技术开发要如何实现?
    明年大数据行业的趋势会是哪些?
    2016年末程序员应该知道的基本架构思想
    2016年末程序员突破自我的绝密方法分享
  • 原文地址:https://www.cnblogs.com/chenjo/p/11231129.html
Copyright © 2011-2022 走看看