目录
1、基本概念
2、安装使用
3、常用命令
k8s基本概念
Kubernetes 是Google开源的容器集群管理系统,基于Docker构建一个容器的调度服务,提供资源调度、均衡容灾、服务注册、动态扩缩容等功能套件,目前最新版本为1.0.6;
下面是一张简单的架构图
几个重要概念:
- Pod : 在Kubernetes系统中,调度的最小颗粒不是单纯的容器,而是抽象成一个Pod,Pod是一个可以被创建、销毁、调度、管理的最小的部署单元。比如一个或一组容器。
- Service :Services是真实应用服务的抽象,每一个服务后面都有很多对应的容器来支持,通过Proxy的port和服务selector决定服务请求传递给后端提供服务的容器,对外表现为一个单一访问接口,外部不需要了解后端如何运行,这给扩展或维护后端带来很大的好处。使用nat作为端口转发;
- Replication Controllers:Replication Controller确保任何时候Kubernetes集群中有指定数量的pod副本(replicas)在运行, 如果少于指定数量的pod副本(replicas),Replication Controller会启动新的Container,反之会杀死多余的以保证数量不变。
- Labels:Labels是用于区分Pod、Service、Replication Controller的key/value键值对,Pod、Service、 Replication Controller可以有多个label,但是每个label的key只能对应一个value。Labels是Service和Replication Controller运行的基础,他们正是通过labels来选择正确的容器。
- Cluster : Cluster是安装在物理机或者是虚拟机上用来运行应用的应用的组件;
- Node : 运行了Kubernetes的Cluster机器被成为节点;
安装使用
master上安装kubernetes
vim /etc/yum.repos.d/virt7-testing.repo
[virt7-testing]
name=virt7-testing
baseurl=http://cbs.centos.org/repos/virt7-testing/x86_64/os/
gpgcheck=0
#注意;这里etcd使用的是yum中的版本;版本号为2.1.1;
@使用最新版本时测试不通过;
yum -y install etcd kubernetes
#修改如下文件
cat vim /etc/kubernetes/config
[root@h0022062 bin]# cat /etc/kubernetes/config
###
# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
# kube-apiserver.service
# kube-controller-manager.service
# kube-scheduler.service
# kubelet.service
# kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow_privileged=false"
# How the controller-manager, scheduler, and proxy find the apiserver
#KUBE_MASTER="--master=http://127.0.0.1:8080"
KUBE_ETCD_SERVERS="--etcd_servers=http://locate:2379"
[root@h0022062 bin]# cat /etc/kubernetes/apiserver
###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#
# The address on the local server to listen to.
KUBE_API_ADDRESS="--address=0.0.0.0"
# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"
# Port minions listen on
KUBELET_PORT="--kubelet_port=10250"
# How the replication controller and scheduler find the kube-apiserver
KUBE_MASTER="--master=http://centos-master:8080"
# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd_servers=http://localhost:2379"
# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
# default admission control policies
#KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
# Add your own!
KUBE_API_ARGS=""
#启动服务;
service etcd start
service kube-apiserver start
service kube-controller-manager start
service kube-scheduler start
master上启动节点;
#修改配置文件
[root@h0022062 server]# cat /etc/kubernetes/kubelet
###
# kubernetes kubelet (minion) config
# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=127.0.0.1"
# The port for the info server to serve on
KUBELET_PORT="--port=10250"
# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname_override=127.0.0.1"
# location of the api-server
KUBELET_API_SERVER="--api_servers=http://127.0.0.1:8080"
# Add your own!
KUBELET_ARGS=""
#启动各个节点;
service kube-proxy start
service kubelet start
service docker start
Offline
在Kubernetes启动pod的时候;会尝试下载一些镜像;由于网络问题;这些镜像一般下载不了; 需要事先下载好;以便测试;
docker pull gcr.io/google_containers/pause
docker pull gcr.io/google_containers/pause:0.8.0
docker tag gcr.io/google_containers/pause docker.io/kubernetes/pause
HelloWord
#创建pod;
[root@h0022062 server]# kubectl run my-nginx --image=127.0.0.1:5010/centos-nginx --replicas=2 --port=80
CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS
my-nginx my-nginx 127.0.0.1:5010/centos-nginx run=my-nginx 2
[root@h0022062 server]#
[root@h0022062 server]#
#查看已经存在的pod
[root@h0022062 server]# kubectl get pods
NAME READY STATUS RESTARTS AGE
my-nginx-bnmhj 1/1 Running 0 11s
my-nginx-lqkny 1/1 Running 0 11s
#查看replicationcontroller
[root@h0022062 bin]# kubectl get replicationcontroller
CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS
my-nginx my-nginx nginx run=my-nginx 2
#停止pods
[root@h0022062 server]# kubectl stop replicationcontroller my-nginx
replicationcontrollers/my-nginx
#确认是否停止成功
[root@h0022062 server]# kubectl get pods
NAME READY STATUS RESTARTS AGE
HelloWord-实际可以访问的service
[root@h0022062 server]# kubectl get pods
NAME READY STATUS RESTARTS AGE
[root@h0022062 server]# kubectl get services
NAME LABELS SELECTOR IP(S) PORT(S)
kubernetes component=apiserver,provider=kubernetes <none> 192.168.0.1 443/TCP
[root@h0022062 server]# cat pod.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: mynginx
labels:
name: mynginx
spec:
replicas: 2
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: mynginx
image: 127.0.0.1:5010/centos-nginx
ports:
- containerPort: 80
[root@h0022062 server]# kubectl create -f pod.yaml
replicationcontrollers/mynginx
[root@h0022062 server]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mynginx-3sz2i 1/1 Running 0 1m
mynginx-m821h 1/1 Running 0 1m
#添加服务
[root@h0022062 server]# cat service.json
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "my-service"
},
"spec": {
"selector": {
"app": "nginx"
},
"ports": [
{
"protocol": "TCP",
"port": 80,
"targetPort": 80
}
]
}
}
#启动服务
[root@h0022062 server]# kubectl create -f service.json
#iptables查看nat的映射表
[root@h0022062 server]# iptables -nvL -t nat
7 420 DNAT tcp -- * * 0.0.0.0/0 10.254.79.222 /* default/my-service: */ tcp dpt:80 to:192.168.77.114:13412
#访问测试;
#
[root@h0022062 server]# kubectl stop -f pod.yaml
pods/mynginx
#有一个pending;可以使用describe命令查看详情
[root@h0022062 server]# kubectl describe pods/mynginx-3sz2i
常用命令
kubectl create
作用:通过文件创建资源(pod、Replication Controllers、Service)等;支持YAML和JSON格式; 示例:
kubectl create -f ./pod.json
kubectl get
作用:列出资源列表; 示例:
// 显示所有的pods
$ kubectl get pods
//显示replicationcontroller
$ kubectl get replicationcontroller
$ kubectl get rc
//显示service
$ kubectl get service
//显示所有节点
$ kubectl get node
// 显示pod web-pod-13je7 的json
$ kubectl get -o json pod web-pod-13je7
// List one or more resources by their type and names.
$ kubectl get rc/web service/frontend pods/web-pod-13je7
kubectl delete
作用:删除资源;可以使用文件或者是标签来标记删除的资源; 示例:
// Delete a pod using the type and name specified in pod.json.
$ kubectl delete -f ./pod.json
// Delete pods and services with label name=myLabel.
$ kubectl delete pods,services -l name=myLabel
// Delete all pods
$ kubectl delete pods --all
kubectl describe
作用:显示资源的详情;可以用于显示pending状态
示例:
// 显示nodes名称为kubernetes-minion-emt8.c.myproject.internal的详情
$ kubectl describe nodes kubernetes-minion-emt8.c.myproject.internal
//显示pods名称为nginx的详情
$ kubectl describe pods/nginx
// 显示标签为 name=myLabel 的pods
$ kubectl describe po -l name=myLabel
kubectl logs
作用:显示pod内容器的日志;
示例:
#如果是pod内只有一个容器;容器名称可选
kubectl logs mynginx-24aw5
kubectl logs mynginx-24aw5 mynginx
kubectl stop
作用:停止一个资源;
示例:
// Shut down foo.
$ kubectl stop replicationcontroller foo
// Stop pods and services with label name=myLabel.
$ kubectl stop pods,services -l name=myLabel
// Shut down the service defined in service.json
$ kubectl stop -f service.json
// Shut down all resources in the path/to/resources directory
$ kubectl stop -f path/to/resources