zoukankan      html  css  js  c++  java
  • Kubernetes之(六)资源清单定义

    Kubernetes之(六)资源清单定义

    常用资源

    工作负载型 Pod,ReplicaSet,StatefulSet,DaemonSet,Job,Cronjob
    服务发现及均衡 Sevice,Ingress,...
    配置与存储 Volume,CSI,ConfigMap,Secret,DownwardAPI
    集群级资源 Namespace,Node,Role,ClusterRole,RoleBinding,ClusterRoleBinding
    元数据型资源 HPA,PodTemplate,LimitRange

    Kubernetes不只是使用命令行进行配置,常用使用yaml文件来创建配置清单
    Pod的资源清单
    apiserver仅接收JSON格式的资源定义;

    • 当我们使用kubectl run直接创建资源的时候会被自动转换为JSON格式传给apiserver;
    • 使用yaml格式提供配置清单,apiserver可自动将其转换为JSON格式,然后再提交
    [root@master ~]# kubectl get pods myapp-9b4987d5-djdr9 -o yaml
    apiVersion: v1
    kind: Pod
    metadata:
      creationTimestamp: "2019-03-28T06:42:04Z"
      generateName: myapp-9b4987d5-
      labels:
        pod-template-hash: 9b4987d5
        run: myapp
      name: myapp-9b4987d5-djdr9
      namespace: default
      ownerReferences:
      - apiVersion: apps/v1
        blockOwnerDeletion: true
        controller: true
        kind: ReplicaSet
        name: myapp-9b4987d5
        uid: bc03afbd-5120-11e9-80a7-000c295ec349
      resourceVersion: "38679"
      selfLink: /api/v1/namespaces/default/pods/myapp-9b4987d5-djdr9
      uid: 995067e0-5124-11e9-80a7-000c295ec349
    spec:
      containers:
      - image: ikubernetes/myapp:v1
        imagePullPolicy: IfNotPresent
        name: myapp
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
          name: default-token-dqd2f
          readOnly: true
      dnsPolicy: ClusterFirst
      enableServiceLinks: true
      nodeName: node02
      priority: 0
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      serviceAccount: default
      serviceAccountName: default
      terminationGracePeriodSeconds: 30
      tolerations:
      - effect: NoExecute
        key: node.kubernetes.io/not-ready
        operator: Exists
        tolerationSeconds: 300
      - effect: NoExecute
        key: node.kubernetes.io/unreachable
        operator: Exists
        tolerationSeconds: 300
      volumes:
      - name: default-token-dqd2f
        secret:
          defaultMode: 420
          secretName: default-token-dqd2f
    status:
      conditions:
      - lastProbeTime: null
        lastTransitionTime: "2019-03-28T06:42:04Z"
        status: "True"
        type: Initialized
      - lastProbeTime: null
        lastTransitionTime: "2019-03-28T06:42:05Z"
        status: "True"
        type: Ready
      - lastProbeTime: null
        lastTransitionTime: "2019-03-28T06:42:05Z"
        status: "True"
        type: ContainersReady
      - lastProbeTime: null
        lastTransitionTime: "2019-03-28T06:42:04Z"
        status: "True"
        type: PodScheduled
      containerStatuses:
      - containerID: docker://69b4cab1eb139c8e9c23e79792782db739fae21bedbc9199e1ab75b10729b038
        image: ikubernetes/myapp:v1
        imageID: docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
        lastState: {}
        name: myapp
        ready: true
        restartCount: 0
        state:
          running:
            startedAt: "2019-03-28T06:42:05Z"
      hostIP: 10.0.0.12
      phase: Running
      podIP: 10.244.2.13
      qosClass: BestEffort
      startTime: "2019-03-28T06:42:04Z"
    

    大部分资源清单有以下五个字段组成:

    • apiVersion: group/version # 指明api资源所属的群组及版本,使用kubectl api-version可查看,同一组子资源可以有多个版本

    • kind: 资源类别,Pod,ReplicaSet,Deployment,StatefulSet,DaemonSet,Job,Cronjob 。注意大小写

    • metadata: 元数据

      • name:同一类别要求名字唯一

      • namespace:对应的对象属于哪个名称空间,默认default

      • labels: 标签,搜友资源都可以有标签,K/V类型

      • annotations:资源注解

        每个资源的引用PATH
        /api/GROUP/VERSION/namespaces/NAMESPACE/TYPE/NAME
        小写是固定字符,大写是根据实际情况修改

    • spec:最重要字段,定义目标的期望状态,desired state,不同类型资源内部可能有所不同

    • status:当前状态(只读)本字段由kubernetes进行维护

    以上可以使用kubectl explain 进行查看相应字段

    [root@master ~]# kubectl explain pods
    KIND:     Pod
    VERSION:  v1
    
    DESCRIPTION:
         Pod is a collection of containers that can run on a host. This resource is
         created by clients and scheduled onto hosts.
    
    FIELDS:
       apiVersion   <string>
         APIVersion defines the versioned schema of this representation of an
         object. Servers should convert recognized schemas to the latest internal
         value, and may reject unrecognized values. More info:
         https://git.k8s.io/community/contributors/devel/api-conventions.md#resources
    
       kind <string>
         Kind is a string value representing the REST resource this object
         represents. Servers may infer this from the endpoint the client submits
         requests to. Cannot be updated. In CamelCase. More info:
         https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
    
       metadata     <Object>
         Standard object's metadata. More info:
         https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
    
       spec <Object>
         Specification of the desired behavior of the pod. More info:
         https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
    
       status       <Object>
         Most recently observed status of the pod. This data may not be up to date.
         Populated by the system. Read-only. More info:
         https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
    

    查看下一集字段,例如pods下的metadata,使用kubectl explain pods.metadata,以此类推.

    二级字段下,每一种字段都有对应的键值类型,常用类型大致如下:

    • <[ ]string>:表示是一个字串列表,也就是字串类型的数组

    • <Object>:表示是可以嵌套的字段

    • <map[string]string>:表示是一个由键值组成映射

    • <[ ]Object>:表示是一个对象列表

    • <[ ]Object> -required-:required表示该字段是一个必选的字段

    利用配置清单定义自主式Pod资源

    [root@master ~]# mkdir manifests
    [root@master ~]# cd manifests/
    [root@master manifests]# vim pod-demo.yaml
      labels:
    apiVersion: v1
    kind: Pod
    metadata:
      name: pod-demo
      namespace: default
      #labels: {"app": "myapp","tier": "frontend"} 和下面效果一样,建议使用下面格式
      labels:
        app: myapp
        tier: frontend
    spec:
      containers:
      - name: myapp
        image: ikubernetes/myapp:v1
      - name: busybox
        image: busybox 
        command:
        - "/bin/sh"
        - "-c"
        - "echo $(date)>>/usr/share/nginx/html/index.html;sleep 3600"
    

    使用**kubectl create -f .yaml创建资源

    [root@master manifests]# kubectl create -f pod-demo.yaml 
    pod/pod-demo created
    [root@master manifests]# kubectl describe pods pod-demo
    Name:               pod-demo
    Namespace:          default
    Priority:           0
    PriorityClassName:  <none>
    Node:               node02/10.0.0.12
    Start Time:         Thu, 28 Mar 2019 17:27:35 +0800
    Labels:             app=myapp
                        tier=frontend
    Annotations:        <none>
    Status:             Running
    IP:                 10.244.2.15
    Containers:
      myapp:
        Container ID:   docker://81fcdf25bac4f9691aaa80ccf1acd0fe565575ea894d07ea1c382e0366bcbfba
        Image:          ikubernetes/myapp:v1
        Image ID:       docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
        Port:           <none>
        Host Port:      <none>
        State:          Running
          Started:      Thu, 28 Mar 2019 17:27:35 +0800
        Ready:          True
        Restart Count:  0
        Environment:    <none>
        Mounts:
          /var/run/secrets/kubernetes.io/serviceaccount from default-token-dqd2f (ro)
      busybox:
        Container ID:  docker://af0d0f76b0f6ba9eeaea18178d1d9cf3a052176e219471896a56d727622c9a36
        Image:         busybox
        Image ID:      docker-pullable://busybox@sha256:061ca9704a714ee3e8b80523ec720c64f6209ad3f97c0ff7cb9ec7d19f15149f
        Port:          <none>
        Host Port:     <none>
        Command:
          /bin/sh
          -c
          sleep 3600
        State:          Running
          Started:      Thu, 28 Mar 2019 17:27:37 +0800
        Ready:          True
        Restart Count:  0
        Environment:    <none>
        Mounts:
          /var/run/secrets/kubernetes.io/serviceaccount from default-token-dqd2f (ro)
    Conditions:
      Type              Status
      Initialized       True 
      Ready             True 
      ContainersReady   True 
      PodScheduled      True 
    Volumes:
      default-token-dqd2f:
        Type:        Secret (a volume populated by a Secret)
        SecretName:  default-token-dqd2f
        Optional:    false
    QoS Class:       BestEffort
    Node-Selectors:  <none>
    Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                     node.kubernetes.io/unreachable:NoExecute for 300s
    Events:
      Type    Reason     Age   From               Message
      ----    ------     ----  ----               -------
      Normal  Scheduled  13s   default-scheduler  Successfully assigned default/pod-demo to node02
      Normal  Pulled     13s   kubelet, node02    Container image "ikubernetes/myapp:v1" already present on machine
      Normal  Created    13s   kubelet, node02    Created container
      Normal  Started    13s   kubelet, node02    Started container
      Normal  Pulling    13s   kubelet, node02    pulling image "busybox"
      Normal  Pulled     11s   kubelet, node02    Successfully pulled image "busybox"
      Normal  Created    11s   kubelet, node02    Created container
      Normal  Started    11s   kubelet, node02    Started container
    

    使用kubectl delete -f .yaml删除资源
    使用
    kubectl logs POD_NAME -c CONTAINER_NAME 查看指定Pod内的指定容器的日志
    使用
    kubectl exec -it POD_NAME-c CONTAINER_NAME -- /bin/sh ** 交互式进入指定Pod内的指定容器内部

    参考资料

    https://www.cnblogs.com/linuxk
    马永亮. Kubernetes进阶实战 (云计算与虚拟化技术丛书)

  • 相关阅读:
    2015.05.12:json的常用处理方式
    好菜都得花功夫做
    网站从 IIS6 迁移至 IIS7 后的通配符脚本映射权限配置不当可能导致403错误
    ELearning是学习系统而不是教育系统
    空难与软件开发(一)
    “模态”对话框和“后退”按钮
    闭包解析(Fun with closure)
    关于CultureInfo的两个问题
    从来就不可能精通:关于Boxing
    Windows RT 应用程序开发介绍培训的讲义
  • 原文地址:https://www.cnblogs.com/wlbl/p/10694285.html
Copyright © 2011-2022 走看看