004.kubernets对于pod的简单管理

一 pod简介

1.1 介绍

• Pod是K8s集群中所有业务类型的基础
• Pod是在K8s集群中运行部署应用或服务的最小单元，它是可以支持多容器的。
• Pod的设计理念是支持多个容器在一个Pod中共享网络地址和文件系统

pod和容器的区别就是，一个pod可以有多个容器，当一个pod只有一个容器的时候，访问pod就是访问容器，对于一个kubernets来说，一个pods至少有两个容器，一个是不可见的，称为pause容器，另一个就是业务容器

pod是一个逻辑概念，pod中的一个容器异常，整个pod重新创建

• Kubernetes为每个Pod都分配了唯一的IP地址，称之为PodIP，一个Pod里的多个容器共享PodIP地址。要求底层网络支持集群内任意两个Pod之间的直接通信，通常采用虚拟二层网络技术来实现（Flannel）。
• POD可以与其它主机上的POD直接通讯。
• 如果有POD意外停止，K8S会根据资源设定重启或创建POD，直到符合预期设定值
• pause容器劫持业务容器的所有流量，IP是配置在pause容器的，在创建pod的时候，自动创建，用来接管容器网络

1.2 pod的一个应用场景

• pod含有两个容器，File Puller先于web server容器启动
• 拉取代码放到volume中，然后自毁
• web server容器启动，读物volume的代码，用于用户访问

二 POD简单操作

2.1 创建一个关于nginx的pods

[root@docker-server1 namespace]# cd ../

[root@docker-server1 yamls]# mkdir pods

[root@docker-server1 yamls]# cd pods

[root@docker-server1 pods]# vi nginx-pods.yaml

apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: nginx
    annotations: 
      test: this is a test app
spec:                 #资源描述信息
  containers:
  - name: nginx
    image: nginx
    ports:
    - containerPort: 80

这是一个最简单的pods，只是运行一个nginx的业务，没有任何其他的东西

[root@docker-server1 pods]# kubectl apply -f nginx-pods.yaml

由于没有指定ns，所以pods运行在defaults中，查看

[root@docker-server1 pods]# kubectl get pods

NAME    READY   STATUS    RESTARTS   AGE
nginx   1/1     Running   0          85s

1/1：后面的1表示这个pods运行了几个容器，前面的1表示几个容器处于redy状态

查看容器

[root@docker-server1 pods]# kubectl get pods -o wide

NAME    READY   STATUS    RESTARTS   AGE     IP           NODE              NOMINATED NODE   READINESS GATES
nginx   1/1     Running   0          6m41s   10.244.2.6   192.168.132.133   <none>           <none>

访问

[root@docker-server1 pods]# curl http://10.244.2.6

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
         35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

2.2 配置映射端口

[root@docker-server1 pods]# vim nginx-pods.yaml 

apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  hostNetwork: true
  containers:
  - name: nginx
    image: nginx
    ports:
    - containerPort: 80

[root@docker-server1 pods]# kubectl delete -f nginx-pods.yaml

[root@docker-server1 pods]# kubectl create  -f nginx-pods.yaml 

[root@docker-server1 pods]# kubectl get pods -o wide

NAME    READY   STATUS              RESTARTS   AGE   IP                NODE              NOMINATED NODE   READINESS GATES
nginx   0/1     ContainerCreating   0          4s    192.168.132.133   192.168.132.133   <none>           <none>

[root@docker-server1 pods]# kubectl get pods -o wide

NAME    READY   STATUS    RESTARTS   AGE   IP                NODE              NOMINATED NODE   READINESS GATES
nginx   1/1     Running   0          95s   192.168.132.133   192.168.132.133   <none>           <none>

2.3 pod常用配置

name: string
image: string
imagePullPolicy: [Always |Never | IfNotPresent]    #拉取镜像策略，默认是第三种，先看本地，本地没有，才拉取
restartPolicy: [Always | Never | OnFailure]
command: [string]
args: [string]
ports:
containerPort: int
hostPort: int
protocol: string
env:
name: string
value: string


hostNetwork: bool
resources
volumes
livenessProbe
ReadnessProbe

2.4 配置其他策略

运行多个容器，并使用拉取镜像策略

[root@docker-server1 pods]# vim nginx-pods.yaml

apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: nginx
  annotations:
    test: this is a test app
spec:
  imagePullPolicy: Always
  restartPolicy: Always
  containers:
  - name: nginx
    image: nginx
    ports:
    - containerPort: 80
      hostPost: 8080
    env:
    - name: test
      value: aaa
    - name: test1
      value: bbb
  - name: busybox
    image: busybox
    command:
      - sh
      - -c
      - sleep 3600

2.4 删除再创建pod

[root@docker-server1 pods]# kubectl delete pod nginx

[root@docker-server1 pods]# kubectl create -f nginx-pods.yaml 

error: error validating "nginx-pods.yaml": error validating data: ValidationError(Pod.spec): unknown field "imagePullPolicy" in io.k8s.api.core.v1.PodSpec; if you choose to ignore these errors, turn validation off with --validate=false

imagePullPolicy这个不能指定所有容器

[root@docker-server1 pods]# vim nginx-pods.yaml

apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: nginx
  annotations:
    test: this is a test app
spec:
  restartPolicy: Always
  containers:
  - name: nginx
    image: nginx
    imagePullPolicy: Always
    ports:
    - containerPort: 80
      hostPort: 8080
    env:
    - name: test
      value: aaa
    - name: test1
      value: bbb
  - name: busybox
    image: busybox
    command:
      - sh
      - -c
      - sleep 3600

[root@docker-server1 pods]# kubectl create -f nginx-pods.yaml

[root@docker-server1 pods]# kubectl get pods

NAME    READY   STATUS    RESTARTS   AGE
nginx   2/2     Running   0          28s

[root@docker-server1 pods]# kubectl get pods -o wide

NAME    READY   STATUS    RESTARTS   AGE   IP           NODE              NOMINATED NODE   READINESS GATES
nginx   2/2     Running   0          36s   10.244.2.7   192.168.132.133   <none>           <none>

做了端口映射，两种方式访问

[root@docker-server1 pods]# curl http://192.168.132.133:8080

[root@docker-server1 pods]# curl http://10.244.2.7

2.5 查看pods的详细信息

[root@docker-server1 pods]# kubectl describe po nginx

Name:         nginx
Namespace:    default
Priority:     0
Node:         192.168.132.133/192.168.132.133
Start Time:   Thu, 09 Jan 2020 18:17:48 -0500
Labels:       app=nginx
Annotations:  test: this is a test app
Status:       Running
IP:           10.244.2.7
IPs:
  IP:  10.244.2.7
Containers:
  nginx:
    Container ID:   docker://676a2d9bebda40d86138190093d1a6d6cf6f16e5ff0e89fc22df53a74bdf8048
    Image:          nginx
    Image ID:       docker-pullable://nginx@sha256:8aa7f6a9585d908a63e5e418dc5d14ae7467d2e36e1ab4f0d8f9d059a3d071ce
    Port:           80/TCP
    Host Port:      8080/TCP
    State:          Running
      Started:      Thu, 09 Jan 2020 18:17:55 -0500
    Ready:          True
    Restart Count:  0
    Environment:
      test:   aaa
      test1:  bbb
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-bwbrn (ro)
  busybox:
    Container ID:  docker://e8cc006f3ab292701d9876d84881af90f4c97ea22f32bf0cabf2b93d82b8c82b
    Image:         busybox
    Image ID:      docker-pullable://busybox@sha256:6915be4043561d64e0ab0f8f098dc2ac48e077fe23f488ac24b665166898115a
    Port:          <none>
    Host Port:     <none>
    Command:
      sh
      -c
      sleep 3600
    State:          Running
      Started:      Thu, 09 Jan 2020 18:18:00 -0500
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-bwbrn (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  default-token-bwbrn:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-bwbrn
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type    Reason     Age    From                      Message
  ----    ------     ----   ----                      -------
  Normal  Pulling    4m43s  kubelet, 192.168.132.133  Pulling image "nginx"
  Normal  Scheduled  4m41s  default-scheduler         Successfully assigned default/nginx to 192.168.132.133
  Normal  Pulled     4m38s  kubelet, 192.168.132.133  Successfully pulled image "nginx"
  Normal  Created    4m37s  kubelet, 192.168.132.133  Created container nginx
  Normal  Started    4m37s  kubelet, 192.168.132.133  Started container nginx
  Normal  Pulling    4m37s  kubelet, 192.168.132.133  Pulling image "busybox"
  Normal  Pulled     4m32s  kubelet, 192.168.132.133  Successfully pulled image "busybox"
  Normal  Created    4m32s  kubelet, 192.168.132.133  Created container busybox
  Normal  Started    4m32s  kubelet, 192.168.132.133  Started container busybox

三 yaml文件找回

如果不小心删除了yaml文件，可以通过描述信息找回

3.1  删除yaml文件

[root@docker-server1 pods]# rm  -rf nginx-pods.yaml 

[root@docker-server1 pods]# kubectl get pods nginx -o yaml

apiVersion: v1
kind: Pod
metadata:
  annotations:
    test: this is a test app
  creationTimestamp: "2020-01-09T23:17:51Z"
  labels:
    app: nginx
  name: nginx
  namespace: default
  resourceVersion: "43864"
  selfLink: /api/v1/namespaces/default/pods/nginx
  uid: 41510342-de97-4b37-ab95-0a01dd73aac7
spec:
  containers:
  - env:
    - name: test
      value: aaa
    - name: test1
      value: bbb
    image: nginx
    imagePullPolicy: Always
    name: nginx
    ports:
    - containerPort: 80
      hostPort: 8080
      protocol: TCP
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: default-token-bwbrn
      readOnly: true
  - command:
    - sh
    - -c
    - sleep 3600
    image: busybox
    imagePullPolicy: Always
    name: busybox
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: default-token-bwbrn
      readOnly: true
  dnsPolicy: ClusterFirst
  enableServiceLinks: true
  nodeName: 192.168.132.133
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: default
  serviceAccountName: default
  terminationGracePeriodSeconds: 30
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 300
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 300
  volumes:
  - name: default-token-bwbrn
    secret:
      defaultMode: 420
      secretName: default-token-bwbrn
status:
  conditions:
  - lastProbeTime: null
    lastTransitionTime: "2020-01-09T23:17:48Z"
    status: "True"
    type: Initialized
  - lastProbeTime: null
    lastTransitionTime: "2020-01-09T23:18:01Z"
    status: "True"
    type: Ready
  - lastProbeTime: null
    lastTransitionTime: "2020-01-09T23:18:01Z"
    status: "True"
    type: ContainersReady
  - lastProbeTime: null
    lastTransitionTime: "2020-01-09T23:17:51Z"
    status: "True"
    type: PodScheduled
  containerStatuses:
  - containerID: docker://e8cc006f3ab292701d9876d84881af90f4c97ea22f32bf0cabf2b93d82b8c82b
    image: busybox:latest
    imageID: docker-pullable://busybox@sha256:6915be4043561d64e0ab0f8f098dc2ac48e077fe23f488ac24b665166898115a
    lastState: {}
    name: busybox
    ready: true
    restartCount: 0
    started: true
    state:
      running:
        startedAt: "2020-01-09T23:18:00Z"
  - containerID: docker://676a2d9bebda40d86138190093d1a6d6cf6f16e5ff0e89fc22df53a74bdf8048
    image: nginx:latest
    imageID: docker-pullable://nginx@sha256:8aa7f6a9585d908a63e5e418dc5d14ae7467d2e36e1ab4f0d8f9d059a3d071ce
    lastState: {}
    name: nginx
    ready: true
    restartCount: 0
    started: true
    state:
      running:
        startedAt: "2020-01-09T23:17:55Z"
  hostIP: 192.168.132.133
  phase: Running
  podIP: 10.244.2.7
  podIPs:
  - ip: 10.244.2.7
  qosClass: BestEffort
  startTime: "2020-01-09T23:17:48Z"

3.2 使用命令恢复

[root@docker-server1 pods]# kubectl get pods nginx -o yaml > nginx-pods.yaml

删除不必要的信息

[root@docker-server1 pods]# vim nginx-pods.yaml

apiVersion: v1
kind: Pod
metadata:
  annotations:
    test: this is a test app
  labels:
    app: nginx
  name: nginx
  namespace: default
spec:
  containers:
  - env:
    - name: test
      value: aaa
    - name: test1
      value: bbb
    image: nginx
    imagePullPolicy: Always
    name: nginx
    ports:
    - containerPort: 80
      hostPort: 8080
      protocol: TCP
  - command:
    - sh
    - -c
    - sleep 3600
    image: busybox
    imagePullPolicy: Always
    name: busybox
  restartPolicy: Always

[root@docker-server1 pods]# kubectl delete pod nginx

[root@docker-server1 pods]# kubectl create -f nginx-pods.yaml 

3.3 根据恢复的yaml文件验证

[root@docker-server1 pods]# kubectl get pods

NAME    READY   STATUS    RESTARTS   AGE
nginx   2/2     Running   0          14s

[root@docker-server1 pods]# kubectl get pods -o wide

NAME    READY   STATUS    RESTARTS   AGE   IP           NODE              NOMINATED NODE   READINESS GATES
nginx   2/2     Running   0          27s   10.244.2.8   192.168.132.133   <none>           <none>

[root@docker-server1 pods]# curl http://192.168.132.133:8080

[root@docker-server1 pods]# curl http://10.244.2.8

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
         35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

 pod的简单操作学习到这里

---

博主声明：本文的内容来源主要来自誉天教育晏威老师，由本人实验完成操作验证，需要的博友请联系誉天教育（http://www.yutianedu.com/），获得官方同意或者晏老师（https://www.cnblogs.com/breezey/）本人同意即可转载，谢谢！