Pod基本概念
阿新 • • 發佈:2021-12-23
Pod基本概念
Pod是Kubernetes建立和管理的最小單元,一個Pod由一個容器或多個容器組成,這些容器共享儲存、網路。
Pod特點:
- 一個Pod可以理解為是一個應用例項,提供服務
- Pod中容器始終部署在一個Node上
- Pod中容器共享網路、儲存資源
- Kubernetes直接管理Pod,而不是容器
Pod存在的意義
Pod主要用法:
- 執行單個容器:最常見的用法,在這種情況下,可以將Pod看做是單個容器的抽象封裝
- 執行多個容器:封裝多個緊密耦合且需要共享資源的應用程式
如果有這些需求,你可以執行多個容器:
- 兩個應用之間發生檔案互動
- 兩個應用需要通過127.0.0.1或者socket通訊
- 兩個應用需要發生頻繁的呼叫
Pod資源共享實現機制
共享網路:將業務容器網路加入到“負責網路的容器”實現網路共享
共享網路:容器通過資料卷共享資料
Pod管理命令
- 建立pod:
- kubectl apply -f pod.yaml
- 或者使用命令 kubectl run nginx --image=nginx
- 檢視pod:
- kubectl get pods
- kubectl describe pod<pod名稱>
- 檢視日誌:
- kubectl logs<pod名稱>[-c CONTAINER]
- kubectl logs<pod名稱>[-c CONTAINER]
- 進入容器終端:
- kubectl exec<pod名稱>[-c CONTAINER] --bash
- 刪除pod:
- kubectl delete<pod名稱>定義pod
apiVersion:v1
kind:Pod
metadata:
name:my-pod
spec:
containers:
- name:container1
image:nginx
- name: container2
image:centos
重啟策略+健康檢查(應用自修復)
重啟策略:
- Always:當容器終止退出後,總是重啟容器,預設策略。
- OnFailure:當容器異常退出(退出狀態碼非O)時,才重啟容器。
- Never:當容器終止退出,從不重啟容器。
健康檢查型別:
- livenessProbe (存活檢查)︰如果檢查失敗,將殺死容器,根據Pod的restartPolicy來操作。
- readinessProbe (就緒檢查)∶如果檢查失敗,Kubernetes會把Pod從service endpoints中剔除。
支援的檢查方法:
- httpGet:傳送HTTP請求,返回200-400範圍狀態碼為成功。
- exec:執行Shell命令返回狀態是0為成功。
- tcpSocket:發起TCP Socke建立成功。
示例:埠探測
apiVersion: v1
kind: Pod
metadata:
name: probe-demo
namespace: demo
spec
containers:
- name: web
image: nginx
ports:
- containerPort: 8o
livenessProbe:
tcpSocket:
port: 80
initialDelaySeconds:30
periodSeconds: 10
readinessProbe:
tcpSocket:
port: 8o
initialDelaySeconds: 30
periodSeconds: 10
執行shell指令
livenessProbe:
exec:
command:
- cat
- /tmp/healthy
HTTP請求
livenessProbe:
httpGet:
path: /healthy
port: 8080
httpHeaders:
- name:Custon-Header
value: Awesome
環境變數
變數值幾種定義方式:
- 自定義變數值
- 變數值從Pod屬性獲取
- 變數值從Secret、ConfigMap獲取
apiVersion: v1
kind: Pod
metadata:
name: pod-envars
spec:
containers:
- name: test
image: busybox
command: [ "sh". "-c","sleep 36000"]
env:
- name: MY_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name:MY_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: MY_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podlP
- name:ABC
value: "123456"
Init Container
Init Container:顧名思義,用於初始化工作,執行完就結束,可以理解為一次性任務。
- 支援大部分應用容器配置,但不支援健康檢查
- 優先應用容器執行
應用場景:
- 環境檢查:例如確保應用容器依賴的服務啟動後再啟動應用容器
- 初始化配置:例如給應用容器準備配置檔案
部署一個web網站,網站程式沒有打到映象中,而是希望從程式碼倉庫中動態拉取放到應用容器中。
apiVersion: v1
kind: Pod
metadata:
name: init-demo
spec:
initContainers:
- name: download
image: busybox
command:
- wget-"-O"
- "/opt/index.html"- http://www.ctnrs.com
volumeMounts:
- name: wwwroot
mountPath: "/opt"
containers:
- name: nginx
image: nginx
port:
- containerPort: 80
volumeMounts:
- name: wwwroot
mountPath: /usr/share/nginx/html
volumes:
- name: wwwroot
emptyDir: {}
通過資源定義方式建立一個haproxy的pod進行負載均衡
要能夠在瀏覽器上看到負載均衡的效果,要求要用到健康檢查、初始化容器、環境變數
[root@master ~]# vim Dockerfile
FROM busybox
RUN mkdir /data && echo 'hello,this is a test page > /data/index.html
CMD ["/bin/httpd","-f","-h","/data"]
[root@master ~]# docker build -t bravealove1/httpd:v0.1
Successfully built 8adfcb109338
Successfully tagged aimmi/httpd:v0.1
[root@master ~]# vim Dockerfile
FROM busybox
RUN mkdir /data && echo 'hello,this is a test page 2' > /data/index.html
CMD ["/bin/httpd","-f","-h","/data"]
[root@master ~]# docker build -t aimmi/httpd:v0.2 .
Successfully built 9a5188dcf431
Successfully tagged bravealove1/httpd:v0.2
[root@master ~]# vim web.yaml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: web1
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: web1
template:
metadata:
labels:
app: web1
spec:
containers:
- image: aimmi/httpd:v0.1
imagePullPolicy: IfNotPresent
name: web1
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: web2
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: web2
template:
metadata:
labels:
app: web2
spec:
containers:
- image: aimmi/httpd:v0.2
imagePullPolicy: IfNotPresent
name: web2
---
apiVersion: v1
kind: Service
metadata:
name: web1
namespace: default
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: web1
type: NodePort
---
apiVersion: v1
kind: Service
metadata:
name: web2
namespace: default
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: web2
type: NodePort
[root@master ~]# kubectl apply -f web.yaml
deployment.apps/web1 created
deployment.apps/web2 created
service/web1 created
service/web2 created
[root@master ~]# vim haproxy.yaml
---
apiVersion: apps/v1
kind: Pod
metadata:
name: haproxy
namespace: default
labels:
app: haproxy
spec:
restartPolicy: OnFailure
initContainers:
- name: cfgfile
volumeMounts:
- name: haproxyconfigfile
mountPath: /tmp
containers:
- image: bravealove1/haproxy:latest
imagePullPolicy: IfNotPresent
name: haproxy
env:
- name: RSIP
value: "web1 web2 "
livenessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 30
periodSeconds: 10
---
apiVersion: v1
kind: Service
metadata:
name: haproxy
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: haproxy
type: NodePort
[root@master ~]# kubectl apply -f haproxy.yml
deployment.apps/haproxy created
service/haproxy created