容器列表
[root@server2 manifest]# vim pod.yml
apiVersion: v1
kind: Pod
metadata:
name: myapp
# namespace: default
# labels:
spec:
containers:
- name: myappv1
image: myapp:v1
- name: myappv2
image: myapp:v2 #在這裏定義兩個容器
[root@server2 manifest]# kubectl create -f pod.yml
pod/myapp created
[root@server2 manifest]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp 1/2 Error 4 2m5s
[root@server2 manifest]# kubectl logs myapp myappv2
2020/06/26 02:57:40 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address in use) # 這裏
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address in use)
由於myapp這個容器開起的是一個服務,所以在pod當中開啓多個同樣容器時,端口就會出現搶奪,其中一個容器就會一直重啓,所以不能同時開啓端口一樣的兩個容器。
# 修改:
apiVersion: v1
kind: Pod
metadata:
name: myapp
# namespace: default
# labels:
spec:
containers:
- name: myappv1
image: myapp:v1
- name: demo
image: busyboxplus # 這是一個交互式的終端,需要下面三個參數的支持
tty: true # 打開一個終端,需要 stdin 和stdinOnce的支持。
stdin: true
stdinOnce: true
[root@server2 manifest]# kubectl delete -f pod.yml
pod "myapp" deleted
[root@server2 manifest]# kubectl apply -f pod.yml
pod/myapp created
[root@server2 manifest]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp 2/2 Running 0 10s
[root@server2 manifest]# kubectl attach myapp -c demo -it #-c指定容器,-it 交互
If you don't see a command prompt, try pressing enter.
/ #
/ # curl localhost
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
再這個容器卻可以本地訪問myapp:v1容器開啓的端口,這時因爲同一個pod中的容器共用網絡。
那末對於myapp打開一個服務並沒有打開一個終端的容器怎麼連接哪?
[root@server2 manifest]# kubectl exec -it myapp -c myappv1 sh #exec讓他打開一個shell
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.
/ # netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1/nginx: master pro
/ # cat /etc/hostname
myapp
/ # cd /usr/share/nginx/html/
/usr/share/nginx/html # cat index.html
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
關閉這些服務後,k8s會自動進行重啓。
鏡像拉取策略
[root@server2 manifest]# kubectl explain pod.spec.containers
imagePullPolicy <string>
Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always
if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated.
默認總會去倉庫拉取最新的,這就要求我們再更新鏡像的時候打上一個最新的標籤。
使用:
spec:
containers:
- name: myappv1
image: myapp:v1
- name: demo
image: busyboxplus
tty: true
stdin: true
stdinOnce: true
imagePullPolicy: IfNotPresent
在這裏加上參數就行了。IfNotPresent 當我們本地沒有的時候纔去拉取
端口映射
[root@server2 manifest]# vim pod.yml
apiVersion: v1
kind: Pod
metadata:
name: myapp
# namespace: default
# labels:
spec:
containers:
- name: myappv1
image: myapp:v1
ports:
- name: http
containerPort: 80 #端口映射,就不用再命令行中加參數了
hostPort: 80
[root@server2 manifest]# kubectl apply -f pod.yml
pod/myapp created
[root@server2 manifest]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp 1/1 Running 0 6s 10.244.2.22 server4 <none> <none>
# 再server4上查看端口映射
[root@server4 ~]# iptables -t nat -nL| grep :80
CNI-HOSTPORT-SETMARK tcp -- 10.244.2.22 0.0.0.0/0 tcp dpt:80
CNI-HOSTPORT-SETMARK tcp -- 127.0.0.1 0.0.0.0/0 tcp dpt:80
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:10.244.2.22:80
使用主機網絡模式
[root@server2 manifest]# vim pod.yml
apiVersion: v1
kind: Pod
metadata:
name: myapp
# namespace: default
# labels:
spec:
containers:
- name: myappv1
image: myapp:v1
hostNetwork: true #默認是false
# - name: demo
# image: busyboxplus
# tty: true
# stdin: true
# stdinOnce: true
# imagePullPolicy: IfNotPresent
[root@server2 manifest]# kubectl apply -f pod.yml
kubepod/myapp created
[root@server2 manifest]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp 1/1 Running 0 5s 172.25.254.4 server4 <none> <none>
[root@server2 manifest]# curl 172.25.254.4
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
172.25.254.4 正是我們server4的ip地址,共用了網絡,但是這種容器只能開啓一個,不能有副本,因爲ip只有一個,會衝突。
pod重啓策略
restartPolicy,定義pod的重啓策略,有always,onfailure,never,默認爲always,就是無論容器如何終止,時中去重啓它,onfailure是隻有pod以非0退出碼終止時,纔會重啓它,就是當正常退出時(0)不重啓,never,將退出碼報告給master,永不重啓。
[root@server2 manifest]# kubectl exec -it myapp -c myappv1 sh # 交互式訪問,
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.
/usr/share/nginx # nginx -s stop # 關閉nginx
2020/06/26 03:58:21 [notice] 18#18: signal process started
/usr/share/nginx # command terminated with exit code 137
[root@server2 manifest]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp 1/1 Running 1 68s 10.244.2.23 server4 <none> <none>
## 進行了重啓
現在我們加上never參數:
[root@server2 manifest]# kubectl delete -f pod.yml # 刪除之前的
vim podpod "myapp" deleted
[root@server2 manifest]# vim pod.yml
apiVersion: v1
kind: Pod
metadata:
name: myapp
# namespace: default
# labels:
spec:
containers:
- name: myappv1
image: myapp:v1
restartPolicy: Never # 永不重啓
[root@server2 manifest]# kubectl apply -f pod.yml
pod/myapp created
[root@server2 manifest]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp 1/1 Running 0 4s 10.244.2.24 server4 <none> <none>
[root@server2 manifest]# kubectl exec -it myapp -c myappv1 sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.
/ # nginx -s stop
2020/06/26 04:01:52 [notice] 12#12: signal process started
/ # command terminated with exit code 137
[root@server2 manifest]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp 0/1 Completed 0 20s 10.244.2.24 server4 <none> <none>
#容器就顯示完成了,就不再重啓
[root@server2 manifest]# kubectl get pod -o yaml |less
我們可以導出到yaml文件格式來查看具體的格式,這種方法還可以用與忘記格式時使用
resource資源限制
[root@server2 manifest]# vim pod.yml
apiVersion: v1
kind: Pod
metadata:
name: myapp
# namespace: default
# labels:
spec:
containers:
- name: myappv1
image: myapp:v1
resources:
requests: # 下限
memory: 100Mi
cpu: 0.1
limits: # 上限
memory: 200Mi
cpu: 0.2
[root@server2 manifest]# kubectl apply -f pod.yml
kubec getpod/myapp created
[root@server2 manifest]# kubectl describe pod myapp
Name: myapp
Namespace: default
...
Limits:
cpu: 200m
memory: 200Mi
Requests:
cpu: 100m
memory: 100Mi
...
結點選擇器
nodeSelector,定義node的label過濾標籤,以key:value格式指定。
[root@server2 manifest]# kubectl get node --show-labels
NAME STATUS ROLES AGE VERSION LABELS
...
server4 Ready <none> 7d15h v1.18.3 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,
kubernetes.io/hostname=server4,kubernetes.io/os=linux
[root@server2 manifest]# vim pod.yml
kind: Pod
metadata:
name: myapp
# namespace: default
# labels:
spec:
containers:
- name: myappv1
image: myapp:v1
resources:
requests:
memory: 100Mi
cpu: 0.1
limits:
memory: 200Mi
cpu: 0.2
- [ ] nodeSelector:
kubernetes.io/hostname: server4 選擇server4的標籤
[root@server2 manifest]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp 1/1 Running 0 4s 10.244.2.25 server4 <none> <none>
是在server4上.
[root@server2 manifest]# vim pod.yml
- [ ] nodeSelector:
kubernetes.io/hostname: server3 改爲server3的標籤
[root@server2 manifest]# kubectl apply -f pod.yml
pod/myapp created
[root@server2 manifest]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp 1/1 Running 0 3s 10.244.1.48 server3 <none> <none>
就運行在server3上了
運行命令
指定容器的啓動命令。
apiVersion: v1
kind: Pod
metadata:
name: pod-example
spec:
containers:
- name: ubuntu
image: ubuntu:trusty
command: ["echo"]
args: ["Hello World"] # 加上這兩個參數就行了,也可以都寫到command中,用,隔開。
打標籤
[root@server2 manifest]# vim pod.yml
apiVersion: v1
kind: Pod
metadata:
name: myapp
labels:
wo: myapp
spec:
containers:
- name: myappv1
image: myapp:v1
[root@server2 manifest]# kubectl apply -f pod.yml
pod/myapp created
[root@server2 manifest]# kubectl get pod --show-labels
NAME READY STATUS RESTARTS AGE LABELS
myapp 1/1 Running 0 14s wo=myapp
[root@server2 manifest]# kubectl get pod -l wo # 過濾包含wo的標籤
NAME READY STATUS RESTARTS AGE
myapp 1/1 Running 0 90s
[root@server2 manifest]# kubectl get pod -L wo
NAME READY STATUS RESTARTS AGE WO
myapp 1/1 Running 0 2m myapp
[root@server2 manifest]# kubectl label pod myapp version=v1 #打新的標籤
pod/myapp labeled
[root@server2 manifest]# kubectl get pod --show-labels
NAME READY STATUS RESTARTS AGE LABELS
myapp 1/1 Running 0 4m39s version=v1,wo=myapp
[root@server2 manifest]# kubectl label pod myapp version=v2 --overwrite #更改標籤
pod/myapp labeled
[root@server2 manifest]# kubectl get pod --show-labels
NAME READY STATUS RESTARTS AGE LABELS
myapp 1/1 Running 0 5m56s version=v2,wo=myapp
[root@server2 manifest]# kubectl label pod myapp wo=ni --overwrite
pod/myapp labeled
[root@server2 manifest]# kubectl get pod --show-labels
NAME READY STATUS RESTARTS AGE LABELS
myapp 1/1 Running 0 6m8s version=v2,wo=ni