文章目录
一个基本资源清单、yaml文件
apiVersion:String,K8S 的接口版本,使用:kubectl api-versions 可以看待当前支持的接口版本,常用的是 v1。
kind:String,指定资源清单的类型,如自主式 Pod 的类型就是 Pod。
metadata:Object,其下面主要的参数包含:
labels:K / V,给这个资源打标签。
name:String,给这个资源设置一个名称。
namespace:String,指定资源所属的名称空间,默认是 default。
spec:Object,主要配置容器信息,其下面主要的参数包含:
containers:List(必要参数),意味着可以定义多个,其下面的主要参数包含:
name:String(必要参数),指定容器的名称。
image:String,指定容器镜像。
imagePullPolicy:String,值为 Always(无论本地是否有该镜像都去仓库拉取),Nerver(只用本地,不去仓库拉取),IfNotPresent(如果本地有,则不去仓库拉取,latest 版本除外)
command:List,指定容器启动命令,替换容器默认的命令。
args:List,指定容器启动命令的参数。
workingDir:String,指定容器的工作目录。
env:List,用于传递环境变量,其下面主要的参数包含:
name:String,变量名称。
value:String,变量的值。
ports:List,其主要的参数包含:
name:String,指定容器端口名称。
containerPort:Integer(必要参数),指定容器监听的端口。
protocol:String,协议类型。
restartPolicy:String,指定 Pod 重启策略,Always(停止就重启),OnFailure(错误推出则重启),Never(永不重启)
status:Object,系统生成,不需要用户定义。
快速创建一个模板
[root@k8s1 ~]# kubectl run demo --image=nginx --dry-run=client -o yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: demo
name: demo
spec:
containers:
- image: nginx
name: demo
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
[root@k8s1 ~]# kubectl run demo --image=nginx --dry-run=client -o yaml > pod.yaml
[root@k8s1 ~]# kubectl apply -f pod.yaml
pod/demo created
[root@k8s1 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
demo 0/1 ContainerCreating 0 13s
[root@k8s1 ~]# kubectl delete -f pod.yaml
pod "demo" deleted
[root@k8s1 ~]# kubectl get pod
No resources found in default namespace.
[root@k8s1 ~]#
查看资源清单参数详解
[root@k8s1 ~]# kubectl explain pod.spec.containers
1.常见参数:设置镜像拉取策略参数imagePullPolicy
[root@k8s1 ~]# vim pod.yaml
[root@k8s1 ~]# kubectl apply -f pod.yaml
pod/demo created
[root@k8s1 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
demo 1/1 Running 0 7
[root@k8s1 ~]# kubectl delete -f pod.yaml
pod "demo" deleted
2.常见参数:在一个pod内创建多个容器,注意不能使用相同镜像
[root@k8s1 ~]# vim pod.yaml
[root@k8s1 ~]# kubectl apply -f pod.yaml
pod/demo created
[root@k8s1 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
demo 0/2 ContainerCreating 0 4s
[root@k8s1 ~]# kubectl describe pod demo
Name: demo
Namespace: default
Priority: 0
Node: k8s3/10.244.3.14
Start Time: Thu, 27 Oct 2022 15:17:58 +0800
Labels: run=demo
Annotations: <none>
Status: Running
IP: 10.244.2.6
IPs:
IP: 10.244.2.6
Containers:
demo:
Container ID: docker://e22a5cf72f214eb1c772568c072e0f9e884f6fa31c0f2ed328b9a3fe142f214b
Image: nginx
Image ID: docker-pullable://nginx@sha256:47a8d86548c232e44625d813b45fd92e81d07c639092cd1f9a49d98e1fb5f737
Port: <none>
Host Port: <none>
State: Running
Started: Thu, 27 Oct 2022 15:17:58 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-wxj8h (ro)
busybox:
Container ID: docker://d63ec885a888bd6b49f1084fbee2fd75a81e18766d972c7c81e74532fad57b97
Image: busybox
Image ID: docker-pullable://busybox@sha256:6bdd92bf5240be1b5f3bf71324f5e371fe59f0e153b27fa1f1620f78ba16963c
Port: <none>
Host Port: <none>
State: Running
Started: Thu, 27 Oct 2022 15:18:06 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-wxj8h (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kube-api-access-wxj8h:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 36s default-scheduler Successfully assigned default/demo to k8s3
Normal Pulled 36s kubelet Container image "nginx" already present on machine
Normal Created 36s kubelet Created container demo
Normal Started 36s kubelet Started container demo
Normal Pulling 36s kubelet Pulling image "busybox"
Normal Pulled 28s kubelet Successfully pulled image "busybox" in 7.991213407s
Normal Created 28s kubelet Created container busybox
Normal Started 28s kubelet Started container busybox
[root@k8s1 ~]#
3.常见参数:端口映射
端口映射到k8s2
[root@k8s1 ~]# vim pod.yaml
[root@k8s1 ~]# kubectl apply -f pod.yaml
pod/demo created
[root@k8s1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo 1/1 Running 0 3s 10.244.1.7 k8s2 <none> <none>
[root@k8s1 ~]# iptables -t nat -nL|grep :80
[root@k8s1 ~]#
在k8s2节点查看,端口映射到80
[root@k8s2 ~]# iptables -t nat -nL|grep :80
CNI-HOSTPORT-SETMARK tcp -- 10.244.1.0/24 0.0.0.0/0 tcp dpt:80
CNI-HOSTPORT-SETMARK tcp -- 127.0.0.1 0.0.0.0/0 tcp dpt:80
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:10.244.1.7:80
[root@k8s2 ~]#
4.常见参数:资源限制
cpu核心:0.1=100m 1=1000m
[root@k8s1 ~]# vim pod.yaml
[root@k8s1 ~]# kubectl apply -f pod.yaml
pod/demo created
[root@k8s1 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
demo 1/1 Running 0 6s
[root@k8s1 ~]# kubectl describe pod demo
Name: demo
Namespace: default
Priority: 0
Node: k8s2/10.244.3.13
Start Time: Thu, 27 Oct 2022 15:37:33 +0800
Labels: run=demo
Annotations: <none>
Status: Running
IP: 10.244.1.8
IPs:
IP: 10.244.1.8
Containers:
demo:
Container ID: docker://a86997923b550273844581f0555ca1d51190317d2f239d58830f4e6e8a6afbc8
Image: nginx
Image ID: docker-pullable://nginx@sha256:79c77eb7ca32f9a117ef91bc6ac486014e0d0e75f2f06683ba24dc298f9f4dd4
Port: 80/TCP
Host Port: 80/TCP
State: Running
Started: Thu, 27 Oct 2022 15:37:33 +0800
Ready: True
Restart Count: 0
Limits:
cpu: 200m
memory: 512Mi
Requests:
cpu: 100m
memory: 200Mi
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-dt2q2 (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kube-api-access-dt2q2:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Pulled 42s kubelet Container image "nginx" already present on machine
Normal Created 42s kubelet Created container demo
Normal Started 42s kubelet Started container demo
Normal Scheduled 42s default-scheduler Successfully assigned default/demo to k8s2
[root@k8s1 ~]#
5.常见参数:标签
查看节点标签kubectl get node --show-labels
[root@k8s1 ~]# kubectl get node --show-labels
NAME STATUS ROLES AGE VERSION LABELS
k8s1 Ready control-plane,master 11d v1.23.12 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s1,kubernetes.io/os=linux,node-role.kubernetes.io/control-plane=,node-role.kubernetes.io/master=,node.kubernetes.io/exclude-from-external-load-balancers=
k8s2 Ready <none> 11d v1.23.12 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s2,kubernetes.io/os=linux
k8s3 Ready <none> 11d v1.23.12 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s3,kubernetes.io/os=linux
[root@k8s1 ~]#
比如给主机k8s3加一个标签
[root@k8s1 ~]# kubectl label nodes k8s3 disktype=ssd
node/k8s3 labeled
编写yaml文件
pod被分配到k8s3上
[root@k8s1 ~]# vim pod.yaml
[root@k8s1 ~]# kubectl apply -f pod.yaml
pod/demo created
[root@k8s1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo 1/1 Running 0 15s 10.244.2.10 k8s3 <none> <none>
[root@k8s1 ~]#
此时,主机直接使用的是Pod的网络
[root@k8s1 ~]# curl k8s3
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@k8s1 ~]#
如果设置nodeSelector为一个不存在的标签,将会无法调度,那么pod将会处于Pending状态
本文含有隐藏内容,请 开通VIP 后查看