Kubernetes之Pod、 Replicaset、 Service、Deployment和Label
Kubernetes之Pod、 Replicaset、 Service、Deployment和Label
deploy控制RS,RS控制Pod,这一整套,向外提供稳定可靠的Service。
1、Pod:
Pod是一个逻辑概念,它是Kubernetes资源调度的单元,一般会把一组功能强相关的容器逻辑上称之为一个pod,Pod就是所说的实例。作为一个逻辑概念,pod本身没有资源,pod中的容器具有资源,创建pod,可以通过定义pod模块。 Pod是一组紧密关联的容器集合,它们共享PID、IPC、Network和UTS namespace,是Kubernetes调度的基本单位。Pod的设计理念是支持多个容器在一个Pod中共享网络和文件系统,可以通过进程间通信和文件共享这种简单高效的方式组合完成服务. 缺点: 不支持高并发, 高可用, 当Pod当机后无法自动恢复。
{
"kind": "Pod",(资源类型)
"apiVersion": "v1", (资源版本)
"metadata": {
"name": "app-tomcat", (名字,唯一)
"namespace": "default", (命名空间默认default)
"labels": {
"name": "app-tomcat" (label做为标识,可以跟RC,Service关联对应)
}
},
"spec": {
"containers": [
{
"name": "app-tomcat", (自定义镜像名称)
"image": "tomcat", (要拉取的镜像)
"command": [ (运行容器时,要运行的命令)
"/bin/bash",
"/opt/apache-tomcat-7.0.57/bin/catalina.sh",
"run"
],
"env": [ (环境变量K,V)
{
"name": "url_addr",
"value": "http://192.168.54.66:8080/paas/jsp/index.jsp"
}
],
"resources": { (对容器资源限制)
"limits": {
"cpu": "1",
"memory": "1073741824"
},
"requests": {
"cpu": "100m",
"memory": "104857600"
}
},
"imagePullPolicy": "Always" (获取镜像策略Always,Never,IfNotPresent)
}
],
"restartPolicy": "Always", (pod重启策略,Always,OnFailure,Never)
"dnsPolicy": "ClusterFirst",
"nodeSelector": { (选择将该pod调度到包含这些label的Node上)
"group": "node1"
}
}
}Pod的状态
pods生命周期
状态 描述 Pending 容器尚未启动成功,它包括从pod被创建到调度、然后到拉镜像开始部署这个过程 Running 容器启动成功 Succeeded 容器退出,返回码是0,并且容器不会再被重新启动 Failed 容器异常退出 Unknown 状态未知,获取不到容器的状态,当出现异常时会有这种状态,例如pod所在的机器故障,或者pod所在的机器上Kubernetes的组件异常。
创建Pod # vi pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: demo
spec:
containers:
- image: httpd
name: httpd
imagePullPolicy: Always# kubectl create -f pod.yaml 查看Pod # kubectl get pods
NAME READY STATUS RESTARTS AGE
demo 1/1 Running 0 8d# kubectl describe pods 删除Pod # kubectl delete pod demo
2、ReplicationController
ReplicationController(简称rc)是pod的复制抽象,用于解决pod的扩容缩容问题。通常,分布式应用为了性能或高可用性的考虑,需要复制多份资源,并且根据负载情况动态伸缩。通过replicationController,我们可以指定一个应用需要几份复制,Kubernetes将为每份复制创建一个pod,并且保证实际运行pod数量总是与该复制数量相等(例如,当前某个pod宕机时,自动创建新的pod来替换)。
RC中selector设置一个label,去关联pod的label,selector的label与pod的label相同,那么该pod就是该rc的一个实例;RC中Replicas设置副本数大小,系统根据该值维护pod的副本数。 Replicaset在继承Pod的所有特性的同时, 它可以利用预先创建好的模板定义副本数量并自动控制, 通过改变Pod副本数量实现Pod的扩容和缩容 缺点: 无法修改template模板, 也就无法发布新的镜像版本 RC模块(内置pod模块):
{
"kind": "ReplicationController",
"apiVersion": "v1",
"metadata": {
"name": "app-tomcat",
"namespace": "default",
"labels": {
"name": "app-tomcat"
}
},
"spec": {
"replicas": 2(副本数),
"selector": {
"name": "app-tomcat(选择的pod的label)"
},
"template": {
"metadata": {
"labels": {
"name": "app-tomcat(pod的label)"
}
},
"spec": {
"containers": [
{
"name": "kaifa2-group-tomcat",
"image": "192.168.54.64:5000/tomcat-248:V1.0",
"command": [
"/bin/bash",
"/opt/apache-tomcat-7.0.57/bin/catalina.sh",
"run"
],
"env": [
{
"name": "url_addr",
"value": "http://192.168.54.64:8080/paas/jsp/index.jsp"
}
],
"resources": {
"limits": {
"cpu": "1",
"memory": "1073741824"
},
"requests": {
"cpu": "100m",
"memory": "104857600"
}
},
"imagePullPolicy": "Always"
}
],
"restartPolicy": "Always",
"nodeSelector": {
"group": "node1"
}
}
}
}
}创建Replicaset
# vi replicaset.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: demo-rc
labels:
app: demo-rc
spec:
replicas: 2
selector:
matchLabels:
app: demo-rc
template:
metadata:
labels:
app: demo-rc
spec:
containers:
- name: httpd
image: httpd
imagePullPolicy: Always# kubectl create -f replicaset.yaml
查看replicaset
# kubectl get replicaset
NAME READY STATUS RESTARTS AGE
demo-rc 1/1 Running 0 8d# kubectl describe replicaset
删除replicaset
# kubectl delete replicaset demo-rc
3、Service
service是pod的路由代理抽象,用于解决pod之间的服务发现问题,即上下游pod之间使用的问题。传统部署方式中,实例所在的主机ip(或者dns名字)一般是不会改变的,但是pod的运行状态可动态变化(比如容器重启、切换机器了、缩容过程中被终止了等),所以访问端不能以写死IP的方式去访问该pod提供的服务。service的引入旨在保证pod的动态变化对访问端透明,访问端只需要知道service的地址,由service来提供代理。
Service的模板:
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "tomcat-yefp",
"namespace": "default",
"labels": {
"name": "tomcat-yefp"
}
},
"spec": {
"ports": [
{
"protocol": "TCP",
"port": 8080(访问端口),
"targetPort": 8080
}
],
"selector": {
"name": "app-tomcat(选择的pod的label)"
},
"type": "ClusterIP",
"sessionAffinity": "None"
}
}EndPoint Endpoint是可被访问的服务端点,即一个状态为running的pod,它是service访问的落点,只有service关联的pod才可能成为endpoint。 Endpoint、service和pod的关系:
更改NodePort限制 Kubernetes默认对外的NodePort限制范围为30000-32767, 这里如果要使用一些常用的端口(80, 8080, 443)需将这个范围放大. # vi /etc/kubernetes/manifests/kube-apiserver.yaml 在--service-cluster-ip-range与insecure-port间添加如下node port配置 - --service-cluster-ip-range=10.96.0.0/12 - --service-node-port-range=0-32767 - --insecure-port=0 重启服务 # systemctl restart kubelet 创建Service # vi svc.yaml
apiVersion: v1
kind: Service
metadata:
name: demo
spec:
type: NodePort
ports:
- port: 80
nodePort: 80
selector:
app: httpd-demo# kubectl create -f svc.yaml Tip: 如果要对某一Pod或deployment添加对外访问端口, 这里service添加的selector的键值需与之相对应. 查看开放端口 # kubectl get svc demo NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE demo NodePort 10.100.96.157 <none> 80:80/TCP 1h # kubectl describe service demo Name: demo Namespace: default Labels: <none> Annotations: <none> Selector: app=httpd-demo Type: NodePort IP: 10.100.96.157 Port: <unset> 80/TCP TargetPort: 80/TCP NodePort: <unset> 80/TCP Endpoints: 10.244.0.36:80,10.244.0.37:80 Session Affinity: None External Traffic Policy: Cluster Events: <none>
4、Deployment
Deployment在继承Pod和Replicaset的所有特性的同时, 它可以实现对template模板进行实时滚动更新并具备我们线上的Application life circle的特性. 创建Deployment # vi deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: httpd-deployment
labels:
app: httpd-deployment
spec:
replicas: 2
selector:
matchLabels:
app: httpd-demo
template:
metadata:
labels:
app: httpd-demo
spec:
containers:
- name: httpd
image: httpd
imagePullPolicy: Always
ports:
- containerPort: 80
env:
- name: VERSION
value: "v1"# kubectl create -f deployment.yaml 查看Deployment # kubectl get deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE httpd-deployment 2 2 2 2 8d # kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE httpd-deployment-956697567-8mqch 1/1 Running 0 8d 10.244.0.36 kube-master httpd-deployment-956697567-wcbs6 1/1 Running 0 8d 10.244.0.37 kube-master # kubectl describe deployment 更新deployment 通过此命令可以呼出vi编辑器对模板进行编辑. # kubectl edit -f deployment.yaml 通过此命令使当前编辑结果生效. # kubectl apply -f deployment.yaml 再次查看可以看到老版本的deployment已经下架, 新版本的已经生效. # kubectl get deployment NAME DESIRED CURRENT READY AGE httpd-deployment-6b98d94474 0 0 0 1m httpd-deployment-956697567 2 2 2 7m 扩容与缩容 可以修改replicas的赋值对deployment进行扩容与缩容 # kubectl scale deployment/httpd-deployment --replicas=1 删除deployment # kubectl delete deployment httpd-deployment
5、Lable
Label是attach到Pod的一对键/值对,用来传递用户定义的属性。比如,你可能创建了一个"tier"和“app”标签,通过Label(tier=frontend, app=myapp)来标记前端Pod容器,使用Label(tier=backend, app=myapp)标记后台Pod。然后可以使用Selectors选择带有特定Label的Pod,让具体某一个Pod或者Deployment去使用某一个Service实现特定的网络配置.
参考文章
https://kubernetes.io/docs/concepts/workloads/pods/pod/
https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/
https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
https://kubernetes.io/docs/concepts/services-networking/service/
https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#interlude-built-in-node-labels