正文

Kubernetes之(六)资源清单定义

admin
admin V管理员 /0 评论 /225 阅读
0111
此篇文章发布距今已超过671天,您需要注意文章的内容或图片是否可用!

目录

Kubernetes之(六)资源清单定义

常用资源

利用配置清单定义自主式Pod资源

Kubernetes之(六)资源清单定义

常用资源

服务发现及均衡

Sevice,Ingress,...

配置与存储

Volume,CSI,ConfigMap,Secret,DownwardAPI

集群级资源

Namespace,Node,Role,ClusterRole,RoleBinding,ClusterRoleBinding

元数据型资源

HPA,PodTemplate,LimitRange

Kubernetes不只是使用命令行进行配置,常用使用yaml文件来创建配置清单

Pod的资源清单

apiserver仅接收JSON格式的资源定义;

当我们使用kubectl run直接创建资源的时候会被自动转换为JSON格式传给apiserver;

使用yaml格式提供配置清单,apiserver可自动将其转换为JSON格式,然后再提交

root@master ~
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: 
  generateName: myapp-9b4987d5-
  labels:
    pod-template-hash: 9b4987d5
    run: myapp
  name: myapp-9b4987d5-djdr9
  namespace: default
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: 
    controller: 
    kind: ReplicaSet
    name: myapp-9b4987d5
    uid: bc03afbd-5120-11e9-80a7-000c295ec349
  resourceVersion: 
  selfLink: /api/v1/namespaces/default/pods/myapp-9b4987d5-djdr9
  uid: 995067e0-5124-11e9-80a7-000c295ec349
spec:
  containers:
  - image: ikubernetes/myapp:v1
    imagePullPolicy: IfNotPresent
    name: myapp
    resources: 
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: default-token-dqd2f
      readOnly: 
  dnsPolicy: ClusterFirst
  enableServiceLinks: 
  nodeName: node02
  priority: 
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: 
  serviceAccount: default
  serviceAccountName: default
  terminationGracePeriodSeconds: 
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 
  volumes:
  - name: default-token-dqd2f
    secret:
      defaultMode: 
      secretName: default-token-dqd2f
status:
  conditions:
  - lastProbeTime: null
    lastTransitionTime: 
    status: 
    type: Initialized
  - lastProbeTime: null
    lastTransitionTime: 
    status: 
    type: Ready
  - lastProbeTime: null
    lastTransitionTime: 
    status: 
    type: ContainersReady
  - lastProbeTime: null
    lastTransitionTime: 
    status: 
    type: PodScheduled
  containerStatuses:
  - containerID: docker://69b4cab1eb139c8e9c23e79792782db739fae21bedbc9199e1ab75b10729b038
    image: ikubernetes/myapp:v1
    imageID: docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
    lastState: 
    name: myapp
    ready: 
    restartCount: 
    state:
      running:
        startedAt: 
  hostIP: .0.12
  phase: Running
  podIP: .2.13
  qosClass: BestEffort
  startTime:

大部分资源清单有以下五个字段组成:

apiVersion: group/version # 指明api资源所属的群组及版本,使用kubectl api-version可查看,同一组子资源可以有多个版本

kind: 资源类别,Pod,ReplicaSet,Deployment,StatefulSet,DaemonSet,Job,Cronjob 。注意大小写

metadata: 元数据

name:同一类别要求名字唯一

namespace:对应的对象属于哪个名称空间,默认default

labels: 标签,搜友资源都可以有标签,K/V类型

annotations:资源注解

每个资源的引用PATH

/api/GROUP/VERSION/namespaces/NAMESPACE/TYPE/NAME

小写是固定字符,大写是根据实际情况修改

**spec:**最重要字段,定义目标的期望状态,desired state,不同类型资源内部可能有所不同

**status:**当前状态(只读)本字段由kubernetes进行维护

以上可以使用kubectl explain 进行查看相应字段

root@master ~
KIND:     Pod
VERSION:  v1
DESCRIPTION:
     Pod is a collection of containers that can run on a host. This resource is
     created by clients and scheduled onto hosts.
FIELDS:
   apiVersion   string
     APIVersion defines the versioned schema of this representation of an
     object. Servers should convert recognized schemas to the latest internal
     value, and may reject unrecognized values. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md
   kind string
     Kind is a string value representing the REST resource this object
     represents. Servers may infer this from the endpoint the client submits
     requests to. Cannot be updated. In CamelCase. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md
   metadata     Object
     Standard object's metadata. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md
   spec Object
     Specification of the desired behavior of the pod. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md
   status       Object
     Most recently observed status of the pod. This data may not be up to date.
     Populated by the system. Read-only. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md

查看下一集字段,例如pods下的metadata,使用kubectl explain pods.metadata,以此类推.

二级字段下,每一种字段都有对应的键值类型,常用类型大致如下:

<[ ]string>:表示是一个字串列表,也就是字串类型的数组

<Object>:表示是可以嵌套的字段

<map[string]string>:表示是一个由键值组成映射

<[ ]Object>:表示是一个对象列表

<[ ]Object> -required-:required表示该字段是一个必选的字段

利用配置清单定义自主式Pod资源

root@master ~
root@master ~
root@master manifests
  labels:
apiVersion: v1
kind: Pod
metadata:
  name: pod-demo
  namespace: default
  labels:
    app: myapp
    tier: frontend
spec:
  containers:
  - name: myapp
    image: ikubernetes/myapp:v1
  - name: busybox
    image: busybox 
    command:
    - 
    - 
    -

使用**kubectl create -f **.yaml**创建资源

root@master manifests
pod/pod-demo created
root@master manifests
Name:               pod-demo
Namespace:          default
Priority:           
PriorityClassName:  none
Node:               node02/10.0.0.12
Start Time:         Thu,  Mar  :27:35 +0800
Labels:             myapp
                    frontend
Annotations:        none
Status:             Running
IP:                 .2.15
Containers:
  myapp:
    Container ID:   docker://81fcdf25bac4f9691aaa80ccf1acd0fe565575ea894d07ea1c382e0366bcbfba
    Image:          ikubernetes/myapp:v1
    Image ID:       docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
    Port:           none
    Host Port:      none
    State:          Running
      Started:      Thu,  Mar  :27:35 +0800
    Ready:          True
    Restart Count:  
    Environment:    none
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-dqd2f ro
  busybox:
    Container ID:  docker://af0d0f76b0f6ba9eeaea18178d1d9cf3a052176e219471896a56d727622c9a36
    Image:         busybox
    Image ID:      docker-pullable://busybox@sha256:061ca9704a714ee3e8b80523ec720c64f6209ad3f97c0ff7cb9ec7d19f15149f
    Port:          none
    Host Port:     none
    Command:
      /bin/sh
      -c
    State:          Running
      Started:      Thu,  Mar  :27:37 +0800
    Ready:          True
    Restart Count:  
    Environment:    none
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-dqd2f ro
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  default-token-dqd2f:
    Type:        Secret a volume populated by a Secret
    SecretName:  default-token-dqd2f
    Optional:    
QoS Class:       BestEffort
Node-Selectors:  none
Tolerations:     node.kubernetes.io/not-ready:NoExecute  300s
                 node.kubernetes.io/unreachable:NoExecute  300s
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  13s   default-scheduler  Successfully assigned default/pod-demo to node02
  Normal  Pulled     13s   kubelet, node02    Container image  already present on machine
  Normal  Created    13s   kubelet, node02    Created container
  Normal  Started    13s   kubelet, node02    Started container
  Normal  Pulling    13s   kubelet, node02    pulling image 
  Normal  Pulled     11s   kubelet, node02    Successfully pulled image 
  Normal  Created    11s   kubelet, node02    Created container
  Normal  Started    11s   kubelet, node02    Started container

使用kubectl delete -f .yaml删除资源

使用kubectl logs POD_NAME -c CONTAINER_NAME 查看指定Pod内的指定容器的日志

使用kubectl exec -it POD_NAME-c CONTAINER_NAME -- /bin/sh ** 交互式进入指定Pod内的指定容器内部

宙飒天下网