标签:hdss7 kubectl 21 第九章 nginx 详解 kube root dp
1、管理k8s核心资源的三种基础方法
- 陈述式管理方法:主要依赖命令行CLI工具进行管理
- 声明式管理方法:主要依赖统一资源配置清单(manifest)进行管理
- GUI式管理方法:主要依赖图形化操作界面(WEB)进行管理
2、陈述式资源管理方法
陈述式管理方法说白了就是对资源进行CDUR(增删改查),在任意一台运算节点上进行操作。
2.1 管理名称空间资源
2.1.1 查看名称空间
[root@hdss7-21 ~]# kubectl get namespaces
NAME STATUS AGE
default Active 5d23h
kube-node-lease Active 5d23h
kube-public Active 5d23h
kube-system Active 5d23h
使用简写
[root@hdss7-21 ~]# kubectl get ns
NAME STATUS AGE
default Active 5d23h
kube-node-lease Active 5d23h
kube-public Active 5d23h
kube-system Active 5d23h
2.1.2 查看名称空间资源
查看default名称空间的所有资源
[root@hdss7-21 ~]# kubectl get all -n default
NAME READY STATUS RESTARTS AGE
pod/nginx-ds-qbjx6 1/1 Running 2 45h
pod/nginx-ds-w7ktl 1/1 Running 2 45h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 5d23h
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/nginx-ds 2 2 2 2 2 <none> 45h
当不写名称空间时默认使用default名称空间
[root@hdss7-21 ~]# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx-ds-qbjx6 1/1 Running 2 45h
pod/nginx-ds-w7ktl 1/1 Running 2 45h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 5d23h
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/nginx-ds 2 2 2 2 2 <none> 45h
查看pod
[root@hdss7-21 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-ds-qbjx6 1/1 Running 2 45h
nginx-ds-w7ktl 1/1 Running 2 45h
查看service
[root@hdss7-21 ~]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 5d23h
2.1.3 创建名称空间
[root@hdss7-21 ~]# kubectl create namespace app
namespace/app created
[root@hdss7-21 ~]# kubectl get namespace
NAME STATUS AGE
app Active 16s
default Active 5d23h
kube-node-lease Active 5d23h
kube-public Active 5d23h
kube-system Active 5d23h
[root@hdss7-21 ~]# kubectl get all -n app
No resources found.
2.1.4 删除名称空间
[root@hdss7-21 ~]# kubectl delete ns app
namespace "app" deleted
[root@hdss7-21 ~]# kubectl get namespace
NAME STATUS AGE
default Active 5d23h
kube-node-lease Active 5d23h
kube-public Active 5d23h
kube-system Active 5d23h
2.2管理Deployment(pod控制器)资源
2.2.1 创建deployment
[root@hdss7-21 ~]# kubectl get all -n kube-public
No resources found.
[root@hdss7-21 ~]# kubectl create deployment nginx-dp --image=harbor.od.com/public/nginx:v1.7.9 -n kube-public
deployment.apps/nginx-dp created
2.2.2 查看deployment
[root@hdss7-21 ~]# kubectl get all -n kube-public
NAME READY STATUS RESTARTS AGE
pod/nginx-dp-86678bb55c-kt9rd 1/1 Running 0 7s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-dp 1/1 1 1 7s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-dp-86678bb55c 1 1 1 7s
[root@hdss7-21 ~]# kubectl get deployment -n kube-public
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-dp 1/1 1 1 91s
扩展查看
[root@hdss7-21 ~]# kubectl get deployment -o wide -n kube-public
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
nginx-dp 1/1 1 1 7m38s nginx harbor.od.com/public/nginx:v1.7.9 app=nginx-dp
详细查看
[root@hdss7-21 ~]# kubectl describe deployment -n kube-public
Name: nginx-dp
Namespace: kube-public
CreationTimestamp: Fri, 16 Jul 2021 20:41:44 +0800
Labels: app=nginx-dp
Annotations: deployment.kubernetes.io/revision: 1
Selector: app=nginx-dp
Replicas: 1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=nginx-dp
Containers:
nginx:
Image: harbor.od.com/public/nginx:v1.7.9
Port: <none>
Host Port: <none>
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-dp-86678bb55c (1/1 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 9m deployment-controller Scaled up replica set nginx-dp-86678bb55c to 1
2.2.3 查看pod资源
[root@hdss7-21 ~]# kubectl get pod -o wide -n kube-public
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-dp-86678bb55c-kt9rd 1/1 Running 0 110s 172.7.21.3 hdss7-21.host.com <none> <none>
2.2.4 进入pod资源
[root@hdss7-21 ~]# kubectl exec -it nginx-dp-86678bb55c-kt9rd bash -n kube-public
root@nginx-dp-86678bb55c-kt9rd:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:07:15:03 brd ff:ff:ff:ff:ff:ff
inet 172.7.21.3/24 brd 172.7.21.255 scope global eth0
valid_lft forever preferred_lft forever
或者使用docker也可以,不过docker无法跨主机,只有在本机的容器才行
[root@hdss7-21 ~]# docker ps |grep nginx-dp
bece873198a1 84581e99d807 "nginx -g 'daemon of…" 22 minutes ago Up 22 minutes k8s_nginx_nginx-dp-86678bb55c-kt9rd_kube-public_2daa2b8a-e633-11eb-9d00-000c29e396b1_0
8d56eb2e0e0e harbor.od.com/public/pause:latest "/pause" 22 minutes ago Up 22 minutes k8s_POD_nginx-dp-86678bb55c-kt9rd_kube-public_2daa2b8a-e633-11eb-9d00-000c29e396b1_0
[root@hdss7-21 ~]# docker exec -it bece /bin/bash
root@nginx-dp-86678bb55c-kt9rd:/#
2.2.5 删除pod资源(重启)
[root@hdss7-21 ~]# kubectl delete pod nginx-dp-86678bb55c-kt9rd -n kube-public
pod "nginx-dp-86678bb55c-kt9rd" deleted
再次查看,删除了原来容器,重新启动了一个容器在hdss7-22上,查看前面的deployment这个pod控制器的详细信息,可以知道它采用的Replicas是一个副本,所以我们的pod会按照这个预期的期望值对容器进行部署
[root@hdss7-21 ~]# kubectl get pod -o wide -n kube-public
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-dp-86678bb55c-zd6vr 1/1 Running 0 95s 172.7.22.3 hdss7-22.host.com <none> <none>
如果遇到无法删除时,可以加入--force --grace-period=0选项进行强制删除
[root@hdss7-21 ~]# kubectl delete pod nginx-dp-86678bb55c-zd6vr -n kube-public --force --grace-period=0
warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.
pod "nginx-dp-86678bb55c-zd6vr" force deleted
[root@hdss7-21 ~]#
[root@hdss7-21 ~]# kubectl get pod -o wide -n kube-public
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-dp-86678bb55c-c6snd 1/1 Running 0 7s 172.7.21.3 hdss7-21.host.com <none> <none>
2.2.6 删除deployment
[root@hdss7-21 ~]# kubectl get deployment -n kube-public
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-dp 1/1 1 1 36m
[root@hdss7-21 ~]# kubectl delete deployment nginx-dp -n kube-public
deployment.extensions "nginx-dp" deleted
[root@hdss7-21 ~]# kubectl get all -n kube-public
No resources found.
2.3 管理service资源
2.3.1 创建service资源
先创建一个deployment资源
[root@hdss7-21 ~]# kubectl create deployment nginx-dp --image=harbor.od.com/public/nginx:v1.7.9 -n kube-public
deployment.apps/nginx-dp created
[root@hdss7-21 ~]# kubectl get all -n kube-public
NAME READY STATUS RESTARTS AGE
pod/nginx-dp-58f74bd894-9b5f7 0/1 ImagePullBackOff 0 26s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-dp 0/1 1 0 26s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-dp-58f74bd894 1 1 0 26s
创建service资源(暴露一个80服务端口)
[root@hdss7-21 ~]# kubectl expose deployment nginx-dp --port=80 -n kube-public
service/nginx-dp exposed
2.3.2 查看service资源
再次查看多出来一个service资源,IP是192.168.196.123,这样无论如何重启pod,pod地址如何变更,192.168.196.1238这个人servicedeIP都不会变(其作用相当于keepalived的VIP)
[root@hdss7-21 ~]# kubectl describe svc nginx-dp -n kube-public
Name: nginx-dp
Namespace: kube-public
Labels: app=nginx-dp
Annotations: <none>
Selector: app=nginx-dp
Type: ClusterIP
IP: 192.168.196.123
Port: <unset> 80/TCP
TargetPort: 80/TCP
Endpoints: 172.7.21.3:80,172.7.22.3:80
Session Affinity: None
Events: <none>
[root@hdss7-21 ~]# kubectl get all -n kube-public
NAME READY STATUS RESTARTS AGE
pod/nginx-dp-58f74bd894-9b5f7 0/1 ImagePullBackOff 0 2m31s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/nginx-dp ClusterIP 192.168.196.123 <none> 80/TCP 40s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-dp 0/1 1 0 2m31s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-dp-58f74bd894 1 1 0 2m31s
[root@hdss7-21 ~]# curl 192.168.196.123
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
但是注意,这个ip只是一个虚ip,且只有在deployment这个资源的集群中才有用,对外无法显示,如下,在200上就无法识别
[root@hdss7-21 ~]# ping 192.168.196.123
PING 192.168.196.123 (192.168.196.123) 56(84) bytes of data.
64 bytes from 192.168.196.123: icmp_seq=1 ttl=64 time=0.137 ms
^C
--- 192.168.196.123 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.137/0.137/0.137/0.000 ms
[root@hdss7-200 harbor]# ping 192.168.196.123
PING 192.168.196.123 (192.168.196.123) 56(84) bytes of data.
^C
--- 192.168.196.123 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1001ms
2.3.3 查看ipvs代理
[root@hdss7-21 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.1:443 nq
-> 10.4.7.21:6443 Masq 1 0 0
-> 10.4.7.22:6443 Masq 1 0 0
TCP 192.168.196.123:80 nq
-> 172.7.21.3:80 Masq 1 0 0
扩容deployment资源,可以利用deployment资源启动的pod都是被service192.168.196.123代理
[root@hdss7-21 ~]# kubectl scale deployment nginx-dp --replicas=2 -n kube-public
deployment.extensions/nginx-dp scaled
[root@hdss7-21 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.1:443 nq
-> 10.4.7.21:6443 Masq 1 0 0
-> 10.4.7.22:6443 Masq 1 0 0
TCP 192.168.196.123:80 nq
-> 172.7.21.3:80 Masq 1 0 0
-> 172.7.22.3:80 Masq 1 0 0
2.4 陈述式资源管理方法小结
- Kuuernetes集群管理集群资源的唯一入口是通过相应的方法调用apiserver的接口;
- Kubectl是官方的CLI命令行工具,用于与apiserver进行通信,将用户在命令行输入的命令组织并转化为apiserver能识别的信息,进而实现管理k8s集群各种资源的一种有效途径;
- Kubectl的命令详解可以参考下面两种方法:
命令:kubectl --help
中文社区:http://docs.kubernetes.org.cn/683.html - 陈述式资源管理方法可以满足90%以上的资源管理需求,但是它的缺点也很明显:
命令冗长复杂,难以记忆;
特定场景下无法满足管理需求;
对资源的增删查操作比较容易,但是对于改操作就比较复杂。
标签:hdss7,kubectl,21,第九章,nginx,详解,kube,root,dp 来源: https://www.cnblogs.com/wangyuanguang/p/15022097.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。