1. k8s-pod常用管理命令
-
建立Pod:kubectl apply -f pod.yamlkubectl run nginx
--image=nginx
-
檢視Pod:kubectl
get
podskubectldescribe
pod<
Pod名稱>
-
檢視日誌:kubectl logs <Pod名稱>
[-c CONTAINER]
kubectl logs <Pod名稱>[-c CONTAINER]
-f -
進入容器終端:kubectl exec <Pod名稱>
[-c CONTAINER]--bash
-
刪除Pod:kubectl
delete
<Pod名稱> -
匯出pod的yaml配置檔案[root@k8s-master yaml]# kubectl get podsNAME READY STATUS RESTARTS AGEnginx-6799fc88d8-s5wvx
1
/1
Running140h
test-5f655598-5jfrt1
/1
Running120h
test-5f655598-bhhm41
/1
Running120h
test-5f655598-v5l8f1
/1
Running120h
web-674477549d
-flj781
/1
Running139h
web-674477549d
-m7lsj1
/1
Running123h
web-674477549d
-stk841
/1
Running123h
[root@k8s-master yaml]# kubectl get pods web-674477549d
-flj78 -o yaml >web-pod.
yaml
2. k8s-pod案例

2.1 實現網路共享
2.1.1 匯出配置檔案,進行編寫案例
-
編寫匯出的web-pod.yaml檔案進行測試[root@k8s-master yaml]# kubectl get podsNAME READY STATUS RESTARTS AGEnginx-6799fc88d8-s5wvx 1/1 Running 1 40htest-5f655598-5jfrt 1/1 Running 1 20htest-5f655598-bhhm4 1/1 Running 1 20htest-5f655598-v5l8f 1/1 Running 1 20hweb-674477549d-flj78 1/1 Running 1 39hweb-674477549d-m7lsj 1/1 Running 1 23hweb-674477549d-stk84 1/1 Running 1 23h[root@k8s-master yaml]# kubectl get pods web-674477549d-flj78 -o yaml >web-pod.yaml[root@k8s-master yaml]# vim web-pod.yaml[root@k8s-master yaml]# cat web-pod.yamlapiVersion: v1kind: Podmetadata:labels:app: pod-testname: pod-net-testnamespace: defaultspec:containers:- image: busyboximagePullPolicy: Alwaysname: pod-testcommand: ["/bin/sh"]args:- "-c"- "sleep 3000000"- image: nginxname: web
2.1.2 啟動配置檔案
[root@k8s-master yaml]
# kubectl apply -f web-pod.yaml
pod/pod-net-test created
2.1.3 監控pod是否啟動
[root@k8s-master yaml]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6799fc88d8-s5wvx 1/1 Running 1 41h
pod-net-test 0/2 ContainerCreating 0 19s
test-5f655598-5jfrt 1/1 Running 1 21h
test-5f655598-bhhm4 1/1 Running 1 21h
test-5f655598-v5l8f 1/1 Running 1 21h
web-674477549d-flj78 1/1 Running 1 40h
web-674477549d-m7lsj 1/1 Running 1 23h
web-674477549d-stk84 1/1 Running 1 23h
[root@k8s-master yaml]# kubectl get pods -w
NAME READY STATUS RESTARTS AGE
nginx-6799fc88d8-s5wvx 1/1 Running 1 41h
pod-net-test 2/2 Running 0 89s
test-5f655598-5jfrt 1/1 Running 1 21h
test-5f655598-bhhm4 1/1 Running 1 21h
test-5f655598-v5l8f 1/1 Running 1 21h
web-674477549d-flj78 1/1 Running 1 40h
web-674477549d-m7lsj 1/1 Running 1 23h
web-674477549d-stk84 1/1 Running 1 23h
-
註釋:這裡注意一下,可以是 “-w ” 持續監聽pod狀態
2.1.4 進入pod
[root@k8s-master pod]# kubectl exec -it pods/pod-net-test -c pod-test -- /bin/sh
Defaulting container name to pod-test.
Use 'kubectl describe pod/pod-net-test -n default' to see all of the containers in this pod.
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 5A:C1:FA:25:85:C0
inet addr:10.244.169.139 Bcast:10.244.169.139 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1480 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:446 (446.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 :::80 :::* LISTEN -
-
註釋:
-
exec:進入引數
-
-it:分配一個偽終端
-
pod-net-test:為容器名稱
-
-c pod-test:指定容器名稱pod-test
-
— /bin/sh:為使用的環境變數
2.1.5 我們驗證檔案是不是nginx
-
我們進入nginx的容器裡面,修改index.html檔案進行驗證[root@k8s-master yaml]# kubectl exec -it pod-net-test -c web -- /bin/bashroot@pod-net-test:/# cd /usr/share/nginx/html/root@pod-net-test:/usr/share/nginx/html# ls50x.html index.htmlroot@pod-net-test:/usr/share/nginx/html# echo 'pod-test' >index.html
-
退出nginx容器,進入busybox進行wget下載,驗證檔案是否是pod-test[root@k8s-master yaml]# kubectl exec -it pod-net-test -c pod-test -- /bin/sh/ # netstat -lntupActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -tcp 0 0 :::80 :::* LISTEN -/ # wget http://127.0.0.1:80Connecting to 127.0.0.1:80 (127.0.0.1:80)saving to 'index.html'index.html 100% |************************************************************************************************************************************************| 9 0:00:00 ETA'index.html' saved/ # cat index.htmlpod-test
-
小結:
-
我們在nginx啟動的時候,沒有ip add等相關命令,我們透過修改index.html檔案進行驗證
-
注意使用進入命令的時候,一定要使用 “-c ” 引數區分進入那個容器
2.2 實現共享儲存
2.2.1 匯出配置檔案,進行編寫案例
-
進入目錄[root@k8s-master ~]# cd /root/yaml/[root@k8s-master yaml]# ll總用量 24-rw-r--r-- 1 root root 389 11月 27 21:22 my-deploy.yaml-rw-r--r-- 1 root root 3722 11月 28 10:48 my-get-deploy.yaml-rw-r--r--. 1 root root 538 11月 27 17:00 service-test.yaml-rw-r--r-- 1 root root 792 11月 29 08:09 web-disk-pod.yaml-rw-r--r-- 1 root root 302 11月 28 13:39 web-pod.yaml-rw-r--r--. 1 root root 777 11月 27 16:32 yaml-test.yaml
-
編寫pod-volume-test.yaml配置檔案[root@k8s-master yaml]# vim pod-volume-test.yaml[root@k8s-master yaml]# cat pod-volume-test.yamlapiVersion: v1kind: Podmetadata:labels:app: testname: pod-volume-testnamespace: defaultspec:containers:- image: busyboximagePullPolicy: Alwaysname: testcommand: ["/bin/sh"]args:- "-c"- "sleep 3000000"volumeMounts: #掛載到容器內部的儲存卷配置- name: log # 引用pod定義的共享儲存卷的名稱mountPath: /data #共享路徑資料夾- image: nginxname: webvolumeMounts: #掛載到容器內部的儲存卷配置- name: log # 引用pod定義的共享儲存卷的名稱mountPath: /data #共享路徑資料夾
#建立共享儲存卷volumes:- name: log #共享儲存卷名稱emptyDir: {}
2.2.2 建立共享磁碟
[root@k8s-master yaml]# mkdir -p /data
2.2.3 啟動服務
[root@k8s-master yaml]# kubectl apply -f pod-volume-test.yaml
pod/pod-volume-test created
2.2.4 檢視服務是否啟動
[root@k8s-master yaml]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6799fc88d8-tfgfr 1/1 Running 0 30m
pod-volume-test 2/2 Running 0 2m37s
test-5f655598-j9rth 1/1 Running 0 30m
test-5f655598-kpp8k 1/1 Running 0 30m
test-5f655598-t6mfg 1/1 Running 0 30m
web-674477549d-7gqfr 1/1 Running 0 30m
web-674477549d-cttbc 1/1 Running 0 30m
web-674477549d-rrfqd 1/1 Running 0 30m
2.2.5 驗證資料卷是否被共享
-
進入pod容器,在web容器建立一個index.html,檔案內容為 "pod volume test"[root@k8s-master yaml]# kubectl exec -it pod-volume-test -c web -- /bin/bashroot@pod-volume-test:/# cd /data/root@pod-volume-test:/data# touch index.htmlroot@pod-volume-test:/data# echo 'pod volume test ' >index.htmlroot@pod-volume-test:/data# lsindex.html
-
進入容器test進行驗證,/data目錄下面是否有index.html檔案,內容是否 “pod volume test”[root@k8s-master yaml]# kubectl exec -it pod-volume-test -c test -- /bin/sh/ # cd /data//data # lsindex.html/data # cat index.htmlpod volume test
2.2.6 檢視日誌
-
檢視web日誌[root@k8s-master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEnginx-6799fc88d8-tfgfr 1/1 Running 0 54mpod-volume-test 2/2 Running 0 26mtest-5f655598-j9rth 1/1 Running 0 54mtest-5f655598-kpp8k 1/1 Running 0 54mtest-5f655598-t6mfg 1/1 Running 0 54mweb-674477549d-7gqfr 1/1 Running 0 54mweb-674477549d-cttbc 1/1 Running 0 54mweb-674477549d-rrfqd 1/1 Running 0 54m[root@k8s-master ~]# kubectl logs pod-volume-test -c web -f/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d//docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh/docker-entrypoint.sh: Configuration complete; ready for start up上面開啟監聽日誌,
-
進入test測試終端,進行訪問測試[root@k8s-master yaml]# kubectl exec -it pod-volume-test -c test -- /bin/sh/data # cd /tmp//tmp # wget http://127.0.0.1Connecting to 127.0.0.1 (127.0.0.1:80)saving to 'index.html'index.html 100% |******************************************************************************************************************************************************************************************************************************| 612 0:00:00 ETA'index.html' saved/tmp # cat index.html<!DOCTYPE html><html><head><title>Welcome to nginx!</title><style>body {width: 35em;margin: 0 auto;font-family: Tahoma, Verdana, Arial, sans-serif;}</style></head><body><h1>Welcome to nginx!</h1><p>If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.</p><p>For online documentation and support please refer to<a href="http://nginx.org/">nginx.org</a>.<br/>Commercial support is available at<a href="http://nginx.com/">nginx.com</a>.</p><p><em>Thank you for using nginx.</em></p></body></html>
-
檢視監控日誌情況[root@k8s-master ~]# kubectl logs pod-volume-test -c web -f/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d//docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh/docker-entrypoint.sh: Configuration complete; ready for start up127.0.0.1 - - [29/Nov/2020:03:51:12 +0000] "GET / HTTP/1.1" 200 612 "-" "Wget" "-"發現已經有日誌了
3. k8s-pod欄位詳解
# yaml格式的pod定義檔案完整內容:
apiVersion:v1#必選,版本號,例如v1
kind:Pod#必選,Pod
metadata:#必選,元資料
name:string#必選,Pod名稱
namespace:string#必選,Pod所屬的名稱空間
labels:#自定義標籤
-name:string#自定義標籤名字
annotations:#自定義註釋列表
-name:string
spec:#必選,Pod中容器的詳細定義
containers:#必選,Pod中容器列表
-name:string#必選,容器名稱
image:string#必選,容器的映象名稱
imagePullPolicy:
[
Always|Never|IfNotPresent
]
#獲取映象的策略 Alawys表示下載映象 IfnotPresent表示優先使用本地映象,否則下載映象,Nerver表示僅使用本地映象
command:
[
string
]
#容器的啟動命令列表,如不指定,使用打包時使用的啟動命令
args:
[
string
]
#容器的啟動命令引數列表
workingDir:string#容器的工作目錄
volumeMounts:#掛載到容器內部的儲存卷配置
-name:string#引用pod定義的共享儲存卷的名稱,需用volumes[]部分定義的的卷名
mountPath:string#儲存卷在容器內mount的絕對路徑,應少於512字元
readOnly:boolean#是否為只讀模式
ports:#需要暴露的埠庫號列表
-name:string#埠號名稱
containerPort:int#容器需要監聽的埠號
hostPort:int#容器所在主機需要監聽的埠號,預設與Container相同
protocol:string#埠協議,支援TCP和UDP,預設TCP
env:#容器執行前需設定的環境變數列表
-name:string#環境變數名稱
value:string#環境變數的值
resources:#資源限制和請求的設定
limits:#資源限制的設定
cpu:string#Cpu的限制,單位為core數,將用於docker run --cpu-shares引數
memory:string#記憶體限制,單位可以為Mib/Gib,將用於docker run --memory引數
requests:#資源請求的設定
cpu:string#Cpu請求,容器啟動的初始可用數量
memory:string#記憶體清楚,容器啟動的初始可用數量
livenessProbe:#對Pod內個容器健康檢查的設定,當探測無響應幾次後將自動重啟該容器,檢查方法有exec、httpGet和tcpSocket,對一個容器只需設定其中一種方法即可
exec:#對Pod容器內檢查方式設定為exec方式
command:
[
string
]
#exec方式需要制定的命令或指令碼
httpGet:#對Pod內個容器健康檢查方法設定為HttpGet,需要制定Path、port
path:string
port:number
host:string
scheme:string
HttpHeaders:
-name:string
value:string
tcpSocket:#對Pod內個容器健康檢查方式設定為tcpSocket方式
port:number
initialDelaySeconds:0#容器啟動完成後首次探測的時間,單位為秒
timeoutSeconds:0#對容器健康檢查探測等待響應的超時時間,單位秒,預設1秒
periodSeconds:0#對容器監控檢查的定期探測時間設定,單位秒,預設10秒一次
successThreshold:0
failureThreshold:0
securityContext:
privileged:false
restartPolicy:
[
Always|Never|OnFailure
]
#Pod的重啟策略,Always表示一旦不管以何種方式終止執行,kubelet都將重啟,OnFailure表示只有Pod以非0退出碼退出才重啟,Nerver表示不再重啟該Pod
nodeSelector:obeject#設定NodeSelector表示將該Pod排程到包含這個label的node上,以key:value的格式指定
imagePullSecrets:#Pull映象時使用的secret名稱,以key:secretkey格式指定
-name:string
hostNetwork:false#是否使用主機網路模式,預設為false,如果設定為true,表示使用宿主機網路
volumes:#在該pod上定義共享儲存卷列表
-name:string#共享儲存卷名稱 (volumes型別有很多種)
emptyDir:
{}
#型別為emtyDir的儲存卷,與Pod同生命週期的一個臨時目錄。為空值
hostPath:string#型別為hostPath的儲存卷,表示掛載Pod所在宿主機的目錄
path:string#Pod所在宿主機的目錄,將被用於同期中mount的目錄
secret:#型別為secret的儲存卷,掛載叢集與定義的secre物件到容器內部
scretname:string
items:
-key:string
path:string
configMap:#型別為configMap的儲存卷,掛載預定義的configMap物件到容器內部
name:string
items:
-key:string
path:string