作者:尹正杰
版权声明:原创作品,谢绝转载!否则将追究法律责任。
一.K8s 控制器(Kubernetes Controllers)
我们知道在Kubernetes Master节点中存在三个重要组件,分别为kube-apiserver,kube-scheduler,kube-controller-manager,下面是Kubernetes Master Controller Manager中常见的Pod控制器:
ReplicationController(早期K8S版本的控制器的控制器,如K8S 1.7,现在都更新K8S都更新到K8S 1.17.2版本了,因此这种控制器使用的相当较少了)
Deployment Controller(用来管理非系统级无状态的守护进程的控制器,如Nginx)
ReplicaSet Controller(也是用来管理非系统级别无状态守护进程的控制器,通常使用较少,一般情况下我们会优先使用"Deployment Controller")
DaemonSet Controller(用来管理系统级无状态的守护进程的控制器,如Zabbix Agent(可以让系统扩展一些管理属性的,每个节点必须运行一个该进程用户管理该节点,若没有该进程则Zabbix Server无法监控,且没有必要在同一个节点上启动多个Zabbix Agent))
StatefulSet Controller(用来管理有状态的守护进程的控制器,如MySQL/MariaDB)
Job Controller(用来管理非守护进程,指的是运行某次任务(即一次性作业),如备份数据库)
Cronjob Controller(也是用来管理非守护进程的控制器,相比于"Job Controller",该控制器支持周期性计划任务)
...
在重启动和自动化应用中,Pod通过控制循环(control loop)是调节(non-terminating)系统状态:
在Kubernetes中,控制器是一个控制循环,它通过API服务器监视集群的共享状态,并进行更改,试图将当前状态移到所需状态。
Kubernetes运行一组控制器来处理日常任务,以确保集群的期望状态与观察到的状态匹配:
基本上,每个控制器负责Kubernetes集群中的特定资源。
对于管理集群的用户来说,了解Kubernetes中每个控制器的角色非常重要。
控制器是Kubernetes的重要组成部分:
他们是资源(resources)背后的"大脑(brains)"。
例如,Kubernetes的部署资源的任务是确保有一定数量的pod在运行,节点控制器查找服务器的状态,并在服务器停机时做出响应。
控制器流事件(Controller flow of events):
Informer/Sharedformer是API Server与Controller之间的代理程序,负责分发监视的资源对象的相关变动事件,并将其存储与Workqueue之中,而Worker(s)负责运行队列中的相应操作。
控制器本身也是标准的Kubernetes资源类型,它们可被实例化出具体的对象负责具体的任务:
例如一个特定的Deployment控制器对象负责管理由标签选择器匹配到的Pod资源对象;
控制器资源对象自身的创建,更新及删除操作则由控制器进程负责,这些进程统一打包在了kube-controller-manager之中;
而kube-controller-manager自身的运行正常与否的状况则需要通过冗余的方式设置;
控制器资源对象自身也会存在相应的管理操作;我们可以使用"--controllers"选项用于指定要启用的控制器:
"*":
如果创建容器时不指定控制器,默认启用所有的控制器(除了bootstrapsigner,tokencleaner这两个控制器不会被启用)
All controllers:
attachdetach,bootstrapsigner,clusterole-aggregation,cronjob,csrapproving,csrcleaner,csrsigning,daemonset,deployment,disruption,
endpoint,garbagecollector,horizontalpodautoscaling,job,namespace,nodeipam,nodelifecycle,persistentvolume-binder,persistentvolume-expander,pdogc,
pv-protection,pvc-protection,replicaset,replicationcontroller,resourcequota,route,service,serviceaccount,serviceaccount-token,statefulset,
tokencleaner,ttl
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-6955765f44-455fh 1/1 Running 1 2d3h
coredns-6955765f44-q6zqj 1/1 Running 1 2d3h
etcd-master200.yinzhengjie.org.cn 1/1 Running 1 2d3h
kube-apiserver-master200.yinzhengjie.org.cn 1/1 Running 1 2d3h
kube-controller-manager-master200.yinzhengjie.org.cn 1/1 Running 1 2d3h
kube-flannel-ds-amd64-hnnhb 1/1 Running 1 2d3h
kube-flannel-ds-amd64-jhmh6 1/1 Running 1 2d2h
kube-flannel-ds-amd64-lnldz 1/1 Running 2 2d3h
kube-flannel-ds-amd64-nwv2l 1/1 Running 1 2d2h
kube-proxy-2shb4 1/1 Running 1 2d3h
kube-proxy-6r9dx 1/1 Running 1 2d3h
kube-proxy-cg2m6 1/1 Running 1 2d2h
kube-proxy-lp5pr 1/1 Running 1 2d2h
kube-scheduler-master200.yinzhengjie.org.cn 1/1 Running 1 2d3h
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# ll /etc/kubernetes/manifests/
total 16
-rw------- 1 root root 1798 Feb 4 19:39 etcd.yaml
-rw------- 1 root root 2606 Feb 4 19:39 kube-apiserver.yaml
-rw------- 1 root root 2533 Feb 4 19:39 kube-controller-manager.yaml
-rw------- 1 root root 1120 Feb 4 19:39 kube-scheduler.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /etc/kubernetes/manifests/kube-controller-manager.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
component: kube-controller-manager
tier: control-plane
name: kube-controller-manager
namespace: kube-system
spec:
containers:
- command:
- kube-controller-manager
- --allocate-node-cidrs=true
- --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf
- --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf
- --bind-address=127.0.0.1
- --client-ca-file=/etc/kubernetes/pki/ca.crt
- --cluster-cidr=10.244.0.0/16
- --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt
- --cluster-signing-key-file=/etc/kubernetes/pki/ca.key
- --controllers=*,bootstrapsigner,tokencleaner
- --kubeconfig=/etc/kubernetes/controller-manager.conf
- --leader-elect=true
- --node-cidr-mask-size=24
- --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
- --root-ca-file=/etc/kubernetes/pki/ca.crt
- --service-account-private-key-file=/etc/kubernetes/pki/sa.key
- --service-cluster-ip-range=10.96.0.0/12
- --use-service-account-credentials=true
image: k8s.gcr.io/kube-controller-manager:v1.17.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 8
httpGet:
host: 127.0.0.1
path: /healthz
port: 10257
scheme: HTTPS
initialDelaySeconds: 15
timeoutSeconds: 15
name: kube-controller-manager
resources:
requests:
cpu: 200m
volumeMounts:
- mountPath: /etc/ssl/certs
name: ca-certs
readOnly: true
- mountPath: /etc/pki
name: etc-pki
readOnly: true
- mountPath: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
name: flexvolume-dir
- mountPath: /etc/kubernetes/pki
name: k8s-certs
readOnly: true
- mountPath: /etc/kubernetes/controller-manager.conf
name: kubeconfig
readOnly: true
hostNetwork: true
priorityClassName: system-cluster-critical
volumes:
- hostPath:
path: /etc/ssl/certs
type: DirectoryOrCreate
name: ca-certs
- hostPath:
path: /etc/pki
type: DirectoryOrCreate
name: etc-pki
- hostPath:
path: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
type: DirectoryOrCreate
name: flexvolume-dir
- hostPath:
path: /etc/kubernetes/pki
type: DirectoryOrCreate
name: k8s-certs
- hostPath:
path: /etc/kubernetes/controller-manager.conf
type: FileOrCreate
name: kubeconfig
status: {}
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /etc/kubernetes/manifests/kube-controller-manager.yaml
二.ReplicaSet 控制器(controller)
ReplicaSet确保在任何给定时间运行指定数量的pod复制副本,ReplicaSet是Pods的直接控制器。
编写复制集(ReplicaSet)规范:
Pod Template
Pod Selector
Replicas
使用复制集(ReplicaSet):
删除复制集及其Pods(Deleting a ReplicaSet and its Pods)
只删除复制集(Deleting just a ReplicaSet)
从复制集中分离Pods(Isolating pods from a ReplicaSet)
扩展到复制集(Scaling a ReplicaSet)
1>.编写yaml文件
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: myapp-rs
namespace: develop
spec:
replicas: 2
selector:
matchLabels:
app: mynginx-pod
template:
metadata:
labels:
app: mynginx-pod
spec:
containers:
- name: mynginx
image: nginx:1.14-alpine
ports:
- name: http
containerPort: 80
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
2>.应用yaml文件
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n develop
No resources found in develop namespace.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
replicaset.apps/myapp-rs created
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n develop
NAME DESIRED CURRENT READY AGE
myapp-rs 2 2 1 2s
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: myapp-rs
namespace: develop
spec:
replicas: 2
selector:
matchLabels:
app: mynginx-pod
template:
metadata:
labels:
app: mynginx-pod
spec:
containers:
- name: mynginx
image: nginx:1.14-alpine
ports:
- name: http
containerPort: 80
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n develop
NAME DESIRED CURRENT READY AGE
myapp-rs 2 2 2 3m13s
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl describe rs myapp-rs -n develop
Name: myapp-rs
Namespace: develop
Selector: app=mynginx-pod
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"apps/v1","kind":"ReplicaSet","metadata":{"annotations":{},"name":"myapp-rs","namespace":"develop"},"spec":{"replicas":2,"se...
Replicas: 2 current / 2 desired
Pods Status: 2 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
Labels: app=mynginx-pod
Containers:
mynginx:
Image: nginx:1.14-alpine
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfulCreate 3m41s replicaset-controller Created pod: myapp-rs-5jr88
Normal SuccessfulCreate 3m41s replicaset-controller Created pod: myapp-rs-5x98d
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n develop -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
myapp-rs 2 2 2 4m29s mynginx nginx:1.14-alpine app=mynginx-pod
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n develop -o wide
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
myapp-rs-5jr88 1/1 Running 0 28m 10.244.3.3 node203.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5x98d 1/1 Running 0 28m 10.244.2.4 node202.yinzhengjie.org.cn <none> <none> app=mynginx-pod
pod-demo 2/2 Running 0 14h 10.244.3.2 node203.yinzhengjie.org.cn <none> <none> app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
3>.将pod的标签修改后,ReplicaSet控制器会自动创建一个新的
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
myapp-rs-5jr88 1/1 Running 0 28m 10.244.3.3 node203.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5x98d 1/1 Running 0 28m 10.244.2.4 node202.yinzhengjie.org.cn <none> <none> app=mynginx-pod
pod-demo 2/2 Running 0 14h 10.244.3.2 node203.yinzhengjie.org.cn <none> <none> app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl label pod myapp-rs-5x98d -n develop app=mynginx-demo --overwrite #我们将"app=mynginx-pod"的标签修改为"app=mynginx-demo",此时"app=mynginx-pod"的标签会少一个,因此我们会发现自动创建一个pod
pod/myapp-rs-5x98d labeled
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
myapp-rs-2kwhc 1/1 Running 0 2s 10.244.2.5 node202.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5jr88 1/1 Running 0 28m 10.244.3.3 node203.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5x98d 1/1 Running 0 28m 10.244.2.4 node202.yinzhengjie.org.cn <none> <none> app=mynginx-demo
pod-demo 2/2 Running 0 14h 10.244.3.2 node203.yinzhengjie.org.cn <none> <none> app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl label pod myapp-rs-5x98d -n develop app=mynginx-demo --overwrite #我们将"app=mynginx-pod"的标签修改为"app=mynginx-demo",此时"app=mynginx-pod"的标签会少一个,因此我们会发现自动创建一个pod
4>.通过配置文件动态修改pod的副本数
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
myapp-rs-2kwhc 1/1 Running 0 17m 10.244.2.5 node202.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5jr88 1/1 Running 0 46m 10.244.3.3 node203.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5x98d 1/1 Running 0 46m 10.244.2.4 node202.yinzhengjie.org.cn <none> <none> app=mynginx-demo
pod-demo 2/2 Running 0 15h 10.244.3.2 node203.yinzhengjie.org.cn <none> <none> app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: myapp-rs
namespace: develop
spec:
replicas: 5
selector:
matchLabels:
app: mynginx-pod
template:
metadata:
labels:
app: mynginx-pod
spec:
containers:
- name: mynginx
image: nginx:1.14-alpine
ports:
- name: http
containerPort: 80
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
replicaset.apps/myapp-rs configured
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
myapp-rs-2kwhc 1/1 Running 0 18m 10.244.2.5 node202.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5jr88 1/1 Running 0 47m 10.244.3.3 node203.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5x98d 1/1 Running 0 47m 10.244.2.4 node202.yinzhengjie.org.cn <none> <none> app=mynginx-demo
myapp-rs-96gmb 1/1 Running 0 11s 10.244.3.6 node203.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-jz77z 1/1 Running 0 11s 10.244.2.7 node202.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-wfsp8 0/1 ContainerCreating 0 11s <none> node201.yinzhengjie.org.cn <none> <none> app=mynginx-pod
pod-demo 2/2 Running 0 15h 10.244.3.2 node203.yinzhengjie.org.cn <none> <none> app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
5>.通过命令动态修改pod的副本数
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
myapp-rs-2kwhc 1/1 Running 0 23m 10.244.2.5 node202.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5jr88 1/1 Running 0 52m 10.244.3.3 node203.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5x98d 1/1 Running 0 52m 10.244.2.4 node202.yinzhengjie.org.cn <none> <none> app=mynginx-demo
myapp-rs-96gmb 1/1 Running 0 5m31s 10.244.3.6 node203.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-jz77z 1/1 Running 0 5m31s 10.244.2.7 node202.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-wfsp8 1/1 Running 0 5m31s 10.244.1.66 node201.yinzhengjie.org.cn <none> <none> app=mynginx-pod
pod-demo 2/2 Running 0 15h 10.244.3.2 node203.yinzhengjie.org.cn <none> <none> app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl scale --replicas=3 rs myapp-rs -n develop
replicaset.apps/myapp-rs scaled
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
myapp-rs-2kwhc 1/1 Running 0 25m 10.244.2.5 node202.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5jr88 1/1 Running 0 53m 10.244.3.3 node203.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-5x98d 1/1 Running 0 53m 10.244.2.4 node202.yinzhengjie.org.cn <none> <none> app=mynginx-demo
myapp-rs-96gmb 1/1 Running 0 7m6s 10.244.3.6 node203.yinzhengjie.org.cn <none> <none> app=mynginx-pod
myapp-rs-wfsp8 1/1 Terminating 0 7m6s 10.244.1.66 node201.yinzhengjie.org.cn <none> <none> app=mynginx-pod
pod-demo 2/2 Running 0 15h 10.244.3.2 node203.yinzhengjie.org.cn <none> <none> app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl scale --replicas=3 rs myapp-rs -n develop
三.Deployments 控制器(controller)
ReplicaSet 控制器是Pods的直接控制器,它能控制Pods满足用户期望的基本数量,但是ReplicaSet自身在更新上功能相对较弱,因此在ReplicaSet 之上又抽象出来了Deployments。
Deploymentst会自动帮咱们调用ReplicaSet来完成对pod的管理,它拥有滚动,部署等功能,因此生产环境中我们通常使用Deployments。
Deployments还支持让用户做金丝雀发布。
1>.编写yaml文件并应用yaml
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-nginx
namespace: testing
spec:
replicas: 3
minReadySeconds: 10
selector:
matchLabels:
app: nginx
rel: stable
template:
metadata:
labels:
app: nginx
rel: stable
spec:
containers:
- name: nginx
image: nginx:1.14-alpine
ports:
- containerPort: 80
name: http
readinessProbe:
periodSeconds: 1
httpGet:
path: /
port: http
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl create ns testing
namespace/testing created
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
No resources found in testing namespace.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
deployment.apps/deploy-nginx created
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-nginx-6cc674fdcf-5lrss 0/1 ContainerCreating 0 2s <none> node201.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-9gbcj 1/1 Running 0 2s 10.244.2.11 node202.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-cwzd4 1/1 Running 0 2s 10.244.3.9 node203.yinzhengjie.org.cn <none> <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n testing
NAME DESIRED CURRENT READY AGE
deploy-nginx-6cc674fdcf 3 3 3 5m45s
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing
NAME READY STATUS RESTARTS AGE
deploy-nginx-6cc674fdcf-5lrss 1/1 Running 0 6m5s
deploy-nginx-6cc674fdcf-9gbcj 1/1 Running 0 6m5s
deploy-nginx-6cc674fdcf-cwzd4 1/1 Running 0 6m5s
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-nginx-6cc674fdcf-5lrss 1/1 Running 0 6m7s 10.244.1.69 node201.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-9gbcj 1/1 Running 0 6m7s 10.244.2.11 node202.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-cwzd4 1/1 Running 0 6m7s 10.244.3.9 node203.yinzhengjie.org.cn <none> <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
2>.升级nginx的版本
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-nginx
namespace: testing
spec:
replicas: 3
minReadySeconds: 10
selector:
matchLabels:
app: nginx
rel: stable
template:
metadata:
labels:
app: nginx
rel: stable
spec:
containers:
- name: nginx
image: nginx:1.17-alpine
ports:
- containerPort: 80
name: http
readinessProbe:
periodSeconds: 1
httpGet:
path: /
port: http
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n testing
NAME DESIRED CURRENT READY AGE
deploy-nginx-6cc674fdcf 3 3 3 11m
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-nginx-6cc674fdcf-5lrss 1/1 Running 0 11m 10.244.1.69 node201.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-9gbcj 1/1 Running 0 11m 10.244.2.11 node202.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-cwzd4 1/1 Running 0 11m 10.244.3.9 node203.yinzhengjie.org.cn <none> <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n testing -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
deploy-nginx-6cc674fdcf 3 3 3 11m nginx nginx:1.14-alpine app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
deployment.apps/deploy-nginx configured
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n testing -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
deploy-nginx-545dd4fcd8 3 3 3 3m47s nginx nginx:1.17-alpine app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-6cc674fdcf 0 0 0 24m nginx nginx:1.14-alpine app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-nginx-545dd4fcd8-brczf 1/1 Running 0 3m55s 10.244.3.11 node203.yinzhengjie.org.cn <none> <none>
deploy-nginx-545dd4fcd8-ft6lm 1/1 Running 0 3m38s 10.244.2.12 node202.yinzhengjie.org.cn <none> <none>
deploy-nginx-545dd4fcd8-zjhnj 1/1 Running 0 3m21s 10.244.1.70 node201.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-5lrss 1/1 Terminating 0 24m 10.244.1.69 node201.yinzhengjie.org.cn <none> <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
3>.设置滚动策略案例并使用命令行升级nginx版本
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment
KIND: Deployment
VERSION: apps/v1
DESCRIPTION:
Deployment enables declarative updates for Pods and ReplicaSets.
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata <Object>
Standard object metadata.
spec <Object>
Specification of the desired behavior of the Deployment.
status <Object>
Most recently observed status of the Deployment.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment.spec
KIND: Deployment
VERSION: apps/v1
RESOURCE: spec <Object>
DESCRIPTION:
Specification of the desired behavior of the Deployment.
DeploymentSpec is the specification of the desired behavior of the
Deployment.
FIELDS:
minReadySeconds <integer>
Minimum number of seconds for which a newly created pod should be ready
without any of its container crashing, for it to be considered available.
Defaults to 0 (pod will be considered available as soon as it is ready)
paused <boolean>
Indicates that the deployment is paused.
progressDeadlineSeconds <integer>
The maximum time in seconds for a deployment to make progress before it is
considered to be failed. The deployment controller will continue to process
failed deployments and a condition with a ProgressDeadlineExceeded reason
will be surfaced in the deployment status. Note that progress will not be
estimated during the time a deployment is paused. Defaults to 600s.
replicas <integer>
Number of desired pods. This is a pointer to distinguish between explicit
zero and not specified. Defaults to 1.
revisionHistoryLimit <integer>
The number of old ReplicaSets to retain to allow rollback. This is a
pointer to distinguish between explicit zero and not specified. Defaults to
10.
selector <Object> -required-
Label selector for pods. Existing ReplicaSets whose pods are selected by
this will be the ones affected by this deployment. It must match the pod
template's labels.
strategy <Object>
The deployment strategy to use to replace existing pods with new ones.
template <Object> -required-
Template describes the pods that will be created.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment.spec
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment.spec.strategy
KIND: Deployment
VERSION: apps/v1
RESOURCE: strategy <Object>
DESCRIPTION:
The deployment strategy to use to replace existing pods with new ones.
DeploymentStrategy describes how to replace existing pods with new ones.
FIELDS:
rollingUpdate <Object>
Rolling update config params. Present only if DeploymentStrategyType =
RollingUpdate.
type <string>
Type of deployment. Can be "Recreate" or "RollingUpdate". Default is
RollingUpdate.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment.spec.strategy #查看滚动策略
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-nginx
namespace: testing2
spec:
replicas: 3
minReadySeconds: 10
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
app: nginx
rel: stable
template:
metadata:
labels:
app: nginx
rel: stable
spec:
containers:
- name: nginx
image: nginx:1.14-alpine
ports:
- containerPort: 80
name: http
readinessProbe:
periodSeconds: 1
httpGet:
path: /
port: http
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl create ns testing2
namespace/testing2 created
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -o wide -n testing2
No resources found in testing2 namespace.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml
deployment.apps/deploy-nginx created
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -o wide -n testing2
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-nginx-6cc674fdcf-5jk7r 0/1 ContainerCreating 0 5s <none> node201.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-hxkzd 1/1 Running 0 5s 10.244.3.12 node203.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-sw7zf 1/1 Running 0 5s 10.244.2.13 node202.yinzhengjie.org.cn <none> <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -o wide -n testing2
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-nginx-6cc674fdcf-5jk7r 1/1 Running 0 5m51s 10.244.1.71 node201.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-hxkzd 1/1 Running 0 5m51s 10.244.3.12 node203.yinzhengjie.org.cn <none> <none>
deploy-nginx-6cc674fdcf-sw7zf 1/1 Running 0 5m51s 10.244.2.13 node202.yinzhengjie.org.cn <none> <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl describe deploy deploy-nginx -n testing2
Name: deploy-nginx
Namespace: testing2
CreationTimestamp: Fri, 07 Feb 2020 02:53:33 +0800
Labels: <none>
Annotations: deployment.kubernetes.io/revision: 2
kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"deploy-nginx","namespace":"testing2"},"spec":{"minReadySe...
Selector: app=nginx,rel=stable
Replicas: 3 desired | 3 updated | 3 total | 2 available | 1 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 10
RollingUpdateStrategy: 1 max unavailable, 1 max surge
Pod Template:
Labels: app=nginx
rel=stable
Containers:
nginx:
Image: nginx:1.17-alpine
Port: 80/TCP
Host Port: 0/TCP
Readiness: http-get http://:http/ delay=0s timeout=1s period=1s #success=1 #failure=3
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True ReplicaSetUpdated
OldReplicaSets: <none>
NewReplicaSet: deploy-nginx-545dd4fcd8 (3/3 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 21m deployment-controller Scaled up replica set deploy-nginx-6cc674fdcf to 3
Normal ScalingReplicaSet 2m45s deployment-controller Scaled up replica set deploy-nginx-545dd4fcd8 to 1
Normal ScalingReplicaSet 2m45s deployment-controller Scaled down replica set deploy-nginx-6cc674fdcf to 2
Normal ScalingReplicaSet 2m45s deployment-controller Scaled up replica set deploy-nginx-545dd4fcd8 to 2
Normal ScalingReplicaSet 2m32s deployment-controller Scaled down replica set deploy-nginx-6cc674fdcf to 0
Normal ScalingReplicaSet 2m32s deployment-controller Scaled up replica set deploy-nginx-545dd4fcd8 to 3
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl describe deploy deploy-nginx -n testing2
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-nginx
namespace: testing2
spec:
replicas: 3
minReadySeconds: 10
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
app: nginx
rel: stable
template:
metadata:
labels:
app: nginx
rel: stable
spec:
containers:
- name: nginx
image: nginx:1.17-alpine
ports:
- containerPort: 80
name: http
readinessProbe:
periodSeconds: 1
httpGet:
path: /
port: http
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
deploy-nginx-6cc674fdcf 3 3 3 17m nginx nginx:1.14-alpine app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl set image -n testing2 deployment deploy-nginx nginx=nginx:1.17-alpine
deployment.apps/deploy-nginx image updated
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
deploy-nginx-545dd4fcd8 3 3 3 5m18s nginx nginx:1.17-alpine app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-6cc674fdcf 0 0 0 24m nginx nginx:1.14-alpine app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl set image -n testing2 deployment deploy-nginx nginx=nginx:1.17-alpine
4>.版本回滚
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout
Manage the rollout of a resource.
Valid resource types include:
* deployments
* daemonsets
* statefulsets
Examples:
# Rollback to the previous deployment
kubectl rollout undo deployment/abc
# Check the rollout status of a daemonset
kubectl rollout status daemonset/foo
Available Commands:
history View rollout history
pause Mark the provided resource as paused
restart Restart a resource
resume Resume a paused resource
status Show the status of the rollout
undo Undo a previous rollout
Usage:
kubectl rollout SUBCOMMAND [options]
Use "kubectl <command> --help" for more information about a given command.
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout history --help
View previous rollout revisions and configurations.
Examples:
# View the rollout history of a deployment
kubectl rollout history deployment/abc
# View the details of daemonset revision 3
kubectl rollout history daemonset/abc --revision=3
Options:
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
-f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
-k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
-o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
-R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
--revision=0: See the details, including podTemplate of the revision specified
--template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
Usage:
kubectl rollout history (TYPE NAME | TYPE/NAME) [flags] [options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout history --help
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout pause --help
Mark the provided resource as paused
Paused resources will not be reconciled by a controller. Use "kubectl rollout resume" to resume a paused resource.
Currently only deployments support being paused.
Examples:
# Mark the nginx deployment as paused. Any current state of
# the deployment will continue its function, new updates to the deployment will not
# have an effect as long as the deployment is paused.
kubectl rollout pause deployment/nginx
Options:
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
-f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
-k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
-o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
-R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
--template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
Usage:
kubectl rollout pause RESOURCE [options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout pause --help
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout restart --help
Restart a resource.
Resource will be rollout restarted.
Examples:
# Restart a deployment
kubectl rollout restart deployment/nginx
# Restart a daemonset
kubectl rollout restart daemonset/abc
Options:
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
-f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
-k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
-o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
-R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
--template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
Usage:
kubectl rollout restart RESOURCE [options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout restart --help
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout resume --help
Resume a paused resource
Paused resources will not be reconciled by a controller. By resuming a resource, we allow it to be reconciled again.
Currently only deployments support being resumed.
Examples:
# Resume an already paused deployment
kubectl rollout resume deployment/nginx
Options:
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
-f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
-k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
-o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
-R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
--template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
Usage:
kubectl rollout resume RESOURCE [options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout resume --help
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout status --help
Show the status of the rollout.
By default 'rollout status' will watch the status of the latest rollout until it's done. If you don't want to wait for
the rollout to finish then you can use --watch=false. Note that if a new rollout starts in-between, then 'rollout
status' will continue watching the latest revision. If you want to pin to a specific revision and abort if it is rolled
over by another revision, use --revision=N where N is the revision you need to watch for.
Examples:
# Watch the rollout status of a deployment
kubectl rollout status deployment/nginx
Options:
-f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
-k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
-R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
--revision=0: Pin to a specific revision for showing its status. Defaults to 0 (last revision).
--timeout=0s: The length of time to wait before ending watch, zero means never. Any other values should contain a
corresponding time unit (e.g. 1s, 2m, 3h).
-w, --watch=true: Watch the status of the rollout until it's done.
Usage:
kubectl rollout status (TYPE NAME | TYPE/NAME) [flags] [options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout status --help
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout undo --help
Rollback to a previous rollout.
Examples:
# Rollback to the previous deployment
kubectl rollout undo deployment/abc
# Rollback to daemonset revision 3
kubectl rollout undo daemonset/abc --to-revision=3
# Rollback to the previous deployment with dry-run
kubectl rollout undo --dry-run=true deployment/abc
Options:
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
--dry-run=false: If true, only print the object that would be sent, without sending it.
-f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
-k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
-o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
-R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
--template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
--to-revision=0: The revision to rollback to. Default to 0 (last revision).
Usage:
kubectl rollout undo (TYPE NAME | TYPE/NAME) [flags] [options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout undo --help
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
deploy-nginx-545dd4fcd8 3 3 3 15m nginx nginx:1.17-alpine app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-6cc674fdcf 0 0 0 35m nginx nginx:1.14-alpine app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout status deployment/deploy-nginx -n testing2
deployment "deploy-nginx" successfully rolled out
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout history deployment/deploy-nginx -n testing2
deployment.apps/deploy-nginx
REVISION CHANGE-CAUSE
1 <none>
2 <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout undo deployment/deploy-nginx -n testing2
deployment.apps/deploy-nginx rolled back
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout status deployment/deploy-nginx -n testing2
Waiting for deployment "deploy-nginx" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "deploy-nginx" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "deploy-nginx" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "deploy-nginx" rollout to finish: 2 of 3 updated replicas are available...
Waiting for deployment "deploy-nginx" rollout to finish: 2 of 3 updated replicas are available...
deployment "deploy-nginx" successfully rolled out
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
deploy-nginx-545dd4fcd8 0 0 0 22m nginx nginx:1.17-alpine app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-6cc674fdcf 3 3 3 41m nginx nginx:1.14-alpine app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout history deployment/deploy-nginx -n testing2
deployment.apps/deploy-nginx
REVISION CHANGE-CAUSE
2 <none>
3 <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout undo deployment/deploy-nginx -n testing2
5>.将提供的资源标记为已暂停
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-nginx
namespace: testing2
spec:
replicas: 3
minReadySeconds: 10
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
app: nginx
rel: stable
template:
metadata:
labels:
app: nginx
rel: stable
spec:
containers:
- name: nginx
image: nginx:1.17-alpine
ports:
- containerPort: 80
name: http
readinessProbe:
periodSeconds: 1
httpGet:
path: /
port: http
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
deploy-nginx-545dd4fcd8 0 0 0 26m nginx nginx:1.17-alpine app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-6cc674fdcf 3 3 3 45m nginx nginx:1.14-alpine app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl set image -n testing2 deployment deploy-nginx nginx=nginx:1.16-alpine
deployment.apps/deploy-nginx image updated
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
deploy-nginx-545dd4fcd8 0 0 0 28m nginx nginx:1.17-alpine app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-5885b7c4bf 3 3 3 32s nginx nginx:1.16-alpine app=nginx,pod-template-hash=5885b7c4bf,rel=stable
deploy-nginx-6cc674fdcf 0 0 0 47m nginx nginx:1.14-alpine app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl set image -n testing2 deployment deploy-nginx nginx=nginx:1.16-alpine
[root@master200.yinzhengjie.org.cn ~]# kubectl set image -n testing2 deployment deploy-nginx nginx=nginx:1.12-alpine && kubectl rollout pause deployment/deploy-nginx -n testing2 #模拟实现"金丝雀"发布
deployment.apps/deploy-nginx image updated
deployment.apps/deploy-nginx paused
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
四.DaemonSet 控制器(controller)
Deployment控制器要比ReplicaSet控制器功能强大,可以控制集群中的副本数量,但是无法控制具体在哪一个node上创建副本,而守护程序控制器(DaemonSet contronller)可以控制每个节点上只允许一个pod(因此我们使用DaemonSet时无需指定副本(Replicas))。
Deployment控制器可以让用户随意控制Pod的数量,比如在3个k8s node主机上我们可以指定6个副本pod,而DaemonSet由于只能在每个k8s node主机上允许一个pod,因此pod的数量取决于k8s node的数量,用户无法指定多个副本。
举个例子,如果有50台服务器,你只需要在特定的20台服务器上允许特定的一个pod,我们可以为这20台主机打上不同的标签(label),Deployment控制器通过标签选择器可以运行20个Pod,但可能会在这20台主机上随机选中几台服务器运行多个pod让Replicas的数量为20即可;而DaemonSet控制器通过节点选择器可以让20台节点每一个节点都运行一个pod,这就是DaemonSet的强大之处。
DaemonSet控制器也支持滚动策略,只不过它的滚动策略相比于Deloyment控制器要简单的多。
守护程序确保所有(或某些)节点运行Pod的副本
当节点被添加到集群中时,pod被添加到它们中。
当节点从集群中移除时,这些pod将被垃圾收集。
编写守护程序(DaemonSet)规范:
selector
template
仅在某些节点上运行Pods:
如果指定.spec.template.spec.node selector,那么守护程序控制器(DaemonSet contonller)将在与该节点选择器匹配的节点上创建pod。
linkwise如果指定.spec.template.spec.affinity,守护进程控制器将在与该节点affinity匹配的节点上创建pod。
1>.查看集群各节点的是否存在污点(Taints),如果存在污点(Taints)则无法被调度
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master200.yinzhengjie.org.cn Ready master 2d21h v1.17.2
node201.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2
node202.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2
node203.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
NAME STATUS ROLES AGE VERSION LABELS
master200.yinzhengjie.org.cn Ready master 2d21h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=master200.yinzhengjie.org.cn,kubernetes.io/os=linux,node-role.kubernetes.io/master=
node201.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node201.yinzhengjie.org.cn,kubernetes.io/os=linux
node202.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node202.yinzhengjie.org.cn,kubernetes.io/os=linux
node203.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node203.yinzhengjie.org.cn,kubernetes.io/os=linux
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node master200.yinzhengjie.org.cn
Name: master200.yinzhengjie.org.cn
Roles: master
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/arch=amd64
kubernetes.io/hostname=master200.yinzhengjie.org.cn
kubernetes.io/os=linux
node-role.kubernetes.io/master=
Annotations: flannel.alpha.coreos.com/backend-data: {"VtepMAC":"be:50:d6:6b:04:39"}
flannel.alpha.coreos.com/backend-type: vxlan
flannel.alpha.coreos.com/kube-subnet-manager: true
flannel.alpha.coreos.com/public-ip: 172.200.1.200
kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Tue, 04 Feb 2020 19:39:31 +0800
Taints: node-role.kubernetes.io/master:NoSchedule
Unschedulable: false
Lease:
HolderIdentity: master200.yinzhengjie.org.cn
AcquireTime: <unset>
RenewTime: Fri, 07 Feb 2020 16:21:06 +0800
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
MemoryPressure False Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 19:39:27 +0800 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 19:39:27 +0800 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 19:39:27 +0800 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 19:47:59 +0800 KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 172.200.1.200
Hostname: master200.yinzhengjie.org.cn
Capacity:
cpu: 2
ephemeral-storage: 511750Mi
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 4026376Ki
pods: 110
Allocatable:
cpu: 2
ephemeral-storage: 482947890401
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 3923976Ki
pods: 110
System Info:
Machine ID: d637a9e4c24d4d11bed0c09151ac78e2
System UUID: A5574D56-A21D-EBEE-7A2B-6571CF422C27
Boot ID: fd55871f-7b64-4ae2-9488-fb4572f38017
Kernel Version: 3.10.0-957.el7.x86_64
OS Image: CentOS Linux 7 (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://19.3.5
Kubelet Version: v1.17.2
Kube-Proxy Version: v1.17.2
PodCIDR: 10.244.0.0/24
PodCIDRs: 10.244.0.0/24
Non-terminated Pods: (8 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE
--------- ---- ------------ ---------- --------------- ------------- ---
kube-system coredns-6955765f44-455fh 100m (5%) 0 (0%) 70Mi (1%) 170Mi (4%) 2d20h
kube-system coredns-6955765f44-q6zqj 100m (5%) 0 (0%) 70Mi (1%) 170Mi (4%) 2d20h
kube-system etcd-master200.yinzhengjie.org.cn 0 (0%) 0 (0%) 0 (0%) 0 (0%) 2d20h
kube-system kube-apiserver-master200.yinzhengjie.org.cn 250m (12%) 0 (0%) 0 (0%) 0 (0%) 2d20h
kube-system kube-controller-manager-master200.yinzhengjie.org.cn 200m (10%) 0 (0%) 0 (0%) 0 (0%) 2d20h
kube-system kube-flannel-ds-amd64-hnnhb 100m (5%) 100m (5%) 50Mi (1%) 50Mi (1%) 2d20h
kube-system kube-proxy-6r9dx 0 (0%) 0 (0%) 0 (0%) 0 (0%) 2d20h
kube-system kube-scheduler-master200.yinzhengjie.org.cn 100m (5%) 0 (0%) 0 (0%) 0 (0%) 2d20h
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 850m (42%) 100m (5%)
memory 190Mi (4%) 390Mi (10%)
ephemeral-storage 0 (0%) 0 (0%)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Starting 3m10s kubelet, master200.yinzhengjie.org.cn Starting kubelet.
Normal NodeHasSufficientMemory 3m10s (x8 over 3m10s) kubelet, master200.yinzhengjie.org.cn Node master200.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 3m10s (x8 over 3m10s) kubelet, master200.yinzhengjie.org.cn Node master200.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
Normal NodeHasSufficientPID 3m10s (x7 over 3m10s) kubelet, master200.yinzhengjie.org.cn Node master200.yinzhengjie.org.cn status is now: NodeHasSufficientPID
Normal NodeAllocatableEnforced 3m10s kubelet, master200.yinzhengjie.org.cn Updated Node Allocatable limit across pods
Normal Starting 3m kube-proxy, master200.yinzhengjie.org.cn Starting kube-proxy.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node master200.yinzhengjie.org.cn
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node201.yinzhengjie.org.cn
Name: node201.yinzhengjie.org.cn
Roles: <none>
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/arch=amd64
kubernetes.io/hostname=node201.yinzhengjie.org.cn
kubernetes.io/os=linux
Annotations: flannel.alpha.coreos.com/backend-data: {"VtepMAC":"82:2a:43:41:7f:b3"}
flannel.alpha.coreos.com/backend-type: vxlan
flannel.alpha.coreos.com/kube-subnet-manager: true
flannel.alpha.coreos.com/public-ip: 172.200.1.201
kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Tue, 04 Feb 2020 20:11:15 +0800
Taints: <none>
Unschedulable: false
Lease:
HolderIdentity: node201.yinzhengjie.org.cn
AcquireTime: <unset>
RenewTime: Fri, 07 Feb 2020 16:22:36 +0800
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
MemoryPressure False Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 20:11:15 +0800 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 20:11:15 +0800 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 20:11:15 +0800 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 20:22:27 +0800 KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 172.200.1.201
Hostname: node201.yinzhengjie.org.cn
Capacity:
cpu: 2
ephemeral-storage: 511750Mi
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 4026376Ki
pods: 110
Allocatable:
cpu: 2
ephemeral-storage: 482947890401
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 3923976Ki
pods: 110
System Info:
Machine ID: d637a9e4c24d4d11bed0c09151ac78e2
System UUID: 6ED04D56-C57B-0527-4243-6C15BCBA68FE
Boot ID: be24e2cb-1bba-4e46-829d-c53877ee9b80
Kernel Version: 3.10.0-957.el7.x86_64
OS Image: CentOS Linux 7 (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://19.3.5
Kubelet Version: v1.17.2
Kube-Proxy Version: v1.17.2
PodCIDR: 10.244.1.0/24
PodCIDRs: 10.244.1.0/24
Non-terminated Pods: (2 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE
--------- ---- ------------ ---------- --------------- ------------- ---
kube-system kube-flannel-ds-amd64-lnldz 100m (5%) 100m (5%) 50Mi (1%) 50Mi (1%) 2d20h
kube-system kube-proxy-2shb4 0 (0%) 0 (0%) 0 (0%) 0 (0%) 2d20h
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 100m (5%) 100m (5%)
memory 50Mi (1%) 50Mi (1%)
ephemeral-storage 0 (0%) 0 (0%)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Starting 2d20h kubelet, node201.yinzhengjie.org.cn Starting kubelet.
Normal NodeHasSufficientMemory 2d20h (x2 over 2d20h) kubelet, node201.yinzhengjie.org.cn Node node201.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 2d20h (x2 over 2d20h) kubelet, node201.yinzhengjie.org.cn Node node201.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
Normal NodeHasSufficientPID 2d20h (x2 over 2d20h) kubelet, node201.yinzhengjie.org.cn Node node201.yinzhengjie.org.cn status is now: NodeHasSufficientPID
Normal NodeAllocatableEnforced 2d20h kubelet, node201.yinzhengjie.org.cn Updated Node Allocatable limit across pods
Normal Starting 2d20h kube-proxy, node201.yinzhengjie.org.cn Starting kube-proxy.
Normal NodeReady 2d20h kubelet, node201.yinzhengjie.org.cn Node node201.yinzhengjie.org.cn status is now: NodeReady
Normal Starting 4m35s kubelet, node201.yinzhengjie.org.cn Starting kubelet.
Normal NodeHasSufficientMemory 4m35s (x2 over 4m35s) kubelet, node201.yinzhengjie.org.cn Node node201.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 4m35s (x2 over 4m35s) kubelet, node201.yinzhengjie.org.cn Node node201.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
Normal NodeHasSufficientPID 4m35s (x2 over 4m35s) kubelet, node201.yinzhengjie.org.cn Node node201.yinzhengjie.org.cn status is now: NodeHasSufficientPID
Normal NodeAllocatableEnforced 4m35s kubelet, node201.yinzhengjie.org.cn Updated Node Allocatable limit across pods
Warning Rebooted 4m33s kubelet, node201.yinzhengjie.org.cn Node node201.yinzhengjie.org.cn has been rebooted, boot id: be24e2cb-1bba-4e46-829d-c53877ee9b80
Normal Starting 4m31s kube-proxy, node201.yinzhengjie.org.cn Starting kube-proxy.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node201.yinzhengjie.org.cn
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node202.yinzhengjie.org.cn
Name: node202.yinzhengjie.org.cn
Roles: <none>
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/arch=amd64
kubernetes.io/hostname=node202.yinzhengjie.org.cn
kubernetes.io/os=linux
Annotations: flannel.alpha.coreos.com/backend-data: {"VtepMAC":"92:96:45:ff:d8:19"}
flannel.alpha.coreos.com/backend-type: vxlan
flannel.alpha.coreos.com/kube-subnet-manager: true
flannel.alpha.coreos.com/public-ip: 172.200.1.202
kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Tue, 04 Feb 2020 20:26:11 +0800
Taints: <none>
Unschedulable: false
Lease:
HolderIdentity: node202.yinzhengjie.org.cn
AcquireTime: <unset>
RenewTime: Fri, 07 Feb 2020 16:22:16 +0800
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
MemoryPressure False Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 20:26:10 +0800 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 20:26:10 +0800 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 20:26:10 +0800 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Fri, 07 Feb 2020 16:18:06 +0800 Tue, 04 Feb 2020 20:26:21 +0800 KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 172.200.1.202
Hostname: node202.yinzhengjie.org.cn
Capacity:
cpu: 2
ephemeral-storage: 511750Mi
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 4026376Ki
pods: 110
Allocatable:
cpu: 2
ephemeral-storage: 482947890401
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 3923976Ki
pods: 110
System Info:
Machine ID: d637a9e4c24d4d11bed0c09151ac78e2
System UUID: 226D4D56-DEF8-E1C7-C94F-46F187EE96F4
Boot ID: d5f37a27-c41b-44b6-9ce1-e60b82632a48
Kernel Version: 3.10.0-957.el7.x86_64
OS Image: CentOS Linux 7 (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://19.3.5
Kubelet Version: v1.17.2
Kube-Proxy Version: v1.17.2
PodCIDR: 10.244.2.0/24
PodCIDRs: 10.244.2.0/24
Non-terminated Pods: (2 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE
--------- ---- ------------ ---------- --------------- ------------- ---
kube-system kube-flannel-ds-amd64-nwv2l 100m (5%) 100m (5%) 50Mi (1%) 50Mi (1%) 2d19h
kube-system kube-proxy-cg2m6 0 (0%) 0 (0%) 0 (0%) 0 (0%) 2d19h
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 100m (5%) 100m (5%)
memory 50Mi (1%) 50Mi (1%)
ephemeral-storage 0 (0%) 0 (0%)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Starting 2d19h kubelet, node202.yinzhengjie.org.cn Starting kubelet.
Normal NodeHasSufficientMemory 2d19h (x2 over 2d19h) kubelet, node202.yinzhengjie.org.cn Node node202.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 2d19h (x2 over 2d19h) kubelet, node202.yinzhengjie.org.cn Node node202.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
Normal NodeHasSufficientPID 2d19h (x2 over 2d19h) kubelet, node202.yinzhengjie.org.cn Node node202.yinzhengjie.org.cn status is now: NodeHasSufficientPID
Normal NodeAllocatableEnforced 2d19h kubelet, node202.yinzhengjie.org.cn Updated Node Allocatable limit across pods
Normal Starting 2d19h kube-proxy, node202.yinzhengjie.org.cn Starting kube-proxy.
Normal NodeReady 2d19h kubelet, node202.yinzhengjie.org.cn Node node202.yinzhengjie.org.cn status is now: NodeReady
Normal Starting 4m13s kubelet, node202.yinzhengjie.org.cn Starting kubelet.
Normal NodeHasSufficientMemory 4m13s (x2 over 4m13s) kubelet, node202.yinzhengjie.org.cn Node node202.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 4m13s (x2 over 4m13s) kubelet, node202.yinzhengjie.org.cn Node node202.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
Normal NodeHasSufficientPID 4m13s (x2 over 4m13s) kubelet, node202.yinzhengjie.org.cn Node node202.yinzhengjie.org.cn status is now: NodeHasSufficientPID
Normal NodeAllocatableEnforced 4m13s kubelet, node202.yinzhengjie.org.cn Updated Node Allocatable limit across pods
Warning Rebooted 4m12s kubelet, node202.yinzhengjie.org.cn Node node202.yinzhengjie.org.cn has been rebooted, boot id: d5f37a27-c41b-44b6-9ce1-e60b82632a48
Normal Starting 4m10s kube-proxy, node202.yinzhengjie.org.cn Starting kube-proxy.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node202.yinzhengjie.org.cn
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node203.yinzhengjie.org.cn
Name: node203.yinzhengjie.org.cn
Roles: <none>
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/arch=amd64
kubernetes.io/hostname=node203.yinzhengjie.org.cn
kubernetes.io/os=linux
Annotations: flannel.alpha.coreos.com/backend-data: {"VtepMAC":"a2:8e:71:99:3a:9f"}
flannel.alpha.coreos.com/backend-type: vxlan
flannel.alpha.coreos.com/kube-subnet-manager: true
flannel.alpha.coreos.com/public-ip: 172.200.1.203
kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Tue, 04 Feb 2020 20:26:23 +0800
Taints: <none>
Unschedulable: false
Lease:
HolderIdentity: node203.yinzhengjie.org.cn
AcquireTime: <unset>
RenewTime: Fri, 07 Feb 2020 16:21:29 +0800
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
MemoryPressure False Fri, 07 Feb 2020 16:18:10 +0800 Tue, 04 Feb 2020 20:26:23 +0800 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Fri, 07 Feb 2020 16:18:10 +0800 Tue, 04 Feb 2020 20:26:23 +0800 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Fri, 07 Feb 2020 16:18:10 +0800 Tue, 04 Feb 2020 20:26:23 +0800 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Fri, 07 Feb 2020 16:18:10 +0800 Tue, 04 Feb 2020 20:26:33 +0800 KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 172.200.1.203
Hostname: node203.yinzhengjie.org.cn
Capacity:
cpu: 2
ephemeral-storage: 511750Mi
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 4026384Ki
pods: 110
Allocatable:
cpu: 2
ephemeral-storage: 482947890401
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 3923984Ki
pods: 110
System Info:
Machine ID: d637a9e4c24d4d11bed0c09151ac78e2
System UUID: 67A04D56-8B05-87A0-1E15-69BC1ADAF803
Boot ID: c3a5508c-432c-4e4c-9913-68879ba9f5c3
Kernel Version: 3.10.0-957.el7.x86_64
OS Image: CentOS Linux 7 (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://19.3.5
Kubelet Version: v1.17.2
Kube-Proxy Version: v1.17.2
PodCIDR: 10.244.3.0/24
PodCIDRs: 10.244.3.0/24
Non-terminated Pods: (2 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE
--------- ---- ------------ ---------- --------------- ------------- ---
kube-system kube-flannel-ds-amd64-jhmh6 100m (5%) 100m (5%) 50Mi (1%) 50Mi (1%) 2d19h
kube-system kube-proxy-lp5pr 0 (0%) 0 (0%) 0 (0%) 0 (0%) 2d19h
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 100m (5%) 100m (5%)
memory 50Mi (1%) 50Mi (1%)
ephemeral-storage 0 (0%) 0 (0%)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Starting 2d19h kubelet, node203.yinzhengjie.org.cn Starting kubelet.
Normal NodeHasSufficientMemory 2d19h (x2 over 2d19h) kubelet, node203.yinzhengjie.org.cn Node node203.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 2d19h (x2 over 2d19h) kubelet, node203.yinzhengjie.org.cn Node node203.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
Normal NodeHasSufficientPID 2d19h (x2 over 2d19h) kubelet, node203.yinzhengjie.org.cn Node node203.yinzhengjie.org.cn status is now: NodeHasSufficientPID
Normal NodeAllocatableEnforced 2d19h kubelet, node203.yinzhengjie.org.cn Updated Node Allocatable limit across pods
Normal Starting 2d19h kube-proxy, node203.yinzhengjie.org.cn Starting kube-proxy.
Normal NodeReady 2d19h kubelet, node203.yinzhengjie.org.cn Node node203.yinzhengjie.org.cn status is now: NodeReady
Normal Starting 3m27s kubelet, node203.yinzhengjie.org.cn Starting kubelet.
Normal NodeAllocatableEnforced 3m27s kubelet, node203.yinzhengjie.org.cn Updated Node Allocatable limit across pods
Normal NodeHasSufficientMemory 3m27s kubelet, node203.yinzhengjie.org.cn Node node203.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 3m27s kubelet, node203.yinzhengjie.org.cn Node node203.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
Normal NodeHasSufficientPID 3m27s kubelet, node203.yinzhengjie.org.cn Node node203.yinzhengjie.org.cn status is now: NodeHasSufficientPID
Warning Rebooted 3m26s kubelet, node203.yinzhengjie.org.cn Node node203.yinzhengjie.org.cn has been rebooted, boot id: c3a5508c-432c-4e4c-9913-68879ba9f5c3
Normal Starting 3m26s kube-proxy, node203.yinzhengjie.org.cn Starting kube-proxy.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node203.yinzhengjie.org.cn
2>.编写yaml文件并应用yaml
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: filebeat-ds
namespace: testing
labels:
app: filebeat
spec:
selector:
matchLabels:
app: filebeat
template:
metadata:
labels:
app: filebeat
name: filebeat
spec:
containers:
- name: filebeat
image: ikubernetes/filebeat:5.6.5-alpine
env:
- name: REDIS_HOST
value: db.ikubernetes.io:6379
- name: LOG_LEVEL
value: info
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl create ns testing
namespace/testing created
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
daemonset.apps/filebeat-ds created
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide --show-labels -l app=filebeat
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
filebeat-ds-d72hj 1/1 Running 0 79s 10.244.3.2 node203.yinzhengjie.org.cn <none> <none> app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
filebeat-ds-kb5v6 1/1 Running 0 79s 10.244.1.2 node201.yinzhengjie.org.cn <none> <none> app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
filebeat-ds-wbhcr 1/1 Running 0 79s 10.244.2.2 node202.yinzhengjie.org.cn <none> <none> app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
3>.滚动更新案例(升级filebeat版本)
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds
KIND: DaemonSet
VERSION: apps/v1
DESCRIPTION:
DaemonSet represents the configuration of a daemon set.
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata <Object>
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
spec <Object>
The desired behavior of this daemon set. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
status <Object>
The current status of this daemon set. This data may be out of date by some
window of time. Populated by the system. Read-only. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds.spec
KIND: DaemonSet
VERSION: apps/v1
RESOURCE: spec <Object>
DESCRIPTION:
The desired behavior of this daemon set. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
DaemonSetSpec is the specification of a daemon set.
FIELDS:
minReadySeconds <integer>
The minimum number of seconds for which a newly created DaemonSet pod
should be ready without any of its container crashing, for it to be
considered available. Defaults to 0 (pod will be considered available as
soon as it is ready).
revisionHistoryLimit <integer>
The number of old history to retain to allow rollback. This is a pointer to
distinguish between explicit zero and not specified. Defaults to 10.
selector <Object> -required-
A label query over pods that are managed by the daemon set. Must match in
order to be controlled. It must match the pod template's labels. More info:
https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
template <Object> -required-
An object that describes the pod that will be created. The DaemonSet will
create exactly one copy of this pod on every node that matches the
template's node selector (or on every node if no node selector is
specified). More info:
https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
updateStrategy <Object>
An update strategy to replace existing DaemonSet pods with new pods.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds.spec
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds.spec.updateStrategy
KIND: DaemonSet
VERSION: apps/v1
RESOURCE: updateStrategy <Object>
DESCRIPTION:
An update strategy to replace existing DaemonSet pods with new pods.
DaemonSetUpdateStrategy is a struct used to control the update strategy for
a DaemonSet.
FIELDS:
rollingUpdate <Object>
Rolling update config params. Present only if type = "RollingUpdate".
type <string>
Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is
RollingUpdate.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds.spec.updateStrategy
[root@master200.yinzhengjie.org.cn ~]# kubectl set image --help
Update existing container image(s) of resources.
Possible resources include (case insensitive):
pod (po), replicationcontroller (rc), deployment (deploy), daemonset (ds), replicaset (rs)
Examples:
# Set a deployment's nginx container image to 'nginx:1.9.1', and its busybox container image to 'busybox'.
kubectl set image deployment/nginx busybox=busybox nginx=nginx:1.9.1
# Update all deployments' and rc's nginx container's image to 'nginx:1.9.1'
kubectl set image deployments,rc nginx=nginx:1.9.1 --all
# Update image of all containers of daemonset abc to 'nginx:1.9.1'
kubectl set image daemonset abc *=nginx:1.9.1
# Print result (in yaml format) of updating nginx container image from local file, without hitting the server
kubectl set image -f path/to/file.yaml nginx=nginx:1.9.1 --local -o yaml
Options:
--all=false: Select all resources, including uninitialized ones, in the namespace of the specified resource types
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
--dry-run=false: If true, only print the object that would be sent, without sending it.
-f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
-k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
--local=false: If true, set image will NOT contact api-server but run locally.
-o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
--record=false: Record current kubectl command in the resource annotation. If set to false, do not record the
command. If set to true, record the command. If not set, default to updating the existing annotation value only if one
already exists.
-R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
-l, --selector='': Selector (label query) to filter on, not including uninitialized ones, supports '=', '==', and
'!='.(e.g. -l key1=value1,key2=value2)
--template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
Usage:
kubectl set image (-f FILENAME | TYPE NAME) CONTAINER_NAME_1=CONTAINER_IMAGE_1 ... CONTAINER_NAME_N=CONTAINER_IMAGE_N
[options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl set image --help
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: filebeat-ds
namespace: testing
labels:
app: filebeat
spec:
selector:
matchLabels:
app: filebeat
template:
metadata:
labels:
app: filebeat
name: filebeat
spec:
containers:
- name: filebeat
image: ikubernetes/filebeat:5.6.5-alpine
env:
- name: REDIS_HOST
value: db.ikubernetes.io:6379
- name: LOG_LEVEL
value: info
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide --show-labels -l app=filebeat
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
filebeat-ds-d72hj 1/1 Running 0 12m 10.244.3.2 node203.yinzhengjie.org.cn <none> <none> app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
filebeat-ds-kb5v6 1/1 Running 0 12m 10.244.1.2 node201.yinzhengjie.org.cn <none> <none> app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
filebeat-ds-wbhcr 1/1 Running 0 12m 10.244.2.2 node202.yinzhengjie.org.cn <none> <none> app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get ds -n testing -o wide
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE CONTAINERS IMAGES SELECTOR
filebeat-ds 3 3 3 3 3 <none> 15m filebeat ikubernetes/filebeat:5.6.5-alpine app=filebeat
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl set image ds/filebeat-ds filebeat=ikubernetes/filebeat:5.6.6-alpine -n testing
daemonset.apps/filebeat-ds image updated
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get ds -n testing -o wide
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE CONTAINERS IMAGES SELECTOR
filebeat-ds 3 3 3 3 3 <none> 17m filebeat ikubernetes/filebeat:5.6.6-alpine app=filebeat
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl set image ds/filebeat-ds filebeat=ikubernetes/filebeat:5.6.6-alpine -n testing
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide --show-labels -l app=filebeat
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
filebeat-ds-jxd8q 1/1 Running 0 8m28s 10.244.3.3 node203.yinzhengjie.org.cn <none> <none> app=filebeat,controller-revision-hash=6d7dff6d4d,pod-template-generation=2
filebeat-ds-wrkfk 1/1 Running 0 8m1s 10.244.1.3 node201.yinzhengjie.org.cn <none> <none> app=filebeat,controller-revision-hash=6d7dff6d4d,pod-template-generation=2
filebeat-ds-wz2mh 1/1 Running 0 8m20s 10.244.2.3 node202.yinzhengjie.org.cn <none> <none> app=filebeat,controller-revision-hash=6d7dff6d4d,pod-template-generation=2
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl describe pods filebeat-ds-jxd8q -n testing
Name: filebeat-ds-jxd8q
Namespace: testing
Priority: 0
Node: node203.yinzhengjie.org.cn/172.200.1.203
Start Time: Fri, 07 Feb 2020 16:44:47 +0800
Labels: app=filebeat
controller-revision-hash=6d7dff6d4d
pod-template-generation=2
Annotations: <none>
Status: Running
IP: 10.244.3.3
IPs:
IP: 10.244.3.3
Controlled By: DaemonSet/filebeat-ds
Containers:
filebeat:
Container ID: docker://a5b9901f18c5ec90a73137d7a57108e9351ec50ba5d9bc3136f2a7cc27744ec4
Image: ikubernetes/filebeat:5.6.6-alpine
Image ID: docker-pullable://ikubernetes/filebeat@sha256:5a59f3efee26f52582d9b9c9940249728291d236c561cefda5300ee124fd592f
Port: <none>
Host Port: <none>
State: Running
Started: Fri, 07 Feb 2020 16:44:53 +0800
Ready: True
Restart Count: 0
Environment:
REDIS_HOST: db.ikubernetes.io:6379
LOG_LEVEL: info
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-x6kkr (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-x6kkr:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-x6kkr
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/disk-pressure:NoSchedule
node.kubernetes.io/memory-pressure:NoSchedule
node.kubernetes.io/not-ready:NoExecute
node.kubernetes.io/pid-pressure:NoSchedule
node.kubernetes.io/unreachable:NoExecute
node.kubernetes.io/unschedulable:NoSchedule
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 8m34s default-scheduler Successfully assigned testing/filebeat-ds-jxd8q to node203.yinzhengjie.org.cn
Normal Pulling 8m33s kubelet, node203.yinzhengjie.org.cn Pulling image "ikubernetes/filebeat:5.6.6-alpine"
Normal Pulled 8m28s kubelet, node203.yinzhengjie.org.cn Successfully pulled image "ikubernetes/filebeat:5.6.6-alpine"
Normal Created 8m28s kubelet, node203.yinzhengjie.org.cn Created container filebeat
Normal Started 8m28s kubelet, node203.yinzhengjie.org.cn Started container filebeat
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl describe pods filebeat-ds-jxd8q -n testing
4>.节点选择器(nodeSelector)案例构建filebeat案例
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
NAME STATUS ROLES AGE VERSION LABELS
master200.yinzhengjie.org.cn Ready master 2d21h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=master200.yinzhengjie.org.cn,kubernetes.io/os=linux,node-role.kubernetes.io/master=
node201.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node201.yinzhengjie.org.cn,kubernetes.io/os=linux
node202.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node202.yinzhengjie.org.cn,kubernetes.io/os=linux
node203.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node203.yinzhengjie.org.cn,kubernetes.io/os=linux
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
[root@master200.yinzhengjie.org.cn ~]# kubectl explain pods.spec.nodeSelector
KIND: Pod
VERSION: v1
FIELD: nodeSelector <map[string]string>
DESCRIPTION:
NodeSelector is a selector which must be true for the pod to fit on a node.
Selector which must match a node's labels for the pod to be scheduled on
that node. More info:
https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl explain pods.spec.nodeSelector
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: filebeat-ds
namespace: testing
labels:
app: filebeat
spec:
selector:
matchLabels:
app: filebeat
template:
metadata:
labels:
app: filebeat
name: filebeat
spec:
containers:
- name: filebeat
image: ikubernetes/filebeat:5.6.5-alpine
env:
- name: REDIS_HOST
value: db.ikubernetes.io:6379
- name: LOG_LEVEL
value: info
nodeSelector:
logcollecting: "on"
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
daemonset.apps/filebeat-ds configured
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide --show-labels -l app=filebeat
No resources found in testing namespace.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl label node node202.yinzhengjie.org.cn logcollecting="on"
node/node202.yinzhengjie.org.cn labeled
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide --show-labels -l app=filebeat
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
filebeat-ds-n6j5z 1/1 Running 0 12s 10.244.2.4 node202.yinzhengjie.org.cn <none> <none> app=filebeat,controller-revision-hash=dfb47bdf,pod-template-generation=3
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl label node node202.yinzhengjie.org.cn logcollecting="on"
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
NAME STATUS ROLES AGE VERSION LABELS
master200.yinzhengjie.org.cn Ready master 2d21h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=master200.yinzhengjie.org.cn,kubernetes.io/os=linux,node-role.kubernetes.io/master=
node201.yinzhengjie.org.cn Ready <none> 2d21h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node201.yinzhengjie.org.cn,kubernetes.io/os=linux
node202.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node202.yinzhengjie.org.cn,kubernetes.io/os=linux,logcollecting=on
node203.yinzhengjie.org.cn Ready <none> 2d20h v1.17.2 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node203.yinzhengjie.org.cn,kubernetes.io/os=linux
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
五.Job 控制器(controller)
我们上面介绍了ReplicaSet,Deployment和DaemonSet,他们有一个特点就是都是用来控制守护进程的,即任何一个pod发生宕机都会自动选取一个节点启动起来;Job主要用来管理非守护进程的一次性作业,即当一个任务正常执行完毕后就会退出并不会再次启动。
作业(Job)创建一个或多个pod并确保指定数量的pod成功终止:
当pods成功完成时,作业将跟踪成功完成的操作;
当达到指定数量的成功完成时,作业本身即已完成。删除作业将清除其创建的pods;
编写Job控制器的规则:
template
selector
Parall Jobs
非并行作业(Non-parallel Jobs)
具有固定完成计数的并行作业(Parallel Jobs with a fixed completion count,参考:"jobs.spec.completions")
具有工作队列的并行作业(Parallel Jobs with a work queue,参考"jobs.spec.parallelism")
POD中的容器可能由于多种原因而失败,例如因为它的进程退出了非零退出代码,或者容器被杀死超过内存限制等:
当容器的退出码为0,说明容器正常运行结束,则Pod的状态为Completed,此时并不会重启容器。
当容器的退出吗不为0,说明容器不正常运行结束,则Pod状态为Failure,此时我们有两种重启策略,当Pod的容器执行失败时,若重启则可用restartPolicy="OnFailure",若不重启则可用restartPolicy="Nerver"。
Job的工作模式:
当使用.spec.completions指定完成时,作业控制器创建的每个Pod都具有相同的规范:
这意味着所有pod都将具有相同的命令行和相同的镜像(image)、相同的卷(volumes)和(几乎)相同的环境变量。
这些模式是不同的方式安排Pod在不同的事情上工作:
当Parttern为"Job Template Expansion"时,".spec.completions"为1,".spec.parallelism"为"should be 1",即作用总量为1,那么并行度只能为1。
当Parttern为"Queue with Pod Per Work Item"时,".spec.completions"为w,".spec.parallelism"为"any",即作业总量为多个(此处我们称为w个作业),那么并行度是any。
当Parttern为"Queue with Variable Pod Count"时,".spec.completions"为1,".spec.parallelism"为"any",即一个队列中有可变的pod数量,那么一个队列中只能完成一个,并行度也是any。
当Parttern为"Single Job With Static Work Assignment"时,".spec.completions"为w,".spec.parallelism"为"any"
[root@master200.yinzhengjie.org.cn ~]# kubectl explain jobs.spec.parallelism
KIND: Job
VERSION: batch/v1
FIELD: parallelism <integer>
DESCRIPTION:
Specifies the maximum desired number of pods the job should run at any
given time. The actual number of pods running in steady state will be less
than this number when ((.spec.completions - .status.successful) <
.spec.parallelism), i.e. when the work left to do is less than max
parallelism. More info:
https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl explain jobs.spec.parallelism #并行度
[root@master200.yinzhengjie.org.cn ~]# kubectl explain jobs.spec.completions
KIND: Job
VERSION: batch/v1
FIELD: completions <integer>
DESCRIPTION:
Specifies the desired number of successfully finished pods the job should
be run with. Setting to nil means that the success of any pod signals the
success of all pods, and allows parallelism to have any positive value.
Setting to 1 means that parallelism is limited to 1 and the success of that
pod signals the success of the job. More info:
https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl explain jobs.spec.completions #完成率
1>.单路作业案例
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/job-example.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/job-example.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: job-example
namespace: testing
spec:
template:
metadata:
labels:
app: myjob
spec:
containers:
- name: myjob
image: alpine
command: ["/bin/sh", "-c", "sleep 10"]
restartPolicy: Never
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/job-example.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get job -n testing -o wide
No resources found in testing namespace.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/job-example.yaml
job.batch/job-example created
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get job -n testing -o wide
NAME COMPLETIONS DURATION AGE CONTAINERS IMAGES SELECTOR
job-example 0/1 3s 3s myjob alpine controller-uid=4346be11-e9d1-4cbe-8d9b-70b3fd7fb8ae
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get job -n testing -o wide
NAME COMPLETIONS DURATION AGE CONTAINERS IMAGES SELECTOR
job-example 1/1 20s 52s myjob alpine controller-uid=4346be11-e9d1-4cbe-8d9b-70b3fd7fb8ae
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
filebeat-ds-n6j5z 1/1 Running 0 8h 10.244.2.4 node202.yinzhengjie.org.cn <none> <none>
job-example-qvt8q 0/1 Completed 0 103s 10.244.1.4 node201.yinzhengjie.org.cn <none> <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/job-example.yaml
2>.多路作业案例
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/job-multi.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/job-multi.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: job-multi
namespace: testing2
spec:
completions: 5
parallelism: 2
template:
metadata:
labels:
app: myjob
spec:
containers:
- name: myjob
image: alpine
command: ["/bin/sh", "-c", "sleep 3"]
restartPolicy: Never
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/job-multi.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing2 -o wide
No resources found in testing2 namespace.
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/job-multi.yaml
job.batch/job-multi created
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing2 -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
job-multi-4t8cz 0/1 Completed 0 22s 10.244.1.10 node201.yinzhengjie.org.cn <none> <none>
job-multi-8qxxx 0/1 Completed 0 37s 10.244.1.8 node201.yinzhengjie.org.cn <none> <none>
job-multi-q8ql4 0/1 Completed 0 30s 10.244.1.9 node201.yinzhengjie.org.cn <none> <none>
job-multi-sfk7g 0/1 Completed 0 30s 10.244.2.8 node202.yinzhengjie.org.cn <none> <none>
job-multi-znltr 0/1 Completed 0 37s 10.244.2.7 node202.yinzhengjie.org.cn <none> <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/job-multi.yaml
六.CronJob 控制器(controller)
一个Job控制器可用创建一次性任务,而一个CronJob控制器可用创建一个周期性调度任务,其实CronJob底层还是控制之前提到的Job控制器实现的:
一个CronJob对象就像Linux 的crontab(cron table)文件的一行。
它在给定的时间表上周期性地运行一个以Cron格式编写的作业。
cron作业大约在其计划的每个执行时间创建一个作业对象。
如果startDeadlineSeonds设置为大值或未设置(默认值),并且concurrency设置为Allow,则作业将始终至少运行一次:
对于每个CronJob,CronJob控制器检查从上次计划时间到现在这段时间内它错过了多少计划
如果错过的计划超过100个,则它不会启动作业并记录错误
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/cronjob-example.yaml
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/cronjob-example.yaml
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: cronjob-example
namespace: testing3
labels:
app: mycronjob
spec:
schedule: "*/2 * * * *"
jobTemplate:
metadata:
labels:
app: mycronjob-jobs
spec:
parallelism: 2
template:
spec:
containers:
- name: myjob
image: alpine
command:
- /bin/sh
- -c
- date; echo Hello from the Kubernetes cluster; sleep 10
restartPolicy: OnFailure
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/cronjob-example.yaml
七.Garbage Collection
一些Kubernetes对象是其他对象的所有者:
拥有的对象称为所有者对象的从属对象。
每个依赖对象都有一个指向所属对象的metadata.ownerReferences字段。
有时,Kubernetes会自动设置ownerReference的值。
也可以通过手动设置“所有者引用”字段来指定所有者和从属对象之间的关系。
删除对象时,可以指定是否也自动删除该对象的从属对象:
自动删除从属关系称为级联删除(有两种级联删除模式:background and foreground)
如果删除对象而不自动删除其从属对象,则这些从属对象称为孤立对象
设置级联删除策略:
可以设置的值为:"Orphan","Foreground","Background"。
Kubernetes 1.9之前的版本中,许多控制器的默认GC策略为orphan,包括ReplicaSet,StatefulSet,DaemonSet和Deployment等(对于extensions/v1beta1、apps/v1beta1和apps/v1beta2组版本中的类型,除非您另外指定,否则依赖对象在默认情况下是孤立的);
Kubernetes 1.9之后的版本中,apps/v1群组中的所有控制器对象的默认策略都为删除,deleteOptions的值为"Backgroupd";
八.Node 控制器(controller)
Node Controller打包在kube-controller-manager之中,它负责Node生命周期中的多种任务:
(1)在注册节点时将CIDR块分配给该节点(如果CIDR分配为truned on)
(2)使节点控制器的nades内部列表与云提供商的可用计算机列表保持最新。
(3)监视节点的运行状况:
健康状态的检查频率由"--node-monitor-period"选项进行定义
节点变得不可用时,将其从Ready设置为Unknown
长时间不可用时,驱逐此前敌法哦都至其上的Pod对象,驱逐速率由”--node-eviction-rate选项进行定义,默认为"0.1",即最快10秒驱逐一个Pod对象。
(4)为Node驱逐哪些不能容忍当前Node上具有NoExecute效用的污点Pod对象(Kubernetes 1.6+)
(5)为Node创建代表其Condition的污点(Kubernetes 1.8+)
1>.Nodes
节点是Kubernetes中的一个工作机器,以前被称为下属(minion)。
节点可以是虚拟机或物理机,具体取决于集群。
每个节点包含运行pods所需的服务,并由主组件管理。
节点上的服务包括 container runtime,kubelet和kube-proxy。
2>.Node Status
Address:HostName,ExternalIP(外部地址),InternalIP(内部地址)
Condition:该节点所处的状态,比如磁盘使用量等。
Capacity:CPU、内存和可调度到节点上的最大数量的Pods
Info:节点的一般信息,如kerner版本、Kubernetes版本(kubelet和kube-proxy版本)、Docker版本(如果使用)、OS名称。
[root@master200.yinzhengjie.org.cn ~]# kubectl describe nodes node201.yinzhengjie.org.cn
Name: node201.yinzhengjie.org.cn
Roles: <none>
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/arch=amd64
kubernetes.io/hostname=node201.yinzhengjie.org.cn
kubernetes.io/os=linux
Annotations: flannel.alpha.coreos.com/backend-data: {"VtepMAC":"82:2a:43:41:7f:b3"}
flannel.alpha.coreos.com/backend-type: vxlan
flannel.alpha.coreos.com/kube-subnet-manager: true
flannel.alpha.coreos.com/public-ip: 172.200.1.201
kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Tue, 04 Feb 2020 20:11:15 +0800
Taints: <none>
Unschedulable: false
Lease:
HolderIdentity: node201.yinzhengjie.org.cn
AcquireTime: <unset>
RenewTime: Sat, 08 Feb 2020 02:52:16 +0800
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
MemoryPressure False Sat, 08 Feb 2020 02:51:29 +0800 Tue, 04 Feb 2020 20:11:15 +0800 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Sat, 08 Feb 2020 02:51:29 +0800 Tue, 04 Feb 2020 20:11:15 +0800 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Sat, 08 Feb 2020 02:51:29 +0800 Tue, 04 Feb 2020 20:11:15 +0800 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Sat, 08 Feb 2020 02:51:29 +0800 Tue, 04 Feb 2020 20:22:27 +0800 KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 172.200.1.201
Hostname: node201.yinzhengjie.org.cn
Capacity:
cpu: 2
ephemeral-storage: 511750Mi
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 4026376Ki
pods: 110
Allocatable:
cpu: 2
ephemeral-storage: 482947890401
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 3923976Ki
pods: 110
System Info:
Machine ID: d637a9e4c24d4d11bed0c09151ac78e2
System UUID: 6ED04D56-C57B-0527-4243-6C15BCBA68FE
Boot ID: be24e2cb-1bba-4e46-829d-c53877ee9b80
Kernel Version: 3.10.0-957.el7.x86_64
OS Image: CentOS Linux 7 (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://19.3.5
Kubelet Version: v1.17.2
Kube-Proxy Version: v1.17.2
PodCIDR: 10.244.1.0/24
PodCIDRs: 10.244.1.0/24
Non-terminated Pods: (2 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE
--------- ---- ------------ ---------- --------------- ------------- ---
kube-system kube-flannel-ds-amd64-lnldz 100m (5%) 100m (5%) 50Mi (1%) 50Mi (1%) 3d6h
kube-system kube-proxy-2shb4 0 (0%) 0 (0%) 0 (0%) 0 (0%) 3d6h
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 100m (5%) 100m (5%)
memory 50Mi (1%) 50Mi (1%)
ephemeral-storage 0 (0%) 0 (0%)
Events: <none>
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]#
[root@master200.yinzhengjie.org.cn ~]# kubectl describe nodes node201.yinzhengjie.org.cn
3>.Node Conditions
OutOfDisk:
即当为True时,磁盘耗尽,即节点上没有足够的可用空间来添加新的pod,否则为False
Ready:
如果节点运行正常并准备接受pods,则为True;
如果节点运行不正常且不接受pods,则为False;
如果节点控制器在上一个节点监视器宽限期内(默认值为40秒)未收到节点的消息,则为Unknown
MemoryPressure:
如果在节点存储器上存在压力,即,如果节点内存较低,则为true,否则为Flase
PIDPressure:
如果进程上存在压力,如果在节点上有太多的进程,则为true;否则为Flase。
DiskPressure:
如果磁盘大小上存在压力,即磁盘容量较低,则为true;否则Fla
NetworkUnavailable:
如果节点的网络配置不正确,则为True,否则为False。
ConfigOK:
如果kubelet配置正确,则为True,否则为False。
4>.节点管理(Node Management)
与POD和服务不同,一个节点不是由Kubernetes天生创建的:它是由谷歌计算引擎之类的云提供商在外部创建的,或者它存在于物理或虚拟机的池中。
当Kubernetes创建一个节点时,它会创建一个表示该节点的对象。
创建后,Kubernetes检查节点是否有效。
Kubernetes在内部创建一个节点对象(the representation ),并基于metadata.name字段通过运行状况检查来验证节点。
如果节点有效,也就是说,如果所有必需的服务都在运行,那么它就有资格运行pod。
否则,任何群集活动都将忽略它,直到它变为有效。
