Kubernetes Pod管理及重启策略
Pod创建
# 创建命名空间
> 这里的kubens命令是我自行设置简短的,想设置的可以参考我的博客:https://www.cnblogs.com/kongshuo/p/17412322.html
# 创建
[root@kmaster ~]# kubectl create ns kongshuo
namespace/kongshuo created
[root@kmaster ~]# kubens
calico-apiserver
calico-system
default
kongshuo
kube-node-lease
kube-public
kube-system
tigera-operator
# 切换至创建的命名空间
[root@kmaster ~]# kubens kongshuo
Context "kubernetes-admin@kubernetes" modified.
Active namespace is "kongshuo".
[root@kmaster ~]# kubens
calico-apiserver
calico-system
default
kongshuo
kube-node-lease
kube-public
kube-system
tigera-operator
# 创建一个简单的nginx
[root@kmaster ~]# kubectl get pod
No resources found in kongshuo namespace.
[root@kmaster ~]# kubectl run pod1 --image nginx
pod/pod1 created
[root@kmaster ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
pod1 1/1 Running 0 24s
# 查看pod运行在哪个节点
[root@kmaster ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod1 1/1 Running 0 95s 10.244.69.201 knode2 <none> <none>
# 查看节点是否下载了nginx镜像
[root@knode2 ~]# crictl img
IMAGE TAG IMAGE ID SIZE
docker.io/calico/cni v3.25.0 d70a5947d57e5 88MB
docker.io/calico/csi v3.25.0 f37eacbb9a295 9.08MB
docker.io/calico/kube-controllers v3.25.0 5e785d005ccc1 31.3MB
docker.io/calico/node-driver-registrar v3.25.0 c14671fdda128 11.1MB
docker.io/calico/node v3.25.0 08616d26b8e74 87.2MB
docker.io/calico/pod2daemon-flexvol v3.25.0 ed8b7bbb113fe 7.08MB
docker.io/calico/typha v3.25.0 7b60c7012b1c9 28.5MB
docker.io/library/nginx latest 448a08f1d2f94 57MB
quay.io/tigera/operator v1.29.0 343ea4f89a32c 21.1MB
registry.aliyuncs.com/google_containers/coredns v1.9.3 5185b96f0becf 14.8MB
registry.aliyuncs.com/google_containers/kube-proxy v1.26.0 556768f31eb1d 21.5MB
registry.aliyuncs.com/google_containers/pause 3.6 6270bb605e12e 302kB
# 查看pod详细信息
[root@kmaster ~]# kubectl describe pod pod1
Name: pod1
Namespace: kongshuo
Priority: 0
Service Account: default
Node: knode2/192.168.100.182
Start Time: Fri, 19 May 2023 12:03:29 +0800
Labels: run=pod1
Annotations: cni.projectcalico.org/containerID: 1e53a3fe0b3b6f7d8983709d51ace6114c3f057dc5d43bf8ef1c730234ae7675
cni.projectcalico.org/podIP: 10.244.69.202/32
cni.projectcalico.org/podIPs: 10.244.69.202/32
Status: Running
IP: 10.244.69.202
IPs:
IP: 10.244.69.202
Containers:
pod1:
Container ID: containerd://8d3910112bd21740735b125656e3b6cd8f88e890794c719a3cd9c441adab75fe
Image: nginx
Image ID: docker.io/library/nginx@sha256:480868e8c8c797794257e2abd88d0f9a8809b2fe956cbfbc05dcc0bca1f7cd43
Port: <none>
Host Port: <none>
State: Running
Started: Mon, 22 May 2023 09:20:54 +0800
Last State: Terminated
Reason: Unknown
Exit Code: 255
Started: Fri, 19 May 2023 12:03:41 +0800
Finished: Mon, 22 May 2023 09:19:39 +0800
Ready: True
Restart Count: 1
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-q62zp (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kube-api-access-q62zp:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 2d21h default-scheduler Successfully assigned kongshuo/pod1 to knode2
Normal Pulling 2d21h kubelet Pulling image "nginx"
Normal Pulled 2d21h kubelet Successfully pulled image "nginx" in 11.222394648s (11.222400274s including waiting)
Normal Created 2d21h kubelet Created container pod1
Normal Started 2d21h kubelet Started container pod1
Normal SandboxChanged 3m26s (x3 over 4m23s) kubelet Pod sandbox changed, it will be killed and re-created.
Normal Pulling 3m25s kubelet Pulling image "nginx"
Normal Pulled 3m23s kubelet Successfully pulled image "nginx" in 2.40067693s (2.400682318s including waiting)
Normal Created 3m23s kubelet Created container pod1
Normal Started 3m22s kubelet Started container pod1
镜像下载策略
# Always:每次下载都会联网检查镜像,不管是否下载于本地,都会有联网检查
# Never:只会使用本地镜像,不会联网下载
# IfNotPresent:如果检测本地没有所需镜像,才会联网下载
# 不使用--image-pull-policy参数默认使用Always
[root@kmaster ~]# kubectl run pod2 --image nginx
pod/pod2 created
[root@kmaster ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod1 1/1 Running 1 (99m ago) 2d22h 10.244.69.202 knode2 <none> <none>
pod2 1/1 Running 0 89m 10.244.195.145 knode1 <none> <none>
# 使用Never本地有nginx镜像直接创建
[root@kmaster ~]# kubectl run pod3 --image nginx --image-pull-policy Never
pod/pod3 created
[root@kmaster ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod1 1/1 Running 1 (99m ago) 2d22h 10.244.69.202 knode2 <none> <none>
pod2 1/1 Running 0 89m 10.244.195.145 knode1 <none> <none>
pod3 1/1 Running 0 10s 10.244.69.207 knode2 <none> <none>
# 使用IfNotPresent本地有nginx镜像直接创建
[root@kmaster ~]# kubectl run pod4 --image nginx --image-pull-policy IfNotPresent
pod/pod4 created
[root@kmaster ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod1 1/1 Running 1 (101m ago) 2d22h 10.244.69.202 knode2 <none> <none>
pod2 1/1 Running 0 91m 10.244.195.145 knode1 <none> <none>
pod3 1/1 Running 0 2m43s 10.244.69.207 knode2 <none> <none>
pod4 1/1 Running 0 8s 10.244.195.146 knode1 <none> <none>
Pod删除
# 删除Pod(两种方法均可)
[root@kmaster ~]# kubectl delete pods/pod1
pod "pod1" deleted
[root@kmaster ~]# kubectl delete pod pod2
pod "pod2" deleted
[root@kmaster ~]# kubectl delete pods/pod3
pod "pod3" deleted
[root@kmaster ~]# kubectl delete pod pod4
pod "pod4" deleted
Pod测试演练
# 服务端测试
[root@kmaster ~]# kubectl run pod1 --image nginx --image-pull-policy IfNotPresent --dry-run=server
pod/pod1 created (server dry run)
[root@kmaster ~]# kubectl get pod
No resources found in kongshuo namespace.
# 客户端测试(yaml输出建议输出客户端,不建议输出服务端)
[root@kmaster ~]# kubectl run pod1 --image nginx --image-pull-policy IfNotPresent --dry-run=client
pod/pod1 created (dry run)
[root@kmaster ~]# kubectl get pod
No resources found in kongshuo namespace.
[root@kmaster ~]# kubectl run pod1 --image nginx --image-pull-policy IfNotPresent --dry-run=client -o yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: pod1
name: pod1
spec:
containers:
- image: nginx
imagePullPolicy: IfNotPresent
name: pod1
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
使用yaml创建Pod
# 保存yaml
# --sleep 3600使/bin/bash持续运行
[root@kmaster ~]# mkdir pod_yaml
[root@kmaster ~]# kubectl run pod1 --image nginx --image-pull-policy IfNotPresent --dry-run=client -o yaml -- sleep 3600 > /root/pod_yaml/pod1.yaml
[root@kmaster ~]# cd pod_yaml/
[root@kmaster pod_yaml]# ls
pod1.yaml
[root@kmaster pod_yaml]# cat pod1.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: pod1
name: pod1
spec:
containers:
- args:
- sleep
- "3600"
image: nginx
imagePullPolicy: IfNotPresent
name: pod1
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
[root@kmaster pod_yaml]# kubectl apply -f pod1.yaml
pod/pod1 configured
[root@kmaster pod_yaml]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod1 1/1 Running 0 55s 10.244.69.209 knode2 <none> <none>
进入Pod
[root@kmaster ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
pod1 1/1 Running 0 10m
[root@kmaster ~]# kubectl exec -it pods/pod1 -- bash
root@pod1:/# ls
bin dev docker-entrypoint.sh home lib64 mnt proc run srv tmp var
boot docker-entrypoint.d etc lib media opt root sbin sys usr
Pod创建两个容器
[root@kmaster pod_yaml]# ls
pod1.yaml
[root@kmaster pod_yaml]# cp pod1.yaml pod2.yaml
[root@kmaster pod_yaml]# vim pod2.yaml
[root@kmaster pod_yaml]# cat pod2.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: podkongshuo
name: podkongshuo
spec:
containers:
- args:
- sleep
- "3600"
image: centos
imagePullPolicy: IfNotPresent
name: pod11
resources: {}
- args:
- sleep
- "3600"
image: centos
imagePullPolicy: IfNotPresent
name: pod22
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
[root@kmaster pod_yaml]# kubectl apply -f pod2.yaml
pod/podkongshuo created
[root@kmaster pod_yaml]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod1 1/1 Running 0 22m 10.244.69.209 knode2 <none> <none>
podkongshuo 2/2 Running 0 28s 10.244.195.148 knode1 <none> <none>
# 进入容器pod11
[root@kmaster ~]# kubectl exec -it pods/podkongshuo -c pod11 -- bash
[root@podkongshuo /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
# 进入容器pod22
[root@kmaster ~]# kubectl exec -it pods/podkongshuo -c pod22 -- bash
[root@podkongshuo /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
Pod重启策略
# Always:非正常退出一直重启
# Never: 无论正常还是非正常,从不重启
# OnFailure: 遇到错误重启
# Always比如定义错了命令,这时候创建该pod,并观察错误过程,会发现它在不断尝试重启
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: pod1
name: pod1
spec:
containers:
- args:
- sleeeep
- "3600"
image: nginx
imagePullPolicy: IfNotPresent
name: pod1
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
[root@kmaster ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod1 0/1 CrashLoopBackOff 4 (24s ago) 107s 10.244.69.144 knode2 <none> <none>
# Never重来不重启
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: pod1
name: pod1
spec:
containers:
- args:
- sleeeep
- "3600"
image: nginx
imagePullPolicy: IfNotPresent
name: pod1
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Never
status: {}
[root@kmaster ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod1 0/1 Error 0 47s 10.244.69.145 knode2 <none> <none>
# OnFailure遇到(命令)错误才会重启,正常退出是不会重启的
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: pod1
name: pod1
spec:
containers:
- args:
- sleeeep
- "3600"
image: nginx
imagePullPolicy: IfNotPresent
name: pod1
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: OnFailure
status: {}
[root@kmaster ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod1 0/1 Error 4 (35s ago) 59s 10.244.69.146 knode2 <none> <none>
# onfailure如果是正常退出,没有遇到错误,不会重启
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: pod1
name: pod1
spec:
containers:
- args:
- sleep
- "3600"
image: nginx
imagePullPolicy: IfNotPresent
name: pod1
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: OnFailure
status: {}
[root@kmaster ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod1 0/1 Completed 0 46s 10.244.69.147 knode2 <none> <none>
本文作者:kongshuo
本文链接:https://www.cnblogs.com/kongshuo/p/17414768.html
版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 2.5 中国大陆许可协议进行许可。
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步