Kubernetes基本概念之Name和NameSpace

在Kubernetes中,所有对象都会被指定一个唯一的Name和UID。

用户还可以指定一些不要求唯一性的数据附加到对象上,例如LabelAnnotation

1. Name

Name是创建一个Kubernetes对象时必须指定的,无论是Pod,ReplicaSet或者Deployment等等。如果通过REST API访问的话,形式就如/api/v1/pods/some-name

一个Name只能由小写字母,-.组成,并且长度不能超过253个字符。

在同一个命名空间下,同种类型的对象,其Name必须唯一。

2. UID

Kubernetes在创建一个对象时,除了拥有Name以外,还会为其分配一个全局唯一的UID。

参考文章

https://kubernetes.io/docs/concepts/overview/working-with-objects/names/

 

 

Kubernetes基本概念之Namespace

Namespace类似于Linux系统中用户的概念,通过将系统内部的对象分配到不同的Namespace中,形成逻辑上的分,便于不同的分组在共享集群资源的同时还能被分别管理。同一Namespace下的Kubenetes对象的Name必须唯一。

常见的 pod, service, replication controller 和 deployment 等都是属于某一个 namespace 的(默认是 default),而 node, persistent volume,namespace 等资源则不属于任何 namespace。

1. Namespace操作

1.1 查看

$ kubectl get namespaces
NAME          STATUS    AGE
default       Active    1d
kube-system   Active    1d
kube-public   Active    1d

通过上述命令,可以查看到Kubernetes为我们初始化的三个Namespace:

  • default:所有未指定Namespace的对象都会被分配在default命名空间。
  • kube-system:所有由Kubernetes系统创建的资源都处于这个命名空间。
  • kube-public:此命名空间下的资源可以被所有人访问(包括未认证用户)。

1.2 设置Namespace

通过--namespace参数可以在一条命令中指定Namespace,只对单条命令有效。

$ kubectl --namespace=<insert-namespace-name-here> run nginx --image=nginx
$ kubectl --namespace=<insert-namespace-name-here> get pods

还可以绑定一个Namespace到特定的上下文,这样在此上下文中执行的kubectl命令都处于绑定的Namespace下。

$ kubectl config set-context $(kubectl config current-context) --namespace=<insert-namespace-name-here>
# Validate it
$ kubectl config view | grep namespace:

1.3 Namespace和DNS

当你创建一个Service时,Kubernetes会自动创建一个形如<service-name>.<namespace-name>.svc.cluster.local的DNS项。如果集群中另一个服务调用这个服务时,仅仅指定了<service-name>,那么Kubernetes会使用调用方所在的Namespace将<service-name>补全。因此如果调用方和被调用方不处于同一个Namespace,你必须使用包含Namespace的service name(fully qualified domain name (FQDN))。

参考文章

https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

 

 https://blog.csdn.net/qq_34701586/article/details/78732470

初入门小实例
部署nginx服务

$ kubectl run my-nginx --image=nginx --port=80
$ kubectl get pod # 查看pod

发现pod状态无论多久都是处于pending。READY字段一直是0/1,服务部署失败的原因是”中国墙“的问题导致无法下载pod启动时需要的谷歌镜像,所以我们得间接的创建所需的镜像。

补充: Pending状态表示API Server已经创建Pod,但Pod内还有一个或者多个容器没有创建,或者正在下载镜像的过程。详细的参考Pod声明周期和重启策略

创建gcr.io/google_containers/pause-amd64:3.0镜像

$ docker pull googlecontainer/pause-amd64:3.0
$ docker tag googlecontainer/pause-amd64:3.0 gcr.io/google_containers/pause-amd64:3.0

kubernets指令
实例流程

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
$ kubectl version  # 查看版本
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"269f928217957e7126dc87e6adfa82242bfe5b1e", <br>GitTreeState:"clean", BuildDate:"2017-07-03T15:31:10Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"269f928217957e7126dc87e6adfa82242bfe5b1e", <br>GitTreeState:"clean", BuildDate:"2017-07-03T15:31:10Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
 
$ kubectl cluster-info  # 显示集群信息
Kubernetes master is running at http://localhost:8080
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
 
$ kubectl get nodes  # 查看集群中有几个Node
NAME STATUS AGE
127.0.0.1 Ready 18h
 
$ kubectl run my-nginx --image=nginx --replicas=2 --port=80  # 运行一个镜像
deployment "my-nginx" created
 
$ kubectl get pods  # 查看pod
NAME READY STATUS RESTARTS AGE
my-nginx-379829228-cwlbb 0/1 ContainerCreating 0 20s
my-nginx-379829228-czk6w 1/1 Running 0 20s
 
$ kubectl describe pod my-nginx-379829228-cwlbb  # 查看服务详情信息
 
$ kubectl get deployments  # 查看已部署
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
my-nginx 2 2 2 2 3m
 
$ kubectl delete pod my-nginx-379829228-cwlbb  # 删除pod
pod "my-nginx-379829228-cwlbb" deleted
 
$ kubectl get pods  # 再次查看pod,发现由于replicas机制,pod又生成一个新的
NAME READY STATUS RESTARTS AGE
my-nginx-379829228-czk6w 1/1 Running 0 11m
my-nginx-379829228-gjd7d 0/1 ContainerCreating 0 5s
 
$ kubectl delete deployment my-nginx  # 删除部署的my-nginx服务。彻底删除pod
deployment "my-nginx" deleted

  

对比docker命令
k8s的学习路线基本都是从docker[容器]到k8s的,因此两个对比理解有助于记忆

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
$ docker run -d -e DOMAIN=cluster --name my-nginx -p 80:80 nginx
$ kubectl run my-nginx --image=nginx --port=80 --env="DOMAIN=cluster"
 
$ docker ps
$ kubectl get pods
 
$ docker exec [容器id] ls
$ kubectl exec [pod_id] ls
 
$ docker exec -it [容器id] /bin/sh  # docker exec 交互式
$ kubectl exec -it [pod_id] -- /bin/sh
 
$ docker info
$ kubectl cluster-info

  

重要名词
名词 翻译

?
1
2
3
4
5
Namespace        #命名空间
Endpoint       #服务端点
Controller Manager  #管理控制中心
Replication   #副本控制器
yaml             #文件管理服务

# vi nginx.yaml


piVersion: extensions/v1beta1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 3
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80

启动管理服务

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
$ kubectl create -f nginx.yaml   # 根据yaml文件创建服务
deployment "my-nginx" created
 
$ kubectl get deployments  # 查看deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
my-nginx 3 3 3 3 6s
 
$ kubectl get pod  # 查看Pod
NAME READY STATUS RESTARTS AGE
my-nginx-4087004473-dtrjp 1/1 Running 0 7s
my-nginx-4087004473-jz80p 1/1 Running 0 7s
my-nginx-4087004473-wh576 1/1 Running 0 7s
 
$ kubectl delete -f nginx.yaml   # 根据yaml文件删除服务
deployment "my-nginx" deleted
 
$ kubectl get pod
No resources found.
$ kubectl get deployment
No resources found.

  

Service

?
1
2
3
4
5
6
7
8
9
$ kubectl run my-nginx --image=nginx --port=80  #部署一个nginx服务
 
$ kubectl expose deployment/my-nginx --type="NodePort" --port 80  # 创建一个service 且将其暴露到集群外可供访问
service "my-nginx" exposed
 
$ kubectl get services  # 此时service列表多个my-nginx服务
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 7d
my-nginx 10.254.255.103 <nodes> 80:32589/TCP 7s

  

宿主主机内访问该服务

 

同网段的机器访问该服务

deployments

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
$ kubectl run my-nginx --image=nginx --port=80  # 运行nginx镜像
 
$ kubectl run -i --tty my-nginx --image=nginx --port=80 -- sh  # 交互式 shell 的方式运行 pod
 
$ kubectl attach my-nginx-532658988-10kxd -i  # 链接到运行中的容器
 
$ kubectl get deployments  # 查看deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
my-nginx 1 1 1 1 25m
 
$ kubectl scale deployment my-nginx --replicas=10  # 扩展10个副本
deployment "my-nginx" scaled
$ kubectl scale deployment/my-nginx --replicas=10 # 作用效果等同上一条命令
deployment "my-nginx" scaled
 
$ kubectl get deployments  # 再次显示deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
my-nginx 10 10 10 1 26m
 
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
my-nginx-379829228-38hkg 1/1 Running 0 5m
my-nginx-379829228-7j15l 1/1 Running 0 31m
my-nginx-379829228-c8mt3 1/1 Running 0 5m
my-nginx-379829228-f6mm8 1/1 Running 0 5m
my-nginx-379829228-q1rj0 1/1 Running 0 5m
my-nginx-379829228-qg7lf 1/1 Running 0 5m
my-nginx-379829228-rjfbq 1/1 Running 0 5m
my-nginx-379829228-v581r 1/1 Running 0 5m
my-nginx-379829228-wh49w 1/1 Running 0 5m
my-nginx-379829228-wpn98 1/1 Running 0 5m
 
$ kubectl scale deployment/my-nginx --replicas=1  # 缩扩到1个副本
deployment "my-nginx" scaled
$ kubectl scale deployment my-nginx --replicas=1    # 作用效果等同上一条命令

  

deployment的更新回滚

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
$ kubectl create -f nginx.yaml
 
$ kubectl get pod
NAME READY STATUS RESTARTS AGE
my-nginx-4087004473-4xj74 1/1 Running 0 3m
my-nginx-4087004473-jkptq 1/1 Running 0 3m
my-nginx-4087004473-m55s1 1/1 Running 0 3m
 
$ kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
my-nginx 3 3 3 3 4m
 
$ kubectl set image deployment/my-nginx nginx=nginx:1.9.1  # 更新应用的镜像从1.7.9版本——>1.9.1
deployment "my-nginx" image updated
 
$ kubectl rollout status deployment/my-nginx  # 确认是否更新成功
deployment "my-nginx" successfully rolled out
 
$ kubectl rollout undo deployment/my-nginx  # 回滚到上一代版本
deployment "my-nginx" rolled back

ConfigMap-容器应用的配置管理
应用部署的一个最佳实践是将应用所需配置信息和程序进行分离,一则程序可以更好的复用,二则能灵活的更改配置从而实现其他功能。

使用configMap替代环境变量
以yaml文件方式创建ConfigMap

# vi special-config.yaml

apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
namespace: default
data:
special.how: very
special.type: charm

# vi env-config.yaml

apiVersion: v1
kind: ConfigMap
metadata:
name: env-config
namespace: default
data:
log_level: INFO

可以在Pod中这样使用ConfigMap

# vi configMap.yaml

apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod
spec:
containers:
- name: test-container
image: nginx
command: [ "/bin/sh", "-c", "env" ]
env:
- name: SPECIAL_LEVEL_KEY #定义环境变量名称
valueFrom: #key"special.how"对应的值
configMapKeyRef:
name: special-config #环境变量的值
key: special.how
- name: SPECIAL_TYPE_KEY
valueFrom:
configMapKeyRef:
name: special-config
key: special.type
restartPolicy: Never

启动等一系列操作

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
$ kubectl create -f special-config.yaml
configmap "special-config" created
$ kubectl create -f env-config.yaml
configmap "env-config" created
 
$ kubectl get configmaps  # 查看ConfigMap
NAME DATA AGE
env-config 1 38m
special-config 2 39m
 
$ kubectl describe configmap env-config  # 让我们看一下创建的ConfigMap
Name: env-config
Namespace: default
Labels: <none>
Annotations: <none>
 
Data
====
log_level: 4 bytes
 
 
$ kubectl get configmaps env-config -o yaml   # 查看ConfigMap键的值
apiVersion: v1
data:
log_level: INFO
kind: ConfigMap
metadata:
creationTimestamp: 2017-11-30T07:29:49Z
name: env-config
namespace: default
resourceVersion: "285268"
selfLink: /api/v1/namespaces/default/configmaps/env-config
uid: 3f473adf-d5a0-11e7-9830-0800275ae9e7
 
 
$ kubectl create -f configMap.yaml
pod "dapi-test-pod" created
 
$ kubectl get pod  # 查看pod,状态ContainerCreating
NAME READY STATUS RESTARTS AGE
dapi-test-pod 0/1 ContainerCreating 0 3s
 
$ kubectl get pod  # 隔一段时间再查看pod,发现并没有返回什么
 
$ kubectl get pod --show-all  # 显示所有的权限查看pod
NAME READY STATUS RESTARTS AGE
dapi-test-pod 0/1 Completed 0 1m
 
$ kubectl describe pod dapi-test-pod  # 查看详情
Name: dapi-test-pod
Namespace: default
Node: 127.0.0.1/127.0.0.1
Start Time: Thu, 30 Nov 2017 15:32:00 +0800
Labels: <none>
Status: Succeeded
IP:
Controllers: <none>
Containers:
test-container:
Container ID: docker://1ba533f43ee60c02e03dafb7bcb8495fc12264aaab229872df0b289a3c1b9976
Image: nginx
Image ID: docker-pullable://docker.io/nginx@sha256:b81f317384d7388708a498555c28a7cce778a8f291d90021208b3eba3fe74887
Port:
Command:
/bin/sh
-c
env
State: Terminated
Reason: Completed
Exit Code: 0
Started: Thu, 30 Nov 2017 15:32:25 +0800
Finished: Thu, 30 Nov 2017 15:32:25 +0800
Ready: False
Restart Count: 0
Volume Mounts: <none>
Environment Variables:
SPECIAL_LEVEL_KEY: <set to the key 'special.how' of config map 'special-config'>
SPECIAL_TYPE_KEY: <set to the key 'special.type' of config map 'special-config'>
Conditions:
Type Status
Initialized True
Ready False
PodScheduled True
No volumes.
QoS Class: BestEffort
Tolerations: <none>
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
3m 3m 1 {default-scheduler } Normal Scheduled Successfully assigned dapi-test-pod to 127.0.0.1
3m 3m 1 {kubelet 127.0.0.1} spec.containers{test-container} Normal Pulling pulling image "nginx"
3m 2m 2 {kubelet 127.0.0.1} Warning MissingClusterDNS kubelet does not have ClusterDNS IP configured and cannot create Pod using "ClusterFirst" policy. Falling back to DNSDefault policy.
2m 2m 1 {kubelet 127.0.0.1} spec.containers{test-container} Normal Pulled Successfully pulled image "nginx"
2m 2m 1 {kubelet 127.0.0.1} spec.containers{test-container} Normal Created Created container with docker id 1ba533f43ee6; Security:[seccomp=unconfined]
2m 2m 1 {kubelet 127.0.0.1} spec.containers{test-container} Normal Started Started container with docker id 1ba533f43ee6
 
 
# 可知container started 成功,进一步查看日志
$ docker logs 1ba
KUBERNETES_SERVICE_PORT=443
KUBERNETES_PORT=tcp://10.254.0.1:443
MY_SERVICE_PORT_80_TCP=tcp://10.254.110.249:80
MY_SERVICE_PORT_443_TCP_ADDR=10.254.110.249
HOSTNAME=dapi-test-pod
MY_SERVICE_PORT_443_TCP_PORT=443
HOME=/root
MY_SERVICE_PORT_443_TCP_PROTO=tcp
MY_SERVICE_SERVICE_PORT_HTTP=80
SPECIAL_TYPE_KEY=charm
MY_SERVICE_SERVICE_PORT_HTTPS=443
MY_SERVICE_PORT_443_TCP=tcp://10.254.110.249:443
MY_SERVICE_SERVICE_HOST=10.254.110.249
KUBERNETES_PORT_443_TCP_ADDR=10.254.0.1
NGINX_VERSION=1.13.7-1~stretch
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
KUBERNETES_PORT_443_TCP_PORT=443
NJS_VERSION=1.13.7.0.1.15-1~stretch
KUBERNETES_PORT_443_TCP_PROTO=tcp
MY_SERVICE_SERVICE_PORT=80
MY_SERVICE_PORT=tcp://10.254.110.249:80
SPECIAL_LEVEL_KEY=very
MY_SERVICE_PORT_80_TCP_ADDR=10.254.110.249
KUBERNETES_PORT_443_TCP=tcp://10.254.0.1:443
KUBERNETES_SERVICE_PORT_HTTPS=443
KUBERNETES_SERVICE_HOST=10.254.0.1
MY_SERVICE_PORT_80_TCP_PORT=80
PWD=/
MY_SERVICE_PORT_80_TCP_PROTO=tcp

  

 

ConfigMap的限制条件
ConfigMap必须在Pod之前创建才能被使用。
ConfigMap可以定义其属于哪个Namspece,只有在同一个Namespace中的pod才能引用。
删除Pod
有时候deployment、rs、rc、services都为0,但是Pod确存在着。则重启kubelet服务即可。
$ systemctl restart kubelet
1
补充

kubectl get node  # 列出当前节点名
NAME STATUS AGE
127.0.0.1 Ready 6d

$ curl localhost:8080/api/v1/proxy/nodes/127.0.0.1/pods  ## 已知当前节点名为127.0.0.1,用如下命令即可获得该节点上所有运行节点
{"kind":"PodList","apiVersion":"v1","metadata":{},"items":null}

我们最好不要越过RC而直接创建Pod,因为Replication Controller会通过RC管理Pod副本。实现自动创建、补足、替换、删除Pod副本,大大提高系统的容灾能力
重新调度(Rescheduling)
弹性伸缩(Scaling)
滚动更新(Rolling Updates)
报错
$ sudo kubectl create -f file.yaml
YAML error: found character that cannot start any token
# or
error:yaml: line 15: found a tab character that violate indentation

#file.yaml不可用tab键来空格

##############
#
kubernetes一步一步搭建(一)安装与http访问

helloworld_scut: my-nginx.yaml格式是错的。
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx-demo
spec:
replicas: 3
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80

posted @   linuxws  阅读(4643)  评论(0编辑  收藏  举报
努力加载评论中...
点击右上角即可分享
微信分享提示