Kubernetes集群部署及简单命令行操作

三个阶段部署docker：https://www.cnblogs.com/rdchenxi/p/10381631.html

环境准备

[root@master ~]# hostnamectl set-hostname master && exec bash
[root@node01 ~]# hostnamectl set-hostname node01 && exec bash
[root@node02 ~]# hostnamectl set-hostname node02 && exec bash

　　主机名解析

[root@master ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.183.11  master
192.168.183.12  node01
192.168.183.13  node02
[root@master ~]# scp /etc/hosts node01:/etc/
The authenticity of host 'node01 (192.168.183.12)' can't be established.
ECDSA key fingerprint is SHA256:e66/gR4gS9VD4XMHWRVVglIHmU6I4/dgBiaB/swFLVM.
ECDSA key fingerprint is MD5:fd:2a:6c:8d:f0:c9:c4:b2:8d:2d:05:cb:ac:c0:41:50.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node01,192.168.183.12' (ECDSA) to the list of known hosts.
root@node01's password: 
hosts                                                                                                                                                                                                                                       100%  227    98.2KB/s   00:00   
[root@master ~]# scp /etc/hosts node02:/etc/
The authenticity of host 'node02 (192.168.183.13)' can't be established.
ECDSA key fingerprint is SHA256:e66/gR4gS9VD4XMHWRVVglIHmU6I4/dgBiaB/swFLVM.
ECDSA key fingerprint is MD5:fd:2a:6c:8d:f0:c9:c4:b2:8d:2d:05:cb:ac:c0:41:50.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node02,192.168.183.13' (ECDSA) to the list of known hosts.
root@node02's password: 
hosts                                                                                              

　　三个节点配置K8s镜像yum仓库

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

　　注意防火墙与seLinux都关闭；安装docker-ce；三个阶段操作

yum -y install docker-ce
[root@master ~]# vim /usr/lib/systemd/system/docker.service 
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket
 
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
Environment="HTTPS_PROXY=http://www.ik8s.io:10080"  #国内用户添加这两个变量
Environment="NO_PROXY=127.0.0.0/8,172.20.0.0/16"  # 这个
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
 
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
 
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
 
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
 
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
 
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
 
# kill only the docker process, not all processes in the cgroup
KillMode=process
 
[Install]
WantedBy=multi-user.target

　　安装

1 2	`[root@master ~]# yum -y install kubelet kubeadm kubectl master安装` `[root@master ~]# systemctl enable kubelet.service`

　　初始化

[root@master ~]# vim /etc/sysconfig/kubelet 
KUBELET_EXTRA_ARGS="--fail-swap-on=false"   #添加初始化参数，忽略swap
 
[root@master ~]#echo 1 >  /proc/sys/net/bridge/bridge-nf-call-iptables
 
[root@master ~]# kubeadm init --kubernetes-version=v1.15.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
   初始化最后
kubeadm join 192.168.183.11:6443 --token lotfu3.ag7oqtqaewlxg9xy \
    --discovery-token-ca-cert-hash sha256:401c4f4770ef5acb209ec3d2da1c0d0204c2ea790c05ceb32b53f287ccc280ca

　　启动操作

[root@master ~]#  mkdir -p $HOME/.kube
[root@master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master ~]# chown $(id -u):$(id -g) $HOME/.kube/config

　　查看

[root@master ~]# kubectl get cs
NAME                 STATUS    MESSAGE             ERROR
controller-manager   Healthy   ok                  
scheduler            Healthy   ok                  
etcd-0               Healthy   {"health":"true"}   

部署网络插件

[root@master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
podsecuritypolicy.extensions/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.extensions/kube-flannel-ds-amd64 created
daemonset.extensions/kube-flannel-ds-arm64 created
daemonset.extensions/kube-flannel-ds-arm created
daemonset.extensions/kube-flannel-ds-ppc64le created
daemonset.extensions/kube-flannel-ds-s390x created
[root@master ~]# kubectl get nodes
NAME     STATUS   ROLES    AGE   VERSION
master   Ready 变成这个状态ok了    master   19m   v1.15.1

查看flannel的部署状态

[root@master ~]# kubectl get pods -n kube-system
NAME                             READY   STATUS    RESTARTS   AGE
coredns-5c98db65d4-dc2hj         1/1     Running   0          21m
coredns-5c98db65d4-j4zc5         1/1     Running   0          21m
etcd-master                      1/1     Running   0          20m
kube-apiserver-master            1/1     Running   0          20m
kube-controller-manager-master   1/1     Running   0          20m
kube-flannel-ds-amd64-czvzm      1/1     Running   0          4m21s   运行
kube-proxy-d5qcj                 1/1     Running   0          21m
kube-scheduler-master            1/1     Running   0          20m

查看集群名称空间

[root@master ~]# kubectl get ns
NAME              STATUS   AGE
default           Active   23m
kube-node-lease   Active   23m
kube-public       Active   23m
kube-system       Active   23m

　　两个node安装

1	`yum` `-y install kubelet kubeadm`

　　节点配置启动，并加入集群

[root@master ~]# scp /etc/sysconfig/kubelet node01:/etc/sysconfig/
[root@master ~]# scp /etc/sysconfig/kubelet node02:/etc/sysconfig/
 
[root@node01 ~]# systemctl enable kubelet.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
[root@node02 ~]# systemctl enable kubelet.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
[root@node01 ~]# echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables 
[root@node02 ~]# echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables 
[root@node01 ~]# kubeadm join 192.168.183.11:6443 --token lotfu3.ag7oqtqaewlxg9xy --discovery-token-ca-cert-hash sha256:401c4f4770ef5acb209ec3d2da1
c0d0204c2ea790c05ceb32b53f287ccc280ca  --ignore-preflight-errors=Swap[preflight] Running pre-flight checks
    [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the gui
de at https://kubernetes.io/docs/setup/cri/ [WARNING Swap]: running with swap on is not supported. Please disable swap
    [WARNING SystemVerification]: this Docker version is not on the list of validated versions: 19.03.0. Latest validated version: 18.09
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.15" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Activating the kubelet service
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
 
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
 
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
 
 
 
[root@node02 ~]# kubeadm join 192.168.183.11:6443 --token lotfu3.ag7oqtqaewlxg9xy --discovery-token-ca-cert-hash sha256:401c4f4770ef5acb209ec3d2da1
c0d0204c2ea790c05ceb32b53f287ccc280ca  --ignore-preflight-errors=Swap[preflight] Running pre-flight checks
    [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the gui
de at https://kubernetes.io/docs/setup/cri/ [WARNING Swap]: running with swap on is not supported. Please disable swap
    [WARNING SystemVerification]: this Docker version is not on the list of validated versions: 19.03.0. Latest validated version: 18.09
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.15" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Activating the kubelet service
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
 
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
 
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

　　主节点查看nodes信息

[root@master ~]# kubectl get nodes
NAME     STATUS   ROLES    AGE     VERSION
master   Ready    master   33m     v1.15.1
node01   Ready    <none>   3m28s   v1.15.1
node02   Ready    <none>   3m3s    v1.15.1

　　查看node节点详细信息

1	`[root@master ~]# kubectl describe node node01`

　　查看版本信息

[root@master ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.1", GitCommit:"4485c6f18cee9a5d3c3b4e523bd27972b1b53892", GitTreeState:"clean
", BuildDate:"2019-07-18T09:18:22Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.1", GitCommit:"4485c6f18cee9a5d3c3b4e523bd27972b1b53892", GitTreeState:"clean
", BuildDate:"2019-07-18T09:09:21Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}

　　查看集群详细信息

[root@master ~]# kubectl cluster-info
Kubernetes master is running at https://192.168.183.11:6443
KubeDNS is running at https://192.168.183.11:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
 
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

　　干跑一个pod；--dry-run=true

1	`[root@master ~]# kubectl run nginx --image=nginx:1.14-alpine --port=80 --replicas=1 --dry-run=true`

　　创建一个pod,使用deployment控制器

[root@master ~]# kubectl run nginx  --image=nginx:1.14-alpine --port=80 --replicas=1 
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl
 create instead.deployment.apps/nginx created

　　查看deployment控制器下的pod容器

[root@master ~]# kubectl get deployment
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
nginx   1/1     1            1           2m8s

　查看pod信息

[root@master ~]# kubectl get pods
NAME                    READY   STATUS    RESTARTS   AGE
nginx-5896f46c8-72wm4   1/1     Running   0          5m39s

　　查看pod详细信息

[root@master ~]# kubectl get pods -o wide
NAME                    READY   STATUS    RESTARTS   AGE    IP           NODE     NOMINATED NODE   READINESS GATES
nginx-5896f46c8-72wm4   1/1     Running   0          8m1s   10.244.1.2   node01   <none>           <none>

　　在node01查看IP

[root@node01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:2b:3b:45 brd ff:ff:ff:ff:ff:ff
    inet 192.168.183.12/24 brd 192.168.183.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::8dc3:2482:a2b9:c57e/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::10dc:280:ec28:2db4/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:62:cd:a6:be brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
4: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default 
    link/ether 02:ee:3c:55:af:8f brd ff:ff:ff:ff:ff:ff
    inet 10.244.1.0/32 scope global flannel.1
       valid_lft forever preferred_lft forever
    inet6 fe80::ee:3cff:fe55:af8f/64 scope link 
       valid_lft forever preferred_lft forever
5: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default qlen 1000
    link/ether 26:ac:1e:b1:29:a4 brd ff:ff:ff:ff:ff:ff
    inet 10.244.1.1/24 scope global cni0
       valid_lft forever preferred_lft forever
    inet6 fe80::24ac:1eff:feb1:29a4/64 scope link 
       valid_lft forever preferred_lft forever
6: veth64e1c1fd@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default 
    link/ether 8a:a3:86:62:9f:5d brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::88a3:86ff:fe62:9f5d/64 scope link 
       valid_lft forever preferred_lft forever

　　集群节点上访问，集群那个节点都可以访问

[root@master ~]# curl 10.244.1.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
 
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
 
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

　　控制器检查pod挂掉自动创建pod功能

[root@master ~]# kubectl get pods   查看
NAME                    READY   STATUS    RESTARTS   AGE
nginx-5896f46c8-72wm4   1/1     Running   0          15m
[root@master ~]# kubectl delete pods nginx-5896f46c8-72wm4   算出
pod "nginx-5896f46c8-72wm4" deleted
[root@master ~]# kubectl get pods   创建恢复
NAME                    READY   STATUS              RESTARTS   AGE
nginx-5896f46c8-zblcs   0/1     ContainerCreating   0          15s
[root@master ~]# kubectl get pods   恢复可用状态
NAME                    READY   STATUS    RESTARTS   AGE
nginx-5896f46c8-zblcs   1/1     Running   0          98s
[root@master ~]# kubectl get pod -o wide
NAME                    READY   STATUS    RESTARTS   AGE    IP           NODE     NOMINATED NODE   READINESS GATES
nginx-5896f46c8-zblcs   1/1     Running   0          117s   10.244.2.2   node02   <none>           <none>

　把pod暴露参数选项介绍；即创建服务

--type='': Type for this service: ClusterIP：只能各个访问不能提供给外部访问, NodePort, LoadBalancer, or ExternalName. Default is 'ClusterIP'：默认类型.
 
 kubectl expose (-f FILENAME | TYPE NAME) [--port=指定暴露给外网端口] [--protocol=TCP|UDP|SCTP] [--target-port=pod]
[--name=server 名称] [--external-ip=external-ip-of-service] [--type=类型] [options]

　　把暴露给集群内部pod访问

1 2	`[root@master ~]# kubectl expose deployment控制器类型 nginx控制器名字 --name=nginx --port=80 --target-port=80` `service/nginx exposed`

　　查看创建的服务

[root@master ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP   101m
nginx        ClusterIP   10.110.130.60   <none>        80/TCP    2m44s  #是被pod客户端访问的

　　查看服务的详细信息

[root@master ~]# kubectl describe svc nginx
Name:              nginx
Namespace:         default
Labels:            run=nginx
Annotations:       <none>
Selector:          run=nginx
Type:              ClusterIP
IP:                10.110.130.60
Port:              <unset>  80/TCP
TargetPort:        80/TCP
Endpoints:         10.244.2.2:80
Session Affinity:  None
Events:            <none>

　　查看pod的标签

[root@master ~]# kubectl get pods --show-labels
NAME                    READY   STATUS             RESTARTS   AGE     LABELS
nginx-5896f46c8-zblcs   1/1     Running            0          52m     pod-template-hash=5896f46c8,run=nginx

　　删除服务

1 2	`[root@master ~]# kubectl delete svc nginx` `service` `"nginx"` `deleted`

　　查看控制器详细信息

[root@master ~]# kubectl describe deployment nginx
Name:                   nginx
Namespace:              default
CreationTimestamp:      Thu, 25 Jul 2019 13:15:04 +0800
Labels:                 run=nginx
Annotations:            deployment.kubernetes.io/revision: 1
Selector:               run=nginx
Replicas:               1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType:           RollingUpdate
MinReadySeconds:        0
RollingUpdateStrategy:  25% max unavailable, 25% max surge
Pod Template:
  Labels:  run=nginx
  Containers:
   nginx:
    Image:        nginx:1.14-alpine
    Port:         80/TCP
    Host Port:    0/TCP
    Environment:  <none>
    Mounts:       <none>
  Volumes:        <none>
Conditions:
  Type           Status  Reason
  ----           ------  ------
  Progressing    True    NewReplicaSetAvailable
  Available      True    MinimumReplicasAvailable
OldReplicaSets:  <none>
NewReplicaSet:   nginx-5896f46c8 (1/1 replicas created)
Events:          <none>

　　动态调整describe的控制器pod的副本数

[root@master ~]# kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2   起一个2副本的pod
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl c
reate instead.deployment.apps/myapp created
[root@master ~]# kubectl get deployment 查看控制器下的pod
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
myapp   2/2     2            2           110s
nginx   1/1     1            1           84m
^C[root@master ~]# kubectl get pods -o wide   查看集群总的pod
NAME                     READY   STATUS             RESTARTS   AGE     IP           NODE     NOMINATED NODE   READINESS GATES
myapp-84cd4b7f95-px2kb   1/1     Running            0          3m27s   10.244.2.4   node02   <none>           <none>
myapp-84cd4b7f95-xfcnk   1/1     Running            0          3m27s   10.244.1.6   node01   <none>           <none>
nginx-5896f46c8-zblcs    1/1     Running            0          69m     10.244.2.2   node02   <none>           <none>
[root@master ~]# kubectl expose deployment myapp --name=myapp --port=80
service/myapp exposed
[root@master ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP   153m
myapp        ClusterIP   10.103.191.244   <none>        80/TCP    35s
nginx        ClusterIP   10.108.177.175   <none>        80/TCP    17m
[root@master ~]# kubectl scale --replicas=4 deployment myapp  扩容到4个
deployment.extensions/myapp scaled
[root@master ~]# kubectl get pods -o wide  
NAME                     READY   STATUS              RESTARTS   AGE   IP           NODE     NOMINATED NODE   READINESS GATES
myapp-84cd4b7f95-px2kb   1/1     Running             0          30m   10.244.2.4   node02   <none>           <none>
myapp-84cd4b7f95-tjgqz   1/1     Running             0          3s    10.244.2.5   node02   <none>           <none>
myapp-84cd4b7f95-vphlz   0/1     ContainerCreating   0          3s    <none>       node01   <none>           <none>
myapp-84cd4b7f95-xfcnk   1/1     Running             0          30m   10.244.1.6   node01   <none>           <none>
nginx-5896f46c8-zblcs    1/1     Running             0          96m   10.244.2.2   node02   <none>           <none>
[root@master ~]# kubectl get pods -o wide  
NAME                     READY   STATUS             RESTARTS   AGE   IP           NODE     NOMINATED NODE   READINESS GATES
myapp-84cd4b7f95-px2kb   1/1     Running            0          30m   10.244.2.4   node02   <none>           <none>
myapp-84cd4b7f95-tjgqz   1/1     Running            0          5s    10.244.2.5   node02   <none>           <none>
myapp-84cd4b7f95-vphlz   1/1     Running            0          5s    10.244.1.7   node01   <none>           <none>
myapp-84cd4b7f95-xfcnk   1/1     Running            0          30m   10.244.1.6   node01   <none>           <none>
nginx-5896f46c8-zblcs    1/1     Running            0          96m   10.244.2.2   node02   <none>           <none>
[root@master ~]# kubectl scale --replicas=1 deployment myapp  缩减到一个pod
deployment.extensions/myapp scaled
[root@master ~]# kubectl get pods -o wide  
NAME                     READY   STATUS             RESTARTS   AGE   IP           NODE     NOMINATED NODE   READINESS GATES
myapp-84cd4b7f95-xfcnk   1/1     Running            0          31m   10.244.1.6   node01   <none>           <none>
nginx-5896f46c8-zblcs    1/1     Running            0          97m   10.244.2.2   node02   <none>           <none>

　　更新升级pod

100

101

102

103

104

105

106

107

108

109

110

111

112

[root@master ~]# kubectl describe pods myapp-84cd4b7f95-xfcnk 
Name:           myapp-84cd4b7f95-xfcnk
Namespace:      default
Priority:       0
Node:           node01/192.168.183.12
Start Time:     Thu, 25 Jul 2019 14:37:33 +0800
Labels:         pod-template-hash=84cd4b7f95
                run=myapp
Annotations:    <none>
Status:         Running
IP:             10.244.1.6
Controlled By:  ReplicaSet/myapp-84cd4b7f95
Containers:
  myapp:
    Container ID:   docker://c13e99d23870a37627bc6b207a6b71f8d306f0a73f58515e57f4d964070b0df9
    Image:          ikubernetes/myapp:v1  #镜像版本
    Image ID:       docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Thu, 25 Jul 2019 14:37:51 +0800
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-2m2ts (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  default-token-2m2ts:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-2m2ts
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  35m   default-scheduler  Successfully assigned default/myapp-84cd4b7f95-xfcnk to node01
  Normal  Pulling    35m   kubelet, node01    Pulling image "ikubernetes/myapp:v1"
  Normal  Pulled     34m   kubelet, node01    Successfully pulled image "ikubernetes/myapp:v1"
  Normal  Created    34m   kubelet, node01    Created container myapp
  Normal  Started    34m   kubelet, node01    Started container myapp
 
 
 
 
[root@master ~]# kubectl set image deployment myapp myapp=ikubernetes/myapp:v2 
deployment.extensions/myapp image updated
 
 
 
 
 kubectl set image deployment myapp myapp=ikubernetes/myapp:v2   解释
set替换 镜像 deployment 控制类型 myapp 控制器名字 myapp=表示更新这个pod的镜像
 
 
[root@master ~]# kubectl describe pods myapp-746644f8d6-d7m7x 
Name:           myapp-746644f8d6-d7m7x
Namespace:      default
Priority:       0
Node:           node02/192.168.183.13
Start Time:     Thu, 25 Jul 2019 15:18:39 +0800
Labels:         pod-template-hash=746644f8d6
                run=myapp
Annotations:    <none>
Status:         Running
IP:             10.244.2.6
Controlled By:  ReplicaSet/myapp-746644f8d6
Containers:
  myapp:
    Container ID:   docker://78184c2d58c04372e866da2f3e406a48257b0f97c831f54499b92b8d1dc40676
    Image:          ikubernetes/myapp:v2   更新后镜像
    Image ID:       docker-pullable://ikubernetes/myapp@sha256:85a2b81a62f09a414ea33b74fb8aa686ed9b168294b26b4c819df0be0712d358
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Thu, 25 Jul 2019 15:18:50 +0800
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-2m2ts (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  default-token-2m2ts:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-2m2ts
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type    Reason     Age    From               Message
  ----    ------     ----   ----               -------
  Normal  Scheduled  4m9s   default-scheduler  Successfully assigned default/myapp-746644f8d6-d7m7x to node02
  Normal  Pulling    4m8s   kubelet, node02    Pulling image "ikubernetes/myapp:v2"
  Normal  Pulled     3m58s  kubelet, node02    Successfully pulled image "ikubernetes/myapp:v2"
  Normal  Created    3m58s  kubelet, node02    Created container myapp
  Normal  Started    3m58s  kubelet, node02    Started container myapp

　　pod回滚操作

[root@master ~]# kubectl rollout undo deployment myapp  回滚到上一个版本
deployment.extensions/myapp rolled back
[root@master ~]# kubectl describe pods myapp-84cd4b7f95-g6ldp
Name:           myapp-84cd4b7f95-g6ldp
Namespace:      default
Priority:       0
Node:           node01/192.168.183.12
Start Time:     Thu, 25 Jul 2019 15:27:48 +0800
Labels:         pod-template-hash=84cd4b7f95
                run=myapp
Annotations:    <none>
Status:         Running
IP:             10.244.1.8
Controlled By:  ReplicaSet/myapp-84cd4b7f95
Containers:
  myapp:
    Container ID:   docker://7711bfc3da100aa6f25ebbde6b5a2500947501fe2fc1706dec75662f98fe86c0
    Image:          ikubernetes/myapp:v1  #回滚操作
    Image ID:       docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Thu, 25 Jul 2019 15:27:49 +0800
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-2m2ts (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  default-token-2m2ts:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-2m2ts
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  66s   default-scheduler  Successfully assigned default/myapp-84cd4b7f95-g6ldp to node01
  Normal  Pulled     65s   kubelet, node01    Container image "ikubernetes/myapp:v1" already present on machine
  Normal  Created    65s   kubelet, node01    Created container myapp
  Normal  Started    65s   kubelet, node01    Started container myapp

　　修改服务类型让外部访问到pod

[root@master ~]# kubectl edit svc myapp
 
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2019-07-25T06:45:50Z"
  labels:
    run: myapp
  name: myapp
  namespace: default
  resourceVersion: "18434"
  selfLink: /api/v1/namespaces/default/services/myapp
  uid: acaab49a-e372-427f-b6a3-d712eb2b11d1
spec:
  clusterIP: 10.103.191.244
  externalTrafficPolicy: Cluster
  ports:
  - nodePort: 31339
    port: 80
    protocol: TCP
    targetPort: 80
  selector:
    run: myapp
  sessionAffinity: None
  type: NodePort  修改为这个
status:
  loadBalancer: {}
[root@master ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP        3h24m
myapp        NodePort    10.103.191.244   <none>        80:31339/TCP   51m
nginx        ClusterIP   10.108.177.175   <none>        80/TCP         68m

　　集群外部访问端口所有节点的31339访问测试

[root@master ~]# curl  192.168.183.11:31339
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[root@master ~]# curl  192.168.183.12:31339
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[root@master ~]# curl  192.168.183.13:31339
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>