3、kubernetes快速入门和资源清单入门

1.集群查看
$ kubectl version
$ kubectl cluster-info

[root@k8s-master ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.3", GitCommit:"5e53fd6bc17c0dec8434817e69b04a25d8ae0ff0", GitTreeState:"clean", BuildDate:"2019-06-06T01:44:30Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.3", GitCommit:"5e53fd6bc17c0dec8434817e69b04a25d8ae0ff0", GitTreeState:"clean", BuildDate:"2019-06-06T01:36:19Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}
[root@k8s-master ~]# kubectl cluster-info
Kubernetes master is running at https://192.168.1.203:6443
KubeDNS is running at https://192.168.1.203:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

2、帮助方法

$ kubectl run --help
$ kubectl expose -h
$ kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1

[root@k8s-master ~]# kubectl get deploy nginx-deploy 
NAME           READY   UP-TO-DATE   AVAILABLE   AGE
nginx-deploy   1/1     1            1           113m
[root@k8s-master ~]# kubectl get pods -owide |grep nginx-deploy
nginx-deploy-55d8d67cf-kcrhs   1/1     Running   0          113m   10.244.1.201   k8s-node1   <none>           <none>
[root@k8s-master ~]# curl 10.244.1.201
<!DOCTYPE html>
<html>
...
<h1>Welcome to nginx!</h1>

只能在集群节点内部访问,pod客户端一般是其他的pod,集群外部客户端
[root@k8s-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 7h59m
ngtest-clu ClusterIP 10.99.110.132 <none> 80/TCP 5h46m
Service为pod提供固定访问节点。被pod客户端访问。
[root@k8s-master ~]# kubectl run test --image=busybox --replicas=1

[root@k8s-master ~]# kubectl exec -it test-64585fcd47-2pwbk sh
/ # cat /etc/resolv.conf
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5
/ # nslookup
BusyBox v1.34.1 (2021-12-29 21:12:15 UTC) multi-call binary.
Usage: nslookup [-type=QUERY_TYPE] [-debug] HOST [DNS_SERVER]
Query DNS about HOST
QUERY_TYPE: soa,ns,a,aaaa,cname,mx,txt,ptr,srv,any
/ # exit

3、pod操作
通过标签选择器来,实现内部pod服务(service给pod提供固定访问节点)。
可以修改service ip地址,只有标签不变,就没有问题
[root@master ~]# kubectl get deployments -w 监视容器启动情况,,可以看到容器的增加和删除。
[root@k8s-master ~]# kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
deployment.apps/myapp created
[root@k8s-master ~]# kubectl get pod -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
myapp-5bc569c47d-b8hmk 1/1 Running 0 8s 10.244.1.205 k8s-node1 <none> <none>
myapp-5bc569c47d-rt8bn 1/1 Running 0 8s 10.244.2.3 k8s-node2 <none> <none>
nginx-deploy-55d8d67cf-kcrhs 1/1 Running 0 19m 10.244.1.201 k8s-node1 <none> <none>
test-64585fcd47-2pwbk 1/1 Running 0 13m 10.244.1.202 k8s-node1 <none> <none>
[root@k8s-master ~]# curl 10.244.2.3/hostname.html
myapp-5bc569c47d-rt8bn
[root@k8s-master ~]# curl 10.244.1.205/hostname.html
myapp-5bc569c47d-b8hmk
[root@k8s-master ~]# kubectl get deploy,svc
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.extensions/myapp 2/2 2 2 5m8s

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 8h
service/myapp ClusterIP 10.99.174.138 <none> 80/TCP 6s
[root@k8s-master ~]# curl 10.99.174.138/hostname.html #验证clustip
myapp-5bc569c47d-rt8bn
[root@k8s-master ~]# curl 10.99.174.138/hostname.html
myapp-5bc569c47d-b8hmk
[root@k8s-node1 ~]# ping 10.99.174.138
PING 10.99.174.138 (10.99.174.138) 56(84) bytes of data.
我们不妨在pod内部做验证测试,
[root@k8s-master ~]# kubectl get svc |grep myapp
myapp ClusterIP 10.99.174.138 <none> 80/TCP 41m
[root@k8s-master ~]# kubectl exec -it myapp-5bc569c47d-6nw9x sh
/ # while true;do wget -O - -q myapp/hostname.html;sleep 1;done
myapp-5bc569c47d-b8hmk
myapp-5bc569c47d-rt8bn
myapp-5bc569c47d-b8hmk
myapp-5bc569c47d-rt8bn
^C
/ # while true;do wget -O - -q myapp;sleep 1;done
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # exit

4、pod扩容和缩容
[root@k8s-master ~]# kubectl get deploy myapp
NAME READY UP-TO-DATE AVAILABLE AGE
myapp 2/2 2 2 17m
[root@k8s-master ~]# kubectl scale --replicas=3 deployment myapp #扩容
deployment.extensions/myapp scaled
[root@k8s-master ~]# kubectl get deploy myapp
NAME READY UP-TO-DATE AVAILABLE AGE
myapp 2/3 3 2 17m
[root@k8s-master ~]# kubectl exec -it myapp-5bc569c47d-6nw9x sh # 查看服务
/ # wget -O - -q 10.99.174.138/hostname.html

5、pod滚动升级
[root@k8s-master ~]# kubectl set image -h
...
Usage:
kubectl set image (-f FILENAME | TYPE NAME) CONTAINER_NAME_1=CONTAINER_IMAGE_1 ...
CONTAINER_NAME_N=CONTAINER_IMAGE_N [options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
升级过程开两个窗口,一个检查升级过程,一个操作
[root@k8s-master ~]# kubectl get deployment,svc |grep myapp
deployment.extensions/myapp 3/3 3 3 54m
service/myapp ClusterIP 10.99.174.138 <none> 80/TCP 49m
非自身pod客户端监测(不能使用对应的pod操作,因为升级过程,pod会变化):
[root@k8s-master ~]# kubectl exec -it myapp-86984b4c7c-jr7gn sh
/ # while true;do wget -O - -q myapp;sleep 1;done
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>

操作:
[root@k8s-master ~]# kubectl set image deployment myapp myapp=ikubernetes/myapp:v2
deployment.extensions/myapp image updated
[root@k8s-master ~]# kubectl rollout status deployment myapp # 观察过程
Waiting for deployment "myapp" rollout to finish: 1 out of 3 new replicas have been updated...
Waiting for deployment "myapp" rollout to finish: 1 out of 3 new replicas have been updated...
Waiting for deployment "myapp" rollout to finish: 1 out of 3 new replicas have been updated...
Waiting for deployment "myapp" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "myapp" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "myapp" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination...
deployment "myapp" successfully rolled out
同样回退过程,只需要调整镜像到v1版本即可。
[root@k8s-master ~]# kubectl set image deployment myapp myapp=ikubernetes/myapp:v1
[root@k8s-master ~]# kubectl rollout history deployment myapp
deployment.extensions/myapp
REVISION CHANGE-CAUSE
3 <none>
4 <none>
验证镜像:
[root@k8s-master ~]# kubectl describe pod myapp-86984b4c7c-mjlsj |grep -i image:
Image: ikubernetes/myapp:v2

6、暴露服务

$ kubectl expose -h
Expose a resource as a new Kubernetes service.

[root@k8s-master ~]# kubectl expose deployment/myapp --name=myapp2 --type=NodePort --port=80
service/myapp2 exposed
[root@k8s-master ~]# kubectl get svc myapp2 -owide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
myapp2 NodePort 10.110.151.104 <none> 80:32628/TCP 104s run=myapp
[root@k8s-master ~]# curl 10.110.151.104
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
[root@k8s-master ~]# curl 0.0.0.0:32628
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
本地电脑访问验证:nodeip:32628,如下截图,验证ok。

 [root@k8s-node2 ~]# iptables -nvL -t nat |grep app # 查看转发规则,

0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/myapp2: */ tcp dpt:32628
0 0 KUBE-SVC-52ALBOSK6IGCGLCW tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/myapp2: */ tcp dpt:32628
0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/myapp3: */ tcp dpt:30633
0 0 KUBE-SVC-64SSW6FV6BHZNSNC tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/myapp3: */ tcp dpt:30633
0 0 KUBE-MARK-MASQ tcp -- * * !10.244.0.0/16 10.110.151.104 /* default/myapp2: cluster IP */ tcp dpt:80
0 0 KUBE-SVC-52ALBOSK6IGCGLCW tcp -- * * 0.0.0.0/0 10.110.151.104 /* default/myapp2: cluster IP */ tcp dpt:80
0 0 KUBE-MARK-MASQ tcp -- * * !10.244.0.0/16 10.107.19.77 /* default/myapp3: cluster IP */ tcp dpt:80
0 0 KUBE-SVC-64SSW6FV6BHZNSNC tcp -- * * 0.0.0.0/0 10.107.19.77 /* default/myapp3: cluster IP */ tcp dpt:80
0 0 KUBE-MARK-MASQ tcp -- * * !10.244.0.0/16 10.99.174.138 /* default/myapp: cluster IP */ tcp dpt:80
0 0 KUBE-SVC-NPJI2GAOYBRMPXVD tcp -- * * 0.0.0.0/0 10.99.174.138 /* default/myapp: cluster IP */ tcp dpt:80
综上验证,外网发布通过NodePort访问正常
[root@k8s-master ~]# kubectl expose deployment/myapp --name=myapp3 --type=LoadBalancer --port=80
service/myapp3 exposed
[root@k8s-master ~]# kubectl get svc myapp3 -owide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
myapp3 LoadBalancer 10.107.19.77 <pending> 80:30633/TCP 7s run=myapp
此外,LoadBalance模式由于没有配置节点,因此异常。
针对无状态的服务。
像MySQL、redis那种有状态的服务还是有难度的。

 

第三部分 资源清单定义入门
1、资源清单介绍:
RESTful:
  get\put\delete\post....
  kubectl run,get,edit,....
资源和对象
  workload:pod,replicaset,deployment,statefulset,daemonset,job,cronjob,...
  服务发现及存储:service,ingress,...
  配置与存储:volume,csi,configmap,secret,downwardapi
  集群集资源:namespace,node,role,clusterole,rolebindind,clusterrolebinding,...
  元数据型资源:hpa,podtemplate,limitrange
[root@k8s-master ~]# kubectl get pods # 信息
[root@k8s-master ~]# kubectl get pods myapp-86984b4c7c-mjlsj -oyaml # 所有属性

[root@k8s-master ~]# kubectl get pods myapp-86984b4c7c-mjlsj
NAME                     READY   STATUS    RESTARTS   AGE
myapp-86984b4c7c-mjlsj   1/1     Running   0          3h36m
[root@k8s-master ~]# kubectl get pods myapp-86984b4c7c-mjlsj -oyaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2023-07-09T19:06:58Z"
  generateName: myapp-86984b4c7c-
  labels:
    pod-template-hash: 86984b4c7c
    run: myapp
  name: myapp-86984b4c7c-mjlsj
  namespace: default
...

资源创建的方法:
  apiserver仅接收JSON格式的资源定义
  yaml格式提供配置清单,apiserver可自动将其转为json格式,然后提交执行。

大部分资源配置清单:
  apiversion:group/version -->
  kind:资源类别
  metadata:元数据
    name
    namespace
    labels
    annotations
    每个资源的引用PATH:/api/GROUP/VERSION/namespace/NAMESPACE/TYPE/NAME
  spec:期望的状态:disired state
  status:当前状态,current state,本字段由kuberbetes集群维护;
[root@k8s-master ~]# kubectl api-versions
admissionregistration.k8s.io/v1beta1
apiextensions.k8s.io/v1beta1
apiregistration.k8s.io/v1
apiregistration.k8s.io/v1beta1
apps/v1
apps/v1beta1
...
接口版本知识知晓:
  内侧:apl
  公测:beta
  文档版本:Stable

二级字段
[root@k8s-master ~]# kubectl explain pod.metadata
[root@k8s-master ~]# kubectl explain pod.spec

2、认识pod
组件是支持k8s平台运行的,资源是如何使用k8s能力的定义。pod属于资源部分
$ kubectl api-resources #查k8s能提供的资源类型
$ kubectl get ns #查k8s所有命令空间
命令使用
kubectl -h
kubectl get -h
kubectl create -h
kubectl create ns -h
在k8s集群中,最小的调度单元是pod
api-versions 几种类型的含义解释
kubectl explain pod
kubectl explain pod.metadata

pod常用操作
pod基础更新
创建pod:kubectl run ngtest --image=nginx:1.14-alpine --port=80 --replicas=1 (--dry-run 可以检查命令的可靠性,不生效)
                kubectl create -f kubeadm.yaml
更新pod: kubectl apply -f kubeadm.yaml
删除pod: kubectl delete -f kubeadm.yaml
               kubectl delete pod nginx-deploy

查看pod信息
kubectl get po -owide nginxtest
kubectl get po -owide nginxtest -oyaml |grep -n5 86aa8b2 # pod 以yaml文件输出
kubectl get po -owide nginxtest -oyaml >mytest.yaml # 导出
kubectl describe po nginx-deploy-55d8d67cf-mc9f7
kubectl exec -it myapp-5bc569c47d-ggktj ps aux # 查看容器进程

排查pod异常
kubectl exec -it nginx-deploy-55d8d67cf-mc9f7 -c nginx-deploy sh (进入pod,-c指定容器名)
kubectl logs -f --tail=10 nginx-deploy-55d8d67cf-mc9f7 -c nginx-deploy #pod容器日志

3、创建pod示例
[root@k8s-master ~]# cat /root/yas/pod-demo.yaml

apiVersion: v1
kind: Pod
metadata:
  name: pod-demo
  namespace: default
  labels:
    app: myapp
    tier: frontend
spec:
  containers:
  - image: ikubernetes/myapp:v1
    name: myapp
  - image: busybox:latest
    name: busybox
    command:
    - "/bin/sh"
    - "-c"
    - "sleep 3600"

[root@k8s-master ~]# kubectl create -f /root/yas/pod-demo.yaml
pod/myappx created
[root@k8s-master ~]# kubectl get pods myappx
NAME READY STATUS RESTARTS AGE
myappx 2/2 Running 0 40m
[root@k8s-master ~]# kubectl describe pod myappx # 查看报错信息,需要解决后进行下一步。

[root@k8s-master ~]# kubectl exec -it myappx -c myapp -- /bin/sh
/ # ps -ef
PID   USER     TIME   COMMAND
    1 root       0:00 nginx: master process nginx -g daemon off;
    5 nginx      0:00 nginx: worker process
    6 root       0:00 /bin/sh
   10 root       0:00 ps -ef
/ # cat /usr/share/nginx/html/index.html 
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # exit
[root@k8s-master ~]# kubectl exec -it myappx -c busybox -- /bin/sh     
/ # ps -ef
PID   USER     TIME  COMMAND
    1 root      0:00 sleep 3600
    5 root      0:00 /bin/sh
    9 root      0:00 ps -ef
/ # exit

[root@k8s-master ~]# kubectl delete -f /root/yas/pod-demo.yaml # 删除容器
pod "pod-demo" deleted

posted @ 2023-07-08 18:15  wang_wei123  阅读(17)  评论(0编辑  收藏  举报