k8s 时不我待 只争朝夕
什么是k8s kubernetes
Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.
开源的系统 他可以自动部署 估量 管理容器应用;容器编排引擎。
容器编排:应用一般是单独容器化的组件(微服务化)组成,按照顺序在网络级别进行组织,以使其按照计划运行。以这种形式对容器进行组织的流程就叫做容器编排。
容器编排是指对单独组件和应用层的工作进行组织的流程。
业界的容器编排引擎的事实标准----k8s
Google的一个开源项目
为什么要学习k8s
挑战与机会并存 难得的提升自我的机会
先跑起来:
建立感性认识 快速了解概念
创建k8s集群
$ minikube version #
minikube version: v1.3.0
commit: 43969594266d77b555a207b0f3e9b3fa1dc92b1f
$ minikube start
* minikube v1.3.0 on Ubuntu 18.04
* Running on localhost (CPUs=2, Memory=2461MB, Disk=47990MB) ...
* OS release is Ubuntu 18.04.2 LTS
* Preparing Kubernetes v1.15.0 on Docker 18.09.5 ...
- kubelet.resolv-conf=/run/systemd/resolve/resolv.conf
* Pulling images ...
* Launching Kubernetes ...
* Waiting for: apiserver proxy etcd scheduler controller dns
* Done! kubectl is now configured to use "minikube"
$ kubectl get nodes #node是deploy我们app的地方
NAME STATUS ROLES AGE VERSION
minikube Ready master 4m8s v1.15.0
$ hostname
minikube
$ kubectl cluster-info
Kubernetes master is running at https://172.17.0.10:8443
KubeDNS is running at https://172.17.0.10:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
$ kubectl version
Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.2", GitCommit:"f6278300bebbb750328ac16ee6dd3aa7d3549568", GitTreeState:"clean", BuildDate:"2019-08-05T09:23:26Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.0", GitCommit:"e8462b5b5dc2584fdcd18e6bcfe9f1e4d970a529", GitTreeState:"clean", BuildDate:"2019-06-19T16:32:14Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}
部署应用
概念:
cluster:计算、存储、网络资源的集合 k8s利用这些资源运行各种基于容器的应用
master:cluser的大脑 主要职责是调度 决定应用放在哪里运行
node:运行应用 node是由master管理 监控并汇报容器的状态 根据master的要求管理容器的生命周期
node和master可以是一台机器 一台机器可以有多种角色
pod:是k8s的最小工作单元 pod包含一个多个容器 这些容器作为一个整体被master调度到另外一个node
为什么k8s引入pod概念?
1.可管理性 有些容器天生需要紧密关联,以pod为最小单位进行调度 扩展 共享资源 管理生命周期
2.通信和资源共享 相同的namespace 可以用localhost通信 可以共享存储;挂载vol到pod 本质是挂载vol到pod的每一个容器
pod的使用方式:
1.运行单一容器 one-container-per-pod包含一个多个容器
2.运行多个容器 :关系必须特别紧密 而且需要共享资源 这种情况可以放到一个pod中;tomcat和mysql就不符合这种情况 备注:他们需要协作但是不至于放到一个pod中 他们通过jdbc交互
controller:k8s不直接创建pod 而是通过controller来管理pod的 controller定义了pod的部署特性 比如几个副本 在什么node运行 包括deployment/replicaSet/DaemonSet/StatefuleSet/job等
deployment:最常用 可以管理pod的副本
replicaSet:deployment其实是通过replicaSet来管理副本的 一般不直接使用它
daemonSet:每个node最多运行一个pod副本
statefuleSet:保证pod每个副本在生命周期中名称不变
job:运行结束就删除的应用 其他controller的pod通常长期持续运行
Service:定义了外界访问一组特定pod的方式 service有自己的ip和端口 为pod提供了负载均衡、
controller是运行pod的 访问是service来执行的
namespace:为了资源隔离 默认有default和kubesystem2个namespace
部署kubernetes cluster
环境准备:192.168.135.50/51/52 分别是master node01 node02 自备梯子
安装:
sudo apt-get update && apt-get install docker.io #安装docker
添加apt-get源 # 略
sudo apt-get install -y kubelet kubeadm kubectl
创建:
master:kubeadm init --apiserver-advertise-address 192.168.135.50 --pod-network-cidr=10.244.0.0/16 ##--pod-network-cidr指定pod网络的范围
master:kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
node01:kubeadm join 192.168.135.50:6443 --token 5ni7kd.nvq2s89ul2dfp0nx --discovery-token-ca-cert-hash sha256:dfb4b8c08e184dcd1003cb487fd482d3e3258f82ed1084a6f29404f43871879b --ignore-preflight-errors=all
node02:kubeadm join 192.168.135.50:6443 --token 5ni7kd.nvq2s89ul2dfp0nx --discovery-token-ca-cert-hash sha256:dfb4b8c08e184dcd1003cb487fd482d3e3258f82ed1084a6f29404f43871879b --ignore-preflight-errors=all
查看node:
wyp@k8s-master:~$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 4d2h v1.15.2
k8s-node01 Ready <none> 3d19h v1.15.2
k8s-node02 Ready <none> 3d19h v1.15.2
查看pod:
wyp@k8s-master:~$ kubectl get pods -A -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
default http-app-c5f548d75-77dtx 1/1 Running 0 3d19h 10.244.1.2 k8s-node01 <none> <none>
default http-app-c5f548d75-xsc24 1/1 Running 0 3d19h 10.244.2.5 k8s-node02 <none> <none>
kube-system coredns-5c98db65d4-m5bg8 1/1 Running 1152 4d2h 10.244.0.8 k8s-master <none> <none>
kube-system coredns-5c98db65d4-sxfcr 1/1 Running 1153 4d2h 10.244.0.9 k8s-master <none> <none>
kube-system etcd-k8s-master 1/1 Running 2 4d2h 192.168.135.50 k8s-master <none> <none>
kube-system kube-apiserver-k8s-master 1/1 Running 2 4d2h 192.168.135.50 k8s-master <none> <none>
kube-system kube-controller-manager-k8s-master 1/1 Running 2 4d2h 192.168.135.50 k8s-master <none> <none>
kube-system kube-flannel-ds-amd64-8gtss 1/1 Running 3 3d19h 192.168.135.52 k8s-node02 <none> <none>
kube-system kube-flannel-ds-amd64-cpk2c 1/1 Running 1 4d2h 192.168.135.50 k8s-master <none> <none>
kube-system kube-flannel-ds-amd64-tz6h2 1/1 Running 0 3d19h 192.168.135.51 k8s-node01 <none> <none>
kube-system kube-proxy-m4x8z 1/1 Running 2 4d2h 192.168.135.50 k8s-master <none> <none>
kube-system kube-proxy-mklr6 1/1 Running 0 3d19h 192.168.135.52 k8s-node02 <none> <none>
kube-system kube-proxy-zmg7g 1/1 Running 0 3d19h 192.168.135.51 k8s-node01 <none> <none>
kube-system kube-scheduler-k8s-master 1/1 Running 3 4d2h 192.168.135.50 k8s-master <none> <none>
查看单个pod详情:
wyp@k8s-master:~$ kubectl describe pod http-app-c5f548d75-xsc24
Name: http-app-c5f548d75-xsc24
Namespace: default
Priority: 0
Node: k8s-node02/192.168.135.52
Start Time: Thu, 15 Aug 2019 15:56:53 +0800
Labels: pod-template-hash=c5f548d75
run=http-app
Annotations: <none>
Status: Running
IP: 10.244.2.5
Controlled By: ReplicaSet/http-app-c5f548d75
Containers:
http-app:
Container ID: docker://3dac0ec332c121ceb8af2307a43eefefaad242d3e5cbfbe55c80aa7b9c49e9d8
Image: httpd
Image ID: docker-pullable://httpd@sha256:7f24d65cdf99ceeeaa70a04ec920ea12edba06e0d2eb3f778d289faa76d15e17
Port: <none>
Host Port: <none>
State: Running
Started: Thu, 15 Aug 2019 16:36:11 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-4knzs (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-4knzs:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-4knzs
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events: <none>
4.k8s架构:
由master和node组成,节点上运行着k8s的服务
4.1master节点
master:cluster的大脑
kube-apiserver:前端接口 cli或者gui以及其他组件通过它管理cluster的资源
kube-scheduler: schedule负责决定将pod放在哪个node上运行
kube-controller:负责管理cluster的资源 保证资源处于预期的状态
etcd:保存cluster的配置信息和资源的状态信息 当数据变化时 etcd会通知相关的组件
pod网络,例如flannel /ˈflæn.əl/ pod间通信必要的
4.2node节点
node是pod运行的地方
node上有kubelet kube-proxy pod网络
kubelet是node的agent
kube-prox在逻辑上代表了后端的pod,外界先访问service 然后通过kube-proxy转发到pod
4.3架构图
wyp@k8s-master:~$ kubectl get pods -A -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
default http-app-c5f548d75-77dtx 1/1 Running 0 3d19h 10.244.1.2 k8s-node01 <none> <none>
default http-app-c5f548d75-xsc24 1/1 Running 0 3d19h 10.244.2.5 k8s-node02 <none> <none>
kube-system coredns-5c98db65d4-m5bg8 1/1 Running 1152 4d2h 10.244.0.8 k8s-master <none> <none>
kube-system coredns-5c98db65d4-sxfcr 1/1 Running 1153 4d2h 10.244.0.9 k8s-master <none> <none>
kube-system etcd-k8s-master 1/1 Running 2 4d2h 192.168.135.50 k8s-master <none> <none>
kube-system kube-apiserver-k8s-master 1/1 Running 2 4d2h 192.168.135.50 k8s-master <none> <none>
kube-system kube-controller-manager-k8s-master 1/1 Running 2 4d2h 192.168.135.50 k8s-master <none> <none>
kube-system kube-flannel-ds-amd64-8gtss 1/1 Running 3 3d19h 192.168.135.52 k8s-node02 <none> <none>
kube-system kube-flannel-ds-amd64-cpk2c 1/1 Running 1 4d2h 192.168.135.50 k8s-master <none> <none>
kube-system kube-flannel-ds-amd64-tz6h2 1/1 Running 0 3d19h 192.168.135.51 k8s-node01 <none> <none>
kube-system kube-proxy-m4x8z 1/1 Running 2 4d2h 192.168.135.50 k8s-master <none> <none>
kube-system kube-proxy-mklr6 1/1 Running 0 3d19h 192.168.135.52 k8s-node02 <none> <none>
kube-system kube-proxy-zmg7g 1/1 Running 0 3d19h 192.168.135.51 k8s-node01 <none> <none>
kube-system kube-scheduler-k8s-master 1/1 Running 3 4d2h 192.168.135.50 k8s-master <none> <none>
4.4用一个例子串起来
wyp@k8s-master:~$ kubectl run http-app --image=httpd --replicas=2 #创建一个deployment
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
Error from server (AlreadyExists): deployments.apps "http-app" already exists
wyp@k8s-master:~$ kubectl get deployment #查看deployment
NAME READY UP-TO-DATE AVAILABLE AGE
http-app 2/2 2 2 3d21h
wyp@k8s-master:~$ kubectl get pod -o wide #查看pod
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
http-app-c5f548d75-77dtx 1/1 Running 0 3d21h 10.244.1.2 k8s-node01 <none> <none>
http-app-c5f548d75-xsc24 1/1 Running 0 3d21h 10.244.2.5 k8s-node02 <none> <none>
kubect发送命令到kube-apiserver-k8s-master,kube-controller-manager-k8s-master接收到通知创建deployment资源,kube-scheduler-k8s-master 执行调度任务,将副本分发到node01和02,
node节点的kubelet接收到任务 分别在各自节点创建并运行pod
