9.1 k8s pod版本更新流程及命令行实现升级与回滚
1.创建 Deployment
root@k8-deploy:~/k8s-yaml/controllers/deployments# vim nginx-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
在该例中:
- 创建名为 nginx-deployment(由 .metadata.name 字段标明)的 Deployment。
- 该 Deployment 创建三个(由 replicas 字段标明)Pod 副本。
- selector 字段定义 Deployment 如何查找要管理的 Pods。 在这里,你选择在 Pod 模板中定义的标签(app: nginx), 在 API 版本 apps/v1 中,Deployment 标签选择算符在创建后是不可变的。
说明:
- spec.selector.matchLabels 字段是 {key,value} 键值对映射。 在 matchLabels 映射中的每个 {key,value} 映射等效于 matchExpressions 中的一个元素, 即其 key 字段是 “key”,operator 为 “In”,values 数组仅包含 “value”。 在 matchLabels 和 matchExpressions 中给出的所有条件都必须满足才能匹配。
template 字段包含以下子字段:
- Pod 被使用 labels 字段打上 app: nginx 标签。
- Pod 模板规约(即 .template.spec 字段)指示 Pods 运行一个 nginx 容器, 该容器运行版本为 1.14.2 的 nginx Docker Hub镜像。
- 创建一个容器并使用 name 字段将其命名为 nginx。
通过运行以下命令创建 Deployment
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl apply -f nginx-deployment.yaml
deployment.apps/nginx-deployment created
说明: 你可以设置 --record 标志将所执行的命令写入资源注解中。 这对于以后的检查是有用的。例如,要查看针对每个 Deployment 修订版本所执行过的命令。
检查 Deployment 是否已创建
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 0/3 3 0 9s
在检查集群中的 Deployment 时,所显示的字段有:
- NAME 列出了集群中 Deployment 的名称。
- READY 显示应用程序的可用的 副本 数。显示的模式是“就绪个数/期望个数”。
- UP-TO-DATE 显示为了达到期望状态已经更新的副本数。
- AVAILABLE 显示应用可供用户使用的副本数。
- AGE 显示应用程序运行的时间。
- 请注意期望副本数是根据 .spec.replicas 字段设置 3。
几秒钟后再次运行 kubectl get deployments
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 3/3 3 3 45s
要查看 Deployment 创建的 ReplicaSet(rs)
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl get rs
NAME DESIRED CURRENT READY AGE
nginx-deployment-66b6c48dd5 3 3 3 11m
ReplicaSet 输出中包含以下字段:
NAME 列出名字空间中 ReplicaSet 的名称;
- DESIRED 显示应用的期望副本个数,即在创建 Deployment 时所定义的值。 此为期望状态;
- CURRENT 显示当前运行状态中的副本个数;
- READY 显示应用中有多少副本可以为用户提供服务;
- AGE 显示应用已经运行的时间长度。
- 注意 ReplicaSet 的名称始终被格式化为[Deployment名称]-[随机字符串]。 其中的随机字符串是使用 pod-template-hash 作为种子随机生成的。
查看每个 Pod 自动生成的标签
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
nginx-deployment-66b6c48dd5-hdxlg 1/1 Running 0 44m app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-hnmgw 1/1 Running 0 44m app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-p28z2 1/1 Running 0 44m app=nginx,pod-template-hash=66b6c48dd5
说明:
- 你必须在 Deployment 中指定适当的选择算符和 Pod 模板标签(在本例中为 app: nginx)。 标签或者选择算符不要与其他控制器(包括其他 Deployment 和 StatefulSet)重叠。 Kubernetes 不会阻止你这样做,但是如果多个控制器具有重叠的选择算符,它们可能会发生冲突 执行难以预料的操作。
- Deployment 控制器将 pod-template-hash 标签添加到 Deployment 所创建或收留的 每个 ReplicaSet 。
此标签可确保 Deployment 的子 ReplicaSets 不重叠。 标签是通过对 ReplicaSet 的 PodTemplate 进行哈希处理。 所生成的哈希值被添加到 ReplicaSet 选择算符、Pod 模板标签,并存在于在 ReplicaSet 可能拥有的任何现有 Pod 中。
2.更新 Deployment
说明:
- 仅当 Deployment Pod 模板(即 .spec.template)发生改变时,例如模板的标签或容器镜像被更新, 才会触发 Deployment 上线。 其他更新(如对 Deployment 执行扩缩容的操作)不会触发上线动作。
更新nginx Pod的镜像版本,比如从nginx:1.14.2升级到nginx:1.16.1
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl set image deployment/nginx-deployment nginx=nginx:1.16.1 --record
deployment.apps/nginx-deployment image updated
监控更新过程
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl rollout status deployment/nginx-deployment
Waiting for deployment "nginx-deployment" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "nginx-deployment" rollout to finish: 1 old replicas are pending termination...
deployment "nginx-deployment" successfully rolled out
在上线成功后,查看deployment
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 3/3 3 3 72m
查看 Deployment控制的ReplicaSet
可以看出Deployment通过创建新的 ReplicaSet 并将其扩容到 3 个副本并将旧 ReplicaSet 缩容到 0 个副本完成了 Pod 的更新操作
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl get rs
NAME DESIRED CURRENT READY AGE
nginx-deployment-559d658b74 3 3 3 5m
nginx-deployment-66b6c48dd5 0 0 0 74m
查看更新后的pod
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl get pod --show-labels
NAME READY STATUS RESTARTS AGE LABELS
nginx-deployment-559d658b74-4npbn 1/1 Running 0 6m29s app=nginx,pod-template-hash=559d658b74
nginx-deployment-559d658b74-4wqbp 1/1 Running 0 6m17s app=nginx,pod-template-hash=559d658b74
nginx-deployment-559d658b74-9wrpj 1/1 Running 0 6m41s app=nginx,pod-template-hash=559d658b74
说明:
- Deployment 可确保在更新时仅关闭一定数量的 Pod。默认情况下,它确保至少所需 Pods 75% 处于运行状态(最大不可用比例为 25%)。
- Deployment 还确保仅所创建 Pod 数量只可能比期望 Pods 数高一点点。 默认情况下,它可确保启动的 Pod 个数比期望个数最多多出 25%(最大峰值 25%)。
获取 Deployment 的更多信息
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl describe deployments
Name: nginx-deployment
Namespace: default
CreationTimestamp: Wed, 29 Sep 2021 16:01:55 +0800
Labels: app=nginx
Annotations: deployment.kubernetes.io/revision: 2
kubernetes.io/change-cause: kubectl set image deployment/nginx-deployment nginx=nginx:1.16.1 --record=true
Selector: app=nginx
Replicas: 3 desired | 3 updated | 3 total | 3 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=nginx
Containers:
nginx:
Image: nginx:1.16.1
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-deployment-559d658b74 (3/3 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 9m11s deployment-controller Scaled up replica set nginx-deployment-559d658b74 to 1
Normal ScalingReplicaSet 8m59s deployment-controller Scaled down replica set nginx-deployment-66b6c48dd5 to 2
Normal ScalingReplicaSet 8m59s deployment-controller Scaled up replica set nginx-deployment-559d658b74 to 2
Normal ScalingReplicaSet 8m47s deployment-controller Scaled down replica set nginx-deployment-66b6c48dd5 to 1
Normal ScalingReplicaSet 8m47s deployment-controller Scaled up replica set nginx-deployment-559d658b74 to 3
Normal ScalingReplicaSet 8m25s deployment-controller Scaled down replica set nginx-deployment-66b6c48dd5 to 0
3.回滚 Deployment
说明:
- Deployment 被触发上线时,系统就会创建 Deployment 的新的修订版本。 这意味着仅当 Deployment 的 Pod 模板(.spec.template)发生更改时,才会创建新修订版本 -- 例如,模板的标签或容器镜像发生变化。 其他更新,如 Deployment 的扩缩容操作不会创建 Deployment 修订版本。 这是为了方便同时执行手动缩放或自动缩放。 换言之,当你回滚到较早的修订版本时,只有 Deployment 的 Pod 模板部分会被回滚。
查看更新的历史记录
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl rollout history deployment.v1.apps/nginx-deployment
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
1 <none>
2 kubectl set image deployment/nginx-deployment nginx=nginx:1.16.1 --record=true
查看某个版本的更详细的更加记录信息
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl rollout history deployment.v1.apps/nginx-deployment --revision=2
deployment.apps/nginx-deployment with revision #2
Pod Template:
Labels: app=nginx
pod-template-hash=559d658b74
Annotations: kubernetes.io/change-cause: kubectl set image deployment/nginx-deployment nginx=nginx:1.16.1 --record=true
Containers:
nginx:
Image: nginx:1.16.1
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
回滚到之前的版本
kubectl rollout undo deployment.v1.apps/nginx-deployment --to-revision=1
deployment.apps/nginx-deployment rolled back
查看回滚后的deployment
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl get deployment nginx-deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 3/3 3 3 91m
查看deploymne的详细信息
root@k8-deploy:~/k8s-yaml/controllers/deployments# kubectl describe deployment nginx-deployment
Name: nginx-deployment
Namespace: default
CreationTimestamp: Wed, 29 Sep 2021 16:01:55 +0800
Labels: app=nginx
Annotations: deployment.kubernetes.io/revision: 3
Selector: app=nginx
Replicas: 3 desired | 3 updated | 3 total | 3 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=nginx
Containers:
nginx:
Image: nginx:1.14.2
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-deployment-66b6c48dd5 (3/3 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 22m deployment-controller Scaled up replica set nginx-deployment-559d658b74 to 1
Normal ScalingReplicaSet 22m deployment-controller Scaled down replica set nginx-deployment-66b6c48dd5 to 2
Normal ScalingReplicaSet 22m deployment-controller Scaled up replica set nginx-deployment-559d658b74 to 2
Normal ScalingReplicaSet 21m deployment-controller Scaled down replica set nginx-deployment-66b6c48dd5 to 1
Normal ScalingReplicaSet 21m deployment-controller Scaled up replica set nginx-deployment-559d658b74 to 3
Normal ScalingReplicaSet 21m deployment-controller Scaled down replica set nginx-deployment-66b6c48dd5 to 0
Normal ScalingReplicaSet 17s deployment-controller Scaled up replica set nginx-deployment-66b6c48dd5 to 1
Normal ScalingReplicaSet 15s deployment-controller Scaled down replica set nginx-deployment-559d658b74 to 2
Normal ScalingReplicaSet 15s deployment-controller Scaled up replica set nginx-deployment-66b6c48dd5 to 2
Normal ScalingReplicaSet 13s (x2 over 91m) deployment-controller Scaled up replica set nginx-deployment-66b6c48dd5 to 3
Normal ScalingReplicaSet 13s deployment-controller Scaled down replica set nginx-deployment-559d658b74 to 1
Normal ScalingReplicaSet 11s deployment-controller Scaled down replica set nginx-deployment-559d658b74 to 0
4.扩缩容Deployment
root@k8-deploy:~# kubectl scale deployment.v1.apps/nginx-deployment --replicas=10
deployment.apps/nginx-deployment scaled
root@k8-deploy:~# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 10/10 10 10 97m
root@k8-deploy:~# kubectl get rs
NAME DESIRED CURRENT READY AGE
nginx-deployment-559d658b74 0 0 0 27m
nginx-deployment-66b6c48dd5 10 10 10 97m
root@k8-deploy:~# kubectl get pod -o wide --show-labels
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
nginx-deployment-66b6c48dd5-7tl82 1/1 Running 0 6m33s 10.100.112.5 192.168.2.19 <none> <none> app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-b8wvd 1/1 Running 0 69s 10.100.172.196 192.168.2.17 <none> <none> app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-cqmzm 1/1 Running 0 6m31s 10.100.112.6 192.168.2.19 <none> <none> app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-h9bhf 1/1 Running 0 69s 10.100.224.71 192.168.2.18 <none> <none> app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-jzhkt 1/1 Running 0 69s 10.100.224.72 192.168.2.18 <none> <none> app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-kdvss 1/1 Running 0 6m29s 10.100.112.7 192.168.2.19 <none> <none> app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-kxsvq 1/1 Running 0 69s 10.100.172.197 192.168.2.17 <none> <none> app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-tlckf 1/1 Running 0 69s 10.100.112.8 192.168.2.19 <none> <none> app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-wfvmh 1/1 Running 0 69s 10.100.224.73 192.168.2.18 <none> <none> app=nginx,pod-template-hash=66b6c48dd5
nginx-deployment-66b6c48dd5-zmsfm 1/1 Running 0 69s 10.100.112.9 192.168.2.19 <none> <none> app=nginx,pod-template-hash=66b6c48dd5
暂停、恢复 Deployment
你可以在触发一个或多个更新之前暂停 Deployment,然后再恢复其执行。
这样做使得你能够在暂停和恢复执行之间应用多个修补程序,而不会触发不必要的上线操作。
查看现有的deplymnet集群 rs
root@k8-deploy:~# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 3/3 3 3 4s
root@k8-deploy:~# kubectl get rs
NAME DESIRED CURRENT READY AGE
nginx-deployment-66b6c48dd5 3 3 3 7s
执行暂停
root@k8-deploy:~# kubectl rollout pause deployment.v1.apps/nginx-deployment
deployment.apps/nginx-deployment paused
对deploymnet执行多项修改中的一项,比如修改pod镜像版本
root@k8-deploy:~# kubectl set image deployment.v1.apps/nginx-deployment nginx=nginx:1.17.10
deployment.apps/nginx-deployment image updated
在暂停期间对deploymnet的修改不会立即触发更新
root@k8-deploy:~# kubectl rollout history deployment.v1.apps/nginx-deployment
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
1 <none>
继续对deploymnet镜像修改,比如对pod使用的资源进行限制
root@k8-deploy:~# kubectl set resources deployment.v1.apps/nginx-deployment -c=nginx --limits=cpu=200m,memory=512Mi
deployment.apps/nginx-deployment resource requirements updated
# 此时deployment仍然不会触发更新
root@k8-deploy:~# kubectl rollout history deployment.v1.apps/nginx-deployment
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
1 <none
恢复 Deployment 执行
root@k8-deploy:~# kubectl rollout resume deployment.v1.apps/nginx-deployment
deployment.apps/nginx-deployment resumed
观察新的 ReplicaSet 的创建过程,其中包含了所应用的所有更新
root@k8-deploy:~# kubectl get rs -w
NAME DESIRED CURRENT READY AGE
nginx-deployment-66b6c48dd5 2 2 2 6m26s
nginx-deployment-fcfbff66c 2 2 1 6s
nginx-deployment-fcfbff66c 2 2 2 16s
nginx-deployment-66b6c48dd5 1 2 2 6m36s
nginx-deployment-fcfbff66c 3 2 2 16s
nginx-deployment-66b6c48dd5 1 2 2 6m36s
nginx-deployment-fcfbff66c 3 2 2 16s
nginx-deployment-fcfbff66c 3 3 2 16s
nginx-deployment-66b6c48dd5 1 1 1 6m36s
nginx-deployment-fcfbff66c 3 3 3 28s
nginx-deployment-66b6c48dd5 0 1 1 6m48s
nginx-deployment-66b6c48dd5 0 1 1 6m48s
nginx-deployment-66b6c48dd5 0 0 0 6m48s
root@k8-deploy:~# kubectl get rs
NAME DESIRED CURRENT READY AGE
nginx-deployment-66b6c48dd5 0 0 0 7m55s
nginx-deployment-fcfbff66c 3 3 3 95s
root@k8-deploy:~# kubectl rollout history deployment.v1.apps/nginx-deployment
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
1 <none>
2 <none>
