Kerbernetes的Pod控制器

            Kerbernetes的Pod控制器

                                     作者:尹正杰

版权声明:原创作品,谢绝转载!否则将追究法律责任。 

 

 

 

一.K8s 控制器(Kubernetes Controllers)

我们知道在Kubernetes Master节点中存在三个重要组件,分别为kube-apiserver,kube-scheduler,kube-controller-manager,下面是Kubernetes Master Controller Manager中常见的Pod控制器:
    ReplicationController(早期K8S版本的控制器的控制器,如K8S 1.7,现在都更新K8S都更新到K8S 1.17.2版本了,因此这种控制器使用的相当较少了)
    Deployment Controller(用来管理非系统级无状态的守护进程的控制器,如Nginx) 
    ReplicaSet Controller(也是用来管理非系统级别无状态守护进程的控制器,通常使用较少,一般情况下我们会优先使用"Deployment Controller") 
    DaemonSet Controller(用来管理系统级无状态的守护进程的控制器,如Zabbix Agent(可以让系统扩展一些管理属性的,每个节点必须运行一个该进程用户管理该节点,若没有该进程则Zabbix Server无法监控,且没有必要在同一个节点上启动多个Zabbix Agent))
    StatefulSet Controller(用来管理有状态的守护进程的控制器,如MySQL/MariaDB)
    Job Controller(用来管理非守护进程,指的是运行某次任务(即一次性作业),如备份数据库)
    Cronjob Controller(也是用来管理非守护进程的控制器,相比于"Job Controller",该控制器支持周期性计划任务)
    ...

  在重启动和自动化应用中,Pod通过控制循环(control loop)是调节(non-terminating)系统状态:
    在Kubernetes中,控制器是一个控制循环,它通过API服务器监视集群的共享状态,并进行更改,试图将当前状态移到所需状态。

  Kubernetes运行一组控制器来处理日常任务,以确保集群的期望状态与观察到的状态匹配:
    基本上,每个控制器负责Kubernetes集群中的特定资源。
    对于管理集群的用户来说,了解Kubernetes中每个控制器的角色非常重要。

  控制器是Kubernetes的重要组成部分:
    他们是资源(resources)背后的"大脑(brains)"。
    例如,Kubernetes的部署资源的任务是确保有一定数量的pod在运行,节点控制器查找服务器的状态,并在服务器停机时做出响应。

  控制器流事件(Controller flow of events):
    Informer/Sharedformer是API Server与Controller之间的代理程序,负责分发监视的资源对象的相关变动事件,并将其存储与Workqueue之中,而Worker(s)负责运行队列中的相应操作。

  控制器本身也是标准的Kubernetes资源类型,它们可被实例化出具体的对象负责具体的任务:
    例如一个特定的Deployment控制器对象负责管理由标签选择器匹配到的Pod资源对象;
    控制器资源对象自身的创建,更新及删除操作则由控制器进程负责,这些进程统一打包在了kube-controller-manager之中;
    而kube-controller-manager自身的运行正常与否的状况则需要通过冗余的方式设置;

  控制器资源对象自身也会存在相应的管理操作;我们可以使用"--controllers"选项用于指定要启用的控制器:
    "*":
      如果创建容器时不指定控制器,默认启用所有的控制器(除了bootstrapsigner,tokencleaner这两个控制器不会被启用)
    All controllers:
      attachdetach,bootstrapsigner,clusterole-aggregation,cronjob,csrapproving,csrcleaner,csrsigning,daemonset,deployment,disruption,
      endpoint,garbagecollector,horizontalpodautoscaling,job,namespace,nodeipam,nodelifecycle,persistentvolume-binder,persistentvolume-expander,pdogc,
      pv-protection,pvc-protection,replicaset,replicationcontroller,resourcequota,route,service,serviceaccount,serviceaccount-token,statefulset,
      tokencleaner,ttl
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n kube-system
NAME                                                   READY   STATUS    RESTARTS   AGE
coredns-6955765f44-455fh                               1/1     Running   1          2d3h
coredns-6955765f44-q6zqj                               1/1     Running   1          2d3h
etcd-master200.yinzhengjie.org.cn                      1/1     Running   1          2d3h
kube-apiserver-master200.yinzhengjie.org.cn            1/1     Running   1          2d3h
kube-controller-manager-master200.yinzhengjie.org.cn   1/1     Running   1          2d3h
kube-flannel-ds-amd64-hnnhb                            1/1     Running   1          2d3h
kube-flannel-ds-amd64-jhmh6                            1/1     Running   1          2d2h
kube-flannel-ds-amd64-lnldz                            1/1     Running   2          2d3h
kube-flannel-ds-amd64-nwv2l                            1/1     Running   1          2d2h
kube-proxy-2shb4                                       1/1     Running   1          2d3h
kube-proxy-6r9dx                                       1/1     Running   1          2d3h
kube-proxy-cg2m6                                       1/1     Running   1          2d2h
kube-proxy-lp5pr                                       1/1     Running   1          2d2h
kube-scheduler-master200.yinzhengjie.org.cn            1/1     Running   1          2d3h
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# ll /etc/kubernetes/manifests/
total 16
-rw------- 1 root root 1798 Feb  4 19:39 etcd.yaml
-rw------- 1 root root 2606 Feb  4 19:39 kube-apiserver.yaml
-rw------- 1 root root 2533 Feb  4 19:39 kube-controller-manager.yaml
-rw------- 1 root root 1120 Feb  4 19:39 kube-scheduler.yaml
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /etc/kubernetes/manifests/kube-controller-manager.yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    component: kube-controller-manager
    tier: control-plane
  name: kube-controller-manager
  namespace: kube-system
spec:
  containers:
  - command:
    - kube-controller-manager
    - --allocate-node-cidrs=true
    - --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf
    - --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf
    - --bind-address=127.0.0.1
    - --client-ca-file=/etc/kubernetes/pki/ca.crt
    - --cluster-cidr=10.244.0.0/16
    - --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt
    - --cluster-signing-key-file=/etc/kubernetes/pki/ca.key
    - --controllers=*,bootstrapsigner,tokencleaner
    - --kubeconfig=/etc/kubernetes/controller-manager.conf
    - --leader-elect=true
    - --node-cidr-mask-size=24
    - --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
    - --root-ca-file=/etc/kubernetes/pki/ca.crt
    - --service-account-private-key-file=/etc/kubernetes/pki/sa.key
    - --service-cluster-ip-range=10.96.0.0/12
    - --use-service-account-credentials=true
    image: k8s.gcr.io/kube-controller-manager:v1.17.2
    imagePullPolicy: IfNotPresent
    livenessProbe:
      failureThreshold: 8
      httpGet:
        host: 127.0.0.1
        path: /healthz
        port: 10257
        scheme: HTTPS
      initialDelaySeconds: 15
      timeoutSeconds: 15
    name: kube-controller-manager
    resources:
      requests:
        cpu: 200m
    volumeMounts:
    - mountPath: /etc/ssl/certs
      name: ca-certs
      readOnly: true
    - mountPath: /etc/pki
      name: etc-pki
      readOnly: true
    - mountPath: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
      name: flexvolume-dir
    - mountPath: /etc/kubernetes/pki
      name: k8s-certs
      readOnly: true
    - mountPath: /etc/kubernetes/controller-manager.conf
      name: kubeconfig
      readOnly: true
  hostNetwork: true
  priorityClassName: system-cluster-critical
  volumes:
  - hostPath:
      path: /etc/ssl/certs
      type: DirectoryOrCreate
    name: ca-certs
  - hostPath:
      path: /etc/pki
      type: DirectoryOrCreate
    name: etc-pki
  - hostPath:
      path: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
      type: DirectoryOrCreate
    name: flexvolume-dir
  - hostPath:
      path: /etc/kubernetes/pki
      type: DirectoryOrCreate
    name: k8s-certs
  - hostPath:
      path: /etc/kubernetes/controller-manager.conf
      type: FileOrCreate
    name: kubeconfig
status: {}
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /etc/kubernetes/manifests/kube-controller-manager.yaml

 

二.ReplicaSet 控制器(controller)

  ReplicaSet确保在任何给定时间运行指定数量的pod复制副本,ReplicaSet是Pods的直接控制器。

  编写复制集(ReplicaSet)规范:
    Pod Template
    Pod Selector
    Replicas
  
  使用复制集(ReplicaSet):
    删除复制集及其Pods(Deleting a ReplicaSet and its Pods)
    只删除复制集(Deleting just a ReplicaSet)
    从复制集中分离Pods(Isolating pods from a ReplicaSet)
    扩展到复制集(Scaling a ReplicaSet)

1>.编写yaml文件

[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml 
apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: myapp-rs
  namespace: develop
spec:
  replicas: 2
  selector:
     matchLabels:
       app: mynginx-pod
  template:
    metadata:
      labels:
        app: mynginx-pod
    spec:
      containers:
      - name: mynginx
        image: nginx:1.14-alpine
        ports:
        - name: http
          containerPort: 80
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml

2>.应用yaml文件

[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n develop
No resources found in develop namespace.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml 
replicaset.apps/myapp-rs created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n develop
NAME       DESIRED   CURRENT   READY   AGE
myapp-rs   2         2         1       2s
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml 
apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: myapp-rs
  namespace: develop
spec:
  replicas: 2
  selector:
     matchLabels:
       app: mynginx-pod
  template:
    metadata:
      labels:
        app: mynginx-pod
    spec:
      containers:
      - name: mynginx
        image: nginx:1.14-alpine
        ports:
        - name: http
          containerPort: 80
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n develop
NAME       DESIRED   CURRENT   READY   AGE
myapp-rs   2         2         2       3m13s
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe rs myapp-rs -n develop
Name:         myapp-rs
Namespace:    develop
Selector:     app=mynginx-pod
Labels:       <none>
Annotations:  kubectl.kubernetes.io/last-applied-configuration:
                {"apiVersion":"apps/v1","kind":"ReplicaSet","metadata":{"annotations":{},"name":"myapp-rs","namespace":"develop"},"spec":{"replicas":2,"se...
Replicas:     2 current / 2 desired
Pods Status:  2 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
  Labels:  app=mynginx-pod
  Containers:
   mynginx:
    Image:        nginx:1.14-alpine
    Port:         80/TCP
    Host Port:    0/TCP
    Environment:  <none>
    Mounts:       <none>
  Volumes:        <none>
Events:
  Type    Reason            Age    From                   Message
  ----    ------            ----   ----                   -------
  Normal  SuccessfulCreate  3m41s  replicaset-controller  Created pod: myapp-rs-5jr88
  Normal  SuccessfulCreate  3m41s  replicaset-controller  Created pod: myapp-rs-5x98d
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n develop -o wide
NAME       DESIRED   CURRENT   READY   AGE     CONTAINERS   IMAGES              SELECTOR
myapp-rs   2         2         2       4m29s   mynginx      nginx:1.14-alpine   app=mynginx-pod
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n develop -o wide
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME             READY   STATUS    RESTARTS   AGE   IP           NODE                         NOMINATED NODE   READINESS GATES   LABELS
myapp-rs-5jr88   1/1     Running   0          28m   10.244.3.3   node203.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5x98d   1/1     Running   0          28m   10.244.2.4   node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
pod-demo         2/2     Running   0          14h   10.244.3.2   node203.yinzhengjie.org.cn   <none>           <none>            app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels

3>.将pod的标签修改后,ReplicaSet控制器会自动创建一个新的

[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME             READY   STATUS    RESTARTS   AGE   IP           NODE                         NOMINATED NODE   READINESS GATES   LABELS
myapp-rs-5jr88   1/1     Running   0          28m   10.244.3.3   node203.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5x98d   1/1     Running   0          28m   10.244.2.4   node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
pod-demo         2/2     Running   0          14h   10.244.3.2   node203.yinzhengjie.org.cn   <none>           <none>            app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl label pod myapp-rs-5x98d -n develop app=mynginx-demo --overwrite            #我们将"app=mynginx-pod"的标签修改为"app=mynginx-demo",此时"app=mynginx-pod"的标签会少一个,因此我们会发现自动创建一个pod
pod/myapp-rs-5x98d labeled
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME             READY   STATUS    RESTARTS   AGE   IP           NODE                         NOMINATED NODE   READINESS GATES   LABELS
myapp-rs-2kwhc   1/1     Running   0          2s    10.244.2.5   node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5jr88   1/1     Running   0          28m   10.244.3.3   node203.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5x98d   1/1     Running   0          28m   10.244.2.4   node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-demo
pod-demo         2/2     Running   0          14h   10.244.3.2   node203.yinzhengjie.org.cn   <none>           <none>            app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl label pod myapp-rs-5x98d -n develop app=mynginx-demo --overwrite       #我们将"app=mynginx-pod"的标签修改为"app=mynginx-demo",此时"app=mynginx-pod"的标签会少一个,因此我们会发现自动创建一个pod

4>.通过配置文件动态修改pod的副本数 

[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME             READY   STATUS    RESTARTS   AGE   IP           NODE                         NOMINATED NODE   READINESS GATES   LABELS
myapp-rs-2kwhc   1/1     Running   0          17m   10.244.2.5   node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5jr88   1/1     Running   0          46m   10.244.3.3   node203.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5x98d   1/1     Running   0          46m   10.244.2.4   node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-demo
pod-demo         2/2     Running   0          15h   10.244.3.2   node203.yinzhengjie.org.cn   <none>           <none>            app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml 
apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: myapp-rs
  namespace: develop
spec:
  replicas: 5
  selector:
     matchLabels:
       app: mynginx-pod
  template:
    metadata:
      labels:
        app: mynginx-pod
    spec:
      containers:
      - name: mynginx
        image: nginx:1.14-alpine
        ports:
        - name: http
          containerPort: 80
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml 
replicaset.apps/myapp-rs configured
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME             READY   STATUS              RESTARTS   AGE   IP           NODE                         NOMINATED NODE   READINESS GATES   LABELS
myapp-rs-2kwhc   1/1     Running             0          18m   10.244.2.5   node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5jr88   1/1     Running             0          47m   10.244.3.3   node203.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5x98d   1/1     Running             0          47m   10.244.2.4   node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-demo
myapp-rs-96gmb   1/1     Running             0          11s   10.244.3.6   node203.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-jz77z   1/1     Running             0          11s   10.244.2.7   node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-wfsp8   0/1     ContainerCreating   0          11s   <none>       node201.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
pod-demo         2/2     Running             0          15h   10.244.3.2   node203.yinzhengjie.org.cn   <none>           <none>            app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/rs-example.yaml

5>.通过命令动态修改pod的副本数 

[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME             READY   STATUS    RESTARTS   AGE     IP            NODE                         NOMINATED NODE   READINESS GATES   LABELS
myapp-rs-2kwhc   1/1     Running   0          23m     10.244.2.5    node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5jr88   1/1     Running   0          52m     10.244.3.3    node203.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5x98d   1/1     Running   0          52m     10.244.2.4    node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-demo
myapp-rs-96gmb   1/1     Running   0          5m31s   10.244.3.6    node203.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-jz77z   1/1     Running   0          5m31s   10.244.2.7    node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-wfsp8   1/1     Running   0          5m31s   10.244.1.66   node201.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
pod-demo         2/2     Running   0          15h     10.244.3.2    node203.yinzhengjie.org.cn   <none>           <none>            app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl scale --replicas=3 rs myapp-rs -n develop
replicaset.apps/myapp-rs scaled
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -n develop -o wide --show-labels
NAME             READY   STATUS        RESTARTS   AGE    IP            NODE                         NOMINATED NODE   READINESS GATES   LABELS
myapp-rs-2kwhc   1/1     Running       0          25m    10.244.2.5    node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5jr88   1/1     Running       0          53m    10.244.3.3    node203.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-5x98d   1/1     Running       0          53m    10.244.2.4    node202.yinzhengjie.org.cn   <none>           <none>            app=mynginx-demo
myapp-rs-96gmb   1/1     Running       0          7m6s   10.244.3.6    node203.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
myapp-rs-wfsp8   1/1     Terminating   0          7m6s   10.244.1.66   node201.yinzhengjie.org.cn   <none>           <none>            app=mynginx-pod
pod-demo         2/2     Running       0          15h    10.244.3.2    node203.yinzhengjie.org.cn   <none>           <none>            app=pod-demo,rel=stable,tier=frontend
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl scale --replicas=3 rs myapp-rs -n develop

 

三.Deployments 控制器(controller)

  ReplicaSet 控制器是Pods的直接控制器,它能控制Pods满足用户期望的基本数量,但是ReplicaSet自身在更新上功能相对较弱,因此在ReplicaSet 之上又抽象出来了Deployments。

  Deploymentst会自动帮咱们调用ReplicaSet来完成对pod的管理,它拥有滚动,部署等功能,因此生产环境中我们通常使用Deployments。

  Deployments还支持让用户做金丝雀发布。

1>.编写yaml文件并应用yaml 

[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: deploy-nginx
  namespace: testing
spec:
  replicas: 3
  minReadySeconds: 10
  selector:
    matchLabels:
      app: nginx
      rel: stable
  template:
    metadata:
      labels:
        app: nginx
        rel: stable
    spec:
      containers:
      - name: nginx
        image: nginx:1.14-alpine
        ports:
        - containerPort: 80
          name: http
        readinessProbe:
          periodSeconds: 1
          httpGet:
            path: /
            port: http
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl create ns testing
namespace/testing created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
No resources found in testing namespace.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml 
deployment.apps/deploy-nginx created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
NAME                            READY   STATUS              RESTARTS   AGE   IP            NODE                         NOMINATED NODE   READINESS GATES
deploy-nginx-6cc674fdcf-5lrss   0/1     ContainerCreating   0          2s    <none>        node201.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-9gbcj   1/1     Running             0          2s    10.244.2.11   node202.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-cwzd4   1/1     Running             0          2s    10.244.3.9    node203.yinzhengjie.org.cn   <none>           <none>
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n testing 
NAME                      DESIRED   CURRENT   READY   AGE
deploy-nginx-6cc674fdcf   3         3         3       5m45s
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing 
NAME                            READY   STATUS    RESTARTS   AGE
deploy-nginx-6cc674fdcf-5lrss   1/1     Running   0          6m5s
deploy-nginx-6cc674fdcf-9gbcj   1/1     Running   0          6m5s
deploy-nginx-6cc674fdcf-cwzd4   1/1     Running   0          6m5s
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
NAME                            READY   STATUS    RESTARTS   AGE    IP            NODE                         NOMINATED NODE   READINESS GATES
deploy-nginx-6cc674fdcf-5lrss   1/1     Running   0          6m7s   10.244.1.69   node201.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-9gbcj   1/1     Running   0          6m7s   10.244.2.11   node202.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-cwzd4   1/1     Running   0          6m7s   10.244.3.9    node203.yinzhengjie.org.cn   <none>           <none>
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml

2>.升级nginx的版本

[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: deploy-nginx
  namespace: testing
spec:
  replicas: 3
  minReadySeconds: 10
  selector:
    matchLabels:
      app: nginx
      rel: stable
  template:
    metadata:
      labels:
        app: nginx
        rel: stable
    spec:
      containers:
      - name: nginx
        image: nginx:1.17-alpine
        ports:
        - containerPort: 80
          name: http
        readinessProbe:
          periodSeconds: 1
          httpGet:
            path: /
            port: http
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n testing 
NAME                      DESIRED   CURRENT   READY   AGE
deploy-nginx-6cc674fdcf   3         3         3       11m
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
NAME                            READY   STATUS    RESTARTS   AGE   IP            NODE                         NOMINATED NODE   READINESS GATES
deploy-nginx-6cc674fdcf-5lrss   1/1     Running   0          11m   10.244.1.69   node201.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-9gbcj   1/1     Running   0          11m   10.244.2.11   node202.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-cwzd4   1/1     Running   0          11m   10.244.3.9    node203.yinzhengjie.org.cn   <none>           <none>
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n testing -o wide
NAME                      DESIRED   CURRENT   READY   AGE   CONTAINERS   IMAGES              SELECTOR
deploy-nginx-6cc674fdcf   3         3         3       11m   nginx        nginx:1.14-alpine   app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/deploy-nginx01.yaml 
deployment.apps/deploy-nginx configured
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -n testing -o wide
NAME                      DESIRED   CURRENT   READY   AGE     CONTAINERS   IMAGES              SELECTOR
deploy-nginx-545dd4fcd8   3         3         3       3m47s   nginx        nginx:1.17-alpine   app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-6cc674fdcf   0         0         0       24m     nginx        nginx:1.14-alpine   app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
NAME                            READY   STATUS        RESTARTS   AGE     IP            NODE                         NOMINATED NODE   READINESS GATES
deploy-nginx-545dd4fcd8-brczf   1/1     Running       0          3m55s   10.244.3.11   node203.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-545dd4fcd8-ft6lm   1/1     Running       0          3m38s   10.244.2.12   node202.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-545dd4fcd8-zjhnj   1/1     Running       0          3m21s   10.244.1.70   node201.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-5lrss   1/1     Terminating   0          24m     10.244.1.69   node201.yinzhengjie.org.cn   <none>           <none>
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 

3>.设置滚动策略案例并使用命令行升级nginx版本

[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment
KIND:     Deployment
VERSION:  apps/v1

DESCRIPTION:
     Deployment enables declarative updates for Pods and ReplicaSets.

FIELDS:
   apiVersion    <string>
     APIVersion defines the versioned schema of this representation of an
     object. Servers should convert recognized schemas to the latest internal
     value, and may reject unrecognized values. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

   kind    <string>
     Kind is a string value representing the REST resource this object
     represents. Servers may infer this from the endpoint the client submits
     requests to. Cannot be updated. In CamelCase. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

   metadata    <Object>
     Standard object metadata.

   spec    <Object>
     Specification of the desired behavior of the Deployment.

   status    <Object>
     Most recently observed status of the Deployment.

[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment.spec
KIND:     Deployment
VERSION:  apps/v1

RESOURCE: spec <Object>

DESCRIPTION:
     Specification of the desired behavior of the Deployment.

     DeploymentSpec is the specification of the desired behavior of the
     Deployment.

FIELDS:
   minReadySeconds    <integer>
     Minimum number of seconds for which a newly created pod should be ready
     without any of its container crashing, for it to be considered available.
     Defaults to 0 (pod will be considered available as soon as it is ready)

   paused    <boolean>
     Indicates that the deployment is paused.

   progressDeadlineSeconds    <integer>
     The maximum time in seconds for a deployment to make progress before it is
     considered to be failed. The deployment controller will continue to process
     failed deployments and a condition with a ProgressDeadlineExceeded reason
     will be surfaced in the deployment status. Note that progress will not be
     estimated during the time a deployment is paused. Defaults to 600s.

   replicas    <integer>
     Number of desired pods. This is a pointer to distinguish between explicit
     zero and not specified. Defaults to 1.

   revisionHistoryLimit    <integer>
     The number of old ReplicaSets to retain to allow rollback. This is a
     pointer to distinguish between explicit zero and not specified. Defaults to
     10.

   selector    <Object> -required-
     Label selector for pods. Existing ReplicaSets whose pods are selected by
     this will be the ones affected by this deployment. It must match the pod
     template's labels.

   strategy    <Object>
     The deployment strategy to use to replace existing pods with new ones.

   template    <Object> -required-
     Template describes the pods that will be created.

[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment.spec
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment.spec.strategy
KIND:     Deployment
VERSION:  apps/v1

RESOURCE: strategy <Object>

DESCRIPTION:
     The deployment strategy to use to replace existing pods with new ones.

     DeploymentStrategy describes how to replace existing pods with new ones.

FIELDS:
   rollingUpdate    <Object>
     Rolling update config params. Present only if DeploymentStrategyType =
     RollingUpdate.

   type    <string>
     Type of deployment. Can be "Recreate" or "RollingUpdate". Default is
     RollingUpdate.

[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl explain deployment.spec.strategy        #查看滚动策略
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: deploy-nginx
  namespace: testing2
spec:
  replicas: 3
  minReadySeconds: 10
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  selector:
    matchLabels:
      app: nginx
      rel: stable
  template:
    metadata:
      labels:
        app: nginx
        rel: stable
    spec:
      containers:
      - name: nginx
        image: nginx:1.14-alpine
        ports:
        - containerPort: 80
          name: http
        readinessProbe:
          periodSeconds: 1
          httpGet:
            path: /
            port: http
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl create ns testing2
namespace/testing2 created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -o wide -n testing2
No resources found in testing2 namespace.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml 
deployment.apps/deploy-nginx created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -o wide -n testing2
NAME                            READY   STATUS              RESTARTS   AGE   IP            NODE                         NOMINATED NODE   READINESS GATES
deploy-nginx-6cc674fdcf-5jk7r   0/1     ContainerCreating   0          5s    <none>        node201.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-hxkzd   1/1     Running             0          5s    10.244.3.12   node203.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-sw7zf   1/1     Running             0          5s    10.244.2.13   node202.yinzhengjie.org.cn   <none>           <none>
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pod -o wide -n testing2
NAME                            READY   STATUS    RESTARTS   AGE     IP            NODE                         NOMINATED NODE   READINESS GATES
deploy-nginx-6cc674fdcf-5jk7r   1/1     Running   0          5m51s   10.244.1.71   node201.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-hxkzd   1/1     Running   0          5m51s   10.244.3.12   node203.yinzhengjie.org.cn   <none>           <none>
deploy-nginx-6cc674fdcf-sw7zf   1/1     Running   0          5m51s   10.244.2.13   node202.yinzhengjie.org.cn   <none>           <none>
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl describe deploy deploy-nginx -n testing2
Name:                   deploy-nginx
Namespace:              testing2
CreationTimestamp:      Fri, 07 Feb 2020 02:53:33 +0800
Labels:                 <none>
Annotations:            deployment.kubernetes.io/revision: 2
                        kubectl.kubernetes.io/last-applied-configuration:
                          {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"deploy-nginx","namespace":"testing2"},"spec":{"minReadySe...
Selector:               app=nginx,rel=stable
Replicas:               3 desired | 3 updated | 3 total | 2 available | 1 unavailable
StrategyType:           RollingUpdate
MinReadySeconds:        10
RollingUpdateStrategy:  1 max unavailable, 1 max surge
Pod Template:
  Labels:  app=nginx
           rel=stable
  Containers:
   nginx:
    Image:        nginx:1.17-alpine
    Port:         80/TCP
    Host Port:    0/TCP
    Readiness:    http-get http://:http/ delay=0s timeout=1s period=1s #success=1 #failure=3
    Environment:  <none>
    Mounts:       <none>
  Volumes:        <none>
Conditions:
  Type           Status  Reason
  ----           ------  ------
  Available      True    MinimumReplicasAvailable
  Progressing    True    ReplicaSetUpdated
OldReplicaSets:  <none>
NewReplicaSet:   deploy-nginx-545dd4fcd8 (3/3 replicas created)
Events:
  Type    Reason             Age    From                   Message
  ----    ------             ----   ----                   -------
  Normal  ScalingReplicaSet  21m    deployment-controller  Scaled up replica set deploy-nginx-6cc674fdcf to 3
  Normal  ScalingReplicaSet  2m45s  deployment-controller  Scaled up replica set deploy-nginx-545dd4fcd8 to 1
  Normal  ScalingReplicaSet  2m45s  deployment-controller  Scaled down replica set deploy-nginx-6cc674fdcf to 2
  Normal  ScalingReplicaSet  2m45s  deployment-controller  Scaled up replica set deploy-nginx-545dd4fcd8 to 2
  Normal  ScalingReplicaSet  2m32s  deployment-controller  Scaled down replica set deploy-nginx-6cc674fdcf to 0
  Normal  ScalingReplicaSet  2m32s  deployment-controller  Scaled up replica set deploy-nginx-545dd4fcd8 to 3
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe deploy deploy-nginx -n testing2
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: deploy-nginx
  namespace: testing2
spec:
  replicas: 3
  minReadySeconds: 10
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  selector:
    matchLabels:
      app: nginx
      rel: stable
  template:
    metadata:
      labels:
        app: nginx
        rel: stable
    spec:
      containers:
      - name: nginx
        image: nginx:1.17-alpine
        ports:
        - containerPort: 80
          name: http
        readinessProbe:
          periodSeconds: 1
          httpGet:
            path: /
            port: http
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME                      DESIRED   CURRENT   READY   AGE   CONTAINERS   IMAGES              SELECTOR
deploy-nginx-6cc674fdcf   3         3         3       17m   nginx        nginx:1.14-alpine   app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl set image -n testing2 deployment deploy-nginx nginx=nginx:1.17-alpine
deployment.apps/deploy-nginx image updated
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME                      DESIRED   CURRENT   READY   AGE     CONTAINERS   IMAGES              SELECTOR
deploy-nginx-545dd4fcd8   3         3         3       5m18s   nginx        nginx:1.17-alpine   app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-6cc674fdcf   0         0         0       24m     nginx        nginx:1.14-alpine   app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl set image -n testing2 deployment deploy-nginx nginx=nginx:1.17-alpine

4>.版本回滚

[root@master200.yinzhengjie.org.cn ~]# kubectl rollout
Manage the rollout of a resource.
  
 Valid resource types include:

  *  deployments
  *  daemonsets
  *  statefulsets

Examples:
  # Rollback to the previous deployment
  kubectl rollout undo deployment/abc
  
  # Check the rollout status of a daemonset
  kubectl rollout status daemonset/foo

Available Commands:
  history     View rollout history
  pause       Mark the provided resource as paused
  restart     Restart a resource
  resume      Resume a paused resource
  status      Show the status of the rollout
  undo        Undo a previous rollout

Usage:
  kubectl rollout SUBCOMMAND [options]

Use "kubectl <command> --help" for more information about a given command.
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout history --help
View previous rollout revisions and configurations.

Examples:
  # View the rollout history of a deployment
  kubectl rollout history deployment/abc
  
  # View the details of daemonset revision 3
  kubectl rollout history daemonset/abc --revision=3

Options:
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
  -f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
  -k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
  -o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
  -R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
      --revision=0: See the details, including podTemplate of the revision specified
      --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].

Usage:
  kubectl rollout history (TYPE NAME | TYPE/NAME) [flags] [options]

Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout history --help
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout pause --help
Mark the provided resource as paused

 Paused resources will not be reconciled by a controller. Use "kubectl rollout resume" to resume a paused resource.
Currently only deployments support being paused.

Examples:
  # Mark the nginx deployment as paused. Any current state of
  # the deployment will continue its function, new updates to the deployment will not
  # have an effect as long as the deployment is paused.
  kubectl rollout pause deployment/nginx

Options:
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
  -f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
  -k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
  -o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
  -R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
      --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].

Usage:
  kubectl rollout pause RESOURCE [options]

Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout pause --help
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout restart --help
Restart a resource.

     Resource will be rollout restarted.

Examples:
  # Restart a deployment
  kubectl rollout restart deployment/nginx
  
  # Restart a daemonset
  kubectl rollout restart daemonset/abc

Options:
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
  -f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
  -k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
  -o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
  -R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
      --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].

Usage:
  kubectl rollout restart RESOURCE [options]

Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout restart --help
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout resume --help
Resume a paused resource

 Paused resources will not be reconciled by a controller. By resuming a resource, we allow it to be reconciled again.
Currently only deployments support being resumed.

Examples:
  # Resume an already paused deployment
  kubectl rollout resume deployment/nginx

Options:
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
  -f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
  -k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
  -o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
  -R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
      --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].

Usage:
  kubectl rollout resume RESOURCE [options]

Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout resume --help
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout status --help
Show the status of the rollout.

 By default 'rollout status' will watch the status of the latest rollout until it's done. If you don't want to wait for
the rollout to finish then you can use --watch=false. Note that if a new rollout starts in-between, then 'rollout
status' will continue watching the latest revision. If you want to pin to a specific revision and abort if it is rolled
over by another revision, use --revision=N where N is the revision you need to watch for.

Examples:
  # Watch the rollout status of a deployment
  kubectl rollout status deployment/nginx

Options:
  -f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
  -k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
  -R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
      --revision=0: Pin to a specific revision for showing its status. Defaults to 0 (last revision).
      --timeout=0s: The length of time to wait before ending watch, zero means never. Any other values should contain a
corresponding time unit (e.g. 1s, 2m, 3h).
  -w, --watch=true: Watch the status of the rollout until it's done.

Usage:
  kubectl rollout status (TYPE NAME | TYPE/NAME) [flags] [options]

Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout status --help
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout undo --help
Rollback to a previous rollout.

Examples:
  # Rollback to the previous deployment
  kubectl rollout undo deployment/abc
  
  # Rollback to daemonset revision 3
  kubectl rollout undo daemonset/abc --to-revision=3
  
  # Rollback to the previous deployment with dry-run
  kubectl rollout undo --dry-run=true deployment/abc

Options:
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
      --dry-run=false: If true, only print the object that would be sent, without sending it.
  -f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
  -k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
  -o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
  -R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
      --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
      --to-revision=0: The revision to rollback to. Default to 0 (last revision).

Usage:
  kubectl rollout undo (TYPE NAME | TYPE/NAME) [flags] [options]

Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout undo --help
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME                      DESIRED   CURRENT   READY   AGE   CONTAINERS   IMAGES              SELECTOR
deploy-nginx-545dd4fcd8   3         3         3       15m   nginx        nginx:1.17-alpine   app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-6cc674fdcf   0         0         0       35m   nginx        nginx:1.14-alpine   app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout status deployment/deploy-nginx -n testing2
deployment "deploy-nginx" successfully rolled out
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout history deployment/deploy-nginx -n testing2
deployment.apps/deploy-nginx 
REVISION  CHANGE-CAUSE
1         <none>
2         <none>

[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout undo deployment/deploy-nginx -n testing2
deployment.apps/deploy-nginx rolled back
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout status deployment/deploy-nginx -n testing2
Waiting for deployment "deploy-nginx" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "deploy-nginx" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "deploy-nginx" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "deploy-nginx" rollout to finish: 2 of 3 updated replicas are available...
Waiting for deployment "deploy-nginx" rollout to finish: 2 of 3 updated replicas are available...
deployment "deploy-nginx" successfully rolled out
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME                      DESIRED   CURRENT   READY   AGE   CONTAINERS   IMAGES              SELECTOR
deploy-nginx-545dd4fcd8   0         0         0       22m   nginx        nginx:1.17-alpine   app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-6cc674fdcf   3         3         3       41m   nginx        nginx:1.14-alpine   app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout history deployment/deploy-nginx -n testing2
deployment.apps/deploy-nginx 
REVISION  CHANGE-CAUSE
2         <none>
3         <none>

[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl rollout undo deployment/deploy-nginx -n testing2

5>.将提供的资源标记为已暂停

[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/pod/deploy-nginx02.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: deploy-nginx
  namespace: testing2
spec:
  replicas: 3
  minReadySeconds: 10
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  selector:
    matchLabels:
      app: nginx
      rel: stable
  template:
    metadata:
      labels:
        app: nginx
        rel: stable
    spec:
      containers:
      - name: nginx
        image: nginx:1.17-alpine
        ports:
        - containerPort: 80
          name: http
        readinessProbe:
          periodSeconds: 1
          httpGet:
            path: /
            port: http
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME                      DESIRED   CURRENT   READY   AGE   CONTAINERS   IMAGES              SELECTOR
deploy-nginx-545dd4fcd8   0         0         0       26m   nginx        nginx:1.17-alpine   app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-6cc674fdcf   3         3         3       45m   nginx        nginx:1.14-alpine   app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl set image -n testing2 deployment deploy-nginx nginx=nginx:1.16-alpine
deployment.apps/deploy-nginx image updated
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get rs -o wide -n testing2
NAME                      DESIRED   CURRENT   READY   AGE   CONTAINERS   IMAGES              SELECTOR
deploy-nginx-545dd4fcd8   0         0         0       28m   nginx        nginx:1.17-alpine   app=nginx,pod-template-hash=545dd4fcd8,rel=stable
deploy-nginx-5885b7c4bf   3         3         3       32s   nginx        nginx:1.16-alpine   app=nginx,pod-template-hash=5885b7c4bf,rel=stable
deploy-nginx-6cc674fdcf   0         0         0       47m   nginx        nginx:1.14-alpine   app=nginx,pod-template-hash=6cc674fdcf,rel=stable
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl set image -n testing2 deployment deploy-nginx nginx=nginx:1.16-alpine

[root@master200.yinzhengjie.org.cn ~]# kubectl set image -n testing2 deployment deploy-nginx nginx=nginx:1.12-alpine && kubectl rollout pause deployment/deploy-nginx -n testing2      #模拟实现"金丝雀"发布
deployment.apps/deploy-nginx image updated
deployment.apps/deploy-nginx paused
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]#  

 

四.DaemonSet 控制器(controller)

  Deployment控制器要比ReplicaSet控制器功能强大,可以控制集群中的副本数量,但是无法控制具体在哪一个node上创建副本,而守护程序控制器(DaemonSet contronller)可以控制每个节点上只允许一个pod(因此我们使用DaemonSet时无需指定副本(Replicas))。

  Deployment控制器可以让用户随意控制Pod的数量,比如在3个k8s node主机上我们可以指定6个副本pod,而DaemonSet由于只能在每个k8s node主机上允许一个pod,因此pod的数量取决于k8s node的数量,用户无法指定多个副本。

  举个例子,如果有50台服务器,你只需要在特定的20台服务器上允许特定的一个pod,我们可以为这20台主机打上不同的标签(label),Deployment控制器通过标签选择器可以运行20个Pod,但可能会在这20台主机上随机选中几台服务器运行多个pod让Replicas的数量为20即可;而DaemonSet控制器通过节点选择器可以让20台节点每一个节点都运行一个pod,这就是DaemonSet的强大之处。

  DaemonSet控制器也支持滚动策略,只不过它的滚动策略相比于Deloyment控制器要简单的多。
     守护程序确保所有(或某些)节点运行Pod的副本     当节点被添加到集群中时,pod被添加到它们中。     当节点从集群中移除时,这些pod将被垃圾收集。   编写守护程序(DaemonSet)规范:     selector     template   仅在某些节点上运行Pods:     如果指定.spec.template.spec.node selector,那么守护程序控制器(DaemonSet contonller)将在与该节点选择器匹配的节点上创建pod。     linkwise如果指定.spec.template.spec.affinity,守护进程控制器将在与该节点affinity匹配的节点上创建pod。

1>.查看集群各节点的是否存在污点(Taints),如果存在污点(Taints)则无法被调度

[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes
NAME                           STATUS   ROLES    AGE     VERSION
master200.yinzhengjie.org.cn   Ready    master   2d21h   v1.17.2
node201.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2
node202.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2
node203.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
NAME                           STATUS   ROLES    AGE     VERSION   LABELS
master200.yinzhengjie.org.cn   Ready    master   2d21h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=master200.yinzhengjie.org.cn,kubernetes.io/os=linux,node-role.kubernetes.io/master=
node201.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node201.yinzhengjie.org.cn,kubernetes.io/os=linux
node202.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node202.yinzhengjie.org.cn,kubernetes.io/os=linux
node203.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node203.yinzhengjie.org.cn,kubernetes.io/os=linux
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node master200.yinzhengjie.org.cn 
Name:               master200.yinzhengjie.org.cn
Roles:              master
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    kubernetes.io/arch=amd64
                    kubernetes.io/hostname=master200.yinzhengjie.org.cn
                    kubernetes.io/os=linux
                    node-role.kubernetes.io/master=
Annotations:        flannel.alpha.coreos.com/backend-data: {"VtepMAC":"be:50:d6:6b:04:39"}
                    flannel.alpha.coreos.com/backend-type: vxlan
                    flannel.alpha.coreos.com/kube-subnet-manager: true
                    flannel.alpha.coreos.com/public-ip: 172.200.1.200
                    kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
                    node.alpha.kubernetes.io/ttl: 0
                    volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp:  Tue, 04 Feb 2020 19:39:31 +0800
Taints:             node-role.kubernetes.io/master:NoSchedule
Unschedulable:      false
Lease:
  HolderIdentity:  master200.yinzhengjie.org.cn
  AcquireTime:     <unset>
  RenewTime:       Fri, 07 Feb 2020 16:21:06 +0800
Conditions:
  Type             Status  LastHeartbeatTime                 LastTransitionTime                Reason                       Message
  ----             ------  -----------------                 ------------------                ------                       -------
  MemoryPressure   False   Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 19:39:27 +0800   KubeletHasSufficientMemory   kubelet has sufficient memory available
  DiskPressure     False   Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 19:39:27 +0800   KubeletHasNoDiskPressure     kubelet has no disk pressure
  PIDPressure      False   Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 19:39:27 +0800   KubeletHasSufficientPID      kubelet has sufficient PID available
  Ready            True    Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 19:47:59 +0800   KubeletReady                 kubelet is posting ready status
Addresses:
  InternalIP:  172.200.1.200
  Hostname:    master200.yinzhengjie.org.cn
Capacity:
  cpu:                2
  ephemeral-storage:  511750Mi
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             4026376Ki
  pods:               110
Allocatable:
  cpu:                2
  ephemeral-storage:  482947890401
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             3923976Ki
  pods:               110
System Info:
  Machine ID:                 d637a9e4c24d4d11bed0c09151ac78e2
  System UUID:                A5574D56-A21D-EBEE-7A2B-6571CF422C27
  Boot ID:                    fd55871f-7b64-4ae2-9488-fb4572f38017
  Kernel Version:             3.10.0-957.el7.x86_64
  OS Image:                   CentOS Linux 7 (Core)
  Operating System:           linux
  Architecture:               amd64
  Container Runtime Version:  docker://19.3.5
  Kubelet Version:            v1.17.2
  Kube-Proxy Version:         v1.17.2
PodCIDR:                      10.244.0.0/24
PodCIDRs:                     10.244.0.0/24
Non-terminated Pods:          (8 in total)
  Namespace                   Name                                                    CPU Requests  CPU Limits  Memory Requests  Memory Limits  AGE
  ---------                   ----                                                    ------------  ----------  ---------------  -------------  ---
  kube-system                 coredns-6955765f44-455fh                                100m (5%)     0 (0%)      70Mi (1%)        170Mi (4%)     2d20h
  kube-system                 coredns-6955765f44-q6zqj                                100m (5%)     0 (0%)      70Mi (1%)        170Mi (4%)     2d20h
  kube-system                 etcd-master200.yinzhengjie.org.cn                       0 (0%)        0 (0%)      0 (0%)           0 (0%)         2d20h
  kube-system                 kube-apiserver-master200.yinzhengjie.org.cn             250m (12%)    0 (0%)      0 (0%)           0 (0%)         2d20h
  kube-system                 kube-controller-manager-master200.yinzhengjie.org.cn    200m (10%)    0 (0%)      0 (0%)           0 (0%)         2d20h
  kube-system                 kube-flannel-ds-amd64-hnnhb                             100m (5%)     100m (5%)   50Mi (1%)        50Mi (1%)      2d20h
  kube-system                 kube-proxy-6r9dx                                        0 (0%)        0 (0%)      0 (0%)           0 (0%)         2d20h
  kube-system                 kube-scheduler-master200.yinzhengjie.org.cn             100m (5%)     0 (0%)      0 (0%)           0 (0%)         2d20h
Allocated resources:
  (Total limits may be over 100 percent, i.e., overcommitted.)
  Resource           Requests    Limits
  --------           --------    ------
  cpu                850m (42%)  100m (5%)
  memory             190Mi (4%)  390Mi (10%)
  ephemeral-storage  0 (0%)      0 (0%)
Events:
  Type    Reason                   Age                    From                                      Message
  ----    ------                   ----                   ----                                      -------
  Normal  Starting                 3m10s                  kubelet, master200.yinzhengjie.org.cn     Starting kubelet.
  Normal  NodeHasSufficientMemory  3m10s (x8 over 3m10s)  kubelet, master200.yinzhengjie.org.cn     Node master200.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
  Normal  NodeHasNoDiskPressure    3m10s (x8 over 3m10s)  kubelet, master200.yinzhengjie.org.cn     Node master200.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
  Normal  NodeHasSufficientPID     3m10s (x7 over 3m10s)  kubelet, master200.yinzhengjie.org.cn     Node master200.yinzhengjie.org.cn status is now: NodeHasSufficientPID
  Normal  NodeAllocatableEnforced  3m10s                  kubelet, master200.yinzhengjie.org.cn     Updated Node Allocatable limit across pods
  Normal  Starting                 3m                     kube-proxy, master200.yinzhengjie.org.cn  Starting kube-proxy.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node master200.yinzhengjie.org.cn
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node201.yinzhengjie.org.cn 
Name:               node201.yinzhengjie.org.cn
Roles:              <none>
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    kubernetes.io/arch=amd64
                    kubernetes.io/hostname=node201.yinzhengjie.org.cn
                    kubernetes.io/os=linux
Annotations:        flannel.alpha.coreos.com/backend-data: {"VtepMAC":"82:2a:43:41:7f:b3"}
                    flannel.alpha.coreos.com/backend-type: vxlan
                    flannel.alpha.coreos.com/kube-subnet-manager: true
                    flannel.alpha.coreos.com/public-ip: 172.200.1.201
                    kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
                    node.alpha.kubernetes.io/ttl: 0
                    volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp:  Tue, 04 Feb 2020 20:11:15 +0800
Taints:             <none>
Unschedulable:      false
Lease:
  HolderIdentity:  node201.yinzhengjie.org.cn
  AcquireTime:     <unset>
  RenewTime:       Fri, 07 Feb 2020 16:22:36 +0800
Conditions:
  Type             Status  LastHeartbeatTime                 LastTransitionTime                Reason                       Message
  ----             ------  -----------------                 ------------------                ------                       -------
  MemoryPressure   False   Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 20:11:15 +0800   KubeletHasSufficientMemory   kubelet has sufficient memory available
  DiskPressure     False   Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 20:11:15 +0800   KubeletHasNoDiskPressure     kubelet has no disk pressure
  PIDPressure      False   Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 20:11:15 +0800   KubeletHasSufficientPID      kubelet has sufficient PID available
  Ready            True    Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 20:22:27 +0800   KubeletReady                 kubelet is posting ready status
Addresses:
  InternalIP:  172.200.1.201
  Hostname:    node201.yinzhengjie.org.cn
Capacity:
  cpu:                2
  ephemeral-storage:  511750Mi
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             4026376Ki
  pods:               110
Allocatable:
  cpu:                2
  ephemeral-storage:  482947890401
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             3923976Ki
  pods:               110
System Info:
  Machine ID:                 d637a9e4c24d4d11bed0c09151ac78e2
  System UUID:                6ED04D56-C57B-0527-4243-6C15BCBA68FE
  Boot ID:                    be24e2cb-1bba-4e46-829d-c53877ee9b80
  Kernel Version:             3.10.0-957.el7.x86_64
  OS Image:                   CentOS Linux 7 (Core)
  Operating System:           linux
  Architecture:               amd64
  Container Runtime Version:  docker://19.3.5
  Kubelet Version:            v1.17.2
  Kube-Proxy Version:         v1.17.2
PodCIDR:                      10.244.1.0/24
PodCIDRs:                     10.244.1.0/24
Non-terminated Pods:          (2 in total)
  Namespace                   Name                           CPU Requests  CPU Limits  Memory Requests  Memory Limits  AGE
  ---------                   ----                           ------------  ----------  ---------------  -------------  ---
  kube-system                 kube-flannel-ds-amd64-lnldz    100m (5%)     100m (5%)   50Mi (1%)        50Mi (1%)      2d20h
  kube-system                 kube-proxy-2shb4               0 (0%)        0 (0%)      0 (0%)           0 (0%)         2d20h
Allocated resources:
  (Total limits may be over 100 percent, i.e., overcommitted.)
  Resource           Requests   Limits
  --------           --------   ------
  cpu                100m (5%)  100m (5%)
  memory             50Mi (1%)  50Mi (1%)
  ephemeral-storage  0 (0%)     0 (0%)
Events:
  Type     Reason                   Age                    From                                    Message
  ----     ------                   ----                   ----                                    -------
  Normal   Starting                 2d20h                  kubelet, node201.yinzhengjie.org.cn     Starting kubelet.
  Normal   NodeHasSufficientMemory  2d20h (x2 over 2d20h)  kubelet, node201.yinzhengjie.org.cn     Node node201.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
  Normal   NodeHasNoDiskPressure    2d20h (x2 over 2d20h)  kubelet, node201.yinzhengjie.org.cn     Node node201.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
  Normal   NodeHasSufficientPID     2d20h (x2 over 2d20h)  kubelet, node201.yinzhengjie.org.cn     Node node201.yinzhengjie.org.cn status is now: NodeHasSufficientPID
  Normal   NodeAllocatableEnforced  2d20h                  kubelet, node201.yinzhengjie.org.cn     Updated Node Allocatable limit across pods
  Normal   Starting                 2d20h                  kube-proxy, node201.yinzhengjie.org.cn  Starting kube-proxy.
  Normal   NodeReady                2d20h                  kubelet, node201.yinzhengjie.org.cn     Node node201.yinzhengjie.org.cn status is now: NodeReady
  Normal   Starting                 4m35s                  kubelet, node201.yinzhengjie.org.cn     Starting kubelet.
  Normal   NodeHasSufficientMemory  4m35s (x2 over 4m35s)  kubelet, node201.yinzhengjie.org.cn     Node node201.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
  Normal   NodeHasNoDiskPressure    4m35s (x2 over 4m35s)  kubelet, node201.yinzhengjie.org.cn     Node node201.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
  Normal   NodeHasSufficientPID     4m35s (x2 over 4m35s)  kubelet, node201.yinzhengjie.org.cn     Node node201.yinzhengjie.org.cn status is now: NodeHasSufficientPID
  Normal   NodeAllocatableEnforced  4m35s                  kubelet, node201.yinzhengjie.org.cn     Updated Node Allocatable limit across pods
  Warning  Rebooted                 4m33s                  kubelet, node201.yinzhengjie.org.cn     Node node201.yinzhengjie.org.cn has been rebooted, boot id: be24e2cb-1bba-4e46-829d-c53877ee9b80
  Normal   Starting                 4m31s                  kube-proxy, node201.yinzhengjie.org.cn  Starting kube-proxy.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node201.yinzhengjie.org.cn
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node202.yinzhengjie.org.cn 
Name:               node202.yinzhengjie.org.cn
Roles:              <none>
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    kubernetes.io/arch=amd64
                    kubernetes.io/hostname=node202.yinzhengjie.org.cn
                    kubernetes.io/os=linux
Annotations:        flannel.alpha.coreos.com/backend-data: {"VtepMAC":"92:96:45:ff:d8:19"}
                    flannel.alpha.coreos.com/backend-type: vxlan
                    flannel.alpha.coreos.com/kube-subnet-manager: true
                    flannel.alpha.coreos.com/public-ip: 172.200.1.202
                    kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
                    node.alpha.kubernetes.io/ttl: 0
                    volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp:  Tue, 04 Feb 2020 20:26:11 +0800
Taints:             <none>
Unschedulable:      false
Lease:
  HolderIdentity:  node202.yinzhengjie.org.cn
  AcquireTime:     <unset>
  RenewTime:       Fri, 07 Feb 2020 16:22:16 +0800
Conditions:
  Type             Status  LastHeartbeatTime                 LastTransitionTime                Reason                       Message
  ----             ------  -----------------                 ------------------                ------                       -------
  MemoryPressure   False   Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 20:26:10 +0800   KubeletHasSufficientMemory   kubelet has sufficient memory available
  DiskPressure     False   Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 20:26:10 +0800   KubeletHasNoDiskPressure     kubelet has no disk pressure
  PIDPressure      False   Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 20:26:10 +0800   KubeletHasSufficientPID      kubelet has sufficient PID available
  Ready            True    Fri, 07 Feb 2020 16:18:06 +0800   Tue, 04 Feb 2020 20:26:21 +0800   KubeletReady                 kubelet is posting ready status
Addresses:
  InternalIP:  172.200.1.202
  Hostname:    node202.yinzhengjie.org.cn
Capacity:
  cpu:                2
  ephemeral-storage:  511750Mi
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             4026376Ki
  pods:               110
Allocatable:
  cpu:                2
  ephemeral-storage:  482947890401
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             3923976Ki
  pods:               110
System Info:
  Machine ID:                 d637a9e4c24d4d11bed0c09151ac78e2
  System UUID:                226D4D56-DEF8-E1C7-C94F-46F187EE96F4
  Boot ID:                    d5f37a27-c41b-44b6-9ce1-e60b82632a48
  Kernel Version:             3.10.0-957.el7.x86_64
  OS Image:                   CentOS Linux 7 (Core)
  Operating System:           linux
  Architecture:               amd64
  Container Runtime Version:  docker://19.3.5
  Kubelet Version:            v1.17.2
  Kube-Proxy Version:         v1.17.2
PodCIDR:                      10.244.2.0/24
PodCIDRs:                     10.244.2.0/24
Non-terminated Pods:          (2 in total)
  Namespace                   Name                           CPU Requests  CPU Limits  Memory Requests  Memory Limits  AGE
  ---------                   ----                           ------------  ----------  ---------------  -------------  ---
  kube-system                 kube-flannel-ds-amd64-nwv2l    100m (5%)     100m (5%)   50Mi (1%)        50Mi (1%)      2d19h
  kube-system                 kube-proxy-cg2m6               0 (0%)        0 (0%)      0 (0%)           0 (0%)         2d19h
Allocated resources:
  (Total limits may be over 100 percent, i.e., overcommitted.)
  Resource           Requests   Limits
  --------           --------   ------
  cpu                100m (5%)  100m (5%)
  memory             50Mi (1%)  50Mi (1%)
  ephemeral-storage  0 (0%)     0 (0%)
Events:
  Type     Reason                   Age                    From                                    Message
  ----     ------                   ----                   ----                                    -------
  Normal   Starting                 2d19h                  kubelet, node202.yinzhengjie.org.cn     Starting kubelet.
  Normal   NodeHasSufficientMemory  2d19h (x2 over 2d19h)  kubelet, node202.yinzhengjie.org.cn     Node node202.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
  Normal   NodeHasNoDiskPressure    2d19h (x2 over 2d19h)  kubelet, node202.yinzhengjie.org.cn     Node node202.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
  Normal   NodeHasSufficientPID     2d19h (x2 over 2d19h)  kubelet, node202.yinzhengjie.org.cn     Node node202.yinzhengjie.org.cn status is now: NodeHasSufficientPID
  Normal   NodeAllocatableEnforced  2d19h                  kubelet, node202.yinzhengjie.org.cn     Updated Node Allocatable limit across pods
  Normal   Starting                 2d19h                  kube-proxy, node202.yinzhengjie.org.cn  Starting kube-proxy.
  Normal   NodeReady                2d19h                  kubelet, node202.yinzhengjie.org.cn     Node node202.yinzhengjie.org.cn status is now: NodeReady
  Normal   Starting                 4m13s                  kubelet, node202.yinzhengjie.org.cn     Starting kubelet.
  Normal   NodeHasSufficientMemory  4m13s (x2 over 4m13s)  kubelet, node202.yinzhengjie.org.cn     Node node202.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
  Normal   NodeHasNoDiskPressure    4m13s (x2 over 4m13s)  kubelet, node202.yinzhengjie.org.cn     Node node202.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
  Normal   NodeHasSufficientPID     4m13s (x2 over 4m13s)  kubelet, node202.yinzhengjie.org.cn     Node node202.yinzhengjie.org.cn status is now: NodeHasSufficientPID
  Normal   NodeAllocatableEnforced  4m13s                  kubelet, node202.yinzhengjie.org.cn     Updated Node Allocatable limit across pods
  Warning  Rebooted                 4m12s                  kubelet, node202.yinzhengjie.org.cn     Node node202.yinzhengjie.org.cn has been rebooted, boot id: d5f37a27-c41b-44b6-9ce1-e60b82632a48
  Normal   Starting                 4m10s                  kube-proxy, node202.yinzhengjie.org.cn  Starting kube-proxy.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node202.yinzhengjie.org.cn
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node203.yinzhengjie.org.cn 
Name:               node203.yinzhengjie.org.cn
Roles:              <none>
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    kubernetes.io/arch=amd64
                    kubernetes.io/hostname=node203.yinzhengjie.org.cn
                    kubernetes.io/os=linux
Annotations:        flannel.alpha.coreos.com/backend-data: {"VtepMAC":"a2:8e:71:99:3a:9f"}
                    flannel.alpha.coreos.com/backend-type: vxlan
                    flannel.alpha.coreos.com/kube-subnet-manager: true
                    flannel.alpha.coreos.com/public-ip: 172.200.1.203
                    kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
                    node.alpha.kubernetes.io/ttl: 0
                    volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp:  Tue, 04 Feb 2020 20:26:23 +0800
Taints:             <none>
Unschedulable:      false
Lease:
  HolderIdentity:  node203.yinzhengjie.org.cn
  AcquireTime:     <unset>
  RenewTime:       Fri, 07 Feb 2020 16:21:29 +0800
Conditions:
  Type             Status  LastHeartbeatTime                 LastTransitionTime                Reason                       Message
  ----             ------  -----------------                 ------------------                ------                       -------
  MemoryPressure   False   Fri, 07 Feb 2020 16:18:10 +0800   Tue, 04 Feb 2020 20:26:23 +0800   KubeletHasSufficientMemory   kubelet has sufficient memory available
  DiskPressure     False   Fri, 07 Feb 2020 16:18:10 +0800   Tue, 04 Feb 2020 20:26:23 +0800   KubeletHasNoDiskPressure     kubelet has no disk pressure
  PIDPressure      False   Fri, 07 Feb 2020 16:18:10 +0800   Tue, 04 Feb 2020 20:26:23 +0800   KubeletHasSufficientPID      kubelet has sufficient PID available
  Ready            True    Fri, 07 Feb 2020 16:18:10 +0800   Tue, 04 Feb 2020 20:26:33 +0800   KubeletReady                 kubelet is posting ready status
Addresses:
  InternalIP:  172.200.1.203
  Hostname:    node203.yinzhengjie.org.cn
Capacity:
  cpu:                2
  ephemeral-storage:  511750Mi
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             4026384Ki
  pods:               110
Allocatable:
  cpu:                2
  ephemeral-storage:  482947890401
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             3923984Ki
  pods:               110
System Info:
  Machine ID:                 d637a9e4c24d4d11bed0c09151ac78e2
  System UUID:                67A04D56-8B05-87A0-1E15-69BC1ADAF803
  Boot ID:                    c3a5508c-432c-4e4c-9913-68879ba9f5c3
  Kernel Version:             3.10.0-957.el7.x86_64
  OS Image:                   CentOS Linux 7 (Core)
  Operating System:           linux
  Architecture:               amd64
  Container Runtime Version:  docker://19.3.5
  Kubelet Version:            v1.17.2
  Kube-Proxy Version:         v1.17.2
PodCIDR:                      10.244.3.0/24
PodCIDRs:                     10.244.3.0/24
Non-terminated Pods:          (2 in total)
  Namespace                   Name                           CPU Requests  CPU Limits  Memory Requests  Memory Limits  AGE
  ---------                   ----                           ------------  ----------  ---------------  -------------  ---
  kube-system                 kube-flannel-ds-amd64-jhmh6    100m (5%)     100m (5%)   50Mi (1%)        50Mi (1%)      2d19h
  kube-system                 kube-proxy-lp5pr               0 (0%)        0 (0%)      0 (0%)           0 (0%)         2d19h
Allocated resources:
  (Total limits may be over 100 percent, i.e., overcommitted.)
  Resource           Requests   Limits
  --------           --------   ------
  cpu                100m (5%)  100m (5%)
  memory             50Mi (1%)  50Mi (1%)
  ephemeral-storage  0 (0%)     0 (0%)
Events:
  Type     Reason                   Age                    From                                    Message
  ----     ------                   ----                   ----                                    -------
  Normal   Starting                 2d19h                  kubelet, node203.yinzhengjie.org.cn     Starting kubelet.
  Normal   NodeHasSufficientMemory  2d19h (x2 over 2d19h)  kubelet, node203.yinzhengjie.org.cn     Node node203.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
  Normal   NodeHasNoDiskPressure    2d19h (x2 over 2d19h)  kubelet, node203.yinzhengjie.org.cn     Node node203.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
  Normal   NodeHasSufficientPID     2d19h (x2 over 2d19h)  kubelet, node203.yinzhengjie.org.cn     Node node203.yinzhengjie.org.cn status is now: NodeHasSufficientPID
  Normal   NodeAllocatableEnforced  2d19h                  kubelet, node203.yinzhengjie.org.cn     Updated Node Allocatable limit across pods
  Normal   Starting                 2d19h                  kube-proxy, node203.yinzhengjie.org.cn  Starting kube-proxy.
  Normal   NodeReady                2d19h                  kubelet, node203.yinzhengjie.org.cn     Node node203.yinzhengjie.org.cn status is now: NodeReady
  Normal   Starting                 3m27s                  kubelet, node203.yinzhengjie.org.cn     Starting kubelet.
  Normal   NodeAllocatableEnforced  3m27s                  kubelet, node203.yinzhengjie.org.cn     Updated Node Allocatable limit across pods
  Normal   NodeHasSufficientMemory  3m27s                  kubelet, node203.yinzhengjie.org.cn     Node node203.yinzhengjie.org.cn status is now: NodeHasSufficientMemory
  Normal   NodeHasNoDiskPressure    3m27s                  kubelet, node203.yinzhengjie.org.cn     Node node203.yinzhengjie.org.cn status is now: NodeHasNoDiskPressure
  Normal   NodeHasSufficientPID     3m27s                  kubelet, node203.yinzhengjie.org.cn     Node node203.yinzhengjie.org.cn status is now: NodeHasSufficientPID
  Warning  Rebooted                 3m26s                  kubelet, node203.yinzhengjie.org.cn     Node node203.yinzhengjie.org.cn has been rebooted, boot id: c3a5508c-432c-4e4c-9913-68879ba9f5c3
  Normal   Starting                 3m26s                  kube-proxy, node203.yinzhengjie.org.cn  Starting kube-proxy.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe node node203.yinzhengjie.org.cn

2>.编写yaml文件并应用yaml 

[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml 
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: filebeat-ds
  namespace: testing
  labels:
    app: filebeat
spec:
  selector:
    matchLabels:
      app: filebeat
  template:
    metadata:
      labels:
        app: filebeat
      name: filebeat
    spec:
      containers:
      - name: filebeat
        image: ikubernetes/filebeat:5.6.5-alpine
        env:
        - name: REDIS_HOST
          value: db.ikubernetes.io:6379
        - name: LOG_LEVEL
          value: info
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl create ns testing
namespace/testing created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml 
daemonset.apps/filebeat-ds created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide --show-labels -l app=filebeat
NAME                READY   STATUS    RESTARTS   AGE   IP           NODE                         NOMINATED NODE   READINESS GATES   LABELS
filebeat-ds-d72hj   1/1     Running   0          79s   10.244.3.2   node203.yinzhengjie.org.cn   <none>           <none>            app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
filebeat-ds-kb5v6   1/1     Running   0          79s   10.244.1.2   node201.yinzhengjie.org.cn   <none>           <none>            app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
filebeat-ds-wbhcr   1/1     Running   0          79s   10.244.2.2   node202.yinzhengjie.org.cn   <none>           <none>            app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml

3>.滚动更新案例(升级filebeat版本)

[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds
KIND:     DaemonSet
VERSION:  apps/v1

DESCRIPTION:
     DaemonSet represents the configuration of a daemon set.

FIELDS:
   apiVersion    <string>
     APIVersion defines the versioned schema of this representation of an
     object. Servers should convert recognized schemas to the latest internal
     value, and may reject unrecognized values. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

   kind    <string>
     Kind is a string value representing the REST resource this object
     represents. Servers may infer this from the endpoint the client submits
     requests to. Cannot be updated. In CamelCase. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

   metadata    <Object>
     Standard object's metadata. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

   spec    <Object>
     The desired behavior of this daemon set. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

   status    <Object>
     The current status of this daemon set. This data may be out of date by some
     window of time. Populated by the system. Read-only. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds.spec
KIND:     DaemonSet
VERSION:  apps/v1

RESOURCE: spec <Object>

DESCRIPTION:
     The desired behavior of this daemon set. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

     DaemonSetSpec is the specification of a daemon set.

FIELDS:
   minReadySeconds    <integer>
     The minimum number of seconds for which a newly created DaemonSet pod
     should be ready without any of its container crashing, for it to be
     considered available. Defaults to 0 (pod will be considered available as
     soon as it is ready).

   revisionHistoryLimit    <integer>
     The number of old history to retain to allow rollback. This is a pointer to
     distinguish between explicit zero and not specified. Defaults to 10.

   selector    <Object> -required-
     A label query over pods that are managed by the daemon set. Must match in
     order to be controlled. It must match the pod template's labels. More info:
     https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors

   template    <Object> -required-
     An object that describes the pod that will be created. The DaemonSet will
     create exactly one copy of this pod on every node that matches the
     template's node selector (or on every node if no node selector is
     specified). More info:
     https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template

   updateStrategy    <Object>
     An update strategy to replace existing DaemonSet pods with new pods.

[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds.spec
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds.spec.updateStrategy
KIND:     DaemonSet
VERSION:  apps/v1

RESOURCE: updateStrategy <Object>

DESCRIPTION:
     An update strategy to replace existing DaemonSet pods with new pods.

     DaemonSetUpdateStrategy is a struct used to control the update strategy for
     a DaemonSet.

FIELDS:
   rollingUpdate    <Object>
     Rolling update config params. Present only if type = "RollingUpdate".

   type    <string>
     Type of daemon set update. Can be "RollingUpdate" or "OnDelete". Default is
     RollingUpdate.

[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl explain ds.spec.updateStrategy
[root@master200.yinzhengjie.org.cn ~]# kubectl set image  --help
Update existing container image(s) of resources.

 Possible resources include (case insensitive):

  pod (po), replicationcontroller (rc), deployment (deploy), daemonset (ds), replicaset (rs)

Examples:
  # Set a deployment's nginx container image to 'nginx:1.9.1', and its busybox container image to 'busybox'.
  kubectl set image deployment/nginx busybox=busybox nginx=nginx:1.9.1
  
  # Update all deployments' and rc's nginx container's image to 'nginx:1.9.1'
  kubectl set image deployments,rc nginx=nginx:1.9.1 --all
  
  # Update image of all containers of daemonset abc to 'nginx:1.9.1'
  kubectl set image daemonset abc *=nginx:1.9.1
  
  # Print result (in yaml format) of updating nginx container image from local file, without hitting the server
  kubectl set image -f path/to/file.yaml nginx=nginx:1.9.1 --local -o yaml

Options:
      --all=false: Select all resources, including uninitialized ones, in the namespace of the specified resource types
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
      --dry-run=false: If true, only print the object that would be sent, without sending it.
  -f, --filename=[]: Filename, directory, or URL to files identifying the resource to get from a server.
  -k, --kustomize='': Process the kustomization directory. This flag can't be used together with -f or -R.
      --local=false: If true, set image will NOT contact api-server but run locally.
  -o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
      --record=false: Record current kubectl command in the resource annotation. If set to false, do not record the
command. If set to true, record the command. If not set, default to updating the existing annotation value only if one
already exists.
  -R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage
related manifests organized within the same directory.
  -l, --selector='': Selector (label query) to filter on, not including uninitialized ones, supports '=', '==', and
'!='.(e.g. -l key1=value1,key2=value2)
      --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].

Usage:
  kubectl set image (-f FILENAME | TYPE NAME) CONTAINER_NAME_1=CONTAINER_IMAGE_1 ... CONTAINER_NAME_N=CONTAINER_IMAGE_N
[options]

Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl set image --help
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml 
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: filebeat-ds
  namespace: testing
  labels:
    app: filebeat
spec:
  selector:
    matchLabels:
      app: filebeat
  template:
    metadata:
      labels:
        app: filebeat
      name: filebeat
    spec:
      containers:
      - name: filebeat
        image: ikubernetes/filebeat:5.6.5-alpine
        env:
        - name: REDIS_HOST
          value: db.ikubernetes.io:6379
        - name: LOG_LEVEL
          value: info
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide --show-labels -l app=filebeat
NAME                READY   STATUS    RESTARTS   AGE   IP           NODE                         NOMINATED NODE   READINESS GATES   LABELS
filebeat-ds-d72hj   1/1     Running   0          12m   10.244.3.2   node203.yinzhengjie.org.cn   <none>           <none>            app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
filebeat-ds-kb5v6   1/1     Running   0          12m   10.244.1.2   node201.yinzhengjie.org.cn   <none>           <none>            app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
filebeat-ds-wbhcr   1/1     Running   0          12m   10.244.2.2   node202.yinzhengjie.org.cn   <none>           <none>            app=filebeat,controller-revision-hash=fb6b847cc,pod-template-generation=1
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get ds -n testing -o wide
NAME          DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE   CONTAINERS   IMAGES                              SELECTOR
filebeat-ds   3         3         3       3            3           <none>          15m   filebeat     ikubernetes/filebeat:5.6.5-alpine   app=filebeat
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl set image ds/filebeat-ds filebeat=ikubernetes/filebeat:5.6.6-alpine -n testing
daemonset.apps/filebeat-ds image updated
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get ds -n testing -o wide
NAME          DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE   CONTAINERS   IMAGES                              SELECTOR
filebeat-ds   3         3         3       3            3           <none>          17m   filebeat     ikubernetes/filebeat:5.6.6-alpine   app=filebeat
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl set image ds/filebeat-ds filebeat=ikubernetes/filebeat:5.6.6-alpine -n testing
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide --show-labels -l app=filebeat
NAME                READY   STATUS    RESTARTS   AGE     IP           NODE                         NOMINATED NODE   READINESS GATES   LABELS
filebeat-ds-jxd8q   1/1     Running   0          8m28s   10.244.3.3   node203.yinzhengjie.org.cn   <none>           <none>            app=filebeat,controller-revision-hash=6d7dff6d4d,pod-template-generation=2
filebeat-ds-wrkfk   1/1     Running   0          8m1s    10.244.1.3   node201.yinzhengjie.org.cn   <none>           <none>            app=filebeat,controller-revision-hash=6d7dff6d4d,pod-template-generation=2
filebeat-ds-wz2mh   1/1     Running   0          8m20s   10.244.2.3   node202.yinzhengjie.org.cn   <none>           <none>            app=filebeat,controller-revision-hash=6d7dff6d4d,pod-template-generation=2
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe pods filebeat-ds-jxd8q -n testing
Name:         filebeat-ds-jxd8q
Namespace:    testing
Priority:     0
Node:         node203.yinzhengjie.org.cn/172.200.1.203
Start Time:   Fri, 07 Feb 2020 16:44:47 +0800
Labels:       app=filebeat
              controller-revision-hash=6d7dff6d4d
              pod-template-generation=2
Annotations:  <none>
Status:       Running
IP:           10.244.3.3
IPs:
  IP:           10.244.3.3
Controlled By:  DaemonSet/filebeat-ds
Containers:
  filebeat:
    Container ID:   docker://a5b9901f18c5ec90a73137d7a57108e9351ec50ba5d9bc3136f2a7cc27744ec4
    Image:          ikubernetes/filebeat:5.6.6-alpine
    Image ID:       docker-pullable://ikubernetes/filebeat@sha256:5a59f3efee26f52582d9b9c9940249728291d236c561cefda5300ee124fd592f
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Fri, 07 Feb 2020 16:44:53 +0800
    Ready:          True
    Restart Count:  0
    Environment:
      REDIS_HOST:  db.ikubernetes.io:6379
      LOG_LEVEL:   info
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-x6kkr (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  default-token-x6kkr:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-x6kkr
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/disk-pressure:NoSchedule
                 node.kubernetes.io/memory-pressure:NoSchedule
                 node.kubernetes.io/not-ready:NoExecute
                 node.kubernetes.io/pid-pressure:NoSchedule
                 node.kubernetes.io/unreachable:NoExecute
                 node.kubernetes.io/unschedulable:NoSchedule
Events:
  Type    Reason     Age    From                                 Message
  ----    ------     ----   ----                                 -------
  Normal  Scheduled  8m34s  default-scheduler                    Successfully assigned testing/filebeat-ds-jxd8q to node203.yinzhengjie.org.cn
  Normal  Pulling    8m33s  kubelet, node203.yinzhengjie.org.cn  Pulling image "ikubernetes/filebeat:5.6.6-alpine"
  Normal  Pulled     8m28s  kubelet, node203.yinzhengjie.org.cn  Successfully pulled image "ikubernetes/filebeat:5.6.6-alpine"
  Normal  Created    8m28s  kubelet, node203.yinzhengjie.org.cn  Created container filebeat
  Normal  Started    8m28s  kubelet, node203.yinzhengjie.org.cn  Started container filebeat
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe pods filebeat-ds-jxd8q -n testing

4>.节点选择器(nodeSelector)案例构建filebeat案例

[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
NAME                           STATUS   ROLES    AGE     VERSION   LABELS
master200.yinzhengjie.org.cn   Ready    master   2d21h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=master200.yinzhengjie.org.cn,kubernetes.io/os=linux,node-role.kubernetes.io/master=
node201.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node201.yinzhengjie.org.cn,kubernetes.io/os=linux
node202.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node202.yinzhengjie.org.cn,kubernetes.io/os=linux
node203.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node203.yinzhengjie.org.cn,kubernetes.io/os=linux
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
[root@master200.yinzhengjie.org.cn ~]# kubectl explain pods.spec.nodeSelector
KIND:     Pod
VERSION:  v1

FIELD:    nodeSelector <map[string]string>

DESCRIPTION:
     NodeSelector is a selector which must be true for the pod to fit on a node.
     Selector which must match a node's labels for the pod to be scheduled on
     that node. More info:
     https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl explain pods.spec.nodeSelector
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml 
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: filebeat-ds
  namespace: testing
  labels:
    app: filebeat
spec:
  selector:
    matchLabels:
      app: filebeat
  template:
    metadata:
      labels:
        app: filebeat
      name: filebeat
    spec:
      containers:
      - name: filebeat
        image: ikubernetes/filebeat:5.6.5-alpine
        env:
        - name: REDIS_HOST
          value: db.ikubernetes.io:6379
        - name: LOG_LEVEL
          value: info
      nodeSelector:
        logcollecting: "on"
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/filebeat-ds.yaml 
daemonset.apps/filebeat-ds configured
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide --show-labels -l app=filebeat
No resources found in testing namespace.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl label node node202.yinzhengjie.org.cn logcollecting="on"
node/node202.yinzhengjie.org.cn labeled
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide --show-labels -l app=filebeat
NAME                READY   STATUS    RESTARTS   AGE   IP           NODE                         NOMINATED NODE   READINESS GATES   LABELS
filebeat-ds-n6j5z   1/1     Running   0          12s   10.244.2.4   node202.yinzhengjie.org.cn   <none>           <none>            app=filebeat,controller-revision-hash=dfb47bdf,pod-template-generation=3
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl label node node202.yinzhengjie.org.cn logcollecting="on"
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels
NAME                           STATUS   ROLES    AGE     VERSION   LABELS
master200.yinzhengjie.org.cn   Ready    master   2d21h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=master200.yinzhengjie.org.cn,kubernetes.io/os=linux,node-role.kubernetes.io/master=
node201.yinzhengjie.org.cn     Ready    <none>   2d21h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node201.yinzhengjie.org.cn,kubernetes.io/os=linux
node202.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node202.yinzhengjie.org.cn,kubernetes.io/os=linux,logcollecting=on
node203.yinzhengjie.org.cn     Ready    <none>   2d20h   v1.17.2   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=node203.yinzhengjie.org.cn,kubernetes.io/os=linux
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get nodes --show-labels

 

五.Job 控制器(controller)

  我们上面介绍了ReplicaSet,Deployment和DaemonSet,他们有一个特点就是都是用来控制守护进程的,即任何一个pod发生宕机都会自动选取一个节点启动起来;Job主要用来管理非守护进程的一次性作业,即当一个任务正常执行完毕后就会退出并不会再次启动。

  作业(Job)创建一个或多个pod并确保指定数量的pod成功终止:
    当pods成功完成时,作业将跟踪成功完成的操作;
    当达到指定数量的成功完成时,作业本身即已完成。删除作业将清除其创建的pods;

  编写Job控制器的规则:
    template
     selector
    Parall Jobs
      非并行作业(Non-parallel Jobs)
      具有固定完成计数的并行作业(Parallel Jobs with a fixed completion count,参考:"jobs.spec.completions")
      具有工作队列的并行作业(Parallel Jobs with a work queue,参考"jobs.spec.parallelism")  

  POD中的容器可能由于多种原因而失败,例如因为它的进程退出了非零退出代码,或者容器被杀死超过内存限制等:
    当容器的退出码为0,说明容器正常运行结束,则Pod的状态为Completed,此时并不会重启容器。
    当容器的退出吗不为0,说明容器不正常运行结束,则Pod状态为Failure,此时我们有两种重启策略,当Pod的容器执行失败时,若重启则可用restartPolicy="OnFailure",若不重启则可用restartPolicy="Nerver"。

  Job的工作模式:
    当使用.spec.completions指定完成时,作业控制器创建的每个Pod都具有相同的规范:
      这意味着所有pod都将具有相同的命令行和相同的镜像(image)、相同的卷(volumes)和(几乎)相同的环境变量。
      这些模式是不同的方式安排Pod在不同的事情上工作:
        当Parttern为"Job Template Expansion"时,".spec.completions"为1,".spec.parallelism"为"should be 1",即作用总量为1,那么并行度只能为1。
        当Parttern为"Queue with Pod Per Work Item"时,".spec.completions"为w,".spec.parallelism"为"any",即作业总量为多个(此处我们称为w个作业),那么并行度是any。
        当Parttern为"Queue with Variable Pod Count"时,".spec.completions"为1,".spec.parallelism"为"any",即一个队列中有可变的pod数量,那么一个队列中只能完成一个,并行度也是any。
        当Parttern为"Single Job With Static Work Assignment"时,".spec.completions"为w,".spec.parallelism"为"any"
[root@master200.yinzhengjie.org.cn ~]# kubectl explain jobs.spec.parallelism
KIND:     Job
VERSION:  batch/v1

FIELD:    parallelism <integer>

DESCRIPTION:
     Specifies the maximum desired number of pods the job should run at any
     given time. The actual number of pods running in steady state will be less
     than this number when ((.spec.completions - .status.successful) <
     .spec.parallelism), i.e. when the work left to do is less than max
     parallelism. More info:
     https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl explain jobs.spec.parallelism        #并行度
[root@master200.yinzhengjie.org.cn ~]# kubectl explain jobs.spec.completions
KIND:     Job
VERSION:  batch/v1

FIELD:    completions <integer>

DESCRIPTION:
     Specifies the desired number of successfully finished pods the job should
     be run with. Setting to nil means that the success of any pod signals the
     success of all pods, and allows parallelism to have any positive value.
     Setting to 1 means that parallelism is limited to 1 and the success of that
     pod signals the success of the job. More info:
     https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl explain jobs.spec.completions        #完成率

1>.单路作业案例

[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/job-example.yaml 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/job-example.yaml 
apiVersion: batch/v1
kind: Job
metadata:
  name: job-example
  namespace: testing
spec:
  template:
    metadata:
      labels:
        app: myjob
    spec:
      containers:
      - name: myjob
        image: alpine
        command: ["/bin/sh",  "-c", "sleep 10"]
      restartPolicy: Never
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/job-example.yaml
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get job -n testing -o wide
No resources found in testing namespace.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/job-example.yaml 
job.batch/job-example created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get job -n testing -o wide
NAME          COMPLETIONS   DURATION   AGE   CONTAINERS   IMAGES   SELECTOR
job-example   0/1           3s         3s    myjob        alpine   controller-uid=4346be11-e9d1-4cbe-8d9b-70b3fd7fb8ae
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get job -n testing -o wide
NAME          COMPLETIONS   DURATION   AGE   CONTAINERS   IMAGES   SELECTOR
job-example   1/1           20s        52s   myjob        alpine   controller-uid=4346be11-e9d1-4cbe-8d9b-70b3fd7fb8ae
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing -o wide
NAME                READY   STATUS      RESTARTS   AGE    IP           NODE                         NOMINATED NODE   READINESS GATES
filebeat-ds-n6j5z   1/1     Running     0          8h     10.244.2.4   node202.yinzhengjie.org.cn   <none>           <none>
job-example-qvt8q   0/1     Completed   0          103s   10.244.1.4   node201.yinzhengjie.org.cn   <none>           <none>
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/job-example.yaml

2>.多路作业案例

[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/job-multi.yaml 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/job-multi.yaml 
apiVersion: batch/v1
kind: Job
metadata:
  name: job-multi
  namespace: testing2 
spec:
  completions: 5
  parallelism: 2
  template:
    metadata:
      labels:
        app: myjob
    spec:
      containers:
      - name: myjob
        image: alpine
        command: ["/bin/sh",  "-c", "sleep 3"]
      restartPolicy: Never
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/job-multi.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing2 -o wide 
No resources found in testing2 namespace.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/job-multi.yaml 
job.batch/job-multi created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods -n testing2 -o wide
NAME              READY   STATUS      RESTARTS   AGE   IP            NODE                         NOMINATED NODE   READINESS GATES
job-multi-4t8cz   0/1     Completed   0          22s   10.244.1.10   node201.yinzhengjie.org.cn   <none>           <none>
job-multi-8qxxx   0/1     Completed   0          37s   10.244.1.8    node201.yinzhengjie.org.cn   <none>           <none>
job-multi-q8ql4   0/1     Completed   0          30s   10.244.1.9    node201.yinzhengjie.org.cn   <none>           <none>
job-multi-sfk7g   0/1     Completed   0          30s   10.244.2.8    node202.yinzhengjie.org.cn   <none>           <none>
job-multi-znltr   0/1     Completed   0          37s   10.244.2.7    node202.yinzhengjie.org.cn   <none>           <none>
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f /yinzhengjie/data/k8s/manifests/basic/pod/job-multi.yaml

 

六.CronJob 控制器(controller)

  一个Job控制器可用创建一次性任务,而一个CronJob控制器可用创建一个周期性调度任务,其实CronJob底层还是控制之前提到的Job控制器实现的:
    一个CronJob对象就像Linux 的crontab(cron table)文件的一行。
    它在给定的时间表上周期性地运行一个以Cron格式编写的作业。

  cron作业大约在其计划的每个执行时间创建一个作业对象。

  如果startDeadlineSeonds设置为大值或未设置(默认值),并且concurrency设置为Allow,则作业将始终至少运行一次:
    对于每个CronJob,CronJob控制器检查从上次计划时间到现在这段时间内它错过了多少计划
    如果错过的计划超过100个,则它不会启动作业并记录错误
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/cronjob-example.yaml 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod/cronjob-example.yaml 
apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: cronjob-example
  namespace: testing3
  labels:
    app: mycronjob
spec:
  schedule: "*/2 * * * *"
  jobTemplate:
    metadata:
      labels:
        app: mycronjob-jobs
    spec:
      parallelism: 2
      template:
        spec:
          containers:
          - name: myjob
            image: alpine
            command:
            - /bin/sh
            - -c
            - date; echo Hello from the Kubernetes cluster; sleep 10
          restartPolicy: OnFailure
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# vim /yinzhengjie/data/k8s/manifests/basic/pod/cronjob-example.yaml

 

七.Garbage Collection

  一些Kubernetes对象是其他对象的所有者:
    拥有的对象称为所有者对象的从属对象。
    每个依赖对象都有一个指向所属对象的metadata.ownerReferences字段。
    有时,Kubernetes会自动设置ownerReference的值。
    也可以通过手动设置“所有者引用”字段来指定所有者和从属对象之间的关系。

  删除对象时,可以指定是否也自动删除该对象的从属对象:
    自动删除从属关系称为级联删除(有两种级联删除模式:background  and foreground)

  如果删除对象而不自动删除其从属对象,则这些从属对象称为孤立对象

  设置级联删除策略:
    可以设置的值为:"Orphan","Foreground","Background"。
    Kubernetes 1.9之前的版本中,许多控制器的默认GC策略为orphan,包括ReplicaSet,StatefulSet,DaemonSet和Deployment等(对于extensions/v1beta1、apps/v1beta1和apps/v1beta2组版本中的类型,除非您另外指定,否则依赖对象在默认情况下是孤立的);
    Kubernetes 1.9之后的版本中,apps/v1群组中的所有控制器对象的默认策略都为删除,deleteOptions的值为"Backgroupd";

 

八.Node 控制器(controller)

  Node Controller打包在kube-controller-manager之中,它负责Node生命周期中的多种任务:
    (1)在注册节点时将CIDR块分配给该节点(如果CIDR分配为truned on)
    (2)使节点控制器的nades内部列表与云提供商的可用计算机列表保持最新。
    (3)监视节点的运行状况:
      健康状态的检查频率由"--node-monitor-period"选项进行定义
      节点变得不可用时,将其从Ready设置为Unknown
      长时间不可用时,驱逐此前敌法哦都至其上的Pod对象,驱逐速率由”--node-eviction-rate选项进行定义,默认为"0.1",即最快10秒驱逐一个Pod对象。
    (4)为Node驱逐哪些不能容忍当前Node上具有NoExecute效用的污点Pod对象(Kubernetes 1.6+)
    (5)为Node创建代表其Condition的污点(Kubernetes 1.8+)

1>.Nodes

  节点是Kubernetes中的一个工作机器,以前被称为下属(minion)。

  节点可以是虚拟机或物理机,具体取决于集群。

  每个节点包含运行pods所需的服务,并由主组件管理。

  节点上的服务包括 container runtime,kubelet和kube-proxy。

2>.Node Status

  Address:HostName,ExternalIP(外部地址),InternalIP(内部地址)

  Condition:该节点所处的状态,比如磁盘使用量等。

  Capacity:CPU、内存和可调度到节点上的最大数量的Pods

  Info:节点的一般信息,如kerner版本、Kubernetes版本(kubelet和kube-proxy版本)、Docker版本(如果使用)、OS名称。
[root@master200.yinzhengjie.org.cn ~]# kubectl describe nodes node201.yinzhengjie.org.cn
Name:               node201.yinzhengjie.org.cn
Roles:              <none>
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    kubernetes.io/arch=amd64
                    kubernetes.io/hostname=node201.yinzhengjie.org.cn
                    kubernetes.io/os=linux
Annotations:        flannel.alpha.coreos.com/backend-data: {"VtepMAC":"82:2a:43:41:7f:b3"}
                    flannel.alpha.coreos.com/backend-type: vxlan
                    flannel.alpha.coreos.com/kube-subnet-manager: true
                    flannel.alpha.coreos.com/public-ip: 172.200.1.201
                    kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
                    node.alpha.kubernetes.io/ttl: 0
                    volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp:  Tue, 04 Feb 2020 20:11:15 +0800
Taints:             <none>
Unschedulable:      false
Lease:
  HolderIdentity:  node201.yinzhengjie.org.cn
  AcquireTime:     <unset>
  RenewTime:       Sat, 08 Feb 2020 02:52:16 +0800
Conditions:
  Type             Status  LastHeartbeatTime                 LastTransitionTime                Reason                       Message
  ----             ------  -----------------                 ------------------                ------                       -------
  MemoryPressure   False   Sat, 08 Feb 2020 02:51:29 +0800   Tue, 04 Feb 2020 20:11:15 +0800   KubeletHasSufficientMemory   kubelet has sufficient memory available
  DiskPressure     False   Sat, 08 Feb 2020 02:51:29 +0800   Tue, 04 Feb 2020 20:11:15 +0800   KubeletHasNoDiskPressure     kubelet has no disk pressure
  PIDPressure      False   Sat, 08 Feb 2020 02:51:29 +0800   Tue, 04 Feb 2020 20:11:15 +0800   KubeletHasSufficientPID      kubelet has sufficient PID available
  Ready            True    Sat, 08 Feb 2020 02:51:29 +0800   Tue, 04 Feb 2020 20:22:27 +0800   KubeletReady                 kubelet is posting ready status
Addresses:
  InternalIP:  172.200.1.201
  Hostname:    node201.yinzhengjie.org.cn
Capacity:
  cpu:                2
  ephemeral-storage:  511750Mi
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             4026376Ki
  pods:               110
Allocatable:
  cpu:                2
  ephemeral-storage:  482947890401
  hugepages-1Gi:      0
  hugepages-2Mi:      0
  memory:             3923976Ki
  pods:               110
System Info:
  Machine ID:                 d637a9e4c24d4d11bed0c09151ac78e2
  System UUID:                6ED04D56-C57B-0527-4243-6C15BCBA68FE
  Boot ID:                    be24e2cb-1bba-4e46-829d-c53877ee9b80
  Kernel Version:             3.10.0-957.el7.x86_64
  OS Image:                   CentOS Linux 7 (Core)
  Operating System:           linux
  Architecture:               amd64
  Container Runtime Version:  docker://19.3.5
  Kubelet Version:            v1.17.2
  Kube-Proxy Version:         v1.17.2
PodCIDR:                      10.244.1.0/24
PodCIDRs:                     10.244.1.0/24
Non-terminated Pods:          (2 in total)
  Namespace                   Name                           CPU Requests  CPU Limits  Memory Requests  Memory Limits  AGE
  ---------                   ----                           ------------  ----------  ---------------  -------------  ---
  kube-system                 kube-flannel-ds-amd64-lnldz    100m (5%)     100m (5%)   50Mi (1%)        50Mi (1%)      3d6h
  kube-system                 kube-proxy-2shb4               0 (0%)        0 (0%)      0 (0%)           0 (0%)         3d6h
Allocated resources:
  (Total limits may be over 100 percent, i.e., overcommitted.)
  Resource           Requests   Limits
  --------           --------   ------
  cpu                100m (5%)  100m (5%)
  memory             50Mi (1%)  50Mi (1%)
  ephemeral-storage  0 (0%)     0 (0%)
Events:              <none>
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe nodes node201.yinzhengjie.org.cn

3>.Node Conditions

  OutOfDisk:
    即当为True时,磁盘耗尽,即节点上没有足够的可用空间来添加新的pod,否则为False

  Ready:
    如果节点运行正常并准备接受pods,则为True;
    如果节点运行不正常且不接受pods,则为False;
    如果节点控制器在上一个节点监视器宽限期内(默认值为40秒)未收到节点的消息,则为Unknown

  MemoryPressure:
    如果在节点存储器上存在压力,即,如果节点内存较低,则为true,否则为Flase

  PIDPressure:
    如果进程上存在压力,如果在节点上有太多的进程,则为true;否则为Flase。

  DiskPressure:
    如果磁盘大小上存在压力,即磁盘容量较低,则为true;否则Fla

  NetworkUnavailable:
    如果节点的网络配置不正确,则为True,否则为False。

  ConfigOK:
    如果kubelet配置正确,则为True,否则为False。

4>.节点管理(Node Management)

  与POD和服务不同,一个节点不是由Kubernetes天生创建的:它是由谷歌计算引擎之类的云提供商在外部创建的,或者它存在于物理或虚拟机的池中。
    当Kubernetes创建一个节点时,它会创建一个表示该节点的对象。
    创建后,Kubernetes检查节点是否有效。
  
  Kubernetes在内部创建一个节点对象(the representation ),并基于metadata.name字段通过运行状况检查来验证节点。
    如果节点有效,也就是说,如果所有必需的服务都在运行,那么它就有资格运行pod。
    否则,任何群集活动都将忽略它,直到它变为有效。

 

posted @ 2020-02-06 01:05  尹正杰  阅读(484)  评论(0编辑  收藏  举报