Pod多容器

init容器

[root@master k8s]# kubectl apply -f init-container-demo.yaml 
[root@master k8s]# cat init-container-demo.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: init-container-demo
  namespace: default
spec:
  initContainers:
  - name: iptables-init
    image: ikubernetes/admin-box:latest
    imagePullPolicy: IfNotPresent
    command: ['/bin/sh','-c']
    args: ['iptables -t nat -A PREROUTING -p tcp --dport 8080 -j REDIRECT --to-port 80']
    securityContext:
      capabilities:
        add:
        - NET_ADMIN
  containers:
  - name: demo
    image: ikubernetes/demoapp:v1.0
    imagePullPolicy: IfNotPresent
    ports:
    - name: http
      containerPort: 80

init容器执行完后会自动退出

[root@master k8s]# kubectl get pods
NAME                      READY   STATUS    RESTARTS        AGE
init-container-demo       1/1     Running   0               177m

 

SideCar容器

先创建一个configmap envoy

[root@master k8s]# kubectl apply -f configmap-envoy.yaml 
configmap/configmap-envoy unchanged
[root@master k8s]# cat configmap-envoy.yaml 
apiVersion: v1
kind: ConfigMap
metadata:
  name: configmap-envoy
data:
    envoy.yaml: |
        admin:
          access_log_path: /tmp/admin_access.log
          address:
            socket_address: { address: 0.0.0.0, port_value: 9901 }

        static_resources:
          listeners:
          - name: listener_0
            address:
              socket_address: { address: 0.0.0.0, port_value: 80 }
            filter_chains:
            - filters:
              - name: envoy.http_connection_manager
                config:
                  stat_prefix: ingress_http 
                  codec_type: AUTO 
                  route_config:
                    name: local_route
                    virtual_hosts:
                    - name: local_service 
                      domains: ["*"] 
                      routes:
                      - match: { prefix: "/" }
                        route: { cluster: local_service }
                  http_filters:
                  - name: envoy.router
          clusters:
          - name: local_service
            connect_timeout: 0.25s 
            type: STATIC
            lb_policy: ROUND_ROBIN 
            load_assignment:
              cluster_name: local_service
              endpoints:
              - lb_endpoints:
                - endpoint:
                    address:
                      socket_address:
                        address: 127.0.0.1
                        port_value: 8080

创建Pod

[root@master k8s]# kubectl apply -f sidecar-container-demo.yaml 
[root@master k8s]# cat sidecar-container-demo.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: sidecar-container-demo
  namespace: default
spec:
  containers:
  - name: proxy
    image: envoyproxy/envoy-alpine:v1.14.1
    command: ['/bin/sh','-c']
    args: ['sleep 5 && envoy -c /etc/envoy/envoy.yaml']
    volumeMounts:
    - name: config
      mountPath: "/etc/envoy/envoy.yaml"
      subPath: envoy.yaml
  - name: demo
    image: ikubernetes/demoapp:v1.0
    imagePullPolicy: IfNotPresent
    env:
    - name: HOST
      value: "127.0.0.1"
    - name: PORT
      value: "8080"
  volumes:
  - name: config
    configMap:
      name: configmap-envoy
      items:
      - key: "envoy.yaml"
        path: "envoy.yaml"

curl访问这个Pod,可以看到是envoy响应的

访问envoy测试

curl  10.244.104.26:9901
curl  10.244.104.26:9901/stats
curl  10.244.104.26:9901/help
curl  10.244.104.26:9901/clusters

 

posted @ 2023-02-10 21:31  Maniana  阅读(39)  评论(0编辑  收藏  举报