k8s 容器资源管理
1. 定义配置文件使用最新的api
2. 配置文件统一版本管理,使用git,svn等
3. 使用yaml格式配置文件(k8s支持json)
4. 可以将不同的对象合并成一个配置文件
5. 不要没有必要设置默认值
6. 在注释中说明配置的作用
1. 获取api
[root@master ~]# kubectl api-versions
admissionregistration.k8s.io/v1beta1
apiextensions.k8s.io/v1beta1
apiregistration.k8s.io/v1beta1
apps/v1
apps/v1beta1
apps/v1beta2
authentication.k8s.io/v1
authentication.k8s.io/v1beta1
authorization.k8s.io/v1
authorization.k8s.io/v1beta1
autoscaling/v1
autoscaling/v2beta1
batch/v1
batch/v1beta1
certificates.k8s.io/v1beta1
events.k8s.io/v1beta1
extensions/v1beta1
networking.k8s.io/v1
policy/v1beta1
rbac.authorization.k8s.io/v1
rbac.authorization.k8s.io/v1beta1
storage.k8s.io/v1
storage.k8s.io/v1beta1
v1
2. 创建 nginx-deployment.yaml 配置文件
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: nginx-deployment # 创建deployment的名称
spec: #具体容器和控制器的所有配置
replicas: 3 # 副本数量
selector: # 选择器
matchLabels:
app: nginx # 匹配下面的template.metadata.labels
template:
metadata:
labels:
app: nginx
spec:
containers: # 容器的说明
- name: nginx
image: nginx:1.10
ports:
- containerPort: 80
3. 创建资源
[root@master ~]# kubectl create -f nginx-deployment.yaml
deployment "nginx-deployment" created
4. 查看资源
[root@master ~]# kubectl get deploy
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 3 3 3 2 49d
nginx-deployment 3 3 3 0 5m
5. 创建nginx-service.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-service
labels:
app: nginx
spec:
ports:
- port: 88
targetPort: 80
selector:
app: nginx
6. 创建资源
[root@master ~]# kubectl get svc -o wide |grep app=nginx
nginx-service ClusterIP 10.10.10.27 <none> 88/TCP 1m app=nginx
7. 测试端口是不是联通
# 在node01上测试
[root@node01 ~]# hostname
node01
[root@node01 ~]# curl -I 10.10.10.27:88
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 16 Feb 2020 07:23:11 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 31 Jan 2017 15:01:11 GMT
Connection: keep-alive
ETag: "5890a6b7-264"
Accept-Ranges: bytes
8. 查看端口访问日志
[root@master ~]# kubectl logs -f nginx-deployment-58d6d6ccb8-wbgdx
172.17.19.0 - - [16/Feb/2020:07:21:42 +0000] "HEAD / HTTP/1.1" 200 0 "-" "curl/7.29.0" "-"
172.17.19.0 - - [16/Feb/2020:07:23:11 +0000] "HEAD / HTTP/1.1" 200 0 "-" "curl/7.29.0" "-"
172.17.98.1 - - [16/Feb/2020:07:27:19 +0000] "HEAD / HTTP/1.1" 200 0 "-" "curl/7.29.0" "-"
Pod 管理
1. 创建/查询/更新/删除
[root@master ~]# vim nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.12
# 创建
[root@master ~]# kubectl create -f nginx-pod.yaml
pod "nginx-pod" created
## 查看
[root@master ~]# kubectl get pod nginx-pod
NAME READY STATUS RESTARTS AGE
nginx-pod 0/1 ContainerCreating 0 1m
[root@master ~]# kubectl describe pod nginx-pod
Name: nginx-pod
Namespace: default
Node: 192.168.10.157/192.168.10.157
Start Time: Sun, 16 Feb 2020 02:45:18 -0500
Labels: app=nginx
Annotations: <none>
Status: Pending
IP:
Containers:
nginx:
Container ID:
Image: nginx:1.12
#删除pod
[root@master ~]# kubectl delete -f nginx-pod.yaml
pod "nginx-pod" deleted
# 替换
[root@master ~]# kubectl replace -f nginx-pod.yaml --force
[root@master ~]# kubectl apply -f nginx-pod.yaml
2. 资源控制
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
resources: # 资源限制
requests: # 需要多少
memory: "64Mi"
cpu: "250m"
limits: # 最高使用多少
memory: "128Mi"
cpu: "500m"
3. 调度约束
# 主要是将pod发布到不同的环境,dev test prod 等
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
app: nginx
spec:
# nodeName: node01 # nodeName: 强制约束Pod调度到指定Node节点上
nodeSelector: # 通过label-selector 机制选择节点
env_role: dev
containers:
- name: nginx
image: nginx
resources:
requests:
memory: "64Mi"
cpu: "250m"
limits:
memory: "128Mi"
cpu: "500m"
# 创建并查看
[root@master ~]# kubectl get pod nginx-pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
nginx-pod 0/1 ContainerCreating 0 18s <none> 192.168.10.157
# 查看node
[root@master ~]# kubectl describe node 192.168.10.157
Name: 192.168.10.157
Roles: <none>
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/hostname=192.168.10.157
Annotations: node.alpha.kubernetes.io/ttl=0
volumes.kubernetes.io/controller-managed-attach-detach=true
Taints: <none>
CreationTimestamp: Sat, 28 Dec 2019 22:05:14 -0500
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
OutOfDisk False Sun, 16 Feb 2020 03:12:16 -0500 Sat, 28 Dec 2019 22:05:14 -0500 KubeletHasSufficientDisk kubelet has sufficient disk space available
MemoryPressure False Sun, 16 Feb 2020 03:12:16 -0500 Sat, 28 Dec 2019 22:05:14 -0500 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Sun, 16 Feb 2020 03:12:16 -0500 Sat, 28 Dec 2019 22:05:14 -0500 KubeletHasNoDiskPressure kubelet has no disk pressure
Ready True Sun, 16 Feb 2020 03:12:16 -0500 Sat, 15 Feb 2020 21:23:43 -0500 KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 192.168.10.157
Hostname: 192.168.10.157
Capacity:
cpu: 2
memory: 1863088Ki
pods: 110
Allocatable:
cpu: 2
memory: 1760688Ki
pods: 110
System Info:
Machine ID: 62e88a67a90446a2a526e4a44d747252
System UUID: C4364D56-AF69-D8E2-B66F-9248ABA78285
Boot ID: 72d46f77-e850-4051-8575-5220ddfeea26
Kernel Version: 3.10.0-1062.9.1.el7.x86_64
OS Image: CentOS Linux 7 (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://19.3.5
Kubelet Version: v1.9.1
Kube-Proxy Version: v1.9.1
ExternalID: 192.168.10.157
Non-terminated Pods: (5 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits
--------- ---- ------------ ---------- --------------- -------------
default nginx-8586cf59-ms8tr 0 (0%) 0 (0%) 0 (0%) 0 (0%)
default nginx-deployment-58d6d6ccb8-wbgdx 0 (0%) 0 (0%) 0 (0%) 0 (0%)
default nginx-pod 250m (12%) 500m (25%) 64Mi (3%) 128Mi (7%)
kube-system kubernetes-dashboard-67c665dd8d-p5xm2 0 (0%) 0 (0%) 0 (0%) 0 (0%)
kubernetes-dashboard kubernetes-dashboard-9df4d7b65-hnxsv 0 (0%) 0 (0%) 0 (0%) 0 (0%)
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
CPU Requests CPU Limits Memory Requests Memory Limits
------------ ---------- --------------- -------------
250m (12%) 500m (25%) 64Mi (3%) 128Mi (7%)
Events: <none>
## 给node里面的label为
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/hostname=192.168.10.157
## 给该node增加一个标签
[root@master ~]# kubectl label nodes 192.168.10.157 env_role=dev
node "192.168.10.157" labeled
## 再次查看标签
[root@master ~]# kubectl describe node 192.168.10.157
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
env_role=dev
kubernetes.io/hostname=192.168.10.157
4. Pod的重启策略
参考: https://blog.51cto.com/2032872/2332944?source=dra
## 三种重启策略 Always、OnFailure和Never,默认值为Always。
Always:当容器失效时,由kubelet自动重启该容器。
OnFailure:当容器终止运行且退出码不为0时,由kubelet自动重启该容器。
Never:不论容器运行状态如何,kubelet都不会重启该容器。
# Pod的重启策略与控制方式息息相关,当前可用于管理Pod的控制器包括ReplicationController、Job、DaemonSet及直接通过kubelet管理(静态Pod)。每种控制器对Pod的重启策略要求如下:
RC和DaemonSet:必须设置为Always,需要保证该容器持续运行。
Job和CronJob:OnFailure或Never,确保容器执行完成后不再重启。
kubelet:在Pod失效时自动重启它,不论将RestartPolicy设置为什么值,也不会对Pod进行健康检查。
5. Pod的健康检查机制
参考: https://www.cnblogs.com/ssgeek/p/11351376.html
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
livenessProbe:
httpGet:
port: 80
path: /index.html
6. 问题定位
1. kubectl describe TYPE NAME_PREFIX
2. kubectl logs NAME
3. kubectl exec -it NAME bash
网友评论