kubernetes 应用快速入门 部署nginx
下面文章只是个人学习使用整理,不做过解释。。。
kubectl get cs
kubectl get nodes
[root@k8m1 ~]# kubectl get pods -n kube-system
[root@k8m1 ~]# kubectl get ns
NAME STATUS AGE
default Active 24h
kube-public Active 24h
kube-system Active 24h
[root@k8m1 ~]# kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
coredns-576cbf47c7-jqcn8 1/1 Running 0 24h 10.244.0.3 k8m1
coredns-576cbf47c7-rqqvk 1/1 Running 0 24h 10.244.0.2 k8m1
etcd-k8m1 1/1 Running 0 24h 192.168.1.220 k8m1
kube-apiserver-k8m1 1/1 Running 0 24h 192.168.1.220 k8m1
kube-controller-manager-k8m1 1/1 Running 0 24h 192.168.1.220 k8m1
kube-flannel-ds-amd64-ck799 1/1 Running 1 24h 192.168.1.221 k8n1
kube-flannel-ds-amd64-nkdzg 1/1 Running 0 155m 192.168.1.205 k8n2
kube-flannel-ds-amd64-tjp27 1/1 Running 0 24h 192.168.1.220 k8m1
kube-proxy-8b7ds 1/1 Running 0 155m 192.168.1.205 k8n2
kube-proxy-dmswb 1/1 Running 0 24h 192.168.1.220 k8m1
kube-proxy-pm7wt 1/1 Running 0 24h 192.168.1.221 k8n1
kube-scheduler-k8m1 1/1 Running 0 24h 192.168.1.220 k8m1
pod, service,replicaset, deplovyment, statefulet, daemonset, job, cronjob, node
root@k8m1 ~]# kubectl
kubectl controls the Kubernetes cluster manager.
Find more information at: https://kubernetes.io/docs/reference/kubectl/overview/
Basic Commands (Beginner):
create Create a resource from a file or from stdin.
expose 使用 replication controller, service, deployment 或者 pod 并暴露它作为一个 新的
Kubernetes Service
run 在集群中运行一个指定的镜像
set 为 objects 设置一个指定的特征
Basic Commands (Intermediate):
explain 查看资源的文档
get 显示一个或更多 resources
edit 在服务器上编辑一个资源
delete Delete resources by filenames, stdin, resources and names, or by resources and label selector
Deploy Commands:
rollout Manage the rollout of a resource
scale 为 Deployment, ReplicaSet, Replication Controller 或者 Job 设置一个新的副本数量
autoscale 自动调整一个 Deployment, ReplicaSet, 或者 ReplicationController 的副本数量
Cluster Management Commands:
certificate 修改 certificate 资源.
cluster-info 显示集群信息
top Display Resource (CPU/Memory/Storage) usage.
cordon 标记 node 为 unschedulable
uncordon 标记 node 为 schedulable
drain Drain node in preparation for maintenance
taint 更新一个或者多个 node 上的 taints
Troubleshooting and Debugging Commands:
describe 显示一个指定 resource 或者 group 的 resources 详情
logs 输出容器在 pod 中的日志
attach Attach 到一个运行中的 container
exec 在一个 container 中执行一个命令
port-forward Forward one or more local ports to a pod
proxy 运行一个 proxy 到 Kubernetes API server
cp 复制 files 和 directories 到 containers 和从容器中复制 files 和 directories.
auth Inspect authorization
Advanced Commands:
apply 通过文件名或标准输入流(stdin)对资源进行配置
patch 使用 strategic merge patch 更新一个资源的 field(s)
replace 通过 filename 或者 stdin替换一个资源
wait Experimental: Wait for a specific condition on one or many resources.
convert 在不同的 API versions 转换配置文件
Settings Commands:
label 更新在这个资源上的 labels
annotate 更新一个资源的注解
completion Output shell completion code for the specified shell (bash or zsh)
Other Commands:
alpha Commands for features in alpha
api-resources Print the supported API resources on the server
api-versions Print the supported API versions on the server, in the form of "group/version"
config 修改 kubeconfig 文件
plugin Provides utilities for interacting with plugins.
version 输出 client 和 server 的版本信息
Usage:
kubectl [flags] [options]
Use "kubectl
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@k8master ~]# k8s run --help
-bash: k8s: 未找到命令
[root@k8master ~]# kubectl run --help
Create and run a particular image, possibly replicated.
Creates a deployment or job to manage the created container(s).
Examples:
# Start a single instance of nginx.
kubectl run nginx --image=nginx
# Start a single instance of hazelcast and let the container expose port 5701 .
kubectl run hazelcast --image=hazelcast --port=5701
# Start a single instance of hazelcast and set environment variables "DNS_DOMAIN=cluster" and
"POD_NAMESPACE=default" in the container.
kubectl run hazelcast --image=hazelcast --env="DNS_DOMAIN=cluster" --env="POD_NAMESPACE=default"
# Start a single instance of hazelcast and set labels "app=hazelcast" and "env=prod" in the
container.
kubectl run hazelcast --image=hazelcast --labels="app=hazelcast,env=prod"
# Start a replicated instance of nginx.
kubectl run nginx --image=nginx --replicas=5
# Dry run. Print the corresponding API objects without creating them.
kubectl run nginx --image=nginx --dry-run
# Start a single instance of nginx, but overload the spec of the deployment with a partial set of
values parsed from JSON.
kubectl run nginx --image=nginx --overrides='{ "apiVersion": "v1", "spec": { ... } }'
# Start a pod of busybox and keep it in the foreground, don't restart it if it exits.
kubectl run -i -t busybox --image=busybox --restart=Never
# Start the nginx container using the default command, but use custom arguments (arg1 .. argN) for
that command.
kubectl run nginx --image=nginx --
# Start the nginx container using a different command and custom arguments.
kubectl run nginx --image=nginx --command --
# Start the perl container to compute π to 2000 places and print it out.
kubectl run pi --image=perl --restart=OnFailure -- perl -Mbignum=bpi -wle 'print bpi(2000)'
# Start the cron job to compute π to 2000 places and print it out every 5 minutes.
kubectl run pi --schedule="0/5 * * * ?" --image=perl --restart=OnFailure -- perl -Mbignum=bpi -wle
'print bpi(2000)'
Options:
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or
map key is missing in the template. Only applies to golang and jsonpath output formats.
--attach=false: If true, wait for the Pod to start running, and then attach to the Pod as if
'kubectl attach ...' were called. Default false, unless '-i/--stdin' is set, in which case the
default is true. With '--restart=Never' the exit code of the container process is returned.
--cascade=true: If true, cascade the deletion of the resources managed by this resource (e.g.
Pods created by a ReplicationController). Default true.
--command=false: If true and extra arguments are present, use them as the 'command' field in
the container, rather than the 'args' field which is the default.
--dry-run=false: If true, only print the object that would be sent, without sending it.
--env=[]: Environment variables to set in the container
--expose=false: If true, a public, external service is created for the container(s) which are
run
-f, --filename=[]: to use to replace the resource.
--force=false: Only used when grace-period=0. If true, immediately remove resources from API
and bypass graceful deletion. Note that immediate deletion of some resources may result in
inconsistency or data loss and requires confirmation.
--generator='': 使用 API generator 的名字, 在
http://kubernetes.io/docs/user-guide/kubectl-conventions/#generators 查看列表.
--grace-period=-1: Period of time in seconds given to the resource to terminate gracefully.
Ignored if negative. Set to 1 for immediate shutdown. Can only be set to 0 when --force is true
(force deletion).
--hostport=-1: The host port mapping for the container port. To demonstrate a single-machine
container.
--image='': 指定容器要运行的镜像.
--image-pull-policy='': 容器的镜像拉取策略. 如果为空, 这个值将不会 被
client 指定且使用 server 端的默认值
-l, --labels='': Comma separated labels to apply to the pod(s). Will override previous values.
--leave-stdin-open=false: If the pod is started in interactive mode or with stdin, leave stdin
open after the first attach completes. By default, stdin will be closed after the first attach
completes.
--limits='': The resource requirement limits for this container. For example,
'cpu=200m,memory=512Mi'. Note that server side components may assign limits depending on the server
configuration, such as limit ranges.
-o, --output='': Output format. One of:
json|yaml|name|template|go-template|go-template-file|templatefile|jsonpath|jsonpath-file.
--overrides='': An inline JSON override for the generated object. If this is non-empty, it is
used to override the generated object. Requires that the object supply a valid apiVersion field.
--pod-running-timeout=1m0s: The length of time (like 5s, 2m, or 3h, higher than zero) to wait
until at least one pod is running
--port='': The port that this container exposes. If --expose is true, this is also the port
used by the service that is created.
--quiet=false: If true, suppress prompt messages.
--record=false: Record current kubectl command in the resource annotation. If set to false, do
not record the command. If set to true, record the command. If not set, default to updating the
existing annotation value only if one already exists.
-R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you
want to manage related manifests organized within the same directory.
-r, --replicas=1: Number of replicas to create for this container. Default is 1.
--requests='': 资源为 container 请求 requests . 例如, 'cpu=100m,memory=256Mi'.
注意服务端组件也许会赋予 requests, 这决定于服务器端配置, 比如 limit ranges.
--restart='Always': 这个 Pod 的 restart policy. Legal values [Always, OnFailure, Never].
如果设置为 'Always' 一个 deployment 被创建, 如果设置为 ’OnFailure' 一个 job
被创建, 如果设置为 'Never', 一个普通的 pod 被创建. 对于后面两个 --replicas
必须为 1. 默认 'Always', 为 CronJobs 设置为 `Never`.
--rm=false: If true, delete resources created in this command for attached containers.
--save-config=false: If true, the configuration of current object will be saved in its
annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to
perform kubectl apply on this object in the future.
--schedule='': A schedule in the Cron format the job should be run with.
--service-generator='service/v2': 使用 gnerator 的名称创建一个 service. 只有在
--expose 为 true 的时候使用
--service-overrides='': An inline JSON override for the generated service object. If this is
non-empty, it is used to override the generated object. Requires that the object supply a valid
apiVersion field. Only used if --expose is true.
--serviceaccount='': Service account to set in the pod spec
-i, --stdin=false: Keep stdin open on the container(s) in the pod, even if nothing is attached.
--template='': Template string or path to template file to use when -o=go-template,
-o=go-template-file. The template format is golang templates
[http://golang.org/pkg/text/template/#pkg-overview].
--timeout=0s: The length of time to wait before giving up on a delete, zero means determine a
timeout from the size of the object
-t, --tty=false: Allocated a TTY for each container in the pod.
--wait=false: If true, wait for resources to be gone before returning. This waits for
finalizers.
Usage:
kubectl run NAME --image=image [--env="key=value"] [--port=port] [--replicas=replicas]
[--dry-run=bool] [--overrides=inline-json] [--command] -- [COMMAND] [args...] [options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
(如果初始化集群出现问题,可以使用下面命令进行清理进行重新初始化:kubeadm reset)
查看监控信息
kubectl componentstatus #kubectl get cs
[root@k8m1 ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health": "true"}
kubectl get pods #获取当前都pod
[root@k8master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/nginx-deploy created
[root@k8master ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx-deploy 1 1 1 0 12s
[root@k8master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/nginx-deploy created
[root@k8master ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx-deploy 1 1 1 0 12s
[root@k8master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 71s
[root@k8master ~]# kubectl pods -o wide
Error: unknown command "pods" for "kubectl"
Did you mean this?
logs
Run 'kubectl --help' for usage.
unknown command "pods" for "kubectl"
Did you mean this?
logs
[root@k8master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 117s
[root@k8master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 2m8s 10.244.2.3 k8node2
[root@k8master ~]# curl 10.244.2.3
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
Commercial support is available at
Thank you for using nginx.
[root@k8master ~]# kubectl expose --help
Expose a resource as a new Kubernetes service.
Looks up a deployment, service, replica set, replication controller or pod by name and uses the
selector for that resource as the selector for a new service on the specified port. A deployment or
replica set will be exposed as a service only if its selector is convertible to a selector that
service supports, i.e. when the selector contains only the matchLabels component. Note that if no
port is specified via --port and the exposed resource has multiple ports, all will be re-used by the
new service. Also if no labels are specified, the new service will re-use the labels from the
resource it exposes.
Possible resources include (case insensitive):
pod (po), service (svc), replicationcontroller (rc), deployment (deploy), replicaset (rs)
Examples:
# Create a service for a replicated nginx, which serves on port 80 and connects to the containers
on port 8000.
kubectl expose rc nginx --port=80 --target-port=8000
# Create a service for a replication controller identified by type and name specified in
"nginx-controller.yaml", which serves on port 80 and connects to the containers on port 8000.
kubectl expose -f nginx-controller.yaml --port=80 --target-port=8000
# Create a service for a pod valid-pod, which serves on port 444 with the name "frontend"
kubectl expose pod valid-pod --port=444 --name=frontend
# Create a second service based on the above service, exposing the container port 8443 as port 443
with the name "nginx-https"
kubectl expose service nginx --port=443 --target-port=8443 --name=nginx-https
# Create a service for a replicated streaming application on port 4100 balancing UDP traffic and
named 'video-stream'.
kubectl expose rc streamer --port=4100 --protocol=udp --name=video-stream
# Create a service for a replicated nginx using replica set, which serves on port 80 and connects
to the containers on port 8000.
kubectl expose rs nginx --port=80 --target-port=8000
# Create a service for an nginx deployment, which serves on port 80 and connects to the containers
on port 8000.
kubectl expose deployment nginx --port=80 --target-port=8000
Options:
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or
map key is missing in the template. Only applies to golang and jsonpath output formats.
--cluster-ip='': ClusterIP to be assigned to the service. Leave empty to auto-allocate, or set
to 'None' to create a headless service.
--dry-run=false: If true, only print the object that would be sent, without sending it.
--external-ip='': Additional external IP address (not managed by Kubernetes) to accept for the
service. If this IP is routed to a node, the service can be accessed by this IP in addition to its
generated service IP.
-f, --filename=[]: Filename, directory, or URL to files identifying the resource to expose a
service
--generator='service/v2': 使用 generator 的名称. 这里有 2 个 generators: 'service/v1'
和 'service/v2'. 为一个不同地方是服务端口在 v1 的情况下叫 'default', 如果在 v2
中没有指定名称. 默认的名称是 'service/v2'.
-l, --labels='': Labels to apply to the service created by this call.
--load-balancer-ip='': IP to assign to the LoadBalancer. If empty, an ephemeral IP will be
created and used (cloud-provider specific).
--name='': 名称为最新创建的对象.
-o, --output='': Output format. One of:
json|yaml|name|go-template-file|templatefile|template|go-template|jsonpath|jsonpath-file.
--overrides='': An inline JSON override for the generated object. If this is non-empty, it is
used to override the generated object. Requires that the object supply a valid apiVersion field.
--port='': 服务的端口应该被指定. 如果没有指定, 从被创建的资源中复制
--protocol='': 创建 service 的时候伴随着一个网络协议被创建. 默认是 'TCP'.
--record=false: Record current kubectl command in the resource annotation. If set to false, do
not record the command. If set to true, record the command. If not set, default to updating the
existing annotation value only if one already exists.
-R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you
want to manage related manifests organized within the same directory.
--save-config=false: If true, the configuration of current object will be saved in its
annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to
perform kubectl apply on this object in the future.
--selector='': A label selector to use for this service. Only equality-based selector
requirements are supported. If empty (the default) infer the selector from the replication
controller or replica set.)
--session-affinity='': If non-empty, set the session affinity for the service to this; legal
values: 'None', 'ClientIP'
--target-port='': Name or number for the port on the container that the service should direct
traffic to. Optional.
--template='': Template string or path to template file to use when -o=go-template,
-o=go-template-file. The template format is golang templates
[http://golang.org/pkg/text/template/#pkg-overview].
--type='': Type for this service: ClusterIP, NodePort, LoadBalancer, or ExternalName. Default
is 'ClusterIP'.
Usage:
kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP|SCTP]
[--target-port=number-or-name] [--name=name] [--external-ip=external-ip-of-service] [--type=type]
[options]
Use "kubectl options" for a list of global command-line options (applies to all commands).
[root@k8master ~]#
暴露端口 ip 举例:
[root@k8master ~]# kubectl expose deployment nginx-deploy --name=nginx --port=80 --target-port=80 --protocol=TCP
service/nginx exposed
[root@k8master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1
nginx ClusterIP 10.105.147.135
访问试试:
root@k8master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1
nginx ClusterIP 10.105.147.135
[root@k8master ~]# curl 10.105.147.135
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
Commercial support is available at
Thank you for using nginx.
[root@k8master ~]# kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10
[root@k8master ~]# yum install bind-utils -y
[root@k8master ~]# kubectl run client --image=busybox --replicas=1 -it --restart=Never
[root@k8master ~]# kubectl run client --image=busybox --replicas=1 -it --restart=Never
If you don't see a command prompt, try pressing enter.
另外打开终端查看:
[root@k8master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 2m24s
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 40m
[root@k8master ~]#
/ #
/ # cat /etc/resolv.conf
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5
root@k8master ~]# dig -t A nginx.default.svc.cluster.local @10.96.0.1
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> -t A nginx.default.svc.cluster.local @10.96.0.1
/ # wget nginx
Connecting to nginx (10.105.147.135:80)
index.html 100% |******************************************************************| 612 0:00:00 ETA
/ # wget -O - -q http://nginx:80/
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
Commercial support is available at
Thank you for using nginx.
/ #
[root@k8master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1
nginx ClusterIP 10.105.147.135
[root@k8master ~]# kubectl describe svc nginx
Name: nginx
Namespace: default
Labels: run=nginx-deploy
Annotations:
Selector: run=nginx-deploy
Type: ClusterIP
IP: 10.105.147.135
Port:
TargetPort: 80/TCP
Endpoints: 10.244.2.3:80
Session Affinity: None
Events:
[root@k8master ~]#
[root@k8master ~]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
client 1/1 Running 0 17m run=client
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 54m pod-template-hash=86bf78c77,run=nginx-deploy
怎么修改nginx对外ip地址呢:
[root@k8master ~]# kubectl describe deployment nginx-deploy
Name: nginx-deploy
Namespace: default
CreationTimestamp: Tue, 13 Nov 2018 23:53:09 +0800
Labels: run=nginx-deploy
Annotations: deployment.kubernetes.io/revision: 1
Selector: run=nginx-deploy
Replicas: 1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: run=nginx-deploy
Containers:
nginx-deploy:
Image: nginx:1.14-alpine
Port: 80/TCP
Host Port: 0/TCP
Environment:
Mounts:
Volumes:
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets:
NewReplicaSet: nginx-deploy-86bf78c77 (1/1 replicas created)
Events:
root@k8master ~]# kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
[root@k8master ~]# kubectl get deployment -w
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
myapp 2 2 2 1 42s
nginx-deploy 1 1 1 1 64m
myapp 2 2 2 2 43s
部署多个:
[root@k8master ~]# kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/myapp created
[root@k8master ~]# kubectl get deployment -w
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
myapp 2 2 2 1 42s
nginx-deploy 1 1 1 1 64m
myapp 2 2 2 2 43s
^C[root@k8master ~]# kubectl expose deployment myapp --name=myapp --port=88
service/myapp exposed
[root@k8master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1
myapp ClusterIP 10.99.69.37
nginx ClusterIP 10.105.147.135
扩展:kubectl scale --replicas=3 ......
root@k8master ~]# kubectl scale --replicas=5 deployment myapp
deployment.extensions/myapp scaled
[root@k8master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 34m
myapp-6946649ccd-2nrn9 1/1 Running 0 14s
myapp-6946649ccd-4xjrs 1/1 Running 0 14s
myapp-6946649ccd-5ccwr 1/1 Running 0 8m7s
myapp-6946649ccd-7gzbj 1/1 Running 0 14s
myapp-6946649ccd-vw9dv 1/1 Running 0 8m7s
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 71m
缩减:
[root@k8master ~]# kubectl scale --replicas=3 deployment myapp
deployment.extensions/myapp scaled
[root@k8master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 35m
myapp-6946649ccd-2nrn9 0/1 Terminating 0 103s
myapp-6946649ccd-4xjrs 1/1 Running 0 103s
myapp-6946649ccd-5ccwr 1/1 Running 0 9m36s
myapp-6946649ccd-7gzbj 0/1 Terminating 0 103s
myapp-6946649ccd-vw9dv 1/1 Running 0 9m36s
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 73m
[root@k8master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 35m
myapp-6946649ccd-4xjrs 1/1 Running 0 112s
myapp-6946649ccd-5ccwr 1/1 Running 0 9m45s
myapp-6946649ccd-vw9dv 1/1 Running 0 9m45s
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 73m
[root@k8master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 35m
myapp-6946649ccd-4xjrs 1/1 Running 0 2m2s
myapp-6946649ccd-5ccwr 1/1 Running 0 9m55s
myapp-6946649ccd-vw9dv 1/1 Running 0 9m55s
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 73m
更新升级,改变镜像版本,
[root@k8master ~]# kubectl set image deployment myapp myapp=ikubernetes/myapp:v2
deployment.extensions/myapp image updated
[root@k8master ~]# kubectl rollout status deployment myapp 显示更新过程
[root@k8master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 41m
myapp-867c8bf765-5twnb 1/1 Running 0 2m25s
myapp-867c8bf765-7r2m7 1/1 Running 0 119s
myapp-867c8bf765-sbz9f 1/1 Running 0 2m1s
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 79m
回滚:rollout undo
[root@k8master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 43m
myapp-6946649ccd-t8mmn 1/1 Running 0 16s
myapp-6946649ccd-tgqp6 1/1 Running 0 13s
myapp-6946649ccd-zhpnc 1/1 Running 0 15s
nginx-deploy-86bf78c77-j7wqm 1/1 Running 0 81m
[root@k8master ~]# iptables -vnL
Chain INPUT (policy ACCEPT 1412 packets, 316K bytes)
pkts bytes target prot opt in out source destination
3648 226K KUBE-EXTERNAL-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW /* kubernetes externally-visible service portals */
866K 211M KUBE-FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
2 245 KUBE-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes forwarding rules */
1 85 DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0
1 85 DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
1 85 ACCEPT all -- * * 10.244.0.0/16 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 10.244.0.0/16
Chain OUTPUT (policy ACCEPT 1426 packets, 372K bytes)
pkts bytes target prot opt in out source destination
4244 259K KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW /* kubernetes service portals */
867K 245M KUBE-FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER (1 references)
pkts bytes target prot opt in out source destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
1 85 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
1 85 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain KUBE-EXTERNAL-SERVICES (1 references)
pkts bytes target prot opt in out source destination
Chain KUBE-FIREWALL (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes firewall for dropping marked packets */ mark match 0x8000/0x8000
Chain KUBE-FORWARD (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes forwarding rules */ mark match 0x4000/0x4000
0 0 ACCEPT all -- * * 10.244.0.0/16 0.0.0.0/0 /* kubernetes forwarding conntrack pod source rule */ ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- * * 0.0.0.0/0 10.244.0.0/16 /* kubernetes forwarding conntrack pod destination rule */ ctstate RELATED,ESTABLISHED
Chain KUBE-SERVICES (1 references)
pkts bytes target prot opt in out source destination
[root@k8master ~]# iptables -vnL -t nat
[root@k8master ~]# kubectl edit svc myapp
# Plese edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
creationTimestamp: 2018-11-13T17:00:31Z
labels:
run: myapp
name: myapp
namespace: default
resourceVersion: "10887"
selfLink: /api/v1/namespaces/default/services/myapp
uid: a1163e03-e765-11e8-9c0c-000c29a474fa
spec:
clusterIP: 10.99.69.37
ports: