kubernetes资源清单定义入门
Kubernetes资源清单定义
Kubernetes是ReSTful风格的API
GET,PUT,DELETE,POST
kubectl run ,get,edit
资源,对象
workload:Pod,Replicaset,Statefulset,Daemonset,job,Cronjob等
服务发现和负载均衡:service,Ingress..
配置和存储:Volume,CSI
ConfigMap,Secret
DownwardAPI
集群级的资源
Namespace,Node,Role,ClusterRole,RoleBinding(角色绑定),ClusterRoleBinding(集群角色绑定)
元数据型资源
HPA,PodTemplate(控制器创建的模板),LimitRange(资源限制模板)
api群组三个级别:apiversion
内测版
beta 测试版本 公测 (不稳定)
v1 稳定版
一般时候可以使用配置清单来创建
我们来查看一下之前创建的Pod
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 11h
myapp-848b5b879b-4xpl7 1/1 Running 0 10h
myapp-848b5b879b-7gtn4 1/1 Running 0 10h
myapp-848b5b879b-xtcdd 1/1 Running 0 10h
nginx-deploy-5b595999-fsxlp 1/1 Running 0 11h[root@master ~]# kubectl get pod myapp-848b5b879b-4xpl7
NAME READY STATUS RESTARTS AGE
myapp-848b5b879b-4xpl7 1/1 Running 0 10h
[root@master ~]# kubectl get pod myapp-848b5b879b-4xpl7 -o yaml
apiVersion: v1
kind: Pod #类别
metadata: #嵌套字段
creationTimestamp: 2018-09-04T17:07:58Z
generateName: myapp-848b5b879b-
labels:
pod-template-hash: "4046164356"
run: myapp
name: myapp-848b5b879b-4xpl7
namespace: default
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: myapp-848b5b879b
uid: 41924f50-b061-11e8-a432-000c29f33006
resourceVersion: "10899"
selfLink: /api/v1/namespaces/default/pods/myapp-848b5b879b-4xpl7
uid: 1259f6af-b065-11e8-a432-000c29f33006
spec: #非常重要的字段,资源规范
containers:
- image: ikubernetes/myapp:v1
imagePullPolicy: IfNotPresent
name: myapp
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: default-token-8zzcr
readOnly: true
dnsPolicy: ClusterFirst
nodeName: node1
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: default-token-8zzcr
secret:
defaultMode: 420
secretName: default-token-8zzcr
status:#只读的字段
conditions:
- lastProbeTime: null
lastTransitionTime: 2018-09-04T17:07:57Z
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: 2018-09-04T17:07:58Z
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: null
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: 2018-09-04T17:07:58Z
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://8e757445c75729e865de6462d7dc4e849909776f8a34657ceab3f11baf569c0d
image: ikubernetes/myapp:v1
imageID: docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
lastState: {}
name: myapp
ready: true
restartCount: 0
state:
running:
startedAt: 2018-09-04T17:07:58Z
hostIP: 192.168.68.20
phase: Running
podIP: 10.244.1.8
qosClass: BestEffort
startTime: 2018-09-04T17:07:57Z创建资源的方法:
apiserver仅仅接收JSON格式的资源定义;
yaml格式提供的配置清单,apiserver可以自动将其转化为json格式,而后在提交
大部分资源的格式清单:
apiVersion 创建属于哪个群组和哪个版本,注意大小写 kubectl api-versions获取
kind:资源类别
metadata:元数据
name
namespace
labels 标签
annotations
每个资源引用的路径PATH
/api/GROUP/VERSION/namespaces/NAMESPACE/TYPE/NAME
大写的替换
spec:期望的状态:disired state
status:当前状态,current state,本字段有kubernets自己创建,让当前的状态向期望的状态靠近
查看pod资源如何定义kubectl explain pods
创建第一个yaml文件:一个pod上面创建的两个容器
[root@master manifests]# cat pod-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod-demo
namespace: default
labels:
app: myapp
tier: frontend
spec:
containers:
- name: myapp
image: ikubernetes/myapp:v1
- name: busybox
image: busybox:latest
command:
- "/bin/sh"
- "-c"
- "sleep 3600"开始创建:kubectl create -f pod-demo.yaml
查看自己的创建:kubectl get pod
[root@master manifests]# kubectl get pod
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 13h
myapp-848b5b879b-4xpl7 1/1 Running 0 12h
myapp-848b5b879b-7gtn4 1/1 Running 0 12h
myapp-848b5b879b-xtcdd 1/1 Running 0 12h
nginx-deploy-5b595999-fsxlp 1/1 Running 0 13h
pod-demo 2/2 Running 0 1m
删除自己的创建:kubectl delete -f pod-demo.yaml
获取刚创建pod-demo的详细信息:
kubectl describe pods pod-demo
[root@master manifests]# kubectl describe pods pod-demo
Name: pod-demo #资源名
Namespace: default #名称空间
Priority: 0
PriorityClassName:
Node: node2/192.168.68.30 #运行在哪个节点
Start Time: Wed, 05 Sep 2018 13:33:26 +0800
Labels: app=myapp #标签
tier=frontend
Annotations:
Status: Running
IP: 10.244.2.10
Containers:
myapp: #第一个容器
Container ID: docker://aa6be83a949e31c1935fe607e9238fd3bc64b51bfa851350ea502c31371d07e4
Image: ikubernetes/myapp:v1
Image ID: docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
Port:
Host Port:
State: Running
Started: Wed, 05 Sep 2018 13:33:26 +0800
Ready: True
Restart Count: 0
Environment:
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-8zzcr (ro)
busybox: #第二个容器
Container ID: docker://942c9ee53afcc890cbd1471877c5ecca238a8eb9de40fd5399bc3bbfd9e42d28
Image: busybox:latest
Image ID: docker-pullable://busybox@sha256:cb63aa0641a885f54de20f61d152187419e8f6b159ed11a251a09d115fdff9bd
Port:
Host Port:
Command:
/bin/sh
-c
sleep 3600
State: Running
Started: Wed, 05 Sep 2018 13:33:31 +0800
Ready: True
Restart Count: 0
Environment:
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-8zzcr (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-8zzcr:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-8zzcr
Optional: false
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events: #创建的详细信息
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 3m default-scheduler Successfully assigned default/pod-demo to node2
Normal Pulled 3m kubelet, node2 Container image "ikubernetes/myapp:v1" already present on machine
Normal Created 3m kubelet, node2 Created container
Normal Started 3m kubelet, node2 Started container
Normal Pulling 3m kubelet, node2 pulling image "busybox:latest"
Normal Pulled 3m kubelet, node2 Successfully pulled image "busybox:latest"
Normal Created 3m kubelet, node2 Created container
Normal Started 3m kubelet, node2 Started container
查看myapp的访问日志:
[root@master manifests]# curl 10.244.2.10 #ip是上面生成的
Hello MyApp | Version: v1 | Pod Name
[root@master manifests]# kubectl logs pod-demo myapp
10.244.0.0 - - [05/Sep/2018:05:45:35 +0000] "GET / HTTP/1.1" 200 65 "-" "curl/7.29.0" "-"
10.244.0.0 - - [05/Sep/2018:05:45:44 +0000] "GET / HTTP/1.1" 200 65 "-" "curl/7.29.0" "-"
pod创建的监控:
kubectl get pods -w
删除pod-demo项目:
[root@master manifests]# kubectl delete pods pod-demo
pod "pod-demo" deleted
[root@master manifests]# kubectl get pod
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 13h
myapp-848b5b879b-4xpl7 1/1 Running 0 12h
myapp-848b5b879b-7gtn4 1/1 Running 0 12h
myapp-848b5b879b-xtcdd 1/1 Running 0 12h
nginx-deploy-5b595999-fsxlp 1/1 Running 0 13h
通过kubectl api-versions 可以查看api的版本
[root@master ~]# kubectl api-versions
admissionregistration.k8s.io/v1beta1
apiextensions.k8s.io/v1beta1
apiregistration.k8s.io/v1
apiregistration.k8s.io/v1beta1
apps/v1
apps/v1beta1
apps/v1beta2
authentication.k8s.io/v1
authentication.k8s.io/v1beta1 #公测版本
authorization.k8s.io/v1
authorization.k8s.io/v1beta1
autoscaling/v1
autoscaling/v2beta1
batch/v1
batch/v1beta1
certificates.k8s.io/v1beta1
events.k8s.io/v1beta1
extensions/v1beta1
networking.k8s.io/v1
policy/v1beta1
rbac.authorization.k8s.io/v1
rbac.authorization.k8s.io/v1beta1
scheduling.k8s.io/v1beta1
storage.k8s.io/v1
storage.k8s.io/v1beta1
v1