weixin_33719619

Kubernetes(2) k8s资源，以及使用配置文件部署 Pod资源

本文会从资源基础定义开始讲起，在后面提供实验操作步骤。

在本章结束后应该对k8s 资源有个大概的理解，且自己手动通过模板定义的方法创建一个包括两个容器的 Pod 资源。

1 Kubernetes 中资源分类

详见 https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.13/#-strong-api-overview-strong-

Workload 类型

主要用于管理且运行集群中的容器，包括：

Container
Cronjob
DaemonSet
Deployment
Job
Pod
ReplicaSet
ReplicationController
StatefulSet

Service

该种类服务主要用于对于 Workload 资源的补充，比如提供对外服务，负载均衡。

Service Discovery
Load-Balance
Ingress

Config and Storage

该种类服务主要用于在应用中注入数据，以及对容器提供外部持久化数据。

ConfigMap
Secret
PersistentVolumeClaim
StorageClass
Volume
VolumeAttachment
CSI
...

Metadata

元数据用于配置集群内部资源行为，如：HorizontalPodAutoscaler for scaling workloads.

PodTemplate
LimitRange
Event
HorizontalPodAutoscaler(HPA)
...

Cluster

该资源定义了集群是如何配置的，通常是管理员权限级别的操作

Namespace
Node
Role
ClusterRole
Persisitentvolume
RoleBinding
ClusterRoleBinding
...

2. 提取Kubernetes 资源信息

展示运行的 Pod 资源

[root@k8smaster ~]# kubectl get pod
NAME                     READY   STATUS    RESTARTS   AGE
nginx-79976cbb47-8dqnk   1/1     Running   0          3h
nginx-79976cbb47-p247g   1/1     Running   0          3h
nginx-79976cbb47-ppbqv   1/1     Running   0          3h

展示 Pod 如何配置的（-o yaml 将输出转换为 yaml 格式）：

[root@k8smaster ~]# kubectl get pod nginx-79976cbb47-ppbqv -o yaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2019-01-03T13:34:16Z"
  generateName: nginx-79976cbb47-
  labels:
    pod-template-hash: "3553276603"
    run: nginx
  name: nginx-79976cbb47-ppbqv
  namespace: default
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: ReplicaSet
    name: nginx-79976cbb47
    uid: 43cecba5-0f5c-11e9-8668-000c297191df
  resourceVersion: "39591"
  selfLink: /api/v1/namespaces/default/pods/nginx-79976cbb47-ppbqv
  uid: 43d50008-0f5c-11e9-8668-000c297191df
spec:
  containers:
  - image: nginx:1.14-alpine
    imagePullPolicy: IfNotPresent
    name: nginx
    ports:
    - containerPort: 80
      protocol: TCP
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: default-token-rxs5t
      readOnly: true
  dnsPolicy: ClusterFirst
  nodeName: k8snode1
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: default
  serviceAccountName: default
  terminationGracePeriodSeconds: 30
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 300
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 300
  volumes:
  - name: default-token-rxs5t
    secret:
      defaultMode: 420
      secretName: default-token-rxs5t
status:
  conditions:
  - lastProbeTime: null
    lastTransitionTime: "2019-01-03T13:34:16Z"
    status: "True"
    type: Initialized
  - lastProbeTime: null
    lastTransitionTime: "2019-01-03T13:34:18Z"
    status: "True"
    type: Ready
  - lastProbeTime: null
    lastTransitionTime: null
    status: "True"
    type: ContainersReady
  - lastProbeTime: null
    lastTransitionTime: "2019-01-03T13:34:16Z"
    status: "True"
    type: PodScheduled
  containerStatuses:
  - containerID: docker://3d438e181572b2072cee7c7794914e94ee1df133d06cf32193d964c29f879525
    image: nginx:1.14-alpine
    imageID: docker-pullable://nginx@sha256:e3f77f7f4a6bb5e7820e013fa60b96602b34f5704e796cfd94b561ae73adcf96
    lastState: {}
    name: nginx
    ready: true
    restartCount: 0
    state:
      running:
        startedAt: "2019-01-03T13:34:17Z"
  hostIP: 172.16.0.12
  phase: Running
  podIP: 10.244.1.6
  qosClass: BestEffort
  startTime: "2019-01-03T13:34:16Z"

3 资源对象

通常资源对象有三种组件:

Resource ObjectMeta: 这种信息主要描述资源的元信息比如：名字，类型，api 版本，标注，标签等。这些属性可以使用户自定义也可以是系统自动分配的
ResourceSpec: 主要有用户自定义，描述了对系统期望的状态，且应用于创建或更新资源时
ResourceStatus: 主要有系统自动填写，用于显示当前系统状态等信息。通常用户不需要自己手动更改

4 资源模板的格式

4.1 API 名称

apiVersion
kind
spec
metadata
etc.

4.2 组名称

core (by default, if it is not mentioned)
apps
batch
extensions
...

4.3 版本号r

v1 (stable version)
v1beta
...

例如 apiVersion: v1 表示： apiVersion API 名称; group 为 core (by default); version 为 v1

5 第一级别 Attributes for K8s模板

这里是 5 种常见模板attributes, 前四个应该由用户自定义:

apiVersion: group/version
kind: 资源类型-如：pod, service, deployment 等.
metadata: 元信息如：name, namespace, labels, annotations (optional)
spec (期望状态；disired state)
status (由 kubernetes 自动维护)

用户可使用 "kubectl explain {resource type}" 展示详细信息

例如展示 Pod 定义信息：

[root@k8smaster ~]# kubectl explain pod
KIND:     Pod
VERSION:  v1

DESCRIPTION:
     Pod is a collection of containers that can run on a host. This resource is
     created by clients and scheduled onto hosts.

FIELDS:
   apiVersion    <string>
     APIVersion defines the versioned schema of this representation of an
     object. Servers should convert recognized schemas to the latest internal
     value, and may reject unrecognized values. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

   kind    <string>
     Kind is a string value representing the REST resource this object
     represents. Servers may infer this from the endpoint the client submits
     requests to. Cannot be updated. In CamelCase. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

   metadata