kubernetes核心概念 Service
kubernetes核心概念 Service
- kubernetes核心概念 Service
- 一、 service作用
- 二、kube-proxy三种代理模式
-
- 2.1 UserSpace模式
- 2.2 iptables模式
- 2.3 ipvs模式
- 2.4 iptables与ipvs对比
- 三、 service类型
-
- 3.1 service类型
- 3.2 Service参数
- 四、 Service创建
-
- 4.1 ClusterIP类型
-
- 4.1.1 普通ClusterIP Service创建
-
- 4.1.1.1 命令行创建Service
- 4.1.1.2 通过资源清单文件创建Service
- 4.1.1.3 访问
- 4.1.1.4 两个pod里做成不同的主页方便测试负载均衡
- 4.1.1.5 测试
- 4.1.2 Headless Service
-
- 4.1.2.1 编写用于创建Deployment控制器类型的资源清单文件
- 4.1.2.2 通过资源清单文件创建headless Service
- 4.1.2.3 应用资源清单文件创建headless Service
- 4.1.2.4 查看已创建的headless Service
- 4.1.2.5 DNS
-
- 4.1.2.5.1 查看kube-dns服务的IP
- 4.1.2.5.2 在集群主机通过DNS服务地址查找无头服务的dns解析
- 4.1.2.5.3 验证pod的IP
- 4.1.2.5.4 在集群中创建一个pod验证
- 4.2 NodePort类型
- 4.3 LoadBalancer
-
- 4.3.1 集群外访问过程
-
- 用户
- 域名
- 云服务提供商提供LB服务
- NodeIP:Port(service IP)
- Pod IP:端口
- 4.3.2 自建Kubernetes的LoadBalancer类型服务方案-MetalLB
-
- 4.3.2.1 参考资料
- 4.3.2.2 应用资源清单文件
- 4.3.2.3 准备metallb配置文件
- 4.3.2.4发布Service类型为LoadBalancer的Deployment控制器类型应用
- 4.3.2.5 验证
- 4.3.2.6 访问
- 4.4 ExternalName
-
- 4.4.1 ExternalName作用
- 4.4.2 将公网域名引入
- 4.4.3 不同命名空间访问
- 五、sessionAffinity
- 六、修改为ipvs调度方式(拓展)
-
- 6.1 修改为IPVS调度方式前升级内核
- 6.2 修改kube-proxy的配置文件
- 6.3 查看kube-system的namespace中kube-proxy有关的pod
- 6.4 验证kube-proxy-xxx的pod中的信息
- 6.5 重新启动kube-proxy
kubernetes核心概念 Service
一、 service作用
使用 kubernetes 集群运行工作负载时,由于Pod经常处于用后即焚状态,Pod经常被重新生成,因此Pod对应的IP地址也会经常变化,导致无法直接访问Pod提供的服务,Kubernetes中使用了Service来解决这一问题,即在Pod前面使用Service对Pod进行代理,无论Pod怎样变化 ,只要有Label,就可以让Service能够联系上Pod,把PodIP地址添加到Service对应的端点列表(Endpoints)实现对Pod IP跟踪,进而实现通过Service访问Pod。
- 通过service为pod客户端提供访问pod的方法,即客户端访问pod入口
- 通过标签动态感知pod IP地址变化等
- 防止pod失联
- 定义访问pod访问策略
- 通过label-selector相关联
- 通过Service实现Pod的负载均衡(TCP/UDP 4层)
- 底层实现由kube-proxy通过userspace、iptables、ipvs三种代理模式
二、kube-proxy三种代理模式
-
kubernetes集群中有三层网络,一类是真实存在的,例如Node Network、Pod Network,提供真实IP地址;一类是虚拟的,例如Cluster Network或Service Network,提供虚拟IP地址,不会出现在接口上,仅会出现在Service当中
-
kube-proxy始终watch(监控)kube-apiserver上关于Service相关的资源变动状态,一旦获取相关信息kube-proxy都要把相关信息转化为当前节点之上的,能够实现Service资源调度到特定Pod之上的规则,进而实现访问Service就能够获取Pod所提供的服务
-
kube-proxy三种代理模式:UserSpace模式、iptables模式、ipvs模式
2.1 UserSpace模式
userspace 模式是 kube-proxy 使用的第一代模式,该模式在 kubernetes v1.0 版本开始支持使用。
userspace 模式的实现原理:
kube-proxy 会为每个 Service 随机监听一个端口(proxy port),并增加一条 iptables 规则。所以通过 ClusterIP:Port 访问 Service 的报文都 redirect 到 proxy port,kube-proxy 从它监听的 proxy port 收到报文以后,走 round robin(默认) 或是 session affinity(会话亲和力,即同一 client IP 都走同一链路给同一 pod 服务),分发给对应的 pod。
由于 userspace 模式会造成所有报文都走一遍用户态(也就是 Service 请求会先从用户空间进入内核 iptables,然后再回到用户空间,由 kube-proxy 完成后端 Endpoints 的选择和代理工作),需要在内核空间和用户空间转换,流量从用户空间进出内核会带来性能损耗,所以这种模式效率低、性能不高,不推荐使用。
2.2 iptables模式
iptables 模式是 kube-proxy 使用的第二代模式,该模式在 kubernetes v1.1 版本开始支持,从 v1.2 版本开始成为 kube-proxy 的默认模式。
iptables 模式的负载均衡模式是通过底层 netfilter/iptables 规则来实现的,通过 Informer 机制 Watch 接口实时跟踪 Service 和 Endpoint 的变更事件,并触发对 iptables 规则的同步更新。
iptables 模式的实现原理图示如下:
通过图示我们可以发现在 iptables 模式下,kube-proxy 只是作为 controller,而不是 server,真正服务的是内核的 netfilter,体现在用户态的是 iptables。所以整体的效率会比 userspace 模式高。
2.3 ipvs模式
ipvs 模式被 kube-proxy 采纳为第三代模式,模式在 kubernetes v1.8 版本开始引入,在 v1.9 版本中处于 beta 阶段,在 v1.11 版本中正式开始使用。
ipvs(IP Virtual Server) 实现了传输层负载均衡,也就是 4 层交换,作为 Linux 内核的一部分。ipvs运行在主机上,在真实服务器前充当负载均衡器。ipvs 可以将基于 TCP 和 UDP 的服务请求转发到真实服务器上,并使真实服务器上的服务在单个 IP 地址上显示为虚拟服务。
ipvs 模式的实现原理图示如下:
ipvs 和 iptables 都是基于 netfilter 的,那么 ipvs 模式有哪些更好的性能呢?
- ipvs 为大型集群提供了更好的可拓展性和性能
- ipvs 支持比 iptables 更复杂的负载均衡算法(包括:最小负载、最少连接、加权等)
- ipvs 支持服务器健康检查和连接重试等功能
- 可以动态修改 ipset 的集合,即使 iptables 的规则正在使用这个集合
ipvs 依赖于 iptables。ipvs 会使用 iptables 进行包过滤、airpin-masquerade tricks(地址伪装)、SNAT 等功能,但是使用的是 iptables 的扩展 ipset,并不是直接调用 iptables 来生成规则链。通过 ipset 来存储需要 DROP 或 masquerade 的流量的源或目标地址,用于确保 iptables 规则的数量是恒定的,这样我们就不需要关心有多少 Service 或是 Pod 了。
使用 ipset 相较于 iptables 有什么优点呢?iptables 是线性的数据结构,而 ipset 引入了带索引的数据结构,当规则很多的时候,ipset 依然可以很高效的查找和匹配。我们可以将 ipset 简单理解为一个 IP(段) 的集合,这个集合的内容可以是 IP 地址、IP 网段、端口等,iptables 可以直接添加规则对这个“可变的集合进行操作”,这样就可以大大减少 iptables 规则的数量,从而减少性能损耗。
举一个例子,如果我们要禁止成千上万个 IP 访问我们的服务器,如果使用 iptables 就需要一条一条的添加规则,这样会在 iptables 中生成大量的规则;如果用 ipset 就只需要将相关的 IP 地址(网段)加入到 ipset 集合中,然后只需要设置少量的 iptables 规则就可以实现这个目标。
下面的表格是 ipvs 模式下维护的 ipset 表集合:
| 设置名称 | 成员 | 用法 |
|---|---|---|
| KUBE-CLUSTER-IP | 所有服务 IP + 端口 | 在 masquerade-all=true 或 clusterCIDR 指定的情况下对 Service Cluster IP 地址进行伪装,解决数据包欺骗问题 |
| KUBE-LOOP-BACK | 所有服务 IP + 端口 + IP | 解决数据包欺骗问题 |
| KUBE-EXTERNAL-IP | 服务外部 IP + 端口 | 将数据包伪装成 Service 的外部 IP 地址 |
| KUBE-LOAD-BALANCER | 负载均衡器入口 IP + 端口 | 将数据包伪装成 Load Balancer 类型的 Service |
| KUBE-LOAD-BALANCER-LOCAL | 负载均衡器入口 IP + 端口 以及externalTrafficPolicy=local |
接受数据包到 Load Balancer externalTrafficPolicy=local |
| KUBE-LOAD-BALANCER-FW | 负载均衡器入口 IP + 端口 以及loadBalancerSourceRanges |
使用指定的 loadBalancerSourceRanges 丢弃 Load Balancer 类型 Service 的数据包 |
| KUBE-LOAD-BALANCER-SOURCE-CIDR | 负载均衡器入口 IP + 端口 + 源 CIDR | 接受 Load Balancer 类型 Service 的数据包,并指定 loadBalancerSourceRanges |
| KUBE-NODE-PORT-TCP | NodePort 类型服务 TCP 端口 | 将数据包伪装成 NodePort(TCP) |
| KUBE-NODE-PORT-LOCAL-TCP | NodePort 类型服务 TCP 端口,带有externalTrafficPolicy=local |
接受数据包到 NodePort 服务,使用 externalTrafficPolicy=local |
| KUBE-NODE-PORT-UDP | NodePort 类型服务 UDP 端口 | 将数据包伪装成 NodePort(UDP) |
| KUBE-NODE-PORT-LOCAL-UDP | NodePort 类型服务 UDP 端口,使用externalTrafficPolicy=local |
接受数据包到 NodePort 服务,使用 externalTrafficPolicy=local |
2.4 iptables与ipvs对比
-
iptables
- 工作在内核空间
- 优点
- 灵活,功能强大(可以在数据包不同阶段对包进行操作)
- 缺点
- 表中规则过多时,响应变慢,即规则遍历匹配和更新,呈线性时延
-
ipvs
- 工作在内核空间
- 优点
- 转发效率高
- 调度算法丰富:rr,wrr,lc,wlc,ip hash…
- 缺点
- 内核支持不全,低版本内核不能使用,需要升级到4.0或5.0以上。
-
使用iptables与ipvs时机
- 1.10版本之前使用iptables(1.1版本之前使用UserSpace进行转发)
- 1.11版本之后同时支持iptables与ipvs,默认使用ipvs,如果ipvs模块没有加载时,会自动降级至iptables
三、 service类型
Service类型决定了访问Service的方法
3.1 service类型
-
ClusterIP
- 默认,分配一个集群内部可以访问的虚拟IP
-
NodePort
- 在每个Node上分配一个端口作为外部访问入口
- nodePort端口范围为:30000-32767
-
LoadBalancer
- 工作在特定的Cloud Provider上,例如Google Cloud,AWS,OpenStack
-
ExternalName
- 表示把集群外部的服务引入到集群内部中来,即实现了集群内部pod和集群外部的服务进行通信
3.2 Service参数
-
port 访问service使用的端口
-
targetPort Pod中容器端口
-
nodePort 通过Node实现外网用户访问k8s集群内service (30000-32767)
四、 Service创建
Service的创建在工作中有两种方式,一是命令行创建,二是通过资源清单文件YAML文件创建。
4.1 ClusterIP类型
ClusterIP根据是否生成ClusterIP又可分为普通Service和Headless Service
Service两类:
- 普通Service:
为Kubernetes的Service分配一个集群内部可访问的固定虚拟IP(Cluster IP), 实现集群内的访问。
- Headless Service:
该服务不会分配Cluster IP, 也不通过kube-proxy做反向代理和负载均衡。而是通过DNS提供稳定的网络ID来访问,DNS会将headless service的后端直接解析为pod IP列表。
4.1.1 普通ClusterIP Service创建
4.1.1.1 命令行创建Service
- 创建Deployment类型的应用
[root@k8s-master01 ~]# cat 01_create_deployment_app_nginx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-server1
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: c1
image: nginx:1.15-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
- 应用资源清单文件
[root@k8s-master01 ~]# kubectl apply -f 01_create_deployment_app_nginx.yaml
- 验证Deployment类型的创建情况
[root@k8s-master01 ~]# kubectl get deployment.apps
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-server1 2/2 2 2 13s
- 创建ClusterIP类型service与Deployment类型应用关联
命令创建service
[root@k8s-master01 ~]# kubectl expose deployment.apps nginx-server1 --type=ClusterIP --target-port=80 --port=80
service/nginx-server1 exposed
说明
expose 创建service
deployment.apps 控制器类型
nginx-server1 应用名称,也是service名称
--type=ClusterIP 指定service类型
--target-port=80 指定Pod中容器端口
--port=80 指定service端口
4.1.1.2 通过资源清单文件创建Service
[root@k8s-master01 ~]# cat 02_create_deployment_app_nginx_with_service.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-server1
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx-smart
image: nginx:1.15-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx-svc
spec:
type: ClusterIP
ports:
- protocol: TCP
port: 80
targetPort: 80
selector:
app: nginx
[root@k8s-master01 ~]# kubectl apply -f 02_create_deployment_app_nginx_with_service.yaml
- 验证
查看service
[root@k8s-master01 ~]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 443/TCP 4d15h
nginx-svc ClusterIP 10.101.153.50 80/TCP 3s
查看endpoints
[root@k8s-master01 ~]# kubectl get endpoints
NAME ENDPOINTS AGE
kubernetes 192.168.122.30:6443 4d15h
nginx-svc 172.16.189.74:80,172.16.235.150:80 8s
查看Pod
[root@k8s-master01 ~]# kubectl get pods -l app=nginx
NAME READY STATUS RESTARTS AGE
nginx-server1-77d4c485d8-gsrmq 1/1 Running 0 12s
nginx-server1-77d4c485d8-mmc52 1/1 Running 0 12s
4.1.1.3 访问
[root@k8s-master01 ~]# curl http://10.101.153.50:80
<!DOCTYPE html>
Welcome to nginx!<<span class="token operator">/</span>title>
<style>
body <span class="token punctuation">{</span>
width: 35em<span class="token punctuation">;</span>
margin: 0 auto<span class="token punctuation">;</span>
font-family: Tahoma<span class="token punctuation">,</span> Verdana<span class="token punctuation">,</span> Arial<span class="token punctuation">,</span> sans-serif<span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<<span class="token operator">/</span>style>
<<span class="token operator">/</span>head>
<body>
<h1>Welcome to nginx!<<span class="token operator">/</span>h1>
<p><span class="token keyword">If</span> you see this page<span class="token punctuation">,</span> the nginx web server is successfully installed and
working<span class="token punctuation">.</span> Further configuration is required<span class="token punctuation">.</span><<span class="token operator">/</span>p>
<p><span class="token keyword">For</span> online documentation and support please refer to
<a href=<span class="token string">"http://nginx.org/"</span>>nginx<span class="token punctuation">.</span>org<<span class="token operator">/</span>a><span class="token punctuation">.</span><br/>
Commercial support is available at
<a href=<span class="token string">"http://nginx.com/"</span>>nginx<span class="token punctuation">.</span>com<<span class="token operator">/</span>a><span class="token punctuation">.</span><<span class="token operator">/</span>p>
<p><em>Thank you <span class="token keyword">for</span> <span class="token keyword">using</span> nginx<span class="token punctuation">.</span><<span class="token operator">/</span>em><<span class="token operator">/</span>p>
<<span class="token operator">/</span>body>
<<span class="token operator">/</span>html>
</code></pre>
<h4>4.1.1.4 两个pod里做成不同的主页方便测试负载均衡</h4>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it nginx-server1-77d4c485d8-gsrmq -- /bin/bash</span>
root@deployment-nginx-6fcfb67547-nv7dn:<span class="token operator">/</span><span class="token comment"># cd /usr/share/nginx/html/</span>
root@deployment-nginx-6fcfb67547-nv7dn:<span class="token operator">/</span>usr/share/nginx/html<span class="token comment"># echo web1 > index.html</span>
root@deployment-nginx-6fcfb67547-nv7dn:<span class="token operator">/</span>usr/share/nginx/html<span class="token comment"># exit</span>
<span class="token keyword">exit</span>
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it nginx-server1-77d4c485d8-mmc52 -- /bin/bash</span>
root@deployment-nginx-6fcfb67547-rqrcw:<span class="token operator">/</span><span class="token comment"># cd /usr/share/nginx/html/</span>
root@deployment-nginx-6fcfb67547-rqrcw:<span class="token operator">/</span>usr/share/nginx/html<span class="token comment"># echo web2 > index.html</span>
root@deployment-nginx-6fcfb67547-rqrcw:<span class="token operator">/</span>usr/share/nginx/html<span class="token comment"># exit</span>
<span class="token keyword">exit</span>
</code></pre>
<h4>4.1.1.5 测试</h4>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># curl 10.101.153.50</span>
或
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># while true;do curl 10.101.153.50;sleep 1; done</span>
</code></pre>
<h3>4.1.2 Headless Service</h3>
<ul>
<li>普通的ClusterIP service是service name解析为cluster ip,然后cluster ip对应到后面的pod ip</li>
<li>Headless service是指service name 直接解析为后面的pod ip</li>
</ul>
<h4>4.1.2.1 编写用于创建Deployment控制器类型的资源清单文件</h4>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># cat 03_create_deployment_app_nginx.yaml</span>
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-server1
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
<span class="token operator">-</span> name: nginx-smart
image: nginx:1<span class="token punctuation">.</span>15-alpine
imagePullPolicy: IfNotPresent
ports:
<span class="token operator">-</span> containerPort: 80
</code></pre>
<h4>4.1.2.2 通过资源清单文件创建headless Service</h4>
<pre><code class="prism language-powershell">编写YAML文件
命令
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># vim 04_headless-service.yml</span>
apiVersion: v1
kind: Service
metadata:
name: headless-service
namespace: default
spec:
<span class="token function">type</span>: ClusterIP <span class="token comment"># ClusterIP类型,也是默认类型</span>
clusterIP: None <span class="token comment"># None就代表是无头service</span>
ports: <span class="token comment"># 指定service 端口及容器端口</span>
<span class="token operator">-</span> port: 80 <span class="token comment"># service ip中的端口</span>
protocol: TCP
targetPort: 80 <span class="token comment"># pod中的端口</span>
selector: <span class="token comment"># 指定后端pod标签</span>
app: nginx <span class="token comment"># 可通过kubectl get pod -l app=nginx查看哪些pod在使用此标签</span>
</code></pre>
<h4>4.1.2.3 应用资源清单文件创建headless Service</h4>
<pre><code class="prism language-powershell">命令
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl apply -f 04_headless_service.yml</span>
输出
service/headless-service created
</code></pre>
<h4>4.1.2.4 查看已创建的headless Service</h4>
<pre><code class="prism language-powershell">命令
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get svc</span>
输出
NAME <span class="token function">TYPE</span> CLUSTER-IP EXTERNAL-IP PORT<span class="token punctuation">(</span>S<span class="token punctuation">)</span> AGE
headless-service ClusterIP None <none> 80/TCP 2m18s
kubernetes ClusterIP 10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>1 <none> 443/TCP 5d9h
可以看到headless-service没有CLUSTER-IP<span class="token punctuation">,</span>用None表示
</code></pre>
<h4>4.1.2.5 DNS</h4>
<p>DNS服务监视Kubernetes API,为每一个Service创建DNS记录用于域名解析</p>
<p>headless service需要DNS来解决访问问题</p>
<p>DNS记录格式为:<code> <service-name>.<namespace-name>.svc.cluster.local.</code></p>
<h5>4.1.2.5.1 查看kube-dns服务的IP</h5>
<pre><code class="prism language-powershell">命令
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get svc -n kube-system</span>
NAME <span class="token function">TYPE</span> CLUSTER-IP EXTERNAL-IP PORT<span class="token punctuation">(</span>S<span class="token punctuation">)</span> AGE
kube-dns ClusterIP 10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>2 <none> 53/UDP<span class="token punctuation">,</span>53/TCP<span class="token punctuation">,</span>9153/TCP 5d9h
metrics-server ClusterIP 10<span class="token punctuation">.</span>105<span class="token punctuation">.</span>219<span class="token punctuation">.</span>44 <none> 443/TCP 45h
查看到coreDNS的服务地址是10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>2
</code></pre>
<h5>4.1.2.5.2 在集群主机通过DNS服务地址查找无头服务的dns解析</h5>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># dig -t A headless-service.default.svc.cluster.local. @10.96.0.2</span>
<span class="token punctuation">;</span> <<>> DiG 9<span class="token punctuation">.</span>11<span class="token punctuation">.</span>4-P2-RedHat-9<span class="token punctuation">.</span>11<span class="token punctuation">.</span>4-16<span class="token punctuation">.</span>P2<span class="token punctuation">.</span>el7_8<span class="token punctuation">.</span>2 <<>> <span class="token operator">-</span>t A headless-service<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> @10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>2
<span class="token punctuation">;</span><span class="token punctuation">;</span> global options: <span class="token operator">+</span>cmd
<span class="token punctuation">;</span><span class="token punctuation">;</span> Got answer:
<span class="token punctuation">;</span><span class="token punctuation">;</span> WARNING: <span class="token punctuation">.</span>local is reserved <span class="token keyword">for</span> Multicast DNS
<span class="token punctuation">;</span><span class="token punctuation">;</span> You are currently testing what happens when an mDNS query is leaked to DNS
<span class="token punctuation">;</span><span class="token punctuation">;</span> <span class="token operator">-</span>>>HEADER<<<span class="token operator">-</span> opcode: QUERY<span class="token punctuation">,</span> status: NOERROR<span class="token punctuation">,</span> id: 31371
<span class="token punctuation">;</span><span class="token punctuation">;</span> flags: qr aa <span class="token function">rd</span><span class="token punctuation">;</span> QUERY: 1<span class="token punctuation">,</span> ANSWER: 1<span class="token punctuation">,</span> AUTHORITY: 0<span class="token punctuation">,</span> ADDITIONAL: 1
<span class="token punctuation">;</span><span class="token punctuation">;</span> WARNING: recursion requested but not available
<span class="token punctuation">;</span><span class="token punctuation">;</span> OPT PSEUDOSECTION:
<span class="token punctuation">;</span> EDNS: version: 0<span class="token punctuation">,</span> flags:<span class="token punctuation">;</span> udp: 4096
<span class="token punctuation">;</span><span class="token punctuation">;</span> QUESTION SECTION:
<span class="token punctuation">;</span>headless-service<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> IN A <span class="token comment">#被解析域名</span>
<span class="token punctuation">;</span><span class="token punctuation">;</span> ANSWER SECTION:
headless-service<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> 30 IN A 10<span class="token punctuation">.</span>224<span class="token punctuation">.</span>235<span class="token punctuation">.</span>147 <span class="token comment">#注意这里IP</span>
<span class="token punctuation">;</span><span class="token punctuation">;</span> Query time: 0 msec
<span class="token punctuation">;</span><span class="token punctuation">;</span> SERVER: 10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>10<span class="token comment">#53(10.96.0.2)</span>
<span class="token punctuation">;</span><span class="token punctuation">;</span> WHEN: Sun May 17 10:58:50 CST 2020
<span class="token punctuation">;</span><span class="token punctuation">;</span> MSG SIZE rcvd: 129
</code></pre>
<h5>4.1.2.5.3 验证pod的IP</h5>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pod -o wide</span>
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deployment-56bf6c9c8c-jmk7r 1/1 Running 0 35m 10<span class="token punctuation">.</span>224<span class="token punctuation">.</span>235<span class="token punctuation">.</span>147 worker02 <none> <none>
</code></pre>
<h5>4.1.2.5.4 在集群中创建一个pod验证</h5>
<blockquote>
<p>创建一个镜像为busyboxplus:curl的pod,pod名称为bb2,用来解析域名</p>
</blockquote>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl run bbp --image=busyboxplus:curl -it</span>
<span class="token namespace">[root@master01 ~]</span><span class="token comment"># kubectl run bbp --image=1.28 -it</span>
<span class="token keyword">If</span> you don<span class="token string">'t see a command prompt, try pressing enter.
解析域名
nslookup headless-service.default.svc.cluster.local.
访问命令
[ root@bbp:/ ]$ curl http://headless-service.default.svc.cluster.local.
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
nginx.org.
Commercial support is available at
nginx.com.
Thank you for using nginx.
[ root@bbp:/ ]$ exit
Session ended, resume using 'kubectl attach bbp -c bbp -i -t' command when the pod is running
4.2 NodePort类型
- 创建资源清单文件
[root@k8s-master01 ~]# cat 05_create_nodeport_service_app.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-app
labels:
app: nginx-app
spec:
replicas: 2
selector:
matchLabels:
app: nginx-app
template:
metadata:
labels:
app: nginx-app
spec:
containers:
- name: c1
image: nginx:1.15-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx-app
spec:
type: NodePort
selector:
app: nginx-app
ports:
- protocol: TCP
nodePort: 30001
port: 8060
targetPort: 80
- 应用资源清单文件
[root@k8s-master01 ~]# kubectl apply -f 05_create_nodeport_service_app.yaml
deployment.apps/nginx-app created
service/nginx-app created
- 验证service创建
[root@k8s-master01 ~]# kubectl get deployment.apps
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-app 2/2 2 2 26s
[root@k8s-master01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 443/TCP 2d22h
nginx-app NodePort 10.104.157.20 8060:30001/TCP 36s
[root@k8s-master01 ~]# kubectl get endpoints
NAME ENDPOINTS AGE
kubernetes 192.168.122.10:6443 2d22h
nginx-app 172.16.1.24:80,172.16.2.20:80 2m10s
[root@master01 ~]# ss -anput | grep ":30001"
tcp LISTEN 0 128 :::30001 :::* users:(("kube-proxy",pid=5826,fd=9))
[root@worker01 ~]# ss -anput | grep ":30001"
tcp LISTEN 0 128 :::30001 :::* users:(("kube-proxy",pid=4937,fd=11))
[root@worker02 ~]# ss -anput | grep ":30001"
tcp LISTEN 0 128 :::30001 :::* users:(("kube-proxy",pid=5253,fd=11))
[root@k8s-master01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-app-ffd5ccc78-cnwbx 1/1 Running 0 8m59s
nginx-app-ffd5ccc78-mz77g 1/1 Running 0 8m59s
[root@k8s-master01 ~]# kubectl exec -it nginx-app-ffd5ccc78-cnwbx -- bash
root@nginx-app-ffd5ccc78-cnwbx:/# echo "nginx-app-1" > /usr/share/nginx/html/index.html
root@nginx-app-ffd5ccc78-cnwbx:/# exit
[root@k8s-master01 ~]# kubectl exec -it nginx-app-ffd5ccc78-mz77g -- bash
root@nginx-app-ffd5ccc78-mz77g:/# echo "nginx-app-2" > /usr/share/nginx/html/index.html
root@nginx-app-ffd5ccc78-mz77g:/# exit
- 在与kubernetes 节点同一网络主机中访问k8s集群内service
[root@ha1 ~]# curl http://192.168.10.101:30001
nginx-app-2
[root@ha1 ~]# curl http://192.168.10.102:30001
nginx-app-1
[root@ha1 ~]# curl http://192.168.10.103:30001
nginx-app-1
[root@ha1 ~]# curl http://192.168.10.104:30001
nginx-app-2
4.3 LoadBalancer
4.3.1 集群外访问过程
-
用户
-
域名
-
云服务提供商提供LB服务
-
NodeIP:Port(service IP)
-
Pod IP:端口
4.3.2 自建Kubernetes的LoadBalancer类型服务方案-MetalLB
MetalLB可以为kubernetes集群中的Service提供网络负载均衡功能。
MetalLB两大功能为:
- 地址分配,类似于DHCP
- 外部通告,一旦MetalLB为服务分配了外部IP地址,它就需要使集群之外的网络意识到该IP在群集中“存在”。MetalLB使用标准路由协议来实现此目的:ARP,NDP或BGP。
4.3.2.1 参考资料
参考网址: https://metallb.universe.tf/installation/
4.3.2.2 应用资源清单文件
资源清单文件下载:
# kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.12.1/manifests/namespace.yaml
# kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.12.1/manifests/metallb.yaml
4.3.2.3 准备metallb配置文件
[root@k8s-master01 metallb]# cat metallb-conf.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: default
protocol: layer2
addresses:
- 192.168.10.100-192.168.10.120
集群节点服务器IP同一段。
在master01节点应用资源清单文件
[root@k8s-master01 ~]# kubectl apply -f metallb-conf.yaml
验证配置
# kubectl describe configmap config -n metallb-system
Name: config
Namespace: metallb-system
Labels:
Annotations:
Data
====
config:
----
address-pools:
- name: default
protocol: layer2
addresses:
- 192.168.10.100-192.168.10.120
Events:
4.3.2.4发布Service类型为LoadBalancer的Deployment控制器类型应用
创建Deployment控制器类型应用nginx-metallb及service,service类型为LoadBalancer
[root@k8s-master01 ~]# vim 02_nginx-metabllb.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-metallb
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx-metallb1
image: nginx:1.15-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx-metallb
spec:
ports:
- port: 8090
protocol: TCP
targetPort: 80
selector:
app: nginx
type: LoadBalancer
[root@k8s-master01 ~]# kubectl apply -f nginx.yaml
4.3.2.5 验证
[root@k8s-master01 ~]# kubectl get ns
NAME STATUS AGE
default Active 16d
kube-node-lease Active 16d
kube-public Active 16d
kube-system Active 16d
kubernetes-dashboard Active 13d
metallb-system Active 130m
test1 Active 12d
[root@k8s-master01 ~]# kubectl get pods -n metallb-system
NAME READY STATUS RESTARTS AGE
controller-64f8f944d-qdf8m 1/1 Running 0 110m
speaker-cwzq7 1/1 Running 0 110m
speaker-qk5fb 1/1 Running 0 110m
speaker-wsllb 1/1 Running 0 110m
speaker-x4bwt 1/1 Running 0 110m
[root@k8s-master01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 443/TCP 16d
nginx-metallb LoadBalancer 10.105.239.69 192.168.10.115 8090:31372/TCP 106m
[root@k8s-master01 ~]# ping 192.168.10.115
PING 192.168.10.90 (192.168.10.90) 56(84) bytes of data.
64 bytes from 192.168.10.90: icmp_seq=1 ttl=64 time=3.45 ms
64 bytes from 192.168.10.90: icmp_seq=2 ttl=64 time=0.040 ms
4.3.2.6 访问
[root@k8s-master01 ~]# curl http://192.168.122.115:8090
<!DOCTYPE html>
Welcome to nginx!<<span class="token operator">/</span>title>
<style>
body <span class="token punctuation">{</span>
width: 35em<span class="token punctuation">;</span>
margin: 0 auto<span class="token punctuation">;</span>
font-family: Tahoma<span class="token punctuation">,</span> Verdana<span class="token punctuation">,</span> Arial<span class="token punctuation">,</span> sans-serif<span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<<span class="token operator">/</span>style>
<<span class="token operator">/</span>head>
<body>
<h1>Welcome to nginx!<<span class="token operator">/</span>h1>
<p><span class="token keyword">If</span> you see this page<span class="token punctuation">,</span> the nginx web server is successfully installed and
working<span class="token punctuation">.</span> Further configuration is required<span class="token punctuation">.</span><<span class="token operator">/</span>p>
<p><span class="token keyword">For</span> online documentation and support please refer to
<a href=<span class="token string">"http://nginx.org/"</span>>nginx<span class="token punctuation">.</span>org<<span class="token operator">/</span>a><span class="token punctuation">.</span><br/>
Commercial support is available at
<a href=<span class="token string">"http://nginx.com/"</span>>nginx<span class="token punctuation">.</span>com<<span class="token operator">/</span>a><span class="token punctuation">.</span><<span class="token operator">/</span>p>
<p><em>Thank you <span class="token keyword">for</span> <span class="token keyword">using</span> nginx<span class="token punctuation">.</span><<span class="token operator">/</span>em><<span class="token operator">/</span>p>
<<span class="token operator">/</span>body>
<<span class="token operator">/</span>html>
</code></pre>
<p><strong>注意:使用kubeadm部署kubernetes集群修改方法</strong></p>
<pre><code class="prism language-powershell">如果在IPVS模式下使用kube-proxy,从Kubernetes v1<span class="token punctuation">.</span>14<span class="token punctuation">.</span>2开始,必须启用ARP模式。
可以通过在当前集群中编辑kube-proxy配置来实现:
<span class="token comment"># kubectl edit configmap -n kube-system kube-proxy</span>
并设置:
apiVersion: kubeproxy<span class="token punctuation">.</span>config<span class="token punctuation">.</span>k8s<span class="token punctuation">.</span>io/v1alpha1
kind: KubeProxyConfiguration
mode: <span class="token string">"ipvs"</span>
ipvs:
strictARP: true
</code></pre>
<h2>4.4 ExternalName</h2>
<h3>4.4.1 ExternalName作用</h3>
<ul>
<li>把集群外部的服务引入到集群内部中来,实现了集群内部pod和集群外部的服务进行通信</li>
<li>ExternalName 类型的服务适用于外部服务使用域名的方式,缺点是不能指定端口</li>
<li>还有一点要注意: 集群内的Pod会继承Node上的DNS解析规则。所以只要Node可以访问的服务,Pod中也可以访问到, 这就实现了集群内服务访问集群外服务</li>
</ul>
<h3>4.4.2 将公网域名引入</h3>
<ol>
<li>编写YAML文件</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># vim externelname.yml</span>
apiVersion: v1
kind: Service
metadata:
name: my-externalname
namespace: default
spec:
<span class="token function">type</span>: ExternalName
externalName: www<span class="token punctuation">.</span>baidu<span class="token punctuation">.</span>com <span class="token comment"># 对应的外部域名为www.baidu.com</span>
</code></pre>
<ol start="2">
<li>应用YAML文件</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl apply -f externelname.yml</span>
service/my-externalname created
</code></pre>
<ol start="3">
<li>查看service</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get svc |grep exter</span>
my-externalname ExternalName <none> www<span class="token punctuation">.</span>baidu<span class="token punctuation">.</span>com <none> 69s
</code></pre>
<ol start="4">
<li>查看my-service的dns解析</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># dig -t A my-externalname.default.svc.cluster.local. @10.96.0.2</span>
<span class="token punctuation">;</span> <<>> DiG 9<span class="token punctuation">.</span>9<span class="token punctuation">.</span>4-RedHat-9<span class="token punctuation">.</span>9<span class="token punctuation">.</span>4-72<span class="token punctuation">.</span>el7 <<>> <span class="token operator">-</span>t A my-externalname<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> @10<span class="token punctuation">.</span>2<span class="token punctuation">.</span>0<span class="token punctuation">.</span>2
<span class="token punctuation">;</span><span class="token punctuation">;</span> global options: <span class="token operator">+</span>cmd
<span class="token punctuation">;</span><span class="token punctuation">;</span> Got answer:
<span class="token punctuation">;</span><span class="token punctuation">;</span> <span class="token operator">-</span>>>HEADER<<<span class="token operator">-</span> opcode: QUERY<span class="token punctuation">,</span> status: NOERROR<span class="token punctuation">,</span> id: 31378
<span class="token punctuation">;</span><span class="token punctuation">;</span> flags: qr aa <span class="token function">rd</span><span class="token punctuation">;</span> QUERY: 1<span class="token punctuation">,</span> ANSWER: 4<span class="token punctuation">,</span> AUTHORITY: 0<span class="token punctuation">,</span> ADDITIONAL: 1
<span class="token punctuation">;</span><span class="token punctuation">;</span> WARNING: recursion requested but not available
<span class="token punctuation">;</span><span class="token punctuation">;</span> OPT PSEUDOSECTION:
<span class="token punctuation">;</span> EDNS: version: 0<span class="token punctuation">,</span> flags:<span class="token punctuation">;</span> udp: 4096
<span class="token punctuation">;</span><span class="token punctuation">;</span> QUESTION SECTION:
<span class="token punctuation">;</span>my-externalname<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> IN A
<span class="token punctuation">;</span><span class="token punctuation">;</span> ANSWER SECTION:
my-externalname<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local<span class="token punctuation">.</span> 5 IN CNAME www<span class="token punctuation">.</span>baidu<span class="token punctuation">.</span>com<span class="token punctuation">.</span>
www<span class="token punctuation">.</span>baidu<span class="token punctuation">.</span>com<span class="token punctuation">.</span> 5 IN CNAME www<span class="token punctuation">.</span>a<span class="token punctuation">.</span>shifen<span class="token punctuation">.</span>com<span class="token punctuation">.</span>
www<span class="token punctuation">.</span>a<span class="token punctuation">.</span>shifen<span class="token punctuation">.</span>com<span class="token punctuation">.</span> 5 IN A 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>38 解析的是百度的IP
www<span class="token punctuation">.</span>a<span class="token punctuation">.</span>shifen<span class="token punctuation">.</span>com<span class="token punctuation">.</span> 5 IN A 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>39 解析的是百度的IP
<span class="token punctuation">;</span><span class="token punctuation">;</span> Query time: 32 msec
<span class="token punctuation">;</span><span class="token punctuation">;</span> SERVER: 10<span class="token punctuation">.</span>2<span class="token punctuation">.</span>0<span class="token punctuation">.</span>2<span class="token comment">#53(10.96.0.2)</span>
<span class="token punctuation">;</span><span class="token punctuation">;</span> WHEN: Thu Nov 05 11:23:41 CST 2020
<span class="token punctuation">;</span><span class="token punctuation">;</span> MSG SIZE rcvd: 245
</code></pre>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it deploy-nginx-6c9764bb69-86gwj -- /bin/sh</span>
<span class="token operator">/</span> <span class="token comment"># nslookup www.baidu.com</span>
<span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span>
Name: www<span class="token punctuation">.</span>baidu<span class="token punctuation">.</span>com
Address 1: 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>39
Address 2: 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>38
<span class="token operator">/</span> <span class="token comment"># nslookup my-externalname.default.svc.cluster.local </span>
<span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span>
Name: my-externalname<span class="token punctuation">.</span>default<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local
Address 1: 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>38
Address 2: 14<span class="token punctuation">.</span>215<span class="token punctuation">.</span>177<span class="token punctuation">.</span>39
</code></pre>
<p>解析此<code>my-externalname.default.svc.cluster.local</code>域名和解析<code>www.baidu.com</code>是一样的结果</p>
<h3>4.4.3 不同命名空间访问</h3>
<ol>
<li>创建ns1命名空间和相关deploy, pod,service</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># vim ns1-nginx.yml</span>
apiVersion: v1
kind: Namespace
metadata:
name: ns1 <span class="token comment"># 创建ns1命名空间</span>
<span class="token operator">--</span><span class="token operator">-</span>
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-nginx
namespace: ns1 <span class="token comment"># 属于ns1命名空间</span>
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
<span class="token operator">-</span> name: nginx
image: nginx:1<span class="token punctuation">.</span>15-alpine
imagePullPolicy: IfNotPresent
ports:
<span class="token operator">-</span> containerPort: 80
<span class="token operator">--</span><span class="token operator">-</span>
apiVersion: v1
kind: Service
metadata:
name: svc1 <span class="token comment"># 服务名</span>
namespace: ns1 <span class="token comment"># 属于ns1命名空间</span>
spec:
selector:
app: nginx
clusterIP: None <span class="token comment"># 无头service</span>
ports:
<span class="token operator">-</span> port: 80
targetPort: 80
<span class="token operator">--</span><span class="token operator">-</span>
kind: Service
apiVersion: v1
metadata:
name: external-svc1
namespace: ns1 <span class="token comment"># 属于ns1命名空间</span>
spec:
<span class="token function">type</span>: ExternalName
externalName: svc2<span class="token punctuation">.</span>ns2<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local <span class="token comment"># 将ns2空间的svc2服务引入到ns1命名空间 </span>
<span class="token namespace">[root@k8s-master1 ~]</span><span class="token comment"># kubectl apply -f ns1-nginx.yml</span>
namespace/ns1 created
deployment<span class="token punctuation">.</span>apps/deploy-nginx created
service/svc1 created
</code></pre>
<ol start="2">
<li>创建ns2命名空间和相关deploy, pod,service</li>
</ol>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># vim ns1-nginx.yml</span>
apiVersion: v1
kind: Namespace
metadata:
name: ns2 <span class="token comment"># 创建ns2命名空间</span>
<span class="token operator">--</span><span class="token operator">-</span>
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-nginx
namespace: ns2 <span class="token comment"># 属于ns2命名空间</span>
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
<span class="token operator">-</span> name: nginx
image: nginx:1<span class="token punctuation">.</span>15-alpine
imagePullPolicy: IfNotPresent
ports:
<span class="token operator">-</span> containerPort: 80
<span class="token operator">--</span><span class="token operator">-</span>
apiVersion: v1
kind: Service
metadata:
name: svc2 <span class="token comment"># 服务名</span>
namespace: ns2 <span class="token comment"># 属于ns2命名空间</span>
spec:
selector:
app: nginx
clusterIP: None <span class="token comment"># 无头service</span>
ports:
<span class="token operator">-</span> port: 80
targetPort: 80
<span class="token operator">--</span><span class="token operator">-</span>
kind: Service
apiVersion: v1
metadata:
name: external-svc1
namespace: ns2 <span class="token comment"># 属于ns2命名空间</span>
spec:
<span class="token function">type</span>: ExternalName
externalName: svc1<span class="token punctuation">.</span>ns1<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local <span class="token comment"># 将ns1空间的svc1服务引入到ns2命名空间</span>
</code></pre>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl apply -f ns2-nginx.yml</span>
namespace/ns2 created
deployment<span class="token punctuation">.</span>apps/deploy-nginx created
service/svc2 created
service/external-svc2 created
</code></pre>
<ol start="3">
<li>在ns1命名空间的pod里验证</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods -n ns1</span>
NAME READY STATUS RESTARTS AGE
deploy-nginx-6c9764bb69-g5xl8 1/1 Running 0 8m10s
</code></pre>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it -n ns1 deploy-nginx-6c9764bb69-g5xl8 -- /bin/sh</span>
<span class="token operator">/</span> <span class="token comment"># nslookup svc1</span>
<span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span>
Name: svc1
Address 1: 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>140 deploy-nginx-6c9764bb69-g5xl8 IP与ns1里的podIP一致<span class="token punctuation">(</span>见下面的查询结果<span class="token punctuation">)</span>
<span class="token operator">/</span> <span class="token comment"># nslookup svc2.ns2.svc.cluster.local</span>
<span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span><span class="token punctuation">.</span>
Name: svc2<span class="token punctuation">.</span>ns2<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local
Address 1: 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>104<span class="token punctuation">.</span>17 10-3-104-17<span class="token punctuation">.</span>svc2<span class="token punctuation">.</span>ns2<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local IP与ns2里的podIP一致<span class="token punctuation">(</span>见下面的查询结果<span class="token punctuation">)</span>
<span class="token operator">/</span> <span class="token comment"># exit</span>
</code></pre>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods -o wide -n ns1</span>
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-nginx-6c9764bb69-g5xl8 1/1 Running 0 70m 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>140 192<span class="token punctuation">.</span>168<span class="token punctuation">.</span>122<span class="token punctuation">.</span>13 <none> <none>
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods -o wide -n ns2</span>
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READI NESS GATES
deploy-nginx-6c9764bb69-8psxl 1/1 Running 0 68m 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>104<span class="token punctuation">.</span>17 192<span class="token punctuation">.</span>168<span class="token punctuation">.</span>122<span class="token punctuation">.</span>14 <none> <none>
</code></pre>
<p>反之,在ns2命名空间的pod里访问<code>svc1.ns1.svc.cluster.local</code>,解析的IP是ns1命名空间里的pod的IP(请自行验证)</p>
<ol start="4">
<li>验证ns2中的pod的IP变化, ns1中的pod仍然可以使用<code>svc2.ns2.svc.cluster.local</code>访问</li>
</ol>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pod -n ns2</span>
NAME READY STATUS RESTARTS AGE
deploy-nginx-6c9764bb69-8psxl 1/1 Running 0 81m
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl delete pod deploy-nginx-6c9764bb69-8psxl -n ns2</span>
pod <span class="token string">"deploy-nginx-6c9764bb69-8psxl"</span> deleted 因为有replicas控制器,所以删除pod会自动拉一个起来
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pod -o wide -n ns2</span>
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deploy-nginx-6c9764bb69-8qbz2 1/1 Running 0 5m36s 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>141 192<span class="token punctuation">.</span>168<span class="token punctuation">.</span>122<span class="token punctuation">.</span>13 <none> <none>
pod名称变了<span class="token punctuation">,</span>IP也变成了10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>141
</code></pre>
<p>回到ns1中的pod验证</p>
<pre><code class="prism language-powershell"> <span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it -n ns1 deploy-nginx-6c9764bb69-g5xl8 -- /bin/sh</span>
<span class="token operator">/</span> <span class="token comment"># ping svc2.ns2.svc.cluster.local -c 2</span>
PING svc2<span class="token punctuation">.</span>ns2<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local <span class="token punctuation">(</span>10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>141<span class="token punctuation">)</span>: 56 <span class="token keyword">data</span> bytes 解析的IP就是ns2中pod的新IP
64 bytes <span class="token keyword">from</span> 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>141: seq=0 ttl=63 time=0<span class="token punctuation">.</span>181 ms
64 bytes <span class="token keyword">from</span> 10<span class="token punctuation">.</span>3<span class="token punctuation">.</span>166<span class="token punctuation">.</span>141: seq=1 ttl=63 time=0<span class="token punctuation">.</span>186 ms
<span class="token operator">--</span><span class="token operator">-</span> svc2<span class="token punctuation">.</span>ns2<span class="token punctuation">.</span>svc<span class="token punctuation">.</span>cluster<span class="token punctuation">.</span>local ping statistics <span class="token operator">--</span><span class="token operator">-</span>
2 packets transmitted<span class="token punctuation">,</span> 2 packets received<span class="token punctuation">,</span> 0% packet loss
round-trip min/avg/max = 0<span class="token punctuation">.</span>181/0<span class="token punctuation">.</span>183/0<span class="token punctuation">.</span>186 ms
<span class="token operator">/</span> <span class="token comment"># exit</span>
</code></pre>
<h1>五、sessionAffinity</h1>
<blockquote>
<p>会话粘贴</p>
</blockquote>
<p>设置sessionAffinity为Clientip (类似nginx的ip_hash算法,lvs的sh算法)</p>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># cat 02_create_deployment_app_nginx_with_service.yaml</span>
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-server1
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
<span class="token operator">-</span> name: c1
image: nginx:1<span class="token punctuation">.</span>15-alpine
imagePullPolicy: IfNotPresent
ports:
<span class="token operator">-</span> containerPort: 80
<span class="token operator">--</span><span class="token operator">-</span>
apiVersion: v1
kind: Service
metadata:
name: nginx-svc
spec:
<span class="token function">type</span>: ClusterIP
ports:
<span class="token operator">-</span> protocol: TCP
port: 80
targetPort: 80
selector:
app: nginx
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl apply -f 02_create_deployment_app_nginx_with_service.yaml</span>
deployment<span class="token punctuation">.</span>apps/nginx-server1 created
service/nginx-svc created
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods</span>
NAME READY STATUS RESTARTS AGE
nginx-server1-58845f75f4-9zlnw 1/1 Running 0 2m11s
nginx-server1-58845f75f4-ffqdt 1/1 Running 0 2m11s
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it nginx-server1-58845f75f4-9zlnw bash</span>
kubectl exec <span class="token namespace">[POD]</span> <span class="token namespace">[COMMAND]</span> is DEPRECATED and will be removed in a future version<span class="token punctuation">.</span> Use kubectl kubectl exec <span class="token namespace">[POD]</span> <span class="token operator">--</span> <span class="token namespace">[COMMAND]</span> instead<span class="token punctuation">.</span>
root@nginx-server1-58845f75f4-9zlnw:<span class="token operator">/</span><span class="token comment"># echo web1 > /usr/share/nginx/html/index.html</span>
root@nginx-server1-58845f75f4-9zlnw:<span class="token operator">/</span><span class="token comment"># exit</span>
<span class="token keyword">exit</span>
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl exec -it nginx-server1-58845f75f4-ffqdt bash</span>
kubectl exec <span class="token namespace">[POD]</span> <span class="token namespace">[COMMAND]</span> is DEPRECATED and will be removed in a future version<span class="token punctuation">.</span> Use kubectl kubectl exec <span class="token namespace">[POD]</span> <span class="token operator">--</span> <span class="token namespace">[COMMAND]</span> instead<span class="token punctuation">.</span>
root@nginx-server1-58845f75f4-ffqdt:<span class="token operator">/</span><span class="token comment"># echo web2 > /usr/share/nginx/html/index.html</span>
root@nginx-server1-58845f75f4-ffqdt:<span class="token operator">/</span><span class="token comment"># exit</span>
<span class="token keyword">exit</span>
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get svc</span>
NAME <span class="token function">TYPE</span> CLUSTER-IP EXTERNAL-IP PORT<span class="token punctuation">(</span>S<span class="token punctuation">)</span> AGE
kubernetes ClusterIP 10<span class="token punctuation">.</span>96<span class="token punctuation">.</span>0<span class="token punctuation">.</span>1 <none> 443/TCP 16d
nginx-svc ClusterIP 10<span class="token punctuation">.</span>100<span class="token punctuation">.</span>53<span class="token punctuation">.</span>31 <none> 80/TCP 3m53s
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># curl http://10.100.53.31</span>
web1
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># curl http://10.100.53.31</span>
web2
或
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># while true;do curl 10.100.53.31;sleep 1; done</span>
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl patch svc nginx-svc -p '{"spec":{"sessionAffinity":"ClientIP"}}'</span>
service/nginx-svc patched
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># curl 10.100.53.31</span>
web1
多次访问<span class="token punctuation">,</span>会话粘贴
</code></pre>
<pre><code class="prism language-powershell">设置回sessionAffinity为None
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl patch svc nginx-svc -p '{"spec":{"sessionAffinity":"None"}}'</span>
service/my-service patched
</code></pre>
<pre><code class="prism language-powershell">测试
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># curl 10.100.53.31</span>
web1
多次访问<span class="token punctuation">,</span>回到负载均衡
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># while true;do curl 10.100.53.31;sleep 1; done</span>
web1
多次访问<span class="token punctuation">,</span>会话粘贴
</code></pre>
<h1>六、修改为ipvs调度方式(拓展)</h1>
<blockquote>
<p>部署方式不同,修改方法不一样。</p>
<p>本次主要介绍使用kubeadm部署集群方式,二进制部署较为简单。</p>
<p>二进制部署修改:/etc/kubernetes/kube-proxy.yaml文件即可。</p>
</blockquote>
<p>从kubernetes1.8版本开始,新增了kube-proxy对ipvs的支持,在kubernetes1.11版本中被纳入了GA.</p>
<h2>6.1 修改为IPVS调度方式前升级内核</h2>
<blockquote>
<p>现使用Centos7u6发布版本,默认内核版本为3.10.0,使用kubernetes为1.18.0时,可升级内核版本至4.18.0或5.6.0版本。</p>
</blockquote>
<blockquote>
<p>在所有节点中安装,需要重启操作系统更换内核。以下升级方法供参考。</p>
</blockquote>
<pre><code class="prism language-powershell"><span class="token namespace">[root@localhost ~]</span><span class="token comment"># yum -y install perl</span>
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org</span>
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># yum -y install https://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm</span>
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># yum --enablerepo="elrepo-kernel" -y install kernel-ml.x86_64 </span>
此处升级为5<span class="token punctuation">.</span>0以上版本。
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># grub2-set-default 0</span>
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># grub2-mkconfig -o /boot/grub2/grub.cfg</span>
<span class="token namespace">[root@localhost ~]</span><span class="token comment"># reboot</span>
</code></pre>
<h2>6.2 修改kube-proxy的配置文件</h2>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl edit configmap kube-proxy -n kube-system</span>
26 iptables:
27 masqueradeAll: false
28 masqueradeBit: 14
29 minSyncPeriod: 0s
30 syncPeriod: 30s
31 ipvs:
32 excludeCIDRs: null
33 minSyncPeriod: 0s
34 scheduler: <span class="token string">""</span> <span class="token comment"># 可以在这里修改ipvs的算法,默认为rr轮循算法</span>
35 strictARP: false
36 syncPeriod: 30s
37 kind: KubeProxyConfiguration
38 metricsBindAddress: 127<span class="token punctuation">.</span>0<span class="token punctuation">.</span>0<span class="token punctuation">.</span>1:10249
39 mode: <span class="token string">"ipvs"</span> <span class="token comment"># 默认""号里为空,加上ipvs</span>
</code></pre>
<h2>6.3 查看kube-system的namespace中kube-proxy有关的pod</h2>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods -n kube-system |grep kube-proxy</span>
kube-proxy-69mv6 1/1 Running 6 2d18h
kube-proxy-jpc6c 1/1 Running 4 4d16h
kube-proxy-kq65l 1/1 Running 4 4d16h
kube-proxy-lmphf 1/1 Running 5 4d16h
</code></pre>
<h2>6.4 验证kube-proxy-xxx的pod中的信息</h2>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl logs kube-proxy-jpc6c -n kube-system</span>
W0517 00:55:10<span class="token punctuation">.</span>914754 1 server_others<span class="token punctuation">.</span>go:559<span class="token punctuation">]</span> Unknown proxy mode <span class="token string">""</span><span class="token punctuation">,</span> assuming iptables proxy
I0517 00:55:10<span class="token punctuation">.</span>923228 1 node<span class="token punctuation">.</span>go:136<span class="token punctuation">]</span> Successfully retrieved node IP: 192<span class="token punctuation">.</span>168<span class="token punctuation">.</span>122<span class="token punctuation">.</span>32
I0517 00:55:10<span class="token punctuation">.</span>923264 1 server_others<span class="token punctuation">.</span>go:186<span class="token punctuation">]</span> <span class="token keyword">Using</span> iptables Proxier<span class="token punctuation">.</span>
I0517 00:55:10<span class="token punctuation">.</span>923567 1 server<span class="token punctuation">.</span>go:583<span class="token punctuation">]</span> Version: v1<span class="token punctuation">.</span>18<span class="token punctuation">.</span>2
I0517 00:55:10<span class="token punctuation">.</span>923965 1 conntrack<span class="token punctuation">.</span>go:100<span class="token punctuation">]</span> <span class="token function">Set</span> sysctl <span class="token string">'net/netfilter/nf_conntrack_max'</span> to 131072
I0517 00:55:10<span class="token punctuation">.</span>924001 1 conntrack<span class="token punctuation">.</span>go:52<span class="token punctuation">]</span> Setting nf_conntrack_max to 131072
I0517 00:55:10<span class="token punctuation">.</span>924258 1 conntrack<span class="token punctuation">.</span>go:83<span class="token punctuation">]</span> Setting conntrack hashsize to 32768
I0517 00:55:10<span class="token punctuation">.</span>927041 1 conntrack<span class="token punctuation">.</span>go:100<span class="token punctuation">]</span> <span class="token function">Set</span> sysctl <span class="token string">'net/netfilter/nf_conntrack_tcp_timeout_established'</span> to 86400
I0517 00:55:10<span class="token punctuation">.</span>927086 1 conntrack<span class="token punctuation">.</span>go:100<span class="token punctuation">]</span> <span class="token function">Set</span> sysctl <span class="token string">'net/netfilter/nf_conntrack_tcp_timeout_close_wait'</span> to 3600
I0517 00:55:10<span class="token punctuation">.</span>927540 1 config<span class="token punctuation">.</span>go:315<span class="token punctuation">]</span> Starting service config controller
I0517 00:55:10<span class="token punctuation">.</span>927556 1 shared_informer<span class="token punctuation">.</span>go:223<span class="token punctuation">]</span> Waiting <span class="token keyword">for</span> caches to sync <span class="token keyword">for</span> service config
I0517 00:55:10<span class="token punctuation">.</span>927576 1 config<span class="token punctuation">.</span>go:133<span class="token punctuation">]</span> Starting endpoints config controller
I0517 00:55:10<span class="token punctuation">.</span>927594 1 shared_informer<span class="token punctuation">.</span>go:223<span class="token punctuation">]</span> Waiting <span class="token keyword">for</span> caches to sync <span class="token keyword">for</span> endpoints config
I0517 00:55:11<span class="token punctuation">.</span>027749 1 shared_informer<span class="token punctuation">.</span>go:230<span class="token punctuation">]</span> Caches are synced <span class="token keyword">for</span> service config
I0517 00:55:11<span class="token punctuation">.</span>027858 1 shared_informer<span class="token punctuation">.</span>go:230<span class="token punctuation">]</span> Caches are synced <span class="token keyword">for</span> endpoints config
</code></pre>
<h2>6.5 重新启动kube-proxy</h2>
<blockquote>
<p>删除kube-proxy-xxx的所有pod,让它重新拉取新的kube-proxy-xxx的pod</p>
</blockquote>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl delete pod kube-proxy-69mv6 -n kube-system</span>
pod <span class="token string">"kube-proxy-69mv6"</span> deleted
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl delete pod kube-proxy-jpc6c -n kube-system</span>
pod <span class="token string">"kube-proxy-jpc6c"</span> deleted
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl delete pod kube-proxy-kq65l -n kube-system</span>
pod <span class="token string">"kube-proxy-kq65l"</span> deleted
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl delete pod kube-proxy-lmphf -n kube-system</span>
pod <span class="token string">"kube-proxy-lmphf"</span> deleted
</code></pre>
<pre><code class="prism language-powershell"><span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl get pods -n kube-system |grep kube-proxy</span>
kube-proxy-2mk2b 1/1 Running 0 2m23s
kube-proxy-5bj87 1/1 Running 0 30s
kube-proxy-7qq9l 1/1 Running 0 52s
kube-proxy-tjtqf 1/1 Running 0 80s
</code></pre>
<pre><code class="prism language-powershell">随意查看其中1个或3个kube-proxy-xxx的pod<span class="token punctuation">,</span>验证是否为IPVS方式了
<span class="token namespace">[root@k8s-master01 ~]</span><span class="token comment"># kubectl logs kube-proxy-tjtqf -n kube-system</span>
I0517 02:32:26<span class="token punctuation">.</span>557696 1 node<span class="token punctuation">.</span>go:136<span class="token punctuation">]</span> Successfully retrieved node IP: 192<span class="token punctuation">.</span>168<span class="token punctuation">.</span>122<span class="token punctuation">.</span>32
I0517 02:32:26<span class="token punctuation">.</span>557745 1 server_others<span class="token punctuation">.</span>go:259<span class="token punctuation">]</span> <span class="token keyword">Using</span> ipvs Proxier<span class="token punctuation">.</span>
W0517 02:32:26<span class="token punctuation">.</span>557912 1 proxier<span class="token punctuation">.</span>go:429<span class="token punctuation">]</span> IPVS scheduler not specified<span class="token punctuation">,</span> use rr by default
I0517 02:32:26<span class="token punctuation">.</span>560008 1 server<span class="token punctuation">.</span>go:583<span class="token punctuation">]</span> Version: v1<span class="token punctuation">.</span>18<span class="token punctuation">.</span>2
I0517 02:32:26<span class="token punctuation">.</span>560428 1 conntrack<span class="token punctuation">.</span>go:52<span class="token punctuation">]</span> Setting nf_conntrack_max to 131072
I0517 02:32:26<span class="token punctuation">.</span>561094 1 config<span class="token punctuation">.</span>go:315<span class="token punctuation">]</span> Starting service config controller
I0517 02:32:26<span class="token punctuation">.</span>562251 1 shared_informer<span class="token punctuation">.</span>go:223<span class="token punctuation">]</span> Waiting <span class="token keyword">for</span> caches to sync <span class="token keyword">for</span> service config
I0517 02:32:26<span class="token punctuation">.</span>561579 1 config<span class="token punctuation">.</span>go:133<span class="token punctuation">]</span> Starting endpoints config controller
I0517 02:32:26<span class="token punctuation">.</span>562271 1 shared_informer<span class="token punctuation">.</span>go:223<span class="token punctuation">]</span> Waiting <span class="token keyword">for</span> caches to sync <span class="token keyword">for</span> endpoints config
I0517 02:32:26<span class="token punctuation">.</span>662541 1 shared_informer<span class="token punctuation">.</span>go:230<span class="token punctuation">]</span> Caches are synced <span class="token keyword">for</span> service config
I0517 02:32:26<span class="token punctuation">.</span>662566 1 shared_informer<span class="token punctuation">.</span>go:230<span class="token punctuation">]</span> Caches are synced <span class="token keyword">for</span> endpoints config
</code></pre>
</div>
</div>
</div>
</div>
</div>
<!--PC和WAP自适应版-->
<div id="SOHUCS" sid="1639316118835355648"></div>
<script type="text/javascript" src="/views/front/js/chanyan.js"></script>
<!-- 文章页-底部 动态广告位 -->
<div class="youdao-fixed-ad" id="detail_ad_bottom"></div>
</div>
<div class="col-md-3">
<div class="row" id="ad">
<!-- 文章页-右侧1 动态广告位 -->
<div id="right-1" class="col-lg-12 col-md-12 col-sm-4 col-xs-4 ad">
<div class="youdao-fixed-ad" id="detail_ad_1"> </div>
</div>
<!-- 文章页-右侧2 动态广告位 -->
<div id="right-2" class="col-lg-12 col-md-12 col-sm-4 col-xs-4 ad">
<div class="youdao-fixed-ad" id="detail_ad_2"></div>
</div>
<!-- 文章页-右侧3 动态广告位 -->
<div id="right-3" class="col-lg-12 col-md-12 col-sm-4 col-xs-4 ad">
<div class="youdao-fixed-ad" id="detail_ad_3"></div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="container">
<h4 class="pt20 mb15 mt0 border-top">你可能感兴趣的:(k8s,kubernetes)</h4>
<div id="paradigm-article-related">
<div class="recommend-post mb30">
<ul class="widget-links">
<li><a href="/article/1883077093407911936.htm"
title="k8s pod分类、核心组件、网络模型、kubectl常用命令" target="_blank">k8s pod分类、核心组件、网络模型、kubectl常用命令</a>
<span class="text-muted">2501_90243308</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E7%BD%91%E7%BB%9C/1.htm">网络</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>假如有2个pod,pod有其生命周期,万一pod所在的节点宕机了,那么此pod将应该要在其他的节点上重建,而重建完的pod与原来的pod已经不是同一个pod了,只是两者都是运行的同一个服务而已。且每个容器都有其IP地址,重建的pod中的容器其P地址与之前的pod中容器的IP地址是不一样的,如此一来就会存在一个问题,客户端如何访问这些pod中的容器呢?措施:服务发现:就比如集贸市场的注册摊位和声明地</div>
</li>
<li><a href="/article/1883015056866734080.htm"
title="redis清空缓存" target="_blank">redis清空缓存</a>
<span class="text-muted">奔跑吧邓邓子</span>
<a class="tag" taget="_blank" href="/search/%E9%AB%98%E6%95%88%E8%BF%90%E7%BB%B4/1.htm">高效运维</a><a class="tag" taget="_blank" href="/search/%E7%BC%93%E5%AD%98/1.htm">缓存</a><a class="tag" taget="_blank" href="/search/redis/1.htm">redis</a><a class="tag" taget="_blank" href="/search/%E6%95%B0%E6%8D%AE%E5%BA%93/1.htm">数据库</a>
<div>提示:“奔跑吧邓邓子”的高效运维专栏聚焦于各类运维场景中的实际操作与问题解决。内容涵盖服务器硬件(如IBMSystem3650M5)、云服务平台(如腾讯云、华为云)、服务器软件(如Nginx、Apache、GitLab、Redis、Elasticsearch、Kubernetes、Docker等)、开发工具(如Git、HBuilder)以及网络安全(如挖矿病毒排查、SSL证书配置)等多个方面。无论</div>
</li>
<li><a href="/article/1882985303317213184.htm"
title="Helm Chart 实现 Kubernetes 应用多环境部署实战" target="_blank">Helm Chart 实现 Kubernetes 应用多环境部署实战</a>
<span class="text-muted">ivwdcwso</span>
<a class="tag" taget="_blank" href="/search/%E8%BF%90%E7%BB%B4/1.htm">运维</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/Helm/1.htm">Helm</a><a class="tag" taget="_blank" href="/search/k8s/1.htm">k8s</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>在现代软件开发中,通常需要将应用部署到多个环境(如开发环境、测试环境、生产环境)。每个环境的配置可能不同,例如数据库连接、资源限制、镜像版本等。HelmChart提供了强大的模板化和参数化功能,可以轻松实现多环境部署。本文将详细介绍如何使用HelmChart实现Kubernetes应用的多环境配置,并通过实战演示完整的部署流程。©ivwdcwso(ID:u012172506)1.多环境部署的需求在</div>
</li>
<li><a href="/article/1882971050652790784.htm"
title="DigitalOcean Kubernetes现已支持VPC natvie集群" target="_blank">DigitalOcean Kubernetes现已支持VPC natvie集群</a>
<span class="text-muted">DO_Community</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a>
<div>DigitalOceanKubernetes(DOKS)的VPCnatvie集群功能现已正式上线!这一新功能实现了DOKS集群与虚拟私有云(VPC)资源之间的无缝集成,提升了工作负载的网络灵活性和可扩展性。什么是VPCnatvie集群?VPCnatvie集群支持Kubernetes集群与VPC资源之间进行原生路由。这意味着你的DOKS集群可以作为现有VPC网络架构的自然扩展,提供更流畅的连接和更好</div>
</li>
<li><a href="/article/1882955165544280064.htm"
title="利用Kubespray安装生产环境的k8s集群-排错篇" target="_blank">利用Kubespray安装生产环境的k8s集群-排错篇</a>
<span class="text-muted">超级阿飞</span>
<a class="tag" taget="_blank" href="/search/k8s/1.htm">k8s</a><a class="tag" taget="_blank" href="/search/cluster/1.htm">cluster</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/docker/1.htm">docker</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>利用Kubespray安装生产环境的k8s集群-排错Ansible排错Ansible安装后需要加入到PATH,以便能够直接运行。一般用非root用户运行,注意在playbook或者inventory里要显性定义become属性。最好采用ansible运行账号可以免密码sudo的模式。Ansible的配置文件,在kuberspray安装时已经存在,需要将Ansible运行配置文件指向相应位置。配置文</div>
</li>
<li><a href="/article/1882946084590907392.htm"
title="k8s namespace绑定节点" target="_blank">k8s namespace绑定节点</a>
<span class="text-muted">mumu2lili</span>
<a class="tag" taget="_blank" href="/search/k8s/1.htm">k8s</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E8%AE%A1%E7%AE%97/1.htm">云计算</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/java/1.htm">java</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>k8snamespace绑定节点1.apiserver启用准入控制PodNodeSelector2.namespace添加注解scheduler.alpha.kubernetes.io/node-selector3.labelnode1.apiserver启用准入控制PodNodeSelectorvim/etc/kubernetes/manifests/kube-apiserver.yamlspe</div>
</li>
<li><a href="/article/1882881282514415616.htm"
title="Docker多架构镜像构建踩坑记" target="_blank">Docker多架构镜像构建踩坑记</a>
<span class="text-muted">一直学下去</span>
<a class="tag" taget="_blank" href="/search/docker/1.htm">docker</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/adm64/1.htm">adm64</a><a class="tag" taget="_blank" href="/search/arm64/1.htm">arm64</a><a class="tag" taget="_blank" href="/search/%E5%A4%9A%E6%9E%B6%E6%9E%84/1.htm">多架构</a>
<div>背景公司为了做信创项目的亮点,需要将现有的一套在X86上运行的应用系统迁移到ARM服务器上运行,整个项目通过后端Java,前端VUEJS开发通过CICD做成Docker镜像在K8S里面运行。但是当前的CICD产品不支持ARM的镜像构建,于是只能手工构建ARM镜像。以下是一些踩坑的记录,希望能帮大家少踩坑构建环境本地电脑DeepinLinux23(Windows的WSL和其他的Linux系统都可以)</div>
</li>
<li><a href="/article/1882774031954931712.htm"
title="《Go底层原理与工程化实践》发布啦!" target="_blank">《Go底层原理与工程化实践》发布啦!</a>
<span class="text-muted"></span>
<a class="tag" taget="_blank" href="/search/go%E5%90%8E%E7%AB%AF/1.htm">go后端</a>
<div>为什么要深入学习Go语言 Go语言是目前的主流语言之一,具有入门快、高性能、开发效率高等特点,目前越来越多的互联网企业都在使用Go语言。另外,原生体系中的Kubernetes、Docker等开源项目就是基于Go语言开发的,想要深入研究云原生技术,就必须精通Go语言。最后,只有对Go语言底层有一定了解,才能开发出高性能、高可用的Go服务,并在解决线上问题、性能调优时游刃有余。本书特色掌握Go高并发</div>
</li>
<li><a href="/article/1882690360484884480.htm"
title="如何部署 Flask 应用程序到生产环境?" target="_blank">如何部署 Flask 应用程序到生产环境?</a>
<span class="text-muted">Channing Lewis</span>
<a class="tag" taget="_blank" href="/search/Python/1.htm">Python</a><a class="tag" taget="_blank" href="/search/flask/1.htm">flask</a><a class="tag" taget="_blank" href="/search/python/1.htm">python</a><a class="tag" taget="_blank" href="/search/%E5%90%8E%E7%AB%AF/1.htm">后端</a>
<div>在生产环境中部署Flask应用程序需要考虑稳定性、安全性、可扩展性和性能。以下是Flask应用的常见生产部署方法及最佳实践:1.选择部署方式常见的Flask生产环境部署方式包括:部署方式适用场景说明Gunicorn+Nginx适合中小型项目轻量级,性能稳定uWSGI+Nginx高性能并发、生产环境推荐生产级别,支持异步工作Docker+Kubernetes容器化部署,微服务架构适合大规模微服务集群</div>
</li>
<li><a href="/article/1882656326874624000.htm"
title="Kubernetes入门" target="_blank">Kubernetes入门</a>
<span class="text-muted">I~Lucky</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>什么是Kubernetes?Kubernetes(简称K8s)是一个开源的容器编排平台,主要用于自动化应用的部署、扩展和管理。它可以帮助开发者和运维人员管理容器化的应用,使得服务能够在不同的主机之间进行调度,从而实现负载均衡、高可用和自动伸缩。Kubernetes的工作原理Kubernetes通过将应用打包到容器中,并在集群中运行这些容器来实现应用的部署和管理。容器是轻量级的、可移植的、自包含的软</div>
</li>
<li><a href="/article/1882620011424575488.htm"
title="Kubernetes网络" target="_blank">Kubernetes网络</a>
<span class="text-muted">qichengzong_right</span>
<a class="tag" taget="_blank" href="/search/linux/1.htm">linux</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a><a class="tag" taget="_blank" href="/search/linux/1.htm">linux</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a>
<div>Kubernetes网络Kubernetes网络模型相关概念链接Kubernetes网络模型Kubernetes网络模型由多个关键部分构建而成:在Kubernetes集群中,每个Pod都会被分配一个独一无二的、在集群范围内有效的IP地址。Pod拥有自己独立的私有网络命名空间,该命名空间由Pod内的所有容器共享。这意味着,在同一Pod中运行的不同容器进程能够通过localhost进行便捷的相互通信。</div>
</li>
<li><a href="/article/1882620010053038080.htm"
title="在KubeFATE中定制化部署联邦学习组件的深入分析" target="_blank">在KubeFATE中定制化部署联邦学习组件的深入分析</a>
<span class="text-muted">亨利笔记</span>
<a class="tag" taget="_blank" href="/search/docker/1.htm">docker</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E6%95%B0%E6%8D%AE%E5%BA%93/1.htm">数据库</a><a class="tag" taget="_blank" href="/search/java/1.htm">java</a><a class="tag" taget="_blank" href="/search/%E5%A4%A7%E6%95%B0%E6%8D%AE/1.htm">大数据</a>
<div>题图摄于国家大剧院(本文作者系VMware中国研发云原生实验室架构师,联邦学习开源项目KubeFATE/FATE-Operator维护者。)需要加入KubeFATE开源项目讨论群的同学,请关注亨利笔记公众号后回复“kubefate”即可。相关文章在JuypterNotebook中构建联邦学习任务云原生联邦学习平台KubeFATE原理详解用KubeFATE在K8s上部署联邦学习FATEv1.5使用D</div>
</li>
<li><a href="/article/1882556683088097280.htm"
title="kubectl命令" target="_blank">kubectl命令</a>
<span class="text-muted">minyao922</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/docker/1.htm">docker</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>kubernetes基本概念Pod:k8s最小部署单元,一组容器的集合Deployment:最常见的控制器,用于更高级别部署和管理PodService:为一组Pod提供负载均衡,对外提供统一访问入口Label:标签,附加到某个资源上,用于关联对象、查询和筛选Namespaces∶命名空间。将对象逻辑上隔离,也利于权限控制edit(编辑资源)//运行一个pod类型的nginx,名字叫nginx,定义</div>
</li>
<li><a href="/article/1882512669991301120.htm"
title="Kubectl常用命令操作" target="_blank">Kubectl常用命令操作</a>
<span class="text-muted">_Eden_</span>
<a class="tag" taget="_blank" href="/search/linux/1.htm">linux</a><a class="tag" taget="_blank" href="/search/%E8%BF%90%E7%BB%B4/1.htm">运维</a><a class="tag" taget="_blank" href="/search/%E6%9C%8D%E5%8A%A1%E5%99%A8/1.htm">服务器</a>
<div>kubectl命令格式:kubectlcommandtypenamecommand:表示子命令,用于操作kubernetes的集群资源对象,如:createdeletedescribegetapplytype:资源对象的类型name:资源对象的名称1.创建资源对象kubectlcreate-fmy-service.yaml表示根据yaml配置文件创建service2.查看资源对象kubectlge</div>
</li>
<li><a href="/article/1882504227520049152.htm"
title="k8s 安装nfs_k8s共享存储之nfs" target="_blank">k8s 安装nfs_k8s共享存储之nfs</a>
<span class="text-muted">weixin_39941732</span>
<a class="tag" taget="_blank" href="/search/k8s/1.htm">k8s</a><a class="tag" taget="_blank" href="/search/%E5%AE%89%E8%A3%85nfs/1.htm">安装nfs</a>
<div>特别说明:测试使用,不建议生产环境1、在master节点配置(node1)1)yum安装nfs#yum-yinstallnfs-utilsNFS的关键工具包括:主要配置文件:/etc/exports;NFS文件系统维护命令:/usr/bin/exportfs;共享资源的日志文件:/var/lib/nfs/*tab;客户端查询共享资源命令:/usr/sbin/showmount;端口配置:/etc/</div>
</li>
<li><a href="/article/1882503344057020416.htm"
title="k8s中使用MySQL共享存储_k8s使用NFS做动态存储做mysql容器主从同步" target="_blank">k8s中使用MySQL共享存储_k8s使用NFS做动态存储做mysql容器主从同步</a>
<span class="text-muted">罗-Moline</span>
<a class="tag" taget="_blank" href="/search/k8s%E4%B8%AD%E4%BD%BF%E7%94%A8MySQL%E5%85%B1%E4%BA%AB%E5%AD%98%E5%82%A8/1.htm">k8s中使用MySQL共享存储</a>
<div>k8s里面存储一直是比较难搞得,之前做的静态存储,写这篇文档记录一下动态存储创建的过程。使用动态存储的好处是开发者可以更关注自己的开发环境,不用关心后端的资源,还有就是更换存储类型不用做大的改变,只需切换一下storageclassName即可。根据这篇博客来的!谢谢博主!!!https://www.cnblogs.com/00986014w/p/9406962.html我把大致上思路分成三步:1</div>
</li>
<li><a href="/article/1882501076310093824.htm"
title="在K8S中,如何使用EFK实现日志的统一管理?" target="_blank">在K8S中,如何使用EFK实现日志的统一管理?</a>
<span class="text-muted">Dusk_橙子</span>
<a class="tag" taget="_blank" href="/search/K8S/1.htm">K8S</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>在Kubernetes中,EFK是一种常见的日志统一管理方案。EFK堆栈允许你收集、存储、搜素、分析和可视化容器应用程序的日志。下面是如何在Kubernetes中使用EFK实现日志统一管理的详细步骤:部署Elasticsearchelasticsearch是一个分布式、RESTful风格的搜索和分析引擎,能够解决越来越多用例的查询语言,它通常用于日志和事件数据分析。首先,你需要再kubernete</div>
</li>
<li><a href="/article/1882487333043892224.htm"
title="配置管理工具和k8s功能重叠部分的优势比较" target="_blank">配置管理工具和k8s功能重叠部分的优势比较</a>
<span class="text-muted">大囚长</span>
<a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8%E6%8A%80%E6%9C%AF/1.htm">容器技术</a><a class="tag" taget="_blank" href="/search/%E8%BF%90%E7%BB%B4%E4%BA%BA%E7%94%9F/1.htm">运维人生</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a><a class="tag" taget="_blank" href="/search/%E8%BF%90%E7%BB%B4/1.htm">运维</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a>
<div>通过自动化配置管理工具(如Ansible、Puppet、Chef)和应用内管理机制,也可以实现自动部署、扩缩容、负载均衡和故障恢复等功能。Kubernetes(K8s)在这些方面具有哪些独特的优势呢,尤其是在云原生环境和大规模分布式系统中。以下是对比分析:1.自动化配置管理工具的局限性自动化配置管理工具(如Ansible、Puppet、Chef)主要用于基础设施的配置管理和应用部署,但它们在某些方</div>
</li>
<li><a href="/article/1882484684714209280.htm"
title="在K8S中,如果后端NFS存储的IP发送变化如何解决?" target="_blank">在K8S中,如果后端NFS存储的IP发送变化如何解决?</a>
<span class="text-muted">Dusk_橙子</span>
<a class="tag" taget="_blank" href="/search/K8S/1.htm">K8S</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/tcp%2Fip/1.htm">tcp/ip</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>在Kubernetes中,如果后端NFS存储的IP地址发生了变化,您需要更新与之相关的PeristentVolume(PV)或PersistentVolumeClaim(PVC)以及StorageClass中关于NFS服务器IP的配置信息,确保K8S集群内的Pod能够正确连接到新的NFS存储位置。解决方案如下:更新PersistentVolume(PV):如果你直接在PV中指定了NFS服务器的IP</div>
</li>
<li><a href="/article/1882418616847101952.htm"
title="K8S中ingress详解" target="_blank">K8S中ingress详解</a>
<span class="text-muted">元气满满的热码式</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>Ingress介绍Kubernetes集群中,服务(Service)是一种抽象,它定义了一种访问Pod的方式,无论这些Pod如何变化,服务都保持不变。服务可以被映射到一个静态的IP地址(ClusterIP)、一个NodePort(在集群的每个节点上的特定端口)、一个LoadBalancer(通过云服务提供商的负载均衡器)或一个外部IP。Service的两种服务暴露方式,NodePort和LoadB</div>
</li>
<li><a href="/article/1882368570374025216.htm"
title="【云原生技术】k8s是不是不能处理0.1core的CUP配置,必须配置成100mi?" target="_blank">【云原生技术】k8s是不是不能处理0.1core的CUP配置,必须配置成100mi?</a>
<span class="text-muted">阿寻寻</span>
<a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>CPU的资源请求和限制特定的表示方式CPU配置的单位配置要求示例在Kubernetes中,CPU的资源请求和限制确实有特定的表示方式。关于你提到的0.1core和100m这两个值,以下是详细的解释:CPU配置的单位KubernetesCPU单位:Kubernetes使用milliCPU(毫核)作为CPU的计量单位。1核CPU=1000milliCPU(m)。例如,0.1核实际上表示为100m(10</div>
</li>
<li><a href="/article/1882368570902507520.htm"
title="【云原生技术】K8S更新策略有哪些方式,每种方式的可选必填字段有哪些,详细举例说明" target="_blank">【云原生技术】K8S更新策略有哪些方式,每种方式的可选必填字段有哪些,详细举例说明</a>
<span class="text-muted">阿寻寻</span>
<a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>更新策略有哪些方式一、更新策略详细举例1.**RollingUpdate(滚动更新)**说明:必填字段:可选字段:示例:2.**Recreate(重建)**说明:必填字段:可选字段:示例:3.**OnDelete(手动更新)**说明:必填字段:可选字段:示例:总结详细示例小结二、Recreate不可选minReadySeconds吗?Recreate更新策略与minReadySeconds示例总结</div>
</li>
<li><a href="/article/1882273774561193984.htm"
title="CentOS8下安装wget、wget2" target="_blank">CentOS8下安装wget、wget2</a>
<span class="text-muted">奔跑吧邓邓子</span>
<a class="tag" taget="_blank" href="/search/%E9%AB%98%E6%95%88%E8%BF%90%E7%BB%B4/1.htm">高效运维</a><a class="tag" taget="_blank" href="/search/linux/1.htm">linux</a><a class="tag" taget="_blank" href="/search/centos/1.htm">centos</a><a class="tag" taget="_blank" href="/search/wget/1.htm">wget</a><a class="tag" taget="_blank" href="/search/wget2/1.htm">wget2</a>
<div>提示:“奔跑吧邓邓子”的高效运维专栏聚焦于各类运维场景中的实际操作与问题解决。内容涵盖服务器硬件(如IBMSystem3650M5)、云服务平台(如腾讯云、华为云)、服务器软件(如Nginx、Apache、GitLab、Redis、Elasticsearch、Kubernetes、Docker等)、开发工具(如Git、HBuilder)以及网络安全(如挖矿病毒排查、SSL证书配置)等多个方面。无论</div>
</li>
<li><a href="/article/1882246914846552064.htm"
title="K8s架构与组件" target="_blank">K8s架构与组件</a>
<span class="text-muted">稚辉君.MCA_P8_Java</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a><a class="tag" taget="_blank" href="/search/%E7%BD%91%E7%BB%9C/1.htm">网络</a>
<div>一、K8s架构在Master通常上包括kube-apiserver、etcd存储、kube-controller-manager、cloud-controller-manager、kube-scheduler和用于K8s服务的DNS服务器(插件)。这些对集群做出全局决策(比如调度),以及检测和响应集群事件的组件集合也称为控制平面。其实K8s官方并没有Master这一说,只是大多数安装工具(kube</div>
</li>
<li><a href="/article/1882186874697609216.htm"
title="prometheus监控k8s的metric详解-01(apiserver部分)" target="_blank">prometheus监控k8s的metric详解-01(apiserver部分)</a>
<span class="text-muted">玄德公笔记</span>
<a class="tag" taget="_blank" href="/search/%23/1.htm">#</a><a class="tag" taget="_blank" href="/search/%E5%B8%B8%E7%94%A8%E6%9C%8D%E5%8A%A1-Prometheus/1.htm">常用服务-Prometheus</a><a class="tag" taget="_blank" href="/search/%E7%9B%91%E6%8E%A7/1.htm">监控</a><a class="tag" taget="_blank" href="/search/prometheus/1.htm">prometheus</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/metric/1.htm">metric</a><a class="tag" taget="_blank" href="/search/k8s%E7%9B%91%E6%8E%A7/1.htm">k8s监控</a><a class="tag" taget="_blank" href="/search/apiserver/1.htm">apiserver</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>文章目录1.apiserveradmission(准入)和audit(审计)1.1准入控制器调用次数1.1.1`apiserver_admission_controller_admission_duration_seconds_count`1.1.2`apiserver_admission_controller_admission_duration_seconds_bucket`1.1.3`api</div>
</li>
<li><a href="/article/1882184605084217344.htm"
title="Docker 和 Kubernetes" target="_blank">Docker 和 Kubernetes</a>
<span class="text-muted">小馋喵知识杂货铺</span>
<a class="tag" taget="_blank" href="/search/%E6%80%A7%E8%83%BD/1.htm">性能</a><a class="tag" taget="_blank" href="/search/docker/1.htm">docker</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a>
<div>Docker和Kubernetes(K8s)是当前最流行的容器化技术,用于开发、部署和管理应用程序。它们通常一起使用,提供从开发到生产的完整生命周期管理,特别是在微服务架构和云原生应用的开发中。1.Docker简介Docker是一个开源的容器化平台,它可以将应用及其所有依赖项打包在一个统一的容器中,从而简化了软件的开发、部署、运行和管理。容器化应用具有跨平台、一致性强、启动速度快等特点。容器:一个</div>
</li>
<li><a href="/article/1882117612347912192.htm"
title="Kubeadm自动化部署kubernetes 1.29.1" target="_blank">Kubeadm自动化部署kubernetes 1.29.1</a>
<span class="text-muted">爱喝荔枝味嘉宾</span>
<a class="tag" taget="_blank" href="/search/%E8%87%AA%E5%8A%A8%E5%8C%96/1.htm">自动化</a><a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/docker/1.htm">docker</a>
<div>基础环境配置服务器:centos7.720191、规划网络环境:192.168.7.20k8s-master.linux.com2U4G192.168.7.21k8s-node01.linux.com2U8G192.168.7.22k8s-node02.linux.com2U8G!!!!注意以下步骤三个机器都需要执行2、配置master与node的主机名解析┌─[k8s-master]─[~]└─</div>
</li>
<li><a href="/article/1882116603458416640.htm"
title="《Kubernetes部署篇:基于麒麟V10+ARM64架构部署harbor v2.4.0镜像仓库》" target="_blank">《Kubernetes部署篇:基于麒麟V10+ARM64架构部署harbor v2.4.0镜像仓库》</a>
<span class="text-muted">东城绝神</span>
<a class="tag" taget="_blank" href="/search/%E3%80%8ALinux%E8%BF%90%E7%BB%B4%E5%AE%9E%E6%88%98%E6%80%BB%E7%BB%93%E3%80%8B/1.htm">《Linux运维实战总结》</a><a class="tag" taget="_blank" href="/search/arm64/1.htm">arm64</a><a class="tag" taget="_blank" href="/search/harbor/1.htm">harbor</a>
<div>总结:整理不易,如果对你有帮助,可否点赞关注一下?更多详细内容请参考:企业级K8s集群运维实战一、环境信息K8S版本操作系统CPU架构服务版本1.26.15KylinLinuxAdvancedServerV10ARM64harborv2.4.0二、部署操作2.1、资源包下载说明:如果你从别处找来的镜像,redis提示报错ignore-warningsARM64-COW-BUG,可以重新编译redi</div>
</li>
<li><a href="/article/1882092021116628992.htm"
title="K8S中Service详解(二)" target="_blank">K8S中Service详解(二)</a>
<span class="text-muted">元气满满的热码式</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E7%BD%91%E7%BB%9C/1.htm">网络</a><a class="tag" taget="_blank" href="/search/linux/1.htm">linux</a>
<div>Service类型Service的资源清单文件:---kind:Service#资源类型apiVersion:v1#资源版本metadata:#元数据name:service#资源名称namespace:dev#命名空间spec:#描述selector:#标签选择器,用于确定当前service代理哪些podapp:nginxtype:ClusterIP#Service类型,指定service的访问</div>
</li>
<li><a href="/article/1882046508778450944.htm"
title="搭建k8s集群" target="_blank">搭建k8s集群</a>
<span class="text-muted">zhen24</span>
<a class="tag" taget="_blank" href="/search/kubernetes/1.htm">kubernetes</a><a class="tag" taget="_blank" href="/search/%E5%AE%B9%E5%99%A8/1.htm">容器</a><a class="tag" taget="_blank" href="/search/%E4%BA%91%E5%8E%9F%E7%94%9F/1.htm">云原生</a>
<div>一、准备工作(所有节点)在开始部署之前,我们需要对所有节点进行以下准备工作。1.1、关闭防火墙#关闭防火墙systemctlstopfirewalld#禁止防火墙开机自启systemctldisablefirewalld1.2、关闭SELinux#永久关闭SELinuxsed-i's/enforcing/disabled/'/etc/selinux/config#重启系统使更改生效reboot#临</div>
</li>
<li><a href="/article/101.htm"
title="数据采集高并发的架构应用" target="_blank">数据采集高并发的架构应用</a>
<span class="text-muted">3golden</span>
<a class="tag" taget="_blank" href="/search/.net/1.htm">.net</a>
<div>问题的出发点:
最近公司为了发展需要,要扩大对用户的信息采集,每个用户的采集量估计约2W。如果用户量增加的话,将会大量照成采集量成3W倍的增长,但是又要满足日常业务需要,特别是指令要及时得到响应的频率次数远大于预期。
&n</div>
</li>
<li><a href="/article/228.htm"
title="不停止 MySQL 服务增加从库的两种方式" target="_blank">不停止 MySQL 服务增加从库的两种方式</a>
<span class="text-muted">brotherlamp</span>
<a class="tag" taget="_blank" href="/search/linux/1.htm">linux</a><a class="tag" taget="_blank" href="/search/linux%E8%A7%86%E9%A2%91/1.htm">linux视频</a><a class="tag" taget="_blank" href="/search/linux%E8%B5%84%E6%96%99/1.htm">linux资料</a><a class="tag" taget="_blank" href="/search/linux%E6%95%99%E7%A8%8B/1.htm">linux教程</a><a class="tag" taget="_blank" href="/search/linux%E8%87%AA%E5%AD%A6/1.htm">linux自学</a>
<div>现在生产环境MySQL数据库是一主一从,由于业务量访问不断增大,故再增加一台从库。前提是不能影响线上业务使用,也就是说不能重启MySQL服务,为了避免出现其他情况,选择在网站访问量低峰期时间段操作。
一般在线增加从库有两种方式,一种是通过mysqldump备份主库,恢复到从库,mysqldump是逻辑备份,数据量大时,备份速度会很慢,锁表的时间也会很长。另一种是通过xtrabacku</div>
</li>
<li><a href="/article/355.htm"
title="Quartz——SimpleTrigger触发器" target="_blank">Quartz——SimpleTrigger触发器</a>
<span class="text-muted">eksliang</span>
<a class="tag" taget="_blank" href="/search/SimpleTrigger/1.htm">SimpleTrigger</a><a class="tag" taget="_blank" href="/search/TriggerUtils/1.htm">TriggerUtils</a><a class="tag" taget="_blank" href="/search/quartz/1.htm">quartz</a>
<div>转载请出自出处:http://eksliang.iteye.com/blog/2208166 一.概述
SimpleTrigger触发器,当且仅需触发一次或者以固定时间间隔周期触发执行;
二.SimpleTrigger的构造函数
SimpleTrigger(String name, String group):通过该构造函数指定Trigger所属组和名称;
Simpl</div>
</li>
<li><a href="/article/482.htm"
title="Informatica应用(1)" target="_blank">Informatica应用(1)</a>
<span class="text-muted">18289753290</span>
<a class="tag" taget="_blank" href="/search/sql/1.htm">sql</a><a class="tag" taget="_blank" href="/search/workflow/1.htm">workflow</a><a class="tag" taget="_blank" href="/search/lookup/1.htm">lookup</a><a class="tag" taget="_blank" href="/search/%E7%BB%84%E4%BB%B6/1.htm">组件</a><a class="tag" taget="_blank" href="/search/Informatica/1.htm">Informatica</a>
<div>1.如果要在workflow中调用shell脚本有一个command组件,在里面设置shell的路径;调度wf可以右键出现schedule,现在用的是HP的tidal调度wf的执行。
2.designer里面的router类似于SSIS中的broadcast(多播组件);Reset_Workflow_Var:参数重置 (比如说我这个参数初始是1在workflow跑得过程中变成了3我要在结束时还要</div>
</li>
<li><a href="/article/609.htm"
title="python 获取图片验证码中文字" target="_blank">python 获取图片验证码中文字</a>
<span class="text-muted">酷的飞上天空</span>
<a class="tag" taget="_blank" href="/search/python/1.htm">python</a>
<div>根据现成的开源项目 http://code.google.com/p/pytesser/改写
在window上用easy_install安装不上 看了下源码发现代码很少 于是就想自己改写一下
添加支持网络图片的直接解析
#coding:utf-8
#import sys
#reload(sys)
#sys.s</div>
</li>
<li><a href="/article/736.htm"
title="AJAX" target="_blank">AJAX</a>
<span class="text-muted">永夜-极光</span>
<a class="tag" taget="_blank" href="/search/Ajax/1.htm">Ajax</a>
<div>1.AJAX功能:动态更新页面,减少流量消耗,减轻服务器负担
2.代码结构:
<html>
<head>
<script type="text/javascript">
function loadXMLDoc()
{
.... AJAX script goes here ...
</div>
</li>
<li><a href="/article/863.htm"
title="创业OR读研" target="_blank">创业OR读研</a>
<span class="text-muted">随便小屋</span>
<a class="tag" taget="_blank" href="/search/%E5%88%9B%E4%B8%9A/1.htm">创业</a>
<div> 现在研一,有种想创业的想法,不知道该不该去实施。因为对于的我情况这两者是矛盾的,可能就是鱼与熊掌不能兼得。
研一的生活刚刚过去两个月,我们学校主要的是</div>
</li>
<li><a href="/article/990.htm"
title="需求做得好与坏直接关系着程序员生活质量" target="_blank">需求做得好与坏直接关系着程序员生活质量</a>
<span class="text-muted">aijuans</span>
<a class="tag" taget="_blank" href="/search/IT+%E7%94%9F%E6%B4%BB/1.htm">IT 生活</a>
<div>
这个故事还得从去年换工作的事情说起,由于自己不太喜欢第一家公司的环境我选择了换一份工作。去年九月份我入职现在的这家公司,专门从事金融业内软件的开发。十一月份我们整个项目组前往北京做现场开发,从此苦逼的日子开始了。
系统背景:五月份就有同事前往甲方了解需求一直到6月份,后续几个月也完</div>
</li>
<li><a href="/article/1117.htm"
title="如何定义和区分高级软件开发工程师" target="_blank">如何定义和区分高级软件开发工程师</a>
<span class="text-muted">aoyouzi</span>
<div>在软件开发领域,高级开发工程师通常是指那些编写代码超过 3 年的人。这些人可能会被放到领导的位置,但经常会产生非常糟糕的结果。Matt Briggs 是一名高级开发工程师兼 Scrum 管理员。他认为,单纯使用年限来划分开发人员存在问题,两个同样具有 10 年开发经验的开发人员可能大不相同。近日,他发表了一篇博文,根据开发者所能发挥的作用划分软件开发工程师的成长阶段。
初</div>
</li>
<li><a href="/article/1244.htm"
title="Servlet的请求与响应" target="_blank">Servlet的请求与响应</a>
<span class="text-muted">百合不是茶</span>
<a class="tag" taget="_blank" href="/search/servlet/1.htm">servlet</a><a class="tag" taget="_blank" href="/search/get%E6%8F%90%E4%BA%A4/1.htm">get提交</a><a class="tag" taget="_blank" href="/search/java%E5%A4%84%E7%90%86post%E6%8F%90%E4%BA%A4/1.htm">java处理post提交</a>
<div>
Servlet是tomcat中的一个重要组成,也是负责客户端和服务端的中介
1,Http的请求方式(get ,post);
客户端的请求一般都会都是Servlet来接受的,在接收之前怎么来确定是那种方式提交的,以及如何反馈,Servlet中有相应的方法, http的get方式 servlet就是都doGet(</div>
</li>
<li><a href="/article/1371.htm"
title="web.xml配置详解之listener" target="_blank">web.xml配置详解之listener</a>
<span class="text-muted">bijian1013</span>
<a class="tag" taget="_blank" href="/search/java/1.htm">java</a><a class="tag" taget="_blank" href="/search/web.xml/1.htm">web.xml</a><a class="tag" taget="_blank" href="/search/listener/1.htm">listener</a>
<div>一.定义
<listener>
<listen-class>com.myapp.MyListener</listen-class>
</listener>
二.作用 该元素用来注册一个监听器类。可以收到事件什么时候发生以及用什么作为响</div>
</li>
<li><a href="/article/1498.htm"
title="Web页面性能优化(yahoo技术)" target="_blank">Web页面性能优化(yahoo技术)</a>
<span class="text-muted">Bill_chen</span>
<a class="tag" taget="_blank" href="/search/JavaScript/1.htm">JavaScript</a><a class="tag" taget="_blank" href="/search/Ajax/1.htm">Ajax</a><a class="tag" taget="_blank" href="/search/Web/1.htm">Web</a><a class="tag" taget="_blank" href="/search/css/1.htm">css</a><a class="tag" taget="_blank" href="/search/Yahoo/1.htm">Yahoo</a>
<div>1.尽可能的减少HTTP请求数 content
2.使用CDN server
3.添加Expires头(或者 Cache-control) server
4.Gzip 组件 server
5.把CSS样式放在页面的上方。 css
6.将脚本放在底部(包括内联的) javascript
7.避免在CSS中使用Expressions css
8.将javascript和css独立成外部文</div>
</li>
<li><a href="/article/1625.htm"
title="【MongoDB学习笔记八】MongoDB游标、分页查询、查询结果排序" target="_blank">【MongoDB学习笔记八】MongoDB游标、分页查询、查询结果排序</a>
<span class="text-muted">bit1129</span>
<a class="tag" taget="_blank" href="/search/mongodb/1.htm">mongodb</a>
<div>游标
游标,简单的说就是一个查询结果的指针。游标作为数据库的一个对象,使用它是包括
声明
打开
循环抓去一定数目的文档直到结果集中的所有文档已经抓取完
关闭游标
游标的基本用法,类似于JDBC的ResultSet(hasNext判断是否抓去完,next移动游标到下一条文档),在获取一个文档集时,可以提供一个类似JDBC的FetchSize</div>
</li>
<li><a href="/article/1752.htm"
title="ORA-12514 TNS 监听程序当前无法识别连接描述符中请求服务 的解决方法" target="_blank">ORA-12514 TNS 监听程序当前无法识别连接描述符中请求服务 的解决方法</a>
<span class="text-muted">白糖_</span>
<a class="tag" taget="_blank" href="/search/ORA-12514/1.htm">ORA-12514</a>
<div> 今天通过Oracle SQL*Plus连接远端服务器的时候提示“监听程序当前无法识别连接描述符中请求服务”,遂在网上找到了解决方案:
①打开Oracle服务器安装目录\NETWORK\ADMIN\listener.ora文件,你会看到如下信息:
# listener.ora Network Configuration File: D:\database\Oracle\net</div>
</li>
<li><a href="/article/1879.htm"
title="Eclipse 问题 A resource exists with a different case" target="_blank">Eclipse 问题 A resource exists with a different case</a>
<span class="text-muted">bozch</span>
<a class="tag" taget="_blank" href="/search/eclipse/1.htm">eclipse</a>
<div>在使用Eclipse进行开发的时候,出现了如下的问题:
Description Resource Path Location TypeThe project was not built due to "A resource exists with a different case: '/SeenTaoImp_zhV2/bin/seentao'.&</div>
</li>
<li><a href="/article/2006.htm"
title="编程之美-小飞的电梯调度算法" target="_blank">编程之美-小飞的电梯调度算法</a>
<span class="text-muted">bylijinnan</span>
<a class="tag" taget="_blank" href="/search/%E7%BC%96%E7%A8%8B%E4%B9%8B%E7%BE%8E/1.htm">编程之美</a>
<div>
public class AptElevator {
/**
* 编程之美 小飞 电梯调度算法
* 在繁忙的时间,每次电梯从一层往上走时,我们只允许电梯停在其中的某一层。
* 所有乘客都从一楼上电梯,到达某层楼后,电梯听下来,所有乘客再从这里爬楼梯到自己的目的层。
* 在一楼时,每个乘客选择自己的目的层,电梯则自动计算出应停的楼层。
* 问:电梯停在哪</div>
</li>
<li><a href="/article/2133.htm"
title="SQL注入相关概念" target="_blank">SQL注入相关概念</a>
<span class="text-muted">chenbowen00</span>
<a class="tag" taget="_blank" href="/search/sql/1.htm">sql</a><a class="tag" taget="_blank" href="/search/Web/1.htm">Web</a><a class="tag" taget="_blank" href="/search/%E5%AE%89%E5%85%A8/1.htm">安全</a>
<div>SQL Injection:就是通过把SQL命令插入到Web表单递交或输入域名或页面请求的查询字符串,最终达到欺骗服务器执行恶意的SQL命令。
具体来说,它是利用现有应用程序,将(恶意)的SQL命令注入到后台数据库引擎执行的能力,它可以通过在Web表单中输入(恶意)SQL语句得到一个存在安全漏洞的网站上的数据库,而不是按照设计者意图去执行SQL语句。
首先让我们了解什么时候可能发生SQ</div>
</li>
<li><a href="/article/2260.htm"
title="[光与电]光子信号战防御原理" target="_blank">[光与电]光子信号战防御原理</a>
<span class="text-muted">comsci</span>
<a class="tag" taget="_blank" href="/search/%E5%8E%9F%E7%90%86/1.htm">原理</a>
<div>
无论是在战场上,还是在后方,敌人都有可能用光子信号对人体进行控制和攻击,那么采取什么样的防御方法,最简单,最有效呢?
我们这里有几个山寨的办法,可能有些作用,大家如果有兴趣可以去实验一下
根据光</div>
</li>
<li><a href="/article/2387.htm"
title="oracle 11g新特性:Pending Statistics" target="_blank">oracle 11g新特性:Pending Statistics</a>
<span class="text-muted">daizj</span>
<a class="tag" taget="_blank" href="/search/oracle/1.htm">oracle</a><a class="tag" taget="_blank" href="/search/dbms_stats/1.htm">dbms_stats</a>
<div>oracle 11g新特性:Pending Statistics 转
从11g开始,表与索引的统计信息收集完毕后,可以选择收集的统信息立即发布,也可以选择使新收集的统计信息处于pending状态,待确定处于pending状态的统计信息是安全的,再使处于pending状态的统计信息发布,这样就会避免一些因为收集统计信息立即发布而导致SQL执行计划走错的灾难。
在 11g 之前的版本中,D</div>
</li>
<li><a href="/article/2514.htm"
title="快速理解RequireJs" target="_blank">快速理解RequireJs</a>
<span class="text-muted">dengkane</span>
<a class="tag" taget="_blank" href="/search/jquery/1.htm">jquery</a><a class="tag" taget="_blank" href="/search/requirejs/1.htm">requirejs</a>
<div>RequireJs已经流行很久了,我们在项目中也打算使用它。它提供了以下功能:
声明不同js文件之间的依赖
可以按需、并行、延时载入js库
可以让我们的代码以模块化的方式组织
初看起来并不复杂。 在html中引入requirejs
在HTML中,添加这样的 <script> 标签:
<script src="/path/to</div>
</li>
<li><a href="/article/2641.htm"
title="C语言学习四流程控制if条件选择、for循环和强制类型转换" target="_blank">C语言学习四流程控制if条件选择、for循环和强制类型转换</a>
<span class="text-muted">dcj3sjt126com</span>
<a class="tag" taget="_blank" href="/search/c/1.htm">c</a>
<div># include <stdio.h>
int main(void)
{
int i, j;
scanf("%d %d", &i, &j);
if (i > j)
printf("i大于j\n");
else
printf("i小于j\n");
retu</div>
</li>
<li><a href="/article/2768.htm"
title="dictionary的使用要注意" target="_blank">dictionary的使用要注意</a>
<span class="text-muted">dcj3sjt126com</span>
<a class="tag" taget="_blank" href="/search/IO/1.htm">IO</a>
<div>NSDictionary *dict = [NSDictionary dictionaryWithObjectsAndKeys:
user.user_id , @"id",
user.username , @"username",
</div>
</li>
<li><a href="/article/2895.htm"
title="Android 中的资源访问(Resource)" target="_blank">Android 中的资源访问(Resource)</a>
<span class="text-muted">finally_m</span>
<a class="tag" taget="_blank" href="/search/xml/1.htm">xml</a><a class="tag" taget="_blank" href="/search/android/1.htm">android</a><a class="tag" taget="_blank" href="/search/String/1.htm">String</a><a class="tag" taget="_blank" href="/search/drawable/1.htm">drawable</a><a class="tag" taget="_blank" href="/search/color/1.htm">color</a>
<div>
简单的说,Android中的资源是指非代码部分。例如,在我们的Android程序中要使用一些图片来设置界面,要使用一些音频文件来设置铃声,要使用一些动画来显示特效,要使用一些字符串来显示提示信息。那么,这些图片、音频、动画和字符串等叫做Android中的资源文件。
在Eclipse创建的工程中,我们可以看到res和assets两个文件夹,是用来保存资源文件的,在assets中保存的一般是原生</div>
</li>
<li><a href="/article/3022.htm"
title="Spring使用Cache、整合Ehcache" target="_blank">Spring使用Cache、整合Ehcache</a>
<span class="text-muted">234390216</span>
<a class="tag" taget="_blank" href="/search/spring/1.htm">spring</a><a class="tag" taget="_blank" href="/search/cache/1.htm">cache</a><a class="tag" taget="_blank" href="/search/ehcache/1.htm">ehcache</a><a class="tag" taget="_blank" href="/search/%40Cacheable/1.htm">@Cacheable</a>
<div>Spring使用Cache
从3.1开始,Spring引入了对Cache的支持。其使用方法和原理都类似于Spring对事务管理的支持。Spring Cache是作用在方法上的,其核心思想是这样的:当我们在调用一个缓存方法时会把该方法参数和返回结果作为一个键值对存放在缓存中,等到下次利用同样的</div>
</li>
<li><a href="/article/3149.htm"
title="当druid遇上oracle blob(clob)" target="_blank">当druid遇上oracle blob(clob)</a>
<span class="text-muted">jackyrong</span>
<a class="tag" taget="_blank" href="/search/oracle/1.htm">oracle</a>
<div>http://blog.csdn.net/renfufei/article/details/44887371
众所周知,Oracle有很多坑, 所以才有了去IOE。
在使用Druid做数据库连接池后,其实偶尔也会碰到小坑,这就是使用开源项目所必须去填平的。【如果使用不开源的产品,那就不是坑,而是陷阱了,你都不知道怎么去填坑】
用Druid连接池,通过JDBC往Oracle数据库的</div>
</li>
<li><a href="/article/3276.htm"
title="easyui datagrid pagination获得分页页码、总页数等信息" target="_blank">easyui datagrid pagination获得分页页码、总页数等信息</a>
<span class="text-muted">ldzyz007</span>
<div>var grid = $('#datagrid');
var options = grid.datagrid('getPager').data("pagination").options;
var curr = options.pageNumber;
var total = options.total;
var max =</div>
</li>
<li><a href="/article/3403.htm"
title="浅析awk里的数组" target="_blank">浅析awk里的数组</a>
<span class="text-muted">nigelzeng</span>
<a class="tag" taget="_blank" href="/search/%E4%BA%8C%E7%BB%B4%E6%95%B0%E7%BB%84/1.htm">二维数组</a><a class="tag" taget="_blank" href="/search/array/1.htm">array</a><a class="tag" taget="_blank" href="/search/%E6%95%B0%E7%BB%84/1.htm">数组</a><a class="tag" taget="_blank" href="/search/awk/1.htm">awk</a>
<div>awk绝对是文本处理中的神器,它本身也是一门编程语言,还有许多功能本人没有使用到。这篇文章就单单针对awk里的数组来进行讨论,如何利用数组来帮助完成文本分析。
有这么一组数据:
abcd,91#31#2012-12-31 11:24:00
case_a,136#19#2012-12-31 11:24:00
case_a,136#23#2012-12-31 1</div>
</li>
<li><a href="/article/3530.htm"
title="搭建 CentOS 6 服务器(6) - TigerVNC" target="_blank">搭建 CentOS 6 服务器(6) - TigerVNC</a>
<span class="text-muted">rensanning</span>
<a class="tag" taget="_blank" href="/search/centos/1.htm">centos</a>
<div>安装GNOME桌面环境
# yum groupinstall "X Window System" "Desktop"
安装TigerVNC
# yum -y install tigervnc-server tigervnc
启动VNC服务
# /etc/init.d/vncserver restart
# vncser</div>
</li>
<li><a href="/article/3657.htm"
title="Spring 数据库连接整理" target="_blank">Spring 数据库连接整理</a>
<span class="text-muted">tomcat_oracle</span>
<a class="tag" taget="_blank" href="/search/spring/1.htm">spring</a><a class="tag" taget="_blank" href="/search/bean/1.htm">bean</a><a class="tag" taget="_blank" href="/search/jdbc/1.htm">jdbc</a>
<div>1、数据库连接jdbc.properties配置详解 jdbc.url=jdbc:hsqldb:hsql://localhost/xdb jdbc.username=sa jdbc.password= jdbc.driver=不同的数据库厂商驱动,此处不一一列举 接下来,详细配置代码如下:
Spring连接池 </div>
</li>
<li><a href="/article/3784.htm"
title="Dom4J解析使用xpath java.lang.NoClassDefFoundError: org/jaxen/JaxenException异常" target="_blank">Dom4J解析使用xpath java.lang.NoClassDefFoundError: org/jaxen/JaxenException异常</a>
<span class="text-muted">xp9802</span>
<div>用Dom4J解析xml,以前没注意,今天使用dom4j包解析xml时在xpath使用处报错
异常栈:java.lang.NoClassDefFoundError: org/jaxen/JaxenException异常
导入包 jaxen-1.1-beta-6.jar 解决;
&nb</div>
</li>
</ul>
</div>
</div>
</div>
<div>
<div class="container">
<div class="indexes">
<strong>按字母分类:</strong>
<a href="/tags/A/1.htm" target="_blank">A</a><a href="/tags/B/1.htm" target="_blank">B</a><a href="/tags/C/1.htm" target="_blank">C</a><a
href="/tags/D/1.htm" target="_blank">D</a><a href="/tags/E/1.htm" target="_blank">E</a><a href="/tags/F/1.htm" target="_blank">F</a><a
href="/tags/G/1.htm" target="_blank">G</a><a href="/tags/H/1.htm" target="_blank">H</a><a href="/tags/I/1.htm" target="_blank">I</a><a
href="/tags/J/1.htm" target="_blank">J</a><a href="/tags/K/1.htm" target="_blank">K</a><a href="/tags/L/1.htm" target="_blank">L</a><a
href="/tags/M/1.htm" target="_blank">M</a><a href="/tags/N/1.htm" target="_blank">N</a><a href="/tags/O/1.htm" target="_blank">O</a><a
href="/tags/P/1.htm" target="_blank">P</a><a href="/tags/Q/1.htm" target="_blank">Q</a><a href="/tags/R/1.htm" target="_blank">R</a><a
href="/tags/S/1.htm" target="_blank">S</a><a href="/tags/T/1.htm" target="_blank">T</a><a href="/tags/U/1.htm" target="_blank">U</a><a
href="/tags/V/1.htm" target="_blank">V</a><a href="/tags/W/1.htm" target="_blank">W</a><a href="/tags/X/1.htm" target="_blank">X</a><a
href="/tags/Y/1.htm" target="_blank">Y</a><a href="/tags/Z/1.htm" target="_blank">Z</a><a href="/tags/0/1.htm" target="_blank">其他</a>
</div>
</div>
</div>
<footer id="footer" class="mb30 mt30">
<div class="container">
<div class="footBglm">
<a target="_blank" href="/">首页</a> -
<a target="_blank" href="/custom/about.htm">关于我们</a> -
<a target="_blank" href="/search/Java/1.htm">站内搜索</a> -
<a target="_blank" href="/sitemap.txt">Sitemap</a> -
<a target="_blank" href="/custom/delete.htm">侵权投诉</a>
</div>
<div class="copyright">版权所有 IT知识库 CopyRight © 2000-2050 E-COM-NET.COM , All Rights Reserved.
<!-- <a href="https://beian.miit.gov.cn/" rel="nofollow" target="_blank">京ICP备09083238号</a><br>-->
</div>
</div>
</footer>
<!-- 代码高亮 -->
<script type="text/javascript" src="/static/syntaxhighlighter/scripts/shCore.js"></script>
<script type="text/javascript" src="/static/syntaxhighlighter/scripts/shLegacy.js"></script>
<script type="text/javascript" src="/static/syntaxhighlighter/scripts/shAutoloader.js"></script>
<link type="text/css" rel="stylesheet" href="/static/syntaxhighlighter/styles/shCoreDefault.css"/>
<script type="text/javascript" src="/static/syntaxhighlighter/src/my_start_1.js"></script>
</body>
</html>