Deployment控制器
~]# kubectl create deployment demoapp --image=ikubernetes/demoapp:v1.0 --replicas=4 --port=80 --dry-run=client -oyaml > demoapp.yaml
~]# cat demoapp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: demoapp
name: demoapp
spec:
replicas: 4
selector:
matchLabels:
app: demoapp
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: demoapp
spec:
containers:
- image: ikubernetes/demoapp:v1.0
name: demoapp
ports:
- containerPort: 80
resources: {}
status: {}
~]# kubectl apply -f demoapp.yaml
~]# kubectl get po
NAME READY STATUS RESTARTS AGE
demoapp-86498d9584-fsg8q 1/1 Running 0 30s
demoapp-86498d9584-mr26m 1/1 Running 0 30s
demoapp-86498d9584-nf6cs 1/1 Running 0 29s
demoapp-86498d9584-p24gd 1/1 Running 0 30s
~]# kubectl explain deploy.spec.minReadySeconds
KIND: Deployment
VERSION: apps/v1
FIELD: minReadySeconds
DESCRIPTION:
Minimum number of seconds for which a newly created pod should be ready
without any of its container crashing, for it to be considered available.
Defaults to 0 (pod will be considered available as soon as it is ready)
~]# kubectl patch deploy demoapp -p '{"spec":{"minReadySeconds":30}}'
# 将镜像版本修改为 1.1,重新apply
~]# kubectl apply -f demoapp.yaml
# 或者直接执行 kubectl set image 命令
~]# kubectl set image deploy demoapp demoapp=ikubernetes/demoapp:v1.0
# 查看滚动升级历史记录
~]# kubectl rollout history deployment demoapp
deployment.apps/demoapp
REVISION CHANGE-CAUSE
1
2
~]# kubectl rollout history deployment demoapp --revision=1
deployment.apps/demoapp with revision #1
Pod Template:
Labels: app=demoapp
pod-template-hash=86498d9584
Containers:
demoapp:
Image: ikubernetes/demoapp:v1.0
Port: 80/TCP
Host Port: 0/TCP
Environment:
Mounts:
Volumes:
~]# kubectl rollout history deployment demoapp --revision=2
deployment.apps/demoapp with revision #2
Pod Template:
Labels: app=demoapp
pod-template-hash=5c5d8c4555
Containers:
demoapp:
Image: ikubernetes/demoapp:v1.1
Port: 80/TCP
Host Port: 0/TCP
Environment:
Mounts:
Volumes:
# Deployment 更新采用滚动更新策略,过程就是 Deployment 通过创建新的 ReplicaSet 并将其扩展到 3 个副本以及将旧的 ReplicaSet 缩小到 0 个副本来更新 Pod
~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
demoapp-5c5d8c4555 4 4 4 3h32m
demoapp-86498d9584 0 0 0 3h32m
# 回滚到上一版本
~]# kubectl rollout undo deployment demoapp
# 回滚到指定的revision
~]# kubectl rollout undo --to-revision=2 deployment demoapp
~]# kubectl patch deploy demoapp -p '{"spec": {"strategy":{"rollingUpdate": {"maxSurge": 1, "maxUnavailable":0}}}}'
# 金丝雀发布,执行完更新操作以后立即执行暂停更新
~]# kubectl set image deploy demoapp demoapp=ikubernetes/demoapp:v1.2 && kubectl rollout pause deploy demoapp
deployment.apps/demoapp image updated
deployment.apps/demoapp paused
~]# kubectl get po
NAME READY STATUS RESTARTS AGE
demoapp-569494bfd-qxz6f 1/1 Running 0 52s <- 新版本
demoapp-5c5d8c4555-9x5t2 1/1 Running 0 6m59s
demoapp-5c5d8c4555-d6hdk 1/1 Running 0 6m56s
demoapp-5c5d8c4555-wlg9q 1/1 Running 0 6m58s
demoapp-5c5d8c4555-zw87p 1/1 Running 0 6m56s
~]# kubectl rollout status deployment demoapp
Waiting for deployment "demoapp" rollout to finish: 1 out of 4 new replicas have been updated...
# 如果新版本没有问题,则执行 resume 命令,否则执行 undo 命令回滚到上一版本
~]# kubectl rollout resume deploy demoapp
~]# kubectl rollout status deployment demoapp
Waiting for deployment "demoapp" rollout to finish: 1 out of 4 new replicas have been updated...
Waiting for deployment spec update to be observed...
Waiting for deployment spec update to be observed...
Waiting for deployment "demoapp" rollout to finish: 1 out of 4 new replicas have been updated...
Waiting for deployment "demoapp" rollout to finish: 2 out of 4 new replicas have been updated...
Waiting for deployment "demoapp" rollout to finish: 2 out of 4 new replicas have been updated...
Waiting for deployment "demoapp" rollout to finish: 2 out of 4 new replicas have been updated...
Waiting for deployment "demoapp" rollout to finish: 2 out of 4 new replicas have been updated...
Waiting for deployment "demoapp" rollout to finish: 3 out of 4 new replicas have been updated...
Waiting for deployment "demoapp" rollout to finish: 3 out of 4 new replicas have been updated...
Waiting for deployment "demoapp" rollout to finish: 3 out of 4 new replicas have been updated...
Waiting for deployment "demoapp" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "demoapp" rollout to finish: 1 old replicas are pending termination...
deployment "demoapp" successfully rolled out
NodePort Service
部署Kubernetes集群系统时会预留一个端口范围,专用于分配给需要用到NodePort的Service对象,
该端口范围默认为30000~32767(kube-apiserver --service-node-port-range 参数指定)。
NodePort类型的Service资源需要显式定义.spec.type字段值为NodePort,必要时还可以手动指定具体的节点端口号。
NodePort类型的Service对象会对请求报文同时进行源地址转换(SNAT)和目标地址转换(DNAT)操作。
~]# kubectl expose deployment demoapp --type=NodePort --port=80 --target-port=80 --dry-run -oyaml > demoapp-svc.yaml
~]# vi demoapp-svc.yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: demoapp
name: demoapp
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
nodePort: 30080 # 指定在各节点上监听的端口
selector:
app: demoapp
type: NodePort
status:
loadBalancer: {}
~]# kubectl apply -f demoapp-svc.yaml
~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
demoapp NodePort 10.100.85.144 80:30080/TCP 6m6s
kubernetes ClusterIP 10.96.0.1 443/TCP 20d
# 访问本地监听的 30080 端口
~]# while true; do curl -s 10.0.2.11:30080; sleep 1; done
iKubernetes demoapp v1.2 !! ClientIP: 10.244.0.0, ServerName: demoapp-569494bfd-8shff, ServerIP: 10.244.1.40!
iKubernetes demoapp v1.2 !! ClientIP: 10.244.0.0, ServerName: demoapp-569494bfd-qxz6f, ServerIP: 10.244.1.39!
iKubernetes demoapp v1.2 !! ClientIP: 10.244.0.0, ServerName: demoapp-569494bfd-79sfs, ServerIP: 10.244.1.42!
iKubernetes demoapp v1.2 !! ClientIP: 10.244.0.0, ServerName: demoapp-569494bfd-mw7qb, ServerIP: 10.244.1.41!
iKubernetes demoapp v1.2 !! ClientIP: 10.244.0.0, ServerName: demoapp-569494bfd-8shff, ServerIP: 10.244.1.40!
iKubernetes demoapp v1.2 !! ClientIP: 10.244.0.0, ServerName: demoapp-569494bfd-qxz6f, ServerIP: 10.244.1.39!
......
使用nfs、configmap为pod提供数据和配置共享
# CentOS7 安装nfs服务
~]# yum install nfs-utils -y
# 启动 nfs 服务
~]# systemctl enable rpcbind nfs-server && systemctl start rpcbind nfs-server
# 共享 /data/nfs 目录
~]# echo "/data/nfs 10.0.2.0/24(rw,no_root_squash)" >> /etc/exports
# 更新共享配置
~]# exportfs -rv
exporting 10.0.2.0/24:/data/nfs
~]# exportfs -v
/data/nfs 10.0.2.0/24(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)
~]# vi default.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /data/nfs;
index index.html index.htm;
}
}
~]# kubectl create configmap default-config --from-file default.conf --dry-run -oyaml
W0121 15:19:54.120102 31199 helpers.go:598] --dry-run is deprecated and can be replaced with --dry-run=client.
apiVersion: v1
data:
default.conf: |
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /data/nfs;
index index.html index.htm;
}
}
kind: ConfigMap
metadata:
creationTimestamp: null
name: default-config
~]# cat nginx-delpoy-nfs-volume.yaml
kind: ConfigMap
apiVersion: v1
metadata:
name: default-config
data:
default.conf: |
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /data/nfs;
index index.html index.htm;
}
}
---
kind: Deployment
apiVersion: apps/v1
metadata:
creationTimestamp: null
labels:
app: nginx
name: nginx
spec:
replicas: 2
selector:
matchLabels:
app: nginx
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: nginx
spec:
containers:
- image: docker.io/library/nginx:stable-alpine
name: nginx
ports:
- containerPort: 80
volumeMounts:
- mountPath: /data/nfs
name: nfs
- mountPath: /etc/nginx/conf.d
name: default-config
volumes:
- name: nfs
nfs:
server: 10.0.2.11
path: /data/nfs
- name: default-config
configMap:
name: default-config
~]# kubectl apply -f nginx-delpoy-nfs-volume.yaml
~]# echo "index in nfs" > /data/nfs/index.html
~]# kubectl get po -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-579777c779-clqqq 1/1 Running 0 44s 10.244.1.43 node02
nginx-579777c779-mqq8k 1/1 Running 0 40s 10.244.2.24 node03
~]# kubectl exec -it nginx-579777c779-mqq8k sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
/ # ls /data/nfs/
index.html
/ # cat /etc/nginx/conf.d/default.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /data/nfs;
index index.html index.htm;
}
}
~]# curl 10.244.1.43
index in nfs
使用存活探针和就绪探针就pod服务进行探测
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
app: demoapp
name: demoapp
spec:
replicas: 2
selector:
matchLabels:
app: demoapp
template:
metadata:
labels:
app: demoapp
spec:
containers:
- image: ikubernetes/demoapp:v1.0
name: demoapp
ports:
- containerPort: 80
livenessProbe:
httpGet:
path: '/livez'
port: 80
scheme: HTTP
initialDelaySeconds: 5
readinessProbe:
httpGet:
path: '/readyz'
port: 80
scheme: HTTP
initialDelaySeconds: 15
timeoutSeconds: 2
periodSeconds: 5
failureThreshold: 3