docker筆記24-pod控制器
上一節,我們建立的pod,是透過資源配置清單定義的,如果手工把這樣的pod刪除後,不會自己重新建立,這樣建立的pod叫自主式Pod。
在生產中,我們很少使用自主式pod。
下面我們學習另外一種pod,叫控制器管理的Pod,控制器會按照定義的策略嚴格控制pod的數量,一旦發現pod數量少了,會立即自動建立出來新的pod;一旦發現pod多了,也會自動殺死多餘的Pod。
pod控制器:ReplicaSet控制器、Deployment控制器(必須掌握)、DaenibSet控制器、Job控制器
ReplicaSet控制器
:替使用者建立指定數量Pod的副本,並保證pod副本滿足使用者期望的數量;而且更新自動擴縮容機制。
replicat主要由三個元件組成:1、使用者期望的pod副本數量;2、標籤選擇器(控制管理pod副本);3、pod資源模板(如果pod數量少於期望的,就根據pod模板來新建一定數量的pod)。
Deployment控制器 :Deployment透過控制replicaset來控制Pod。Deployment支援滾動更新和回滾,宣告式配置的功能。Deployment只關注群體,而不關注個體。
DaemonSet控制器
:用於確保叢集中的每一個節點只執行一個pod副本(畫外音,如果沒有DaemonSet,一個節點可以執行多個pod副本)。如果在叢集中新加一個節點,那麼這個新節點也會自動生成一個Pod副本。
Job控制器
:對於那些
只做一次,只要完成就正常退出,沒完成才重構pod
,叫job控制器。
StatefulSet控制器:
管理有狀態應用,每一個pod副本都是被單獨管理的。它擁有著自己獨有的標識。
K8s在1.2+和1.7開始,支援TPR(third party resources 第三方資源)。在k8s 1.8+中,支援CDR(Custom Defined Reources,使用者自定義資源)。
replicaset控制器
[root@master manifests]# kubectl explain replicaset [root@master manifests]# kubectl explain rs (replicaset的簡寫) [root@master manifests]# kubectl explain rs.spec.template
[root@master manifests]# kubectl get deploy NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE myapp 2 2 2 0 10d mytomcat 3 3 3 3 10d nginx-deploy 1 1 1 1 13d [root@master manifests]# kubectl delete deploy myapp deployment.extensions "myapp" deleted [root@master manifests]# kubectl delete deploy nginx-deploy deployment.extensions "nginx-deploy" deleted
[root@master manifests]# cat rs-demo.yaml apiVersion: apps/v1 kind: ReplicaSet metadata: name: myapp namespace: default spec: #這是控制器的spec replicas: 2 #幾個副本 selector: #檢視幫助:,標籤選擇器。 kubectl explain rs.spec.selector matchLabels: app: myapp release: canary template: # 檢視幫助:模板 kubectl explain rs.spec.template metadata: # kubectl explain rs.spec.template.metadata name: myapp-pod labels: #必須符合上面定義的標籤選擇器selector裡面的內容 app: myapp release: canary environment: qa spec: #這是pod的spec containers: - name: myapp-container image: ikubernetes/nginx:latest ports: - name: http containerPort: 80
[root@master manifests]# kubectl create -f rs-demo.yaml replicaset.apps/myapp created
[root@master manifests]# kubectl get rs NAME DESIRED CURRENT READY AGE myapp 2 2 2 3m
看到上面的ready是2,表示兩個replcatset控制器都在正常執行。
[root@master manifests]# kubectl get pods --show-labels myapp-6kncv 1/1 Running 0 15m app=myapp,environment=qa,release=canary myapp-rbqjz 1/1 Running 0 15m app=myapp,environment=qa,release=canary 5m pod-demo 0/2 CrashLoopBackOff 2552 9d app=myapp,tier=frontend
上面就是replicatset控制器建立的兩個pod。
[root@master manifests]# kubectl describe pods myapp-6kncv IP: 10.244.2.44
[root@master manifests]# curl 10.244.2.44 Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
編輯replicatset的配置檔案(這個檔案不是我們手工建立的,而是apiserver維護的)
[root@master manifests]# kubectl edit rs myapp
把裡面的replicas改成5,儲存後就立即生效。
[root@master manifests]# kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS client 0/1 Error 0 11d run=client liveness-httpget-pod 1/1 Running 3 5d <none> myapp-6kncv 1/1 Running 0 31m app=myapp,environment=qa,release=canary myapp-c64mb 1/1 Running 0 3s app=myapp,environment=qa,release=canary myapp-fsrsg 1/1 Running 0 3s app=myapp,environment=qa,release=canary myapp-ljczj 0/1 ContainerCreating 0 3s app=myapp,environment=qa,release=canary myapp-rbqjz 1/1 Running 0 31m app=myapp,environment=qa,release=canary
同樣,也可以用命令kubectl edit rs myapp升級版本,改裡面的image: ikubernetes/myapp:v2,這樣就變成v2版本了。
[root@master manifests]# kubectl get rs -o wide NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp 5 5 5 1h myapp-container ikubernetes/myapp:v2 app=myapp,release=canary
不過,只有pod重建後,比如增加刪除Pod,才會更新成v2版本。
Deployment控制器
我們可以透過Deployment控制器來動態更新pod的版本。
我們先建立replicatset v2版本,然後一個一個的刪除replicatset v1版本中的Pod,這樣自動新建立的pod就會變成v2版本了。當pod全部變成v2版本後,replicatset v1並不會刪除,這樣一旦發現v2版本有問題,還可以回退到v1版本。
通常deployment預設保留10版本的replicatset。
[root@master manifests]# kubectl explain deploy [root@master manifests]# kubectl explain deploy.spec [root@master manifests]# kubectl explain deploy.spec.strategy (更新策略) [root@master ~]# kubectl delete rs myapp
[root@master manifests]# cat deploy-demo.yaml apiVersion: apps/v1 kind: Deployment metadata: name: myapp-deploy namespace: default spec: replicas: 2 selector: #標籤選擇器 matchLabels: #匹配的標籤為 app: myapp release: canary template: metadata: labels: app: myapp #和上面的myapp要匹配 release: canary spec: containers: - name: myapp image: ikubernetes/myapp:v1 ports: - name: http containerPort: 80
[root@master manifests]# kubectl apply -f deploy-demo.yaml deployment.apps/myapp-deploy created
apply表示是宣告式更新和建立。
[root@master manifests]# kubectl get deploy NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE myapp-deploy 2 2 2 2 1m
[root@master ~]# kubectl get rs NAME DESIRED CURRENT READY AGE myapp-deploy-69b47bc96d 2 2 2 17m
上面的rs式deployment自動建立的。
[root@master ~]# kubectl get pods NAME READY STATUS RESTARTS AGE myapp-deploy-69b47bc96d-7jnwx 1/1 Running 0 19m myapp-deploy-69b47bc96d-btskk 1/1 Running 0 19m
修改配置檔案deploy-demo.yaml,把replicas數字改成3,然後再執行kubectl apply -f deploy-demo.yaml 即可使配置檔案裡面的內容生效。
[root@master ~]# kubectl describe deploy myapp-deploy
[root@master ~]# kubectl get pods -l app=myapp -w
-l使標籤過濾
-w是動態監控
[root@master ~]# kubectl get rs -o wide NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp-deploy-69b47bc96d 2 2 2 1h myapp ikubernetes/myapp:v1 app=myapp,pod-template-hash=2560367528,release=canary
看滾動更新的歷史:
[root@master ~]# kubectl rollout history deployment myapp-deploy deployments "myapp-deploy" REVISION CHANGE-CAUSE 1 <none>
下面我們把deployment改成5個:我們可以使用vim deploy-demo.yaml方法,把裡面的replicas改成5。當然,還可以使用另外一種方法,就patch方法,舉例如下。
[root@master manifests]# kubectl patch deployment myapp-deploy -p '{"spec":{"replicas":5}}' deployment.extensions/myapp-deploy patched
[root@master manifests]# kubectl get deploy NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE myapp-deploy 5 5 5 5 2h
[root@master manifests]# kubectl get pods NAME READY STATUS RESTARTS AGE myapp-deploy-69b47bc96d-7jnwx 1/1 Running 0 2h myapp-deploy-69b47bc96d-8gn7v 1/1 Running 0 59s myapp-deploy-69b47bc96d-btskk 1/1 Running 0 2h myapp-deploy-69b47bc96d-p5hpd 1/1 Running 0 59s myapp-deploy-69b47bc96d-zjv4p 1/1 Running 0 59s mytomcat-5f8c6fdcb-9krxn 1/1 Running 0 8h
下面修改策略:
[root@master manifests]# kubectl patch deployment myapp-deploy -p '{"spec":{"strategy":{"rollingUpdate":{"maxSurge":1,"maxUnavaliable":0}}}}' deployment.extensions/myapp-deploy patched
strategy:表示策略
maxSurge:表示最多幾個控制器存在
maxUnavaliable:表示最多有幾個控制器不可用
[root@master manifests]# kubectl describe deployment myapp-deploy RollingUpdateStrategy: 0 max unavailable, 1 max surge
下面我們用set image命令,將映象myapp升級為v3版本,並且將myapp-deploy控制器標記為暫停。被pause命令暫停的資源不會被控制器協調使用,可以使“kubectl rollout resume”命令恢復已暫停資源。
[root@master manifests]# kubectl set image deployment myapp-deploy myapp=ikubernetes/myapp:v3 && kubectl rollout pause deployment myapp-deploy
[root@master ~]# kubectl get pods -l app=myapp -w
停止暫停:
[root@master ~]# kubectl rollout resume deployment myapp-deploy deployment.extensions/myapp-deploy resumed
看到繼續更新了(即刪一個更新一個,刪一個更新一個):
[root@master manifests]# kubectl rollout status deployment myapp-deploy Waiting for deployment "myapp-deploy" rollout to finish: 2 out of 5 new replicas have been updated... Waiting for deployment spec update to be observed... Waiting for deployment spec update to be observed... Waiting for deployment "myapp-deploy" rollout to finish: 2 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 3 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 3 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 4 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 4 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 4 out of 5 new replicas have been updated... Waiting for deployment "myapp-deploy" rollout to finish: 1 old replicas are pending termination... Waiting for deployment "myapp-deploy" rollout to finish: 1 old replicas are pending termination... deployment "myapp-deploy" successfully rolled out
[root@master manifests]# kubectl get rs -o wide NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp-deploy-69b47bc96d 0 0 0 6h myapp ikubernetes/myapp:v1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-6bdcd6755d 5 5 5 3h myapp ikubernetes/myapp:v3 app=myapp,pod-template-hash=2687823118,release=canary mytomcat-5f8c6fdcb 3 3 3 12h mytomcat tomcat pod-template-hash=194729876,run=mytomcat
上面可以看到myapp有v1和v3兩個版本。
[root@master manifests]# kubectl rollout history deployment myapp-deploy deployments "myapp-deploy" REVISION CHANGE-CAUSE 1 <none> 2 <none>
上面可以看到有兩個歷史更新記錄。
下面我們把v3回退到上一個版本(不指定就是上一個版本)。
[root@master manifests]# kubectl rollout undo deployment myapp-deploy --to-revision=1 deployment.extensions/myapp-deploy
可以看到第一版還原成第3版了:
[root@master manifests]# kubectl rollout history deployment myapp-deploy deployments "myapp-deploy" REVISION CHANGE-CAUSE 2 <none> 3 <none>
可以看到正在工作的是v1版,即回退到了v1版。
[root@master manifests]# kubectl get rs -o wide NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR myapp-deploy-69b47bc96d 5 5 5 6h myapp ikubernetes/myapp:v1 app=myapp,pod-template-hash=2560367528,release=canary myapp-deploy-6bdcd6755d 0 0 0 3h myapp ikubernetes/myapp:v3 app=myapp,pod-template-hash=2687823118,release=canary
DaemonSet控制器
透過
[root@node1 manifests]# docker pull ikubernetes/filebeat:5.6.5-alpine [root@node2 manifests]# docker pull ikubernetes/filebeat:5.6.5-alpine
node1和node2上都下載filebeat映象。
[root@node1 ~]# docker image inspect ikubernetes/filebeat:5.6.5-alpine
[root@master manifests]# kubectl explain pods.spec.containers.env
[root@master manifests]# cat ds-demo.yaml apiVersion: apps/v1 kind: DaemonSet metadata: name: myapp-ds namespace: default spec: selector: #標籤選擇器 matchLabels: #匹配的標籤為 app: filebeat release: stable template: metadata: labels: app: filebeat #和上面的myapp要匹配 release: stable spec: containers: - name: myapp image: ikubernetes/myapp:v1 env: - name: REDIS_HOST value: redis.default.svc.cluster.local #隨便取的名字 name: REDIS_LOG_LEVEL value: info
[root@master manifests]# kubectl apply -f ds-demo.yaml daemonset.apps/myapp-ds created
看到myapp-ds已經執行起來了,並且是兩個myapp-ds,這是因為我們有兩個Node節點。另外master節點上是不會執行myapp-ds控制器的,因為master有汙點(除非你設定允許有汙點,才可以在master上允許myapp-ds)
[root@master manifests]# kubectl get pods NAME READY STATUS RESTARTS AGE myapp-ds-5tmdd 1/1 Running 0 1m myapp-ds-dkmjj 1/1 Running 0 1m
[root@master ~]# kubectl logs myapp-ds-dkmjj
[root@master manifests]# kubectl delete -f ds-demo.yaml
[root@master manifests]# cat ds-demo.yaml apiVersion: apps/v1 kind: Deployment metadata: name: redis namespace: default spec: replicas: 1 selector: matchLabels: app: redis role: logstor #日誌儲存角色 template: metadata: labels: app: redis role: logstor spec: #這個是容器的spec containers: - name: redis image: redis:4.0-alpine ports: - name: redis containerPort: 6379 #用減號隔離資源定義清單 --- apiVersion: apps/v1 kind: DaemonSet metadata: name: filebeat-ds namespace: default spec: selector: #標籤選擇器 matchLabels: #匹配的標籤為 app: filebeat release: stable template: metadata: labels: app: filebeat #和上面的myapp要匹配 release: stable spec: containers: - name: filebeat image: ikubernetes/filebeat:5.6.6-alpine env: - name: REDIS_HOST #這是環境變數名,value是它的值 value: redis.default.svc.cluster.local #隨便取的名字 - name: REDIS_LOG_LEVEL value: info
[root@master manifests]# kubectl create -f ds-demo.yaml deployment.apps/redis created daemonset.apps/filebeat-ds created
[root@master manifests]# kubectl expose deployment redis --port=6379 ##這是在用expose方式建立service,其實還有一種方式是根據清單建立service service/redis exposed
[root@master manifests]# kubectl get svc #service的簡稱 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE redis ClusterIP 10.106.138.181 <none> 6379/TCP 48s
[root@master manifests]# kubectl get pods NAME READY STATUS RESTARTS AGE filebeat-ds-hgbhr 1/1 Running 0 9h filebeat-ds-xc7v7 1/1 Running 0 9h redis-5b5d6fbbbd-khws2 1/1 Running 0 33m
[root@master manifests]# kubectl exec -it redis-5b5d6fbbbd-khws2 -- /bin/sh /data # netstat -tnl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN tcp 0 0 :::6379 :::* LISTEN /data # nslookup redis.default.svc.cluster.local #看到DNS可以解析出來ip nslookup: can't resolve '(null)': Name does not resolve Name: redis.default.svc.cluster.local Address 1: 10.106.138.181 redis.default.svc.cluster.local /data # redis-cli -h redis.default.svc.cluster.local redis.default.svc.cluster.local:6379> keys * (empty list or set) redis.default.svc.cluster.local:6379>
[root@master manifests]# kubectl exec -it filebeat-ds-pnk8b -- /bin/sh / # ps aux PID USER TIME COMMAND 1 root 0:00 /usr/local/bin/filebeat -e -c /etc/filebeat/filebeat.yml 15 root 0:00 /bin/sh 22 root 0:00 ps aux / # cat /etc/filebeat/filebeat.yml filebeat.registry_file: /var/log/containers/filebeat_registry filebeat.idle_timeout: 5s filebeat.spool_size: 2048 logging.level: info filebeat.prospectors: - input_type: log paths: - "/var/log/containers/*.log" - "/var/log/docker/containers/*.log" - "/var/log/startupscript.log" - "/var/log/kubelet.log" - "/var/log/kube-proxy.log" - "/var/log/kube-apiserver.log" - "/var/log/kube-controller-manager.log" - "/var/log/kube-scheduler.log" - "/var/log/rescheduler.log" - "/var/log/glbc.log" - "/var/log/cluster-autoscaler.log" symlinks: true json.message_key: log json.keys_under_root: true json.add_error_key: true multiline.pattern: '^\s' multiline.match: after document_type: kube-logs tail_files: true fields_under_root: true output.redis: hosts: ${REDIS_HOST:?No Redis host configured. Use env var REDIS_HOST to set host.} key: "filebeat" / # printenv REDIS_HOST=redis.default.svc.cluster.local / # nslookup redis.default.svc.cluster.local nslookup: can't resolve '(null)': Name does not resolve Name: redis.default.svc.cluster.local Address 1: 10.106.138.181 redis.default.svc.cluster.local
daemon-set也支援滾動更新。
[root@master manifests]# kubectl set image daemonsets filebeat-ds filebeat=ikubernetes/filebeat:5.5.7-alpine
說明: daemonsets filebeat-ds表示daemonsets名字叫filebeat-ds;
filebeat=ikubernetes/filebeat:5.5.7-alpine表示filebeat容器=ikubernetes/filebeat:5.5.7-alpine
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/28916011/viewspace-2214692/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- docker 筆記Docker筆記
- 筆記:Docker筆記Docker
- Docker筆記Docker筆記
- docker筆記28-stateful(有狀態應用副本集)控制器Docker筆記
- docker 筆記2Docker筆記
- docker 筆記4Docker筆記
- Docker Stack 筆記Docker筆記
- docker筆記(一)Docker筆記
- docker使用筆記Docker筆記
- Swoft 學習筆記之控制器筆記
- Docker筆記之DockerfileDocker筆記
- docker簡單筆記Docker筆記
- Docker學習筆記Docker筆記
- Docker的使用筆記Docker筆記
- Docker 學習筆記Docker筆記
- Docker筆記之Docker初體驗Docker筆記
- Docker筆記(四):Docker映象管理Docker筆記
- Docker筆記(一):什麼是DockerDocker筆記
- 【docker】Docker入門到實踐 筆記Docker筆記
- docker筆記3-docker的安裝Docker筆記
- Docker筆記(三):Docker安裝與配置Docker筆記
- Symfony筆記之–控制器的快捷方法筆記
- 十速微控制器應用筆記筆記
- Kubernetes筆記(六):瞭解控制器 —— Deployment筆記
- ELK 搭建筆記--Docker 方式筆記Docker
- Ubuntu安裝docker筆記UbuntuDocker筆記
- Docker筆記之七:RegistryDocker筆記
- Docker筆記二之容器Docker筆記
- Docker筆記一之映象Docker筆記
- Docker筆記(六):容器管理Docker筆記
- Docker Compose 學習筆記Docker筆記
- docker相關概念筆記Docker筆記
- docker筆記7-docker的幫助命令Docker筆記
- Docker技術筆記:Docker入門淺嘗Docker筆記
- Docker筆記五之Docker系統變數Docker筆記變數
- Docker入門學習筆記Docker筆記
- Docker筆記(八):資料管理Docker筆記
- Cris 的 Docker 學習筆記Docker筆記