原文:k8s学习笔记之四:资源清单定义入门 - 百衲本 - 博客园 (cnblogs.com)
第一章、k8s中的资源
1.什么叫资源?
k8s中所有的内容都抽象为资源, 资源实例化之后,叫做对象
2.在k8s中有哪些资源?
**工作负载型资源(workload)**: Pod ReplicaSet Deployment StatefulSet DaemonSet Job CronJob (ReplicationController在v1.11版本被废弃)
**服务发现及负载均衡型资源(ServiceDiscovery LoadBalance)**: Service Ingress, ...
**配置与存储型资源:** Volume(存储卷) CSI(容器存储接口,可以扩展各种各样的第三方存储卷)
**特殊类型的存储卷:**ConfigMap(当配置中心来使用的资源类型)Secret(保存敏感数据) DownwardAPI(把外部环境中的信息输出给容器)
**以上这些资源都是配置在名称空间级别**
**集群级资源**:Namespace Node Role ClusterRole RoleBinding(角色绑定) ClusterRoleBinding(集群角色绑定)
**元数据型资源**:HPA(Pod水平扩展) PodTemplate(Pod模板,用于让控制器创建Pod时使用的模板) LimitRange(用来定义硬件资源限制的)
第二章、资源清单
1.什么是资源清单
在k8s中,一般使用yaml格式的文件来创建符合我们预期期望的pod,这样的yaml文件我们一般称为资源清单
2.资源清单的格式
apiVersion: group/apiversion # 如果没有给定group名称,那么默认为**croe**,可以使用**kubectl api-****versions** 获取当前k8s版本上所有的apiVersion版本信息(每个版本可能不同)
kind: #资源类别
metadata: #资源元数据
name namespace #k8s自身的namespace lables
annotations #主要目的是方便用户阅读查找
spec:期望的状态(disired state)
status:当前状态,本字段有kubernetes自身维护,用户不能去定义
#配置清单主要有五个一级字段,其中status用户不能定义,有k8s自身维护
3.获取资源的apiVersion版本及资源配置的帮助
1)获取apiVersion版本信息
[root@k8s-master01 ~]# kubectl api-versions
admissionregistration.k8s.io/v1beta1
apiextensions.k8s.io/v1beta1
apiregistration.k8s.io/v1
apiregistration.k8s.io/v1beta1
apps/v1
apps/v1beta1
apps/v1beta2
authentication.k8s.io/v1
authentication.k8s.io/v1beta1
authorization.k8s.io/v1
authorization.k8s.io/v1beta1
autoscaling/v1
autoscaling/v2beta1
batch/v1
......(以下省略)
2)获取资源的apiVersion版本信息
[root@k8s-master01 ~]# kubectl explain pod
KIND: Pod
VERSION: v1
.....(以下省略)
[root@k8s-master01 ~]# kubectl explain Ingress
KIND: Ingress
VERSION: extensions/v1beta1</pre>
#可以看到出来,不同的资源可能属于不同的apiVersion版本
3)获取资源配置清单中字段设置帮助文档(以pod为例)
获取pod资源的配置清单一级字段
[root@k8s-master01 ~]# kubectl explain pod
KIND: Pod
VERSION: v1
DESCRIPTION:
Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.
FIELDS:
apiVersion <string> APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#resources
kind <string> Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
........
........
获取pod资源的配置清单二级级其他级别的字段
[root@k8s-master01 ~]# kubectl explain pod.metadata **#查看一级字段中有哪些二级字段,字段的上下级以 "." 定义**
KIND: Pod
VERSION: v1
RESOURCE: metadata <Object> DESCRIPTION:
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
ObjectMeta is metadata that all persisted resources must have, which
includes all objects users must create.
........ -------------
[root@k8s-master01 ~]# kubectl explain pod.metadata.labels **#查看二级字段中有哪些三级字段**
KIND: Pod
VERSION: v1
FIELD: labels <map[string]string> DESCRIPTION:
Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services. More info: http://kubernetes.io/docs/user-guide/labels</pre>
**字段配置的格式**
[](javascript:void(0); "复制代码")
帮助信息中常见格式如下:
apiVersion <string> #表示字符串类型
metadata <Object> #表示需要嵌套多层字段
labels <map[string]string> #表示由k:v组成的映射
finalizers <[]string> #表示字串列表
ownerReferences <[]Object> #表示对象列表
hostPID <boolean> #布尔类型
priority <integer> #整型
name <string> -required- #如果类型后面接 **-required-**,表示为必填字段</pre>
第四章、创建一个配置清单实例
1.以pod为例,创建一个简单的yaml文件
[root@k8s-master01 ~]# mkdir manifests
[root@k8s-master01 ~]# cd manifests/ [root@k8s-master01 manifests]# cat pod-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod-demo
labels:
app: myapp #给自己打上标签
tier: frontend
spec:
containers: #创建了两个容器 - name: nginx
image: ikubernetes/myapp:v1 - name: tomcat
image: tomcat:7-alpine
[root@k8s-master01 manifests]# kubectl create -f pod-demo.yaml #使用create 子命令以yaml文件的方式启动pod [root@k8s-master01 manifests]# kubectl get pod #主要查看pod的状态是否支持,因为有一个以上的pod,READY段需要注意pod中的容器是否全部就绪
NAME READY STATUS RESTARTS AGE ......
pod-demo 2/2 Running 0 2h
为了便于访问,我们再创建一个service便于外部访问测试
root@k8s-master01 manifests]# cat svc-demo.yaml
apiVersion: v1
kind: Service #主要类型
metadata:
name: test-service
labels:
app1: nginx
app2: tomcat
spec:
ports: #暴露的端口设置 - name: nginx
port: 80 #service的端口 targetPort: 80 #pod上暴露的端口 nodePort: 32080 #Node上暴露的端口,需要注意的是,Node只能暴露30000-32767之间的端口
- name: tomcat
port: 8080 targetPort: 8080 nodePort: 32088 selector:
app: myapp
type: NodePort #service 端口暴露的类型,默认是ClusterIP
[root@k8s-master01 manifests]# kubectl create -f svc-demo.yaml</pre>
[root@k8s-master01 manifests]# kubectl get svc -o wide #查看svc的状态
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
.......
test-service NodePort 10.108.230.27 <none> 80:32080/TCP,8080:32088/TCP 22m app=myapp #根据暴露的端口,加上任意集群的IP地址进行访问
2.pod资源清单示例
kubectl get pod #查看集群中pod的状态,选取一个之前使用命令行状态下创建的pod
NAME READY STATUS RESTARTS AGE
client 0/1 Completed 0 19h
myapp-6d6f569fd5-rtgt9 1/1 Running 0 19h
myapp-6d6f569fd5-tjpfn 1/1 Running 0 19h
myapp-6d6f569fd5-tqq5z 1/1 Running 0 19h
nginx 1/1 Running 0 16h
nginx-deploy-7db697dfbd-2qh7v 1/1 Running 0 20h
nginx-deploy-7db697dfbd-gskcv 1/1 Running 0 20h
nginx-deploy-7db697dfbd-ssws8 1/1 Running 0 20h
[root@k8s-master01 ~]# kubectl get pod nginx-deploy-7db697dfbd-2qh7v -o yaml #使用 **-o** 参数 加**yaml**,可以将资源的配置以 yaml的格式输出出来,也可以使用json,输出为json格式
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: 2018-10-30T05:40:55Z
generateName: nginx-deploy-7db697dfbd- labels:
pod-template-hash: "3862538968" run: nginx-deploy
name: nginx-deploy-7db697dfbd-2qh7v namespace: default ownerReferences: - apiVersion: extensions/v1beta1
blockOwnerDeletion: true controller: true kind: ReplicaSet
name: nginx-deploy-7db697dfbd
uid: 0eef9e1c-dbf0-11e8-8969-5254001b07db
resourceVersion: "15622" selfLink: /api/v1/namespaces/default/pods/nginx-deploy-7db697dfbd-2qh7v
uid: 5ee94f2a-dc06-11e8-8969-5254001b07db
spec:
containers: - image: nginx:1.14-alpine
imagePullPolicy: IfNotPresent
name: nginx-deploy
ports: - containerPort: 80 protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: default-token-tcwjz
readOnly: true dnsPolicy: ClusterFirst
nodeName: k8s-node02
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default serviceAccountName: default terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute
key: node.kubernetes.io/not-ready operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable operator: Exists
tolerationSeconds: 300 volumes: - name: default-token-tcwjz
secret:
defaultMode: 420 secretName: default-token-tcwjz
status:
conditions: - lastProbeTime: null lastTransitionTime: 2018-10-30T05:40:55Z
status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: 2018-10-30T05:41:06Z
status: "True" type: Ready - lastProbeTime: null lastTransitionTime: 2018-10-30T05:40:55Z
status: "True" type: PodScheduled
containerStatuses: - containerID: docker://b75740e5919bd975755b256c83e03b63ea95cf2307ffc606abd03b59fea6634a
image: docker.io/nginx:1.14-alpine
imageID: docker-pullable://docker.io/nginx@sha256:8976218be775f4244df2a60a169d44606b6978bac4375192074cefc0c7824ddf
lastState: {}
name: nginx-deploy
ready: true restartCount: 0 state:
running:
startedAt: 2018-10-30T05:41:06Z
hostIP: 172.16.150.214 phase: Running
podIP: 10.244.2.7 qosClass: BestEffort
startTime: 2018-10-30T05:40:55Z</pre>
