前言
在容器内部我们经常需要获取到pod的一些信息,比如所在node的ip与名字、pod的ip、资源限制等信息。
k8s提供了Downward API来满足上面的需求, 与ConfigMap一样的也是有两种方式将信息注入到容器变量中,分别是环境变量与volume挂载方式
准备
首先我们要知道Pod里会有一些什么信息。我们才能使用Downward API去获取,准备一个yml,启用,观察Pod信息
kube-nginx.yml
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent #用于设置镜像拉取策略
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
resources: #资源限制
limits: #资源最高限制
cpu: "0.5" #cpu限制 单位core数
memory: "1Gi" #内存限制 单位 M/G
requests: #容器请求的最低资源限制
cpu: "0.4"
memory: "512Mi"
启用该Pod,查看Pod的详细信息,这里只把一些容器里面会需要用到的信息展示出来,其它的我已删除。
大概观察一下
[root@master k8s]# kubectl get pods -o yaml
apiVersion: v1
items:
- apiVersion: v1
kind: Pod
metadata:
labels:
app: nginx
name: nginx
namespace: default
resourceVersion: "2062588"
uid: 7815a305-31de-4f4d-820d-cdc17928a90f
spec:
containers:
- image: nginx
imagePullPolicy: IfNotPresent
name: nginx
ports:
- containerPort: 80
name: nginx-port
protocol: TCP
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 400m
memory: 512Mi
nodeName: node01
serviceAccount: default
serviceAccountName: default
status:
hostIP: 10.0.4.11
phase: Running
podIP: 10.244.1.21
podIPs:
- ip: 10.244.1.21
qosClass: Burstable
startTime: "2022-11-17T17:35:39Z"
从上面展示的结果来看,一般容器里面需要的信息基本都有了,下面我们来演示如何在容器中获取
hostIP: 10.0.4.11 节点的ip
podIP: 10.244.1.21
phase: Running
cpu: 500m
memory: 1Gi
环境变量方式
Pod信息获取
我们在学习ConfigMap时用到了 configMapKeyRef 来将配置引入容器环境变量。在这里我们使用一个新的词 fieldRef 来引用Pod的信息。
下面修改 kube-nginx.yml 内容如下
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent #用于设置镜像拉取策略
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
resources: #资源限制
limits: #资源最高限制
cpu: "0.5" #cpu限制 单位core数
memory: "1Gi" #内存限制 单位 M/G
requests: #容器请求的最低资源限制
cpu: "0.4"
memory: "512Mi"
env:
- name: NG_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP #Pod IP
- name: NG_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name # Pod name
- name: NG_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName # 节点名称
- name: NG_NODE_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP # 节点IP
- name: NG_UID
valueFrom:
fieldRef:
fieldPath: metadata.uid # 唯一标识
- name: NG_APP_NAME
valueFrom:
fieldRef:
fieldPath: metadata.labels['app'] # 获取labels信息
启用Pod
kubectl apply -f kube-nginx.yml
# 查看容器内的环境变量
[root@master k8s]# kubectl exec nginx -- env | grep NG_
NG_POD_IP=10.244.1.25
NG_POD_NAME=nginx
NG_NODE_NAME=node01
NG_NODE_IP=10.0.4.11
NG_UID=cb3bfa3a-8d64-4fd7-885d-1839afa4d9c4
NG_APP_NAME=nginx
从上面打印出来的环境变量信息,说明我们需要的信息已经正确设置到了容器里面。
在上面的例子,我只是打印了Pod的基本信息,但是像 resources 中的cpu 内存限制没有在上面例子中展示,那是因为Containers中的信息不是通过fieldRef获取,而是使用 resourceFieldRef
Containers信息获取
Containers信息使用resourceFieldRef来获取,修改kube-nginx.yml 内容如下
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent #用于设置镜像拉取策略
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
resources: #资源限制
limits: #资源最高限制
cpu: "1.2" #cpu限制 单位core数
memory: "1Gi" #内存限制 单位 M/G
requests: #容器请求的最低资源限制
cpu: "0.8"
memory: "512Mi"
env:
- name: NG_REQUEST_CPU
valueFrom:
resourceFieldRef:
containerName: nginx
resource: requests.cpu
- name: NG_REQUEST_MEMORY
valueFrom:
resourceFieldRef:
containerName: nginx
resource: requests.memory
- name: NG_LIMITS_CPU
valueFrom:
resourceFieldRef:
containerName: nginx
resource: limits.cpu
- name: NG_LIMITS_MEMORY
valueFrom:
resourceFieldRef:
containerName: nginx
resource: limits.memory
启动Pod,查看容器环境变量
[root@master k8s]# kubectl exec nginx -- env | grep NG_
NG_REQUEST_MEMORY=536870912
NG_LIMITS_CPU=2
NG_LIMITS_MEMORY=1073741824
NG_REQUEST_CPU=1
Volume 挂载方式
通过volume挂载方式可以将Pod信息或 Containers信息挂载为容器的文件
注意:通过volume的方式不能将status的信息设置进来了,我之前尝试着想设置 status.hostIP,结果报错,提示说不支持,只支持 "metadata.annotations", "metadata.labels", "metadata.name", "metadata.namespace", "metadata.uid"
* spec.volumes[0].downwardAPI.fieldRef.fieldPath: Unsupported value: "status.hostIP": supported values: "metadata.annotations", "metadata.labels", "metadata.name", "metadata.namespace", "metadata.uid"
使用 explain 查看 explain pod.spec.volumes.downwardAPI.items,也是显示只支持 annotations, labels, name namespace
kubectl explain pod.spec.volumes.downwardAPI.items
FIELDS:
fieldRef <Object>
Required: Selects a field of the pod: only annotations, labels, name and
namespace are supported.
resourceFieldRef <Object>
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently
supported.
那么我们就按照支持的内容修改kube-nginx.yml 内容如下
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent #用于设置镜像拉取策略
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
resources: #资源限制
limits: #资源最高限制
cpu: "1.2" #cpu限制 单位core数
memory: "1Gi" #内存限制 单位 M/G
requests: #容器请求的最低资源限制
cpu: "0.8"
memory: "512Mi"
volumeMounts:
- name: "podinfo"
mountPath: "/etc/podinfo"
volumes:
- name: podinfo
downwardAPI:
items:
- path: "labels"
fieldRef:
fieldPath: metadata.labels # 获取labels信息
- path: "limits_cpu"
resourceFieldRef:
containerName: nginx
resource: limits.cpu
- path: "requests_memory"
resourceFieldRef:
containerName: nginx
resource: requests.memory
查看/etc/podinfo下的文件,并且查看每个文件内容
[root@master k8s]# kubectl exec -it nginx -- ls -lrt /etc/podinfo
total 0
lrwxrwxrwx 1 root root 22 Nov 19 19:07 requests_memory -> ..data/requests_memory
lrwxrwxrwx 1 root root 17 Nov 19 19:07 limits_cpu -> ..data/limits_cpu
lrwxrwxrwx 1 root root 13 Nov 19 19:07 labels -> ..data/labels
[root@master k8s]# kubectl exec -it nginx -- cat /etc/podinfo/labels
app="nginx"
[root@master k8s]# kubectl exec -it nginx -- cat /etc/podinfo/limits_cpu
2
[root@master k8s]# kubectl exec -it nginx -- cat /etc/podinfo/requests_memory
536870912
通过上面展示的数据信息,表明我们已经成功通过 volume 将Pod信息以及 Containers信息挂载到容器里。
Downward API 就介绍到这里,后面会介绍Pod的生命周期与重启策略。
欢迎关注,学习不迷路!
