1. 在k8s中的资源分类
工作负载型资源(workload):
Pod、ReplicaSet、Deployment、StatefulSet、DaemonSet、Job、CronJob(ReplicationController在v1.11版本被废弃)
服务发现及负载均衡型资源(ServiceDiscovery LoadBalance):
Service、Ingress、…
配置与存储型资源:
Volume(存储卷)、CSI(容器存储接口,可以扩展各种各样的第三方存储卷)
特殊类型的存储卷:
ConfigMap(当配置中心来使用的资源类型)、Secret(保存敏感数据)、DownwardAPI(把外部环境中的信息输出给容器)
以上这些资源都是配置在名称空间级别
集群级资源:
Namespace、Node、Role、ClusterRole、RoleBinding(角色绑定)、ClusterRoleBinding(集群角色绑定)
元数据型资源:
HPA(Pod水平扩展)、PodTemplate(Pod模板,用于让控制器创建Pod时使用的模板)、LimitRange(用来定义硬件资源限制的)
# 组/版本号[root@master ~]# kubectl api-versions
admissionregistration.k8s.io/v1
apiextensions.k8s.io/v1
apiregistration.k8s.io/v1
apps/v1
authentication.k8s.io/v1
authorization.k8s.io/v1
autoscaling/v1
autoscaling/v2
batch/v1
certificates.k8s.io/v1
coordination.k8s.io/v1
crd.projectcalico.org/v1
discovery.k8s.io/v1
events.k8s.io/v1
flowcontrol.apiserver.k8s.io/v1
flowcontrol.apiserver.k8s.io/v1beta3
networking.k8s.io/v1
node.k8s.io/v1
policy/v1
rbac.authorization.k8s.io/v1
scheduling.k8s.io/v1
storage.k8s.io/v1
v1
1.查看资源
[root@master ~]# kubectl explain pod
KIND: Pod
VERSION: v1DESCRIPTION:Pod is a collection of containers that can run on a host. This resource iscreated by clients and scheduled onto hosts.FIELDS:apiVersion <string>APIVersion defines the versioned schema of this representation of an object.Servers should convert recognized schemas to the latest internal value, andmay reject unrecognized values. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resourceskind <string>Kind is a string value representing the REST resource this objectrepresents. Servers may infer this from the endpoint the client submitsrequests to. Cannot be updated. In CamelCase. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kindsmetadata <ObjectMeta>Standard object's metadata. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadataspec <PodSpec>Specification of the desired behavior of the pod. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-statusstatus <PodStatus>Most recently observed status of the pod. This data may not be up to date.Populated by the system. Read-only. More info:https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
2.YAML文件解析
vim nginx-deployment.yamlapiVersion: apps/v1 #指定api版本标签
kind: Deployment #定义资源的类型/角色,deployment为副本控制器,此处资源类型可以是Deployment、Job、Ingress、Service等
metadata: #定义资源的元数据信息,比如资源的名称、namespace、标签等信息name: nginx-deployment #定义资源的名称,在同一个namespace空间中必须是唯一的namespace: default #默认就是default,可以不用写labels: #定义Deployment资源标签app: nginx
spec: #定义deployment资源需要的参数属性,诸如是否在容器失败时重新启动容器的属性replicas: 3 #定义副本数量selector: #定义标签选择器matchLabels: #定义匹配标签app: nginx #需与 .spec.template.metadata.labels 定义的标签保持一致template: #定义业务模板,如果有多个副本,所有副本的属性会按照模板的相关配置进行匹配metadata:labels: #定义Pod副本将使用的标签,需与 .spec.selector.matchLabels 定义的标签保持一致app: nginxspec:containers: #定义容器属性- name: nginx #定义一个容器名,一个 - name: 定义一个容器image: nginx:1.15.4 #定义容器使用的镜像以及版本ports:- containerPort: 80 #定义容器的对外的端口#创建service服务对外提供访问并测试
vim nginx-service.yamlapiVersion: v1
kind: Service
metadata:name: nginx-servicelabels:app: nginx
spec:type: NodePort ports:- port: 80targetPort: 80 nodePort: 30080selector:app: nginx
3.测试YAML
Pod-Demo
apiVersion: v1
kind: Pod
metadata:name: pod-demonamespace: defaultlabels:app: myapp
spec:containers:- name: myapp-1image: wangyanglinux/myapp:v1.0- name: busybox-1image: wangyanglinux/tools:busyboxcommand:- "/bin/sh"- "-c"- "sleep 3600"
kubectl create -f 01.pod-demo.yaml[root@master 4]# kubectl get pod -n default
NAME READY STATUS RESTARTS AGE
pod-demo 0/2 ContainerCreating 0 59s
4.查看pod信息
# 获取当前的资源,pod
$ kubectl get pod -A,--all-namespaces 查看当前所有名称空间的资源-n 指定名称空间,默认值 default,kube-system 空间存放是当前组件资源--show-labels 查看当前的标签-l 筛选资源,key、key=value-o wide 详细信息包括 IP、分配的节点-w 监视,打印当前的资源对象的变化部分# 进入 Pod 内部的容器执行命令
$ kubectl exec -it podName -c cName -- command-c 可以省略,默认进入唯一的容器内部# 查看资源的描述
$ kubectl explain pod.spec# 查看 pod 内部容器的 日志
$ kubectl logs podName -c cName# 查看资源对象的详细描述
$ kubectl describe pod podName# 删除资源对象
$ kubectl delete kindName objName--all 删除当前所有的资源对象
4.1 获取当前的资源,pod
[root@master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
pod-demo 2/2 Running 1 (18m ago) 158m[root@master ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
default pod-demo 2/2 Running 1 (19m ago) 158m
kube-system calico-kube-controllers-558d465845-5zr5h 1/1 Running 1 (169m ago) 3h34m
kube-system calico-node-bpg47 1/1 Running 14 (169m ago) 15h
kube-system calico-node-dcqhb 1/1 Running 4 (165m ago) 15h
kube-system calico-node-nl2dw 1/1 Running 3 (164m ago) 15h
kube-system calico-typha-5b56944f9b-gcvzz 1/1 Running 4 (165m ago) 15h
kube-system coredns-857d9ff4c9-6cb2b 1/1 Running 1 (169m ago) 3h34m
kube-system coredns-857d9ff4c9-tvrff 1/1 Running 1 (169m ago) 3h34m
kube-system etcd-master 1/1 Running 7 (169m ago) 15h
kube-system kube-apiserver-master 1/1 Running 7 (169m ago) 15h
kube-system kube-controller-manager-master 1/1 Running 8 (169m ago) 15h
kube-system kube-proxy-ddqbc 1/1 Running 3 (164m ago) 15h
kube-system kube-proxy-lr5qj 1/1 Running 7 (169m ago) 15h
kube-system kube-proxy-p6hlv 1/1 Running 4 (165m ago) 15h
kube-system kube-scheduler-master 1/1 Running 8 (169m ago) 15h[root@master ~]# kubectl get pod -n default
NAME READY STATUS RESTARTS AGE
pod-demo 2/2 Running 1 (19m ago) 159m[root@master ~]# kubectl get pod --show-labels
NAME READY STATUS RESTARTS AGE LABELS
pod-demo 2/2 Running 1 (20m ago) 159m app=myapp[root@master ~]# kubectl get pod --show-labels -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES LABELS
pod-demo 2/2 Running 1 (20m ago) 160m 10.244.104.9 node2 <none> <none> app=myapp4.2 进入 Pod 内部的容器执行命令
[root@master ~]# kubectl exec -it pod-demo -c myapp-1 -- /bin/bash
pod-demo:/# ps a
PID USER TIME COMMAND1 root 0:00 nginx: master process /usr/local/nginx/sbin/nginx8 nginx 0:00 nginx: worker process62 root 0:00 /bin/bash69 root 0:00 ps a
4.3 查看资源的描述
[root@master ~]# kubectl explain pods.spec.containers.name
KIND: Pod
VERSION: v1FIELD: name <string>DESCRIPTION:Name of the container specified as a DNS_LABEL. Each container in a pod musthave a unique name (DNS_LABEL). Cannot be updated.
4.4 查看 pod 内部容器的 日志
[root@master ~]# kubectl logs pod-demo -c myapp-1
10.0.17.100 - - [21/Aug/2024:13:12:49 +0800] "GET / HTTP/1.1" 200 48 "-" "curl/7.76.1"
10.0.17.100 - - [21/Aug/2024:13:22:23 +0800] "GET / HTTP/1.1" 200 48 "-" "curl/7.76.1"
10.0.17.100 - - [21/Aug/2024:13:23:15 +0800] "GET / HTTP/1.1" 200 59 "-" "curl/7.76.1"4.5 查看pod详细描述
[root@master ~]# kubectl describe pod pod-demo
Name: pod-demo
Namespace: default
Priority: 0
Service Account: default
Node: node2/10.0.17.102
Start Time: Wed, 21 Aug 2024 11:05:45 +0800
Labels: app=myapp
Annotations: cni.projectcalico.org/containerID: a2ba351a800e16ace038139cfb1aa8e560ac9d15634ac70fb9fc7aab9a952682cni.projectcalico.org/podIP: 10.244.104.9/32cni.projectcalico.org/podIPs: 10.244.104.9/32
Status: Running
IP: 10.244.104.9
IPs:IP: 10.244.104.9
Containers:myapp-1:Container ID: docker://71dcc16e0e281d48d5fe392d96a90e2914318751515cd47aacdee972ec274940Image: wangyanglinux/myapp:v1.0Image ID: docker-pullable://wangyanglinux/myapp@sha256:77d7ec4cd4c00f79304ee9e53ca3d72e0aba22fbaf7a86797528649e3fc66e41Port: <none>Host Port: <none>State: RunningStarted: Wed, 21 Aug 2024 11:06:01 +0800Ready: TrueRestart Count: 0Environment: <none>Mounts:/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-gx2qz (ro)busybox-1:Container ID: docker://7a90d76ed08f0e05334cec13de1dd74e544e233f3b6b1575a5f8d14f5e6104e4Image: wangyanglinux/tools:busyboxImage ID: docker-pullable://wangyanglinux/tools@sha256:a024bc31a3a6d57ad06e0a66efa453c8cbdf818ef8d720ff6d4a36027dd1f0aePort: <none>Host Port: <none>Command:/bin/sh-csleep 3600State: RunningStarted: Wed, 21 Aug 2024 13:25:38 +0800Last State: TerminatedReason: CompletedExit Code: 0Started: Wed, 21 Aug 2024 11:06:11 +0800Finished: Wed, 21 Aug 2024 13:25:38 +0800Ready: TrueRestart Count: 1Environment: <none>Mounts:/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-gx2qz (ro)
Conditions:Type StatusPodReadyToStartContainers True Initialized True Ready True ContainersReady True PodScheduled True
Volumes:kube-api-access-gx2qz:Type: Projected (a volume that contains injected data from multiple sources)TokenExpirationSeconds: 3607ConfigMapName: kube-root-ca.crtConfigMapOptional: <nil>DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300snode.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:Type Reason Age From Message---- ------ ---- ---- -------Normal Created 30m (x2 over 170m) kubelet Created container busybox-1Normal Started 30m (x2 over 170m) kubelet Started container busybox-1Normal Pulled 30m kubelet Container image "wangyanglinux/tools:busybox" already present on machine4.6 删除资源对象
[root@master ~]# kubectl delete pod pod-demo
pod "pod-demo" deleted
[root@master ~]# kubectl delete pod pod-demo
pod "pod-demo" deleted
