3

创建一个deployment

[root@master ~]# kubectl run --help
Create and run a particular image, possibly replicated. 
Creates a deployment or job to manage the created container(s).
Usage:
  kubectl run NAME --image=image [--env="key=value"] [--port=port] [--replicas=replicas] [--dry-run=bool]
[--overrides=inline-json] [--command] -- [COMMAND] [args...] [options]

使用如下命令:

[root@master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1 --dry-run=true
deployment.apps/nginx-deploy created (dry run)
[root@master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1 
deployment.apps/nginx-deploy created
[root@master ~]# kubectl get deployment
NAME           DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
nginx-deploy   1         1         1            1           7s
[root@master ~]# kubectl get pod -o wide
NAME                          READY     STATUS    RESTARTS   AGE       IP            NODE      NOMINATED NODE
nginx-deploy-5b595999-nzlmj   1/1       Running   0          1m        10.244.2.14   node02    <none>

创建了一个名为 nginx-deploy 的deployment,副本设置为1, 查看pod,发现生成了一个nginx的pod,且该pod运行在node02上,ip为 10.244.2.14 ,检查node02的网络

[root@node02 ~]# ip a|grep -A5 cni0
5: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP qlen 1000
    link/ether 0a:58:0a:f4:02:01 brd ff:ff:ff:ff:ff:ff
    inet 10.244.2.1/24 scope global cni0
       valid_lft forever preferred_lft forever
    inet6 fe80::980e:b1ff:fee7:a26f/64 scope link 
       valid_lft forever preferred_lft forever
8: veth23ea238e@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP 
    link/ether 32:26:f6:cb:a0:9f brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::3026:f6ff:fecb:a09f/64 scope link 
       valid_lft forever preferred_lft forever

可以发现,pod是跑在cni网桥上的

Pod此时可以在节点端通过Pod ip访问。

当我们删除这个pod后,Deployment会重新创建一个pod,该pod的ip就会变化。

[root@master ~]# kubectl get pod -o wide
NAME                          READY     STATUS    RESTARTS   AGE       IP            NODE      NOMINATED NODE
nginx-deploy-5b595999-nzlmj   1/1       Running   0          1m        10.244.2.14   node02    <none>
[root@master ~]# kubectl delete pod nginx-deploy-5b595999-nzlmj
pod "nginx-deploy-5b595999-nzlmj" deleted
[root@master ~]# kubectl get pod -o wide
NAME                          READY     STATUS    RESTARTS   AGE       IP            NODE      NOMINATED NODE
nginx-deploy-5b595999-z76bn   1/1       Running   0          4s        10.244.1.16   node01    <none>

所以,我们使用pod ip或pod hostname访问是不合适的,我们需要提供一个固定ip及端口。service可以满足要求。

创建一个service

用法

[root@master ~]# kubectl expose --help
Expose a resource as a new Kubernetes service. 
Usage:
  kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP] [--target-port=number-or-name]
[--name=name] [--external-ip=external-ip-of-service] [--type=type] [options]

创建service

[root@master ~]# kubectl expose deployment nginx-deploy --name=nginx --port=80 --target-port=80 --protocol=TCP
service/nginx exposed
[root@master ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP   8h
nginx        ClusterIP   10.101.41.108   <none>        80/TCP    7s

现在,我们就可以在节点上通过ip 10.101.41.108 访问。在节点外部无法访问。

这类地址,更多时候是被pod客户端访问的。

我们创建一个pod客户端,来测试:

[root@master ~]# kubectl run client --image=busybox --replicas=1 -it --restart=Never
If you don't see a command prompt, try pressing enter.
/ # cat /etc/resolv.conf 
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5
/ # 

查看pod的dns解析,发现nameserver是 10.96.0.10这个ip是coredns的service ip

[root@master ~]# kubectl get svc -n kube-system -o wide
NAME       TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)         AGE       SELECTOR
kube-dns   ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP   9h        k8s-app=kube-dns

此时,在busybox这个pod里,我们可以直接通过service name nginx 访问之前创建的service,而不是service的ip:port。

# busybox里
/ # wget nginx
Connecting to nginx (10.101.41.108:80)
index.html           100% |**************************************************************************************|   612  0:00:00 ETA
/ # wget -O - -q http://nginx:80 
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>

注意: 10.101.41.108是nginx的service的ip。

此时,我们人为将nginx的pod搞挂。

[root@master ~]# kubectl delete pod nginx-deploy-5b595999-z76bn
pod "nginx-deploy-5b595999-z76bn" deleted
[root@master ~]# kubectl get pods
NAME                          READY     STATUS    RESTARTS   AGE
client                        1/1       Running   0          8m
nginx-deploy-5b595999-j6p8g   1/1       Running   0          4s

再次在busybox里面访问nginx

# busybox里
/ # wget -O - -q http://nginx:80 
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>

nginx依旧可以访问。

可以通过如下命令,获取service后端的pod ip

[root@master ~]# kubectl describe service nginx
Name:              nginx
Namespace:         default
Labels:            run=nginx-deploy
Annotations:       <none>
Selector:          run=nginx-deploy
Type:              ClusterIP
IP:                10.101.41.108
Port:              <unset>  80/TCP
TargetPort:        80/TCP
Endpoints:         10.244.2.17:80
Session Affinity:  None
Events:            <none>

动态修改

我们创建一个 myapp 的deployment

[root@master ~]# kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2 
deployment.apps/myapp created
[root@master ~]# kubectl get pods
NAME                          READY     STATUS    RESTARTS   AGE
client                        1/1       Running   0          17m
myapp-848b5b879b-4dz7h        1/1       Running   0          7s
myapp-848b5b879b-wjktr        1/1       Running   0          7s
nginx-deploy-5b595999-j6p8g   1/1       Running   0          8m
[root@master ~]# kubectl get deployment
NAME           DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
myapp          2         2         2            2           28s
nginx-deploy   1         1         1            1           38m

创建一个 myapp-svc 的service

[root@master ~]# kubectl expose deployment myapp --name=myapp-svc --port=80 
service/myapp-svc exposed
[root@master ~]# kubectl get svc 
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP   9h
myapp-svc    ClusterIP   10.105.155.237   <none>        80/TCP    7s
nginx        ClusterIP   10.101.41.108    <none>        80/TCP    28m

这时候,在busybox pod里可以通过myapp-svc来访问

#  busybox pod里
# 10.244.1.17是pod的ip
/ # wget -O - -q 10.244.1.17
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # wget -O - -q myapp-svc
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # while true; do wget -O - -q myapp-svc/hostname.html; sleep 1;done
myapp-848b5b879b-wjktr
myapp-848b5b879b-wjktr
myapp-848b5b879b-4dz7h
myapp-848b5b879b-wjktr
myapp-848b5b879b-4dz7h
myapp-848b5b879b-4dz7h

可以发现,后端的pod会有两个。

动态修改

将deployment myapp的副本修改为5个。

[root@master ~]# kubectl scale --replicas=5 deployment myapp
deployment.extensions/myapp scaled
[root@master ~]# kubectl get pods
NAME                          READY     STATUS    RESTARTS   AGE
client                        1/1       Running   0          24m
myapp-848b5b879b-28crc        1/1       Running   0          6s
myapp-848b5b879b-4dz7h        1/1       Running   0          7m
myapp-848b5b879b-9dp4m        1/1       Running   0          6s
myapp-848b5b879b-g4pzd        1/1       Running   0          6s
myapp-848b5b879b-wjktr        1/1       Running   0          7m
nginx-deploy-5b595999-j6p8g   1/1       Running   0          16m

此时,在busybox pod里访问:

/ # while true; do wget -O - -q myapp-svc/hostname.html; sleep 1;done
myapp-848b5b879b-g4pzd   # 1
myapp-848b5b879b-9dp4m   # 2 
myapp-848b5b879b-9dp4m 
myapp-848b5b879b-wjktr   # 3
myapp-848b5b879b-28crc   # 4
myapp-848b5b879b-4dz7h   # 5
myapp-848b5b879b-28crc
myapp-848b5b879b-4dz7h

缩减为3个

[root@master ~]# kubectl scale --replicas=3 deployment myapp
deployment.extensions/myapp scaled
[root@master ~]# kubectl get pods
NAME                          READY     STATUS        RESTARTS   AGE
client                        1/1       Running       0          26m
myapp-848b5b879b-28crc        0/1       Terminating   0          2m
myapp-848b5b879b-4dz7h        1/1       Running       0          9m
myapp-848b5b879b-9dp4m        1/1       Running       0          2m
myapp-848b5b879b-g4pzd        0/1       Terminating   0          2m
myapp-848b5b879b-wjktr        1/1       Running       0          9m
nginx-deploy-5b595999-j6p8g   1/1       Running       0          18m

滚动更新

现在更新pod的镜像

## 镜像的具体信息可以通过kubectl describe pod pod_name获取
[root@master ~]# kubectset image deployment myapp myapp=ikubernetes/myapp:v2
deployment.extensions/myapp image updated
[root@master ~]# kubectl rollout status deployment myapp
Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "myapp" rollout to finish: 4 of 5 updated replicas are available...
deployment "myapp" successfully rolled out

在busybox pod上观察

Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>

可以发现,会有一段时间v1和v2版本会共存,后续更新完毕后,所有pod版本都会变为v2版本。

回滚

  1. 可以直接修改image
  2. 也可以使用undo

master节点上执行undo

[root@master ~]# kubectl get pods
NAME                          READY     STATUS    RESTARTS   AGE
client                        1/1       Running   0          34m
myapp-74c94dcb8c-5hflp        1/1       Running   0          3m
myapp-74c94dcb8c-6klpb        1/1       Running   0          3m
myapp-74c94dcb8c-gsrbj        1/1       Running   0          3m
myapp-74c94dcb8c-jfzzr        1/1       Running   0          3m
myapp-74c94dcb8c-p55sz        1/1       Running   0          3m
nginx-deploy-5b595999-j6p8g   1/1       Running   0          26m
[root@master ~]# kubectl rollout undo deployment myapp
deployment.extensions/myapp
[root@master ~]# kubectl get pods
NAME                          READY     STATUS    RESTARTS   AGE
client                        1/1       Running   0          36m
myapp-848b5b879b-5bvtk        1/1       Running   0          34s
myapp-848b5b879b-8dh6r        1/1       Running   0          33s
myapp-848b5b879b-dzsxq        1/1       Running   0          35s
myapp-848b5b879b-gbrqg        1/1       Running   0          35s
myapp-848b5b879b-vh4l9        1/1       Running   0          35s
nginx-deploy-5b595999-j6p8g   1/1       Running   0          28m

可以发现myapp的pod全部改变了。去busybox pod中查看:

Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>

自动扩缩容: 依赖资源使用状态。

在集群外访问

修改svc myapp-svc

kubectl edit svc myapp-svc
# 将type: ClusterIP修改为 type: NodePort

之后,查看svc

[root@master ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP        9h
myapp-svc    NodePort    10.105.155.237   <none>        80:30724/TCP   24m
nginx        ClusterIP   10.101.41.108    <none>        80/TCP         53m

发现myapp-svc绑定了30724端口。

在windows浏览器访问url nodeIP:30724 发现是可以访问的(未截图)

使用任意node的ip均可

[root@master ~]# while true; do wget -O - -q 192.168.18.128:30724; sleep 0.3;done
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
^C
[root@master ~]# while true; do wget -O - -q 192.168.18.129:30724; sleep 0.3;done
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
^C
[root@master ~]# while true; do wget -O - -q 192.168.18.130:30724; sleep 0.3;done
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>

felix0913
27 声望1 粉丝