创建一个deployment
[root@master ~]# kubectl run --help
Create and run a particular image, possibly replicated.
Creates a deployment or job to manage the created container(s).
Usage:
kubectl run NAME --image=image [--env="key=value"] [--port=port] [--replicas=replicas] [--dry-run=bool]
[--overrides=inline-json] [--command] -- [COMMAND] [args...] [options]
使用如下命令:
[root@master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1 --dry-run=true
deployment.apps/nginx-deploy created (dry run)
[root@master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1
deployment.apps/nginx-deploy created
[root@master ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx-deploy 1 1 1 1 7s
[root@master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
nginx-deploy-5b595999-nzlmj 1/1 Running 0 1m 10.244.2.14 node02 <none>
创建了一个名为 nginx-deploy
的deployment,副本设置为1, 查看pod,发现生成了一个nginx的pod,且该pod运行在node02上,ip为 10.244.2.14
,检查node02的网络
[root@node02 ~]# ip a|grep -A5 cni0
5: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP qlen 1000
link/ether 0a:58:0a:f4:02:01 brd ff:ff:ff:ff:ff:ff
inet 10.244.2.1/24 scope global cni0
valid_lft forever preferred_lft forever
inet6 fe80::980e:b1ff:fee7:a26f/64 scope link
valid_lft forever preferred_lft forever
8: veth23ea238e@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP
link/ether 32:26:f6:cb:a0:9f brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::3026:f6ff:fecb:a09f/64 scope link
valid_lft forever preferred_lft forever
可以发现,pod是跑在cni网桥上的。
Pod此时可以在节点端通过Pod ip访问。
当我们删除这个pod后,Deployment会重新创建一个pod,该pod的ip就会变化。
[root@master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
nginx-deploy-5b595999-nzlmj 1/1 Running 0 1m 10.244.2.14 node02 <none>
[root@master ~]# kubectl delete pod nginx-deploy-5b595999-nzlmj
pod "nginx-deploy-5b595999-nzlmj" deleted
[root@master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
nginx-deploy-5b595999-z76bn 1/1 Running 0 4s 10.244.1.16 node01 <none>
所以,我们使用pod ip或pod hostname访问是不合适的,我们需要提供一个固定ip及端口。service可以满足要求。
创建一个service
用法
[root@master ~]# kubectl expose --help
Expose a resource as a new Kubernetes service.
Usage:
kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP] [--target-port=number-or-name]
[--name=name] [--external-ip=external-ip-of-service] [--type=type] [options]
创建service
[root@master ~]# kubectl expose deployment nginx-deploy --name=nginx --port=80 --target-port=80 --protocol=TCP
service/nginx exposed
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 8h
nginx ClusterIP 10.101.41.108 <none> 80/TCP 7s
现在,我们就可以在节点上通过ip 10.101.41.108 访问。在节点外部无法访问。
这类地址,更多时候是被pod客户端访问的。
我们创建一个pod客户端,来测试:
[root@master ~]# kubectl run client --image=busybox --replicas=1 -it --restart=Never
If you don't see a command prompt, try pressing enter.
/ # cat /etc/resolv.conf
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5
/ #
查看pod的dns解析,发现nameserver是 10.96.0.10
。这个ip是coredns的service ip。
[root@master ~]# kubectl get svc -n kube-system -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 9h k8s-app=kube-dns
此时,在busybox这个pod里,我们可以直接通过service name nginx
访问之前创建的service,而不是service的ip:port。
# busybox里
/ # wget nginx
Connecting to nginx (10.101.41.108:80)
index.html 100% |**************************************************************************************| 612 0:00:00 ETA
/ # wget -O - -q http://nginx:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
注意: 10.101.41.108是nginx的service的ip。
此时,我们人为将nginx的pod搞挂。
[root@master ~]# kubectl delete pod nginx-deploy-5b595999-z76bn
pod "nginx-deploy-5b595999-z76bn" deleted
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 8m
nginx-deploy-5b595999-j6p8g 1/1 Running 0 4s
再次在busybox里面访问nginx
# busybox里
/ # wget -O - -q http://nginx:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
nginx依旧可以访问。
可以通过如下命令,获取service后端的pod ip
[root@master ~]# kubectl describe service nginx
Name: nginx
Namespace: default
Labels: run=nginx-deploy
Annotations: <none>
Selector: run=nginx-deploy
Type: ClusterIP
IP: 10.101.41.108
Port: <unset> 80/TCP
TargetPort: 80/TCP
Endpoints: 10.244.2.17:80
Session Affinity: None
Events: <none>
动态修改
我们创建一个 myapp
的deployment
[root@master ~]# kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2
deployment.apps/myapp created
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 17m
myapp-848b5b879b-4dz7h 1/1 Running 0 7s
myapp-848b5b879b-wjktr 1/1 Running 0 7s
nginx-deploy-5b595999-j6p8g 1/1 Running 0 8m
[root@master ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
myapp 2 2 2 2 28s
nginx-deploy 1 1 1 1 38m
创建一个 myapp-svc
的service
[root@master ~]# kubectl expose deployment myapp --name=myapp-svc --port=80
service/myapp-svc exposed
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 9h
myapp-svc ClusterIP 10.105.155.237 <none> 80/TCP 7s
nginx ClusterIP 10.101.41.108 <none> 80/TCP 28m
这时候,在busybox pod里可以通过myapp-svc来访问
# busybox pod里
# 10.244.1.17是pod的ip
/ # wget -O - -q 10.244.1.17
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # wget -O - -q myapp-svc
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # while true; do wget -O - -q myapp-svc/hostname.html; sleep 1;done
myapp-848b5b879b-wjktr
myapp-848b5b879b-wjktr
myapp-848b5b879b-4dz7h
myapp-848b5b879b-wjktr
myapp-848b5b879b-4dz7h
myapp-848b5b879b-4dz7h
可以发现,后端的pod会有两个。
动态修改
将deployment myapp的副本修改为5个。
[root@master ~]# kubectl scale --replicas=5 deployment myapp
deployment.extensions/myapp scaled
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 24m
myapp-848b5b879b-28crc 1/1 Running 0 6s
myapp-848b5b879b-4dz7h 1/1 Running 0 7m
myapp-848b5b879b-9dp4m 1/1 Running 0 6s
myapp-848b5b879b-g4pzd 1/1 Running 0 6s
myapp-848b5b879b-wjktr 1/1 Running 0 7m
nginx-deploy-5b595999-j6p8g 1/1 Running 0 16m
此时,在busybox pod里访问:
/ # while true; do wget -O - -q myapp-svc/hostname.html; sleep 1;done
myapp-848b5b879b-g4pzd # 1
myapp-848b5b879b-9dp4m # 2
myapp-848b5b879b-9dp4m
myapp-848b5b879b-wjktr # 3
myapp-848b5b879b-28crc # 4
myapp-848b5b879b-4dz7h # 5
myapp-848b5b879b-28crc
myapp-848b5b879b-4dz7h
缩减为3个
[root@master ~]# kubectl scale --replicas=3 deployment myapp
deployment.extensions/myapp scaled
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 26m
myapp-848b5b879b-28crc 0/1 Terminating 0 2m
myapp-848b5b879b-4dz7h 1/1 Running 0 9m
myapp-848b5b879b-9dp4m 1/1 Running 0 2m
myapp-848b5b879b-g4pzd 0/1 Terminating 0 2m
myapp-848b5b879b-wjktr 1/1 Running 0 9m
nginx-deploy-5b595999-j6p8g 1/1 Running 0 18m
滚动更新
现在更新pod的镜像
## 镜像的具体信息可以通过kubectl describe pod pod_name获取
[root@master ~]# kubectset image deployment myapp myapp=ikubernetes/myapp:v2
deployment.extensions/myapp image updated
[root@master ~]# kubectl rollout status deployment myapp
Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "myapp" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "myapp" rollout to finish: 4 of 5 updated replicas are available...
deployment "myapp" successfully rolled out
在busybox pod上观察
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
可以发现,会有一段时间v1和v2版本会共存,后续更新完毕后,所有pod版本都会变为v2版本。
回滚
- 可以直接修改image
- 也可以使用undo
master节点上执行undo
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 34m
myapp-74c94dcb8c-5hflp 1/1 Running 0 3m
myapp-74c94dcb8c-6klpb 1/1 Running 0 3m
myapp-74c94dcb8c-gsrbj 1/1 Running 0 3m
myapp-74c94dcb8c-jfzzr 1/1 Running 0 3m
myapp-74c94dcb8c-p55sz 1/1 Running 0 3m
nginx-deploy-5b595999-j6p8g 1/1 Running 0 26m
[root@master ~]# kubectl rollout undo deployment myapp
deployment.extensions/myapp
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 36m
myapp-848b5b879b-5bvtk 1/1 Running 0 34s
myapp-848b5b879b-8dh6r 1/1 Running 0 33s
myapp-848b5b879b-dzsxq 1/1 Running 0 35s
myapp-848b5b879b-gbrqg 1/1 Running 0 35s
myapp-848b5b879b-vh4l9 1/1 Running 0 35s
nginx-deploy-5b595999-j6p8g 1/1 Running 0 28m
可以发现myapp的pod全部改变了。去busybox pod中查看:
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
自动扩缩容: 依赖资源使用状态。
在集群外访问
修改svc myapp-svc
kubectl edit svc myapp-svc
# 将type: ClusterIP修改为 type: NodePort
之后,查看svc
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 9h
myapp-svc NodePort 10.105.155.237 <none> 80:30724/TCP 24m
nginx ClusterIP 10.101.41.108 <none> 80/TCP 53m
发现myapp-svc绑定了30724端口。
在windows浏览器访问url nodeIP:30724 发现是可以访问的(未截图)
使用任意node的ip均可
[root@master ~]# while true; do wget -O - -q 192.168.18.128:30724; sleep 0.3;done
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
^C
[root@master ~]# while true; do wget -O - -q 192.168.18.129:30724; sleep 0.3;done
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
^C
[root@master ~]# while true; do wget -O - -q 192.168.18.130:30724; sleep 0.3;done
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用
。你还可以使用@
来通知其他用户。