Kubernetes Pod
程序员文章站
2022-03-12 10:23:07
...
1. 简介
Pod 是一个容器集合,且集合中的容器运行于同一台主机上。
同一个 Pod 中的多个容器共享相同的存储资源和网络资源。
Pod 是 Kubernetes 中最小的调度单元。
2. 基础用法
在线测试平台:minikube
pod.yaml
:
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: nginx
version: dev
spec:
containers:
- name: nginx
image: nginx:1.14.2
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
-
创建
$ kubectl apply -f pod.yaml pod/nginx created
-
罗列
$ kubectl get pod NAME READY STATUS RESTARTS AGE nginx 1/1 Running 0 16s
-
查看 Pod 的状态
$ kubectl describe pod nginx Name: nginx Namespace: default Priority: 0 Node: minikube/172.17.0.123 Start Time: Thu, 21 Oct 2021 12:36:10 +0000 Labels: app=nginx version=dev Annotations: <none> Status: Running IP: 172.18.0.6 IPs: IP: 172.18.0.6 Containers: nginx: Container ID: docker://84e77377be124a9c768f1421edcf21f0304a728d93baf69206c7da6dcadd4346 Image: nginx:1.14.2 Image ID: docker-pullable://[email protected]:f7988fb6c02e0ce69257d9bd9cf37ae20a60f1df7563c3a2a6abe24160306b8d Port: 80/TCP Host Port: 0/TCP State: Running Started: Thu, 21 Oct 2021 12:36:18 +0000 Ready: True Restart Count: 0 Environment: <none> Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-lszb9 (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: default-token-lszb9: Type: Secret (a volume populated by a Secret) SecretName: default-token-lszb9 Optional: false QoS Class: BestEffort Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 4m31s default-scheduler Successfully assigned default/nginx to minikube Normal Pulling 4m29s kubelet Pulling image "nginx:1.14.2" Normal Pulled 4m24s kubelet Successfully pulled image "nginx:1.14.2" in 5.718214559s Normal Created 4m23s kubelet Created container nginx Normal Started 4m23s kubelet Started container nginx
-
在容器中执行指定的命令
$ kubectl exec nginx -c nginx -it -- /bin/bash [email protected]:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
第一个 nginx 是 Pod 名称,第二个 nginx 是 Pod 中容器的名称。
-
查看容器的日志输出
$ kubectl logs nginx -c nginx
-
访问 nginx
$ curl http://172.18.0.6 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> ... </html>
-
删除
$ kubectl delete pod nginx pod "nginx" deleted
或
$ kubectl delete -f pod.yaml
3. 探针
Kubernetes 提供了 3 种类型的探针:
-
livenessProbe
:指示容器是否在运行着。如果探测失败,则会杀死容器,然后根据重启策略来决定是否重启容器。 -
readinessProbe
:指示容器是否准备好响应请求。 -
startupProbe
:指示容器中的应用是否已经启动。如果启用了此类型的探针,则其他类型的探针会被禁用。
每种探针都提供了 3 种探测方法:
-
exec
:在容器中执行指定的命令,如果命令退出码为 0,则认为是成功。 -
httpGet
:向 Pod 发出一个 HTTP GET 请求,如果响应状态码位于 [200, 400) 之间,则认为是成功。 -
tcpSocket
:向 Pod 发起一个 TCP 连接,如果指定的端口处于打开状态,则认为是成功。
例子:
-
exec 方式
apiVersion: v1 kind: Pod metadata: name: liveness-exec spec: containers: - name: liveness image: k8s.gcr.io/busybox args: - /bin/sh - -c - touch /tmp/healthy; sleep 30; rm -rf /tmp/healthy; sleep 600 livenessProbe: exec: command: - cat - /tmp/healthy initialDelaySeconds: 5 periodSeconds: 5
-
httpGet 方式
apiVersion: v1 kind: Pod metadata: name: liveness-http spec: containers: - name: liveness image: k8s.gcr.io/liveness args: - /server livenessProbe: httpGet: path: /healthz port: 8080 httpHeaders: - name: Custom-Header value: Awesome initialDelaySeconds: 3 periodSeconds: 3
-
tcpSocket 方式
apiVersion: v1 kind: Pod metadata: name: goproxy spec: containers: - name: goproxy image: k8s.gcr.io/goproxy:0.1 ports: - containerPort: 8080 livenessProbe: tcpSocket: port: 8080 initialDelaySeconds: 15 periodSeconds: 20
4. 查看帮助
$ kubectl explain pod
KIND: Pod
VERSION: v1
DESCRIPTION:
Pod is a collection of containers that can run on a host. This resource is
created by clients and scheduled onto hosts.
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
...
$ kubectl explain pod.spec.containers
KIND: Pod
VERSION: v1
RESOURCE: containers <[]Object>
DESCRIPTION:
List of containers belonging to the pod. Containers cannot currently be
added or removed. There must be at least one container in a Pod. Cannot be
updated.
A single application container that you want to run within a pod.
FIELDS:
args <[]string>
Arguments to the entrypoint. The docker image's CMD is used if this is not
provided. Variable references $(VAR_NAME) are expanded using the
container's environment. If a variable cannot be resolved, the reference in
the input string will be unchanged. The $(VAR_NAME) syntax can be escaped
with a double $$, ie: $$(VAR_NAME). Escaped references will never be
expanded, regardless of whether the variable exists or not. Cannot be
updated. More info:
https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
...
下一篇: centos6.8环境的安装配置