什么是pod?
Pod是一组一个或多个容器(例如Docker容器),具有共享的存储/网络,以及有关如何运行这些容器的规范。 Pod的内容始终位于同一地点,并在同一时间安排,并在共享上下文中运行。 Pod对特定于应用程序的“逻辑主机”进行建模-它包含一个或多个相对紧密耦合的应用程序容器-在容器之前的世界中,在同一物理或虚拟机上执行将意味着在同一逻辑主机上执行 。
简单示例
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
namespace: default
spec:
containers:
- name: nginx-container
image: nginx:latest
将清单提交给kubernetes集群,将创建定义的pod及其管理的pod
[root@master kubernetes]# kubectl apply -f pod-nginx.yaml
验证:
[root@master kubernetes]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-pod 1/1 Running 0 59s
pod的资源清单属性介绍:
kubectl explain pod
apiVersion <string>、kind <string>、metadata <Object>、spec <Object>、status <Object>(只读)。只要五个字段。
apiVersion: v1 #稳定版
kind: Pod #资源类型为Pod
status只读不需要定义,所以只剩下两项metadata和spec。下面详解这两项
kubectl explain pod.metadata 这里只介绍常用的属性
annotations <map[string]string> #注释是与资源一起存储的非结构化键值映射
labels <map[string]string> #用法请看下面示例,看到<map[string]string>这种都是用下面的示例用法。
name <string> #名称是显示在kubectl get pod的名称
namespace <string> #类型有4种,查询namespace命令:kubectl get namespace
metadata.labels示例
labels:
keys:values
...
kubectl explain pod.spec
containers <[]Object> -required- #kubernetes根据这个属性需求进行创建pod,请看下面介绍。
nodeName <string> #根据nodeName的值与节点的名称进行匹配,成功就创建pod。查看节点:kubectl get node
nodeSelector <map[string]string> #根据nodeSelector的标签与节点的标签进行匹配,成功就创建pod。查看节点标签:kubectl get node --show-labels
restartPolicy <string> #重启策略,有3种策略(Always, OnFailure(正常退出才会重启), Never. Default to Always.)
kubectl explain pod.spec.containers
name <string> -required- #容器的名称
image <string> #容器的镜像,用法:image: 镜像:标签
imagePullPolicy <string> #有三个策略(Always(不管存不存,都从网上拉镜像), Never(不管存不存,都不从网上拉镜像), IfNotPresent(当节点存在镜像就不拉镜像). Defaults to Always)
command <[]string> #启动pod的命令
args <[]string> #启动pod命令的参数
ports <[]Object> #pod暴露的端口给宿主机。用法请看下面的示例。 看到<[]Object>这种都是下面的示例用法。
spec.containers.ports示例
ports:
- name: <string> #port的名称
containerPort: <integer> -required- #暴露的端口号
综合示例:
---
apiVersion: v1
kind: Pod
metadata:
annotations:
Author: mycloudedu
name: busybox-pod
namespace: default
labels:
app: busybox
tier: backup
spec:
containers:
- name: busybox-container
image: busybox:latest
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
command:
- '/bin/sh'
- '-c'
- 'sleep 3600'
nodeName: node01
验证:
[root@master kubernetes]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
busybox-pod 1/1 Running 0 2m52s 10.244.1.40 node01 <none> <none>[root@master kubernetes]# kubectl describe pods busybox-pod
...展示部分内容
Command:
/bin/sh
-c
sleep 3600...
Pod Lifecycle:管理系统响应容器生命周期事件应采取的措施。
示例
---
apiVersion: v1
kind: Pod
metadata:
name: lifecycle-poststart-pod
namespace: default
labels:
app: nginx
tier: frontend
spec:
containers:
- name: lifecycle-poststart-container
image: nginx:latest
imagePullPolicy: IfNotPresent
lifecycle:
postStart:
exec:
command: ["/bin/sh","-c","echo Hello from the postStart handler > /usr/share/nginx/html/index.html"]
验证:
[root@master kubernetes]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
lifecycle-poststart-pod 1/1 Running 0 13s 10.244.2.36 node02 <none> <none>
[root@master kubernetes]# curl 10.244.2.36
Hello from the postStart handler
查看lifecycle用法:kubectl explain pod.spec.containers.lifecycle
pod livenessProbe:定期检查容器的活动性。如果探测失败,容器将重新启动。
示例
apiVersion: v1
kind: Pod
metadata:
name: liveness-exec-pod
namespace: default
spec:
containers:
- name: liveness-exec-container
image: busybox:latest
imagePullPolicy: IfNotPresent
command:
- "/bin/sh"
- "-c"
- "touch /1.txt; sleep 10; rm -f /1.txt; sleep 3600"
livenessProbe:
periodSeconds: 2
exec:
command:
- "cat"
- "/1.txt"
验证:
[root@master kubernetes]# kubectl get pod
NAME READY STATUS RESTARTS AGE
liveness-exec-pod 1/1 Running 0 5s[root@master kubernetes]# kubectl get pod
NAME READY STATUS RESTARTS AGE
liveness-exec-pod 1/1 Running 1 54s
查看livenessProbe用法:kubectl explain pod.spec.containers.livenessProbe
pod readinessprobe:定期调查容器服务准备情况。如果探测失败,容器将从服务端点中删除。
示例
---
apiVersion: v1
kind: Pod
metadata:
name: readinessprobe-httpget-pod
namespace: default
spec:
containers:
- name: readinessprobe-httpget-container
image: nginx:latest
ports:
- name: http
containerPort: 80
imagePullPolicy: IfNotPresent
readinessProbe:
httpGet:
port: 80
periodSeconds: 3
initialDelaySeconds: 2
验证
[root@master kubernetes]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
readinessprobe-httpget-pod 1/1 Running 0 23s 10.244.2.38 node02 <none> <none>交互式进入pod,人为破坏主页文件
[root@master kubernetes]# kubectl exec readinessprobe-httpget-pod -it -- /bin/sh
# rm /usr/share/nginx/html/index.html
验证
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
readinessprobe-httpget-pod 0/1 Running 0 113s交互式进入pod,人为创建主页
[root@master kubernetes]# kubectl exec readinessprobe-httpget-pod -it -- /bin/sh
# echo 'hello' > /usr/share/nginx/html/index.html
验证
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
readinessprobe-httpget-pod 1/1 Running 0 2m56s
[root@master ~]# curl 10.244.2.38
hello