30选5玩法|福彩30选5开奖结果321|
 

标签:Kubernetes

一看必会系列:kubernetes使用yaml部署nginx集群

注意空行和格式

 

1 创建nginx-rc.yaml

vim "nginx-rc.yaml" 18L, 350C       

apiVersion: v1
kind: ReplicationController
metadata:
  name: nginx-controller
spec:
  replicas: 2
  selector:
    name: nginx-selector
  template:
    metadata:
      labels:
        name: nginx-selector
    spec:
      containers:
        – name: nginx
          image: 192.168.142.131:5000/nginx:v1
          ports:
            – containerPort: 80

2 创建nginx-service-nodeport.yaml

vim nginx-service-nodeport.yaml

apiVersion: v1
kind: Service
metadata:
  name: nginx-service-nodeport
spec:
  ports:
    – port: 8800
      targetPort: 80
      protocol: TCP
  type: NodePort
  selector:
    name: nginx-selector

~                                                                                      
3 创建pod

kubectl create -f nginx-rc.yaml

4 创建service
kubectl create -f nginx-service-nodeport.yaml

 

看RC状态                                             

[[email protected] ~]# kubectl get rc
NAME               DESIRED   CURRENT   READY     AGE
nginx-controller   2         2         2         26m    2个是正常

------中间广告---------

 

看service 状态
[[email protected] ~]# kubectl get service
NAME                       CLUSTER-IP        EXTERNAL-IP   PORT(S)          AGE
my-nginx-974504764-z1zwq   192.168.142.107   <pending>     80:32594/TCP     17h
my-nginx-974504764-z3mtw   192.168.142.252   <pending>     80:30025/TCP     17h
nginx-service-nodeport     192.168.142.53    <nodes>       8800:30572/TCP   26m  service 状态 8800映射到30672

 

看nodeport可对外提供服务的端口

[[email protected] ~]# kubectl describe service nginx-service-nodeport
Name:            nginx-service-nodeport
Namespace:        default
Labels:            <none>
Selector:        name=nginx-selector
Type:            NodePort
IP:            192.168.142.53
Port:            <unset>    8800/TCP             提供service端口
NodePort:        <unset>   30572/TCP    外部能访问的端口
Endpoints:        172.17.100.2:80,172.17.73.2:80  容器内部端口
Session Affinity:    None
No events.
[[email protected] ~]#

更详细的

[[email protected] ~]# kubectl get pods –all-namespaces -o wide
NAMESPACE     NAME                                    READY     STATUS    RESTARTS   AGE       IP             NODE
default       nginx-controller-mcm0s                  1/1       Running   0          28m       172.17.100.2   192.168.142.132
default       nginx-controller-vq0dl                  1/1       Running   0          28m       172.17.73.2    192.168.142.130
kube-system   kubernetes-dashboard-3820983789-jnsdz   1/1       Running   0          18h       172.17.88.3    192.168.142.131
[[email protected] ~]#

 

访问方式

http://192.168.142.131:30572/

http://192.168.142.130:30572/

因为service使用的是NodePort方式,所以在任?#25105;?#20010;节点访问31152这个端口都可以访问nginx

image

https://www.cnblogs.com/puroc/p/5764330.html

一看就会系列:kubernetes使用yaml部署nginx集群

注意空行和格式

 

1 创建nginx-rc.yaml

vim "nginx-rc.yaml" 18L, 350C       

apiVersion: v1
kind: ReplicationController
metadata:
  name: nginx-controller
spec:
  replicas: 2
  selector:
    name: nginx-selector
  template:
    metadata:
      labels:
        name: nginx-selector
    spec:
      containers:
        – name: nginx
          image: 192.168.142.131:5000/nginx:v1
          ports:
            – containerPort: 80

2 创建nginx-service-nodeport.yaml

vim nginx-service-nodeport.yaml

apiVersion: v1
kind: Service
metadata:
  name: nginx-service-nodeport
spec:
  ports:
    – port: 8800
      targetPort: 80
      protocol: TCP
  type: NodePort
  selector:
    name: nginx-selector

~                                                                                      
3 创建pod

kubectl create -f nginx-rc.yaml

4 创建service
kubectl create -f nginx-service-nodeport.yaml

 

看RC状态                                             

[[email protected] ~]# kubectl get rc
NAME               DESIRED   CURRENT   READY     AGE
nginx-controller   2         2         2         26m    2个是正常

 

看service 状态
[[email protected] ~]# kubectl get service
NAME                       CLUSTER-IP        EXTERNAL-IP   PORT(S)          AGE
my-nginx-974504764-z1zwq   192.168.142.107   <pending>     80:32594/TCP     17h
my-nginx-974504764-z3mtw   192.168.142.252   <pending>     80:30025/TCP     17h
nginx-service-nodeport     192.168.142.53    <nodes>       8800:30572/TCP   26m  service 状态 8800映射到30672

 

看nodeport可对外提供服务的端口

[[email protected] ~]# kubectl describe service nginx-service-nodeport
Name:            nginx-service-nodeport
Namespace:        default
Labels:            <none>
Selector:        name=nginx-selector
Type:            NodePort
IP:            192.168.142.53
Port:            <unset>    8800/TCP             提供service端口
NodePort:        <unset>   30572/TCP    外部能访问的端口
Endpoints:        172.17.100.2:80,172.17.73.2:80  容器内部端口
Session Affinity:    None
No events.
[[email protected] ~]#

更详细的

[[email protected] ~]# kubectl get pods –all-namespaces -o wide
NAMESPACE     NAME                                    READY     STATUS    RESTARTS   AGE       IP             NODE
default       nginx-controller-mcm0s                  1/1       Running   0          28m       172.17.100.2   192.168.142.132
default       nginx-controller-vq0dl                  1/1       Running   0          28m       172.17.73.2    192.168.142.130
kube-system   kubernetes-dashboard-3820983789-jnsdz   1/1       Running   0          18h       172.17.88.3    192.168.142.131
[[email protected] ~]#

 

访问方式

http://192.168.142.131:30572/

http://192.168.142.130:30572/

因为service使用的是NodePort方式,所以在任?#25105;?#20010;节点访问31152这个端口都可以访问nginx

 

https://www.cnblogs.com/puroc/p/5764330.html

kubernetes deployments部署容器测试

有弊病,NODE上端口是不一致的。玩玩而已。

 

端口映射过程

 

endpoing—service —–nodeport—-可被外访问

容器内部端口–服务端口–真正的端口

跑多POD容器
kubectl run my-nginx –image=192.168.142.131:5000/nginx:v1 –replicas=2 –port=80

查看状态
[[email protected] ~]# kubectl get pods
NAME                       READY     STATUS    RESTARTS   AGE
my-nginx-974504764-z1zwq   1/1       Running   1          32m
my-nginx-974504764-z3mtw   1/1       Running   0          32m
[[email protected] ~]#

开启外网访问

[[email protected] ~]# kubectl expose pod my-nginx-974504764-z3mtw –port=80 –type=LoadBalancer
service "my-nginx-974504764-z3mtw" exposed
[[email protected] ~]# kubectl get services
NAME                       CLUSTER-IP        EXTERNAL-IP   PORT(S)        AGE
kubernetes                 192.168.142.1     <none>        443/TCP        6h
my-nginx-974504764-z1zwq   192.168.142.107   <pending>     80:32594/TCP   6m
my-nginx-974504764-z3mtw   192.168.142.252   <pending>     80:30025/TCP   5s
[[email protected] ~]#

查看状态
[email protected] ~]# kubectl get svc
NAME                       CLUSTER-IP        EXTERNAL-IP   PORT(S)        AGE
kubernetes                 192.168.142.1     <none>        443/TCP        6h
my-nginx-974504764-z1zwq   192.168.142.107   <pending>     80:32594/TCP   11m  后面是主机端口
my-nginx-974504764-z3mtw   192.168.142.252   <pending>     80:30025/TCP   4m

相看nodeIP
kubectl get pods –all-namespaces -o wide

访问
http://192.168.142.132:32594/

删除 deployments

[[email protected] ~]# kubectl delete deployments my-nginx
deployment "my-nginx" deleted
[[email protected] ~]#

一看必会系列:kubernetes 正确的删除pod的方式

查看所有pods

[[email protected] ~]# kubectl get pods
NAME                          READY     STATUS              RESTARTS   AGE
jeffnginx-946323625-6bjz8     1/1       Running             0          46s
jeffnginx1-3759915275-fbv90   0/1       ContainerCreating   0          21h
jeffnginx2-521453951-5r0g4    0/1       ContainerCreating   0          21h
nginx-controller-7bxpx        0/1       ContainerCreating   0          21h
nginx-controller-fl3kf        0/1       ContainerCreating   0          21h

用delete一个一个删除
[[email protected] ~]# kubectl delete pods jeffnginx1-3759915275-fbv90
pod "jeffnginx1-3759915275-fbv90" deleted
[[email protected] ~]# kubectl delete pods jeffnginx2-521453951-5r0g4
pod "jeffnginx2-521453951-5r0g4" deleted
[[email protected] ~]# kubectl delete pods nginx-controller-7bxpx
pod "nginx-controller-7bxpx" deleted
[[email protected] ~]# kubectl delete pods nginx-controller-fl3kf
pod "nginx-controller-fl3kf" deleted
[[email protected] ~]#

发现所有pod会自己起来这是repolic 的机制很正确。这是正是确保replicas为1的动作。

[[email protected] ~]# kubectl get pods
NAME                          READY     STATUS              RESTARTS   AGE
jeffnginx-946323625-6bjz8     1/1       Running             0          1m
jeffnginx1-3759915275-v5791   1/1       Running             0          47s
jeffnginx2-521453951-hgc8z    0/1       ContainerCreating   0          37s
nginx-controller-l67nm        0/1       ImagePullBackOff    0          30s
nginx-controller-pmrxf        0/1       ContainerCreating   0          22s

[[email protected] ~]# kubectl get pods
NAME                          READY     STATUS              RESTARTS   AGE
jeffnginx-946323625-6bjz8     1/1       Running             0          3m
jeffnginx1-3759915275-v5791   1/1       Running             0          2m
jeffnginx2-521453951-hgc8z    0/1       ContainerCreating   0          1m
nginx-controller-l67nm        0/1       ErrImagePull        0          1m
nginx-controller-pmrxf        0/1       ContainerCreating   0          1m

使用deployments 命令

[[email protected] ~]# kubectl get deployments
NAME         DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
jeffnginx    1         1         1            1           23h
jeffnginx1   1         1         1            1           22h
jeffnginx2   1         1         1            0           22h
[[email protected] ~]# kubectl delete deployment jeffnginx
deployment "jeffnginx" deleted
[[email protected] ~]# kubectl delete deployment jeffnginx1
deployment "jeffnginx1" deleted
[[email protected] ~]# kubectl delete deployment jeffnginx2
deployment "jeffnginx2" deleted

删除后pods将不在存在
[[email protected] ~]# kubectl get deployments
No resources found.
[[email protected] ~]#

查看除了pod的?#35797;?kubectl get rc,service

[[email protected] ~]# kubectl get rc,service
NAME                  DESIRED   CURRENT   READY     AGE
rc/nginx-controller   2         2         0         22h   两个rc服务

NAME             CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
svc/kubernetes   192.168.142.1   <none>        443/TCP   9d  一个Service服务

[[email protected] ~]# kubectl delete rc –all

删除service 命令
[[email protected] ~]# kubectl get service
NAME         CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   192.168.142.1   <none>        443/TCP   32s
[[email protected] ~]# kubectl delete services kubernetes
service "kubernetes" deleted
[[email protected] ~]#
[[email protected] ~]#
[[email protected] ~]# kubectl get service
No resources found.
[[email protected] ~]#

官方命令
[[email protected] ~]# kubectl get service –all
Error: unknown flag: –all

Examples:
  # List all pods in ps output format.
  kubectl get pods
 
  # List all pods in ps output format with more information (such as node name).
  kubectl get pods -o wide
 
  # List a single replication controller with specified NAME in ps output format.
  kubectl get replicationcontroller web
 
  # List a single pod in JSON output format.
  kubectl get -o json pod web-pod-13je7
 
  # List a pod identified by type and name specified in "pod.yaml" in JSON output format.
  kubectl get -f pod.yaml -o json
 
  # Return only the phase value of the specified pod.
  kubectl get -o template pod/web-pod-13je7 –template={{.status.phase}}
 
  # List all replication controllers and services together in ps output format.
  kubectl get rc,services
 
  # List one or more resources by their type and names.
  kubectl get rc/web service/frontend pods/web-pod-13je7

一看必会系列:kubernetes排错及高级配置1

  kubectl get pod –all-namespaces
  kubectl get service –namespace=kube-system
  kubectl get pods –namespace=kube-system
  kubectl describe pod nginx-controller-mbs7l
——————-以下是排错及高级应用—————————
  kubectl get pod –all-namespaces
 
[[email protected] ~]# kubectl get pod –all-namespaces
NAMESPACE     NAME                                           READY     STATUS             RESTARTS   AGE
default       nginx-pod                                      1/1       Running            0          10h
kube-system   kubernetes-dashboard-latest-3308158392-8wj3w   0/1       ImagePullBackOff   0          10h

 
  kubectl get service –namespace=kube-system

[[email protected] ~]#   kubectl get service –namespace=kube-system
NAME                   CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE
kubernetes-dashboard   192.168.142.222   <none>        80/TCP    10h
 
  kubectl get pods –namespace=kube-system
 
[[email protected] ~]#   kubectl get pods –namespace=kube-system
NAME                                           READY     STATUS             RESTARTS   AGE
kubernetes-dashboard-latest-3308158392-8wj3w   0/1       ImagePullBackOff   0          10h
 
  kubectl get service –namespace=kube-system
 
[[email protected] ~]#   kubectl get service –namespace=kube-system
NAME                   CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE
kubernetes-dashboard   192.168.142.222   <none>        80/TCP    10h
 
  kubectl get pods –namespace=kube-system
  kubectl get  -f kubernetes-dashboard.yaml
 
 
 

   
—————–部署nginx测试——————-
nginx-pod.yaml
   
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
  name: nginx-pod
spec:
containers:
– name: nginx
   image: nginx
   ports:
   – containerPort: 80

   
   
http://blog.csdn.net/u013760355/article/details/68061976   
[[email protected] ~]# kubectl create -f /opt/dockerconfig/nginx-pod.yaml
Error from server (ServerTimeout): error when creating "/opt/dockerconfig/nginx-pod.yaml": No API token found for service account "default", retry after the token is automatically created and added to the service account

报错是验证产生的

[[email protected] ~]# vim /etc/kubernetes/apiserver

去掉相应配置
#KUBE_ADMISSION_CONTROL="–admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
KUBE_ADMISSION_CONTROL="–admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"

[[email protected] ~]# systemctl restart kube-apiserver
[[email protected] ~]#
解决

[[email protected] ~]# kubectl create -f /opt/dockerconfig/nginx-pod.yaml
pod "nginx-pod" created
[[email protected] ~]#

但是一直卡着
[[email protected] ~]# kubectl get pods
NAME        READY     STATUS              RESTARTS   AGE
nginx-pod   0/1       ContainerCreating   0          12m
[[email protected] ~]# kubectl get service
NAME         CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   192.168.142.1   <none>        443/TCP   1h
[[email protected] ~]#
主要是通过“kubectl describe pod PodName”指令查看pod发生的事件,从事件列表中可以查?#19994;?#38169;误信息。
查状态
[[email protected] ~]# kubectl get pods
NAME        READY     STATUS              RESTARTS   AGE
nginx-pod   0/1       ContainerCreating   0          12m
[[email protected] ~]# kubectl get service
NAME         CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   192.168.142.1   <none>        443/TCP   1h
[[email protected] ~]# kubectl describe pod gninx
Error from server (NotFound): pods "gninx" not found
[[email protected] ~]# kubectl describe pod nginx
Name:        nginx-pod
Namespace:    default
Node:        192.168.142.131/192.168.142.131
Start Time:    Thu, 18 Jan 2018 08:39:59 -0500
Labels:        name=nginx-pod
Status:        Pending
IP:       
Controllers:    <none>
Containers:
  nginx:
    Container ID:       
    Image:            nginx
    Image ID:           
    Port:            80/TCP
    State:            Waiting
      Reason:            ContainerCreating
    Ready:            False
    Restart Count:        0
    Volume Mounts:        <none>
    Environment Variables:    <none>
Conditions:
  Type        Status
  Initialized     True
  Ready     False
  PodScheduled     True
No volumes.
QoS Class:    BestEffort
Tolerations:    <none>
Events:
  FirstSeen    LastSeen    Count    From                SubObjectPath Type        Reason        Message
  ———    ——–    —–    —-                ————- ——–    ——        ——-
  15m        15m        1    {default-scheduler }                  Normal        Scheduled    Successfully assigned nginx-pod to 192.168.142.131
  15m        4m        7    {kubelet 192.168.142.131}              Warning        FailedSync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"

  14m    12s    64    {kubelet 192.168.142.131}        Warning    FailedSync    Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""

哈哈,你懂的
Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
[[email protected] ~]#

手动下载
[[email protected] ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure …
open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory
[[email protected] ~]#

———解决方法1 已失效,现版不知为毛这两包装了没用
[[email protected] ~]# yum install *rhsm* -y         —-安装

Installed:
  python-rhsm.x86_64 0:1.19.10-1.el7_4                                       python-rhsm-certificates.x86_64 0:1.19.10-1.el7_4                                     

Dependency Installed:
  python-dateutil.noarch 0:1.5-7.el7                                                                                                                                

Complete!

———-解决方法2

[[email protected] ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure …
latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure

26e5ed6899db: Pulling fs layer
66dbe984a319: Pulling fs layer
^C38e7863e08: Pulling fs layer

———前两个方案已失效用第三种
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm -ivh  python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
[[email protected]_master ~]# rpm -ivh python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
Preparing…                          ################################# [100%]
Updating / installing…
   1:python-rhsm-certificates-1.19.10-################################# [100%]
[[email protected]_master ~]# !ll
ll /etc/rhsm/ca/
total 8
-rw-r–r– 1 root root 7732 Oct 20  2017 redhat-uep.pem   ——就是这个文件

 

等10个小时就好了
[[email protected] ~]#   kubectl get pods
NAME        READY     STATUS    RESTARTS   AGE
nginx-pod   1/1       Running   0          11h

 

新建nginx-service.
[[email protected] dockerconfig]# kubectl create -f nginx-service.yaml
service "nginx-service" created
[[email protected] dockerconfig]# kubectl get -f nginx-service.yaml
NAME            CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
nginx-service   192.168.142.65   <nodes>       80:30001/TCP   8s
[[email protected] dockerconfig]#

访问 node1的 30001端口测试成功

———–
  在master节点上启动

systemctl enable flanneld.service
systemctl start flanneld.service
service docker restart
systemctl restart kube-apiserver.service
systemctl restart kube-controller-manager.service
systemctl restart kube-scheduler.service

for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler   kube-proxy  kubelet docker flanneld   ;
do systemctl restart   $SERVICES; systemctl enable $SERVICES; systemctl status $SERVICES; done;

在各个Nodes上启动

systemctl enable flanneld.service
systemctl start flanneld.service
service docker restart
systemctl restart kubelet.service
systemctl restart kube-proxy.service

node启动

for SERVICES in kube-proxy kubelet docker flanneld; do
        systemctl restart $SERVICES
        systemctl enable $SERVICES
        systemctl status $SERVICES
    done;

十?#31181;?#24102;你理解Kubernetes核心概念

No Comments 容器技术

本文将会简单介绍Kubernetes的核心概念。因为这些定义可以在Kubernetes的文档中?#19994;劍?#25152;以文章也会避免用大段的枯燥的文字介绍。相反,我们会使用一些图表(其中一些是动画)和示例来解释这些概念。我们发现一些概念(比如Service)如果没有图表的辅助就很难全面地理解。在合适的地方我们也会提供Kubernetes文档的链接以便读者深入学习。
这就开?#21450;傘?/p>

什么是Kubernetes?

Kubernetes(k8s)是自动化容器操作的开源平台,这些操作包括部署,调度和节点集群间扩展。如果你曾经用过Docker容器技术部署容器,那么可以将Docker看成Kubernetes内部使用的低级别组件。Kubernetes不仅仅支持Docker,还支持Rocket,这是另一种容器技术。
使用Kubernetes可以:

  • 自动化容器的部署和复制
  • 随时扩展或收缩容器规模
  • 将容器组织成组,并且提供容器间的负载均衡
  • 很容易地升级应用程序容器的新版本
  • 提供容器弹性,如果容器失效就替换它,等等…

实际上,使用Kubernetes只需一个部署文件,使用一条命令就可以部署多层容器(前端,后台等)的完整集群:

$ kubectl create -f single-config-file.yaml

kubectl是和Kubernetes API?#25442;?#30340;命令行程序。现在介绍一些核心概念。

集群

集群是一组节点,这些节点可以是物理服务器或者虚拟机,之上安装了Kubernetes平台。下图?#25925;?#36825;样的集群。注意该图为了强调核心概念有所简化。这里可以看到一个典型的Kubernetes架构图。

1.png

上图可以看到如下组件,使用特别的图标表示Service和Label:

  • Pod
  • Container(容器)
  • Label(label)(标签)
  • Replication Controller(复制控制器)
  • Service(enter image description here)(服务)
  • Node(节点)
  • Kubernetes Master(Kubernetes主节点)
Pod

Pod(上图绿色方框)安排在节点上,包含一组容器和卷。同一个Pod里的容器共享同一个网络命名空间,可以使用localhost互相通信。Pod是短暂的,不是?#20013;?#24615;实体。你可能会有这些问题:

  • 如果Pod是短暂的,那么我怎么才能持久化容器数据使其能够跨重启而存在呢? 是的,Kubernetes支持的概念,因此可以使用持久化的卷类型。
  • 是否手动创建Pod,如果想要创建同一个容器的多份拷贝,需要一个个?#30452;?#21019;建出来么?可以手动创建单个Pod,但是?#37096;?#20197;使用Replication Controller使用Pod模板创建出多份拷贝,下文会详细介绍。
  • 如果Pod是短暂的,那么重启时IP地址可能会改变,那么怎么才能从前端容器正确可靠地指向后台容器呢?#31354;?#26102;可以使用Service,下文会详细介绍。
Lable

正如图所示,一些Pod有Label(enter image description here)。一个Label是attach到Pod的一对键/值对,用?#21019;?#36882;用户定义的属性。比如,你可能创建了一个"tier"和“app”标签,通过Label(tier=frontend, app=myapp)来标记前端Pod容器,使用Label(tier=backend, app=myapp)标记后台Pod。然后可以使用Selectors选择带有特定Label的Pod,并且将Service或者Replication Controller应用到上面。

Replication Controller

是否手动创建Pod,如果想要创建同一个容器的多份拷贝,需要一个个?#30452;?#21019;建出来么,能否将Pods划到逻辑组里?

Replication Controller确保?#25105;?#26102;间都有指定数量的Pod?#26696;?#26412;”在运?#23567;?#22914;果为某个Pod创建了Replication Controller并且指定3个副本,它会创建3个Pod,并且?#20013;?#30417;控它们。如果某个Pod不响应,那么Replication Controller会替换它,保持总数为3.如下面的动画所示:

2.gif

如果之?#23433;?#21709;应的Pod?#25351;?#20102;,现在就有4个Pod了,那么Replication Controller会将其中一个终止保持总数为3。如果在运行中将副本总数改为5,Replication Controller会立刻启动2个新Pod,保证总数为5。还可以按照这样的方式缩小Pod,这个特性在执行滚动升级时很有用。

当创建Replication Controller?#20445;?#38656;要指定两个东西:

  1. Pod模板:用?#21019;?#24314;Pod副本的模板
  2. Label:Replication Controller需要监控的Pod的标签。

现在已经创建了Pod的一些副本,那么在这些副本上如何均衡负载呢?我们需要的是Service。

Service

如果Pods是短暂的,那么重启时IP地址可能会改变,怎么才能从前端容器正确可靠地指向后台容器呢?

Service是定义一系列Pod以及访问这些Pod的策略的一层抽象。Service通过Label?#19994;絇od组。因为Service是抽象的,所以在图表里通常看不到它们的存在,这也就让这一概念更难以理解。

现在,假定有2个后台Pod,并且定义后台Service的名称为‘backend-service’,lable选择器为(tier=backend, app=myapp)。backend-service 的Service会完成如下两件重要的事情:

  • 会为Service创建一个本地集群的DNS入口,因此前端Pod只需要DNS查找主机名为 ‘backend-service’,就能够解析出前端应用程序可用的IP地址。
  • 现在前端已经得到了后台服务的IP地址,但是它应该访问2个后台Pod的哪一个呢?Service在这2个后台Pod之间提供透明的负载均衡,会将请求分发给其中的?#25105;?#19968;个(如下面的动画所示)。通过每个Node上运行的代理(kube-proxy)完成。这里有更多技术细节。

下述动画?#25925;?#20102;Service的功能。注意该图作了很多简化。如果不进入网络配置,那?#21019;?#21040;透明的负载均衡目标所涉及的底层网络和路由相对先进。如果?#34892;?#36259;,这里有更深入的介绍。

3.gif

有一个特别类型的Kubernetes Service,称为’LoadBalancer‘,作为外部负载均衡器使用,在一定数量的Pod之间均衡流量。比如,对于负载均衡Web流量很有用。

Node

节点(上图橘色方框)是物理或者虚拟机器,作为Kubernetes worker,通常称为Minion。每个节点都运行如下Kubernetes关键组件:

  • Kubelet:是主节点代理。
  • Kube-proxy:Service使用其将链接路由到Pod,如上文所述。
  • Docker或Rocket:Kubernetes使用的容器技术?#21019;?#24314;容器。
Kubernetes Master

集群拥有一个Kubernetes Master(紫色方框)。Kubernetes Master提供集群的独特视角,并且拥有一系列组件,比如Kubernetes API Server。API Server提供可以用来和集群?#25442;?#30340;REST端点。master节点包括用?#21019;?#24314;和复制Pod的Replication Controller。

下一步

现在我们已经了解了Kubernetes核心概念的基本知识,你可以进一步阅读Kubernetes 用户手册。用户手册提供了快速并且完备的学习文档。

如果迫不及待想要试试Kubernetes,可以使用Google Container Engine。Google Container Engine是托管的Kubernetes容器环境。简单注册/登录之后就可以在上面尝试示例了。

原文链接:Learn the Kubernetes Key Concepts in 10 Minutes(翻译:崔婧雯)

30选5玩法