一.标签
1.概述:
标签是附加到kubernets对象(比如pod)上的键值对,标签可以在创建时附加到对象,随后也可以随时添加修改;标签不支持唯一性。
在k8s中大多数资源都是通过标签进行关联的(如pod与service)
2.标签管理
· 查看资源标签
[root@master demo]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
demo-env 1/1 Running 0 6s <none>
· 创建标签
1.声明式创建标签
1.1编辑资源清单
[root@master demo]# cat 08-pod-nginx.yaml
apiVersion: v1
kind: Pod
metadata:
name: demo-label
#资源加标签
labels:
learn: bilibili
k8s: wage
spec:
containers:
- name: demo-n
image: nginx:1.20.1-alpine
1.2创建查看资源(标签)
[root@master demo]# kubectl apply -f 08-pod-nginx.yaml
pod/demo-label created
[root@master demo]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
demo-label 1/1 Running 0 17s k8s=wage,learn=bilibili
2.响应式创建标签
2.1给现有pod资源加一个标签
[root@master demo]# kubectl label pods demo-label time=1255
pod/demo-label labeled
[root@master demo]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
demo-label 1/1 Running 0 4m11s k8s=wage,learn=bilibili,time=1255
注:响应式创建的标签,如果重新拉取pod(删除后再创建pod),标签会消失
3.删除标签
[root@master demo]# kubectl label pods demo-label time-
pod/demo-label unlabeled
[root@master demo]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
demo-label 1/1 Running 0 8m2s k8s=wage,learn=bilibili
[root@master demo]#
注:声明式创建的标签(资源清单),删除后,重新拉区,标签会重新创建
4.修改标签
[root@master demo]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
demo-label 1/1 Running 0 8m2s k8s=wage,learn=bilibili
[root@master demo]# kubectl label pods demo-label k8s=kubernets --overwrite
pod/demo-label labeled
[root@master demo]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
demo-label 1/1 Running 0 11m k8s=kubernets,learn=bilibili
5.通过标签删除pod
[root@master demo]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
demo-label 1/1 Running 0 11m k8s=kubernets,learn=bilibili
[root@master demo]# kubectl delete pods -l k8s
pod "demo-label" deleted
[root@master demo]# kubectl get pods -o wide
No resources found in default namespace.
二.pod镜像拉取策略
· Always:对比所有镜像来源,选择时间最新的
· Never:只使用本地镜像,本地若没有,也不会去远程仓库拉取
· IfNotPresent(默认策略):先看本地,本地有选择本地,本地没有,选择远程仓库
1.编写镜像拉取策略的资源清单
[root@master demo]# cat 09-pod-pull.yaml
apiVersion: v1
kind: Pod
metadata:
name: demo-pull
labels:
demo: pull
spec:
containers:
- name: nginx
image: nginx:1.20.1-alpine
#设置镜像拉取策略
imagePullPolicy: IfNotPresent
[root@master demo]# kubectl apply -f 09-pod-pull.yaml
pod/demo-pull created
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo-pull 1/1 Running 0 12s 10.100.1.30 worker1 <none> <none>
三.pod中容器的重启策略
· Always(默认值):当容器退出时(不论什么原因),自动拉起新的容器;
· Never:当容器退出时(不论什么原因),都不会重新创建拉起新的容器;
· OnFailure:当容器“意外退出”时,才会拉起新的容器;
1.容器重启
· 编写容器重启策略的资源清单
[root@master demo]# cat 10-pod-restart.yaml
apiVersion: v1
kind: Pod
metadata:
name: demo-restart
labels:
demo: restart
spec:
#设置容器重启策略
restartPolicy: Always
containers:
- name: nginx
image: nginx:1.20.1-alpine
· 创建查看资源
[root@master demo]# kubectl apply -f 10-pod-restart.yaml
pod/demo-restart created
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo-restart 1/1 Running 0 10s 10.100.2.34 worker2 <none> <none>
· 在worker节点删除容器测试是否会重新拉起容器
[root@worker2 ~]# docker ps | grep "nginx"
714d17c65cef 7f18bdc92ca5 "/docker-entrypoint.…" About a minute ago Up About a minute k8s_nginx_demo-restart_default_03b7f2a9-6a09-4259-aa71-b9e5a186dc08_0
[root@worker2 ~]# docker rm -f 714d17c65cef
714d17c65cef
[root@worker2 ~]# docker ps | grep "nginx"
d4b6f0852149 7f18bdc92ca5 "/docker-entrypoint.…" 2 seconds ago Up 2 seconds k8s_nginx_demo-restart_default_03b7f2a9-6a09-4259-aa71-b9e5a186dc08_1
· master节点查看pod状态
此时,pod的restarts从0变为1
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo-restart 1/1 Running 1 113s 10.100.2.34 worker2 <none> <none>
四.pod的优雅终止
在pod的删除时,系统会自动延迟30s,为了给pod处理未处理完的请求
1.编辑资源清单
[root@master demo]# cat 11-pod-stop.yaml
apiVersion: v1
kind: Pod
metadata:
name: demo-stop
labels:
demo: stop
spec:
#pod优雅终止字段,定义延时kill信号的时间,给pod处理未完成的请求时间;
#缓期多少秒时间执行;若不设置,默认是30s;
terminationGracePeriodSeconds: 5
containers:
- name: demo-nginx
image: nginx:1.20.1-alpine
#定义容器的生命周期(容器启动做什么动作,容器停止前做什么动作)
lifecycle:
#容器启动前做什么
postStart:
exec:
command:
- "sh"
- "-c"
- "echo \"postStart at $(date +%F_%T)\" >> /poststart.log"
#容器停止前做什么
preStop:
exec:
command:
- "sh"
- "-c"
- "echo \"prestop at $(date +%F_%T)\" >> /prestop.log"
2.创建查看资源
[root@master demo]# kubectl apply -f 11-pod-stop.yaml
pod/demo-stop created
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo-stop 1/1 Running 0 9s 10.100.1.31 worker1 <none> <none>
3.进入容器查看是否完成容器启动前置动作
[root@master demo]# kubectl exec demo-stop -it -- sh
/ # ls
bin etc mnt root sys
dev home opt run tmp
docker-entrypoint.d lib poststart.log sbin usr
docker-entrypoint.sh media proc srv var
/ # cat poststart.log
postStart at 2024-07-14_05:32:59
/ # exit
五.pod中容器的资源限制
给pod设置固定的硬件使用限制,例如cpu、磁盘、内存
CPU资源单位:Kubernetes将1CPU以1000m来表示,CPU的最小资源单位为m,1m表示千分之一CPU。通常一个容器使用的CPU配额为100m~ 300m。
1.编辑资源清单
[root@master demo]# cat 12-pod-resources.yaml
apiVersion: v1
kind: Pod
metadata:
name: demo-res
labels:
demo: res
spec:
containers:
- name: demo
image: nginx:1.20.1-alpine
#设置资源限制
resources:
#最大资源的使用限制;最多就能用这么多的资源;
limits:
#2c;
cpu: 2000m
#限制内存
memory: 40M
#期望资源限制;需要宿主机预留的资源,我可以不用,但是你必须要有
requests:
#1c
cpu: 1000m
#限制内存
memory: 20M
2.创建查看资源
[root@master demo]# kubectl apply -f 12-pod-resources.yaml
pod/demo-res created
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo-res 1/1 Running 0 8s 10.100.2.35 worker2 <none> <none>
3.查看容器的资源大小是否为设置阈值
[root@worker2 ~]# docker ps | grep demo
0a1df97e8497 7f18bdc92ca5 "/docker-entrypoint.…" 35 seconds ago Up 35 seconds k8s_demodemo-res_default_a8af141d-f1cd-4474-95d1-eb3405413cfe_0
4c204b53ce98 registry.aliyuncs.com/google_containers/pause:3.6 "/pause" 36 seconds ago Up 35 seconds k8s_POD_demo-res_default_a8af141d-f1cd-4474-95d1-eb3405413cfe_0
[root@worker2 ~]# docker stats 0a1df97e8497
六.容器类型
· 基础架构容器【pause】:运行pod中的容器时,提供容器的网络名称空间
· 初始化容器【initContainers】:
完成一些业务容器运行前的操作,如执行命令,如果初始化容器没有创建成功,将一直重启,业务容器也就无法创建出来;
它可以延后业务容器的启动时间;
1.基础架构容器pause
查看基础架构容器
[root@worker2 ~]# docker ps | grep pause
2.初始化容器initContainers
· 编辑带有初始化容器的pod资源清单
[root@master demo]# cat 13-pod-init.yaml
apiVersion: v1
kind: Pod
metadata:
name: m12
spec:
#声明初始化容器
initContainers:
- name: init-demo1
image: alpine
#在初始化容器中执行命令
command:
- "sleep"
- "5"
- name: init-demo2
image: alpine
#在初始化容器中执行命令
command:
- "sleep"
- "5"
#业务容器
containers:
- name: demoinit
image: alpine
#给容器一个标准输入,也就是守护进程
stdin: true
·创建查看资源
[root@master demo]# kubectl apply -f 13-pod-init.yaml
pod/m12 created
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
m12 0/1 Init:0/2 0 12s <none> worker1 <none> <none>
·查看状态
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
m12 0/1 Init:0/2 0 24s 10.100.1.32 worker1 <none> <none>
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
m12 0/1 Init:1/2 0 27s 10.100.1.32 worker1 <none> <none>
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
m12 0/1 PodInitializing 0 52s 10.100.1.32 worker1 <none> <none>
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
m12 1/1 Running 0 63s 10.100.1.32 worker1 <none> <none>
七.pod中容器的守护进程
1.创建资源清单,拉取alpine最小linux系统
[root@master demo]# cat 14-pod-dae.yaml
apiVersion: v1
kind: Pod
metadata:
name: m-alpine
spec:
containers:
- name: c1
image: alpine
2.创建查看资源
查看pod资源,发现,启动后会结束,因为没有守护进程
[root@master demo]# kubectl apply -f 14-pod-dae.yaml
pod/m-alpine created
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
m-alpine 0/1 ContainerCreating 0 7s <none> worker1 <none> <none>
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
m-alpine 0/1 Completed 0 19s 10.100.1.33 worker1 <none> <none>
3.修改资源清单,加入标准输入stdin
[root@master demo]# cat 14-pod-dae.yaml
apiVersion: v1
kind: Pod
metadata:
name: m-alpine
spec:
containers:
- name: c1
image: alpine
stdin: true
4,再次查看pod
[root@master demo]# kubectl apply -f 14-pod-dae.yaml
pod/m-alpine created
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
m-alpine 0/1 ContainerCreating 0 7s <none> worker2 <none> <none>
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
m-alpine 0/1 ContainerCreating 0 17s <none> worker2 <none> <none>
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
m-alpine 1/1 Running 0 18s 10.100.2.36 worker2 <none> <none>
5.命令方式守护进程
·command
1.编辑资源清单
[root@master demo]# cat 14-pod-dae.yaml
apiVersion: v1
kind: Pod
metadata:
name: demo
spec:
containers:
- name: c1
image: alpine
command:
- "tail"
- "-f"
- "/etc/hosts"
2.创建查看资源
[root@master demo]# kubectl apply -f 14-pod-dae.yaml
pod/demo created
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo 0/1 ContainerCreating 0 6s <none> worker2 <none> <none>
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo 1/1 Running 0 19s 10.100.2.37 worker2 <none> <none>
·args
1.编辑资源清单
[root@master demo]# cat 14-pod-dae.yaml
apiVersion: v1
kind: Pod
metadata:
name: demo
spec:
containers:
- name: c1
image: alpine
args:
- "tail"
- "-f"
- "/etc/hosts"
2.创建查看资源
[root@master demo]# kubectl apply -f 14-pod-dae.yaml
pod/demo created
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo 0/1 ContainerCreating 0 5s <none> worker2 <none> <none>
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo 1/1 Running 0 83s 10.100.2.38 worker2 <none> <none>
· command与args结合(Dockerfile的命令讲解)
args可以当做command的参数进行命令执行;
跟docker中的守护进程命令一样;command就类似于ENTRYPOINT;args就类似于CMD;
[root@master pod]# cat 14-pod-dae.yaml
apiVersion: v1
kind: Pod
metadata:
name: demo
spec:
containers:
- name: c1
image: alpine
command:
- "tail"
- "-f"
args:
- "/etc/hosts"
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo 1/1 Running 0 83s 10.100.2.38 worker2 <none> <none>
八.pod排障之二-日志查询
1.查看pod
[root@master demo]# cat 14-pod-dae.yaml
apiVersion: v1
kind: Pod
metadata:
name: demo
spec:
containers:
- name: demo
image: nginx:1.20.1-alpine[root@master demo]# kubectl apply -f 14-pod-dae.yaml
pod/demo created
[root@master demo]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo 1/1 Running 0 6s 10.100.2.39 worker2 <none> <none>
2.模拟循环访问pod
while true ;
do
curl 10.100.2.39;
sleep 0.5
done3.查看pod日志
[root@master demo]# kubectl logs -f demo
4.面试题
如果pod中容器发生重启,如何查看重启前的容器的log日志信息?
· 模拟容器重启
[root@worker2 ~]# docker ps | grep demo
[root@worker2 ~]# docker kill ad9a8501d12c
ad9a8501d12c
· 验证是否重新拉起容器
· 查看容器重启前,上一个容器的日志信息
-p
[root@master demo]# kubectl logs -p demo
九.进入pod容器exec与cp命令
#进入pod中容器
kubectl exec pod名称 -it -- sh
#拷贝容器中数据到宿主机(默认pod中第一个容器)
kubectl cp pod名称:/root/demo.txt ./
#拷贝宿主机数据到容器
kubectl cp ./a.log pod名称:/mnt/
#指定容器拷贝
kubectl cp -c 容器名 pod名称:/root/demo.txt ./
#pod外部执行命令
[root@master pod]# kubectl exec demo -it -- ifconfig
![[数仓]十二、离线数仓(Atlas元数据管理)](https://i-blog.csdnimg.cn/direct/665257d42e5e4ce4a3e00534999128f4.png)