Kerbernetes的Pod资源清单配置基础

　　　　　　　　　　　　Kerbernetes的Pod资源清单配置基础 

　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　作者：尹正杰

版权声明：原创作品，谢绝转载！否则将追究法律责任。 

 

 

 

一.资源对象管理方式

　　kubectl的命令可分为三类:
　　　　陈述式命令(Imperative Commands)
　　　　陈述式对象配置(Imperative Object Configuration)
　　　　声明式对象配置(Declarative Object Configuration)

　　第一种方式即此前用到的run,expose,delete和get等命令，它们直接作用于kubernetes系统上的活动对象，简单易用,但不是支持代码复用，修改复审及审计日志等功能，这些功能的实现通常要依赖于资源配置文件中，这些文件也被称为资源清单。

1>.陈述式命令创建名称空间案例(执行命令的方式缺点就是每次都得去敲,复用性极差,因此它相比陈述式，声明式对象配置压根就没有复用性)

[root@master200.yinzhengjie.org.cn ~]# kubectl get namespace　　　　　　　　　　#查看名称空间
NAME              STATUS   AGE
default           Active   9h
kube-node-lease   Active   9h
kube-public       Active   9h
kube-system       Active   9h
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get ns　　　　　　　　　　　　　　　#也是查看名称空间，只不过这里是简写形式而已
NAME              STATUS   AGE
default           Active   9h
kube-node-lease   Active   9h
kube-public       Active   9h
kube-system       Active   9h
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl create namespace operation　　　　#创建一个叫做"operation"的名称空间
namespace/operation created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl create ns development
namespace/development created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl create ns testing
namespace/testing created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get ns
NAME              STATUS   AGE
default           Active   9h
development       Active   38s
kube-node-lease   Active   9h
kube-public       Active   9h
kube-system       Active   9h
operation         Active   65s
testing           Active   3s
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]#

2>.陈述式对象配置创建名称空间案例(重复创建时会报错,生产环境不推荐使用)

[root@master200.yinzhengjie.org.cn ~]# mkdir -pv /yinzhengjie/data/k8s/manifests/basic
mkdir: created directory ‘/yinzhengjie/data’
mkdir: created directory ‘/yinzhengjie/data/k8s’
mkdir: created directory ‘/yinzhengjie/data/k8s/manifests’
mkdir: created directory ‘/yinzhengjie/data/k8s/manifests/basic’
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# cd /yinzhengjie/data/k8s/manifests/basic/
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# vim develop-ns.yaml
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# cat develop-ns.yaml
apiVersion: v1
kind: Namespace
metadata:
    name: develop
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# kubectl get ns
NAME              STATUS   AGE
default           Active   17h
kube-node-lease   Active   17h
kube-public       Active   17h
kube-system       Active   17h
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# ll
total 4
-rw-r--r-- 1 root root 59 Feb  5 12:53 develop-ns.yaml
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# kubectl create -f develop-ns.yaml 　　　　　　　　#使用陈述式对象配置创建名称空间
namespace/develop created
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# ll
total 4
-rw-r--r-- 1 root root 59 Feb  5 12:53 develop-ns.yaml
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# kubectl get ns
NAME              STATUS   AGE
default           Active   17h
develop           Active   8s
kube-node-lease   Active   17h
kube-public       Active   17h
kube-system       Active   17h
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# kubectl create -f develop-ns.yaml 　　　　　　　　#由于咱们定义的"develop"名称空间已经存在，因此给咱们抛出异常
Error from server (AlreadyExists): error when creating "develop-ns.yaml": namespaces "develop" already exists
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 

3>.声明式对象配置创建名称空间案例(重复创建时并不会报错)

[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# cp develop-ns.yaml production-ns.yaml
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# vim production-ns.yaml 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# cat production-ns.yaml 
apiVersion: v1
kind: Namespace
metadata:
    name: production
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# ll
total 8
-rw-r--r-- 1 root root 59 Feb  5 12:53 develop-ns.yaml
-rw-r--r-- 1 root root 62 Feb  5 12:55 production-ns.yaml
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# kubectl get ns
NAME              STATUS   AGE
default           Active   17h
develop           Active   2m26s
kube-node-lease   Active   17h
kube-public       Active   17h
kube-system       Active   17h
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# kubectl get namespace
NAME              STATUS   AGE
default           Active   17h
develop           Active   2m35s
kube-node-lease   Active   17h
kube-public       Active   17h
kube-system       Active   17h
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# kubectl apply -f production-ns.yaml 　　　　　　　　#使用声明式对象配置创建名称空间
namespace/production created
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# kubectl get namespace
NAME              STATUS   AGE
default           Active   17h
develop           Active   2m57s
kube-node-lease   Active   17h
kube-public       Active   17h
kube-system       Active   17h
production        Active   2s
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# kubectl apply -f production-ns.yaml 　　　　　　#重复创建同一个名称空间时并不会报错，而是友好的提示咱们没有发生任何改变。
namespace/production unchanged
[root@master200.yinzhengjie.org.cn /yinzhengjie/data/k8s/manifests/basic]# 

 

二.使用声明式对象配置创建pod(在一个pod中创建一个容器)

　　查看官方的参数参考文档:
　　　　https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#pod-v1-core

1>.使用"--export"选项将一个容器的创建作为模板导出(注意，该参数已经被废弃了，生产环境中尽量避免使用它，推荐大家使用Helm去管理)

[root@master200.yinzhengjie.org.cn ~]# kubectl get pods
NAME                       READY   STATUS    RESTARTS   AGE
mynginx-677d85dbd5-gkdb6   1/1     Running   0          5h12m
mynginx-677d85dbd5-vk5p5   1/1     Running   0          5h39m
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get pods mynginx-677d85dbd5-gkdb6 -o yaml --export > /yinzhengjie/data/k8s/manifests/basic/pod-demo.yaml
Flag --export has been deprecated, This flag is deprecated and will be removed in future.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 

[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod-demo.yaml 
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  generateName: mynginx-677d85dbd5-
  labels:
    app: mynginx
    pod-template-hash: 677d85dbd5
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: ReplicaSet
    name: mynginx-677d85dbd5
    uid: c5ff8e76-768b-4673-8df3-b5d3246a929d
  selfLink: /api/v1/namespaces/default/pods/mynginx-677d85dbd5-gkdb6
spec:
  containers:
  - image: nginx:1.14-alpine
    imagePullPolicy: IfNotPresent
    name: nginx
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: default-token-4jpjf
      readOnly: true
  dnsPolicy: ClusterFirst
  enableServiceLinks: true
  nodeName: node201.yinzhengjie.org.cn
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: default
  serviceAccountName: default
  terminationGracePeriodSeconds: 30
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 300
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 300
  volumes:
  - name: default-token-4jpjf
    secret:
      defaultMode: 420
      secretName: default-token-4jpjf
status:
  phase: Pending
  qosClass: BestEffort
[root@master200.yinzhengjie.org.cn ~]# 

[root@master200.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/k8s/manifests/basic/pod-demo.yaml