k8s中Controllers 资源控制器

阿里云国内75折回扣微信号：monov8

阿里云国际，腾讯云国际，低至75折。AWS 93折免费开户实名账号代冲值优惠多多微信号：monov8 飞机：@monov6

controller是在集群上管理和运行容器的对象pod通过controller来实现应用的运维比如伸缩滚动升级等。pod和controller之间通过label标签建立联系。

1.ReplicaSet

ReplicaSet通过selector标识创建的pod。yaml文件里的字段replicas是指控制器应该维护的Pod副本数量。当ReplicSet需要创建新的Pod副本会使用yaml里的pod模板也是就template字段。

cat << EOF > replicaset.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: nginx
labels:
app: rs-nginx
spec:
# modify replicas according to your case
replicas: 3
selector:
matchLabels:
app: pod-nginx
template:
metadata:
labels:
app: pod-nginx
spec:
containers:
- name: nginx
image: nginx
EOF

查看replicaset资源

[liwm@rmaster01 ~]$ kubectl get replicasets.apps

NAME DESIRED CURRENT READY AGE

nginx 3 3 3 92s

[liwm@rmaster01 ~]$

[liwm@rmaster01 ~]$ kubectl get pod

NAME READY STATUS RESTARTS AGE

nginx-q7dsl 1/1 Running 0 97s

nginx-qwbtp 1/1 Running 0 97s

nginx-vlwbd 1/1 Running 0 97s

[liwm@rmaster01 ~]$

#########

DESIRED: 请求的副本数

CURRENT实际运行的副本数

READY副本数为READY的数量

AGE生命周期

###

# 方法一修改本地yaml文件的replicas: 3

# 方法二编辑已经运行资源的yaml文件kubectl edit replicaset <replicaset_name>

# 方法三通过命令行kubectl scale replicaset --replicas=1 <replicaset_name>

replicaset和deployment的区别

2. Deployment

Deployment是一个更高级别的概念用于部署无状态服务通过管理ReplicaSet为Pod提供新的功能比如更新、回滚等。

# 方法一命令行创建

kubectl run nginx-app --image=nginx:1.9.0 --image-pull-policy=IfNotPresent --replicas=2

# 方法二yaml创建

[rancher@rmaster01 ~]$ kubectl create deployment app --image=nginx --dry-run=client -o

编辑nginx.yml

cat << EOF > nginx-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx-deploy
spec:
replicas: 1
selector:
matchLabels:
app: nginx-pod
template:
metadata:
labels:
app: nginx-pod
spec:
containers:
- name: nginx
image: nginx:1.7.6
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
EOF

apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
progressDeadlineSeconds: 600 #执行操作的超时时间
replicas: 20
revisionHistoryLimit: 10 #保存的历史版本数量
selector:
matchLabels:
app: nginx-deployment
strategy:
rollingUpdate:
maxSurge: 25% #升级过程中最多可以比原先设置多出的 pod 数量
maxUnavailable: 25% #升级过程中最多有多少个 pod 处于无法提供服务的状态
type: RollingUpdate #更新策略
template:
metadata:
labels:
app: nginx-deployment
spec:
containers:
- name: nginx-deployment
image: nginx:1.9
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80

#查看资源

[liwm@rmaster01 ~]$ kubectl create -f nginx-deployment.yaml

deployment.apps/nginx-deployment created

[liwm@rmaster01 ~]$ kubectl get deployments.apps

NAME READY UP-TO-DATE AVAILABLE AGE

nginx-deployment 1/1 1 1 41s

[liwm@rmaster01 ~]$

###

READYPod READY的数量

UP-TO-DATE 升级最新的Pod数量

AVAILABLE可用的Pod数量

AGE资源的生命周期

升级镜像版本为 nginx:1.9.0

# 方法一更改本地yaml并使用apply升级

# 方法二使用edit在线更改运行的Deployment修改container的image

# 方法三通过命令行升级并记录升级信息kubectl set image deployment nginx-deployment nginx=nginx:latest --record

#查看升级版本

[rancher@rmaster01 ~]$ kubectl describe pod nginx-deployment-75ff656486-x7rq6

#查看升级过程

[rancher@rmaster01 ~]$ kubectl describe deployments.apps nginx-deployment

#更新保留pod的数量

RollingUpdateStrategy: 25% max unavailable, 25% max surge

#更新策略

Recreate重建

RollingUpdate滚动更新默认值

# 查看deployment升级的状态

kubectl rollout status deployment nginx-deployment

# 在升级过程可以暂停部署

kubectl rollout pause deployment nginx-deployment

#查看更新信息

[rancher@rmaster01 ~]$ kubectl rollout history deployment nginx-deployment

deployment.apps/nginx-deployment

REVISION CHANGE-CAUSE

4 kubectl set image deployment nginx-deployment nginx=nginx:latest --record=true

5 kubectl set image deployment nginx-deployment nginx=nginx:1.9.0 --record=true

6 kubectl set image deployment nginx-deployment nginx=nginx:latest --record=true

[rancher@rmaster01 ~]$ kubectl rollout history deployment nginx-deployment --revision=5

deployment.apps/nginx-deployment with revision #5

Pod Template:

Labels: app=nginx-pod

pod-template-hash=75ff656486

Annotations: kubernetes.io/change-cause: kubectl set image deployment nginx-deployment nginx=nginx:1.9.0 --record=true

Containers:

nginx:

Image: nginx:1.9.0

Port: 80/TCP

Host Port: 0/TCP

Environment: <none>

Mounts: <none>

Volumes: <none>

[rancher@rmaster01 ~]$

#更新回滚指定版本

[rancher@rmaster01 ~]$ kubectl rollout undo deployment nginx-deployment --to-revision=5

deployment.apps/nginx-deployment rolled back

[rancher@rmaster01 ~]$ kubectl get pod

NAME READY STATUS RESTARTS AGE

nginx-deployment-554bb5dc67-87qw7 1/1 Running 0 8m50s

nginx-deployment-554bb5dc67-fj5zc 1/1 Running 0 8m50s

nginx-deployment-554bb5dc67-k4s9h 1/1 Running 0 8m47s

nginx-deployment-554bb5dc67-ln77v 1/1 Terminating 0 8m47s

nginx-deployment-75ff656486-42q64 0/1 ContainerCreating 0 2s

nginx-deployment-75ff656486-vmq5c 0/1 ContainerCreating 0 3s

[rancher@rmaster01 ~]$ kubectl get pod

NAME READY STATUS RESTARTS AGE

nginx-deployment-75ff656486-42q64 1/1 Running 0 24s

nginx-deployment-75ff656486-78vv7 1/1 Running 0 17s

nginx-deployment-75ff656486-d2g76 1/1 Running 0 20s

nginx-deployment-75ff656486-vmq5c 1/1 Running 0 25s

[rancher@rmaster01 ~]$

3. DaemonSet

DaemonSet确保所有或部分节点上运行一个Pod的副本。当集群加入新的节点时会自动在新的节点上创建Pod的副本。当节点从群集中删除时这些Pod会被回收。删除DaemonSet将清除其创建的Pod。典型的应用包括

日志收集比如fluentdlogstash等

系统监控比如Prometheus Node ExportercollectdNewRelic agentGangliagmond 等

系统程序比如kube-proxy,glusterd,ceph 等

cat << EOF > daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: fluentd-elasticsearch
labels:
k8s-app: fluentd-logging
spec:
selector:
matchLabels:
name: fluentd-elasticsearch
template:
metadata:
labels:
name: fluentd-elasticsearch
spec:
containers:
- name: fluentd-elasticsearch
image: ist0ne/fluentd-elasticsearch
EOF

4. StatefulSet

StatefulSet控制器用于部署有状态应用程序并且为每个Pod维护一个永久性标识符。

哪些需求或者应用程序会使用到StatefulSet控制器

稳定的持久化存储即Pod 重新调度后还是能访问到相同的持久化数据基于PVC 来实现

稳定的网络标志即Pod 重新调度后其PodName和 HostName不变基于 Headless Service即没有 Cluster IP 的 Service来实现

有序部署与扩缩容即Pod 是有顺序的在部署或者扩缩容的时候要依据定义的顺序依次依序进行即从0 到 N-1在下一个Pod 运行之前所有之前的Pod 必须都是Running 和Ready 状态

有序的滚动更新StatefulSet控制器将删除并重新创建StatefulSet中的每个Pod。它将以Pod终止的顺序进行从最大顺序到最小顺序每次更新一个Pod。它会等到一个更新完成在去更新下一个Pod

cat << EOF > statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
selector:
matchLabels:
app: nginx # has to match .spec.template.metadata.labels
serviceName: "nginx" # \$(podname).(headless server name).namespace.svc.cluster.local
replicas: 3 # by default is 1
template:
metadata:
labels:
app: nginx # has to match .spec.selector.matchLabels
spec:
terminationGracePeriodSeconds: 10
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
name: web
EOF

5. Job

Jobs创建一个或多个Pod并确保指定数量的Pod成功终止。当pod成功完成后Job会跟踪成功的完成情况。达到指定数量的成功完成时任务即Jobs完成。注意删除作业将清理它创建的Pod。

cat <<EOF > job.yml
apiVersion: batch/v1
kind: Job
metadata:
name: pi
spec:
backoffLimit: 6 #标记为 failed 前的重试次数默认为 6
completions: 4 #要完成job 的 pod 数若没有设定该值则默认等于 parallelism 的值
parallelism: 2 #任意时间最多可以启动多少个 pod 同时运行默认为 1
activeDeadlineSeconds: 120 #job 运行时间
ttlSecondsAfterFinished: 60 #job 在运行完成后 60 秒就会自动删除掉
template:
spec:
containers:
- command:
- sh
- -c
- 'echo ''scale=5000; 4*a(1)'' | bc -l '
image: busybox
name: pi
restartPolicy: Never
EOF

cat << EOF > job.yml
apiVersion: batch/v1
kind: Job
metadata:
name: pi
spec:
completions: 10
parallelism: 2
template:
spec:
containers:
- name: pi
image: perl
command: ["perl", "-Mbignum=bpi", "-wle", "print bpi(2000)"]
restartPolicy: Never
backoffLimit: 4
EOF

6. CronJob

CronJob用于创建具有时间安排的任务。类似于linux系统的Crontab都是通过周期表来运行Job。注意CronJob schedule:时间均基于的kube-controller-manager的时区。

典型的用法包括

需要指定时间点调度Job 运行

创建周期性运行的Job例如数据库备份、发送邮件。

cat << EOF > cronjob.yaml
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: hello
spec:
schedule: "*/1 * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: hello
image: busybox
args:
- /bin/sh
- -c
- date; echo Hello from the Kubernetes cluster
restartPolicy: OnFailure
EOF