目录
- 概述
- 使用YAML文件创建资源
- 1、查看资源版本的标签
- 2、创建yaml文件测试
- Pod
- 1、特点
- 2、pod容器分类
- 3、镜像拉取策略
- 部署harbor
- 1、登录harbor私有仓库
- 2、下载Tomcat镜像进行推送
- 3、推送
概述
Kubernetes支持YAML和JSON格式创建资源对象
- JSON格式用于接口之间消息的传递
- YAML格式用于配置和管理
YAML是一种简洁的非标记性语言
语法格式 - 缩进标识层级关系
- 不支持制表符缩进,使用空格缩进
- 通常开头缩进两个空格
- 字符后缩进一个空格,如冒号,逗号,短横杆等
- “—”表示YAML格式,一个文件的开始
- “#”表示注释
使用YAML文件创建资源
1、查看资源版本的标签
在写yaml文件中第一个就要先写版本标签,类似于dockerfile的FROM一样
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31[root@localhost ~]# kubectl api-versions admissionregistration.k8s.io/v1beta1 apiextensions.k8s.io/v1beta1 apiregistration.k8s.io/v1 apiregistration.k8s.io/v1beta1 apps/v1 apps/v1beta1 apps/v1beta2 authentication.k8s.io/v1 authentication.k8s.io/v1beta1 authorization.k8s.io/v1 authorization.k8s.io/v1beta1 autoscaling/v1 autoscaling/v2beta1 autoscaling/v2beta2 batch/v1 batch/v1beta1 certificates.k8s.io/v1beta1 coordination.k8s.io/v1beta1 events.k8s.io/v1beta1 extensions/v1beta1 networking.k8s.io/v1 policy/v1beta1 rbac.authorization.k8s.io/v1 rbac.authorization.k8s.io/v1beta1 scheduling.k8s.io/v1beta1 storage.k8s.io/v1 storage.k8s.io/v1beta1 v1
2、创建yaml文件测试
1)创建目录
复制代码
1
2mkdir demo
2)创建nginx-deploymet.yaml文件
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24[root@localhost ~]# cd demo/ [root@localhost demo]# vim nginx-deployment.yaml apiVersion: apps/v1 #apiVersion:语法关键字,注意大小写。apps/v1:版本标签 kind: Deployment #资源类型:deployment控制器 metadata: #资源的元数据 name: nginx-deployment #定义资源的名称,在同一个namespace中必须唯一 labels: #定义资源的标签 app: nginx spec: #定义容器属性 replicas: 3 # 定义副本数量 selector: #选择器 matchLabels: #匹配标签 app: nginx #匹配模板名称 template: #模板 metadata: labels: app: nginx spec: containers: #定义容器 - name: nginx # -:表示参数,容器名与标签名要相同 image: nginx:1.15.4 # 容器使用的镜像以及版本 ports: - containerPort: 80 #定义容器对外的端口
3)使用yaml文件创建资源
复制代码
1
2
3[root@master01 demo]# kubectl create -f nginx-deployment.yaml
4)查看资源
复制代码
1
2
3[root@master01 demo]# kubectl get pods
5)发布
5-1、创建nginx-service.yaml文件
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16[root@localhost demo]# vim nginx-service.yaml apiVersion: v1 kind: Service metadata: name: nginx-service labels: app: nginx spec: type: NodePort ports: - port: 80 targetPort: 80 selector: app: nginx
拓展:
port
port是k8s集群内部访问service的端口,即通过clusterIP: port可以访问到某个service
nodePort
nodePort是外部访问k8s集群中service的端口,通过nodeIP: nodePort可以从外部访问到某个service。
targetPort
targetPort是pod的端口,从port和nodePort来的流量经过kube-proxy流入到后端pod的targetPort上,最后进入容器。
containerPort
containerPort是pod内部容器的端口,targetPort映射到containerPort。
5-2、使用nginx-service.yaml文件创建service资源(对外提供访问)
复制代码
1
2
3[root@localhost demo]# kubectl create -f nginx-service.yaml service/nginx-service created
5-3、查看service资源
复制代码
1
2
3
4
5[root@localhost demo]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 13d nginx-service NodePort 10.0.0.225 <none> 80:47722/TCP 23s
拓展:
自动测试命令的正确性,但是并不执行创建,个人理解就是检测命令是否正确
复制代码
1
2
3
4[root@localhost demo]# kubectl run nginx-deployment --image=nginx --port=80 --replicas=3 --dry-run kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead. deployment.apps/nginx-deployment created (dry run)
查看生成yaml格式
复制代码
1
2
3
4
5
6[root@localhost demo]# kubectl run nginx-deployment --image=nginx --port=80 --replicas=3 --dry-run -o yaml 查看生成的yaml格式并导出 [root@localhost demo]# kubectl run nginx-deployment --image=nginx --port=80 --replicas=3 --dry-run -o yaml > my-deployment.yaml kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
查看生成json格式
复制代码
1
2[root@localhost demo]# kubectl run nginx-deployment --image=nginx --port=80 --replicas=3 --dry-run -o json
将现有的资源生成模板导出
复制代码
1
2[root@localhost demo]# kubectl get deploy/nginx --export -o yaml
保存到文件中
复制代码
1
2[root@localhost demo]# kubectl get deploy/nginx --export -o yaml > my-deploy.yaml
查看字段帮助信息
复制代码
1
2[root@localhost demo]# kubectl explain pods.spec.containers
Pod
1、特点
- 最小部署单元
- 一组容器的集合
- 一个Pod中的容器共享网络命名空间
- Pod是短暂的
2、pod容器分类
infrastructure container 基础容器
- 维护整个Pod网络空间
- node节点操作
- 查看容器的网络
- 每次创建Pod时候就会创建,与Pod对应的,对于用户是透明的
initcontainers 初始化容器 - 先于业务容器开始执行,原先Pod中容器是并行开启,现在进行了改进
container 业务容器 - 并行启动
3、镜像拉取策略
- IfNotPresent:默认值,镜像在宿主机上不存在时才拉取
- Always:每次创建Pod都会重新拉取一次镜像
- Never:Pod永远不会主动拉取这个镜像
- 例1:
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18[root@localhost demo]# kubectl edit deployment/nginx #edit:配置控制器 spec: containers: - image: nginx:latest imagePullPolicy: Always #Always:每次创建Pod都会重新拉取一次镜像 name: nginx ports: - containerPort: 80 protocol: TCP resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30
- 例2:
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18[root@localhost ~]# cd demo/ [root@localhost demo]# vim pod1.yaml apiVersion: v1 kind: Pod metadata: name: mypod spec: containers: - name: nginx image: nginx imagePullPolicy: Always command: [ "echo", "SUCCESS" ] [root@localhost demo]# kubectl create -f pod1.yaml pod/mypod created [root@localhost demo]# kubectl get pods NAME READY STATUS RESTARTS AGE mypod 0/1 CrashLoopBackOff 2 49s
失败的状态的原因是因为命令启动冲突
删除 command: [ "echo", "SUCCESS" ]
同时更改一下版本
image: nginx:1.14
删除原有的资源
复制代码
1
2
3[root@localhost demo]# kubectl delete -f pod1.yaml pod "mypod" deleted
更新资源
复制代码
1
2
3
4
5
6[root@localhost demo]# kubectl apply -f pod1.yaml pod/mypod created [root@localhost demo]# kubectl get pods NAME READY STATUS RESTARTS AGE mypod 1/1 Running 0 34s
查看分配节点
复制代码
1
2
3
4
5[root@localhost demo]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE mypod 1/1 Running 0 118s 172.17.88.3 192.168.241.4 <none>
在任意node节点使用curl 查看头部信息
复制代码
1
2
3
4
5
6
7
8
9
10
11[root@localhost ~]# curl -I 172.17.88.3 HTTP/1.1 200 OK Server: nginx/1.14.2 Date: Wed, 12 Feb 2020 04:42:42 GMT Content-Type: text/html Content-Length: 612 Last-Modified: Tue, 04 Dec 2018 14:44:49 GMT Connection: keep-alive ETag: "5c0692e1-264" Accept-Ranges: bytes
部署harbor
部署请参照hanbor私有仓库部署
复制代码
1
2
3
4
5
6
7node节点配置连接私有仓库(注意后面的逗号要添加) [root@hzh ~]# vim /etc/docker/daemon.json { "registry-mirrors": ["https://9it5um2j.mirror.aliyuncs.com"], "insecure-registries":["192.168.241.8"] }
1、登录harbor私有仓库
复制代码
1
2
3
4
5
6
7
8
9[root@localhost ~]# docker login 192.168.241.8 Username: admin Password: //输入密码Harbor12345 WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded
2、下载Tomcat镜像进行推送
复制代码
1
2
3[root@localhost ~]# docker pull tomcat
3、推送
3-1、打标签
复制代码
1
2
3[root@localhost ~]# docker tag tomcat 192.168.241.80/hzh/tomcat
3-2、推送
复制代码
1
2[root@localhost ~]# docker push 192.168.241.8/hzh/tomcat
3-3、node节点下载tomcat镜像
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54docker pull tomcat:8.0.52 [root@localhost demo]# vim tomcat-deployment.yaml apiVersion: extensions/v1beta1 kind: Deployment metadata: name: my-tomcat spec: replicas: 2 template: metadata: labels: app: my-tomcat spec: containers: - name: my-tomcat image: docker.io/tomcat:8.0.52 ports: - containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: my-tomcat spec: type: NodePort ports: - port: 8080 targetPort: 8080 nodePort: 31111 selector: app: my-tomcat [root@localhost demo]# kubectl get pods,deploy,svc NAME READY STATUS RESTARTS AGE pod/my-tomcat-57667b9d9-nklvj 1/1 Running 0 10m pod/my-tomcat-57667b9d9-wllnp 1/1 Running 0 10m pod/mypod 1/1 Running 1 12h pod/nginx-7697996758-75shs 1/1 Running 1 2d10h pod/nginx-7697996758-b7tjw 1/1 Running 1 2d10h pod/nginx-7697996758-jddc5 1/1 Running 1 2d10h pod/nginx-deployment-d55b94fd-4px2w 1/1 Running 1 36h pod/nginx-deployment-d55b94fd-899hz 1/1 Running 1 36h pod/nginx-deployment-d55b94fd-d7fqn 1/1 Running 1 36h NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE deployment.extensions/my-tomcat 2 2 2 2 10m deployment.extensions/nginx 3 3 3 3 2d10h deployment.extensions/nginx-deployment 3 3 3 3 36h NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 15d service/my-tomcat NodePort 10.0.0.167 <none> 8080:31111/TCP 10m service/nginx-service NodePort 10.0.0.225 <none> 80:47722/TCP 36h
如果遇到处于Terminating状态的无法删除的资源如何处理
复制代码
1
2
3
4
5[root@localhost demo]# kubectl get pods NAME READY STATUS RESTARTS AGE my-tomcat-57667b9d9-nklvj 1/1 Terminating 0 10h my-tomcat-57667b9d9-wllnp 1/1 Terminating 0 10h
种情况下可以使用强制删除命令:
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20kubectl delete pod [pod name] --force --grace-period=0 -n [namespace] [root@localhost demo]# kubectl delete pod my-tomcat-57667b9d9-nklvj --force --grace-period=0 -n default warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely. pod "my-tomcat-57667b9d9-nklvj" force deleted [root@localhost demo]# kubectl delete pod my-tomcat-57667b9d9-wllnp --force --grace-period=0 -n default warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely. pod "my-tomcat-57667b9d9-wllnp" force deleted [root@localhost demo]# kubectl get pods NAME READY STATUS RESTARTS AGE mypod 1/1 Running 1 23h nginx-7697996758-75shs 1/1 Running 1 2d21h nginx-7697996758-b7tjw 1/1 Running 1 2d21h nginx-7697996758-jddc5 1/1 Running 1 2d21h nginx-deployment-d55b94fd-4px2w 1/1 Running 1 47h nginx-deployment-d55b94fd-899hz 1/1 Running 1 47h nginx-deployment-d55b94fd-d7fqn 1/1 Running 1 47h
3-4、node01上操作(之前登陆过harbor仓库的节点)
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26#镜像打标签 [root@localhost ~]# docker tag tomcat:8.0.52 192.168.241.8/hzh/tomcat #上传镜像到harbor [root@localhost ~]# docker push 192.168.241.8/hzh/tomcat #查看登陆凭据 [root@localhost ~]# cat .docker/config.json |base64 -w 0 ewoJImF1dGhzIjogewoJCSIxOTIuMTY4LjE5NS44MCI6IHsKCQkJImF1dGgiOiAiWVdSdGFXNDZTR0Z5WW05eU1USXpORFU9IgoJCX0KCX0sCgkiSHR0cEhlYWRlcnMiOiB7CgkJIlVzZXItQWdlbnQiOiAiRG9ja2VyLUNsaWVudC8xOS4wMy41IChsaW51eCkiCgl9Cn0= [root@localhost demo]# vim registry-pull-secret.yaml apiVersion: v1 kind: Secret metadata: name: registry-pull-secret data: .dockerconfigjson: ewoJImF1dGhzIjogewoJCSIxOTIuMTY4LjE5NS44MCI6IHsKCQkJImF1dGgiOiAiWVdSdGFXNDZTR0Z5WW05eU1USXpORFU9IgoJCX0KCX0sCgkiSHR0cEhlYWRlcnMiOiB7CgkJIlVzZXItQWdlbnQiOiAiRG9ja2VyLUNsaWVudC8xOS4wMy41IChsaW51eCkiCgl9Cn0= type: kubernetes.io/dockerconfigjson #创建secret资源 [root@localhost demo]# kubectl create -f registry-pull-secret.yaml secret/registry-pull-secret created #查看secret资源 [root@localhost demo]# kubectl get secret NAME TYPE DATA AGE default-token-zztl5 kubernetes.io/service-account-token 3 9d registry-pull-secret kubernetes.io/dockerconfigjson 1 26s
3-5、创建资源从harbor中下载镜像
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37[root@localhost demo]# vim tomcat-deployment.yaml apiVersion: extensions/v1beta1 kind: Deployment metadata: name: my-tomcat spec: replicas: 2 template: metadata: labels: app: my-tomcat spec: imagePullSecrets: - name: registry-pull-secret containers: - name: my-tomcat image: 192.168.241.8/hzh/tomcat ports: - containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: my-tomcat spec: type: NodePort ports: - port: 8080 targetPort: 8080 nodePort: 31111 selector: app: my-tomcat [root@localhost demo]# kubectl create -f tomcat-deployment.yaml #私有仓库中的镜像被下载了2次
最后
以上就是繁荣电脑最近收集整理的关于k8s---YAML文件编写以及harbor私有仓库概述使用YAML文件创建资源Pod部署harbor的全部内容,更多相关k8s---YAML文件编写以及harbor私有仓库概述使用YAML文件创建资源Pod部署harbor内容请搜索靠谱客的其他文章。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复