KUBERNETES-1-4-控制器应用一

1.kubectl explain pods.spec.containers可以查看容器可以定义的相关参数。image    <string>用来定义所引用的镜像。imagePullPolicy    <string>用来定义镜像拉去的策略，默认是always，即系统每次都会去抓取镜像，但需要特变注意的是当我们的镜像标签为latest的时候，按照正常时肯定会抓取以确定是latest，有时候我们可能不想让系统去抓取，可以选择IfNotPresent。ports 主要用来选择Pod 要暴露的端口。 args  用来指定向容器传的参数。command  用来指定容器运行的程序，这里的command可能更类似于dockerl里面的ENTRYPOINT。附有一个dockerfile与kubernetes的对照说明。

[root@master ~]# kubectl explain pods.spec.containers

   image    <string>
     Docker image name. More info:
     https://kubernetes.io/docs/concepts/containers/images This field is
     optional to allow higher level config management to default or override
     container images in workload controllers like Deployments and StatefulSets.

   imagePullPolicy    <string>
     Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always
     if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated.
     More info:
     https://kubernetes.io/docs/concepts/containers/images#updating-images
   ports    <[]Object>
     List of ports to expose from the container. Exposing a port here gives the
     system additional information about the network connections a container
     uses, but is primarily informational. Not specifying a port here DOES NOT
     prevent that port from being exposed. Any port which is listening on the
     default "0.0.0.0" address inside a container will be accessible from the
     network. Cannot be updated.

   args    <[]string>
     Arguments to the entrypoint. The docker image's CMD is used if this is not
     provided. Variable references $(VAR_NAME) are expanded using the
     container's environment. If a variable cannot be resolved, the reference in
     the input string will be unchanged. The $(VAR_NAME) syntax can be escaped
     with a double $$, ie: $$(VAR_NAME). Escaped references will never be
     expanded, regardless of whether the variable exists or not. Cannot be
     updated. More info:
     https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

   command    <[]string>
     Entrypoint array. Not executed within a shell. The docker image's
     ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME)
     are expanded using the container's environment. If a variable cannot be
     resolved, the reference in the input string will be unchanged. The
     $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME).
     Escaped references will never be expanded, regardless of whether the
     variable exists or not. Cannot be updated. More info:
     https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

2.我们可以通过kubectl get pods --show-labels来查看pod的标签信息。kubectl get pods -l 可以查看含有标签值含有某字段的相关信息。kubectl get pods -L可以查看含有标签名含有某字段的相关信息。

[root@master ~]# kubectl get pods
NAME                          READY     STATUS      RESTARTS   AGE
client                        0/1       Completed   0          2d
myapp-848b5b879b-7h254        1/1       Running     2          2d
myapp-848b5b879b-d7rjs        1/1       Running     2          2d
myapp-848b5b879b-wv5cz        1/1       Running     2          2d
nginx-deploy-5b595999-tj8ms   1/1       Running     2          2d
[root@master ~]# cd manifests/

[root@master manifests]# vim pod-demo.yaml 
[root@master manifests]# cat pod-demo.yaml
apiVersion: v1
kind: Pod
metadata:
  name: pod-demo
  namespace: default
  labels:
    app: myapp
    tier: frontend
spec:
  containers:
  - name: myapp
    image: ikubernetes/myapp:v1
    ports:
    - name: http
      containerPort: 80
    - name: https
      containerPort: 443
  - name: busybox
    image: busybox:latest
    imagePullPolicy: IfNotPresent
    command: 
    - "/bin/sh"
    - "-c"
    - "sleep 3600"
[root@master manifests]# kubectl create -f pod-demo.yaml 
pod/pod-demo created

[root@master manifests]# kubectl get pods --show-labels
NAME                          READY     STATUS      RESTARTS   AGE       LABELS
client                        0/1       Completed   0          2d        run=client
myapp-848b5b879b-7h254        1/1       Running     2          2d        pod-template-hash=4046164356,run=myapp
myapp-848b5b879b-d7rjs        1/1       Running     2          2d        pod-template-hash=4046164356,run=myapp
myapp-848b5b879b-wv5cz        1/1       Running     2          2d        pod-template-hash=4046164356,run=myapp
nginx-deploy-5b595999-tj8ms   1/1       Running     2          2d        pod-template-hash=16151555,run=nginx-deploy
pod-demo                      2/2       Running     0          51s       app=myapp,tier=frontend
[root@master manifests]# kubectl get pods -l app --show-labels
NAME       READY     STATUS    RESTARTS   AGE       LABELS
pod-demo   2/2       Running   0          4m        app=myapp,tier=frontend
[root@master manifests]# kubectl get pods -L app,run --show-labels
NAME                          READY     STATUS      RESTARTS   AGE       APP       RUN            LABELS
client                        0/1       Completed   0          2d                  client         run=client
myapp-848b5b879b-7h254        1/1       Running     2          2d                  myapp          pod-template-hash=4046164356,run=myapp
myapp-848b5b879b-d7rjs        1/1       Running     2          2d                  myapp          pod-template-hash=4046164356,run=myapp
myapp-848b5b879b-wv5cz        1/1       Running     2          2d                  myapp          pod-template-hash=4046164356,run=myapp
nginx-deploy-5b595999-tj8ms   1/1       Running     2          2d                  nginx-deploy   pod-template-hash=16151555,run=nginx-deploy
pod-demo                      2/2       Running     0          4m        myapp                    app=myapp,tier=frontend

3.kubectl label pods可以为pod增加标签值。对同一个标签再次赋值时会报错，需要使用--overwrite参数。

[root@master manifests]# kubectl label pods pod-demo release=canary
pod/pod-demo labeled
[root@master manifests]# kubectl get pods -l app --show-labels
NAME       READY     STATUS    RESTARTS   AGE       LABELS
pod-demo   2/2       Running   0          6m        app=myapp,release=canary,tier=frontend
[root@master manifests]# kubectl label pods pod-demo release=stable
error: 'release' already has a value (canary), and --overwrite is false
[root@master manifests]# kubectl label pods pod-demo release=stable --overwrite
pod/pod-demo labeled
[root@master manifests]# kubectl get pods -l app --show-labels
NAME       READY     STATUS    RESTARTS   AGE       LABELS
pod-demo   2/2       Running   0          11m       app=myapp,release=stable,tier=frontend

4.标签选择器中等值关系选择器的使用。kubectl get pods -l 后面附加等值筛选。或者后面加不等值筛选也可以实现。

[root@master manifests]# kubectl get pods -l release=stable --show-labels
NAME       READY     STATUS    RESTARTS   AGE       LABELS
pod-demo   2/2       Running   0          15m       app=myapp,release=stable,tier=frontend

[root@master manifests]# kubectl get pods -l release!=stable --show-labels
NAME                          READY     STATUS      RESTARTS   AGE       LABELS
client                        0/1       Completed   0          2d        run=client
myapp-848b5b879b-7h254        1/1       Running     2          2d        pod-template-hash=4046164356,run=myapp
myapp-848b5b879b-d7rjs        1/1       Running     2          2d        pod-template-hash=4046164356,run=myapp
myapp-848b5b879b-wv5cz        1/1       Running     2          2d        pod-template-hash=4046164356,run=myapp
nginx-deploy-5b595999-tj8ms   1/1       Running     2          2d        pod-template-hash=16151555,run=nginx-deploy
 

5.标签选择器中集合关系选择器的使用。kubectl get pods -l后面通过in来筛选标签属于某一集合。或者通过notin来筛选标签属于某一集合。对于字符串中间可能存在的空格，可以使用双引号。

[root@master manifests]# kubectl get pods -l "release in (stable,alpha,beta)"
NAME       READY     STATUS    RESTARTS   AGE
pod-demo   2/2       Running   0          25m
[root@master manifests]# kubectl get pods -l "release notin (stable,alpha,beta)"
NAME                          READY     STATUS      RESTARTS   AGE
client                        0/1       Completed   0          2d
myapp-848b5b879b-7h254        1/1       Running     2          2d
myapp-848b5b879b-d7rjs        1/1       Running     2          2d
myapp-848b5b879b-wv5cz        1/1       Running     2          2d
nginx-deploy-5b595999-tj8ms   1/1       Running     2          2d
 

6.标签选择器除了可以给Pod打标签，也可以用来给node等各种资源打标签。

[root@master manifests]# kubectl get nodes
NAME                 STATUS    ROLES     AGE       VERSION
master.example.com   Ready     master    3d        v1.11.1
node1.example.com    Ready     <none>    3d        v1.11.1
node2.example.com    Ready     <none>    2d        v1.11.1
[root@master manifests]# kubectl get nodes --show-labels
NAME                 STATUS    ROLES     AGE       VERSION   LABELS
master.example.com   Ready     master    3d        v1.11.1   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/hostname=master.example.com,node-role.kubernetes.io/master=
node1.example.com    Ready     <none>    3d        v1.11.1   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/hostname=node1.example.com
node2.example.com    Ready     <none>    2d        v1.11.1   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/hostname=node2.example.com
[root@master manifests]# kubectl label nodes node1.example.com disktype=ssd
node/node1.example.com labeled
[root@master manifests]# kubectl get nodes --show-labels
NAME                 STATUS    ROLES     AGE       VERSION   LABELS
master.example.com   Ready     master    3d        v1.11.1   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/hostname=master.example.com,node-role.kubernetes.io/master=
node1.example.com    Ready     <none>    3d        v1.11.1   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,disktype=ssd,kubernetes.io/hostname=node1.example.com
node2.example.com    Ready     <none>    2d        v1.11.1   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/hostname=node2.example.com
 

7.nodeSelector可以作为节点标签选择器，来对pod运行的节点进行筛选。例如在pod-demo.yaml中增加disktype: ssd的参数，则在创建资源的时候nodeSelector会自动筛选符合的节点。

[root@master manifests]# kubectl delete -f pod-demo.yaml 
pod "pod-demo" deleted

[root@master manifests]# vim pod-demo.yaml 
[root@master manifests]# cat pod-demo.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: pod-demo
  namespace: default
  labels:
    app: myapp
    tier: frontend
spec:
  containers:
  - name: myapp
    image: ikubernetes/myapp:v1
    ports:
    - name: http
      containerPort: 80
    - name: https
      containerPort: 443
  - name: busybox
    image: busybox:latest
    imagePullPolicy: IfNotPresent
    command: 
    - "/bin/sh"
    - "-c"
    - "sleep 3600"
  nodeSelector:
    disktype: ssd
[root@master manifests]# kubectl create -f pod-demo.yaml
pod/pod-demo created
[root@master manifests]# kubectl describe pods pod-demo
Events:
  Type    Reason     Age   From                        Message
  ----    ------     ----  ----                        -------
  Normal  Scheduled  1m    default-scheduler           Successfully assigned default/pod-demo to node1.example.com
  Normal  Pulled     1m    kubelet, node1.example.com  Container image "ikubernetes/myapp:v1" already present on machine
  Normal  Created    1m    kubelet, node1.example.com  Created container
  Normal  Started    1m    kubelet, node1.example.com  Started container
  Normal  Pulled     1m    kubelet, node1.example.com  Container image "busybox:latest" already present on machine
  Normal  Created    1m    kubelet, node1.example.com  Created container
  Normal  Started    1m    kubelet, node1.example.com  Started container
 

8.资源注解。pod-demo.yaml脚本中通过annotations:来定义注解。kubectl describe pods查看innotation。

[root@master manifests]# kubectl delete -f pod-demo.yaml 
pod "pod-demo" deleted
[root@master manifests]# vim pod-demo.yaml 

[root@master manifests]# cat pod-demo.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: pod-demo
  namespace: default
  labels:
    app: myapp
    tier: frontend
  annotations:
    example.com/created-by: "cluster admin"
spec:
  containers:
  - name: myapp
    image: ikubernetes/myapp:v1
    ports:
    - name: http
      containerPort: 80
    - name: https
      containerPort: 443
  - name: busybox
    image: busybox:latest
    imagePullPolicy: IfNotPresent
    command: 
    - "/bin/sh"
    - "-c"
    - "sleep 3600"
  nodeSelector:
    disktype: ssd
[root@master manifests]# kubectl create -f pod-demo.yaml
pod/pod-demo created
[root@master manifests]# kubectl describe pods pod-demo
Name:               pod-demo
Namespace:          default
Priority:           0
PriorityClassName:  <none>
Node:               node1.example.com/172.20.0.129
Start Time:         Mon, 10 Dec 2018 00:48:43 -0500
Labels:             app=myapp
                    tier=frontend
Annotations:        example.com/created-by=cluster admin