关于Pod
关于Pod我们要慢慢去体会去接受去使用它,尤其是运维人员这块需要逻辑上形成认识,首先理解Pod是Kubernetes项目的原子调度单位。为什么会是Pod而不是单个Container?因为“容器设计模式”,把容器组合起来使用的方法模式。我们要用大脑去想象,单个容器是未来云计算系统中的进程,容器镜像是系统中形形色色的安装包,Kubernetes是这个系统。Pod作为一个逻辑抽象概念,可以想成是这个系统上的虚拟机!
这里我要特别感谢张磊老师,听君一席话,胜读十年书。
1.具体实践
1.Pod级别俩个容器共享一个Volume的例子
1.编写YAML文件
[root@kubernetes01 ~]# cat two-container.yaml
apiVersion: v1
kind: Pod
metadata:
name: two-containers
spec:
restartPolicy: Never
volumes:
- name: shared-data
hostPath:
path: "/home/data/kubernetes/shared-data"
containers:
- name: nginx-container-01
image: nginx
volumeMounts:
- name: shared-data
mountPath: /usr/share/nginx/html
- name: debian-container-01
image: debian
volumeMounts:
- name: shared-data
mountPath: /pod-data
command: ["/bin/sh"]
args: ["-c", "echo Welcome to debian container > /pod-data/index.html"]
2.启动之后查看pod信息
[root@kubernetes01 ~]# kubectl describe pod two-containers
Name: two-containers
Namespace: default
Priority: 0
PriorityClassName: <none>
Node: kubernetes02/10.5.0.207
Start Time: Mon, 11 Mar 2019 14:59:58 +0800
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"name":"two-containers","namespace":"default"},"spec":{"containers":[{"image"...
Status: Running
IP: 10.44.0.3
Containers:
nginx-container-01:
Container ID: docker://00373fd44ec787b57c373e3bb8bc9869ae0706630d7f34f786f8c5ae2d896af2
Image: nginx
Image ID: docker-pullable://nginx@sha256:98efe605f61725fd817ea69521b0eeb32bef007af0e3d0aeb6258c6e6fe7fc1a
Port: <none>
Host Port: <none>
State: Running
Started: Mon, 11 Mar 2019 15:00:17 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/usr/share/nginx/html from shared-data (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-8j8dl (ro)
debian-container-01:
Container ID: docker://a95c3d84fc0b3cce966f3db53a97f7d3681f723c5aa83dadbfc2ddf9b7be677f
Image: debian
Image ID: docker-pullable://debian@sha256:72e996751fe42b2a0c1e6355730dc2751ccda50564fec929f76804a6365ef5ef
Port: <none>
Host Port: <none>
Command:
/bin/sh
Args:
-c
echo Welcome to use debian container > /pod-data/index.html
State: Terminated
Reason: Completed
Exit Code: 0
Started: Mon, 11 Mar 2019 15:00:37 +0800
Finished: Mon, 11 Mar 2019 15:00:37 +0800
Ready: False
Restart Count: 0
Environment: <none>
Mounts:
/pod-data from shared-data (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-8j8dl (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
shared-data:
Type: HostPath (bare host directory volume)
Path: /home/data/kubernetes/shared-data
HostPathType:
default-token-8j8dl:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-8j8dl
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 117s default-scheduler Successfully assigned default/two-containers to kubernetes02
Normal Pulling 117s kubelet, kubernetes02 pulling image "nginx"
Normal Pulled 98s kubelet, kubernetes02 Successfully pulled image "nginx"
Normal Created 98s kubelet, kubernetes02 Created container
Normal Started 98s kubelet, kubernetes02 Started container
Normal Pulling 98s kubelet, kubernetes02 pulling image "debian"
Normal Pulled 78s kubelet, kubernetes02 Successfully pulled image "debian"
Normal Created 78s kubelet, kubernetes02 Created container
Normal Started 78s kubelet, kubernetes02 Started container
3.访问测试
这块儿nginx镜像默认是80端口
so
[root@kubernetes01 ~]# curl 10.44.0.3
Welcome to debian container2.挂载war包到tomcat中的例子
1.编写YAML文件
[root@kubernetes01 ~]# cat java-web-001.yaml
apiVersion: v1
kind: Pod
metadata:
name: java-web-001
spec:
initContainers:
- image: registry:5000/jenkins:v2
name: war
command: ["cp","/jenkins.war","/app"]
volumeMounts:
- name: java-test001-volume
mountPath: "/app"
containers:
- image: tomcat:latest
name: tomcat
volumeMounts:
- name: java-test001-volume
mountPath: "/usr/local/tomcat/webapps"
ports:
- containerPort: 8080
hostPort: 8004
volumes:
- name: java-test001-volume
emptyDir: {}
2.启动之后通过kubectl describe pod java-web-001无报错,访问测试
[root@kubernetes01 ~]# curl 10.40.0.7:8080/jenkins/
<html><head><meta http-equiv='refresh' content='1;url=/jenkins/login?from=%2Fjenkins%2F'/><script>window.location.replace('/jenkins/login?from=%2Fjenkins%2F');</script></head><body style='background-color:white; color:white;'>
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Administer
-->
</body></html>
当然也可以直接在浏览器中访问节点IP的URL来测试。这块jenkins的war包镜像是直接把war包放在了busybox标准镜像的根目录下,tomcat用的是标准镜像。我们解决的俩者之间的耦合问题。用initContainer优先运行WAR包镜像,这种模式叫做sidecar!这块儿需要强调下,研究Kubernetes之前我们需要具备docker的一些基础知识,比如Dokerfile的基本编写规则,本地docker仓库怎么搭建,一些docker高频命令。
关于Dockerfile的常用字段描述,帮你回忆一下
FROM 基础镜像
MAINTAINER 维护者信息
RUN 想要执行的命令
ADD copy文件到镜像中
WORKDIR 当前工作目录
VOLUME 目录挂载
EXPOSE 端口设置
RUN 运行进程2.感悟总结
要去理解Pod实现的原理,Pod其实是一组共享了某些资源的容器,还有就是sidecar这种玩法儿,值得回味!记住一点一个容器,就是一个进程!Pod提供的是一种容器编排的思想!
3.遇到的问题
Back-off restarting failed container的问题,这种问题需要追本溯源去查,如果遇到就去刨根问底,你一定会发现问题的所在!有时候你去某某群里请教大佬们,大佬们都不一定能直接解决你的问题,所以谨慎细心提高自己解决问题的能力才是关键!
欢迎大家留言哦~~~