5、kubernetes资源清单定义入门

使用配置清单创建资源

定义pod时使用yaml格式

master ~]# kubectl get pod 

NAME                           READY   STATUS      RESTARTS   AGE
client                         0/1     Error       0          10d
client1                        0/1     Completed   0          9d
client2                        0/1     Error       0          7h13m
client3                        1/1     Running     0          5h57m
myapp-5bc569c47d-5cdpw         1/1     Running     0          3h20m
myapp-5bc569c47d-c4gr2         1/1     Running     0          3h20m
myapp-5bc569c47d-njr5w         1/1     Running     0          3h20m
nginx-deploy-55d8d67cf-hlj9v   1/1     Running     3          10d

master ~]# kubectl get pod myapp-5bc569c47d-5cdpw -o yaml  //以yaml格式输出pod信息

apiVersion: v1   //这里的值一般是group/version，这里省略了group名，就表示核心组
kind: Pod    //资源类别
metadata:   //元数据
  creationTimestamp: "2019-06-14T05:32:03Z"
  generateName: myapp-5bc569c47d-
  labels:
    pod-template-hash: 5bc569c47d
    run: myapp
  name: myapp-5bc569c47d-5cdpw
  namespace: default
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: ReplicaSet
    name: myapp-5bc569c47d
    uid: bcd43ea4-8e43-11e9-a017-000c29cef804
  resourceVersion: "386558"
  selfLink: /api/v1/namespaces/default/pods/myapp-5bc569c47d-5cdpw
  uid: bd573709-8e65-11e9-a017-000c29cef804
spec:    //规格，即定义接下来所要创建的资源对象所具有的特性，或者满足的规范。可以让用户定义资源对象所处的目标状态
  containers:
  - image: ikubernetes/myapp:v1
    imagePullPolicy: IfNotPresent
    name: myapp
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: default-token-fckpp
      readOnly: true
  dnsPolicy: ClusterFirst
  enableServiceLinks: true
  nodeName: node01
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: default
  serviceAccountName: default
  terminationGracePeriodSeconds: 30
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 300
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 300
  volumes:
  - name: default-token-fckpp
    secret:
      defaultMode: 420
      secretName: default-token-fckpp
status:   //显示当前资源的当前状态，如果当前状态与目标状态不一致，则需要以目标状态为准
  conditions:
  - lastProbeTime: null
    lastTransitionTime: "2019-06-14T05:32:03Z"
    status: "True"
    type: Initialized
  - lastProbeTime: null
    lastTransitionTime: "2019-06-14T05:32:05Z"
    status: "True"
    type: Ready
  - lastProbeTime: null
    lastTransitionTime: "2019-06-14T05:32:05Z"
    status: "True"
    type: ContainersReady
  - lastProbeTime: null
    lastTransitionTime: "2019-06-14T05:32:03Z"
    status: "True"
    type: PodScheduled
  containerStatuses:
  - containerID: docker://0cc8d93c55ee79efe9d7bf4117e1c59db309be4fb498a0486317d33413066d8b
    image: ikubernetes/myapp:v1
    imageID: docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
    lastState: {}
    name: myapp
    ready: true
    restartCount: 0
    state:
      running:
        startedAt: "2019-06-14T05:32:04Z"
  hostIP: 192.168.184.142
  phase: Running
  podIP: 10.244.3.9
  qosClass: BestEffort
  startTime: "2019-06-14T05:32:03Z"

创建资源的方法：

apiserver仅接收JSON格式的资源定义；

yaml格式提供配置清单，apiserver可自动将其转为json格式，而后再提交；

大部分资源的配置清单(5个一级字段)：

1、apiServer：group/version 指明创建的资源属于哪个api群组及其版本

master ~]# kubectl api-versions  //查看所有版本
admissionregistration.k8s.io/v1beta1
apiextensions.k8s.io/v1beta1
apiregistration.k8s.io/v1
apiregistration.k8s.io/v1beta1
apps/v1   //控制器deployment等属于应用程序管理的核心组资源，属于本组
apps/v1beta1
apps/v1beta2
........
autoscaling/v1
autoscaling/v2beta1
autoscaling/v2beta2
batch/v1
batch/v1beta1
.......
v1   //主版本，属于核心群组，pod是最核心的资源，属于核心群组，

alpha版：内部测试版  http://www.ttlsa.com/linux/alpha-beta-rc/

beta版：公开测试版

stable版：稳定版

2、kind：资源类别，用来标记创建资源的类型，比如资源是pod或者是deployment或者service等

3、metadata：元数据

name

namespace

labels

annotations

 

每个资源的引用PATH

/api/GROUP/VERSION/namespaces/NAMESPACE/TYPE/NAME

例如：selfLink: /api/v1/namespaces/default/pods/myapp-5bc569c47d-5cdpw

4、spec：不同的资源类型，它的spec类型是不尽相同的，它是用来定义用户期望的目标状态disired state

5、status：当前状态，current state。本字段由kubernetes集群维护，用户不能删除、定义它

master ~]# kubectl explain pods  //pods资源如何定义

KIND:     Pod
VERSION:  v1

DESCRIPTION:
     Pod is a collection of containers that can run on a host. This resource is
     created by clients and scheduled onto hosts.

FIELDS:
   apiVersion    <string>
     APIVersion defines the versioned schema of this representation of an
     object. Servers should convert recognized schemas to the latest internal
     value, and may reject unrecognized values. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md#resources

   kind    <string>
     Kind is a string value representing the REST resource this object
     represents. Servers may infer this from the endpoint the client submits
     requests to. Cannot be updated. In CamelCase. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds

   metadata    <Object>
     Standard object's metadata. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata

   spec    <Object>
     Specification of the desired behavior of the pod. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status

   status    <Object>
     Most recently observed status of the pod. This data may not be up to date.
     Populated by the system. Read-only. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status

查看二级字段如何定义

master ~]# kubectl explain pods.metadata

KIND:     Pod
VERSION:  v1

RESOURCE: metadata <Object>

DESCRIPTION:
     Standard object's metadata. More info:
     https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata

     ObjectMeta is metadata that all persisted resources must have, which
     includes all objects users must create.

FIELDS:
   annotations    <map[string]string>  //表示映射，由三级组成的映射，映射是另外一种json格式的数组，
     Annotations is an unstructured key value map stored with a resource that
     may be set by external tools to store and retrieve arbitrary metadata. They
     are not queryable and should be preserved when modifying objects. More
     info: http://kubernetes.io/docs/user-guide/annotations

   clusterName    <string>
     ......

   creationTimestamp    <string>     ......

   deletionGracePeriodSeconds    <integer>     .....

   deletionTimestamp    <string>
     ......
     https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata

   finalizers    <[]string>   //前面带有[]，表示是一个列表，字符串类型的数组
     Must be empty before the object is deleted from the registry. Each entry is
     an identifier for the responsible component that will remove the entry from
     the list. If the deletionTimestamp of the object is non-nil, entries in
     this list can only be removed.

   generateName    <string>     .....
     https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency

   generation    <integer>
     A sequence number representing a specific generation of the desired state.
     Populated by the system. Read-only.

   initializers    <Object>  //表示可以被嵌套三级字段     ....

   labels    <map[string]string>
     ....

   managedFields    <[]Object>  //是一个对象列表，一个对象由很多字段组成
     ManagedFields maps workflow-id and version to the set of fields that are
     managed by that workflow. This is mostly for internal housekeeping, and
     users typically shouldn't need to set or understand this field. A workflow
     can be the user's name, a controller's name, or the name of a specific
     apply path like "ci-cd". The set of fields is always in the version that
     the workflow used when modifying the object. This field is alpha and can be
     changed or removed without notice.

   name    <string>     ...... 

   namespace    <string>     ....
   ownerReferences    <[]Object>
     ....

   resourceVersion    <string>     .....
     https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency

   selfLink    <string>
     SelfLink is a URL representing this object. Populated by the system.
     Read-only.

   uid    <string>
     ....

master ~]# kubectl explain pods.spec.containers.livenessProbe  //可以查询多级字段定义内容

示例：基于yaml格式的配置文件，定义一个自助式pod资源

[root@master ~]# mkdir manifests
[root@master ~]# cd !$
cd manifests
[root@master manifests]# vim pod-demo.yaml

  1 apiVersion: v1
  2 kind: Pod
  3 metadata:
  4   name: pod-demo
  5   namespace: default
  6   labels:   //映射数据可以使用{}，例如labels: {app:myapp, tier:frontend};
  7     app: myapp
  8     tier: frontend
  9 spec:
 10   containers:
 11   - name: myapp
 12     image: ikubernetes/myapp:v1
 13   - name: busybox
 14     image: busybox:latest
 15     command:  //列表数据可以使用[]，例如["/bin/sh","-c","sleep 3600"]
 16     - "/bin/sh"
 17     - "-c"
 18     - "echo $(date) >> /usr/share/nginx/html/index.html; sleep 5"

master manifests]# kubectl create -f pod-demo.yaml   //-f表示从文件中加载创建pod

pod/pod-demo created

master manifests]# kubectl get pods  //查看运行的pod

NAME                           READY   STATUS             RESTARTS   AGE
client3                        1/1     Running            0          10h
myapp-5bc569c47d-5cdpw         1/1     Running            0          7h49m
myapp-5bc569c47d-c4gr2         1/1     Running            0          7h49m
myapp-5bc569c47d-njr5w         1/1     Running            0          7h49m
nginx-deploy-55d8d67cf-hlj9v   1/1     Running            3          10d
pod-demo                       1/2     ImagePullBackOff   0          2m26s   //这里由于镜像为下载成功，所以其中一个pod失败

master manifests]# kubectl describe pods pod-demo //pod是类型，pod-demo是名称，先指明资源类型再指明名称，因为资源名称只在类型下唯一