k8s deploys nginx, understands Pod, ReplicationController, Service, Deployment, etc. to deploy nginx

k8s deploys nginx, understands Pod, ReplicationController, Service, Deployment, etc. to deploy nginx

Environmental description:

k8s：1.5.2

docker：1.13.1

nginx：1.15.4

The previous blog specifically talked about how to build a k8s cluster portal through yum

Although the yum method to build a k8s cluster is a bit outdated, but the yum method of k8s cluster is completely sufficient for learning. I will use kubeadmin to build a new one later when I have time.

Deploy nginx via Pod

Edit nginx-pod.yaml

#创建并且切换到工作目录，
vi nginx-pod.yaml
#---内容如下
apiVersion: v1
kind: Pod
metadata:
  name: nginx
spec:
  containers:
    - name: nginx
      image: nginx:1.15.4
      imagePullPolicy: IfNotPresent
      ports:
        - containerPort: 80
          hostPort: 80
          
#apiVersion跟k8s版本绑定，1.5.2用v1就完了
#kind是部署方式，先采用最简单的Pod
#指定了nginx镜像版本，以及镜像拉取策略——如果存在就不重新拉取
#指定了容器端口号以及映射主机的端口号

#然后通过kubectl命令创建pod运行nginx
kubectl create -f nginx-pod.yaml
kubectl get pods -o wide
#一直返回No resources found

Solve the problem that the execution of kubectl get pods returns No resources found

vi /etc/kubernetes/apiserver

#找到”KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"这一行去掉ServiceAccount，保存退出
# 重启此服务
systemctl restart kube-apiserver 

Delete the old pod, and then re-run the pod

kubectl delete -f nginx-pod.yaml
kubectl create -f nginx-pod.yaml
kubectl get pods -o wide
#这个时候能返回pod信息了，但是状态一直是ContainerCreating
kubectl describe pod nginx
#能看到有报错信息，failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest

Solve the problem that pod cannot run and report failed for registry.access.redhat.com/rhel7/pod-infrastructure: latest

#证书问题，从网上下载并复制到对应目录即可
yum install python-rhsm-certificates
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem

Still the old way, delete the old pod, and then re-run the pod

kubectl delete -f nginx-pod.yaml
kubectl create -f nginx-pod.yaml
kubectl get pods -o wide

#能看到如下信息，状态是Running，而且pod分配到了node02节点
[root@master working]# kubectl get pods -o wide
NAME          READY     STATUS    RESTARTS   AGE       IP            NODE
nginx         1/1       Running   0          32m       172.16.71.2   node02

#那么已知node02节点的ip是10.0.0.22，而且主机80端口映射到容器的80端口，就可以在浏览器输入http://10.0.0.22访问nginx了。
#也可以通过命令查看pod的ip地址，kubectl describe pod nginx

At this point, the deployment of nginx through Pod has been completed, but advanced functions such as k8s dynamic scaling, rollback upgrades, etc. still need to be completed with ReplicationController

Deploy nginx through ReplicationController

Edit nginx-rc.yaml

vi nginx-rc.yaml

apiVersion: v1
kind: ReplicationController
metadata:
  name: myweb
  labels:
    app: myweb
spec:
  replicas: 2  #'//指定副本数为2'
  selector:
    app: myweb
  template:
    metadata:
      labels:
        app: myweb
    spec:
      containers:
      - name: myweb
        image: nginx:1.15.4
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 80
          hostPort: 50080

#kind选择ReplicationController
#指定pod名称myweb，以及标签app:myweb
#spec.replicas指定创建2个pod
#spec.selector指定通过app:myweb这个标签判断副本在k8s中的数量，如果数量不够指定的2，那么就继续创建pod，如果多于指定的2，那么就会删除多余的，删除时优先删除最晚创建的
#指定模板
#指定主机的50080端口映射容器的80端口

#每个字段什么意思以及怎么赋值都可以通过k8s提供的命令查看
#查看explain命令提示
kubectl explain -h
#查看rc有哪些配置
kubectl explain rc
kubectl explain rc.spec
kubectl explain rc.spec.selector
kubectl explain rc.spec.template
kubectl explain rc.spec.template.spec
kubectl explain rc.spec.template.metadata
kubectl explain rc.spec.template.metadata.labels

Dynamic scaling

vi nginx-rc.yaml
#找到replicas，修改replicas的值，比如修改为3，保存退出
spec:
  replicas: 3
  
kubectl apply -f nginx-rc.yaml
kubectl get pods -o wide
#可以看到如下信息，第三个myweb的pod已经在Running了
NAME          READY     STATUS    RESTARTS   AGE       IP            NODE
myweb-pc957   1/1       Running   0          18h       172.16.7.3    master
myweb-vqz83   1/1       Running   0          18h       172.16.13.2   node01
myweb-w71hq   1/1       Running   0          3m        172.16.71.3   node02

#把replicas值再改回2，重新执行apply命令，就又缩容到2了
kubectl apply -f nginx-rc.yaml
kubectl get pods -o wide

Rolling upgrade and rollback

cp nginx-rc.yaml nginx-rc2.yaml
vi nginx-rc2.yaml
#修改为如下内容，name还有标签改成myweb2，nginx版本改成1.18.0，主机端口55080映射容器80端口

apiVersion: v1
kind: ReplicationController
metadata:
  name: myweb2
  labels:
    app: myweb2
spec:
  replicas: 3 
  selector:
    app: myweb2
  template:
    metadata:
      labels:
        app: myweb2
    spec:
      containers:
      - name: myweb2
        image: nginx:1.18.0
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 80
          hostPort: 55080

#升级
kubectl rolling-update myweb -f nginx-rc2.yaml --update-period=30s
#回滚
kubectl rolling-update myweb2 -f nginx-rc.yaml --update-period=1s
#升级过程中回滚
kubectl rolling-update myweb myweb2 --update-period=10s --rollback

The upgrade process from myweb to myweb2 is as follows (the number of copies is still 3):

1. First create the first myweb2 pod
2. The first myweb2 pod runs successfully and it’s 30s. Close the first myweb pod and create the second myweb2 pod
3. The second pod of myweb2 runs successfully and after 30s, and so on
4. In the end, there are only 3 pods of myweb2 in the k8s cluster

Deploy nginx through Service

Prerequisite: nginx deployed through ReplicationController already exists in the k8s cluster

Edit nginx-svc.yaml

apiVersion: v1
kind: Service
metadata:
  name: myweb
spec:
  type: NodePort
  ports:
    - port: 80
      nodePort: 30000
      targetPort: 80
  selector:
    app: myweb

#port指的是虚拟ip的端口，是kubeproxy访问端口
#nodePort指的是node节点的端口，可以提供外部访问，比如通过浏览器访问
#targetPort指的是pod容器的端口
#type选了NodePort，就是在任意节点都可以通过节点ip+nodePort访问，实际就是通过kubeproxy轮询对应pod

kubectl create -f nginx-svc.yaml

# k8s的3种ip地址
#node IP：节点的ip
#cluster IP：默认是10.254.0/16，固定的，提供负载均衡的功能，rr轮询，cluster IP是虚拟IP，仅供k8s内部访问，不能外部访问，自动关联pod ip
#pod IP：pod的容器ip地址

Service automatic discovery

kubectl scale rc myweb --replicas=4
#增加myweb的pod副本数量后，在svc会自动把新增的pod添加进去

Deploy nginx through Deployment

rc controls the high availability of the pod, and svc controls the external access of the pod. However, when rc is doing a rolling upgrade, due to label changes, svc cannot access the pod for a short time. At this point, you need to deploy nginx through Deployment.

Edit nginx-deployment.yaml

 vim nginx-deployment.yaml

apiVersion: extensions/v1beta1
#通过yum安装的k8s版本较低，apiVersion只能用这个，后续考虑通过kubeadmin安装最新版本的k8s集群
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 3 
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.15.4
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 80

#启动deployment        
kubectl create -f nginx-deployment.yaml
#暴露端口
kubectl expose deployment nginx-deployment --port=80 --type=NodePort
#升级,直接编辑配置即可
kubectl edit deployment nginx-deployment
#回滚
kubectl rollout undo deployment nginx-deployment
#升级和回滚都是通过rs控制，ReplicationSet，升级时会多一条rs记录，回滚时恢复到原来的rs记录
#查看历史版本,但之前通过edit和rollout方式升级和回滚导致历史版本信息较少
kubectl rollout history deployment nginx-deployment

#先delete掉nginx deployment
kubectl delete deployment nginx-deployment
#重新运行nginx-deployment，加--record参数
kubectl run nginx-deployment --image=nginx:1.15.4 --replicas=3 --record
#升级版本
kubectl set image deploy nginx-deployment nginx-deployment=nginx:1.18.0
#查看历史版本
kubectl rollout history deployment nginx-deployment
#回滚指定版本
kubectl rollout undo deployment nginx-deployment --to-revision=1

The advantage of deployment is that it can complete all functions of rc without relying on configuration files, and it supports high availability during the pod upgrade process.