1. Introduction
According to the previous study article, we have obtained a kubernetes cluster, so how to deploy the application on this cluster and provide external services? How can kubernetes achieve high availability of applications? The following will mainly learn by deploying an nginx as a case
2. Concept
First of all, you need to have a general understanding of several special terms, namely:
1.master
2.node
3.pod
4.Replication Controller(RC)
5.Replica Sets(RS)
6.deployment
7.svc
8.namespace
1.master
The master is the main control node of kubernetes and the core of kubernetes. It is mainly used to control and monitor the operation of the entire k8s. When the master is abnormal or unavailable, the entire kubernetes cluster is unavailable. It mainly consists of etcd, api-server, scheduler, and control-manager, among which:
etcd:
保存了kubernetes集群所有的对象、当前状态、访问信息、集群配置信息等;
api-server:
集群操作接口,kubernetes是通过api-server暴露出对集群的操作的端点,master和worker上的组件都需要访问api server,从而完成自己的工作;
scheduler:
调度程序,它负责了调配整个集群工作,告诉集群中什么工作应该由哪个机器干;
control-manager:
监视集群的状态(通过调用api server获取该数据),并采取相应的措施将集群置于预期状态。
2.node
node is the worker node in k8s, which can be roughly considered to be composed of three parts: kubelet, kube-proxy, and pod, among which:
kubelet,负责了整个容器的生命周期管理。它与master的api server沟通,运行调度到本节点的容器;
kube-proxy,使用ip表/ipvs处理pod的网络需求。实线集群内的服务发现和负载均衡;
pod,是k8s中的最小单元,是一个容器或者多个容器的集合,它提供了容器间联网的能力;
3.pod
A pod is the smallest unit of k8s. There can be multiple containers in a pod, and the applications in these containers are considered local to each other. A pod's network interface provides a mechanism for it to network with pods on this node or on other nodes.
The above three concepts can be considered as physical concepts, which are the most basic components of a k8s cluster. The following concepts are mainly resource objects that support the normal operation of kubernetes. Pod creation, high-availability copies, and service provision are It is mainly realized by resource objects.
4.Replication Controller(RC)
The replica controller is mainly used to ensure the high availability of pods in kubernetes. It can specify the number of pods running. When the service pods in the cluster are abnormal or deleted, it will guarantee to pull or start new pods.
5.Replica Sets(RS)
It can be regarded as an upgrade of rc, which can support more types of matching modes.
6.Deployment
Deployment can be thought of as a management method for pods, their replica sets, and services. We can define the number of pods and pods (RS) that need to be created through Deployment. Deployment can also be used to create services, update services, rolling upgrade services, etc.
7.svc
Svc is a service (service). Since pods can be considered stateless, new ip will be generated after new creation, deletion and re-pulling, and even run on new nodes, so we cannot obtain fixed ip and port numbers. Businesses cannot directly use pods to make service calls. However, kubernetes introduces the concept of service svc. Svc will provide an entry for Pod internally. It mainly selects the Labels label to connect to the back-end Pod through the selector. At this time, no matter whether the IP address of the back-end Pod changes, we only need to ensure the label of the pod. Just leave it unchanged. Externally, the port that the pod provides services can be mapped, and we can directly access the service by accessing the node's ip+mapped port.
8.namespace
The namespace is mainly used for resource isolation. By default, all the pods we create will be in the default namespace. All pods are visible to each other and can communicate with each other. But when the pods belong to different projects or do not want the pods to communicate with each other, we can achieve it by defining the namespace.
9.ingress
The ingress is similar to a gateway, and can also be understood as a physical f5. It mainly implements the routing and forwarding of the north-south traffic of kubernetes. When we access services through svc, we can only do it through node ip+port. Suppose we have 10 Copy, then business access can only be accessed through the ip of 10 nodes, which also causes great inconvenience for actual business applications. In order to allow the pod to have the most direct and unique exit with the outside world, we can use the loadbalance service (usually the domain name provided by the cloud service provider, etc.) or ingress.
There are many other resource objects in kubernetes, such as volume, pv, pvc, etc. Since they are not used in this example, they will not be described for now.
Second, the case
In the actual experimental case, we can deploy directly through k8s, deploy nginx, and perform access verification:
1. Create a namespace
kubectl create namespace wxtest
2. View the namespace resource object
kubectl get namespace
3. Deploy pods individually
[root@master yaml]# cat nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod ##pod名称
labels:
app: nginx ###写上这个pod的标签,方便svc连接
namespace: wxtest
spec:
containers:
- name: nginx-pod ##pod容器名称
image: 172.16.131.87:1088/kubernets-deploy/nginx:latest ###镜像
imagePullPolicy: IfNotPresent ###镜像拉取策略
ports:
- containerPort: 80 ###容器端口
4. Created by yaml
kubectl apply -f nginx-pod.yaml
5. Deploy pods and replica sets through deployment
cat nginx-deployment.yaml
apiVersion: nginx/v1
kind: Deployment
metadata:
name: nginx
namespace: wxtest
spec:
replicas: 3
strategy:
rollingUpdate:
maxSurge: 1 #滚动升级时最大同时升级1个pod
maxUnavailable: 1 #滚动升级时最大允许不可用的pod个数
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx-pod
image: 172.16.131.87:1088/kubernets-deploy/nginx:latest
imagePullPolicy: NEVER
imagePullPolicy: Always
ports:
- containerPort: 80
6. Created by yaml
kubectl create -f nginx-deployment.yaml
7. Mapping service:
[root@master yaml]# cat nginx-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-svc
spec:
selector:
app: nginx ###关联容器标签
ports:
- protocol: TCP
port: 80 ###容器端口
nodePort: 30080 ###nodeport映射为30080端口,便于外部主机访问
type: NodePort ###svc类型为nodeport
8. Create a service through yaml
kubectl apply -f nginx-svc.yaml
View the created resource object:
kubectl get pod,deployment,svc -n wxtest
At this point, we can directly access it through the node node:
http://172.16.131.84:30080
http://172.16.131.85:30080
http://172.16.131.86:30080