Skip to content

k8s

Its like Docker-Compose for multiple machines.

It's an open-source project. It's just a collection of concepts and a collection of software you could say, which together can be used with any cloud provider.

  • Pod(Container+required resources like volumes) // 我最喜欢的可以自动重启 Container 哦!
  • Proxy / Config
  • Master Node: Has a scheduler, which is responsible for distributing the Pods across worker Nodes
  • Worker Node: runs the containers of your application. "Node" are your machines / virtual instances.

image-20221119230747302

  • Cluster: A set of Node machines which are running of the Containerized Application(Worker Nodes) or control other Nodes(Master Node).
  • Objects
  • Service: Exposes Pods to the Cluster or Externally
    • Pod have an dynamic internal IP by default
    • Services group Pods with a shared IP
    • Services can allow external access to Pods

commands

  • 查看 node 节点情况:kubectl describe node

  • kubectl cluster-info

  • 查看配置文件:KUBECONFIG

  • 查看 config: kubectl config view
  • kubectl config get-contexts
  • kubectl config current-context # display the current-context
  • kubectl config use-context my-cluster-name
  • 查看集群中的节点: kubectl get nodes
  • kubectl create deployment first-app --image=kub-first-app (command is running in a virtual machine)
  • kubectl delete deployment first-app
  • 列出你的 Deployment: kubectl get deployments
  • 查看 pod: kubectl get pods
  • 查看该 pod 下的内容:
    • kubectl describe pods $podName
    • 还可以通过标签:kubectl get pods -l app=byteox-message
  • 查看容器日志:kubectl logs $podName $containerName
  • 在容器上执行命令:kubectl exec byteox-users-deployment-5b5fd44f4f-9k7xp --container byteox-users -it -- /bin/bash
  • 查看 configMap:
    • 列表:kubectl get configmaps
    • kubectl describe configmap/byteox-message-filebeat-config == Imperative approach

=== service

  • kubectl expose deployment first-app --type=LoadBalancer --port=8080
  • ClusterIP(default): Only reachable internally
  • NodePort

  • LoadBalancer: Note that needs platform support, like on AWS or Minikube

  • kubectl get services

  • minikube service --url first-app
  • kubectl delete service first-app // 一般先 delete service, 再 delete deployment

=== scaling

  • kubectl scale deployment/first-app --replicas=3

=== updating

  • docker build -t vikki77/kub-first-app:2 .
  • docker push vikki77/kub-first-app:2
  • kubectl set image deployment/first-app kub-first-app=vikki77/kub-first-app:2
  • kubectl rollout status deployment/first-app // 查看刚刚的版本更新有无成功 old pod will not be shut down until the new pod is ready

=== undo

  • kubectl rollout history deployment/first-app
  • kubectl rollout history deployment/first-app --revision=2
  • kubectl rollout undo deployment/first-app --to-revision=2

Declarative resource file

kubectl apply -f config.yaml

如果有问题,通过 kubectl decribe pod xx 和 kubectl descirbe service xx 进行排查

deployment

https://kubernetes.io/docs/concepts/workloads/controllers/deployment/

https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/deployment-v1/

---
# service.yaml better be created first
apiVersion: v1
kind: Service
metadata:
  name: backend
spec:
  selector: 
    app: myapp
  ports:
    - protocol: 'TCP'
      port: 80 # outside
      targetPort: 8080 # in the container
  type: LoadBalancer # 默认是 internal 所以要记得定义哦
---
# deployment.yaml
apiVersion: apps/v1
kind: Deployment # k8s object
metadata:
  name: first-app
spec: # sepcification of the deployment
  replicas: 1
  selector:
    matchLabels:
      app: myapp
    # matchExpressions:
    # - {key: app, operator: NotIn, values: [a, b]}
  template: # object
    metadata:
      # kind: Pod # can be omitted
      labels: # image
        app: myapp # kv
    spec: # sepecification of the pod
      containers: 
        - name: second-container
          image: vikki77/kub-first-app:2
          # liveness Probes..
          env: # process env
            - name: STORY_FOLDER
              value: story
            - name: STORY_FOLDER1 # 这么全面又复杂的设置方式 我表示有点佩服
              valueFrom:
               configMapKeyRef: # 见 configMap
                name: data-store-env
                key: story

kubectl delete -f=xxx.yaml -f=xxx.yaml

kubectl delete deployments,services -l key=value // delete by label

data/state

volume

  • emptyDir: pod specific.每个 pod 内部,适用于 1 replica 的情况

yaml ... containers: - name: story image: vikki77/kub-data-demo:v2 volumeMounts: - mountPath: /app/story name: story-volume volumes: - name: story-volume emptyDir: {}

  • hostPath

yaml - name: story-volume hostPath: path: /data type: DirectoryOrCreate

  • CSI: ContainerStorageInterface for different storage provider

persistent volume

真的好麻烦哦!!

# deployment
volumes:
        - name: story-volume
          persistentVolumeClaim:
            claimName: host-pvc

# pv
apiVersion: v1
kind: PersistentVolume
metadata:
  name: host-pv
spec:
  capacity: 
    storage: 1Gi
  volumeMode: Filesystem
  storageClassName: standard
  accessModes:
    - ReadWriteOnce # pods will run on a only node
  hostPath: 
    path: /data
    type: DirectoryOrCreate

# pvc
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: host-pvc
spec:
  volumeName: host-pv
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi

configMap

apiVersion: v1
kind: ConfigMap
metadata:
 name: data-store-env
data:
 folder: 'story'

network

  • Pod-internal containers: localhost
  • Pod-to-pod:
  • process.env.SERVICE_NAME_HOST (kubernetes automatically generates)
  • builtin CoreDNS: "serviceName.namespaceName" - "auth-service.default"

其余背景知识

Flannel 网络:让集群中的不同节点主机创建的Docker容器都具有全集群唯一的虚拟IP地址

Linux资源管理之cgroups简介 - 美团技术团队

Containerd深度剖析-CRI篇-containerd cri

本机 develop

minikube

Install docker-cli&k8s&minikube

minikube start --driver=hyperkit --container-runtime=docker --insecure-registry "120.26.48.180:5000" "jenkins-dev.ztleyouhub.com:5000" --extra-config=apiserver.service-node-port-range=1-65535

  • eval $(minikube docker-env)
  • $(minikube ip):5000

intellij 调试

  • remote 云端:

  • 以 debug 模式运行 java 服务:

    yaml ["java", "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005","xxx.jar"]

  • 转发端口到 k8s:

    shell kubectl port-forward --address 0.0.0.0 byteox-house-deployment-69b579d587-bwc5h 5005:5005

  • 验证服务器防火墙设置

  • 云服务器开放 5005 端口

  • Intellij config

本地连接远程 cluster

通过 echo $KUBECONFIG 找到配置文件地址,在本地新增配置。

kubectl config get-contexts

kubectl config use-context kubernetes-admin@kubernetes

服务器初体验

安装三件套

参考 Kubernetes野外生存指南之安装 - OrcHome

Install and Set Up kubectl on Linux | Kubernetes

kubelet kubeadm kubectl 国内镜像源

kubeadm init --cri-socket unix:///var/run/cri-dockerd.sock \
--apiserver-advertise-address=47.114.178.206 \
             --image-repository registry.aliyuncs.com/google_containers

kubeadm init --cri-socket unix:///var/run/cri-dockerd.sock \
--apiserver-advertise-address=172.20.189.94 \
              --pod-network-cidr=10.244.0.0/16  \
              --service-cidr=10.96.0.0/12 \
              --image-repository registry.aliyuncs.com/google_containers\
              --ignore-preflight-errors=Port-2379 --ignore-preflight-errors=Port-2380

Container-runtime: docker + cri-docker 文档 国内

kubeadm init --config ./init-config.yaml --ignore-preflight-errors=Port-2379 --ignore-preflight-errors=Port-2380

# reset
kubeadm reset --cri-socket unix:///var/run/cri-dockerd.sock

我的报错和这里一样:Can't initialize Kubernetes-Cluster with cri-dockerd · Issue #179 · Mirantis/cri-dockerd

journalctl -xefu kubelet

 kubectl get pods --namespace dev-byteox
 ( kubectl config set-context --current --namespace=dev-byteox )