官网链接:使用 Deployment 运行一个无状态应用
前置准备
前置要求:搭建好一套k8s集群,可以参考我写的这篇教程:搭建k8s集群
k8s官方的镜像站在国内是拉不下来的,有几种方法解决:
- 在拉取镜像的虚拟机/服务器上科学上网
- 配置k8s的镜像源,目前国内只有阿里云支持改版后的k8s镜像源(registry.k8s.io)。
- 需要拉取镜像的时候,指定拉取策略为本地拉取(
imagePullPolicy:Never),每次需要拉取镜像前都手动拉取/上传一份镜像到服务器上再导入镜像
这里给出阿里云镜像源的配置教程:
旧版的k8s直接修改/etc/containerd/config.toml里的mirror信息,添加上阿里云的镜像站就行。但是新版的不支持inline或者说暂时兼容,未来不支持。所以这里就只给出新版k8s镜像源配置教程。
修改/etc/containerd/config.yaml,填入下列信息(如果你已经有了config.yaml且这个配置文件是从containerd默认配置里生成的,那直接备份,然后使用下面的内容)。sudo vim /etc/containerd/config.yaml
1
2
3
4
5
6
7
8
9
10
|
version = 2
[plugins."io.containerd.grpc.v1.cri"]
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"
|
创建/etc/containerd/certs.d目录,在这个目录填入docker.io和registry.k8s.io的镜像源。
注意:k8s里修改镜像源之后,使用kubectl describe pod <pod_name> 查看时还是显示的docker.io和registry.k8s.io。配置镜像源只物理修改从哪里修改,不改镜像拉取的逻辑源。所以改好镜像源之后也不太好验证成功,随便拉个镜像sudo crictl pull nginx:1.14.2,能拉下来就是成了。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
# Docker Hub 加速
sudo mkdir -p /etc/containerd/certs.d/docker.io
sudo tee /etc/containerd/certs.d/docker.io/hosts.toml << 'EOF'
server = "https://registry-1.docker.io"
[host."https://docker.m.daocloud.io"]
capabilities = ["pull", "resolve"]
EOF
# K8s 镜像加速
sudo mkdir -p /etc/containerd/certs.d/registry.k8s.io
sudo tee /etc/containerd/certs.d/registry.k8s.io/hosts.toml << 'EOF'
server = "https://registry.k8s.io"
[host."https://registry.cn-hangzhou.aliyuncs.com/v2/google_containers"]
capabilities = ["pull", "resolve"]
override_path = true
EOF
|
到这里,镜像源就配置好了,如果不出意外,文件目录应该是下面这样:
1
2
3
4
5
6
7
|
rust@k8s1:/etc/containerd$ ll
总计 28
drwxr-xr-x 3 root root 4096 2月 4 10:31 ./
drwxr-xr-x 144 root root 12288 2月 2 17:01 ../
drwxr-xr-x 4 root root 4096 2月 2 16:44 certs.d/
-rw-r--r-- 1 root root 423 2月 2 19:02 config.toml
-rw-r--r-- 1 root root 886 12月 19 02:48 config.toml.dpkg-dist
|
修改完配置文件后需要重启containerd:
1
2
|
sudo systemctl restart containerd
sudo systemctl status containerd
|
创建一个 nginx Deployment
k8s里创建pod有多种方式,可以创建Pod/Deployment/StatefulSet等等配置文件,然后用kubectl应用配置文件。k8s里建议用Deployment部署无状态应用并管理副本,如nginx,用StatefulSet部署有状态应用,如MySQL、Zookeeper。
下面这个YAML文件描述了一个运行 nginx:1.14.2镜像的 Deployment。在k8s集群上创建这个文件。并应用它。
1
2
|
vim deployment.yaml
kubectl apply -f deployment.yaml
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 2 # 告知 Deployment 运行 2 个与该模板匹配的 Pod
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
|
查看pod信息,类似如下信息。默认部署的pod在default命令空间(namespace)下,不指定命名空间也是查看default命名空间下的pod。
1
2
3
4
|
rust@k8s1:~$ kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deployment-595dff4fdb-2v5x7 1/1 Running 1 (97m ago) 38h
nginx-deployment-595dff4fdb-klfnb 1/1 Running 1 (97m ago) 38h
|
上面的yaml文件里设置了标签(label)app为nginx,所以也可以用这个命令查看刚刚创建的pod:kubectl get pods -l app=nginx
需要展示某一个pod的信息可以用describe命令:kubectl describe pod <pod-name>
k8s里pod创建失败、状态异常(ImagePullBackOff、CrashLoopBackOff )等情况建议先用describe查看pod的状态信息,而不是直接查看日志log。
更新 nginx Deployment
刚刚创建了一个1.14.2版本双副本的nginx,接下来将更新nginx版本为1.16.1。
创建一个新的deployment。vim deployment-update.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 2
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.16.1 # 将 nginx 版本从 1.14.2 更新为 1.16.1
ports:
- containerPort: 80
|
应用新的deployment,查看pod状态,你应该会看见pod滚动更新。(一个新的pod创建好之后会删除一个老pod,然后再创建新的,直到两个pod都完成升级)
1
2
|
kubectl apply -f deployment-update.yaml
kubectl get pods
|
通过修改Deployment副本数来扩缩容。创建deployment-scale.yaml文件。应用新的配置文件
1
2
|
vim deployment-scale.yaml
kubectl apply -f deployment-scale.yaml
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 4 # 将副本数从 2 更新为 4
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.16.1
ports:
- containerPort: 80
|
验证查看pod,应该能看见有四个nginx pod。
1
2
3
4
5
6
|
rust@k8s1:~$ kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deployment-595dff4fdb-2v5x7 1/1 Running 1 (115m ago) 39h
nginx-deployment-595dff4fdb-klfnb 1/1 Running 1 (115m ago) 39h
nginx-deployment-595dff4fdb-ls2x8 1/1 Running 0 6s
nginx-deployment-595dff4fdb-tmvwf 1/1 Running 0 5s
|
基于名称删除deployment,你也可以先尝试基于名称删除pod,删除后k8s的deployment Controller会自动重建pod。
1
2
3
4
5
6
7
8
9
10
11
12
|
rust@k8s1:~$ kubectl delete pod nginx-deployment-595dff4fdb-2v5x7
pod "nginx-deployment-595dff4fdb-2v5x7" deleted
rust@k8s1:~$ kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deployment-595dff4fdb-fgt8n 1/1 Running 0 5s
nginx-deployment-595dff4fdb-klfnb 1/1 Running 1 (118m ago) 39h
nginx-deployment-595dff4fdb-ls2x8 1/1 Running 0 2m38s
nginx-deployment-595dff4fdb-tmvwf 1/1 Running 0 2m37s
rust@k8s1:~$ kubectl delete deployment nginx-deployment
deployment.apps "nginx-deployment" deleted
rust@k8s1:~$ kubectl get pods
NAME READY STATUS RESTARTS AGE
|