声明式资源管理方法

马哥Linux运维 2024-12-31 55

马哥Linux运维

1209 文章 380w阅读 53粉丝

描述

1、管理k8s核心资源的三种基础方法

陈述式管理方法:主要依赖命令行CLI工具进行管理

声明式管理方法:主要依赖统一资源配置清单(manifest)进行管理

GUI式管理方法:主要依赖图形化操作界面(WEB)进行管理

2、陈述式资源管理方法

陈述式管理方法说白了就是对资源进行CDUR(增删改查),在任意一台运算节点上进行操作。

2.1 管理名称空间资源

2.1.1 查看名称空间

[root@hdss7-21 ~]# kubectl get namespaces
NAME              STATUS   AGE
default           Active   5d23h
kube-node-lease   Active   5d23h
kube-public       Active   5d23h
kube-system       Active   5d23h
使用简写
[root@hdss7-21 ~]# kubectl get ns
NAME              STATUS   AGE
default           Active   5d23h
kube-node-lease   Active   5d23h
kube-public       Active   5d23h
kube-system       Active   5d23h

2.1.2 查看名称空间资源

查看default名称空间的所有资源
[root@hdss7-21 ~]# kubectl get all -n default
NAME                 READY   STATUS    RESTARTS   AGE
pod/nginx-ds-qbjx6   1/1     Running   2          45h
pod/nginx-ds-w7ktl   1/1     Running   2          45h

NAME                 TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)   AGE
service/kubernetes   ClusterIP   192.168.0.1           443/TCP   5d23h

NAME                      DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
daemonset.apps/nginx-ds   2         2         2       2            2                     45h
当不写名称空间时默认使用default名称空间
[root@hdss7-21 ~]# kubectl get all
NAME                 READY   STATUS    RESTARTS   AGE
pod/nginx-ds-qbjx6   1/1     Running   2          45h
pod/nginx-ds-w7ktl   1/1     Running   2          45h

NAME                 TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)   AGE
service/kubernetes   ClusterIP   192.168.0.1           443/TCP   5d23h

NAME                      DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
daemonset.apps/nginx-ds   2         2         2       2            2                     45h
查看pod
[root@hdss7-21 ~]# kubectl get pod
NAME             READY   STATUS    RESTARTS   AGE
nginx-ds-qbjx6   1/1     Running   2          45h
nginx-ds-w7ktl   1/1     Running   2          45h
查看service
[root@hdss7-21 ~]# kubectl get service
NAME         TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   192.168.0.1           443/TCP   5d23h

2.1.3 创建名称空间

[root@hdss7-21 ~]# kubectl create namespace app
namespace/app created
[root@hdss7-21 ~]# kubectl get namespace
NAME              STATUS   AGE
app               Active   16s
default           Active   5d23h
kube-node-lease   Active   5d23h
kube-public       Active   5d23h
kube-system       Active   5d23h
[root@hdss7-21 ~]# kubectl get all -n app
No resources found.

2.1.4 删除名称空间

[root@hdss7-21 ~]# kubectl delete ns app
namespace "app" deleted
[root@hdss7-21 ~]# kubectl get namespace
NAME              STATUS   AGE
default           Active   5d23h
kube-node-lease   Active   5d23h
kube-public       Active   5d23h
kube-system       Active   5d23h

2.2管理Deployment(pod控制器)资源

2.2.1 创建deployment

[root@hdss7-21 ~]# kubectl get all -n kube-public
No resources found.
[root@hdss7-21 ~]# kubectl create deployment nginx-dp --image=harbor.od.com/public/nginx:v1.7.9 -n kube-public
deployment.apps/nginx-dp created

2.2.2 查看deployment

[root@hdss7-21 ~]# kubectl get all -n kube-public
NAME                            READY   STATUS    RESTARTS   AGE
pod/nginx-dp-86678bb55c-kt9rd   1/1     Running   0          7s

NAME                       READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/nginx-dp   1/1     1            1           7s

NAME                                  DESIRED   CURRENT   READY   AGE
replicaset.apps/nginx-dp-86678bb55c   1         1         1       7s
[root@hdss7-21 ~]# kubectl get deployment -n kube-public
NAME       READY   UP-TO-DATE   AVAILABLE   AGE
nginx-dp   1/1     1            1           91s
扩展查看
[root@hdss7-21 ~]# kubectl get deployment -o wide -n kube-public
NAME       READY   UP-TO-DATE   AVAILABLE   AGE     CONTAINERS   IMAGES                              SELECTOR
nginx-dp   1/1     1            1           7m38s   nginx        harbor.od.com/public/nginx:v1.7.9   app=nginx-dp
详细查看
[root@hdss7-21 ~]# kubectl  describe deployment  -n kube-public
Name:                   nginx-dp
Namespace:              kube-public
CreationTimestamp:      Fri, 16 Jul 2021 20:41:44 +0800
Labels:                 app=nginx-dp
Annotations:            deployment.kubernetes.io/revision: 1
Selector:               app=nginx-dp
Replicas:               1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType:           RollingUpdate
MinReadySeconds:        0
RollingUpdateStrategy:  25% max unavailable, 25% max surge
Pod Template:
  Labels:  app=nginx-dp
  Containers:
   nginx:
    Image:        harbor.od.com/public/nginx:v1.7.9
    Port:         
    Host Port:    
    Environment:  
    Mounts:       
  Volumes:        
Conditions:
  Type           Status  Reason
  ----           ------  ------
  Available      True    MinimumReplicasAvailable
  Progressing    True    NewReplicaSetAvailable
OldReplicaSets:  
NewReplicaSet:   nginx-dp-86678bb55c (1/1 replicas created)
Events:
  Type    Reason             Age   From                   Message
  ----    ------             ----  ----                   -------
  Normal  ScalingReplicaSet  9m    deployment-controller  Scaled up replica set nginx-dp-86678bb55c to 1

2.2.3 查看pod资源

[root@hdss7-21 ~]# kubectl get pod -o wide -n kube-public
NAME                        READY   STATUS    RESTARTS   AGE    IP           NODE                NOMINATED NODE   READINESS GATES
nginx-dp-86678bb55c-kt9rd   1/1     Running   0          110s   172.7.21.3   hdss7-21.host.com

2.2.4 进入pod资源

[root@hdss7-21 ~]# kubectl exec -it nginx-dp-86678bb55c-kt9rd bash -n kube-public
root@nginx-dp-86678bb55c-kt9rd:/# ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
8: eth0@if9:  mtu 1500 qdisc noqueue state UP
    link/ether 02:42:ac:07:15:03 brd ff:ff:ff:ff:ff:ff
    inet 172.7.21.3/24 brd 172.7.21.255 scope global eth0
       valid_lft forever preferred_lft forever
或者使用docker也可以,不过docker无法跨主机,只有在本机的容器才行
[root@hdss7-21 ~]# docker ps  |grep nginx-dp
bece873198a1   84581e99d807                        "nginx -g 'daemon of…"   22 minutes ago   Up 22 minutes             k8s_nginx_nginx-dp-86678bb55c-kt9rd_kube-public_2daa2b8a-e633-11eb-9d00-000c29e396b1_0
8d56eb2e0e0e   harbor.od.com/public/pause:latest   "/pause"                 22 minutes ago   Up 22 minutes             k8s_POD_nginx-dp-86678bb55c-kt9rd_kube-public_2daa2b8a-e633-11eb-9d00-000c29e396b1_0
[root@hdss7-21 ~]# docker exec -it bece /bin/bash
root@nginx-dp-86678bb55c-kt9rd:/#

2.2.5 删除pod资源(重启)

[root@hdss7-21 ~]# kubectl delete pod nginx-dp-86678bb55c-kt9rd -n kube-public
pod "nginx-dp-86678bb55c-kt9rd" deleted
再次查看,删除了原来容器,重新启动了一个容器在hdss7-22上,查看前面的deployment这个pod控制器的详细信息,可以知道它采用的Replicas是一个副本,所以我们的pod会按照这个预期的期望值对容器进行部署
[root@hdss7-21 ~]# kubectl get pod -o wide -n kube-public
NAME                        READY   STATUS    RESTARTS   AGE   IP           NODE                NOMINATED NODE   READINESS GATES
nginx-dp-86678bb55c-zd6vr   1/1     Running   0          95s   172.7.22.3   hdss7-22.host.com              
如果遇到无法删除时,可以加入--force --grace-period=0选项进行强制删除
[root@hdss7-21 ~]# kubectl delete pod nginx-dp-86678bb55c-zd6vr -n kube-public --force --grace-period=0
warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.
pod "nginx-dp-86678bb55c-zd6vr" force deleted
[root@hdss7-21 ~]#
[root@hdss7-21 ~]# kubectl get pod -o wide -n kube-public
NAME                        READY   STATUS    RESTARTS   AGE   IP           NODE                NOMINATED NODE   READINESS GATES
nginx-dp-86678bb55c-c6snd   1/1     Running   0          7s    172.7.21.3   hdss7-21.host.com

2.2.6 删除deployment

[root@hdss7-21 ~]# kubectl get deployment -n kube-public
NAME       READY   UP-TO-DATE   AVAILABLE   AGE
nginx-dp   1/1     1            1           36m
[root@hdss7-21 ~]# kubectl delete deployment nginx-dp -n kube-public
deployment.extensions "nginx-dp" deleted
[root@hdss7-21 ~]# kubectl get all -n kube-public
No resources found.

2.3 管理service资源

2.3.1 创建service资源

先创建一个deployment资源
[root@hdss7-21 ~]# kubectl create deployment nginx-dp --image=harbor.od.com/public/nginx:v1.7.9 -n kube-public
deployment.apps/nginx-dp created
[root@hdss7-21 ~]# kubectl get all -n kube-public
NAME                            READY   STATUS             RESTARTS   AGE
pod/nginx-dp-58f74bd894-9b5f7   0/1     ImagePullBackOff   0          26s

NAME                       READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/nginx-dp   0/1     1            0           26s

NAME                                  DESIRED   CURRENT   READY   AGE
replicaset.apps/nginx-dp-58f74bd894   1         1         0       26s
创建service资源(暴露一个80服务端口)
[root@hdss7-21 ~]# kubectl expose deployment nginx-dp --port=80 -n kube-public
service/nginx-dp exposed

2.3.2 查看service资源
再次查看多出来一个service资源,IP是192.168.196.123,这样无论如何重启pod,pod地址如何变更,192.168.196.1238这个人servicedeIP都不会变(其作用相当于keepalived的VIP)

[root@hdss7-21 ~]# kubectl describe svc nginx-dp -n kube-public
Name:              nginx-dp
Namespace:         kube-public
Labels:            app=nginx-dp
Annotations:       
Selector:          app=nginx-dp
Type:              ClusterIP
IP:                192.168.196.123
Port:                80/TCP
TargetPort:        80/TCP
Endpoints:         172.7.21.3:80,172.7.22.3:80
Session Affinity:  None
Events:            
[root@hdss7-21 ~]# kubectl get all -n kube-public
NAME                            READY   STATUS             RESTARTS   AGE
pod/nginx-dp-58f74bd894-9b5f7   0/1     ImagePullBackOff   0          2m31s

NAME               TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
service/nginx-dp   ClusterIP   192.168.196.123           80/TCP    40s

NAME                       READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/nginx-dp   0/1     1            0           2m31s

NAME                                  DESIRED   CURRENT   READY   AGE
replicaset.apps/nginx-dp-58f74bd894   1         1         0       2m31s
[root@hdss7-21 ~]# curl 192.168.196.123



Welcome to nginx!




Welcome to nginx!


If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.



For online documentation and support please refer to
nginx.org.

Commercial support is available at
nginx.com.



Thank you for using nginx.



但是注意,这个ip只是一个虚ip,且只有在deployment这个资源的集群中才有用,对外无法显示,如下,在200上就无法识别
[root@hdss7-21 ~]# ping 192.168.196.123
PING 192.168.196.123 (192.168.196.123) 56(84) bytes of data.
64 bytes from 192.168.196.123: icmp_seq=1 ttl=64 time=0.137 ms
^C
--- 192.168.196.123 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.137/0.137/0.137/0.000 ms
[root@hdss7-200 harbor]# ping 192.168.196.123
PING 192.168.196.123 (192.168.196.123) 56(84) bytes of data.
^C
--- 192.168.196.123 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1001ms

2.3.3 查看ipvs代理

[root@hdss7-21 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.0.1:443 nq
  -> 10.4.7.21:6443               Masq    1      0          0
  -> 10.4.7.22:6443               Masq    1      0          0
TCP  192.168.196.123:80 nq
  -> 172.7.21.3:80                Masq    1      0          0
扩容deployment资源,可以利用deployment资源启动的pod都是被service192.168.196.123代理
[root@hdss7-21 ~]# kubectl scale deployment nginx-dp --replicas=2 -n kube-public
deployment.extensions/nginx-dp scaled
[root@hdss7-21 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.0.1:443 nq
  -> 10.4.7.21:6443               Masq    1      0          0
  -> 10.4.7.22:6443               Masq    1      0          0
TCP  192.168.196.123:80 nq
  -> 172.7.21.3:80                Masq    1      0          0
  -> 172.7.22.3:80                Masq    1      0          0

2.4 陈述式资源管理方法小结

Kuuernetes集群管理集群资源的唯一入口是通过相应的方法调用apiserver的接口;

Kubectl是官方的CLI命令行工具,用于与apiserver进行通信,将用户在命令行输入的命令组织并转化为apiserver能识别的信息,进而实现管理k8s集群各种资源的一种有效途径;

Kubectl的命令详解可以参考下面两种方法:
命令:kubectl --help
中文社区:http://docs.kubernetes.org.cn/683.html

陈述式资源管理方法可以满足90%以上的资源管理需求,但是它的缺点也很明显:
命令冗长复杂,难以记忆;
特定场景下无法满足管理需求;
对资源的增删查操作比较容易,但是对于改操作就比较复杂。

3、声明式资源管理方法

声明式资源管理方法依赖于资源配置清单(yaml/json)

3.1 查看资源配置清单

查看有哪些pod
[root@hdss7-21 ~]# kubectl get pod -n kube-public
NAME                        READY   STATUS    RESTARTS   AGE
nginx-dp-86678bb55c-5ppcf   1/1     Running   1          19h
nginx-dp-86678bb55c-jh2k4   1/1     Running   1          19h
用yanl格式查看pod使用的资源配置清单
[root@hdss7-21 ~]# kubectl get pod nginx-dp-86678bb55c-5ppcf -o yaml -n kube-public
用Json格式查看资源配置清单
[root@hdss7-21 ~]# kubectl get pod nginx-dp-86678bb55c-5ppcf -o json -n kube-public
也可以根据查看service的资源配置清单
[root@hdss7-21 ~]# kubectl get service nginx-dp -o yaml -n kube-public
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2021-07-16T1308Z"
  labels:
    app: nginx-dp
  name: nginx-dp
  namespace: kube-public
  resourceVersion: "40875"
  selfLink: /api/v1/namespaces/kube-public/services/nginx-dp
  uid: df593257-e63c-11eb-9d00-000c29e396b1
spec:
  clusterIP: 192.168.196.123
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx-dp
  sessionAffinity: None
  type: ClusterIP
status:
  loadBalancer: {}

3.2 解释资源配置清单

资源配置清单中基本都会有看apiVersion、kind、metadata、spec这几个配置

查看其中metadata配置的解释
[root@hdss7-21 ~]# kubectl explain service.metadata
[root@hdss7-21 ~]# kubectl explain pod.metadata

3.3 创建资源配置清单

[root@hdss7-21 ~]# vim nginx-ds-svc.yaml
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-ds
  name: nginx-ds
  namespace: default
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx-ds
  sessionAffinity: None
  type: ClusterIP

3.4 应用资源配置清单

[root@hdss7-21 ~]# kubectl create -f nginx-ds-svc.yaml
service/nginx-ds created
[root@hdss7-21 ~]# kubectl create -f nginx-ds-svc.yaml
service/nginx-ds created
[root@hdss7-21 ~]# kubectl get svc -n default
NAME         TYPE        CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   192.168.0.1               443/TCP   6d20h
nginx-ds     ClusterIP   192.168.210.122           80/TCP    45s
查看详情
[root@hdss7-21 ~]# kubectl get svc nginx-ds -o yaml -n default
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2021-07-17T0928Z"
  labels:
    app: nginx-ds
  name: nginx-ds
  namespace: default
  resourceVersion: "46358"
  selfLink: /api/v1/namespaces/default/services/nginx-ds
  uid: 872412d9-e6df-11eb-a8fa-000c29e396b1
spec:
  clusterIP: 192.168.210.122
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx-ds
  sessionAffinity: None
  type: ClusterIP
status:
  loadBalancer: {}

3.5 修改资源配置清单并应用

[root@hdss7-21 ~]# kubectl get svc nginx-ds -n default
NAME       TYPE        CLUSTER-IP        EXTERNAL-IP   PORT(S)   AGE
nginx-ds   ClusterIP   192.168.210.122           80/TCP    13m

3.5.1 离线更改
即修改yaml资源配置清单

[root@hdss7-21 ~]# vim nginx-ds-svc.yaml
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-ds
  name: nginx-ds
  namespace: default
spec:
  ports:
  - port: 8080
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx-ds
  sessionAffinity: None
  type: ClusterIP
使用apply进行变更
[root@hdss7-21 ~]# kubectl apply -f nginx-ds-svc.yaml
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
The Service "nginx-ds" is invalid:
* spec.ports[0].name: Required value
* spec.ports[1].name: Required value
如果出现如上报错,就使用--force强制变更
[root@hdss7-21 ~]# kubectl apply -f nginx-ds-svc.yaml --force
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
service/nginx-ds configured
再次查看service端口已经变成8080了
[root@hdss7-21 ~]# kubectl get svc nginx-ds -n default
NAME       TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
nginx-ds   ClusterIP   192.168.55.169           8080/TCP   5s

3.5.2 在线更改
使用edit在线编辑资源配置清单并保存使之生效(nginx-ds为service名称)

[root@hdss7-21 ~]# kubectl edit svc nginx-ds
修改- port: 8081
保存退出(:wq)
service/nginx-ds edited
再次查看
[root@hdss7-21 ~]# kubectl get svc nginx-ds -n default
NAME       TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
nginx-ds   ClusterIP   192.168.55.169           8081/TCP   7m45s

注意,使用在线更改的其资源配置清单的yaml文件并不会改变,edit查看修改的都是资源目前的真实状态,yaml不会因此二受到改变,所以生产上一般不建议使用edit在线修改资源,因为yaml文件未同步更新,会使得下次使用yaml文件时将edit修改的内容恢复。在线修改后可以查看一下yaml文件,是没有改变的。

3.6 删除资源配置清单

陈述式删除

[root@hdss7-21 ~]# kubectl delete svc nginx-ds
service "nginx-dt" deleted

声明式删除

 

[root@hdss7-21 ~]# kubectl delete -f nginx-ds-svc.yaml
service "nginx-ds" deleted

 

3.7 声明式资源管理方法小结

声明式资源管理方法,依赖于统一资源配置清单文件对资源进行管理;

对资源的管理,是通过事先定义在同一资源配置清单内,再通过陈述式命令应用到K8s集群里

语法格式:kubectl create/apply/delete/ -f *.yaml/json

资源配置清单的学习方法
多看别人写的(官方),能读懂的;
能照着现有的文件改着用;
遇到不懂的,能用explain进行查询;
切记上来就自己写,等熟悉了之后再尝试自己写。

链接:https://www.cnblogs.com/wangyuanguang/p/15022097.html

 

打开APP阅读更多精彩内容
声明:本文内容及配图由入驻作者撰写或者入驻合作网站授权转载。文章观点仅代表作者本人,不代表电子发烧友网立场。文章及其配图仅供工程师学习之用,如有内容侵权或者其他违规问题,请联系本站处理。 举报投诉

全部0条评论

快来发表一下你的评论吧 !

下载APP
|投诉反馈|电子发烧友网
© 2021 elecfans.com
湘ICP备2023018690号
×
20
完善资料,
赚取积分