5、kubernetes资源清单之Pod应用190709

一、Pod镜像及端口

• 获取帮助文档

# kubectl explain pod.spec.containers
spec.containers <[]object>

• pod.spec.containers.imagePullPolicy：镜像的拉取策略

- name <string>
  image <string>
  imagePullPolicy: <string>  #如果标签是latest则默认值是Always，如果是其他标签则默认值是IfNotPresent
    Always：总是去仓库下载，latest标签的镜像用
    Never：本地有就用，没有就不用
    IfNotPresent：本地有用本地的，本地没有去仓库下载

• pod.spec.containers.ports：端口的暴露

  ports:
  - name: http
    containerPort: 80
  - name: https
    containerPort: 443

• pod.spec.containers.command和args：相当于dockerfile中的ENTRYPOINT和CMD，将args当做参数传递给command；变量引用：$(VAR_NAME)；command和args的关系参考：https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

二、Pod标签及标签选择器和注解

• pod标签

metadata:
  name: pod-demo
  namespace: default
  labels:
    app: myapp
    tier: frontend

# kubectl get pods --show-labels  #查看所有pod的标签
# kubectl get pods --show-labels -L app  #显示拥有app标签的值
# kubectl get pods --show-labels -L app,run  #显示多个标签的标签值
# kubectl get pods --show-labels -l app  #过滤拥有app标签的pod
# kubectl get pods --show-labels -l app=myapp  #基于等值的标签选择器（=, ==, !=）
# kubectl get pods --show-labels -l "app in (myapp,noapp)"  #基于集合关系的标签选择器（in, ontin）

# kubectl label pods pod-demo release=canary  #给pod打标
# kubectl label pods pod-demo release=stable --overwrite  #修改标签的值

• node标签

# kubectl get nodes --show-labels  #基于nodeSelector节点选择器
# kubectl label node node01 disktype=ssd  #给node01增加disktype=ssd的标签

• nodeSelector

spec:
  nodeSelector:  #使其pod只能运行在拥有disktype=ssd标签的node上
    disktype: ssd

• nodeName

spec:
  nodeName: node01  #使其pod只能运行在node01上

• annotations：与label不同的地方在于它不能用于挑选资源对象，仅用于为对象提供“元数据”

metadata:
  annotations:
    dongfei.tech/created-by: "cluster admin"

# kubectl describe pods pod-demo |grep Annotations

三、Pod生命周期

1、Pod生命周期中的行为

1. init container：初始化容器，为主容器准备环境，可以有多个初始化容器（串行执行）
2. main container：主容器
   1. post start：主容器启动后执行的程序
   2. liveness probe：存活状态监测，监测主进程是否正在运行
   3. readiness probe：就绪状态监测，监测主进程提供的服务是否就绪
   4. pre stop：主容器结束前执行的程序

2、Pod生命周期的状态

1. Pending：挂起状态
2. Running：运行状态
3. Failed：失败状态
4. Succeeded：成功状态
5. Unknown：未知状态

3、Pod重启策略

spec:
  restartPolicy:
    Always：默认，总是重启
    OnFailure：Pod失败则会重启
    Never：不会重启

四、Pod容器存活性探测和就绪性探测

• 三种探针类型：ExecAction、TCPSocketAction、HTTPGetAction

1、存活性探测

• pods.spec.containers.livenessProbe.exec：存活性探测之exec探针

# cat liveness-exec.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: liveness-exec-pod
  namespace: default
spec:
  containers:
  - name: liveness-exec-container
    image: busybox:latest
    imagePullPolicy: IfNotPresent
    command: ["/bin/sh", "-c","touch /tmp/healthy; sleep 10; rm -rf /tmp/healthy; sleep 3600"]
    livenessProbe:
      exec:
        command: ["test","-e","/tmp/healthy"]  #探测命令
      initialDelaySeconds: 1  #初始化延迟时间，默认0s
      periodSeconds: 3  #隔多长时间探测一次，默认10s
      failureThreshold: 3  #探测失败3次为失败，默认3次
      successThreshold: 1  #探测成功1次为成功
  restartPolicy: Always  #探测失败时的重启策略
# kubectl get pods -w  #监控POD状态
# kubectl describe pods liveness-exec-pod |grep "Restart Count"  #查看Pod重启次数

• pods.spec.containers.livenessProbe.tcpSocket：存活性探测之tcpSocket探针
• pods.spec.containers.livenessProbe.httpGet：存活性探测之httpGet探针

# cat liveness-httpget.yaml
apiVersion: v1
kind: Pod
metadata:
  name: liveness-httpget-pod
  namespace: default
spec:
  containers:
  - name: liveness-httpget-container
    image: dongfeimg/myapp:v1
    imagePullPolicy: IfNotPresent
    ports:
    - name: http
      containerPort: 80
    livenessProbe:
      httpGet:
        port: http
        path: /index.html
      initialDelaySeconds: 1
      periodSeconds: 3
# kubectl exec -it liveness-httpget-pod -- /bin/sh  #手动连入pod
/ # rm -f /usr/share/nginx/html/index.html  #删除index.html文件，探测失败会重启

2、就绪性探测

• pods.spec.containers.readinessProbe.httpGet：就绪性探测之httpGet探针

# cat readiness-httpget.yaml
apiVersion: v1
kind: Pod
metadata:
  name: readiness-httpget-pod
  namespace: default
spec:
  containers:
  - name: readiness-httpget-container
    image: dongfeimg/myapp:v1
    imagePullPolicy: IfNotPresent
    ports:
    - name: http
      containerPort: 80
    readinessProbe:
      httpGet:
        port: http
        path: /index.html
      initialDelaySeconds: 1
      periodSeconds: 3

• 其他参考存活性探测

五、启动后和终止前钩子

• pods.spec.containers.lifecycle.postStart：启动后钩子

# cat poststart-pod.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: poststart-pod
  namespace: default
spec:
  containers:
  - name: busybox-httpd
    image: busybox:latest
    imagePullPolicy: IfNotPresent
    lifecycle:
      postStart:
        exec:
          command: ["mkdir","-p","/data/web/html"]  #在command命令后执行此命令
    command: ["/bin/sh","-c","sleep 3600"]

• pods.spec.containers.lifecycle.preStop：终止前钩子

5、kubernetes资源清单之Pod应用190709

原文：https://www.cnblogs.com/L-dongf/p/11158763.html