三个阶段部署docker:
环境准备
[root@master ~]# hostnamectl set-hostname master && exec bash[root@node01 ~]# hostnamectl set-hostname node01 && exec bash[root@node02 ~]# hostnamectl set-hostname node02 && exec bash
主机名解析
[root@master ~]# cat /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.183.11 master192.168.183.12 node01192.168.183.13 node02[root@master ~]# scp /etc/hosts node01:/etc/The authenticity of host 'node01 (192.168.183.12)' can't be established.ECDSA key fingerprint is SHA256:e66/gR4gS9VD4XMHWRVVglIHmU6I4/dgBiaB/swFLVM.ECDSA key fingerprint is MD5:fd:2a:6c:8d:f0:c9:c4:b2:8d:2d:05:cb:ac:c0:41:50.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'node01,192.168.183.12' (ECDSA) to the list of known hosts.root@node01's password: hosts 100% 227 98.2KB/s 00:00 [root@master ~]# scp /etc/hosts node02:/etc/The authenticity of host 'node02 (192.168.183.13)' can't be established.ECDSA key fingerprint is SHA256:e66/gR4gS9VD4XMHWRVVglIHmU6I4/dgBiaB/swFLVM.ECDSA key fingerprint is MD5:fd:2a:6c:8d:f0:c9:c4:b2:8d:2d:05:cb:ac:c0:41:50.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'node02,192.168.183.13' (ECDSA) to the list of known hosts.root@node02's password: hosts
三个节点配置K8s镜像yum仓库
cat </etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF
注意防火墙与seLinux都关闭;安装docker-ce;三个阶段操作
yum -y install docker-ce[root@master ~]# vim /usr/lib/systemd/system/docker.service [Unit]Description=Docker Application Container EngineDocumentation=https://docs.docker.comBindsTo=containerd.serviceAfter=network-online.target firewalld.service containerd.serviceWants=network-online.targetRequires=docker.socket[Service]Type=notify# the default is not to use systemd for cgroups because the delegate issues still# exists and systemd currently does not support the cgroup feature set required# for containers run by dockerEnvironment="HTTPS_PROXY=http://www.ik8s.io:10080" #国内用户添加这两个变量Environment="NO_PROXY=127.0.0.0/8,172.20.0.0/16" # 这个ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sockExecReload=/bin/kill -s HUP $MAINPIDTimeoutSec=0RestartSec=2Restart=always# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.# Both the old, and new location are accepted by systemd 229 and up, so using the old location# to make them work for either version of systemd.StartLimitBurst=3# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make# this option work for either version of systemd.StartLimitInterval=60s# Having non-zero Limit*s causes performance problems due to accounting overhead# in the kernel. We recommend using cgroups to do container-local accounting.LimitNOFILE=infinityLimitNPROC=infinityLimitCORE=infinity# Comment TasksMax if your systemd version does not support it.# Only systemd 226 and above support this option.TasksMax=infinity# set delegate yes so that systemd does not reset the cgroups of docker containersDelegate=yes# kill only the docker process, not all processes in the cgroupKillMode=process[Install]WantedBy=multi-user.target
安装
[root@master ~]# yum -y install kubelet kubeadm kubectl master安装[root@master ~]# systemctl enable kubelet.service
初始化
[root@master ~]# vim /etc/sysconfig/kubelet KUBELET_EXTRA_ARGS="--fail-swap-on=false" #添加初始化参数,忽略swap[root@master ~]#echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables[root@master ~]# kubeadm init --kubernetes-version=v1.15.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap 初始化最后kubeadm join 192.168.183.11:6443 --token lotfu3.ag7oqtqaewlxg9xy \ --discovery-token-ca-cert-hash sha256:401c4f4770ef5acb209ec3d2da1c0d0204c2ea790c05ceb32b53f287ccc280ca
启动操作
[root@master ~]# mkdir -p $HOME/.kube[root@master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config[root@master ~]# chown $(id -u):$(id -g) $HOME/.kube/config
查看
[root@master ~]# kubectl get csNAME STATUS MESSAGE ERRORcontroller-manager Healthy ok scheduler Healthy ok etcd-0 Healthy {"health":"true"}
部署网络插件
[root@master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.ymlpodsecuritypolicy.extensions/psp.flannel.unprivileged createdclusterrole.rbac.authorization.k8s.io/flannel createdclusterrolebinding.rbac.authorization.k8s.io/flannel createdserviceaccount/flannel createdconfigmap/kube-flannel-cfg createddaemonset.extensions/kube-flannel-ds-amd64 createddaemonset.extensions/kube-flannel-ds-arm64 createddaemonset.extensions/kube-flannel-ds-arm createddaemonset.extensions/kube-flannel-ds-ppc64le createddaemonset.extensions/kube-flannel-ds-s390x created[root@master ~]# kubectl get nodesNAME STATUS ROLES AGE VERSIONmaster Ready 变成这个状态ok了 master 19m v1.15.1
查看flannel的部署状态
[root@master ~]# kubectl get pods -n kube-systemNAME READY STATUS RESTARTS AGEcoredns-5c98db65d4-dc2hj 1/1 Running 0 21mcoredns-5c98db65d4-j4zc5 1/1 Running 0 21metcd-master 1/1 Running 0 20mkube-apiserver-master 1/1 Running 0 20mkube-controller-manager-master 1/1 Running 0 20mkube-flannel-ds-amd64-czvzm 1/1 Running 0 4m21s 运行kube-proxy-d5qcj 1/1 Running 0 21mkube-scheduler-master 1/1 Running 0 20m
查看集群名称空间
[root@master ~]# kubectl get nsNAME STATUS AGEdefault Active 23mkube-node-lease Active 23mkube-public Active 23mkube-system Active 23m
两个node安装
yum -y install kubelet kubeadm
节点配置启动,并加入集群
[root@master ~]# scp /etc/sysconfig/kubelet node01:/etc/sysconfig/[root@master ~]# scp /etc/sysconfig/kubelet node02:/etc/sysconfig/[root@node01 ~]# systemctl enable kubelet.service Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.[root@node02 ~]# systemctl enable kubelet.service Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.[root@node01 ~]# echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables [root@node02 ~]# echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables [root@node01 ~]# kubeadm join 192.168.183.11:6443 --token lotfu3.ag7oqtqaewlxg9xy --discovery-token-ca-cert-hash sha256:401c4f4770ef5acb209ec3d2da1c0d0204c2ea790c05ceb32b53f287ccc280ca --ignore-preflight-errors=Swap[preflight] Running pre-flight checks [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/ [WARNING Swap]: running with swap on is not supported. Please disable swap [WARNING SystemVerification]: this Docker version is not on the list of validated versions: 19.03.0. Latest validated version: 18.09[preflight] Reading configuration from the cluster...[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.15" ConfigMap in the kube-system namespace[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"[kubelet-start] Activating the kubelet service[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...This node has joined the cluster:* Certificate signing request was sent to apiserver and a response was received.* The Kubelet was informed of the new secure connection details.Run 'kubectl get nodes' on the control-plane to see this node join the cluster.[root@node02 ~]# kubeadm join 192.168.183.11:6443 --token lotfu3.ag7oqtqaewlxg9xy --discovery-token-ca-cert-hash sha256:401c4f4770ef5acb209ec3d2da1c0d0204c2ea790c05ceb32b53f287ccc280ca --ignore-preflight-errors=Swap[preflight] Running pre-flight checks [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/ [WARNING Swap]: running with swap on is not supported. Please disable swap [WARNING SystemVerification]: this Docker version is not on the list of validated versions: 19.03.0. Latest validated version: 18.09[preflight] Reading configuration from the cluster...[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.15" ConfigMap in the kube-system namespace[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"[kubelet-start] Activating the kubelet service[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...This node has joined the cluster:* Certificate signing request was sent to apiserver and a response was received.* The Kubelet was informed of the new secure connection details.Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
主节点查看nodes信息
[root@master ~]# kubectl get nodesNAME STATUS ROLES AGE VERSIONmaster Ready master 33m v1.15.1node01 Ready3m28s v1.15.1node02 Ready 3m3s v1.15.1
查看node节点详细信息
[root@master ~]# kubectl describe node node01
查看版本信息
[root@master ~]# kubectl versionClient Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.1", GitCommit:"4485c6f18cee9a5d3c3b4e523bd27972b1b53892", GitTreeState:"clean", BuildDate:"2019-07-18T09:18:22Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.1", GitCommit:"4485c6f18cee9a5d3c3b4e523bd27972b1b53892", GitTreeState:"clean", BuildDate:"2019-07-18T09:09:21Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}
查看集群详细信息
[root@master ~]# kubectl cluster-infoKubernetes master is running at https://192.168.183.11:6443KubeDNS is running at https://192.168.183.11:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxyTo further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
干跑一个pod;--dry-run=true
[root@master ~]# kubectl run nginx --image=nginx:1.14-alpine --port=80 --replicas=1 --dry-run=true
创建一个pod,使用deployment控制器
[root@master ~]# kubectl run nginx --image=nginx:1.14-alpine --port=80 --replicas=1 kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.deployment.apps/nginx created
查看deployment控制器下的pod容器
[root@master ~]# kubectl get deploymentNAME READY UP-TO-DATE AVAILABLE AGEnginx 1/1 1 1 2m8s
查看pod信息
[root@master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEnginx-5896f46c8-72wm4 1/1 Running 0 5m39s
查看pod详细信息
[root@master ~]# kubectl get pods -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESnginx-5896f46c8-72wm4 1/1 Running 0 8m1s 10.244.1.2 node01
在node01查看IP
[root@node01 ~]# ip a1: lo:mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:2b:3b:45 brd ff:ff:ff:ff:ff:ff inet 192.168.183.12/24 brd 192.168.183.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::8dc3:2482:a2b9:c57e/64 scope link tentative noprefixroute dadfailed valid_lft forever preferred_lft forever inet6 fe80::10dc:280:ec28:2db4/64 scope link noprefixroute valid_lft forever preferred_lft forever3: docker0: mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:62:cd:a6:be brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever4: flannel.1: mtu 1450 qdisc noqueue state UNKNOWN group default link/ether 02:ee:3c:55:af:8f brd ff:ff:ff:ff:ff:ff inet 10.244.1.0/32 scope global flannel.1 valid_lft forever preferred_lft forever inet6 fe80::ee:3cff:fe55:af8f/64 scope link valid_lft forever preferred_lft forever5: cni0: mtu 1450 qdisc noqueue state UP group default qlen 1000 link/ether 26:ac:1e:b1:29:a4 brd ff:ff:ff:ff:ff:ff inet 10.244.1.1/24 scope global cni0 valid_lft forever preferred_lft forever inet6 fe80::24ac:1eff:feb1:29a4/64 scope link valid_lft forever preferred_lft forever6: veth64e1c1fd@if3: mtu 1450 qdisc noqueue master cni0 state UP group default link/ether 8a:a3:86:62:9f:5d brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::88a3:86ff:fe62:9f5d/64 scope link valid_lft forever preferred_lft forever
集群节点上访问,集群那个节点都可以访问
[root@master ~]# curl 10.244.1.2Welcome to nginx! Welcome to nginx!
If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.
For online documentation and support please refer tonginx.org.
Commercial support is available atnginx.com.Thank you for using nginx.
控制器检查pod挂掉自动创建pod功能
[root@master ~]# kubectl get pods 查看NAME READY STATUS RESTARTS AGEnginx-5896f46c8-72wm4 1/1 Running 0 15m[root@master ~]# kubectl delete pods nginx-5896f46c8-72wm4 算出pod "nginx-5896f46c8-72wm4" deleted[root@master ~]# kubectl get pods 创建恢复NAME READY STATUS RESTARTS AGEnginx-5896f46c8-zblcs 0/1 ContainerCreating 0 15s[root@master ~]# kubectl get pods 恢复可用状态NAME READY STATUS RESTARTS AGEnginx-5896f46c8-zblcs 1/1 Running 0 98s[root@master ~]# kubectl get pod -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESnginx-5896f46c8-zblcs 1/1 Running 0 117s 10.244.2.2 node02
把pod暴露参数选项介绍;即创建服务
--type='': Type for this service: ClusterIP:只能各个访问不能提供给外部访问, NodePort, LoadBalancer, or ExternalName. Default is 'ClusterIP':默认类型. kubectl expose (-f FILENAME | TYPE NAME) [--port=指定暴露给外网端口] [--protocol=TCP|UDP|SCTP] [--target-port=pod][--name=server 名称] [--external-ip=external-ip-of-service] [--type=类型] [options]
把暴露给集群内部pod访问
[root@master ~]# kubectl expose deployment控制器类型 nginx控制器名字 --name=nginx --port=80 --target-port=80 service/nginx exposed
查看创建的服务
[root@master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1443/TCP 101mnginx ClusterIP 10.110.130.60 80/TCP 2m44s #是被pod客户端访问的
查看服务的详细信息
[root@master ~]# kubectl describe svc nginxName: nginxNamespace: defaultLabels: run=nginxAnnotations:Selector: run=nginxType: ClusterIPIP: 10.110.130.60Port: 80/TCPTargetPort: 80/TCPEndpoints: 10.244.2.2:80Session Affinity: NoneEvents:
查看pod的标签
[root@master ~]# kubectl get pods --show-labelsNAME READY STATUS RESTARTS AGE LABELSnginx-5896f46c8-zblcs 1/1 Running 0 52m pod-template-hash=5896f46c8,run=nginx
删除服务
[root@master ~]# kubectl delete svc nginxservice "nginx" deleted
查看控制器详细信息
[root@master ~]# kubectl describe deployment nginxName: nginxNamespace: defaultCreationTimestamp: Thu, 25 Jul 2019 13:15:04 +0800Labels: run=nginxAnnotations: deployment.kubernetes.io/revision: 1Selector: run=nginxReplicas: 1 desired | 1 updated | 1 total | 1 available | 0 unavailableStrategyType: RollingUpdateMinReadySeconds: 0RollingUpdateStrategy: 25% max unavailable, 25% max surgePod Template: Labels: run=nginx Containers: nginx: Image: nginx:1.14-alpine Port: 80/TCP Host Port: 0/TCP Environment:Mounts: Volumes: Conditions: Type Status Reason ---- ------ ------ Progressing True NewReplicaSetAvailable Available True MinimumReplicasAvailableOldReplicaSets: NewReplicaSet: nginx-5896f46c8 (1/1 replicas created)Events:
动态调整describe的控制器pod的副本数
[root@master ~]# kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2 起一个2副本的podkubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.deployment.apps/myapp created[root@master ~]# kubectl get deployment 查看控制器下的podNAME READY UP-TO-DATE AVAILABLE AGEmyapp 2/2 2 2 110snginx 1/1 1 1 84m^C[root@master ~]# kubectl get pods -o wide 查看集群总的podNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESmyapp-84cd4b7f95-px2kb 1/1 Running 0 3m27s 10.244.2.4 node02myapp-84cd4b7f95-xfcnk 1/1 Running 0 3m27s 10.244.1.6 node01 nginx-5896f46c8-zblcs 1/1 Running 0 69m 10.244.2.2 node02 [root@master ~]# kubectl expose deployment myapp --name=myapp --port=80service/myapp exposed[root@master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 443/TCP 153mmyapp ClusterIP 10.103.191.244 80/TCP 35snginx ClusterIP 10.108.177.175 80/TCP 17m[root@master ~]# kubectl scale --replicas=4 deployment myapp 扩容到4个deployment.extensions/myapp scaled[root@master ~]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESmyapp-84cd4b7f95-px2kb 1/1 Running 0 30m 10.244.2.4 node02 myapp-84cd4b7f95-tjgqz 1/1 Running 0 3s 10.244.2.5 node02 myapp-84cd4b7f95-vphlz 0/1 ContainerCreating 0 3s node01 myapp-84cd4b7f95-xfcnk 1/1 Running 0 30m 10.244.1.6 node01 nginx-5896f46c8-zblcs 1/1 Running 0 96m 10.244.2.2 node02 [root@master ~]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESmyapp-84cd4b7f95-px2kb 1/1 Running 0 30m 10.244.2.4 node02 myapp-84cd4b7f95-tjgqz 1/1 Running 0 5s 10.244.2.5 node02 myapp-84cd4b7f95-vphlz 1/1 Running 0 5s 10.244.1.7 node01 myapp-84cd4b7f95-xfcnk 1/1 Running 0 30m 10.244.1.6 node01 nginx-5896f46c8-zblcs 1/1 Running 0 96m 10.244.2.2 node02 [root@master ~]# kubectl scale --replicas=1 deployment myapp 缩减到一个poddeployment.extensions/myapp scaled[root@master ~]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESmyapp-84cd4b7f95-xfcnk 1/1 Running 0 31m 10.244.1.6 node01 nginx-5896f46c8-zblcs 1/1 Running 0 97m 10.244.2.2 node02
更新升级pod
[root@master ~]# kubectl describe pods myapp-84cd4b7f95-xfcnk Name: myapp-84cd4b7f95-xfcnkNamespace: defaultPriority: 0Node: node01/192.168.183.12Start Time: Thu, 25 Jul 2019 14:37:33 +0800Labels: pod-template-hash=84cd4b7f95 run=myappAnnotations:Status: RunningIP: 10.244.1.6Controlled By: ReplicaSet/myapp-84cd4b7f95Containers: myapp: Container ID: docker://c13e99d23870a37627bc6b207a6b71f8d306f0a73f58515e57f4d964070b0df9 Image: ikubernetes/myapp:v1 #镜像版本 Image ID: docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513 Port: Host Port: State: Running Started: Thu, 25 Jul 2019 14:37:51 +0800 Ready: True Restart Count: 0 Environment: Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-2m2ts (ro)Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: default-token-2m2ts: Type: Secret (a volume populated by a Secret) SecretName: default-token-2m2ts Optional: falseQoS Class: BestEffortNode-Selectors: Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300sEvents: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 35m default-scheduler Successfully assigned default/myapp-84cd4b7f95-xfcnk to node01 Normal Pulling 35m kubelet, node01 Pulling image "ikubernetes/myapp:v1" Normal Pulled 34m kubelet, node01 Successfully pulled image "ikubernetes/myapp:v1" Normal Created 34m kubelet, node01 Created container myapp Normal Started 34m kubelet, node01 Started container myapp[root@master ~]# kubectl set image deployment myapp myapp=ikubernetes/myapp:v2 deployment.extensions/myapp image updated kubectl set image deployment myapp myapp=ikubernetes/myapp:v2 解释set替换 镜像 deployment 控制类型 myapp 控制器名字 myapp=表示更新这个pod的镜像[root@master ~]# kubectl describe pods myapp-746644f8d6-d7m7x Name: myapp-746644f8d6-d7m7xNamespace: defaultPriority: 0Node: node02/192.168.183.13Start Time: Thu, 25 Jul 2019 15:18:39 +0800Labels: pod-template-hash=746644f8d6 run=myappAnnotations: Status: RunningIP: 10.244.2.6Controlled By: ReplicaSet/myapp-746644f8d6Containers: myapp: Container ID: docker://78184c2d58c04372e866da2f3e406a48257b0f97c831f54499b92b8d1dc40676 Image: ikubernetes/myapp:v2 更新后镜像 Image ID: docker-pullable://ikubernetes/myapp@sha256:85a2b81a62f09a414ea33b74fb8aa686ed9b168294b26b4c819df0be0712d358 Port: Host Port: State: Running Started: Thu, 25 Jul 2019 15:18:50 +0800 Ready: True Restart Count: 0 Environment: Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-2m2ts (ro)Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: default-token-2m2ts: Type: Secret (a volume populated by a Secret) SecretName: default-token-2m2ts Optional: falseQoS Class: BestEffortNode-Selectors: Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300sEvents: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 4m9s default-scheduler Successfully assigned default/myapp-746644f8d6-d7m7x to node02 Normal Pulling 4m8s kubelet, node02 Pulling image "ikubernetes/myapp:v2" Normal Pulled 3m58s kubelet, node02 Successfully pulled image "ikubernetes/myapp:v2" Normal Created 3m58s kubelet, node02 Created container myapp Normal Started 3m58s kubelet, node02 Started container myapp
pod回滚操作
[root@master ~]# kubectl rollout undo deployment myapp 回滚到上一个版本deployment.extensions/myapp rolled back[root@master ~]# kubectl describe pods myapp-84cd4b7f95-g6ldpName: myapp-84cd4b7f95-g6ldpNamespace: defaultPriority: 0Node: node01/192.168.183.12Start Time: Thu, 25 Jul 2019 15:27:48 +0800Labels: pod-template-hash=84cd4b7f95 run=myappAnnotations:Status: RunningIP: 10.244.1.8Controlled By: ReplicaSet/myapp-84cd4b7f95Containers: myapp: Container ID: docker://7711bfc3da100aa6f25ebbde6b5a2500947501fe2fc1706dec75662f98fe86c0 Image: ikubernetes/myapp:v1 #回滚操作 Image ID: docker-pullable://ikubernetes/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513 Port: Host Port: State: Running Started: Thu, 25 Jul 2019 15:27:49 +0800 Ready: True Restart Count: 0 Environment: Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-2m2ts (ro)Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: default-token-2m2ts: Type: Secret (a volume populated by a Secret) SecretName: default-token-2m2ts Optional: falseQoS Class: BestEffortNode-Selectors: Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300sEvents: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 66s default-scheduler Successfully assigned default/myapp-84cd4b7f95-g6ldp to node01 Normal Pulled 65s kubelet, node01 Container image "ikubernetes/myapp:v1" already present on machine Normal Created 65s kubelet, node01 Created container myapp Normal Started 65s kubelet, node01 Started container myapp
修改服务类型让外部访问到pod
[root@master ~]# kubectl edit svc myapp# Please edit the object below. Lines beginning with a '#' will be ignored,# and an empty file will abort the edit. If an error occurs while saving this file will be# reopened with the relevant failures.#apiVersion: v1kind: Servicemetadata: creationTimestamp: "2019-07-25T06:45:50Z" labels: run: myapp name: myapp namespace: default resourceVersion: "18434" selfLink: /api/v1/namespaces/default/services/myapp uid: acaab49a-e372-427f-b6a3-d712eb2b11d1spec: clusterIP: 10.103.191.244 externalTrafficPolicy: Cluster ports: - nodePort: 31339 port: 80 protocol: TCP targetPort: 80 selector: run: myapp sessionAffinity: None type: NodePort 修改为这个status: loadBalancer: {}[root@master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1443/TCP 3h24mmyapp NodePort 10.103.191.244 80:31339/TCP 51mnginx ClusterIP 10.108.177.175 80/TCP 68m
集群外部访问端口所有节点的31339访问测试
[root@master ~]# curl 192.168.183.11:31339Hello MyApp | Version: v1 | Pod Name[root@master ~]# curl 192.168.183.12:31339Hello MyApp | Version: v1 | Pod Name[root@master ~]# curl 192.168.183.13:31339Hello MyApp | Version: v1 | Pod Name