pod(三):pod的管理
一.系统环境
| 服务器版本 | docker软件版本 | CPU架构 |
|---|---|---|
| CentOS Linux release 7.4.1708 (Core) | Docker version 20.10.12 | x86_64 |
二.前言
pod的常见管理。
管理pod的前提是已经有一套可以正常运行的Kubernetes集群,关于Kubernetes(k8s)集群的安装部署,可以查看博客《Centos7 安装部署Kubernetes(k8s)集群》https://www.cnblogs.com/renshengdezheli/p/16686769.html
三.pod的管理
3.1 环境介绍
Kubernetes集群架构:k8scloude1作为master节点,k8scloude2,k8scloude3作为worker节点
| 服务器 | 操作系统版本 | CPU架构 | 进程 | 功能描述 |
|---|---|---|---|---|
| k8scloude1/192.168.110.130 | CentOS Linux release 7.4.1708 (Core) | x86_64 | docker,kube-apiserver,etcd,kube-scheduler,kube-controller-manager,kubelet,kube-proxy,coredns,calico | k8s master节点 |
| k8scloude2/192.168.110.129 | CentOS Linux release 7.4.1708 (Core) | x86_64 | docker,kubelet,kube-proxy,calico | k8s worker节点 |
| k8scloude3/192.168.110.128 | CentOS Linux release 7.4.1708 (Core) | x86_64 | docker,kubelet,kube-proxy,calico | k8s worker节点 |
3.2 管理pod
使用Nginx镜像创建一个pod
[root@k8scloude1 pod]# vim nginx.yaml
#kind: Pod表示资源类型为Pod labels指定pod标签 metadata下面的name指定pod名字 containers下面全是容器的定义
#image指定镜像名字 imagePullPolicy指定镜像下载策略 containers下面的name指定容器名
#resources指定容器资源(CPU,内存等) env指定容器里的环境变量 dnsPolicy指定DNS策略
#restartPolicy容器重启策略 ports指定容器端口
[root@k8scloude1 pod]# cat nginx.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: nginx
name: nginx
spec:
containers:
- image: nginx
imagePullPolicy: IfNotPresent
name: nginx
resources: {}
ports:
- name: http
containerPort: 80
protocol: TCP
env:
- name: xx
value: "12"
- name: yy
value: "21"
- name: zz
value: hello
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
[root@k8scloude1 pod]# ls
nginx.yaml pod1.yaml pod2.yaml
[root@k8scloude1 pod]# kubectl apply -f nginx.yaml
pod/nginx created
[root@k8scloude1 pod]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 5s
不进入容器,执行ls / 命令
#不进入容器,执行命令:kubectl exec podname -- 命令
[root@k8scloude1 pod]# kubectl exec nginx -- ls /
bin
boot
dev
docker-entrypoint.d
docker-entrypoint.sh
etc
home
lib
lib64
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
进入容器执行命令
#进入容器:kubectl exec -it podname -- bash
[root@k8scloude1 pod]# kubectl exec -it nginx -- bash
root@nginx:/# which nginx
/usr/sbin/nginx
root@nginx:/# exit
exit
从物理机复制文件到pod里
[root@k8scloude1 pod]# kubectl cp /etc/hosts nginx:/tmp
[root@k8scloude1 pod]# kubectl exec nginx -- ls /tmp
hosts
从pod里复制文件到物理机
[root@k8scloude1 pod]# kubectl cp nginx:/etc/hosts nginx_hosts
tar: Removing leading `/' from member names
[root@k8scloude1 pod]# ls
nginx_hosts nginx.yaml pod1.yaml pod2.yaml
[root@k8scloude1 pod]# cat nginx_hosts
# Kubernetes-managed hosts file.
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
fe00::0 ip6-mcastprefix
fe00::1 ip6-allnodes
fe00::2 ip6-allrouters
10.244.251.202 nginx
[root@k8scloude1 pod]# rm -rf nginx_hosts
查看pod的日志
[root@k8scloude1 pod]# kubectl logs nginx
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2022/01/12 13:41:43 [notice] 1#1: using the "epoll" event method
2022/01/12 13:41:43 [notice] 1#1: nginx/1.21.5
2022/01/12 13:41:43 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
2022/01/12 13:41:43 [notice] 1#1: OS: Linux 3.10.0-693.el7.x86_64
2022/01/12 13:41:43 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2022/01/12 13:41:43 [notice] 1#1: start worker processes
2022/01/12 13:41:43 [notice] 1#1: start worker process 31
2022/01/12 13:41:43 [notice] 1#1: start worker process 32
当一个pod里有两个容器,怎么查看?kubectl exec -it podname -c 容器名 -- 命令
首先创建一个包含2个容器的pod
[root@k8scloude1 pod]# vim pod2.yaml
[root@k8scloude1 pod]# cat pod2.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: pod1
name: pod1
spec:
containers:
- image: nginx
imagePullPolicy: IfNotPresent
name: n1
resources: {}
- image: nginx
imagePullPolicy: IfNotPresent
command: ["sh","-c","sleep 10"]
name: n2
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
[root@k8scloude1 pod]# kubectl apply -f pod2.yaml
pod/pod1 created
[root@k8scloude1 pod]# kubectl get pod
NAME READY STATUS RESTARTS AGE
pod1 2/2 Running 0 6s
查看pod1的描述信息
[root@k8scloude1 pod]# kubectl describe pod pod1
Name: pod1
Namespace: pod
Priority: 0
Node: k8scloude2/192.168.110.129
Start Time: Wed, 12 Jan 2022 21:53:05 +0800
Labels: run=pod1
Annotations: cni.projectcalico.org/containerID: d103a6cb8e6535c5cfa8cf52153a80c11b75c0b7a744c7ad1028f3f4e88a627e
cni.projectcalico.org/podIP: 10.244.112.141/32
cni.projectcalico.org/podIPs: 10.244.112.141/32
Status: Running
IP: 10.244.112.141
IPs:
IP: 10.244.112.141
Containers:
n1:
Container ID: docker://e54540c02e54109af7437fd00f18bcca3969e75eafb336dadb9ddb21022520ed
Image: nginx
Image ID: docker-pullable://nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
Port: <none>
Host Port: <none>
State: Running
Started: Wed, 12 Jan 2022 21:53:06 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-42h2q (ro)
n2:
Container ID: docker://2d09c058d4c11f51c1c22c58012c79f5b8ec8327fcdd43e17f4533cb01f098d0
Image: nginx
Image ID: docker-pullable://nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
Port: <none>
Host Port: <none>
Command:
sh
-c
sleep 10
State: Terminated
Reason: Completed
Exit Code: 0
Started: Wed, 12 Jan 2022 21:53:39 +0800
Finished: Wed, 12 Jan 2022 21:53:49 +0800
Last State: Terminated
Reason: Completed
Exit Code: 0
Started: Wed, 12 Jan 2022 21:53:17 +0800
Finished: Wed, 12 Jan 2022 21:53:27 +0800
Ready: False
Restart Count: 2
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-42h2q (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
kube-api-access-42h2q:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 46s default-scheduler Successfully assigned pod/pod1 to k8scloude2
Normal Pulled 46s kubelet Container image "nginx" already present on machine
Normal Created 46s kubelet Created container n1
Normal Started 46s kubelet Started container n1
Normal Pulled 13s (x3 over 46s) kubelet Container image "nginx" already present on machine
Normal Created 13s (x3 over 46s) kubelet Created container n2
Normal Started 13s (x3 over 46s) kubelet Started container n2
Warning BackOff 3s (x2 over 24s) kubelet Back-off restarting failed container
查看pod里的n1容器的/tmp目录
#当一个pod里有两个容器,怎么查看:kubectl exec -it podname -c 容器名 -- 命令
[root@k8scloude1 pod]# kubectl exec -it pod1 -c n1 -- ls /tmp
查看pod里的n2容器的/tmp目录
[root@k8scloude1 pod]# kubectl exec -it pod1 -c n2 -- ls /tmp
进入pod1里的n1容器
[root@k8scloude1 pod]# kubectl exec -it pod1 -c n1 -- bash
root@pod1:/# which nginx
/usr/sbin/nginx
root@pod1:/# exit
exit
查看pod1里的n1容器日志
[root@k8scloude1 pod]# kubectl logs pod1 -c n1
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2022/01/12 13:53:06 [notice] 1#1: using the "epoll" event method
2022/01/12 13:53:06 [notice] 1#1: nginx/1.21.5
2022/01/12 13:53:06 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
2022/01/12 13:53:06 [notice] 1#1: OS: Linux 3.10.0-693.el7.x86_64
2022/01/12 13:53:06 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2022/01/12 13:53:06 [notice] 1#1: start worker processes
2022/01/12 13:53:06 [notice] 1#1: start worker process 32
2022/01/12 13:53:06 [notice] 1#1: start worker process 33
编辑pod: kubectl edit pod podname
[root@k8scloude1 pod]# kubectl edit pod nginx
Edit cancelled, no changes made.
容器里运行命令的一种写法是使用command
[root@k8scloude1 pod]# vim pod2.yaml
[root@k8scloude1 pod]# cat pod2.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: pod1
name: pod1
spec:
containers:
- image: nginx
imagePullPolicy: IfNotPresent
name: n1
resources: {}
- image: nginx
imagePullPolicy: IfNotPresent
command: ["sh","-c","sleep 10"]
name: n2
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
容器里运行命令的另一种写法是使用args
[root@k8scloude1 pod]# kubectl run podtest --image=nginx --dry-run=client -o yaml -- sh -c sleep 100
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: podtest
name: podtest
spec:
containers:
- args:
- sh
- -c
- sleep
- "100"
image: nginx
name: podtest
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
pod(三):pod的管理的更多相关文章
- Kubernetes用户指南(三)--在生产环境中使用Pod来工作、管理部署
一.在生产环境中使用Pod来工作 本节将介绍一些在生产环境中运行应用非常有用的功能. 1.持久化存储 容器的文件系统只有当容器正常运行时有效,一旦容器奔溃或者重启,所有对文件系统的修改将会丢失,从一个 ...
- Pod资源的基础管理操作(Kubernetes)
Pod是Kubernetes API中的核心资源类型,它可以定义在JSON或者YAML格式的资源清单中,由资源管理命令进行陈述式声明管理.创建时通过create或apply命令将请求提交到API Se ...
- (译)Kubernetes中的多容器Pod和Pod内容器间通信
原文:https://www.mirantis.com/blog/multi-container-pods-and-container-communication-in-kubernetes/Pave ...
- k8s之pod与Pod控制器
k8s中最为重要的基础资源,pod,pod controller,service pod controller类型有多种需要向控制器赋值之后使用: kubectl命令使用 kubectk get no ...
- K8s中的多容器Pod和Pod内容器间通信
容器(Container)常被用来解决比如微服务的单个问题,但在实际场景中,问题的解决往往需要多容器方案.本文会讨论将多个容器整合进单个Kubernetes Pod 中,以及Pod中的容器之间是如何通 ...
- 《Linux内核设计与实现》读书笔记 第三章 进程管理
第三章进程管理 进程是Unix操作系统抽象概念中最基本的一种.我们拥有操作系统就是为了运行用户程序,因此,进程管理就是所有操作系统的心脏所在. 3.1进程 概念: 进程:处于执行期的程序.但不仅局限于 ...
- CocoaPods pod install/pod update更新慢的问题
CocoaPods pod install/pod update 最近使用CocoaPods来添加第三方类库,无论是执行pod install还是pod update都卡在了Analyzing d ...
- memcache(三)内存管理
memcached(三)内存管理 memcached使用预申请的方式来管理内存的分配,从而避免内存碎片化的问题.如果采用mallo和free来动态的申请和销毁内存,必然会产生大量的内存碎片. 基本知识 ...
- hostapd源代码分析(三):管理帧的收发和处理
hostapd源代码分析(三):管理帧的收发和处理 原文链接:http://blog.csdn.net/qq_21949217/article/details/46004379 这篇文章我来讲解一下h ...
- git——学习笔记(三)分支管理
一.创建.合并分支 每次提交,git都往后走一格,串成一跳时间线,head指向的是分支,分支指向提交.master是主分支,dev是另一条分支,分支就像指针一样,合并.删除分支时,修改的都是指针,工作 ...
随机推荐
- html-testRunner在unittest测试套件中的使用
废话不多说,直接上代码 代码 __author__ = 'huyang:十一的杂文录' import unittest import HtmlTestRunner import sys sys.pat ...
- JVM—垃圾收集器
JVM-垃圾收集器 什么是垃圾 没有被引用的对象就是垃圾. 怎么找到垃圾 引用计数法 当对象引用消失,对象就称为垃圾. 对象消失一个引用,计数减去一,当引用都消失了,计数就会变为0.此时这个对象就会变 ...
- openGauss/MOGDB时间消耗相关视图
openGauss/MOGDB 时间消耗相关视图 本文出处:https://www.modb.pro/db/388212 数据库版本 openGauss/MOGDB-2.1.1 一.显示当前用户在各个 ...
- Kubernetes Pod配置:从基础到高级实战技巧
本文深入探讨了Kubernetes Pod配置的实战技巧和常见易错点. 关注[TechLeadCloud],分享互联网架构.云服务技术的全维度知识.作者拥有10+年互联网服务架构.AI产品研发经验.团 ...
- Prometheus之自定义标签
前言: 我们一般通过grafana导入Dashboard模板用来展示数据,但是有时候需要自己定义展示项目,这时需要自己在Prometheus重新自定义标签,并在grafana进行应用. 1.Prome ...
- sql 语句系列(列举非索引外键)[八百章之第九章]
列举非索引外键 列举出那些外键没有添加索引. 目的: 1.减少锁. 2.外键添加索引,提示了查询性能,因为要与父表做连接查询做笛卡尔积. 下面只要会复制即可,没有会去从新写一遍的. select fk ...
- redis 简单整理——客户端案例分析[十八]
前言 简单整理一下客户端案例分析. 正文 现象一: 服务端现象:Redis主节点内存陡增,几乎用满maxmemory,而从节点 内存并没有变化. 客户端现象:客户端产生了OOM异常,也就是Redis主 ...
- Kafka的实现细节
Kafka的实现细节 一.Topic和Partition 在Kafka中的每一条消息都有一个topic.一般来说在我们应用中产生不同类型的数据,都可以设置不同的主题.一个主题一般会有多个消息的订阅者, ...
- PTA三次作业
1.前言: 第一次作业难度较大,从无到有的设计,涉及到的主要类有Paper,Question,AnswerPaper,Main,主要题目方向为字符串判断与字符串处理(提取有效信息),判断对错算总分,配 ...
- BURP保存多个监听器配置
"感谢您阅读本篇博客!如果您觉得本文对您有所帮助或启发,请不吝点赞和分享给更多的朋友.您的支持是我持续创作的动力,也欢迎留言交流,让我们一起探讨技术,共同成长!谢谢!" 前言 在进 ...