三、Kubernetes中的控制器的使用
一 什么是控制器
官方文档:
工作负载管理 | Kubernetes
控制器也是管理pod的一种手段
-
自主式pod:pod退出或意外关闭后不会被重新创建
-
控制器管理的 Pod:在控制器的生命周期里,始终要维持 Pod 的副本数目
Pod控制器是管理pod的中间层,使用Pod控制器之后,只需要告诉Pod控制器,想要多少个什么样的Pod就可以了,它会创建出满足条件的Pod并确保每一个Pod资源处于用户期望的目标状态。如果Pod资源在运行中出现故障,它会基于指定策略重新编排Pod
当建立控制器后,会把期望值写入etcd,k8s中的apiserver检索etcd中我们保存的期望状态,并对比pod的当前状态,如果出现差异代码自驱动立即恢复
二 控制器常用类型
| 控制器名称 | 控制器用途 |
|---|---|
| Replication Controller | 比较原始的pod控制器,已经被废弃,由ReplicaSet替代 |
| ReplicaSet | ReplicaSet 确保任何时间都有指定数量的 Pod 副本在运行 |
| Deployment | 一个 Deployment 为 Pod 和 ReplicaSet 提供声明式的更新能力 |
| DaemonSet | DaemonSet 确保全指定节点上运行一个 Pod 的副本 |
| StatefulSet | StatefulSet 是用来管理有状态应用的工作负载 API 对象。 |
| Job | 执行批处理任务,仅执行一次任务,保证任务的一个或多个Pod成功结束 |
| CronJob | Cron Job 创建基于时间调度的 Jobs。 |
| HPA全称Horizontal Pod Autoscaler | 根据资源利用率自动调整service中Pod数量,实现Pod水平自动缩放 |
三 replicaset控制器
3.1 replicaset功能
-
ReplicaSet 是下一代的 Replication Controller,官方推荐使用ReplicaSet
-
ReplicaSet和Replication Controller的唯一区别是选择器的支持,ReplicaSet支持新的基于集合的选择器需求
-
ReplicaSet 确保任何时间都有指定数量的 Pod 副本在运行
-
虽然 ReplicaSets 可以独立使用,但今天它主要被Deployments 用作协调 Pod 创建、删除和更新的机制
3.2 replicaset参数说明
| 参数名称 | 字段类型 | 参数说明 |
|---|---|---|
| spec | Object | 详细定义对象,固定值就写Spec |
| spec.replicas | integer | 指定维护pod数量 |
| spec.selector | Object | Selector是对pod的标签查询,与pod数量匹配 |
| spec.selector.matchLabels | string | 指定Selector查询标签的名称和值,以key:value方式指定 |
| spec.template | Object | 指定对pod的描述信息,比如lab标签,运行容器的信息等 |
| spec.template.metadata | Object | 指定pod属性 |
| spec.template.metadata.labels | string | 指定pod标签 |
| spec.template.spec | Object | 详细定义对象 |
| spec.template.spec.containers | list | Spec对象的容器列表定义 |
| spec.template.spec.containers.name | string | 指定容器名称 |
| spec.template.spec.containers.image | string | 指定容器镜像 |
3.3 replicaset 示例
#生成yml文件
[root@k8s-master ~]# kubectl create deployment replicaset --image luohailin/myapp:v1 --dry-run=client -o yaml > pod.yml
[root@k8s-master ~]# vim pod.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: replicaset
spec:
replicas: 2 #指定维护pod数量为2
selector: #指定检测匹配方式
matchLabels: #指定匹配方式为匹配标签
app: myapp #指定匹配的标签为app=myapp
template: #模板,当副本数量不足时,会根据下面的模板创建pod副本
metadata:
labels:
app: myapp
spec:
containers:
- image: luohailin/myapp:v1
name: myapp
[root@k8s-master ~]# kubectl apply -f pod.yml
deployment.apps/replicaset created
[root@k8s-master ~]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
replicaset-9778f5b54-8wd8f 1/1 Running 0 5s app=myapp,pod-template-hash=9778f5b54
replicaset-9778f5b54-bjw4p 1/1 Running 0 5s app=myapp,pod-template-hash=9778f5b54
#replicaset是通过标签匹配pod
[root@k8s-master ~]# kubectl label pod replicaset-9778f5b54-8wd8f app=test --overwrite
pod/replicaset-9778f5b54-8wd8f labeled
[root@k8s-master ~]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
replicaset-9778f5b54-8wd8f 1/1 Running 0 66s app=test,pod-template-hash=9778f5b54
replicaset-9778f5b54-bjw4p 1/1 Running 0 66s app=myapp,pod-template-hash=9778f5b54
replicaset-9778f5b54-qz8hw 1/1 Running 0 5s app=myapp,pod-template-hash=9778f5b54
#replicaset自动控制副本数量,pod可以自愈
[root@k8s-master ~]# kubectl label pod replicaset-9778f5b54-8wd8f app=myapp --overwrite
pod/replicaset-9778f5b54-8wd8f labeled
[root@k8s-master ~]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
replicaset-9778f5b54-bjw4p 1/1 Running 0 8m31s app=myapp,pod-template-
replicaset-9778f5b54-qz8hw 1/1 Running 0 7m30s app=myapp,pod-template
四 deployment 控制器
4.1 deployment控制器的功能
-
为了更好的解决服务编排的问题,kubernetes在V1.2版本开始,引入了Deployment控制器。
-
Deployment控制器并不直接管理pod,而是通过管理ReplicaSet来间接管理Pod
-
Deployment管理ReplicaSet,ReplicaSet管理Pod
-
Deployment 为 Pod 和 ReplicaSet 提供了一个申明式的定义方法
-
在Deployment中ReplicaSet相当于一个版本
典型的应用场景:
-
用来创建Pod和ReplicaSet
-
滚动更新和回滚
-
扩容和缩容
-
暂停与恢复
4.2 deployment控制器示例
#生成yaml文件
[root@k8s-master ~]# kubectl create deployment deployment --image luohailin/myapp:v1 --dry-run=client -o yaml > test.yml
[root@k8s-master ~]# vim test.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: replicaset
spec:
replicas: 4
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- image: luohailin/myapp:v1
name: myapp
[root@k8s-master ~]# kubectl apply -f test.yml
deployment.apps/replicaset created
[root@k8s-master ~]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
replicaset-9778f5b54-4677m 1/1 Running 0 14s app=myapp,pod-template-hash=9778f5b54
replicaset-9778f5b54-5c9x7 1/1 Running 0 14s app=myapp,pod-template-hash=9778f5b54
replicaset-9778f5b54-886lv 1/1 Running 0 14s app=myapp,pod-template-hash=9778f5b54
replicaset-9778f5b54-sscjr 1/1 Running 0 14s app=myapp,pod-template-hash=9778f5b54
4.2.1 版本迭代
[root@k8s-master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
replicaset-9778f5b54-4677m 1/1 Running 0 2m1s 10.244.3.73 k8s-node2.exam.com <none> <none>
replicaset-9778f5b54-5c9x7 1/1 Running 0 2m1s 10.244.1.63 k8s-node1.exam.com <none> <none>
replicaset-9778f5b54-886lv 1/1 Running 0 2m1s 10.244.3.74 k8s-node2.exam.com <none> <none>
replicaset-9778f5b54-sscjr 1/1 Running 0 2m1s 10.244.1.62 k8s-node1.exam.com <none> <none>
#pod运行容器版本为v1
[root@k8s-master ~]# curl 10.244.3.73
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[root@k8s-master ~]# kubectl describe deployments.apps deployment
Error from server (NotFound): deployments.apps "deployment" not found
[root@k8s-master ~]# kubectl describe deployments.apps test
Error from server (NotFound): deployments.apps "test" not found
[root@k8s-master ~]# kubectl describe deployments.apps replicaset
Name: replicaset
Namespace: default
CreationTimestamp: Thu, 05 Sep 2024 14:44:57 +0800
Labels: <none>
Annotations: deployment.kubernetes.io/revision: 1
Selector: app=myapp
Replicas: 4 desired | 4 updated | 4 total | 4 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
#更新容器运行版本
[root@k8s-master ~]# vim test.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: replicaset
spec:
replicas: 4
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- image: luohailin/myapp:v2
name: myapp
[root@k8s-master ~]# kubectl apply -f test.yml
deployment.apps/replicaset configured
#更新过程
[root@k8s-master ~]# kubectl get pods -w
NAME READY STATUS RESTARTS AGE
replicaset-7649fd459-c49fq 1/1 Running 0 2s
replicaset-7649fd459-h825z 1/1 Running 0 4s
replicaset-7649fd459-hq5bx 1/1 Running 0 3s
replicaset-7649fd459-kzj92 1/1 Running 0 4s
#测试更新效果
[root@k8s-master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
replicaset-7649fd459-c49fq 1/1 Running 0 81s 10.244.3.76 k8s-node2.exam.com <none> <none>
replicaset-7649fd459-h825z 1/1 Running 0 83s 10.244.3.75 k8s-node2.exam.com <none> <none>
replicaset-7649fd459-hq5bx 1/1 Running 0 82s 10.244.1.65 k8s-node1.exam.com <none> <none>
replicaset-7649fd459-kzj92 1/1 Running 0 83s 10.244.1.64 k8s-node1.exam.com <none> <none>
[root@k8s-master ~]# curl 10.244.3.76
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
更新的过程是重新建立一个版本的RS,新版本的RS会把pod 重建,然后把老版本的RS回收
4.2.2 版本回滚
[root@k8s-master ~]# vim test.yml
[root@k8s-master ~]# kubectl apply -f test.yml
deployment.apps/replicaset configured
[root@k8s-master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
replicaset-9778f5b54-89xmc 1/1 Running 0 2s 10.244.1.67 k8s-node1.exam.com <none> <none>
replicaset-9778f5b54-9s5tz 1/1 Running 0 3s 10.244.3.78 k8s-node2.exam.com <none> <none>
replicaset-9778f5b54-jsbpm 1/1 Running 0 4s 10.244.1.66 k8s-node1.exam.com <none> <none>
replicaset-9778f5b54-rs2p8 1/1 Running 0 4s 10.244.3.77 k8s-node2.exam.com <none> <none>
[root@k8s-master ~]# curl 10.244.1.67
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
4.2.3 滚动更新策略
[root@k8s-master ~]# vim test.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: replicaset
spec:
minReadySeconds: 5
replicas: 4
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- image: luohailin/myapp:v1
name: myapp
[root@k8s-master ~]# kubectl apply -f test.yml
deployment.apps/replicaset configured
4.2.4 暂停及恢复
在实际生产环境中我们做的变更可能不止一处,当修改了一处后,如果执行变更就直接触发了
我们期望的触发时当我们把所有修改都搞定后一次触发
暂停,避免触发不必要的线上更新
#暂停滚动更新
[root@k8s-master ~]# kubectl rollout pause deployment replicaset
deployment.apps/replicaset paused
[root@k8s-master ~]# vim pod.yml
[root@k8s-master ~]# kubectl apply -f pod.yml
deployment.apps/replicaset configured
[root@k8s-master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
replicaset-7649fd459-5sl7f 1/1 Running 0 11m
replicaset-7649fd459-7vcb5 1/1 Running 0 11m
replicaset-7649fd459-bf7sl 1/1 Running 0 54s
replicaset-7649fd459-fcwcl 1/1 Running 0 11m
replicaset-7649fd459-h7xnj 1/1 Running 0 54s
replicaset-7649fd459-jr9cm 1/1 Running 0 11m
[root@k8s-master ~]# kubectl describe pods replicaset-7649fd459-5sl7f
Restart Count: 0
Environment: <none>
#开启滚动更新
[root@k8s-master ~]# kubectl rollout resume deployment replicaset
deployment.apps/replicaset resumed
[root@k8s-master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
replicaset-5c6c6fc4c9-gf8c8 1/1 Running 0 101s
replicaset-5c6c6fc4c9-hzsbs 1/1 Running 0 119s
replicaset-5c6c6fc4c9-pdkkf 1/1 Running 0 95s
replicaset-5c6c6fc4c9-s4vzs 1/1 Running 0 107s
replicaset-5c6c6fc4c9-sfsn4 1/1 Running 0 113s
replicaset-5c6c6fc4c9-vkh8z 1/1 Running 0 2m6s
[root@k8s-master ~]# kubectl describe pods replicaset-5c6c6fc4c9-gf8c8
Restart Count: 0
Limits:
cpu: 500m
memory: 200Mi
Requests:
cpu: 500m
memory: 200Mi
Environment: <none>
五 daemonset控制器
5.1 daemonset功能
DaemonSet 确保全部(或者某些)节点上运行一个 Pod 的副本。当有节点加入集群时, 也会为他们新增一个 Pod ,当有节点从集群移除时,这些 Pod 也会被回收。删除 DaemonSet 将会删除它创建的所有 Pod
DaemonSet 的典型用法:
-
在每个节点上运行集群存储 DaemonSet,例如 glusterd、ceph。
-
在每个节点上运行日志收集 DaemonSet,例如 fluentd、logstash。
-
在每个节点上运行监控 DaemonSet,例如 Prometheus Node Exporter、zabbix agent等
-
一个简单的用法是在所有的节点上都启动一个 DaemonSet,将被作为每种类型的 daemon 使用
-
一个稍微复杂的用法是单独对每种 daemon 类型使用多个 DaemonSet,但具有不同的标志, 并且对不同硬件类型具有不同的内存、CPU 要求
5.2 daemonset 示例
[root@k8s-master ~]# vim test.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: replicaset
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
tolerations:
- effect: NoSchedule
operator: Exists
containers:
- name: nginx
image: luohailin/nginx:1.23
[root@k8s-master ~]# kubectl apply -f test.yml
deployment.apps/replicaset created
[root@k8s-master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
replicaset-7b8b89dcdf-8k4zg 1/1 Running 0 88s 10.244.1.81 k8s-node1.exam.com <none> <none>
#回收
[root@k8s-master ~]# kubectl delete -f test.yml
deployment.apps "replicaset" deleted
六 job 控制器
6.1 job控制器功能
Job,主要用于负责批量处理(一次要处理指定数量任务)短暂的一次性(每个任务仅运行一次就结束)任务
Job特点如下:
-
当Job创建的pod执行成功结束时,Job将记录成功结束的pod数量
-
当成功结束的pod达到指定的数量时,Job将完成执行
6.2 job 控制器示例:
[root@k8s-master ~]# vim job.yml
apiVersion: batch/v1
kind: Job
metadata:
name: pi
spec:
completions: 6
parallelism: 1
template:
spec:
containers:
- name: perl
image: luohailin/perl:5.34.0
command: ["perl", "-Mbignum=bpi", "-wle", "print bpi(2000)"]
restartPolicy: Never
backoffLimit: 4
[root@k8s-master ~]# kubectl apply -f job.yml
job.batch/pi created
[root@k8s-master ~]# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/pi-mbkcd 0/1 Completed 0 12m
pod/pi-mvfsd 0/1 Completed 0 12m
pod/pi-q8rjj 0/1 Completed 0 11m
pod/pi-vdfgq 0/1 Completed 0 12m
pod/pi-x29xh 0/1 Completed 0 11m
pod/pi-zjw9b 0/1 Completed 0 12m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 5h34m
NAME STATUS COMPLETIONS DURATION AGE
job.batch/pi Complete 6/6 38s 12m
[root@k8s-master ~]# kubectl logs pod/pi-smnb2
3.1415926535897932384626433832795028841971693993751058209749445923078164062862089986280348253421170679821480865132823066470938446095505822317253594081284811174502841027019385211055596446229489549303819644288109756659334461284756482337867831652712019091456485669234603486104543266482133936072602491412737245870066063155881748815209209628292540917153643678925903600113305305488204665213841469519415116094330572703657595919530921861173819326117931051185480744623799627495673518857527248912279381830119491298336733624406566430860213949463952247371907021798609437027705392171762931767523846748184676694051320005681271452635608277857713427577896091736371787214684409012249534301465495853710507922796892589235420199561121290219608640344181598136297747713099605187072113499999983729780499510597317328160963185950244594553469083026425223082533446850352619311881710100031378387528865875332083814206171776691473035982534904287554687311595628638823537875937519577818577805321712268066130019278766111959092164201989380952572010654858632788659361533818279682303019520353018529689957736225994138912497217752834791315155748572424541506959508295331168617278558890750983817546374649393192550604009277016711390098488240128583616035637076601047101819429555961989467678374494482553797747268471040475346462080466842590694912933136770289891521047521620569660240580381501935112533824300355876402474964732639141992726042699227967823547816360093417216412199245863150302861829745557067498385054945885869269956909272107975093029553211653449872027559602364806654991198818347977535663698074265425278625518184175746728909777727938000816470600161452491921732172147723501414419735685481613611573525521334757418494684385233239073941433345477624168625189835694855620992192221842725502542568876717904946016534668049886272327917860857843838279679766814541009538837863609506800642251252051173929848960841284886269456042419652850222106611863067442786220391949450471237137869609563643719172874677646575739624138908658326459958133904780275901
关于重启策略设置的说明:
如果指定为OnFailure,则job会在pod出现故障时重启容器
而不是创建pod,failed次数不变
如果指定为Never,则job会在pod出现故障时创建新的pod
并且故障pod不会消失,也不会重启,failed次数加1
如果指定为Always的话,就意味着一直重启,意味着job任务会重复去执行了
七 cronjob 控制器
7.1 cronjob 控制器功能
-
Cron Job 创建基于时间调度的 Jobs。
-
CronJob控制器以Job控制器资源为其管控对象,并借助它管理pod资源对象,
-
CronJob可以以类似于Linux操作系统的周期性任务作业计划的方式控制其运行时间点及重复运行的方式。
-
CronJob可以在特定的时间点(反复的)去运行job任务。
7.2 cronjob 控制器 示例
[root@k8s-master ~]# vim test.yml
apiVersion: batch/v1
kind: CronJob
metadata:
name: test
spec:
schedule: "* * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: test
image: luohailin/busybox:latest
imagePullPolicy: IfNotPresent
command:
- /bin/sh
- -c
- date; echo Hello from the Kubernetes cluster
restartPolicy: OnFailure
[root@k8s-master ~]# kubectl apply -f test.yml
cronjob.batch/test created
[root@k8s-master ~]# kubectl get cronjobs.batch test
NAME SCHEDULE TIMEZONE SUSPEND ACTIVE LAST SCHEDULE AGE
test * * * * * <none> False 0 <none> 30s
[root@k8s-master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
test-28759028-8gwc6 0/1 Completed 0 30s
[root@k8s-master ~]# kubectl logs pods/test-28759029-2s4zw
Thu Sep 5 13:09:00 UTC 2024
Hello from the Kubernetes cluster
[root@k8s-master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
test-28759028-8gwc6 0/1 Completed 0 2m11s
test-28759029-2s4zw 0/1 Completed 0 71s
test-28759030-s6gdq 0/1 Completed 0 11s
[root@k8s-master ~]# kubectl logs pods/test-28759030-s6gdq
Thu Sep 5 13:10:00 UTC 2024
Hello from the Kubernetes cluster
