K8s基础
目录
base
#使用glusterfs做存储,不懂glusterfs的请参考其他文章
命名空间
容器
临时容器
root@ubuntu-200430-1:~# kubectl create deployment nginx-deployment --image=nginx:1.25.2-alpine deployment.apps/nginx-deployment created root@ubuntu-200430-1:~# kubectl get deploy NAME READY UP-TO-DATE AVAILABLE AGE nginx-deployment 0/1 1 0 11s root@ubuntu-200430-1:~# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-deployment-574699d69d-ggwl5 1/1 Running 0 3m55s root@ubuntu-200430-1:~# kubectl debug -it pods/nginx-deployment-574699d69d-ggwl5 --image=busybox Defaulting debug container name to debugger-5nbhj. / # ping linuxsa.org PING linuxsa.org (104.21.72.8): 56 data bytes 64 bytes from 104.21.72.8: seq=1 ttl=51 time=322.350 ms root@ubuntu-200430-1:~# kubectl describe pods nginx-deployment-574699d69d-ggwl5 Name: nginx-deployment-574699d69d-ggwl5 Namespace: cicd Priority: 0 Ephemeral Containers: debugger-5nbhj: Container ID: containerd://1996b57d36c4a8a8c632e9a5e37dc732231abae65e47dbc95d1fac400399c253 Image: busybox Image ID: docker.io/library/busybox@sha256:3fbc632167424a6d997e74f52b878d7cc478225cffac6bc977eedfe51c7f4e79 Port: <none> Host Port: <none> State: Terminated Reason: Error 与临时容器共享进程命名空间 进程命名空间共享一直是一个很好的故障排查选项,此功能可用于临时容器。进程命名空间共享不能应用于现有容器,因此必须创建目标容器的副本。 –share-processesflag 在与 –copy-to 一起使用时,可实现进程命名空间共享。这些标志将现有的 Pod spec定义复制到新定义中,并在spec中启用了进程命名空间共享。 $ kubectl debug -it <POD_NAME> --image=busybox --share-processes --copy-to=debug-pod 运行 ps 命令以查看正在运行的进程。 正如您所期望的那样,您可以从 busybox 容器中看到 /pause,从 nginx-deployment 容器中看到 nginx 进程。 / # ps aux PID USER TIME COMMAND 1 65535 0:00 /pause 7 root 0:00 nginx: master process nginx -g daemon off; 35 101 0:00 nginx: worker process 36 101 0:00 nginx: worker process 37 101 0:00 nginx: worker process 38 101 0:00 nginx: worker process 39 root 0:00 sh 46 root 0:00 ps aux
label
给节点打标签label
root@ubuntu-200470-1:~/pod# kubectl get node NAME STATUS ROLES AGE VERSION master Ready control-plane 22d v1.24.10 work1 Ready <none> 22d v1.24.10 work2 Ready <none> 22d v1.24.10 #给节点1 work1打上 nodename=node01 root@ubuntu-200470-1:~/pod# kubectl label nodes work1 nodename=node01 node/work1 labeled #查看效果 root@ubuntu-200470-1:~/pod# kubectl get node --show-labels=true NAME STATUS ROLES AGE VERSION LABELS master Ready control-plane 22d v1.24.10 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=master,kubernetes.io/os=linux,node-role.kubernetes.io/control-plane=,node.kubernetes.io/exclude-from-external-load-balancers= work1 Ready <none> 22d v1.24.10 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=work1,kubernetes.io/os=linux,nodename=node01 work2 Ready <none> 22d v1.24.10 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=work2,kubernetes.io/os=linux #使用 例如在dp apiVersion: apps/v1 kind: Deployment metadata: name: dep-nginx-sel-node spec: replicas: 1 selector: matchLabels: app: nginx template: metadata: labels: app: nginx ver: beta spec: containers: - name: nginx image: nginx:1.25.2-alpine imagePullPolicy: IfNotPresent nodeSelector: nodename: node01
label svc
oot@ubuntu-200470-1:~/oct19# kubectl get svc nginx --show-labels NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE LABELS nginx ClusterIP None <none> 80/TCP 6h15m app=nginxlabelstest root@ubuntu-200470-1:~/oct19# kubectl label svc nginx version=1 service/nginx labeled root@ubuntu-200470-1:~/oct19# kubectl get svc nginx --show-labels NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE LABELS nginx ClusterIP None <none> 80/TCP 6h15m app=nginxlabelstest,version=1 root@ubuntu-200470-1:~/oct19# kubectl label svc nginx version- service/nginx unlabeled root@ubuntu-200470-1:~/oct19# kubectl get svc nginx --show-labels NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE LABELS nginx ClusterIP None <none> 80/TCP 6h16m app=nginxlabelstest root@ubuntu-200470-1:~/oct19#
k8s 配置管理
configmap
ConfigMap 存储 Nginx 配置文件
#创建并查看ConfigMap cat my-nginx.yaml apiVersion: apps/v1 kind: Deployment metadata: name: my-nginx spec: replicas: 1 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.25.2-alpine imagePullPolicy: IfNotPresent ports: - containerPort: 80 #在k8s集群拉起一个nginx的pod并加载ConfigMap,通过默认8080去访问。 编写nginx的yaml文件,并加载ConfigMap root@ubuntu-200470-1:~/oct21# cat my-nginx-cm.yaml apiVersion: apps/v1 kind: Deployment metadata: name: my-nginx spec: replicas: 1 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.25.2-alpine imagePullPolicy: IfNotPresent ports: - containerPort: 80 volumeMounts: - name: config-volume mountPath: /etc/nginx/conf.d volumes: - name: config-volume configMap: name: nginx-conf root@ubuntu-200470-1:~/oct21# kubectl apply -f my-nginx-cm.yaml deployment.apps/my-nginx configured root@ubuntu-200470-1:~/oct21# kubectl get pod NAME READY STATUS RESTARTS AGE dapi-test-pod 0/1 Completed 0 30h env-valuefrom-64956864d6-sh7hb 0/1 CrashLoopBackOff 138 (3m48s ago) 30h laravel-deployment-5b44dcf689-lvkhp 1/1 Running 3 (95m ago) 3d9h my-nginx-7678bcdf4c-qbl6b 1/1 Running 0 15s mydep-759989964c-tdf5l 1/1 Running 3 (94m ago) 3d6h mypod 1/1 Running 1 (91m ago) 29h mypod2 1/1 Running 1 (95m ago) 29h mysql-deploy-7fdd46c697-4r842 0/1 CreateContainerConfigError 0 3d9h nginx-deployment-89857df9d-4m8kl 1/1 Running 2 (91m ago) 2d6h nginx-deployment-89857df9d-fcqm5 1/1 Running 2 (95m ago) 2d6h nginx-deployment-89857df9d-gwdql 1/1 Running 2 (94m ago) 2d6h nginx-deployment-89857df9d-kg595 1/1 Running 2 (95m ago) 2d6h nginx-deployment-89857df9d-nbqhm 1/1 Running 2 (90m ago) 2d6h secret-env-pod 0/1 Unknown 0 29h web-0 1/1 Running 2 (91m ago) 2d5h web-1 1/1 Running 2 (91m ago) 2d5h web-2 1/1 Running 2 (93m ago) 2d4h wordpress-deploy-5d6679b4c4-tcmpd 1/1 Running 3 (94m ago) 3d9h root@ubuntu-200470-1:~/oct21# kubectl get pod my-nginx-7678bcdf4c-qbl6b -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES my-nginx-7678bcdf4c-qbl6b 1/1 Running 0 32s 10.234.252.13 work2 <none> <none> root@ubuntu-200470-1:~/oct21# curl 10.234.252.13:8080 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> html { color-scheme: light dark; } body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> root@ubuntu-200470-1:~/oct21# kubectl exec -it my-nginx-7678bcdf4c-qbl6b -- cat /etc/nginx/conf.d/default.conf server { listen 8080; listen [::]:80; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; }
https://www.cnblogs.com/paul8339/p/15424586.html
controllers 控制器
控制器DaemonSet
控制器CronJob
Helm3
k8s-imagePullPolicy拉取策略
imagePullPolicy: Always 总是拉取 pull 以前好像是这个默认值 imagePullPolicy: IfNotPresent 默认值,本地有则使用本地镜像,不拉取 imagePullPolicy: Never 只使用本地镜像,从不拉取
k8s 进入pod shell
kubectl get pods #查看所有正在运行的pod NAME READY STATUS RESTARTS AGE nginx-56b8c64cb4-t97vb 1/1 Running 3 1d kubectl exec -it nginx-56b8c64cb4-t97vb -- /bin/bash #假如当前pod只有一个容器,运行以下命令即可 root@nginx-56b8c64cb4-t97vb:/# ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 14:45 ? 00:00:00 nginx: master process nginx -g daemon off; 假如一个pod里有多个容器,用--container or -c 参数。例如:假如这里有个Pod名为my-pod,这个Pod有两个容器,分别名为main-app 和 helper-app,下面的命令将打开到main-app的shell的容器里。 kubectl exec -it my-pod --container main-app -- /bin/bash
k8s删除pod
1、先删除pod2、再删除对应的deployment否则只是删除pod是不管用的,还会看到pod,因为deployment.yaml文件中定义了副本数量 实例如下: 删除pod [root@test2 ~]# kubectl get pod -n jenkins NAME READY STATUS RESTARTS AGE jenkins2-8698b5449c-grbdm 1/1 Running 0 8s [root@test2 ~]# kubectl delete pod jenkins2-8698b5449c-grbdm -n jenkins pod "jenkins2-8698b5449c-grbdm" deleted 查看pod仍然存储 [root@test2 ~]# kubectl get pod -n jenkins NAME READY STATUS RESTARTS AGE jenkins2-8698b5449c-dbqqb 1/1 Running 0 8s [root@test2 ~]# 删除deployment [root@test2 ~]# kubectl get deployment -n jenkins NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE jenkins2 1 1 1 1 17h [root@test2 ~]# kubectl delete deployment jenkins2 -n jenkins 再次查看pod消失 deployment.extensions "jenkins2" deleted [root@test2 ~]# kubectl get deployment -n jenkins No resources found. [root@test2 ~]# [root@test2 ~]# kubectl get pod -n jenkins No resources found.
[ k8s中正确删除一个pod k8s中正确删除一个pod ]
常见组件安装
安装Metrics server
hpa
coredns状态为ImagePullBackOff问题
kubectl get pods --all-namespaces kube-system coredns-7f6cbbb7b8-knhl8 0/1 ImagePullBackOff 0 24h kube-system coredns-7f6cbbb7b8-lt4k5 0/1 ImagePullBackOff 0 24h 解决办法: 确定pod所使用的镜像 kubectl get pods coredns-7f6cbbb7b8-knhl8 -n kube-system -o yaml | grep image image: registry.aliyuncs.com/google_containers/coredns:v1.8.4 imagePullPolicy: IfNotPresent - image: registry.aliyuncs.com/google_containers/coredns:v1.8.4 imageID: "" message: Back-off pulling image "registry.aliyuncs.com/google_containers/coredns:v1.8.4" root@k8s-master:~# docker pull registry.aliyuncs.com/google_containers/coredns:v1.8.4 Error response from daemon: manifest for registry.aliyuncs.com/google_containers/coredns:v1.8.4 not found: manifest unknown: manifest unknown 拉个latest 再别名 docker pull registry.aliyuncs.com/google_containers/coredns root@k8s-master:~# docker images | grep coredns registry.aliyuncs.com/google_containers/coredns latest 8d147537fb7d 3 months ago 47.6MB 强制 改一下 tag root@k8s-master:~# docker tag 8d147537fb7d registry.aliyuncs.com/google_containers/coredns:v1.8.4 root@k8s-master:~# kubectl get pods --all-namespaces | grep coredns kube-system coredns-7f6cbbb7b8-knhl8 1/1 Running 0 24h kube-system coredns-7f6cbbb7b8-lt4k5 1/1 Running 0 24h root@k8s-master:~# root@k8s-master:~# kubectl get all -n kube-system NAME READY STATUS RESTARTS AGE pod/coredns-7f6cbbb7b8-knhl8 0/1 ImagePullBackOff 0 24h pod/coredns-7f6cbbb7b8-lt4k5 0/1 ImagePullBackOff 0 24h docker pull registry.aliyuncs.com/google_containers/coredns
k8s解决coredns 的ImagePullBackOff 和ErrImagePull 问题
https://stackoverflow.com/questions/53559291/kubernetes-coredns-in-crashloopbackoff
Kubernetes CoreDNS 状态是 CrashLoopBackOff 解决思路
CrashLoopBackOff的解决方法
记录一次修复k8s pod长时间处于CrashLoopBackOff状态问题
k8s启动Pod遇到CrashLoopBackOff的解决方法
k8s常见问题
pod无故重启
OOM