“K8s基础”的版本间的差异
跳到导航
跳到搜索
| (未显示同一用户的24个中间版本) | |||
| 第1行: | 第1行: | ||
=base= | =base= | ||
| + | [[K8s应用#2022]] | ||
| + | [[Rancher基础]] | ||
#使用glusterfs做存储,不懂glusterfs的请参考其他文章 | #使用glusterfs做存储,不懂glusterfs的请参考其他文章 | ||
| + | |||
| + | ==命名空间 == | ||
| + | |||
| + | |||
| + | [https://www.jianshu.com/p/66a963a646f7 k8s实战示例1:创建命名空间和简单pod] | ||
| + | |||
| + | == 容器== | ||
| + | |||
| + | === 临时容器=== | ||
| + | <pre> | ||
| + | |||
| + | root@ubuntu-200430-1:~# kubectl create deployment nginx-deployment --image=nginx:1.25.2-alpine | ||
| + | deployment.apps/nginx-deployment created | ||
| + | root@ubuntu-200430-1:~# kubectl get deploy | ||
| + | NAME READY UP-TO-DATE AVAILABLE AGE | ||
| + | nginx-deployment 0/1 1 0 11s | ||
| + | |||
| + | root@ubuntu-200430-1:~# kubectl get pod | ||
| + | NAME READY STATUS RESTARTS AGE | ||
| + | nginx-deployment-574699d69d-ggwl5 1/1 Running 0 3m55s | ||
| + | root@ubuntu-200430-1:~# kubectl debug -it pods/nginx-deployment-574699d69d-ggwl5 --image=busybox | ||
| + | Defaulting debug container name to debugger-5nbhj. | ||
| + | |||
| + | / # ping linuxsa.org | ||
| + | PING linuxsa.org (104.21.72.8): 56 data bytes | ||
| + | 64 bytes from 104.21.72.8: seq=1 ttl=51 time=322.350 ms | ||
| + | |||
| + | root@ubuntu-200430-1:~# kubectl describe pods nginx-deployment-574699d69d-ggwl5 | ||
| + | Name: nginx-deployment-574699d69d-ggwl5 | ||
| + | Namespace: cicd | ||
| + | Priority: 0 | ||
| + | |||
| + | |||
| + | Ephemeral Containers: | ||
| + | debugger-5nbhj: | ||
| + | Container ID: containerd://1996b57d36c4a8a8c632e9a5e37dc732231abae65e47dbc95d1fac400399c253 | ||
| + | Image: busybox | ||
| + | Image ID: docker.io/library/busybox@sha256:3fbc632167424a6d997e74f52b878d7cc478225cffac6bc977eedfe51c7f4e79 | ||
| + | Port: <none> | ||
| + | Host Port: <none> | ||
| + | State: Terminated | ||
| + | Reason: Error | ||
| + | |||
| + | |||
| + | 与临时容器共享进程命名空间 | ||
| + | |||
| + | 进程命名空间共享一直是一个很好的故障排查选项,此功能可用于临时容器。进程命名空间共享不能应用于现有容器,因此必须创建目标容器的副本。 –share-processesflag 在与 –copy-to 一起使用时,可实现进程命名空间共享。这些标志将现有的 Pod spec定义复制到新定义中,并在spec中启用了进程命名空间共享。 | ||
| + | |||
| + | $ kubectl debug -it <POD_NAME> --image=busybox --share-processes --copy-to=debug-pod | ||
| + | |||
| + | 运行 ps 命令以查看正在运行的进程。 正如您所期望的那样,您可以从 busybox 容器中看到 /pause,从 nginx-deployment 容器中看到 nginx 进程。 | ||
| + | / # ps aux | ||
| + | PID USER TIME COMMAND | ||
| + | 1 65535 0:00 /pause | ||
| + | 7 root 0:00 nginx: master process nginx -g daemon off; | ||
| + | 35 101 0:00 nginx: worker process | ||
| + | 36 101 0:00 nginx: worker process | ||
| + | 37 101 0:00 nginx: worker process | ||
| + | 38 101 0:00 nginx: worker process | ||
| + | 39 root 0:00 sh | ||
| + | 46 root 0:00 ps aux | ||
| + | |||
| + | </pre> | ||
| + | [https://lixianwa.github.io/posts/%E5%A6%82%E4%BD%95%E4%BD%BF%E7%94%A8kubernetes%E4%B8%B4%E6%97%B6%E5%AE%B9%E5%99%A8%E8%BF%9B%E8%A1%8C%E6%95%85%E9%9A%9C%E6%8E%92%E6%9F%A5/ 如何使用Kubernetes临时容器进行故障排查] | ||
| + | |||
| + | == label== | ||
| + | === 给节点打标签label=== | ||
| + | <pre> | ||
| + | root@ubuntu-200470-1:~/pod# kubectl get node | ||
| + | NAME STATUS ROLES AGE VERSION | ||
| + | master Ready control-plane 22d v1.24.10 | ||
| + | work1 Ready <none> 22d v1.24.10 | ||
| + | work2 Ready <none> 22d v1.24.10 | ||
| + | |||
| + | #给节点1 work1打上 nodename=node01 | ||
| + | root@ubuntu-200470-1:~/pod# kubectl label nodes work1 nodename=node01 | ||
| + | node/work1 labeled | ||
| + | |||
| + | #查看效果 | ||
| + | root@ubuntu-200470-1:~/pod# kubectl get node --show-labels=true | ||
| + | NAME STATUS ROLES AGE VERSION LABELS | ||
| + | master Ready control-plane 22d v1.24.10 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=master,kubernetes.io/os=linux,node-role.kubernetes.io/control-plane=,node.kubernetes.io/exclude-from-external-load-balancers= | ||
| + | work1 Ready <none> 22d v1.24.10 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=work1,kubernetes.io/os=linux,nodename=node01 | ||
| + | work2 Ready <none> 22d v1.24.10 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=work2,kubernetes.io/os=linux | ||
| + | |||
| + | |||
| + | #使用 例如在dp | ||
| + | apiVersion: apps/v1 | ||
| + | kind: Deployment | ||
| + | metadata: | ||
| + | name: dep-nginx-sel-node | ||
| + | |||
| + | spec: | ||
| + | replicas: 1 | ||
| + | selector: | ||
| + | matchLabels: | ||
| + | app: nginx | ||
| + | |||
| + | template: | ||
| + | metadata: | ||
| + | labels: | ||
| + | app: nginx | ||
| + | ver: beta | ||
| + | spec: | ||
| + | containers: | ||
| + | - name: nginx | ||
| + | image: nginx:1.25.2-alpine | ||
| + | imagePullPolicy: IfNotPresent | ||
| + | nodeSelector: | ||
| + | nodename: node01 | ||
| + | |||
| + | |||
| + | </pre> | ||
| + | === label svc=== | ||
| + | <pre> | ||
| + | oot@ubuntu-200470-1:~/oct19# kubectl get svc nginx --show-labels | ||
| + | NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE LABELS | ||
| + | nginx ClusterIP None <none> 80/TCP 6h15m app=nginxlabelstest | ||
| + | root@ubuntu-200470-1:~/oct19# kubectl label svc nginx version=1 | ||
| + | service/nginx labeled | ||
| + | root@ubuntu-200470-1:~/oct19# kubectl get svc nginx --show-labels | ||
| + | NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE LABELS | ||
| + | nginx ClusterIP None <none> 80/TCP 6h15m app=nginxlabelstest,version=1 | ||
| + | root@ubuntu-200470-1:~/oct19# kubectl label svc nginx version- | ||
| + | service/nginx unlabeled | ||
| + | root@ubuntu-200470-1:~/oct19# kubectl get svc nginx --show-labels | ||
| + | NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE LABELS | ||
| + | nginx ClusterIP None <none> 80/TCP 6h16m app=nginxlabelstest | ||
| + | root@ubuntu-200470-1:~/oct19# | ||
| + | |||
| + | </pre> | ||
| + | |||
| + | |||
| + | ==k8s 配置管理 == | ||
| + | ===configmap === | ||
| + | |||
| + | ====ConfigMap 存储 Nginx 配置文件 ==== | ||
| + | |||
| + | <pre> | ||
| + | #创建并查看ConfigMap | ||
| + | cat my-nginx.yaml | ||
| + | apiVersion: apps/v1 | ||
| + | kind: Deployment | ||
| + | metadata: | ||
| + | name: my-nginx | ||
| + | spec: | ||
| + | replicas: 1 | ||
| + | selector: | ||
| + | matchLabels: | ||
| + | app: nginx | ||
| + | template: | ||
| + | metadata: | ||
| + | labels: | ||
| + | app: nginx | ||
| + | spec: | ||
| + | containers: | ||
| + | - name: nginx | ||
| + | image: nginx:1.25.2-alpine | ||
| + | imagePullPolicy: IfNotPresent | ||
| + | ports: | ||
| + | - containerPort: 80 | ||
| + | |||
| + | |||
| + | #在k8s集群拉起一个nginx的pod并加载ConfigMap,通过默认8080去访问。 | ||
| + | |||
| + | 编写nginx的yaml文件,并加载ConfigMap | ||
| + | root@ubuntu-200470-1:~/oct21# cat my-nginx-cm.yaml | ||
| + | apiVersion: apps/v1 | ||
| + | kind: Deployment | ||
| + | metadata: | ||
| + | name: my-nginx | ||
| + | spec: | ||
| + | replicas: 1 | ||
| + | selector: | ||
| + | matchLabels: | ||
| + | app: nginx | ||
| + | template: | ||
| + | metadata: | ||
| + | labels: | ||
| + | app: nginx | ||
| + | spec: | ||
| + | containers: | ||
| + | - name: nginx | ||
| + | image: nginx:1.25.2-alpine | ||
| + | imagePullPolicy: IfNotPresent | ||
| + | ports: | ||
| + | - containerPort: 80 | ||
| + | volumeMounts: | ||
| + | - name: config-volume | ||
| + | mountPath: /etc/nginx/conf.d | ||
| + | volumes: | ||
| + | - name: config-volume | ||
| + | configMap: | ||
| + | name: nginx-conf | ||
| + | root@ubuntu-200470-1:~/oct21# kubectl apply -f my-nginx-cm.yaml | ||
| + | deployment.apps/my-nginx configured | ||
| + | root@ubuntu-200470-1:~/oct21# kubectl get pod | ||
| + | NAME READY STATUS RESTARTS AGE | ||
| + | dapi-test-pod 0/1 Completed 0 30h | ||
| + | env-valuefrom-64956864d6-sh7hb 0/1 CrashLoopBackOff 138 (3m48s ago) 30h | ||
| + | laravel-deployment-5b44dcf689-lvkhp 1/1 Running 3 (95m ago) 3d9h | ||
| + | my-nginx-7678bcdf4c-qbl6b 1/1 Running 0 15s | ||
| + | mydep-759989964c-tdf5l 1/1 Running 3 (94m ago) 3d6h | ||
| + | mypod 1/1 Running 1 (91m ago) 29h | ||
| + | mypod2 1/1 Running 1 (95m ago) 29h | ||
| + | mysql-deploy-7fdd46c697-4r842 0/1 CreateContainerConfigError 0 3d9h | ||
| + | nginx-deployment-89857df9d-4m8kl 1/1 Running 2 (91m ago) 2d6h | ||
| + | nginx-deployment-89857df9d-fcqm5 1/1 Running 2 (95m ago) 2d6h | ||
| + | nginx-deployment-89857df9d-gwdql 1/1 Running 2 (94m ago) 2d6h | ||
| + | nginx-deployment-89857df9d-kg595 1/1 Running 2 (95m ago) 2d6h | ||
| + | nginx-deployment-89857df9d-nbqhm 1/1 Running 2 (90m ago) 2d6h | ||
| + | secret-env-pod 0/1 Unknown 0 29h | ||
| + | web-0 1/1 Running 2 (91m ago) 2d5h | ||
| + | web-1 1/1 Running 2 (91m ago) 2d5h | ||
| + | web-2 1/1 Running 2 (93m ago) 2d4h | ||
| + | wordpress-deploy-5d6679b4c4-tcmpd 1/1 Running 3 (94m ago) 3d9h | ||
| + | root@ubuntu-200470-1:~/oct21# kubectl get pod my-nginx-7678bcdf4c-qbl6b -o wide | ||
| + | NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES | ||
| + | my-nginx-7678bcdf4c-qbl6b 1/1 Running 0 32s 10.234.252.13 work2 <none> <none> | ||
| + | root@ubuntu-200470-1:~/oct21# curl 10.234.252.13:8080 | ||
| + | <!DOCTYPE html> | ||
| + | <html> | ||
| + | <head> | ||
| + | <title>Welcome to nginx!</title> | ||
| + | <style> | ||
| + | html { color-scheme: light dark; } | ||
| + | body { width: 35em; margin: 0 auto; | ||
| + | font-family: Tahoma, Verdana, Arial, sans-serif; } | ||
| + | </style> | ||
| + | </head> | ||
| + | <body> | ||
| + | <h1>Welcome to nginx!</h1> | ||
| + | <p>If you see this page, the nginx web server is successfully installed and | ||
| + | working. Further configuration is required.</p> | ||
| + | |||
| + | <p>For online documentation and support please refer to | ||
| + | <a href="http://nginx.org/">nginx.org</a>.<br/> | ||
| + | Commercial support is available at | ||
| + | <a href="http://nginx.com/">nginx.com</a>.</p> | ||
| + | |||
| + | <p><em>Thank you for using nginx.</em></p> | ||
| + | </body> | ||
| + | </html> | ||
| + | root@ubuntu-200470-1:~/oct21# kubectl exec -it my-nginx-7678bcdf4c-qbl6b -- cat /etc/nginx/conf.d/default.conf | ||
| + | server { | ||
| + | listen 8080; | ||
| + | listen [::]:80; | ||
| + | server_name localhost; | ||
| + | |||
| + | location / { | ||
| + | root /usr/share/nginx/html; | ||
| + | index index.html index.htm; | ||
| + | } | ||
| + | |||
| + | error_page 500 502 503 504 /50x.html; | ||
| + | location = /50x.html { | ||
| + | root /usr/share/nginx/html; | ||
| + | } | ||
| + | |||
| + | |||
| + | |||
| + | </pre> | ||
| + | https://www.cnblogs.com/paul8339/p/15424586.html | ||
| + | |||
| + | == controllers 控制器== | ||
| + | |||
| + | ===[[控制器DaemonSet]]=== | ||
| + | |||
| + | ===[[控制器CronJob]]=== | ||
| + | |||
| + | =[[Helm3]]= | ||
=k8s-imagePullPolicy拉取策略= | =k8s-imagePullPolicy拉取策略= | ||
| 第8行: | 第281行: | ||
imagePullPolicy: IfNotPresent 默认值,本地有则使用本地镜像,不拉取 | imagePullPolicy: IfNotPresent 默认值,本地有则使用本地镜像,不拉取 | ||
imagePullPolicy: Never 只使用本地镜像,从不拉取 | imagePullPolicy: Never 只使用本地镜像,从不拉取 | ||
| + | |||
| + | |||
| + | =k8s 进入pod shell= | ||
| + | |||
| + | <pre> | ||
| + | |||
| + | kubectl get pods #查看所有正在运行的pod | ||
| + | |||
| + | NAME READY STATUS RESTARTS AGE | ||
| + | |||
| + | nginx-56b8c64cb4-t97vb 1/1 Running 3 1d | ||
| + | |||
| + | kubectl exec -it nginx-56b8c64cb4-t97vb -- /bin/bash #假如当前pod只有一个容器,运行以下命令即可 | ||
| + | |||
| + | root@nginx-56b8c64cb4-t97vb:/# ps -ef | ||
| + | |||
| + | UID PID PPID C STIME TTY TIME CMD | ||
| + | |||
| + | root 1 0 0 14:45 ? 00:00:00 nginx: master process nginx -g daemon off; | ||
| + | |||
| + | 假如一个pod里有多个容器,用--container or -c 参数。例如:假如这里有个Pod名为my-pod,这个Pod有两个容器,分别名为main-app 和 helper-app,下面的命令将打开到main-app的shell的容器里。 | ||
| + | |||
| + | kubectl exec -it my-pod --container main-app -- /bin/bash | ||
| + | |||
| + | </pre> | ||
| + | |||
| + | [https://www.cnblogs.com/to-here/p/13050760.html k8s不进入pod,直接通过shell在pod里执行命令 ] | ||
| + | |||
| + | [https://blog.51cto.com/u_12708233/2375897 k8s使用shell进入容器被拒绝连接] | ||
= k8s删除pod = | = k8s删除pod = | ||
| 第49行: | 第351行: | ||
[ k8s中正确删除一个pod k8s中正确删除一个pod ] | [ k8s中正确删除一个pod k8s中正确删除一个pod ] | ||
| + | =常见组件安装= | ||
| + | == [[安装Metrics server]]== | ||
| + | |||
| + | =[[hpa]]= | ||
| + | |||
| + | |||
| + | =coredns状态为ImagePullBackOff问题= | ||
| + | <pre> | ||
| + | |||
| + | kubectl get pods --all-namespaces | ||
| + | |||
| + | kube-system coredns-7f6cbbb7b8-knhl8 0/1 ImagePullBackOff 0 24h | ||
| + | kube-system coredns-7f6cbbb7b8-lt4k5 0/1 ImagePullBackOff 0 24h | ||
| + | |||
| + | |||
| + | 解决办法: | ||
| + | |||
| + | 确定pod所使用的镜像 | ||
| + | |||
| + | kubectl get pods coredns-7f6cbbb7b8-knhl8 -n kube-system -o yaml | grep image | ||
| + | |||
| + | |||
| + | |||
| + | image: registry.aliyuncs.com/google_containers/coredns:v1.8.4 | ||
| + | imagePullPolicy: IfNotPresent | ||
| + | - image: registry.aliyuncs.com/google_containers/coredns:v1.8.4 | ||
| + | imageID: "" | ||
| + | message: Back-off pulling image "registry.aliyuncs.com/google_containers/coredns:v1.8.4" | ||
| + | |||
| + | root@k8s-master:~# docker pull registry.aliyuncs.com/google_containers/coredns:v1.8.4 | ||
| + | Error response from daemon: manifest for registry.aliyuncs.com/google_containers/coredns:v1.8.4 not found: manifest unknown: manifest unknown | ||
| + | |||
| + | 拉个latest 再别名 | ||
| + | docker pull registry.aliyuncs.com/google_containers/coredns | ||
| + | |||
| + | root@k8s-master:~# docker images | grep coredns | ||
| + | registry.aliyuncs.com/google_containers/coredns latest 8d147537fb7d 3 months ago 47.6MB | ||
| + | |||
| + | 强制 改一下 tag | ||
| + | root@k8s-master:~# docker tag 8d147537fb7d registry.aliyuncs.com/google_containers/coredns:v1.8.4 | ||
| + | |||
| + | root@k8s-master:~# kubectl get pods --all-namespaces | grep coredns | ||
| + | kube-system coredns-7f6cbbb7b8-knhl8 1/1 Running 0 24h | ||
| + | kube-system coredns-7f6cbbb7b8-lt4k5 1/1 Running 0 24h | ||
| + | root@k8s-master:~# | ||
| + | |||
| + | |||
| + | root@k8s-master:~# kubectl get all -n kube-system | ||
| + | NAME READY STATUS RESTARTS AGE | ||
| + | pod/coredns-7f6cbbb7b8-knhl8 0/1 ImagePullBackOff 0 24h | ||
| + | pod/coredns-7f6cbbb7b8-lt4k5 0/1 ImagePullBackOff 0 24h | ||
| + | |||
| + | docker pull registry.aliyuncs.com/google_containers/coredns | ||
| + | |||
| + | </pre> | ||
| + | |||
| + | [https://blog.csdn.net/weifangwei100/article/details/118940876 coredns状态为ImagePullBackOff问题] | ||
| + | |||
| + | [https://blog.csdn.net/hbuxiaofei/article/details/117632562 k8s解决coredns 的ImagePullBackOff 和ErrImagePull 问题] | ||
| + | |||
| + | https://stackoverflow.com/questions/53559291/kubernetes-coredns-in-crashloopbackoff | ||
| + | |||
| + | [https://blog.csdn.net/qq_24046745/article/details/93988920 Kubernetes CoreDNS 状态是 CrashLoopBackOff 解决思路] | ||
=CrashLoopBackOff的解决方法= | =CrashLoopBackOff的解决方法= | ||
| 第56行: | 第421行: | ||
[https://www.jianshu.com/p/bcc05427990d k8s启动Pod遇到CrashLoopBackOff的解决方法] | [https://www.jianshu.com/p/bcc05427990d k8s启动Pod遇到CrashLoopBackOff的解决方法] | ||
| + | =k8s常见问题= | ||
| + | |||
| + | ==pod无故重启 == | ||
| + | OOM | ||
| + | |||
| + | [https://segmentfault.com/a/1190000039984292 运维攻坚之kubernetes pod无故重启问题排查] | ||
| + | |||
| + | [https://www.cnblogs.com/chopper-poet/p/15328054.html 记一次k8s pod频繁重启的优化之旅] | ||
| + | |||
| + | [https://blog.csdn.net/hongxiaolu/article/details/113711718 POD 中容器异常重启原因定位] | ||
=see also= | =see also= | ||
| + | [[在Kubernetes上运行应用程序]] | ||
| + | |||
| + | =references= | ||
[https://it.baiked.com/kubernetes/2833.html 几款k8s快速部署的开源项目对比] | [https://it.baiked.com/kubernetes/2833.html 几款k8s快速部署的开源项目对比] | ||
2023年11月2日 (四) 13:36的最新版本
目录
base
#使用glusterfs做存储,不懂glusterfs的请参考其他文章
命名空间
容器
临时容器
root@ubuntu-200430-1:~# kubectl create deployment nginx-deployment --image=nginx:1.25.2-alpine
deployment.apps/nginx-deployment created
root@ubuntu-200430-1:~# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 0/1 1 0 11s
root@ubuntu-200430-1:~# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-deployment-574699d69d-ggwl5 1/1 Running 0 3m55s
root@ubuntu-200430-1:~# kubectl debug -it pods/nginx-deployment-574699d69d-ggwl5 --image=busybox
Defaulting debug container name to debugger-5nbhj.
/ # ping linuxsa.org
PING linuxsa.org (104.21.72.8): 56 data bytes
64 bytes from 104.21.72.8: seq=1 ttl=51 time=322.350 ms
root@ubuntu-200430-1:~# kubectl describe pods nginx-deployment-574699d69d-ggwl5
Name: nginx-deployment-574699d69d-ggwl5
Namespace: cicd
Priority: 0
Ephemeral Containers:
debugger-5nbhj:
Container ID: containerd://1996b57d36c4a8a8c632e9a5e37dc732231abae65e47dbc95d1fac400399c253
Image: busybox
Image ID: docker.io/library/busybox@sha256:3fbc632167424a6d997e74f52b878d7cc478225cffac6bc977eedfe51c7f4e79
Port: <none>
Host Port: <none>
State: Terminated
Reason: Error
与临时容器共享进程命名空间
进程命名空间共享一直是一个很好的故障排查选项,此功能可用于临时容器。进程命名空间共享不能应用于现有容器,因此必须创建目标容器的副本。 –share-processesflag 在与 –copy-to 一起使用时,可实现进程命名空间共享。这些标志将现有的 Pod spec定义复制到新定义中,并在spec中启用了进程命名空间共享。
$ kubectl debug -it <POD_NAME> --image=busybox --share-processes --copy-to=debug-pod
运行 ps 命令以查看正在运行的进程。 正如您所期望的那样,您可以从 busybox 容器中看到 /pause,从 nginx-deployment 容器中看到 nginx 进程。
/ # ps aux
PID USER TIME COMMAND
1 65535 0:00 /pause
7 root 0:00 nginx: master process nginx -g daemon off;
35 101 0:00 nginx: worker process
36 101 0:00 nginx: worker process
37 101 0:00 nginx: worker process
38 101 0:00 nginx: worker process
39 root 0:00 sh
46 root 0:00 ps aux
label
给节点打标签label
root@ubuntu-200470-1:~/pod# kubectl get node
NAME STATUS ROLES AGE VERSION
master Ready control-plane 22d v1.24.10
work1 Ready <none> 22d v1.24.10
work2 Ready <none> 22d v1.24.10
#给节点1 work1打上 nodename=node01
root@ubuntu-200470-1:~/pod# kubectl label nodes work1 nodename=node01
node/work1 labeled
#查看效果
root@ubuntu-200470-1:~/pod# kubectl get node --show-labels=true
NAME STATUS ROLES AGE VERSION LABELS
master Ready control-plane 22d v1.24.10 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=master,kubernetes.io/os=linux,node-role.kubernetes.io/control-plane=,node.kubernetes.io/exclude-from-external-load-balancers=
work1 Ready <none> 22d v1.24.10 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=work1,kubernetes.io/os=linux,nodename=node01
work2 Ready <none> 22d v1.24.10 beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=work2,kubernetes.io/os=linux
#使用 例如在dp
apiVersion: apps/v1
kind: Deployment
metadata:
name: dep-nginx-sel-node
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
ver: beta
spec:
containers:
- name: nginx
image: nginx:1.25.2-alpine
imagePullPolicy: IfNotPresent
nodeSelector:
nodename: node01
label svc
oot@ubuntu-200470-1:~/oct19# kubectl get svc nginx --show-labels NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE LABELS nginx ClusterIP None <none> 80/TCP 6h15m app=nginxlabelstest root@ubuntu-200470-1:~/oct19# kubectl label svc nginx version=1 service/nginx labeled root@ubuntu-200470-1:~/oct19# kubectl get svc nginx --show-labels NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE LABELS nginx ClusterIP None <none> 80/TCP 6h15m app=nginxlabelstest,version=1 root@ubuntu-200470-1:~/oct19# kubectl label svc nginx version- service/nginx unlabeled root@ubuntu-200470-1:~/oct19# kubectl get svc nginx --show-labels NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE LABELS nginx ClusterIP None <none> 80/TCP 6h16m app=nginxlabelstest root@ubuntu-200470-1:~/oct19#
k8s 配置管理
configmap
ConfigMap 存储 Nginx 配置文件
#创建并查看ConfigMap
cat my-nginx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.25.2-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
#在k8s集群拉起一个nginx的pod并加载ConfigMap,通过默认8080去访问。
编写nginx的yaml文件,并加载ConfigMap
root@ubuntu-200470-1:~/oct21# cat my-nginx-cm.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.25.2-alpine
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
volumeMounts:
- name: config-volume
mountPath: /etc/nginx/conf.d
volumes:
- name: config-volume
configMap:
name: nginx-conf
root@ubuntu-200470-1:~/oct21# kubectl apply -f my-nginx-cm.yaml
deployment.apps/my-nginx configured
root@ubuntu-200470-1:~/oct21# kubectl get pod
NAME READY STATUS RESTARTS AGE
dapi-test-pod 0/1 Completed 0 30h
env-valuefrom-64956864d6-sh7hb 0/1 CrashLoopBackOff 138 (3m48s ago) 30h
laravel-deployment-5b44dcf689-lvkhp 1/1 Running 3 (95m ago) 3d9h
my-nginx-7678bcdf4c-qbl6b 1/1 Running 0 15s
mydep-759989964c-tdf5l 1/1 Running 3 (94m ago) 3d6h
mypod 1/1 Running 1 (91m ago) 29h
mypod2 1/1 Running 1 (95m ago) 29h
mysql-deploy-7fdd46c697-4r842 0/1 CreateContainerConfigError 0 3d9h
nginx-deployment-89857df9d-4m8kl 1/1 Running 2 (91m ago) 2d6h
nginx-deployment-89857df9d-fcqm5 1/1 Running 2 (95m ago) 2d6h
nginx-deployment-89857df9d-gwdql 1/1 Running 2 (94m ago) 2d6h
nginx-deployment-89857df9d-kg595 1/1 Running 2 (95m ago) 2d6h
nginx-deployment-89857df9d-nbqhm 1/1 Running 2 (90m ago) 2d6h
secret-env-pod 0/1 Unknown 0 29h
web-0 1/1 Running 2 (91m ago) 2d5h
web-1 1/1 Running 2 (91m ago) 2d5h
web-2 1/1 Running 2 (93m ago) 2d4h
wordpress-deploy-5d6679b4c4-tcmpd 1/1 Running 3 (94m ago) 3d9h
root@ubuntu-200470-1:~/oct21# kubectl get pod my-nginx-7678bcdf4c-qbl6b -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
my-nginx-7678bcdf4c-qbl6b 1/1 Running 0 32s 10.234.252.13 work2 <none> <none>
root@ubuntu-200470-1:~/oct21# curl 10.234.252.13:8080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
root@ubuntu-200470-1:~/oct21# kubectl exec -it my-nginx-7678bcdf4c-qbl6b -- cat /etc/nginx/conf.d/default.conf
server {
listen 8080;
listen [::]:80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
https://www.cnblogs.com/paul8339/p/15424586.html
controllers 控制器
控制器DaemonSet
控制器CronJob
Helm3
k8s-imagePullPolicy拉取策略
imagePullPolicy: Always 总是拉取 pull 以前好像是这个默认值 imagePullPolicy: IfNotPresent 默认值,本地有则使用本地镜像,不拉取 imagePullPolicy: Never 只使用本地镜像,从不拉取
k8s 进入pod shell
kubectl get pods #查看所有正在运行的pod NAME READY STATUS RESTARTS AGE nginx-56b8c64cb4-t97vb 1/1 Running 3 1d kubectl exec -it nginx-56b8c64cb4-t97vb -- /bin/bash #假如当前pod只有一个容器,运行以下命令即可 root@nginx-56b8c64cb4-t97vb:/# ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 14:45 ? 00:00:00 nginx: master process nginx -g daemon off; 假如一个pod里有多个容器,用--container or -c 参数。例如:假如这里有个Pod名为my-pod,这个Pod有两个容器,分别名为main-app 和 helper-app,下面的命令将打开到main-app的shell的容器里。 kubectl exec -it my-pod --container main-app -- /bin/bash
k8s删除pod
1、先删除pod2、再删除对应的deployment否则只是删除pod是不管用的,还会看到pod,因为deployment.yaml文件中定义了副本数量 实例如下: 删除pod [root@test2 ~]# kubectl get pod -n jenkins NAME READY STATUS RESTARTS AGE jenkins2-8698b5449c-grbdm 1/1 Running 0 8s [root@test2 ~]# kubectl delete pod jenkins2-8698b5449c-grbdm -n jenkins pod "jenkins2-8698b5449c-grbdm" deleted 查看pod仍然存储 [root@test2 ~]# kubectl get pod -n jenkins NAME READY STATUS RESTARTS AGE jenkins2-8698b5449c-dbqqb 1/1 Running 0 8s [root@test2 ~]# 删除deployment [root@test2 ~]# kubectl get deployment -n jenkins NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE jenkins2 1 1 1 1 17h [root@test2 ~]# kubectl delete deployment jenkins2 -n jenkins 再次查看pod消失 deployment.extensions "jenkins2" deleted [root@test2 ~]# kubectl get deployment -n jenkins No resources found. [root@test2 ~]# [root@test2 ~]# kubectl get pod -n jenkins No resources found.
[ k8s中正确删除一个pod k8s中正确删除一个pod ]
常见组件安装
安装Metrics server
hpa
coredns状态为ImagePullBackOff问题
kubectl get pods --all-namespaces
kube-system coredns-7f6cbbb7b8-knhl8 0/1 ImagePullBackOff 0 24h
kube-system coredns-7f6cbbb7b8-lt4k5 0/1 ImagePullBackOff 0 24h
解决办法:
确定pod所使用的镜像
kubectl get pods coredns-7f6cbbb7b8-knhl8 -n kube-system -o yaml | grep image
image: registry.aliyuncs.com/google_containers/coredns:v1.8.4
imagePullPolicy: IfNotPresent
- image: registry.aliyuncs.com/google_containers/coredns:v1.8.4
imageID: ""
message: Back-off pulling image "registry.aliyuncs.com/google_containers/coredns:v1.8.4"
root@k8s-master:~# docker pull registry.aliyuncs.com/google_containers/coredns:v1.8.4
Error response from daemon: manifest for registry.aliyuncs.com/google_containers/coredns:v1.8.4 not found: manifest unknown: manifest unknown
拉个latest 再别名
docker pull registry.aliyuncs.com/google_containers/coredns
root@k8s-master:~# docker images | grep coredns
registry.aliyuncs.com/google_containers/coredns latest 8d147537fb7d 3 months ago 47.6MB
强制 改一下 tag
root@k8s-master:~# docker tag 8d147537fb7d registry.aliyuncs.com/google_containers/coredns:v1.8.4
root@k8s-master:~# kubectl get pods --all-namespaces | grep coredns
kube-system coredns-7f6cbbb7b8-knhl8 1/1 Running 0 24h
kube-system coredns-7f6cbbb7b8-lt4k5 1/1 Running 0 24h
root@k8s-master:~#
root@k8s-master:~# kubectl get all -n kube-system
NAME READY STATUS RESTARTS AGE
pod/coredns-7f6cbbb7b8-knhl8 0/1 ImagePullBackOff 0 24h
pod/coredns-7f6cbbb7b8-lt4k5 0/1 ImagePullBackOff 0 24h
docker pull registry.aliyuncs.com/google_containers/coredns
k8s解决coredns 的ImagePullBackOff 和ErrImagePull 问题
https://stackoverflow.com/questions/53559291/kubernetes-coredns-in-crashloopbackoff
Kubernetes CoreDNS 状态是 CrashLoopBackOff 解决思路
CrashLoopBackOff的解决方法
记录一次修复k8s pod长时间处于CrashLoopBackOff状态问题
k8s启动Pod遇到CrashLoopBackOff的解决方法
k8s常见问题
pod无故重启
OOM
