Kubernetes 是Google开源的容器集群管理系统,基于Docker构建一个容器的调度服务,提供资源调度、均衡容灾、服务注册、动态扩缩容等功能套件,目前最新版本为1.0.6;
下面是一张简单的架构图
几个重要概念:
Pod : 在Kubernetes系统中,调度的最小颗粒不是单纯的容器,而是抽象成一个Pod,Pod是一个可以被创建、销毁、调度、管理的最小的部署单元。比如一个或一组容器。
Service :Services是真实应用服务的抽象,每一个服务后面都有很多对应的容器来支持,通过Proxy的port和服务selector决定服务请求传递给后端提供服务的容器,对外表现为一个单一访问接口,外部不需要了解后端如何运行,这给扩展或维护后端带来很大的好处。使用nat作为端口转发;
Replication Controllers:Replication Controller确保任何时候Kubernetes集群中有指定数量的pod副本(replicas)在运行, 如果少于指定数量的pod副本(replicas),Replication Controller会启动新的Container,反之会杀死多余的以保证数量不变。
Labels:Labels是用于区分Pod、Service、Replication Controller的key/value键值对,Pod、Service、 Replication Controller可以有多个label,但是每个label的key只能对应一个value。Labels是Service和Replication Controller运行的基础,他们正是通过labels来选择正确的容器。
Cluster : Cluster是安装在物理机或者是虚拟机上用来运行应用的应用的组件;
Node : 运行了Kubernetes的Cluster机器被成为节点;
vim /etc/yum.repos.d/virt7-testing.repo [virt7-testing] name=virt7-testing baseurl=http://cbs.centos.org/repos/virt7-testing/x86_64/os/ gpgcheck=0 #注意;这里etcd使用的是yum中的版本;版本号为2.1.1; @使用最新版本时测试不通过; yum -y install etcd kubernetes #修改如下文件 cat vim /etc/kubernetes/config [root@h0022062 bin]# cat /etc/kubernetes/config ### # kubernetes system config # # The following values are used to configure various aspects of all # kubernetes services, including # # kube-apiserver.service # kube-controller-manager.service # kube-scheduler.service # kubelet.service # kube-proxy.service # logging to stderr means we get it in the systemd journal KUBE_LOGTOSTDERR="--logtostderr=true" # journal message level, 0 is debug KUBE_LOG_LEVEL="--v=0" # Should this cluster be allowed to run privileged docker containers KUBE_ALLOW_PRIV="--allow_privileged=false" # How the controller-manager, scheduler, and proxy find the apiserver #KUBE_MASTER="--master=http://127.0.0.1:8080" KUBE_ETCD_SERVERS="--etcd_servers=http://locate:2379" [root@h0022062 bin]# cat /etc/kubernetes/apiserver ### # kubernetes system config # # The following values are used to configure the kube-apiserver # # The address on the local server to listen to. KUBE_API_ADDRESS="--address=0.0.0.0" # The port on the local server to listen on. KUBE_API_PORT="--port=8080" # Port minions listen on KUBELET_PORT="--kubelet_port=10250" # How the replication controller and scheduler find the kube-apiserver KUBE_MASTER="--master=http://centos-master:8080" # Comma separated list of nodes in the etcd cluster KUBE_ETCD_SERVERS="--etcd_servers=http://localhost:2379" # Address range to use for services KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16" # default admission control policies #KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota" # Add your own! KUBE_API_ARGS="" #启动服务; service etcd start service kube-apiserver start service kube-controller-manager start service kube-scheduler start
#修改配置文件 [root@h0022062 server]# cat /etc/kubernetes/kubelet ### # kubernetes kubelet (minion) config # The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) KUBELET_ADDRESS="--address=127.0.0.1" # The port for the info server to serve on KUBELET_PORT="--port=10250" # You may leave this blank to use the actual hostname KUBELET_HOSTNAME="--hostname_override=127.0.0.1" # location of the api-server KUBELET_API_SERVER="--api_servers=http://127.0.0.1:8080" # Add your own! KUBELET_ARGS="" #启动各个节点; service kube-proxy start service kubelet start service docker start
在Kubernetes启动pod的时候;会尝试下载一些镜像;由于网络问题;这些镜像一般下载不了; 需要事先下载好;以便测试;
docker pull gcr.io/google_containers/pause docker pull gcr.io/google_containers/pause:0.8.0 docker tag gcr.io/google_containers/pause docker.io/kubernetes/pause
#创建pod; [root@h0022062 server]# kubectl run my-nginx --image=127.0.0.1:5010/centos-nginx --replicas=2 --port=80 CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS my-nginx my-nginx 127.0.0.1:5010/centos-nginx run=my-nginx 2 [root@h0022062 server]# [root@h0022062 server]# #查看已经存在的pod [root@h0022062 server]# kubectl get pods NAME READY STATUS RESTARTS AGE my-nginx-bnmhj 1/1 Running 0 11s my-nginx-lqkny 1/1 Running 0 11s #查看replicationcontroller [root@h0022062 bin]# kubectl get replicationcontroller CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS my-nginx my-nginx nginx run=my-nginx 2 #停止pods [root@h0022062 server]# kubectl stop replicationcontroller my-nginx replicationcontrollers/my-nginx #确认是否停止成功 [root@h0022062 server]# kubectl get pods NAME READY STATUS RESTARTS AGE
[root@h0022062 server]# kubectl get pods
NAME READY STATUS RESTARTS AGE
[root@h0022062 server]# kubectl get services
NAME LABELS SELECTOR IP(S) PORT(S)
kubernetes component=apiserver,provider=kubernetes <none> 192.168.0.1 443/TCP
[root@h0022062 server]# cat pod.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: mynginx
labels:
name: mynginx
spec:
replicas: 2
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: mynginx
image: 127.0.0.1:5010/centos-nginx
ports:
- containerPort: 80
[root@h0022062 server]# kubectl create -f pod.yaml
replicationcontrollers/mynginx
[root@h0022062 server]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mynginx-3sz2i 1/1 Running 0 1m
mynginx-m821h 1/1 Running 0 1m
#添加服务
[root@h0022062 server]# cat service.json
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "my-service"
},
"spec": {
"selector": {
"app": "nginx"
},
"ports": [
{
"protocol": "TCP",
"port": 80,
"targetPort": 80
}
]
}
}
#启动服务
[root@h0022062 server]# kubectl create -f service.json
#iptables查看nat的映射表
[root@h0022062 server]# iptables -nvL -t nat
7 420 DNAT tcp -- * * 0.0.0.0/0 10.254.79.222 /* default/my-service: */ tcp dpt:80 to:192.168.77.114:13412
#访问测试;
# [root@h0022062 server]# kubectl stop -f pod.yaml pods/mynginx #有一个pending;可以使用describe命令查看详情 [root@h0022062 server]# kubectl describe pods/mynginx-3sz2i
作用:通过文件创建资源(pod、Replication Controllers、Service)等;支持YAML和JSON格式; 示例:
kubectl create -f ./pod.json
作用:列出资源列表; 示例:
// 显示所有的pods $ kubectl get pods //显示replicationcontroller $ kubectl get replicationcontroller $ kubectl get rc //显示service $ kubectl get service //显示所有节点 $ kubectl get node // 显示pod web-pod-13je7 的json $ kubectl get -o json pod web-pod-13je7 // List one or more resources by their type and names. $ kubectl get rc/web service/frontend pods/web-pod-13je7
作用:删除资源;可以使用文件或者是标签来标记删除的资源; 示例:
// Delete a pod using the type and name specified in pod.json. $ kubectl delete -f ./pod.json // Delete pods and services with label name=myLabel. $ kubectl delete pods,services -l name=myLabel // Delete all pods $ kubectl delete pods --all
作用:显示资源的详情;可以用于显示pending状态
示例:
// 显示nodes名称为kubernetes-minion-emt8.c.myproject.internal的详情 $ kubectl describe nodes kubernetes-minion-emt8.c.myproject.internal //显示pods名称为nginx的详情 $ kubectl describe pods/nginx // 显示标签为 name=myLabel 的pods $ kubectl describe po -l name=myLabel
作用:显示pod内容器的日志;
示例:
#如果是pod内只有一个容器;容器名称可选 kubectl logs mynginx-24aw5 kubectl logs mynginx-24aw5 mynginx
作用:停止一个资源;
示例:
// Shut down foo. $ kubectl stop replicationcontroller foo // Stop pods and services with label name=myLabel. $ kubectl stop pods,services -l name=myLabel // Shut down the service defined in service.json $ kubectl stop -f service.json // Shut down all resources in the path/to/resources directory $ kubectl stop -f path/to/resources
本文出自 “11876896” 博客,请务必保留此出处http://11886896.blog.51cto.com/11876896/1909212
原文地址:http://11886896.blog.51cto.com/11876896/1909212
