在 Kubernetes 中所有操作的内容,我们都称为“资源对象”,是由 API Server 基于 HTTP/HTTPS 接收并响应客户端的操作请求,是一种 Restful 风格的接口,将各种组件及操作内容都抽象成为标准的 REST 资源,如 Namespace、Pod 等,其中操作内容以 JSON 或 yml 格式数据进行操作。
本文讲解的是 Kubernetes 中的最为重要的一节——资源清单,我们想要在 Kubernetes 中部署 Pod、Service 等资源对象,都需要通过资源清单的方式来部署,无论是通过命令 kubectl,还是可视化控制台,都是离不开资源清单的定义,本文重点讲述资源清单如何定义、如何创建及使用。
1、资源分类
根据资源的功能进行资源分类,Kubernetes 资源对象可分为:
一个应用通常需要多个资源的支撑,例如,使用 Deployment 资源管理应用实例(Pod)、使用 ConfigMap 资源保存应用配置、使用 Service 或 Ingress 资源暴露服务、使用 Volume 资源提供外部存储等。
2.资源清单
资源清单,等同于一个剧本,能够告诉我们每一步应该怎么去做,Kubernetes 接收到这么一个剧本,就能够按照这个剧本去执行,以达到我们的预期。
在 Kubernetes 中,一般都是通过定义资源清单的方式去创建资源。一般使用 yaml 格式的文件来创建符合我们预期期望的资源,这样的 yaml 文件我们称为资源清单。(也可以定义为 json 格式)
如,创建一个 Pod 资源:
apiVersion: v1kind: Podmetadata: name: vue-frontend namespace: test labels: app: vue-frontendspec: containers: - name: vue-frontend image: xcbeyond/vue-frontend:latest ports: - name: port containerPort: 80 hostPort: 8080
复制代码
接下来,以 Pod 资源定义为例展开对资源清单的详细说明。
2.1 资源清单定义
yaml 格式的 Pod 资源清单定义文件的完整内容如下:
apiVersion: v1kind: Pod # 资源类别metadata: # 资源元数据 name: string namespace: string labels: - name: string annotations: - name: stringspec: # 资源期望的状态 containers: # 容器列表 - name: string # 容器名称,下面的属性均属于对该容器的定义或约束 image: string imagePullPolicy: [Always|Never|IfNotPresent] command: [string] args: [string] workingDir: string volumeMounts: - name: string mountPath: string readOnly: boolean ports: - name: string containerPort: int hostPort: int protocol: string env: - name: string value: string resources: limits: cpu: string memory: string requests: cpu: string memory: string livenssProbe: exec: command: [string] httpGet: path: string port: number host: string scheme: string httpHeaders: - name: string value: string tcpSocket: port: number initialDelaySeconds: 0 timeoutSeconds: 0 periodSeconds: 0 successThreshold: 0 failureThreshold: 0……
复制代码
对各属性的详细说明如下表所示:
(必选属性,是必须存在的,否则创建失败。)
上述列举的是常用的属性,如果想查看全部属性,可以使用命令kubectl explain pod:
[xcbeyond@bogon ~]$ kubectl explain podKIND: PodVERSION: v1
DESCRIPTION: Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts.
FIELDS: apiVersion <string> APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind <string> Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata <Object> Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
spec <Object> Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
status <Object> Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
复制代码
查看属性说明,使用如下命令,如:查看 pod.spec.containers
[xcbeyond@bogon ~]$ kubectl explain pod.spec.containersKIND: PodVERSION: v1
RESOURCE: containers <[]Object>
DESCRIPTION: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.
A single application container that you want to run within a pod.
FIELDS: args <[]string> Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
command <[]string> Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell……
复制代码
2.2 示例
在命名空间 test 中,定义一个名为 frontend 的 Pod。
(1)定义命名空间
为了便于后期测试,特定义一个新的命名空间 test。(如果命名空间 test 已存在,则无需再建)
命名空间 test 的资源清单文件 test-namespace.yaml 如下:
apiVersion: v1kind: Namespacemetadata: name: test
复制代码
执行kubectl create命令创建该 Namespace:
[xcbeyond@bogon ~]$ kubectl create -f test-namespace.yaml namespace/test created
复制代码
(2)定义 Pod
定义一个名为 frontend 的 Pod,由一个容器组成,资源清单文件 frontend-pod.yaml 如下:
apiVersion: v1kind: Podmetadata: name: frontend namespace: test labels: app: frontendspec: containers: - name: frontend image: xcbeyond/vue-frontend:latest ports: - name: port containerPort: 80 hostPort: 8080
复制代码
执行kubectl create命令创建该 Pod:
[xcbeyond@bogon ~]$ kubectl create -f frontend-pod.yaml pod/frontend created
复制代码
通过命令kubectl get pods -n <Namespace>查看,创建 Pod 的状态:
[xcbeyond@bogon ~]$ kubectl get pods -n testNAME READY STATUS RESTARTS AGEfrontend 1/1 Runing 0 79s
复制代码
评论