k8s3部署
在工作中如何查看pod被谁控制呢,
root@ubuntu0:~# kubectl describe pod oldboyedu-rc-xiuxian-cd9mj |grep 'Controlled By'
Controlled By: ReplicationController/oldboyedu-rc-xiuxianemptyDir
1.数据为什么需要存储卷
容器一般部署过程一般有三种1.启动时候需要初始化数据2.启动过程中的临时数据,该数据需要多个容器共享,比如nginx + filebeat3.启动容器过程中的产生的数据持久化 如mysql参考链接:https://kubernetes.io/zh/docs/concepts/storage/volumes/emptyDir存储卷
1.emptyDir概述是一个临时存储卷,与pod的生命周期绑定到一起,如果pod被删除了,这意味这数据耶随之被删除
2。empytDir作用:1.可以实现持久化2.同一个pod的多个容器可以实现数据共享,多个不同的pod不能进行数据通信3.存储web访问日志以及错误日志等消息emptyDir的应用场景:(1)临时缓存空间,比如基于磁盘的归并排序;(2)为较耗时计算任务提供检查点,以便任务能方便的从崩溃前状态恢复执行;(3)存储Web访问日志及错误日志等信息;emptyDir优缺点:优点:(1)可以实现同一个Pod内多个容器之间数据共享;(2)当Pod内的某个容器被强制删除时,数据并不会丢失,因为Pod没有删除;缺点:(1)当Pod被删除时,数据也会被随之删除;(2)不同的Pod之间无法实现数据共享;
参考链接:https://kubernetes.io/docs/concepts/storage/volumes#emptydir温馨提示:1)启动pods后,使用emptyDir其数据存储在"/var/lib/kubelet/pods"路径下对应的POD_ID目录哟!/var/lib/kubelet/pods/${POD_ID}/volumes/kubernetes.io~empty-dir/2)可以尝试验证上一步找到的目录,并探讨为什么Pod删除其数据会被随之删除的真正原因 案例一: emptyDir存储卷随着Pod的生命周期存在而存在1.编写资源清单
root@ubuntu0:~/manifests/ReplicationController# cat 04-emptyDir.yaml
apiVersion: v1
kind: ReplicationController
metadata:name: xp-emptydir
spec:replicas: 1selector:apps: v1template:spec:#定义存储卷信息volumes:- name: data#表示存储卷的类型是emptyDiremptyDir:containers:- name: xiuxianimage: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1# 容器使用存储卷volumeMounts:# 要挂载的存储卷名称- name: data# 指定要挂载的路径 容器内要挂载的路径mountPath: /usr/share/nginx/htmlmetadata:labels:apps: v1
root@ubuntu0:~/manifests/ReplicationController# kubectl apply -f 04-emptyDir.yaml
replicationcontroller/xp-emptydir created
root@ubuntu0:~/manifests/ReplicationController# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
xp-emptydir-44xmz 1/1 Running 0 25s 10.100.2.17 ubuntu2 <none> <none>因为没有数据所以报403
root@ubuntu0:~/manifests/ReplicationController# curl 10.100.2.17
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>
进入容器写入一点数据即可
root@ubuntu0:~/manifests/ReplicationController# kubectl exec xp-emptydir-44xmz -it -- sh
/ # echo 111 > /usr/share/nginx/html/index.html
/ # d
sh: d: not found
/ # exit
command terminated with exit code 127
root@ubuntu0:~/manifests/ReplicationController# curl 10.100.2.17
111
把他给删了,在重新给起一个,数据久没了,所以说当Pod被删除时,数据也会被随之删除;
root@ubuntu0:~/manifests/ReplicationController# kubectl delete pods xp-emptydir-44xmz
pod "xp-emptydir-44xmz" deleted
root@ubuntu0:~/manifests/ReplicationController# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
xp-emptydir-9jwjb 1/1 Running 0 14s 10.100.2.18 ubuntu2 <none> <none>
root@ubuntu0:~/manifests/ReplicationController# curl 10.100.2.18
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>- emptyDir存储卷底层数据的存储路径 - 1.查看Pod调度到哪个节点,去对应节点过滤容器,查看容器的详细信息中Mounts挂载信息
root@ubuntu2:~# docker ps|grep xp-emptydir-9jwjb
7f1e7275b9e0 f28fd43be4ad "/docker-entrypoint.…" 2 minutes ago Up 2 minutes k8s_xiuxian_xp-emptydir-9jwjb_default_6dff3ca7-ef51-4dce-b45a-2fadbd22f30f_0
2a23ea906556 registry.aliyuncs.com/google_containers/pause:3.6 "/pause" 2 minutes ago Up 2 minutes k8s_POD_xp-emptydir-9jwjb_default_6dff3ca7-ef51-4dce-b45a-2fadbd22f30f_0
root@ubuntu2:/var/lib/kubelet/pods/6dff3ca7-ef51-4dce-b45a-2fadbd22f30f/volumes/kubernetes.io~empty-dir/data# docker inspect 7f1e7275b9e0|grep -A5 Mounts"Mounts": [{"Type": "bind","Source": "/var/lib/kubelet/pods/6dff3ca7-ef51-4dce-b45a-2fadbd22f30f/volumes/kubernetes.io~empty-dir/data","Destination": "/usr/share/nginx/html","Mode": "",
数据就是存放在这里的
root@ubuntu2:/var/lib/kubelet/pods/6dff3ca7-ef51-4dce-b45a-2fadbd22f30f/volumes/kubernetes.io~empty-dir/data# ls
index.html为什么说emptyDir随着Pod生命周期而结束:因为emptyDir的数据存放在Pod的数据目录,而删除Pod时,kubelet组件会一处该Pod的数据目录。emptyDir实现同一个Pod多个容器数据共享
root@ubuntu0:~# docker pull docker.elastic.co/beats/filebeat:7.17.28
root@ubuntu0:~/manifests/ReplicationController# cat 05-emptyDir-multiple.yaml
apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-rc-emptydir-multiple
spec:replicas: 1selector:apps: v1template:metadata:labels:apps: v1spec:volumes:- name: data01emptyDir: {}- name: data02emptyDir: {}- name: data03emptyDir: {}initContainers:- name: init-c1image: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1 volumeMounts:- name: data03mountPath: /mntcommand: - "/bin/sh"- "-c"- "for i in `seq 10`; do echo $i >> /mnt/init.log ;done"containers:- name: nginximage: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1 volumeMounts:- name: data01mountPath: /usr/share/nginx/html- name: data02mountPath: /var/log/nginx# 默认值为false,表示可读可写。 readOnly: false- name: filebeatimage: docker.elastic.co/beats/filebeat:7.17.28 volumeMounts:- name: data02mountPath: /oldboyedu-linux94# 对于filebeat而言,无需修改数据readOnly: true- name: data03mountPath: /oldboyedu-init
root@ubuntu0:~/manifests/ReplicationController# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
oldboyedu-rc-emptydir-multiple-nb52d 2/2 Running 0 12s 10.100.2.19 ubuntu2 <none> <none> #2/2 他运行了两个容器,可以看出一个初始化容器,两个业务容器
root@ubuntu0:~/manifests/ReplicationController# kubectl describe rc oldboyedu-rc-emptydir-multiple
Name: oldboyedu-rc-emptydir-multiple
Namespace: default
Selector: apps=v1
Labels: apps=v1
Annotations: <none>
Replicas: 1 current / 1 desired
Pods Status: 1 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:Labels: apps=v1Init Containers:init-c1:Image: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1Port: <none>Host Port: <none>Command:/bin/sh-cfor i in `seq 10`; do echo $i >> /mnt/init.log ;doneEnvironment: <none>Mounts:/mnt from data03 (rw)Containers:nginx:Image: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1Port: <none>Host Port: <none>Environment: <none>Mounts:/usr/share/nginx/html from data01 (rw)/var/log/nginx from data02 (rw)filebeat:Image: docker.elastic.co/beats/filebeat:7.17.28Port: <none>Host Port: <none>Environment: <none>Mounts:/oldboyedu-init from data03 (rw)/oldboyedu-linux94 from data02 (ro)
也可以看出 nginx, filebeat, init-c1 (init) 有那些容器,默认进nginx容器
root@ubuntu0:~/manifests/ReplicationController# kubectl exec -it oldboyedu-rc-emptydir-multiple-nb52d -- sh
Defaulted container "nginx" out of: nginx, filebeat, init-c1 (init)
/ # 可以看出他们俩使用的id号是一样的
00a7c5e2-abd1-4405-9cc3-fac57ab09c05/ 9b6582f1-e9e9-44f2-b3f5-e95b895a46e7/ a4bb288e-0e2a-4a87-9cda-cd55e9d003df/ b9067a4c-b5c0-41f4-9a05-665836c9c821/
root@ubuntu2:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3df0e3177d14 93c24d3e1841 "/usr/bin/tini -- /u…" 7 minutes ago Up 7 minutes k8s_filebeat_oldboyedu-rc-emptydir-multiple-nb52d_default_a4bb288e-0e2a-4a87-9cda-cd55e9d003df_0
7b2f804d9a71 f28fd43be4ad "/docker-entrypoint.…" 7 minutes ago Up 7 minutes k8s_nginx_oldboyedu-rc-emptydir-multiple-nb52d_default_a4bb288e-0e2a-4a87-9cda-cd55e9d003df_0
6d7456dbd62e registry.aliyuncs.com/google_containers/pause:3.6 "/pause" 7 minutes ago Up 7 minutes k8s_POD_oldboyedu-rc-emptydir-multiple-nb52d_default_a4bb288e-0e2a-4a87-9cda-cd55e9d003df_0-c 指定容器进入
root@ubuntu0:~/manifests/ReplicationController# kubectl exec -it -c filebeat oldboyedu-rc-emptydir-multiple-nb52d -- bash
filebeat@oldboyedu-rc-emptydir-multiple-nb52d:~$
nginx的日志就拿到了
filebeat@oldboyedu-rc-emptydir-multiple-nb52d:~$ ls /oldboyedu-linux94/
access.log error.log测试访问nginx,观察filebeat容器是否能够看到数据
root@ubuntu0:~/manifests/ReplicationController# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
oldboyedu-rc-emptydir-multiple-nb52d 2/2 Running 0 12m 10.100.2.19 ubuntu2 <none> <none>
root@ubuntu0:~/manifests/ReplicationController# curl 10.100.2.19
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>
filebeat@oldboyedu-rc-emptydir-multiple-nb52d:~$ ls /oldboyedu-linux94/ -l
total 4
-rw-r--r-- 1 root root 0 Apr 6 23:15 access.log
-rw-r--r-- 1 root root 623 Apr 6 23:15 error.log
filebeat@oldboyedu-rc-emptydir-multiple-nb52d:~$ ls /oldboyedu-linux94/ -l
total 8
-rw-r--r-- 1 root root 91 Apr 6 23:27 access.log
-rw-r--r-- 1 root root 805 Apr 6 23:27 error.log
filebeat@oldboyedu-rc-emptydir-multiple-nb52d:~$ 也默认共享网络
root@ubuntu0:~/manifests/ReplicationController# kubectl exec -it -c filebeat oldboyedu-rc-emptydir-multiple-nb52d -- bash
filebeat@oldboyedu-rc-emptydir-multiple-nb52d:~$ hostname -i
10.100.2.19
root@ubuntu0:~/manifests/ReplicationController# kubectl exec -it oldboyedu-rc-emptydir-multiple-nb52d -- sh
Defaulted container "nginx" out of: nginx, filebeat, init-c1 (init)
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft forever
2: eth0@if16: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue state UP link/ether 9e:e7:f7:ee:cc:6e brd ff:ff:ff:ff:ff:ffinet 10.100.2.19/24 brd 10.100.2.255 scope global eth0valid_lft forever preferred_lft forever
课堂练习
部署修仙业务,访问修仙业务的日志时filebeat采集写入到ES单点,并通过kibana展示数据
root@ubuntu0:~/manifests# cat es.yaml
apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-es
spec:replicas: 1selector:apps: estemplate:spec:containers:- name: c1image: docker.elastic.co/elasticsearch/elasticsearch:7.17.28env:- name: discovery.typevalue: single-node - name: cluster.namevalue: oldboyedu-linux94-single-es- name: ES_JAVA_OPTSvalue: "-Xms256m -Xmx256m"- name: bootstrap.memory_lockvalue: "true"metadata:labels:apps: es---
apiVersion: v1
kind: Service
metadata:name: svc-es
spec:selector:apps: esports:- port: 9200 root@ubuntu0:~/manifests# kubectl get svc,pods -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 24h <none>
service/svc-es ClusterIP 192.168.142.207 <none> 9200/TCP 31s apps=esNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/oldboyedu-es-l4t9v 1/1 Running 0 87s 10.100.1.2 ubuntu2 <none> <none>查看有没有关联上
root@ubuntu0:~/manifests# kubectl describe svc svc-es
Name: svc-es
Namespace: default
Labels: <none>
Annotations: <none>
Selector: apps=es
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 192.168.142.207
IPs: 192.168.142.207
Port: <unset> 9200/TCP
TargetPort: 9200/TCP
Endpoints: 10.100.1.2:9200
Session Affinity: None
Events: <none>root@ubuntu0:~/manifests# kubectl get svc svc-es
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
svc-es ClusterIP 192.168.142.207 <none> 9200/TCP 4m5s
root@ubuntu0:~/manifests# curl 192.168.142.207:9200
{"name" : "oldboyedu-es-l4t9v","cluster_name" : "oldboyedu-linux94-single-es","cluster_uuid" : "oNH6fJY8SfO4Gk5iI-1cfg","version" : {"number" : "7.17.28","build_flavor" : "default","build_type" : "docker","build_hash" : "139cb5a961d8de68b8e02c45cc47f5289a3623af","build_date" : "2025-02-20T09:05:31.349013687Z","build_snapshot" : false,"lucene_version" : "8.11.3","minimum_wire_compatibility_version" : "6.8.0","minimum_index_compatibility_version" : "6.0.0-beta1"},"tagline" : "You Know, for Search"
}
root@ubuntu0:~/manifests#
root@ubuntu0:~# curl 192.168.142.207:9200/_cat/nodes
10.100.1.4 39 53 0 0.07 0.07 0.09 cdfhilmrstw * oldboyedu-es-l4t9v
删除所有的pods,只要svc不删,他就会自愈,但是数据会丢失
root@ubuntu0:~# kubectl delete pods --all
pod "oldboyedu-es-l4t9v" deleted
root@ubuntu0:~# curl 192.168.142.207:9200/_cat/nodes
10.100.2.2 65 50 28 0.56 0.30 0.22 cdfhilmrstw * oldboyedu-es-t6qtkk8s部署kibana
root@ubuntu0:~/manifests# cat kibana.yaml
apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-kibana
spec:replicas: 1selector:apps: kibanatemplate:spec:containers:- name: c2image: docker.elastic.co/kibana/kibana:7.17.28 env:- name: SERVER_NAMEvalue: kibana - name: ELASTICSEARCH_HOSTS value: "http://svc-es:9200"- name: I18N_LOCALE value: "zh-CN"metadata:labels:apps: kibana---
apiVersion: v1
kind: Service
metadata:name: svc-kibana
spec:type: NodePortselector:apps: kibanaports:- port: 5601nodePort: 30001root@ubuntu0:~/manifests# kubectl apply -f kibana.yaml
replicationcontroller/oldboyedu-kibana unchanged
service/svc-kibana created
root@ubuntu0:~/manifests# kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 11d <none>
svc-es ClusterIP 192.168.142.207 <none> 9200/TCP 10d apps=es
svc-kibana NodePort 192.168.235.175 <none> 5601:30001/TCP 39s apps=kibana
root@ubuntu0:~/manifests# kubectl describe svc svc-kibana
Name: svc-kibana
Namespace: default
Labels: <none>
Annotations: <none>
Selector: apps=kibana
Type: NodePort
IP Family Policy: SingleStack
IP Families: IPv4
IP: 192.168.235.175
IPs: 192.168.235.175
Port: <unset> 5601/TCP
TargetPort: 5601/TCP
NodePort: <unset> 30001/TCP
Endpoints: 10.100.1.7:5601
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>部署nginx和filebeat
root@ubuntu0:~/manifests# cat filebeat.yaml
apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-filebeat
spec:replicas: 1selector:apps: filebeattemplate:spec:volumes:- name: dataemptyDir:containers:- name: c3image: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1 volumeMounts:- name: datamountPath: /var/log/nginx/- name: c4image: docker.elastic.co/beats/filebeat:7.17.28volumeMounts:- name: datamountPath: /linux94# readOnly: true metadata:labels:apps: filebeat---
apiVersion: v1
kind: Service
metadata:name: svc-filebeat
spec:type: NodePortselector:apps: filebeatports:- port: 80nodePort: 30002进入容器,通过配置文件关联es
root@ubuntu0:~/manifests# kubectl describe svc svc-filebeat
Name: svc-filebeat
Namespace: default
Labels: <none>
Annotations: <none>
Selector: apps=filebeat
Type: NodePort
IP Family Policy: SingleStack
IP Families: IPv4
IP: 192.168.38.224
IPs: 192.168.38.224
Port: <unset> 80/TCP
TargetPort: 80/TCP
NodePort: <unset> 30002/TCP
Endpoints: 10.100.1.9:80
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
root@ubuntu0:~/manifests# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
oldboyedu-es-t6qtk 1/1 Running 0 112m 10.100.2.2 ubuntu1 <none> <none>
oldboyedu-filebeat-mjhgz 2/2 Running 0 58s 10.100.1.9 ubuntu2 <none> <none>
oldboyedu-kibana-lhfkx 1/1 Running 0 72m 10.100.1.7 ubuntu2 <none> <none>root@ubuntu0:~/manifests# kubectl exec -c c4 -it oldboyedu-filebeat-mjhgz -- bash
filebeat@oldboyedu-filebeat-mjhgz:~$
filebeat@oldboyedu-filebeat-mjhgz:~$ cat > /tmp/oldboyedu-filebeat.yaml <<EOF
> filebeat.inputs:
> - type: log
> paths:
> - /linux94/access.log*
>
> output.elasticsearch:
> hosts: ["http://svc-es:9200"]
> index: "oldboyedu-linux94-k8s-%{+yyyy.MM.dd}"
>
> setup.ilm.enabled: false
> setup.template.name: "oldboyedu-linux94-k8s"
> setup.template.pattern: "oldboyedu-linux94-k8s*"
> setup.template.overwrite: false
> setup.template.settings:
> index.number_of_shards: 3
> index.number_of_replicas: 0
> EOF
filebeat@oldboyedu-filebeat-mjhgz:~$ filebeat -e -c /tmp/oldboyedu-filebeat.yaml --path.data /tmp/xixi此时就采集到数据了
hotsPath
优点:(1)可以实现同一个Pod不同容器之间的数据共享;(2)可以实现同一个Node节点不同Pod之间的数据共享;缺点:无法满足跨节点Pod之间的数据共享。推荐阅读:https://kubernetes.io/docs/concepts/storage/volumes/#hostpathroot@ubuntu0:~/manifests/ReplicationController# cat 06-hostPath.yaml
apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-rc-hostpath
spec:replicas: 1selector:apps: v1template:metadata:labels:apps: v1spec:volumes:- name: data01# 表示存储卷使用的是hostPathhostPath:# 指定宿主机的路径 path: /linux94containers:- name: nginximage: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1 volumeMounts:- name: data01mountPath: /usr/share/nginx/html
测试访问
root@ubuntu0:~/manifests/ReplicationController# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
oldboyedu-rc-hostpath-vcwp7 1/1 Running 0 76s 10.100.1.10 ubuntu2 <none> <none>
root@ubuntu0:~/manifests/ReplicationController# curl 10.100.1.10
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>去相应节点修改数据
root@ubuntu2:~# ls /linux94/
root@ubuntu2:~# echo 111 > /linux94/index.html
root@ubuntu2:~# 进容器查看
root@ubuntu0:~/manifests/ReplicationController# kubectl exec -it oldboyedu-rc-hostpath-vcwp7 -- sh
/ # cat /usr/share/nginx/html/index.html
111再次访问
root@ubuntu0:~/manifests/ReplicationController# curl 10.100.1.10
111
root@ubuntu0:~/manifests/ReplicationController#删除Pod
root@ubuntu0:~/manifests# kubectl delete rc oldboyedu-rc-hostpath
replicationcontroller "oldboyedu-rc-hostpath" deleted
root@ubuntu0:~/manifests#
root@ubuntu0:~/manifests# kubectl get pods -o wide
No resources found in default namespace.观察宿主机的数据是否丢失
root@ubuntu2:~# cat /linux94/index.html
111hostPath配置时区应用场景
[root@master231 replicationcontrollers]# cat 06-rc-volumes-hostPath-localtime.yaml
apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-rc-hostpath-localtime
spec:replicas: 1selector:apps: v1template:metadata:labels:apps: v1spec:# 将宿主机的时区和容器的时区进行同步volumes:- name: tzhostPath:path: /etc/localtimecontainers:- name: nginximage: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1volumeMounts:- name: tzmountPath: /etc/localtime
[root@master231 replicationcontrollers]# kubectl apply -f 06-rc-volumes-hostPath-localtime.yaml
replicationcontroller/oldboyedu-rc-hostpath-localtime created
[root@master231 replicationcontrollers]#
[root@master231 replicationcontrollers]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
oldboyedu-rc-hostpath-localtime-btf42 1/1 Running 0 3s 10.100.2.74 worker233 <none> <none>
[root@master231 replicationcontrollers]#
[root@master231 replicationcontrollers]# kubectl exec oldboyedu-rc-hostpath-localtime-btf42 -- date -R
Tue, 19 Nov 2024 15:25:31 +0800
[root@master231 replicationcontrollers]#
[root@master231 replicationcontrollers]# date -R
Tue, 19 Nov 2024 15:25:36 +0800
[root@master231 replicationcontrollers]#
[root@master231 replicationcontrollers]#
[root@master231 replicationcontrollers]# kubectl exec oldboyedu-rc-hostpath-localtime-btf42 -- sh
[root@master231 replicationcontrollers]#
[root@master231 replicationcontrollers]# kubectl exec -it oldboyedu-rc-hostpath-localtime-btf42 -- sh
/ # date -R
Tue, 19 Nov 2024 15:25:52 +0800
nfs实现多个不同节点pod实现数据共享
nfs概述:nfs数据卷:提供对nfs挂载支持,可以自动将nfs共享路径挂载到pod中推荐阅读:https://kubernetes.io/docs/concepts/storage/volumes/#nfsubuntu部署nfs
root@ubuntu0:~/manifests# apt install nfs-kernel-server -y
root@ubuntu0:~# mkdir -p /oldboyedu/data/nfs-server
root@ubuntu0:~# tail -n1 /etc/exports
/oldboyedu/data/nfs-server *(rw,no_root_squash)
root@ubuntu0:~# systemctl restart nfs-server
root@ubuntu0:~# exportfs
/oldboyedu/data/nfs-server<world>客户端配置
root@ubuntu0:~# ansible all -m ping
192.168.23.97 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python3"},"changed": false,"ping": "pong"
}
192.168.23.98 | SUCCESS => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python3"},"changed": false,"ping": "pong"
}root@ubuntu0:~# ansible all -m shell -a "apt install nfs-kernel-server -y"
root@ubuntu0:~# ansible all -m shell -a "mount -t nfs ubuntu0:/oldboyedu/data/nfs-server/ /mnt"
192.168.23.97 | CHANGED | rc=0 >>192.168.23.98 | CHANGED | rc=0 >>root@ubuntu0:~# ansible all -m shell -a "df -h /mnt"
192.168.23.98 | CHANGED | rc=0 >>
Filesystem Size Used Avail Use% Mounted on
ubuntu0:/oldboyedu/data/nfs-server 24G 19G 3.9G 83% /mnt
192.168.23.97 | CHANGED | rc=0 >>
Filesystem Size Used Avail Use% Mounted on
ubuntu0:/oldboyedu/data/nfs-server 24G 19G 3.9G 83% /mnt测试
root@ubuntu0:~# ansible 192.168.23.97 -m shell -a 'cp /etc/os-release /mnt'
192.168.23.97 | CHANGED | rc=0 >>root@ubuntu0:~# ansible all -m shell -a 'ls /mnt'
192.168.23.97 | CHANGED | rc=0 >>
os-release
192.168.23.98 | CHANGED | rc=0 >>
os-releasekubectl explain pods.spec.volumes.nfsroot@ubuntu0:~/manifests/ReplicationController# cat 07-nfs.yam
apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-rc-nfs-v1
spec:replicas: 1selector:apps: v1template:metadata:labels:apps: v1spec:nodeName: ubuntu1volumes:- name: data#表示存储卷的类型是nfsnfs: #指定nfs服务器server: ubuntu0#指定nfs数据共享路径path: /oldboyedu/data/nfs-server/ containers:- name: nginximage: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1 volumeMounts:- name: datamountPath: /usr/share/nginx/html
---apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-rc-nfs-v2
spec:replicas: 1selector:apps: v2template:metadata:labels:apps: v2spec:nodeName: ubuntu2volumes:- name: data#表示存储卷的类型是nfsnfs: #指定nfs服务器server: ubuntu0#指定nfs数据共享路径path: /oldboyedu/data/nfs-server/ containers:- name: nginx1image: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1 volumeMounts:- name: datamountPath: /usr/share/nginx/html
root@ubuntu0:~/manifests/ReplicationController# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
oldboyedu-rc-nfs-v1-5gsdr 1/1 Running 0 5s 10.100.2.6 ubuntu1 <none> <none>
oldboyedu-rc-nfs-v2-dxgwh 1/1 Running 0 5s 10.100.1.13 ubuntu2 <none> <none>
root@ubuntu0:~/manifests/ReplicationController# echo 111 > /oldboyedu/data/nfs-server/index.html
root@ubuntu0:~/manifests/ReplicationController# curl 10.100.2.6
111nfs解决wordpress数据持久化
2.编写资源清单
[root@master231 case-demo]# cat 10-rc-svc-volumes-nfs-wordpress.yaml
apiVersion: v1
kind: Namespace
metadata:name: oldboyedu---apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-dbnamespace: oldboyedu
spec:replicas: 1selector:apps: dbtemplate:spec:volumes:- name: datanfs:server: ubuntu0path: /oldboyedu/data/nfs-server/volumes/wordpress/dbcontainers:- name: c1image: harbor.oldboyedu.com/oldboyedu-db/mysql:8.0.36-oraclevolumeMounts:- name: datamountPath: /var/lib/mysqlenv:- name: MYSQL_ALLOW_EMPTY_PASSWORDvalue: "yes"- name: MYSQL_USERvalue: linux94- name: MYSQL_PASSWORDvalue: oldboyedu- name: MYSQL_DATABASEvalue: yinzhengjiemetadata:labels:apps: db---apiVersion: v1
kind: Service
metadata:name: svc-dbnamespace: oldboyedu
spec:type: ClusterIPselector:apps: dbports:- port: 3306targetPort: 3306---
apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-wp
spec:replicas: 1selector:apps: wptemplate:spec:volumes:- name: datanfs:server: ubuntu0path: /oldboyedu/data/nfs-server/volumes/wordpress/wpcontainers:- name: c1image: harbor.oldboyedu.com/oldboyedu-wp/wordpress:latestvolumeMounts:- name: datamountPath: /var/www/htmlenv:- name: WORDPRESS_DB_HOSTvalue: svc-db.oldboyedu#value: svc-db.oldboyedu.svc.oldboyedu.com- name: WORDPRESS_DB_USERvalue: linux94- name: WORDPRESS_DB_PASSWORDvalue: oldboyedu- name: WORDPRESS_DB_NAMEvalue: yinzhengjiemetadata:labels:apps: wp---apiVersion: v1
kind: Service
metadata:name: svc-wp
spec:type: NodePortselector:apps: wpports:- port: 80targetPort: 80nodePort: 30090
[root@master231 case-demo]# 3.测试并验证
略,见视频。提示:- 1.先初始化账号并发表文章;- 2.将wp的副本数量设置为多个,但是db必须保证一个副本;- 3.可以尝试删除wp和db的pod观察发表的文章能否正常访问;K8S部署sonarqube项目实战
[root@master231 case-demo]# cat 11-ns-rc-svc-sonarqube.yaml
apiVersion: v1
kind: Namespace
metadata:name: devops---apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-sonarqubenamespace: devops
spec:replicas: 1selector:apps: sonarqubetemplate:spec:nodeName: worker233containers:- name: c1# image: sonarqube:9.9.7-communityimage: harbor.oldboyedu.com/oldboyedu-devops/sonarqube:9.9.7-communityports:- containerPort: 9000#给端口打一个标签name: webuimetadata:labels:apps: sonarqube---apiVersion: v1
kind: Service
metadata:name: svc-sonarqubenamespace: devops
spec:type: NodePortselector:apps: sonarqubeports:- port: 9000# 指定名称可以自行找到后端的Pod的暴露的containerPort端口name: webuinodePort: 30090
[root@master231 case-demo]# 将sonarqube数据持久化及kubectl cp等故障排查技巧指南
1.创建nfs共享目录
[root@master231 ~]# mkdir -pv /oldboyedu/data/nfs-server/volumes/devops/sonarqube2.将运行的sonarqube文件拷贝到宿主机NFS路径(需要先启动sonarqube服务,而后拷贝旧数据到NFS服务器,否则后期挂载时没有数据导致sonarQube无法启动)
[root@master231 ~]# kubectl -n devops cp oldboyedu-sonarqube-9k5f6:/opt/sonarqube /oldboyedu/data/nfs-server/volumes/devops/sonarqube
[root@master231 ~]#
[root@master231 ~]# ll /oldboyedu/data/nfs-server/volumes/devops/sonarqube
total 132
drwxr-xr-x 12 root root 4096 Nov 19 17:56 ./
drwxr-xr-x 3 root root 4096 Nov 19 17:55 ../
drwxr-xr-x 2 root root 4096 Nov 19 17:56 bin/
drwxr-xr-x 2 root root 4096 Nov 19 17:56 conf/
-rw-r--r-- 1 root root 7651 Nov 19 17:56 COPYING
drwxr-xr-x 4 root root 4096 Nov 19 17:56 data/
-rw-r--r-- 1 root root 77629 Nov 19 17:56 dependency-license.json
drwxr-xr-x 2 root root 4096 Nov 19 17:56 docker/
drwxr-xr-x 7 root root 4096 Nov 19 17:56 elasticsearch/
drwxr-xr-x 5 root root 4096 Nov 19 17:56 extensions/
drwxr-xr-x 5 root root 4096 Nov 19 17:56 lib/
drwxr-xr-x 2 root root 4096 Nov 19 17:56 logs/
drwxr-xr-x 7 root root 4096 Nov 19 17:56 temp/
drwxr-xr-x 5 root root 4096 Nov 19 17:56 web/
[root@master231 ~]#
[root@master231 ~]# ll /oldboyedu/data/nfs-server/volumes/devops/sonarqube/extensions/plugins/
total 84
drwxr-xr-x 2 root root 4096 Nov 19 17:56 ./
drwxr-xr-x 5 root root 4096 Nov 19 17:56 ../
-rw-r--r-- 1 root root 737 Nov 19 17:56 README.txt
-rw-r--r-- 1 root root 70457 Nov 19 17:56 sonar-l10n-zh-plugin-9.9.jar3.授权启动脚本有执行权限
[root@master231 ~]# chmod +x /oldboyedu/data/nfs-server/volumes/devops/sonarqube/docker/entrypoint.sh 温馨提示:万一添加执行权限解决不了,可以给整个"/oldboyedu/data/nfs-server/volumes/devops/sonarqube"目录添加777权限。[root@master231 case-demo]# cat 11-ns-rc-svc-sonarqube.yaml
apiVersion: v1
kind: Namespace
metadata:name: devops---apiVersion: v1
kind: ReplicationController
metadata:name: oldboyedu-sonarqubenamespace: devops
spec:replicas: 1selector:apps: sonarqubetemplate:spec:nodeName: worker233volumes:- name: datanfs:server: 10.0.0.231path: /oldboyedu/data/nfs-server/volumes/devops/sonarqubecontainers:- name: c1# image: sonarqube:9.9.7-communityimage: harbor.oldboyedu.com/oldboyedu-devops/sonarqube:9.9.7-community#command: #- tail#- -f#- /etc/hostscommand: - /opt/java/openjdk/bin/java - -jar - lib/sonar-application-9.9.7.96285.jar - -Dsonar.log.console=trueports:- containerPort: 9000name: webuivolumeMounts:- name: datamountPath: /opt/sonarqubemetadata:labels:apps: sonarqube---apiVersion: v1
kind: Service
metadata:name: svc-sonarqubenamespace: devops
spec:type: NodePortselector:apps: sonarqubeports:- port: 9000# 指定名称可以自行找到后端的Pod的暴露的containerPort端口name: webuinodePort: 30090
[root@master231 case-demo]# 5.删除测试
[root@master231 case-demo]# kubectl get pods,svc -n devops -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/oldboyedu-sonarqube-gclcx 1/1 Running 0 41s 10.100.2.95 worker233 <none> <none>NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/svc-sonarqube NodePort 10.200.139.132 <none> 9000:30090/TCP 41s apps=sonarqube
[root@master231 case-demo]#
[root@master231 case-demo]#
[root@master231 case-demo]# kubectl -n devops delete pods --all
pod "oldboyedu-sonarqube-gclcx" deleted
[root@master231 case-demo]#
[root@master231 case-demo]# kubectl get pods,svc -n devops -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/oldboyedu-sonarqube-4bqtw 1/1 Running 0 3s 10.100.2.96 worker233 <none> <none>NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/svc-sonarqube NodePort 10.200.139.132 <none> 9000:30090/TCP 61s apps=sonarqube
[root@master231 case-demo]#