learn-k8s-with-kind-and-kubectl
No related notes
Outlinks (0)
No outlinks found
Backlinks (0)
No backlinks found
1 · learn-k8s-with-kind-and-kubectl#
- 控制器模型(control loop)
- 声明式系统(desired state)
- 分布式收敛(eventual consistency)
- 调度与资源约束
1.1 · 创建集群:使用kind (k8s in docker)#
kind create cluster --name kind --image m.daocloud.io/docker.io/kindest/node:v1.35.0
# 或指定文件
kind create cluster --config kind-config.yaml# kind-config.yaml
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
image: m.daocloud.io/docker.io/kindest/node:v1.35.0
- role: worker
image: m.daocloud.io/docker.io/kindest/node:v1.35.0
- role: worker
image: m.daocloud.io/docker.io/kindest/node:v1.35.0# 查看节点
kubectl get nodes
# 查看pods: k8s的组件
kubectl get pods -A
# 1. 只在控制平面节点:
# kube-apiserver-kind-control-plane
# kube-scheduler-kind-control-plane
# kube-controller-manager-kind-control-plane
# etcd-kind-control-plane
# 2. 所有都有(控制平面+工作节点)
# kube-proxy-xxxxx
# kindnet-xxxxx
# 3. 集群基础服务(调度到任意节点)
# coredns-xxxx
# local-path-provisioner
kubectl get pods -A -o wide1.2 · 部署一个pod#
kubectl apply -f pod.yaml# pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- name: nginx
image: nginx# 查看pod
kubectl get pod
kubectl describe pod nginx1.3 · 部署 Deployment#
有多少个 Pod + 怎么运行 Deployment = 状态控制器(reconciliation)
# 删除pod
kubectl delete pod nginxkubectl apply -f deploy.yaml# deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deploy
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80kubectl get deployments
kubectl get pods
# Pod 被自动重建
# 控制器在做“纠错”(reconciliation loop)
kubectl delete pod nginx*
kubectl scale deployment nginx --replicas=51.4 · 服务 Service#
怎么访问这些 Pod Service = 网络抽象(稳定入口 + 负载均衡)
kubectl expose deployment nginx-deploy --port=80 --type=ClusterIP
kubectl get svc
# 进入 Pod 执行命令,访问 nginx-deploy(在 Pod 内部,通过 Kubernetes DNS 访问一个 Service)
kubectl exec -it nginx-deploy-75fdcbbc74-rqnp2 -- curl nginx-deploy访问流程:
nginx-deploy
↓
DNS 解析
↓
nginx-deploy.default.svc.cluster.local
↓
CoreDNS
↓
Service IP
↓
负载均衡到某个 Pod理解: Pod/Deployment 是不稳定的 Service = 稳定入口
1.5 · kubectl#
kubectl → HTTP 请求 → API Server → etcd → controllers → 世界改变声明、观察、解释、交互
- apply: 写入”期望状态”
- get/describe: 获取”当前状态”
- scale: 修改系统
- exec: 进入系统
1.5.1 · 排障
kubectl 本质上只是读取 ~/.kube/config,然后向 API Server 发 HTTP 请求
如果kubectl慢、超时、失败时,很多时候该怀疑的是到 API Server 的网络链路或权限。
思路:看状态 → 看事件 → 看日志 → 进容器 → 修复
- Assess:先看当前状态
- Investigate:再查原因
- Interact:必要时进容器里看
- Resolve:最后处理问题
- Pod 不工作?状态异常?
k get pods - 刚刚发生了啥?
k get events --sort-by='.lastTimestamp' - 资源问题?
- 深入Pod细节
k describe pod - 看日志 stern or
k logs (--previous?) - 确认内部
k exec