1. Pod容器的三种重启策略
注意:k8s所谓的重启容器指的是重新创建容器
cat 07-restartPolicy.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-web-imagepullpolicy-always
spec:
nodeName: k8s233.oldboyedu.com
## 当容器异常退出时,始终重启容器
restartPolicy: Always
containers:
- name: nginx
image: harbor.oldboyedu.com/web/linux85-web:v1
imagePullPolicy: Always
command:
- "sleep"
- "10"
---
apiVersion: v1
kind: Pod
metadata:
name: nginx-web-imagepullpolicy-onfailure
spec:
nodeName: k8s233.oldboyedu.com
## 当容器正常退出时不会重启容器,当容器异常退出时,会重启容器
restartPolicy: OnFailure
containers:
- name: nginx
image: harbor.oldboyedu.com/web/linux85-web:v1
imagePullPolicy: Always
command:
- "sleep"
- "10"
---
apiVersion: v1
kind: Pod
metadata:
name: nginx-web-imagepullpolicy-never
spec:
nodeName: k8s233.oldboyedu.com
## 当容器退出时,始终不重启容器
restartPolicy: Never
containers:
- name: nginx
image: harbor.oldboyedu.com/web/linux85-web:v1
imagePullPolicy: Always
command:
- "sleep"
- "10"
2. 如何向指定的容器传递环境变量
## 编写资源清单
apiVersion: v1
kind: Pod
metadata:
name: nginx-web-env
spec:
nodeName: k8s233.oldboyedu.com
containers:
- name: nginx
image: harbor.oldboyedu.com/web/linux85-web:v1
##像容器传递环境变量
env:
## 指定变量的名称
- name: SCHOOL
## 指定变量的值
value: oldboyedu
- name: CLASS
value: linux85
- name: OLDBOYEDU_POD_NAME
## 不使用自定义的变量值,而是引用别处的值
valueFrom:
## 值引用某个字段
fieldRef:
## 指定字段的路径
fieldPath: "metadata.name"
- name: OLDBOUEDU_NODENAME
valueFrom:
fieldRef:
fieldPath: "spec.nodeName"
3. 数据持久化之emptyDir
当我们不使用存储卷的时候
##编写资源清单
apiVersion: v1
kind: Pod
metadata:
name: nginx-web-volume-emptydir-001
spec:
containers:
- name: nginx
image: harbor.oldboyedu.com/web/nginx:1.20.1-alpine我们将nginx改为指定的内容
我们当nginx这个容器强行终止,由于容器重启策略,容器会自动重启。
此时我们看到容器重启一次
当我们再次访问nginx的时候,显然这不是我们期望的结果。所以我们用到了数据持久化
## 编写资源清单
apiVersion: v1
kind: Pod
metadata:
name: nginx-web-volume-emptydir-001
spec:
##定义存储卷
volumes:
## 指定存储卷名称
- name: data01
## 指定存储卷类型位emptyDir类型
## 当pod被删除时,数据会被随之删除。它的作用是:1. 对容器数据进行持久化存储,当删除容器时,数据不会丢失。 2. 可以实现同一个Pod内不同容器的数据共享
emptyDir: {}
containers:
- name: nginx
image: harbor.oldboyedu.com/web/nginx:1.20.1-alpine
##指定挂载点
volumeMounts:
## 指定存储卷名称
- name: data01
## 挂载目录
mountPath: /usr/share/nginx/html
# volumeMounts:
## 指定存储卷名称
- name: data01
## 挂载目录
mountPath: /usr/share/nginx/html
- name: alpine
image: harbor.oldboyedu.com/linux/alpine:latest
stdin: true
volumeMounts:
- name: data01
mountPath: /oldboyedu-data
4. 数据持久化之hostPath
## 编写资源清单
apiVersion: v1
kind: Pod
metadata:
name: volume-hostdir-002
spec:
nodeName: k8s233.oldboyedu.com
volumes:
- name: linux85-data
## 指定类型为宿主机存储卷,该存储卷主要用于容器访问宿主机路径的需求
hostPath:
## 指定存储卷路径
path: /oldboyedu-data
containers:
- name: linux
image: harbor.oldboyedu.com/linux/alpine:latest
stdin: true
volumeMounts:
## 指定存储卷名称
- name: linux85-data
## 指定挂载点
mountPath: /oldboyedu-data
查看调度的节点并创建内容
到k8s233节点创建目录并写点内容
回到master节点进入容器查看是否有内容,我们将123改为456,在回到k8s233节点查看
5. 数据持久化之nfs
## 所有节点需要安装nfs相关的软件包
yum -y install nfs-utils
## k8s231节点设置共享目录
mkdir -p /oldboyedu/data/kubernetes
cat > /oldboyedu/data/kubernetes <<'EOF'
/oldboyedu/data/kubernets *(rw,no_root_squash)
EOF
## 设置nfs开机自启
systemctl enable --now nfs
## 检测服务的挂载信息
exportfs
## 在别的节点挂载nfs并测试
mount -t nfs k8s231.oldboyedu.com:/oldboyedu/data/kubernetes /mnt/## 编写测试文件
apiVersion: v1
kind: Pod
metadata:
name: volume-nfs-001
spec:
nodeName: k8s232.oldboyedu.com
volumes:
- name: data
## 指定存储卷类型位nfs,可以跨节点共享数据
nfs:
## 指定nfs服务器的地址
server: 10.0.0.231
## 指定nfs对外暴露的地址
path: /oldboyedu/data/kubernets
containers:
- name: nginx
image: harbor.oldboyedu.com/web/nginx:1.20.1-alpine
volumeMounts:
- name: data
mountPath: /usr/share/nginx/html
---
apiVersion: v1
kind: Pod
metadata:
name: volume-nfs-002
spec:
nodeName: k8s233.oldboyedu.com
volumes:
- name: data
nfs:
server: 10.0.0.231
path: /oldboyedu/data/kubernets
containers:
- name: linux
image: harbor.oldboyedu.com/linux/alpine:latest
stdin: true
volumeMounts:
- name: data
mountPath: /oldboyedu-data
6.容器的资源限制
## 编写资源清单
cat 12-nginx-resource.yaml
apiVersion: v1
kind: Pod
metadata:
name: stress-002
spec:
containers:
- name: stress
image: jasonyin2020/oldboyedu-linux-tools:v0.1
args:
- "tail"
- "-f"
- "/etc/hosts"
##对容器镜像资源限制
resources:
## 期望目标节点有的资源大小
requests:
## 要求目标节点有10G的可用内存
memory: 256M
## 指定cpu的核心数固定单位1core=1000m
cpu: 500m
##配置资源的使用上限
limits:
memory: 500M
cpu: 17. configMap的资源定义及增删改查
1. configMap数据会存储到etcd数据库中,其应用场景主要在于应用程序配置。
2. configMap支持的数据类型:
(1).键值对
(2).多行数据
3. Pod使用configMap资源有两种常见方式:
(1).变量注入
(2).数据卷挂载
定义configMap(简称cm)资源
## 编写资源清单
apiVersion: v1
kind: ConfigMap
metadata:
name: config-demo
##定义cm资源的数据
data:
school: oldboyedu
class: linux85
## 定义多行数据
my.cfg: |
datadir: "/var/lib/mysql"
basedir: "/usr/share/mysql"
socket: "/tmp/mysql.socket"
student.info: |
xingzhibang: "xulingyan"
xinghui: "linux"
xulingyan: "xingzhibang" 
8. Pod基于env环境变量引入cm资源
## 编写资源清单
cat 02-cm-env.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-web-env
spec:
nodeName: k8s233.oldboyedu.com
containers:
- name: nginx
image: harbor.oldboyedu.com/web/linux85-web:v1
env:
- name: SCHOOL_LINUX_SCOHHL
valueFrom:
configMapKeyRef:
## 指定configmap的key
key: school
##指定config的名称
name: config-demo
- name: SCHOOL_LINUX_CLASS
valueFrom:
configMapKeyRef:
name: config-demo
key: class
- name: SCHOOL_LINUX_mycfg
valueFrom:
configMapKeyRef:
name: config-demo
key: my.cfg
- name: SCHOOL_LINUX_studentinfo
valueFrom:
configMapKeyRef:
name: config-demo
key: student.info
查看环境变量
9. Pod基于存储卷的方式引入cm资源
##编写资源清单
cat 03-cm-volumes.yaml
apiVersion: v1
kind: Pod
metadata:
name: volume-cm-003
spec:
nodeName: k8s232.oldboyedu.com
volumes:
- name: data
## 指定存储据的类型为configmap
configMap:
##指定configmap的名称
name: config-demo
##引用conconfigmap的key
items:
##指定key名称
- key: student.info
## 可以理解为指定文件的名称
path: oldboylinux-student.info
containers:
- name: nginx
image: harbor.oldboyedu.com/web/nginx:1.20.1-alpine
command:
- "tail"
- "-f"
- "/etc/hosts"
volumeMounts:
- name: data
mountPath: /etc/nginx/nginx.conf
## 当subPath的值和configMap.items.path相同时,mountPath的挂载点是一个文件而非是目录了
subPath: oldboylinux-student.info10. port的端口映射
cat 04-games-001.yaml
apiVersion: v1
kind: Pod
metadata:
name: linux85-games
spec:
nodeName: k8s232.oldboylinux.com
volumes:
- name: data
configMap:
name: oldboyedu-linux85
items:
- key: nginx.conf
path: nginx.conf
containers:
- name: game
images: harbor.oldboyedu.com/oldboy-edu-games/jasonyyin2020/oldboyedu-games:v0.1
volumeMounts:
- name: data
mountPath: /usr/local/nginx/conf/nginx.conf
subPath: nginx.conf
## 指定容器的端口映射相关字段
ports:
# 指定容器的端口号
- containerPort: 80
# 绑定主机的IP地址
hostIP: "0.0.0.0"
# 指定绑定的端口号
hostPort: 88
## 给该端口起一个名字
name: game
11. secret资源的增删改查
cat 01-secret-demo.yaml
apiVersion: v1
kind: Secret
metadata:
name: es-https
data:
dataname: ZWxhc3RpYwo=
password: b2xkYm95ZWR1Cg==
只显示字节,不显示具体内容
12. Pod基于env环境变量引入secret资源
cat 02-secret-env.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-web-secret
spec:
nodeName: k8s233.oldboyedu.com
containers:
- name: nginx
image: harbor.oldboyedu.com/web/linux85-web:v1
env:
- name: SCHOOL_LINUX_DATANAME
valueFrom:
## 指定引用的secret资源
secretKeyRef:
## 指定secret的名称
name: es-https
## 指定secret的KEY
key: dataname
- name: SCHOOL_LINUX-PASSWORD
valueFrom:
secretKeyRef:
name: es-https
key: password
13. Pod基于存储卷引用secret资源
cat 03-secret-volumes.yaml
apiVersion: v1
kind: Pod
metadata:
name: volume-secret-004
spec:
nodeName: k8s232.oldboyedu.com
volumes:
- name: data
## 指定存储据的类型为secret
secret:
##指定secret的名称
secretName: es-https
##引用secret的key
items:
##指定secret名称
- key: dataname
## 可以暂时理解为指定文件的名称
path: dataname.info
- key: password
path: password
containers:
- name: nginx
image: harbor.oldboyedu.com/web/nginx:1.20.1-alpine
command:
- "tail"
- "-f"
- "/etc/hosts"
volumeMounts:
- name: data
mountPath: /oldboyedu-data
# subPath: oldboylinux-student.info
