namespace资源名称空间
删除namespace资源会级联删除其所包含的所有其它资源对象
名称空间仅仅只是用来限制资源名称的作用域 并不能实现Pod的通信隔离在名称空间下操作service 实现service资源隔离 [root@k8s-master ~]# kubectl create service nodeport my-ns --tcp=5678:8080 -n qaservice/my-ns created[root@k8s-master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1443/TCP 231dmyapp NodePort 10.100.165.177 80:32185/TCP 21h[root@k8s-master ~]# kubectl get svc -n defaultNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 443/TCP 231dmyapp NodePort 10.100.165.177 80:32185/TCP 21h[root@k8s-master ~]# kubectl get svc -n qaNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEmy-ns NodePort 10.102.116.9 5678:30170/TCP 24s[root@k8s-master ~]# kubectl delete svc my-nsError from server (NotFound): services "my-ns" not found[root@k8s-master ~]# kubectl delete svc my-ns -n qaservice "my-ns" deleted[root@k8s-master ~]# kubectl delete all --all -n qaservice "my-ns" deleted
[root@k8s-master ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1443/TCP 230dmyapp NodePort 10.100.165.177 80:32185/TCP 5m[root@k8s-master ~]# kubectl run client --image=busybox --restart=Never -it /bin/shIf you don't see a command prompt, try pressing enter./ # wget -O -q http://myapp.default:80Connecting to myapp.default:80 (10.100.165.177:80)-q 100% |*****************************************| 65 0:00:00 ETA/ # wget -O - -q http://myapp.default:80Hello MyApp | Version: v1 | Pod Name/ # wget -O - -q http://myapp.default:80Hello MyApp | Version: v1 | Pod Name[root@k8s-master ~]# wget -O - -q http://myappd.default:80/hostname.html[root@k8s-master ~]# kubectl get podsNAME READY STATUS RESTARTS AGEclient 1/1 Running 0 46mmyapp-6865459dff-c59qp 1/1 Running 0 1hmyapp-6865459dff-zd6wg 1/1 Running 0 10m[root@k8s-master ~]# kubectl exec -it client /bin/sh/ # wget -O - -q http://myapp.default:80/hostname.htmlmyapp-6865459dff-zd6wgpod和pods deployment和deployments都可以[root@k8s-master ~]# kubectl get deploymentNAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGEmyapp 2 2 2 2 1h[root@k8s-master ~]# kubectl get deploymentsNAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGEmyapp 2 2 2 kubectl打补丁包[root@k8s-master ~]# kubectl patch deployment myapp-deploy -p '{"spec":{"strategy":{"rollingUpdate":{"maxSurge":1,"maxUnavailable":0}}}}'deployment.extensions/myapp-deploy patched[root@k8s-master ~]# kubectl set image deployment myapp-deploy myapp=ikubernetes:v3 && kubectl rollout pause deployment myapp-deploydeployment.extensions/myapp-deploy image updateddeployment.extensions/myapp-deploy paused
pod介绍
pod的种类
1.自主式pod
自主式pod在非正常结束的情况下无法自动重新启动一个新的Pod2.受控Pod
由控制器管理启动的Pod在异常退出的时候 控制器会自动创建新Pod1.pod存活性探测
存活性探测一旦检测到异常就会不断的重启容器 直到服务恢复正常 2.pod就绪性探测 探测失败后不会杀死或者重启容器 而是通知其尚未就绪 并触发依赖于其就绪状态的操作如从Service中移除此pod对象 就绪性探测和service把用户请求调度到pod上有着重要的关系3.httpGet livenessProbe: httpGet: path: /healthz port: 80 scheme: HTTP 4.execAction livenessProbe: exec: command: ["test","-e","/tmp/healthy"] 5.TcpSocket livenessProbe: tcpSocket: port: 80 6.pod生命周期钩子函数 lifecycle: postStart: exec: command: ["/bin/sh","-c","echo 'lifecycle hooks handler ' > /usr/share/nginx/html/test.html"]
pod控制器
自主式pod由对应节点上的kubelet负责监控其容器的存活性 容器主进程崩溃后 kubelet能够自动重启相应的容器
kubelet对非主进程崩溃类的容器错误却是无法感知的 比如index.html不存在 这种异常检测依赖于pod自定义的存活性检测
pod对象遭意外删除或者pod所在的节点发生故障 节点故障后kubelet服务 也会异常导致节点上的pod运行将无法得到保证
这种情况需要用到Pod控制器来保证所有pod来正常运行 pod的存活性和就绪性探测只能保证pod所在节点上pod正常运行
pod控制器保证可以是跨集群节点上pod正常运行
资源注解 Annotations
资源注解和资源标签类似 不过注解不能用于标签和挑选K8S资源对象 仅可以用于资源提供元数据信息.元数据不受字符数量的限制