笔记摘自视频章节:第三章-p14
主题
测试k8s期望控制和保活功能
操作
case1: pod保活
删除pod,查看新pod是否起来
- 删除pod
- 查看pod是否会被拉起
root@jjh-k8s-demo-master:~# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-85b98978db-mlrnt 1/1 Running 0 2d20h
root@jjh-k8s-demo-master:~# kubectl delete pod nginx-85b98978db-mlrnt
pod "nginx-85b98978db-mlrnt" deleted
root@jjh-k8s-demo-master:~# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-85b98978db-jjktm 1/1 Running 0 11s
确认pod重新拉起,age 11s
case2: 修改期望数
修改scale,查看pod数目变化情况
root@jjh-k8s-demo-master:/# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 1/1 1 1 2d20h
root@jjh-k8s-demo-master:/# kubectl scale --replicas=3 deployment/nginx
deployment.apps/nginx scaled
root@jjh-k8s-demo-master:/# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-85b98978db-gxkwd 1/1 Running 0 13s
nginx-85b98978db-jjktm 1/1 Running 0 8m45s
nginx-85b98978db-v8srb 1/1 Running 0 13s
root@jjh-k8s-demo-master:/# kubectl get deployment -o wide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
nginx 3/3 3 3 2d20h nginx nginx app=nginx
pod数量变成3,符合预期
暴露端口+pod负载均衡
方式1: CLUSER-IP
- expose 成新的服务
- 访问测试
- 开启Ipvs转发后,成功通过ipvs进行访问
查看所有命名空间 kubectl get svc --all-namespaces
root@jjh-k8s-demo-master:~# kubectl expose deployment nginx --port=30000 --target-port=80
service/nginx exposed
root@jjh-k8s-demo-master:~# kubectl describe svc nginx
Name: nginx
Namespace: default
Labels: app=nginx
Annotations: <none>
Selector: app=nginx
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.1.141.116
IPs: 10.1.141.116
Port: <unset> 30000/TCP
TargetPort: 80/TCP
Endpoints: 10.244.1.4:80,10.244.1.5:80,10.244.1.6:80
Session Affinity: None
Events: <none>
root@jjh-k8s-demo-master:~# kubectl get svc -n default -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 10m <none>
nginx ClusterIP 10.1.141.116 <none> 30000/TCP 10m app=nginx
这时候无法访问通,无法访问通的原因是ipvs没开启
修改master节点的ipvs配置,开启kube-proxy后,即可完成master节点对集群IP的访问
- ipvs: linux内核中的集群虚拟网络管理工具
- 其他相关概念:lvs
成功开ipvs后,就可以进行集群IP+port方式的访问
是否开启成功可以通过ipvsadm -Ln看
例如我的case中,有如下规则
TCP 10.1.141.116:30000 rr
-> 10.244.1.4:80 Masq 1 0 0
-> 10.244.1.5:80 Masq 1 0 0
-> 10.244.1.6:80 Masq 1 0 0
上述规则讲访问到clusterip+port的流量,通过Ipvs 轮训分配到对应pod中
root@jjh-k8s-demo-master:~# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-85b98978db-fgpzd 1/1 Running 0 3h47m 10.244.1.6 jjh-k8s-demo-node1 <none> <none>
nginx-85b98978db-gxkwd 1/1 Running 0 3h49m 10.244.1.4 jjh-k8s-demo-node1 <none> <none>
nginx-85b98978db-v8srb 1/1 Running 0 3h49m 10.244.1.5 jjh-k8s-demo-node1 <none> <none>
方式2: NodePort方式
删除掉刚刚的服务,重新expose
kubectl delete svc nginx
kubectl expose deployment nginx --port=80 --type=NodePort
这里还可以用另一种方式,直接修改配置,也是一样的:kubectl edit svc nginx
修改其中的 type, 修改至NodePort
root@jjh-k8s-demo-master:~# kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 56m <none>
nginx NodePort 10.1.176.1 <none> 80:32025/TCP 9m3s app=nginx
root@jjh-k8s-demo-master:~# netstat -anpt |grep 32025
tcp 1 0 0.0.0.0:32025 0.0.0.0:* LISTEN 1439834/kube-proxy
tcp 81 0 10.1.176.1:32025 172.16.13.128:38645 CLOSE_WAIT -
root@jjh-k8s-demo-master:~# curl 10.1.176.1:32025
^C
root@jjh-k8s-demo-master:~# curl 10.1.176.1:80
打印如下:
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
