K8s-sidecar模式

• 边车模式sidecar是在不改变原有container功能的情况下，在同一个pod下增加其他container来增加对应的功能，因为在同一个Pod下的容是共享一个namespace空间的，所以对应的网络、存储等资源也是同一个空间下的，这就可以很方便的进行两个containers之间交互

  • 一个文件系统-这意味着你可以使用共享卷在同一个pod中的两个或多个容器之间共享文件。共享卷是简单的共享文件夹

  • 网络-同一Pod中的容器之间的通信可以通过回环接口 - localhost进行

简单功能演示

• 以nginx为例，演示sidecar注入

  yaml文件如下：boc_sidecar.yaml

  apiVersion: v1
  kind: Pod
  metadata:
    name: boc-sidecar-demo
  spec:
    containers:
    - image: abcsys.cn:5000/public/busybox:1.2
      command: ["/bin/sh"]
      args: ["-c", "while true; do echo echo $(date -u) 'Hi I am from Sidecar container' >> /var/log/index.html; sleep 5;done"]
      name: sidecar-container
      resources: {}
      volumeMounts:
      - name: var-logs
        mountPath: /var/log
    - image: abcsys.cn:5000/public/nginx
      name: sidecar-demo
      resources: {}
      ports:
        - containerPort: 80
      volumeMounts:
      - name: var-logs
        mountPath: /usr/share/nginx/html
    dnsPolicy: Default
    volumes:
    - name: var-logs
      emptyDir: {}
  

  //创建pod
  kubectl create -f boc_sidecar.yaml 
  //查看pod
  kubectl get po -owide |grep side
  //进入容器
  kubectl exec -it boc-sidecar-demo -c sidecar-demo  -- /bin/bash
  curl localhost
  

  

• 查看两个容器的ip

  kubectl exec -it boc-sidecar-demo -c sidecar-container  -- ifconfig 
  

  

复杂功能演示

• 多副本的deployment，并且以NodePort的模式发布

• 两个sidecar容器

  apiVersion: apps/v1
  kind: Deployment
  metadata:
    creationTimestamp: null
    labels:
      app: boc-sidecar
    name: boc-sidecar
  spec:
    replicas: 3
    selector:
      matchLabels:
        app: boc-sidecar
    strategy: {}
    template:
      metadata:
        creationTimestamp: null
        labels:
          app: boc-sidecar
      spec:
        containers:
        - image: abcsys.cn:5000/public/busybox:1.2
          command: ["/bin/sh"]
          args: ["-c", "while true; do echo echo $(date -u) 'Hi I am from Sidecar container 1' >> /var/log/index.html; sleep 5;done"]
          name: sidecar-container1
          resources: {}
          volumeMounts:
            - name: var-logs
              mountPath: /var/log
        - image: abcsys.cn:5000/public/busybox:1.2
          command: ["/bin/sh"]
          args: ["-c", "while true; do echo echo $(date -u) 'Hi I am from Sidecar container 2' >> /var/log/index.html; sleep 5;done"]
          name: sidecar-container2
          resources: {}
          volumeMounts:
            - name: var-logs
              mountPath: /var/log
        - image: abcsys.cn:5000/public/nginx
          name: main-container
          resources: {}
          ports:
            - containerPort: 80
          volumeMounts:
            - name: var-logs
              mountPath: /usr/share/nginx/html
        dnsPolicy: Default
        volumes:
        - name: var-logs
          emptyDir: {}
  status: {}
  ---
  apiVersion: v1
  kind: Service
  metadata:
    name: boc-sidecar
    labels:
      run: boc-sidecar
  spec:
    ports:
    - port: 80
      protocol: TCP
    selector:
      app: boc-sidecar
    type: NodePort