一个pod是一组紧密相关的容器,它们总是一起运行在同一个节点上,以及同一个LInux命名空间中。
每个pod拥有自己的ip,包含若干个容器。pod分布在不同的节点上。
为什么需要pod,而不是直接使用容器:
因为容器被设计为只运行一个进程,由于不能够将多个进程聚集在一个单独的容器中,就需要另一种结构将容器绑定在一起,并将它们作为一个单元管理,这就是pod的根本原理。
在同一个pod中,多个容器有些资源是共享的,有些是隔离的。
同一个pod中的所有容器都运行在相同的network、UTS、IPC空间下。所以它们共享网络接口、主机名,可以通过IPC互相通信。
同一个pod中的所有容器的文件系统是隔离的。
它们是否是一个整体?
它们是否需要在一起运行?
它们是否要一起扩缩容?
运行podpod和其他Kubernetes资源通常都是通过向Kubernetes REST API提供JSON或者YAML文件来创建的。
我们使用nginx镜像创建一个pod。
这里只给出了一个简单的描述文件,大部分字段没有给出。
kubectl explainkubectl explain相当于一个文档,可以查看每个API对象支持哪些字段。
-> [root@kube0.vm] [~] k explain pod KIND: Pod VERSION: v1 DESCRIPTION: Pod is a collection of containers that can run on a host. This resource is created by clients and scheduled onto hosts. FIELDS: apiVersion <string> APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources kind <string> Kind is a string value representing the REST resource this object ................. kubectl create使用kubectl create创建pod
-> [root@kube0.vm] [~] k create -f nginx.yaml pod/nginx created kubectl get使用kubectl get查看,指定-o wide查看更多字段
-> [root@kube0.vm] [~] k get pods NAME READY STATUS RESTARTS AGE nginx 1/1 Running 0 11s -> [root@kube0.vm] [~] k get -o wide pods NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx 1/1 Running 0 22s 10.244.2.6 kube2.vm <none> <none> 完整定义使用kubectl get -o yaml或者kubectl get -o json查看pod的完整定义。这个定义包含以下三大部分:
metadata:包括名称、命名空间、标签和关于该pod的其他信息
spec:包含pod内容的实际说明,如容器、卷等
status:包含运行中pod的当前信息,如pod IP、宿主机IP、每个容器的描述和状态
-> [root@kube0.vm] [~] k get -o yaml pod/nginx apiVersion: v1 kind: Pod metadata: creationTimestamp: "2020-05-20T00:32:43Z" name: nginx namespace: default resourceVersion: "109529" selfLink: /api/v1/namespaces/default/pods/nginx uid: a2b83142-9f17-4cfe-a9ac-04f57de82053 spec: containers: - image: nginx imagePullPolicy: Always name: nginx ports: - containerPort: 80 protocol: TCP resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: default-token-vlqvz readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true nodeName: kube2.vm priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: {} serviceAccount: default serviceAccountName: default terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: default-token-vlqvz secret: defaultMode: 420 secretName: default-token-vlqvz status: conditions: - lastProbeTime: null lastTransitionTime: "2020-05-20T02:46:50Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2020-05-20T02:46:57Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2020-05-20T02:46:57Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2020-05-20T00:32:43Z" status: "True" type: PodScheduled containerStatuses: - containerID: docker://b63c67379def88a5253e8da543655552185f14e6eb962926d65ec74c5a7ab6f7 image: nginx:latest imageID: docker-pullable://nginx@sha256:30dfa439718a17baafefadf16c5e7c9d0a1cde97b4fd84f63b69e13513be7097 lastState: {} name: nginx ready: true restartCount: 0 started: true state: running: startedAt: "2020-05-20T02:46:57Z" hostIP: 192.168.199.212 phase: Running podIP: 10.244.2.6 podIPs: - ip: 10.244.2.6 qosClass: BestEffort startTime: "2020-05-20T02:46:50Z" kubectl logs