Pod--k8s最基础的资源
我们想要的是单个容器只运行一个进程
然而有时我们需要多个进程协同工作,所以我们需要另外一种更加高级的结构将容器组合在一起---pod
Pod
我们来看一个最基本的pod
这个pod的image是我根据centos:7的镜像构建的,很简单,镜像的Dockerfile如下:
FROM 192.168.80.84:5000/centos:7 entrypoint ["sleep"] cmd ["999"] # 一个容器必须要有一个守护进程才能够运行起来 # 换言之,把Dockerfile中的sleep命令去掉,单纯的一个centos是无法运行的我们将这个镜像作为pod的image运行起来:
kubectl run my-cmd --image=192.168.80.84:5000/centos_cmd:v1
使用-o yaml来看一下对应的yaml文件:
[root@k8s-master01 centos]# kubectl get pod my-cmd -o yaml apiVersion: v1 # 指定apiVersion版本 kind: Pod # 对应的资源类型,这里为pod metadata: # 实例的元数据 creationTimestamp: "2021-01-13T02:36:02Z" labels: # 自动给实例打的标签 run: my-cmd managedFields: # 为了方便内部管理的一组字段 - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:labels: .: {} f:run: {} f:spec: f:containers: k:{"name":"my-cmd"}: .: {} f:image: {} f:imagePullPolicy: {} f:name: {} f:resources: {} f:terminationMessagePath: {} f:terminationMessagePolicy: {} f:dnsPolicy: {} f:enableServiceLinks: {} f:restartPolicy: {} f:schedulerName: {} f:securityContext: {} f:terminationGracePeriodSeconds: {} manager: kubectl-run # 写明该pod的启动方式 operation: Update time: "2021-01-13T02:36:02Z" - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:status: f:conditions: k:{"type":"ContainersReady"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Initialized"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} k:{"type":"Ready"}: .: {} f:lastProbeTime: {} f:lastTransitionTime: {} f:status: {} f:type: {} f:containerStatuses: {} f:hostIP: {} f:phase: {} f:podIP: {} f:podIPs: .: {} k:{"ip":"10.40.0.4"}: .: {} f:ip: {} f:startTime: {} manager: kubelet operation: Update time: "2021-01-13T02:36:11Z" name: my-cmd # pod名 namespace: default # pod所处的命名空间 resourceVersion: "418695" # pod的版本数字,用于乐观并发控制的,详细信息请见之后的k8s核心原理 uid: 12e3b858-f79f-4378-8ea0-1103ea120c34 # pod实例的uid spec: # pod的实际说明 containers: # 定义pod中的容器,这里只有一个 - image: 192.168.80.84:5000/centos_cmd:v1 # 镜像地址 imagePullPolicy: IfNotPresent # 镜像的pull规则,指的是是否在创建pod的时候要pull镜像,IdNotPresent表示本地不存在时才会去仓库pull name: my-cmd # 容器名,即镜像转化为容器后的名字 resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: # 挂载卷 - mountPath: /var/run/secrets/kubernetes.io/serviceaccount # 挂载路径 name: default-token-s9dfj # 卷名,这里挂载的其实是每个pod都会挂载的secret卷,用来进行身份验证的 readOnly: true # 只读 dnsPolicy: ClusterFirst enableServiceLinks: true nodeName: k8s-node02 # 分配到的节点,由调度器指定 preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always # 指定当pod重启时,该容器是否还会启动,其实也就是制定该容器随Pod的启动而启动 schedulerName: default-scheduler # 指定调度器,k8s中可以运行多个调度器实例,如果未指定则是默认调度器 securityContext: {} serviceAccount: default # 服务帐号 serviceAccountName: default terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: # 卷 - name: default-token-s9dfj secret: defaultMode: 420 secretName: default-token-s9dfj status: # pod运行时的状态 conditions: - lastProbeTime: null lastTransitionTime: "2021-01-13T02:36:02Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2021-01-13T02:36:10Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2021-01-13T02:36:10Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2021-01-13T02:36:02Z" status: "True" type: PodScheduled containerStatuses: - containerID: docker://965a9b86cc334705d3fbaac15d28ef6b0a20de8f00915c1ffdf4c025b1c29206 image: 192.168.80.84:5000/centos_cmd:v1 imageID: docker-pullable://192.168.80.84:5000/centos_cmd@sha256:948479967390e7a98979d4b98beec6dfa3fc92c6ce832ece882e8b1843e0779f lastState: {} name: my-cmd ready: true restartCount: 0 started: true state: running: startedAt: "2021-01-13T02:36:09Z" hostIP: 192.168.80.83 phase: Running podIP: 10.40.0.4 podIPs: - ip: 10.40.0.4 qosClass: BestEffort startTime: "2021-01-13T02:36:02Z"可以发现其中的东西有些多,然而我们使用yaml文件创建pod时并不需要编写这么多的东西,因为API server会帮我们添加其余的默认值