第8章 了解kubernets机理
作者:互联网
控制组件状态(etcd--api---[scheduler,controller-manager])
kubectl get componentstatus
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true"}
工作组件(api--[kube-proxy,kubelet]---docker)
各组件以POD运行
kubectl get pod -o custom-columns=POD:metadata.name,NODE:spec.nodeName --sort-by spec.nodeName -n kube-system
POD NODE
coredns-6967fb4995-c9jlr minikube
coredns-6967fb4995-f2zzv minikube
etcd-minikube minikube
kube-addon-manager-minikube minikube
kube-apiserver-minikube minikube
kube-controller-manager-minikube minikube
kube-proxy-f6ctq minikube
kube-scheduler-minikube minikube
kubernetes-dashboard-95564f4f-8zvs6 minikube
storage-provisioner minikube
资源元数据如何存储在etcd存储
etcdctl ls /registry
etcdctl ls /registry/pods
etcdctl ls /registry/pods/default (每个条目对应一个pod的键值对)
etcdctl get /regis七ry --prefix = true
ecdct1 get /registry/pods/default/kubia-159041347-wtGga
etcd 实例数量应该是奇数RAFT一致性算法要求集群大部分(法定数量)节点参与才能进行到下 一 个状态
API服务器:认证--授权--验证--监听
客户端如kubectl通过http与API进行通信
调度器:为新建的pod分配节点
调度算法过滤所有节点选出最优,高级高度依赖大量因子
控制器管理器:通过种控制器将实际状态调整为期望状态
replication,replicaset,daemonset, job,deployment,statefulset,node,service,endpoints,namespace,persistentvalue
kubelet:在api服务器创建node资源注册该节点,分配pod并运行容器
kubelet-proxy:确保对服务IP端口的连接到达某个pod
kubectl----api服务器(deployments,replicasets,pods)---控制器管理器---调度器---kubelet----docker
Deployment控制器生成ReplicaSet---ReplicaSet控制器创建pod资源---调度器分配节点给新创建的pod
观察群集事件kubectl get events --watch
[root@mes2 ~]# kubectl run nginx --image=ningx
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
deployment.apps/nginx created
[root@mes2 ~]#kubectl get events --watch
0s Normal ScalingReplicaSet deployment/nginx Scaled up replica set nginx-879cf7b8c to 1
0s Normal SuccessfulCreate replicaset/nginx-879cf7b8c Created pod: nginx-879cf7b8c-fpfzn
0s Normal Scheduled pod/nginx-879cf7b8c-fpfzn Successfully assigned default/nginx-879cf7b8c-fpfzn to minikube
暂停容器收纳pod所有容器共享一个命名空间
跨pod网络需要无NAT
基础设施容器启动前创建一虚拟ethernet对(容器命名空间eth0,主机命名空间veth)
报文通过:A容器veth pair---网关---A节点适配器---B节点适配器---网关---B容器veth pir
容器网络接口(CNI)允许Kubemetes可配置使用任何CNI插件
当服务创建时api服务器通知kubelet-proxy会让该服务在该节点可寻址(重定向到指定pod)
应用高可用:1运行多实例,2领导选举机制确保一个有效
控制平面高可用:etcd集群;api服务器多实例;调度器领导选举
乐观并发保证多个实例写名字到资源仅一个成功即领导者
[root@mes2 ~]# kubectl get endpoints kube-scheduler -n kube-system -o yaml
apiVersion: v1
kind: Endpoints
metadata:
annotations:
control-plane.alpha.kubernetes.io/leader: '{"holderIdentity":"mes2_b6640f77-54bb-4d6b-ae5f-c662a6e2cd53","leaseDurationSeconds":15,"acquireTime":"2020-03-20T08:49:12Z","renewTime":"2020-04-10T08:25:18Z","leaderTransitions":3}'
creationTimestamp: "2019-08-23T09:37:46Z"
name: kube-scheduler
namespace: kube-system
resourceVersion: "24246334"
selfLink: /api/v1/namespaces/kube-system/endpoints/kube-scheduler
uid: 795716fa-6b62-4db0-a65d-0e7d6d01e1db
标签:kubectl,get,kubernets,nginx,了解,minikube,pod,kube,机理 来源: https://blog.51cto.com/551173/2486357