k8s总结(共享存储nfs 亲和性等)

一、设置环境

设置节点污点与标签

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# 设置污点
kubectl taint nodes k8s1 tag=heima:NoExecute
# 去除污点
kubectl taint nodes k8s1 tag:NoExecute-
# 例子
kubectl taint nodes gegewu node-role.kubernetes.io/control-plane:NoSchedule-
# 查看污点设置是否成功
kubectl describe nodes |grep Taints
# Taints:             tag=heima:NoExecute
# Taints:             <none>
# 设置节点标签
kubectl label nodes k8s1 nodeenv=pro
kubectl get nodes --show-labels# 设置污点
kubectl taint nodes k8s1 tag=heima:NoExecute
# 去除污点
kubectl taint nodes k8s1 tag:NoExecute-
# 例子
kubectl taint nodes gegewu node-role.kubernetes.io/control-plane:NoSchedule-
# 查看污点设置是否成功
kubectl describe nodes |grep Taints
# Taints:             tag=heima:NoExecute
# Taints:             <none>
# 设置节点标签
kubectl label nodes k8s1 nodeenv=pro
kubectl get nodes --show-labels

二、配置yaml文件

以yaml配置方式总结 创建一个可以外部访问的nginx(zj.yaml):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
apiVersion: apps/v1  # 版本
kind: Deployment     # 类型
metadata:            # 源数据
  name: deploy-nginx # 当前deployment所属的名字
  namespace: dev     # 及ns
  labels:            # 当前deploy的标签
    version: "label-test" 
spec:
  replicas: 3        # 定义副本数
  selector:          # 标签选择器 选择标签进行操作
    matchLabels:     # 选择nginx标签
      version: label-test
  template:                   # 以下为pod 模板
    metadata:
      labels:                 # 标签
        version: label-test   # 定义标签为label-test
  
    spec:
      # 镜像信息等   
      containers:
      - image: registry.cn-hangzhou.aliyuncs.com/zznn/mycentos:nginx-latest
        imagePullPolicy: IfNotPresent # 用于设置镜像拉取策略
        name: nginx-test
        # cmd变量与端口
        ports:       
        - containerPort: 80
          protocol: TCP  
          command: ["/bin/sh","-c","while true;do /bin/echo $(date +%T);sleep 60; done;"]
          env:                     # 设置环境变量列表
          - name: "username"
            value: "admin"
          - name: "password"
            value: "123456"   
        # 资源配额
        resources:              
          limits:    # 限制资源(上限)
            cpu: "2" # CPU限制,单位是core数
            memory: "10Gi" # 内存限制
          requests:        # 请求资源(下限)
            cpu: "1"       # CPU限制,单位是core数
            memory: "10Mi" # 内存限制  
      
      # 勾子函数
      lifecycle:
        postStart: 
          exec: # 在容器启动的时候执行一个命令,修改掉nginx的默认首页内容
            command: ["/bin/sh", "-c", "echo postStart... > /usr/share/nginx/html/index.html"]
        preStop:
          exec: # 在容器停止之前停止nginx服务
            command: ["/usr/sbin/nginx","-s","quit"]
      tolerations:        # 添加容忍
      - key: "tag"        # 要容忍的污点的key
        operator: "Equal" # 操作符(等于操作符)
        value: "heima"        # 容忍的污点的value
        effect: "NoExecute"   # 添加容忍的规则,这里必须和标记的污点规则相同 
  
      # 亲和性设置  
      affinity:   
        nodeAffinity: # 设置node亲和性
          preferredDuringSchedulingIgnoredDuringExecution: # 软限制
          - weight: 1
            preference:
              matchExpressions: # 匹配env的值在["xxx","yyy"]中的标签(当前环境没有)
              - key: nodeenv
                operator: In
                values: ["pro","yyy"]

总结2加入共享存储挂载

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
apiVersion: apps/v1  # 版本
kind: Deployment     # 类型
metadata:            # 源数据
  name: deploy-nginx # 当前deployment所属的名字
  namespace: dev     # 及ns
  labels:            # 当前deploy的标签
    version: "label-test" 
spec:
  replicas: 3        # 定义副本数
  selector:          # 标签选择器 选择标签进行操作
    matchLabels:     # 选择nginx标签
      version: label-test
  template:                   # 以下为pod 模板
    metadata:
      labels:                 # 标签
        version: label-test   # 定义标签为label-test
    
    spec:
      # 镜像信息等   
      containers:
      - image: registry.cn-hangzhou.aliyuncs.com/zznn/mycentos:nginx-latest
        imagePullPolicy: IfNotPresent # 用于设置镜像拉取策略
        name: nginx-test
        # cmd变量与端口
        ports:         
        - containerPort: 80
          protocol: TCP 
        # 环境变量
        env:                 
          - name: "username"
            value: "admin"
          - name: "password"
            value: "123456"   
        # 容器命令
        command: ["/bin/sh","-c","while true;do /bin/echo $(date +%T);sleep 60; done;"]
        # 挂载卷
        volumeMounts:
        - name: logs-volume
          mountPath: /var/log/nginx
        # 资源配额
        resources:                
          limits:    # 限制资源(上限)
            cpu: "2" # CPU限制,单位是core数
            memory: "10Gi" # 内存限制
          requests:        # 请求资源(下限)
            cpu: "1"       # CPU限制,单位是core数
            memory: "10Mi" # 内存限制  
        # 勾子函数
        lifecycle:
          postStart: 
            exec: # 在容器启动的时候执行一个命令,修改掉nginx的默认首页内容
              command: ["/bin/sh", "-c", "echo postStart... > /usr/share/nginx/html/index.html"]
          preStop:
            exec: # 在容器停止之前停止nginx服务
              command: ["/usr/sbin/nginx","-s","quit"]

      # 定义 volume
      volumes:
      - name: logs-volume
        nfs:
          server: 58.49.144.8  # nfs服务器地址 (宿主机地址)
          path: /srv/nfs4      # 共享文件路径      

      # 容忍污点
      tolerations:   
      - key: "tag"    
        operator: "Equal" 
        value: "heima"    
        effect: "NoExecute"   
    
      # 亲和性设置  
      affinity:   
        nodeAffinity: # 设置node亲和性
          preferredDuringSchedulingIgnoredDuringExecution: # 软限制
          - weight: 1
            preference:
              matchExpressions: # 匹配env的值在["xxx","yyy"]中的标签(当前环境没有)
              - key: nodeenv
                operator: In
                values: ["pro","yyy"]

验证nfs挂载是否成功

1
2
3
4
5
6
7
8
9
10
11
# 进入容器
kubectl exec -it deploy-nginx-7d9b78b676-dvbxh -n dev -- /bin/sh
# 进入容器挂载目录
cd /var/log/nginx
ls
# 1.txt  access.log  error.log  successful# 进入容器
kubectl exec -it deploy-nginx-7d9b78b676-dvbxh -n dev -- /bin/sh
# 进入容器挂载目录
cd /var/log/nginx
ls
# 1.txt  access.log  error.log  successful

对外暴露端口

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
apiVersion: v1
kind: Service
metadata:
  name: svc-nginx    # svc名称
  namespace: dev     # ns名称
	labels:
    version: label-test     # 标签
spec:
  clusterIP: 10.109.179.231 # 固定svc的内网ip kubectl get svc -n dev 可查看
  ports:                    # 端口配置需要与上方一致  
  - port: 80                # 宿主机端口
    protocol: TCP
    targetPort: 80          # 容器端口  
  selector:                 # 选择对标签label-test操作
    version: label-test 
  type: NodePort            # 类型NodePort

效果

kubectl get pod -n dev –show-labels

# 只筛选出标签是version=2.0的pod

kubectl get pods -l “version=2.0” -n dev –show-labels

# 只筛选出标签是version=2.0的pod

kubectl get pods -l “version=2.0” -n dev –show-labels