K8S 深入 Pod-Pod 相关的点点滴滴
设计思想
- Pod是最小调度单位
- 本质还是容器的隔离 (共享同一个namespace,共享同一个Volume)
docker run --net=xxx --volumes-from=xxx... 对容器的启动顺序是有要求的 - pause容器
一个很重要的容器命令:lifecycle
kubectl create -f pod-volume.yaml
kubectl delete -f pod-volume.yaml
Pod生命周期
Pod的几种状态
- Pendding
- containerCreating
- Running
- Succeeded
- Failed
- Ready
- CrashLoopBackOff
- Unknown
ProjectedVolume
- Secret
[hemei@master ~]$ kubectl get secret NAME TYPE DATA AGE default-token-9dmxv kubernetes.io/service-account-token 3 266d hub-secret kubernetes.io/dockerconfigjson 1 185d nfs-subdir-external-provisioner-token-w25n5 kubernetes.io/service-account-token 3 176d sh.helm.release.v1.nfs-subdir-external-provisioner.v1 helm.sh/release.v1 1 176d
查看secret:
```yaml
[hemei@master ~]$ kubectl get secret default-token-9dmxv -o yaml
apiVersion: v1
data:
ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM1ekNDQWMrZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeE1Ea3dNekExTXpneU5Wb1hEVE14TURrd01UQTFNemd5TlZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTM3CmRVRE1ob1Vvc1BiL0t3NDBVUGNpNXozMElndnhvVjE4aGJONlRrUFdxYmJoUjdjMVRxZ2hMTy9PWEttMzFsaEIKZllzNWh6VTJrS3B3VXh0Wk1DZksyNWVXeXFIaEkvcmdpOS9PeDdrcElLcTRXUFdvZmJXelU1dUc1anIzY09xawo3dlNwaSs5S2h4TU5XeEN0Tldmb2NOSnVaU1ZMTHhuRUY4Ky9DRjh1Z2Q4ZlI4c0lBUzdGV2drdGhWa2NtVzFBCjZIcU5mR3ExS3ZJZmpVYlg3WEY1RDVnaVVuQ1Zqb2g2b1RnV0lxT1BjSjI3TjBSOEpNOGNmZWNsZ2NUM0hvT0QKb1NPaG9CMFBaMzZldlFKb2VZZlZmeUZUcE1PMHQrUGNHRkl3bzNDQ2lVQ0xvSEdmRStoMWl6dlgrU2JlK1grTApDZENuRFB0eDErVDhWMGF4VVo4Q0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZHeTJnSzBVd2Y1U0ZYSXdKbEdsN2JoMVI1T0hNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFDMm56bnEvcWNzYmUyczJnMThaTDdBb3dEUjVtM21IQ09oejJIYW5ZM2V6OU01RGZlOApGVHU0RG93d25lQWcrNFhNWStqZDhHYXhiNVh1MXBlTEhBUmx4OVE2U0plTnZMTEVnbkZRWk5iTUZLaW9Wa1F6CnNWelJNODVKcFF3TlN1Y1F4OWcya1QwTGYzS01Qa3Y4elc0NVdoRlJTK2FTSzhsb1pqb1U1R1BaR3dVdUtWV1MKdlh5TnA2d0hEUkJ6dzhRS2FIdzdLdWlZQjN2VVFjQnpWZEpYVThOcWQ1SGNzQXpSUW9RYTl4SktsV0VPSThMZQpuS3hpU3VJSm5WcXdPMTQvdk90Z0xxcFh2QnFSNFlLYmdWSHMrbG1rOG9Ea1BxUFRFS1hUQk5obUtqUFFyK1Q1CnovMkV2SFF0aWlhV2R5VkV2SzQrZXB2dzl0MVRHc3czUXZhVgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
namespace: ZGVmYXVsdA==
token: ZXlKaGJHY2lPaUpTVXpJMU5pSXNJbXRwWkNJNkluTkxOazlXV1doSFUzVXlZVWhwYlV4cldrUmhYMk5UWVcxNk9YbFJZMVpvUm1seVZsZG9iWFZoWjNjaWZRLmV5SnBjM01pT2lKcmRXSmxjbTVsZEdWekwzTmxjblpwWTJWaFkyTnZkVzUwSWl3aWEzVmlaWEp1WlhSbGN5NXBieTl6WlhKMmFXTmxZV05qYjNWdWRDOXVZVzFsYzNCaFkyVWlPaUprWldaaGRXeDBJaXdpYTNWaVpYSnVaWFJsY3k1cGJ5OXpaWEoyYVdObFlXTmpiM1Z1ZEM5elpXTnlaWFF1Ym1GdFpTSTZJbVJsWm1GMWJIUXRkRzlyWlc0dE9XUnRlSFlpTENKcmRXSmxjbTVsZEdWekxtbHZMM05sY25acFkyVmhZMk52ZFc1MEwzTmxjblpwWTJVdFlXTmpiM1Z1ZEM1dVlXMWxJam9pWkdWbVlYVnNkQ0lzSW10MVltVnlibVYwWlhNdWFXOHZjMlZ5ZG1salpXRmpZMjkxYm5RdmMyVnlkbWxqWlMxaFkyTnZkVzUwTG5WcFpDSTZJbVpsTm1ZeFlqY3pMVEV5TWpndE5HRTNaQzA1TVRjekxUZzBNMlUyWWpFNU5HTXdNaUlzSW5OMVlpSTZJbk41YzNSbGJUcHpaWEoyYVdObFlXTmpiM1Z1ZERwa1pXWmhkV3gwT21SbFptRjFiSFFpZlEuZ2dqQ3ZpMUJZN0dWYUJhWmlxYjJVNF9JejJ4ZkdON25aWmNJSTlVSzZJTlhtZ2VlblB4NGZJNGxVeFF1cDNGeEdhZ0pYN1I5ejhhWklpakZnZFNJZmRPeE96czNsRFBaZ3N2dVphM29JRXVFaV9lclJkZVB2Nkpvc2RYWkVjS1hMWHBjTzZKYjBNVGhqMS11VmZnSDRFNWdjZWZRT1czTEVLbGEtWlpmYnVpMVh4LUxEUWhzQTlvRkRzVVl6Z0FFM3BGbGUyVjVuNFNMaWRvVGI0WGNEUWhla3pBdEJWM3lYcXl1dEJJTXBiUktSUlMzWm11VmcwTXRkVWdMeVpBenh4VndaaVBhLWFvYlZ1UTM0M1dRcnZDMHlHanZsNVh0djJjZVBjTmdQMlFuYlUzcGFaUUlIUllhLWhsMzltN0wyNnlsWW04bWhoeDVYZGNvbDdCZ21B
kind: Secret
metadata:
annotations:
kubernetes.io/service-account.name: default
kubernetes.io/service-account.uid: fe6f1b73-1228-4a7d-9173-843e6b194c02
creationTimestamp: "2021-09-03T05:40:21Z"
name: default-token-9dmxv
namespace: default
resourceVersion: "380"
uid: abe66806-f73b-4dad-bf60-8781210787d9
type: kubernetes.io/service-account-token
[hemei@master ~]$ 
- ConfigMap
存储一些非加密的文件的键值对game.properties文件
[hemei@master test]$ cat game.properties
enemies=aliens
lives=3
enemies.cheat=true
secret.code.passphrase=UUDDLLLLSIODSD
secret.code.allowed=true
secret.code.lives=30
[hemei@master test]$ 将属性文件保存在 configMap
[hemei@master test]$ kubectl create configmap web-game --from-file game.properties
configmap/web-game createdconfigMap 可以简写为 cm
查看配置文件:
[hemei@master test]$ kubectl get cm web-game -o yaml
apiVersion: v1
data:
game.properties: |
enemies=aliens
lives=3
enemies.cheat=true
secret.code.passphrase=UUDDLLLLSIODSD
secret.code.allowed=true
secret.code.lives=30
kind: ConfigMap
metadata:
creationTimestamp: "2022-05-28T01:37:49Z"
name: web-game
namespace: default
resourceVersion: "71024378"
uid: e4ead394-c03e-49a7-ad96-2419517bacea
[hemei@master test]$ 使用:
第二种创建方式:
[hemei@master test]$ vi configmap-test.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: configs
data:
JAVA_OPTS: -Xms1024m
LOG_LEVEL: DEBUG创建:
[hemei@master test]$ kubectl create -f configmap-test.yaml
configmap/configs created
[hemei@master test]$ 使用:
综上,可以通过configMap 来设置 容器内部的环境变量。
- downwardapi
为者常成,行者常至
自由转载-非商用-非衍生-保持署名(创意共享3.0许可证)
