流程匯總
- 創建cluster
- 在cluster上創建一個deployment,然后再部署對應的APP(因為創建deployment時會指定image)
- 當創建了Deployment之后,系統會創建對應的pod,視為一組緊密耦合的APP的邏輯主機
- 將pod視為一個邏輯主機之后,就很清晰了,kubectl提供了一系列接口以和pod進行通信以及運行APP(這里需要注意Pod和Node的區別)
- pod因為只能運行在單個Node上,所以是很脆弱的,因此需要在此基礎上創建service;同時,service使得APP能夠expose到外部網絡)
Learn Kubernetes Basics -- Create a Cluster
Kubernetes automates the distribution and scheduling of application containers across a cluster in a more efficient way.
核心理念:使應用程序容器化,這樣可以使得程序和主機解耦,程序不需要綁定到特定主機,而是通過k8s在cluster上進行調度編排。
cluster的核心組件有兩個:
- Control Plane:對cluster進行協調;
- nodes:實際運行程序的worker;(A node is a VM or a physical computer that serves as a worker machine in a Kubernetes cluster)
每個node都需要有一個kubelet,kubelet是node的代理,用來管理node,以及和Control Plane進行通信。
To get started with Kubernetes development, you can use Minikube. Minikube is a lightweight Kubernetes implementation that creates a VM on your local machine and deploys a simple cluster containing only one node.
使用minikube流程:
$ minikube start # minikube啟動一個VM,并創建一個cluster
$ kubectl cluster-info # 查看當前cluster的info
$ kubectl get nodes # 查看當前cluster中的各個nodes
Learn Kubernetes Basics -- Deploy an APP
The Deployment instructs Kubernetes how to create and update instances of your application. (除此以外,Deployment為k8s提供了自愈機制,當部署了某個容器化應用的Node掛了之后,Deployment會對Node進行替換)
When you create a Deployment, you'll need to specify the container image for your application and the number of replicas that you want to run.(再創建Deployment的時候,需要指定APP的鏡像,以及需要運行多少個replicate)
A Pod is the basic execution unit of a Kubernetes application. Each Pod represents a part of a workload that is running on your cluster.
-
kubectl create deployment <名稱> --image=<鏡像名>:通過創建一個deployment來部署對應的應用 -
kubectl get deployments: 列出當前的所有deployment -
kubectl proxy: 創建一個代理,用于在客戶端host和cluster之間進行通信(因為Deployment以及APP是在cluster內部的,默認情況下cluster內部的東西和外部網絡是隔絕的,因此外部需要一個代理能夠將數據發到cluster內部,即和Pods進行通信)
Learn Kubernetes Basics -- Explore Your App
當創建了deployment之后,K8S會創建一個pod,作為各個緊密耦合的APP的邏輯主機。
A Pod is a Kubernetes abstraction that represents a group of one or more application containers (such as Docker), and some shared resources for those containers.(可以把pods視為一個邏輯主機,其可以包括多個容器)
The containers in a Pod share an IP Address and port space, are always co-located and co-scheduled, and run in a shared context on the same Node.(作為一個邏輯主機,pod擁有自己的IP和端口,主機內部的各個容器應用協同工作,緊密耦合)
前面已經說過,Nodes可以是物理機或者VM。而一個Node上面可以運行多個Pods。Pods是一個抽象的概念,用以聚類多個容器及共享資源;一個pod只能運行在一個Node上面。一個Node必須包含以下兩個要素:
-
kubectl get pods: 列出當前的pods; -
kubectl describe pods: 詳細描述每個pod中存在的container -
kubectl logs <Pod name> <Container name in this Pod>: 輸出Pod中某個容器的log -
kubectl exec <Pod name> <Container name in this Pod> <Command>: 在某個Pod中的容器內部執行某個命令 -
kubectl exec -it <Pod name> <Container name in this Pod> <Command>: 進入某個容器,交互式運行
Learn Kubernetes Basic -- Expose Your App Publicly
Kubernetes Pods are mortal. Pods in fact have a lifecycle. When a worker node dies, the Pods running on the Node are also lost. (即,Pod是容易down掉的,只要一個node無效了,在這個node上運行的所有pod都會down掉)
the front-end system should not care about backend replicas or even if a Pod is lost and recreated. That said, each Pod in a Kubernetes cluster has a unique IP address, even Pods on the same Node, so there needs to be a way of automatically reconciling changes among Pods so that your applications continue to function.(類似主從的數據同步,提高容錯性)
A Service in Kubernetes is an abstraction which defines a logical set of Pods and a policy by which to access them(即,將多個Pod抽象為一個service,從而使得這個service具備容錯性容災性,外部用戶無需關注service內部的多個Pod是怎么運行的,以及各自之間的主從關系;注意,同一個service下的各個pods是松耦合的)
The set of Pods targeted by a Service is usually determined by a LabelSelector(必須使用labelSelector去標記同一個service下的各個pods)
Although each Pod has a unique IP address, those IPs are not exposed outside the cluster without a Service. Services allow your applications to receive traffic. (只有在Pod之上構建一層service的時候,服務才能夠不局限于cluster)
Services can be exposed in different ways by specifying a type in the ServiceSpec.(將service暴露于外部網絡有幾種方式:ClusterIP:僅在集群內部暴露服務;NodePort:使用NAT技術,將service暴露在選定Node的相同端口上,外部網絡可以通過
NodeIP:NodePort訪問service;LoadBalancer; ExternalName)
A ReplicaSet's purpose is to maintain a stable set of replica Pods running at any given time(即,維護多個Pods的穩定運行,容災性)
Services match a set of Pods using labels and selectors, a grouping primitive that allows logical operation on objects in Kubernetes.(即,Service通過label和selector來匹配一組Pods)
-
kubectl expose <service名稱> <...>: 讓一個service 能夠expose到外部網絡;(例如:kubectl expose deployment/kubernetes-bootcamp --type="NodePort" --port 8080)
得到了一個新的service,kubernetes-bootcamp
-
kubectl describe <...>: 輸出詳細信息,<...>中可以是deployment, service, ...
查看service對應的外部端口
-
kubectl label pods $POD_NAME version=v1: 為pods添加新的label(所謂的label就是各種各樣的標簽,比如app的名字,version的信息,等等)
Learn Kubernetes Basics - Scale Your App
Scaling is accomplished by changing the number of replicas in a Deployment(通過增加replica的數量,也就是提升service中的pods的數量,從而擴展APP的服務能力,因為經過擴充之后,一個APP就可以擁有多個實例了,此外,這也使得APP的更新可以實時更新而不必經過一個downtime)
-
kubectl get rs: 獲取當前deployment所配置的replicaSet的信息;
獲取replicaSet信息(rs的NAME由<deployment名稱+randomHashString>構成);DESIRED指的是在配置deployment的時候所希望的replica數量,而CURRENT指的是當前正在運行的replica數量 -
kubectl scale deployment/<deployment名稱> --replicas=<數量>:對deployment進行擴充;系統自帶了負載均衡器,可以均衡各個replica上的負載;
擴充replica的數量
Learn Kubernetes Basics - Update Your App
Rolling updates allow Deployments' update to take place with zero downtime by incrementally updating Pods instances with new ones. The new Pods will be scheduled on Nodes with available resources.(可是無downtime式的更新
In Kubernetes, updates are versioned and any Deployment update can be reverted to a previous (stable) version.(可以很方便的回滾
上面兩項也就是CI/CD
-
kubectl describe pods: 可以查看Image是否已經update成功 -
kubectl rollout undo deployments/kubernetes-bootcamp: 回滾對應的服務
