Pod详解:Kubernetes中最小的可部署单元
categories: - Kubernetes核心概念 tags: - Kubernetes - Pod - 容器 - 调度
前言
Pod是Kubernetes中最核心、最基本的概念之一。理解Pod的工作原理对于掌握Kubernetes至关重要。
什么是Pod?
Pod是Kubernetes中的最小可部署计算单元,可以包含一个或多个共享网络和存储的容器。
Pod的特点
- 共享网络命名空间:同一Pod内容器通过localhost通信
- 共享存储卷:容器间数据共享
- 原子性:Pod中的容器一起调度、一起部署
- 临时性:Pod被设计为可替换的单元
Pod的两种类型
1. 单容器Pod
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.25
ports:
- containerPort: 80
2. 多容器Pod(Sidecar模式)
apiVersion: v1
kind: Pod
metadata:
name: webapp
spec:
containers:
- name: app
image: myapp:v1
ports:
- containerPort: 8080
- name: log-agent
image: fluentd:latest
volumeMounts:
- name: logs
mountPath: /var/log/app
volumes:
- name: logs
emptyDir: {}
Pod生命周期
Pending --> Running --> Succeeded/Failed
| 阶段 | 说明 |
|---|---|
| Pending | Pod被创建,等待调度 |
| Running | Pod绑定到节点,至少一个容器运行 |
| Succeeded | 所有容器成功终止 |
| Failed | 至少一个容器失败终止 |
| Unknown | Pod状态无法获取 |
Pod配置详解
资源限制
spec:
containers:
- name: app
image: myapp:v1
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 256Mi
环境变量
spec:
containers:
- name: app
image: myapp:v1
env:
- name: DB_HOST
value: mysql-service
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: db-secrets
key: password
- name: CONFIG_PATH
valueFrom:
configMapKeyRef:
name: app-config
key: config.path
健康检查
spec:
containers:
- name: app
image: myapp:v1
livenessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 15
periodSeconds: 20
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /ready
port: 8080
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 3
startupProbe:
httpGet:
path: /startup
port: 8080
failureThreshold: 30
periodSeconds: 10
Volume挂载
spec:
containers:
- name: app
image: myapp:v1
volumeMounts:
- name: config-volume
mountPath: /etc/config
- name: data-volume
mountPath: /data
volumes:
- name: config-volume
configMap:
name: app-config
- name: data-volume
persistentVolumeClaim:
claimName: app-pvc
静态Pod
静态Pod由kubelet直接管理,不通过API Server。
# 创建静态Pod目录
mkdir -p /etc/kubernetes/manifests
# 创建静态Pod
cat > /etc/kubernetes/manifests/static-nginx.yaml << EOF
apiVersion: v1
kind: Pod
metadata:
name: static-nginx
spec:
containers:
- name: nginx
image: nginx:1.25
EOF
# 重启kubelet
systemctl restart kubelet
# 查看静态Pod
kubectl get pods -A | grep static
Pod调度
节点选择器
spec:
nodeSelector:
disktype: ssd
environment: production
节点亲和性
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: topology.kubernetes.io/zone
operator: In
values:
- zone-a
- zone-b
Pod反亲和性
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- cache
topologyKey: kubernetes.io/hostname
Pod调试
# 查看Pod详情
kubectl describe pod
# 查看Pod日志
kubectl logs
kubectl logs -c
# 进入Pod容器
kubectl exec -it -- /bin/bash
# 查看Pod事件
kubectl get events --sort-by='.metadata.creationTimestamp'
总结
Pod是Kubernetes的核心概念,掌握Pod的配置和使用是进阶的前提。
声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
