Kubernetes(K8s)完全指南:集群搭建与核心概念
Kubernetes 简介
Kubernetes(简称 K8s)是一个开源的容器编排平台,用于自动化容器化应用的部署、扩展和管理。本文详细介绍 K8s 的核心概念和实战用法。
为什么需要 Kubernetes?
- 容器编排 - 管理数千个容器
- 自动修复 - 故障自动重启
- 水平扩展 - 根据负载自动扩缩容
- 服务发现 - 内部服务自动寻址
- 滚动更新 - 零停机部署
Kubernetes 核心概念
1. Pod
Pod 是 K8s 的最小调度单元,一个 Pod 可以包含一个或多个容器。
apiVersion: v1
kind: Pod
metadata:
name: myapp-pod
labels:
app: myapp
spec:
containers:
- name: myapp
image: nginx:1.21
ports:
- containerPort: 80
resources:
limits:
memory: "128Mi"
cpu: "500m"
requests:
memory: "64Mi"
cpu: "250m"2. Deployment
Deployment 管理 Pod 的部署,提供声明式的更新机制。
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-deployment
spec:
replicas: 3
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: myapp
image: myapp:1.0
ports:
- containerPort: 8080
env:
- name: NODE_ENV
value: "production"
readinessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 15
periodSeconds: 203. Service
Service 为 Pod 提供稳定的访问入口。
# ClusterIP - 集群内部访问
apiVersion: v1
kind: Service
metadata:
name: myapp-service
spec:
selector:
app: myapp
ports:
- port: 80
targetPort: 8080
type: ClusterIP
---
# NodePort - 外部访问
apiVersion: v1
kind: Service
metadata:
name: myapp-nodeport
spec:
selector:
app: myapp
ports:
- port: 80
targetPort: 8080
nodePort: 30080
type: NodePort
---
# LoadBalancer - 云厂商负载均衡
apiVersion: v1
kind: Service
metadata:
name: myapp-lb
spec:
selector:
app: myapp
ports:
- port: 80
targetPort: 8080
type: LoadBalancer4. Ingress
Ingress 提供 HTTP/HTTPS 路由。
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: myapp-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: myapp.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: myapp-service
port:
number: 805. ConfigMap 和 Secret
管理配置和敏感数据。
# ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
name: myapp-config
data:
database_url: "postgres://db:5432/myapp"
config.yaml: |
server:
port: 8080
log:
level: info
---
# Secret
apiVersion: v1
kind: Secret
metadata:
name: myapp-secret
type: Opaque
data:
# base64 编码
username: YWRtaW4=
password: cGFzc3dvcmQ=6. PersistentVolume (PV) 和 PersistentVolumeClaim (PVC)
持久化存储。
# PersistentVolume
apiVersion: v1
kind: PersistentVolume
metadata:
name: my-pv
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /data/myapp
---
# PersistentVolumeClaim
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: my-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi常用命令
# 查看资源
kubectl get pods
kubectl get services
kubectl get deployments
kubectl get all
# 查看详情
kubectl describe pod myapp-pod
kubectl get pod myapp -o yaml
# 日志
kubectl logs -f myapp-pod
kubectl logs -f myapp-pod -c container-name
# 进入容器
kubectl exec -it myapp-pod -- /bin/bash
# 扩缩容
kubectl scale deployment myapp --replicas=5
# 更新镜像
kubectl set image deployment/myapp myapp=myapp:2.0
# 回滚
kubectl rollout undo deployment/myapp
kubectl rollout status deployment/myappMinikube 本地搭建
# 安装 Minikube
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikube
# 安装 kubectl
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install kubectl /usr/local/bin/
# 启动集群
minikube start --driver=docker
# 或使用 VirtualBox
minikube start --driver=virtualbox
# 启用插件
minikube addons enable ingress
minikube addons enable dashboard
# 打开 Dashboard
minikube dashboard总结
Kubernetes 是云原生时代的操作系统,掌握其核心概念和常用命令是每个 DevOps 工程师的必备技能。本文涵盖了 K8s 的核心资源类型和基本用法,希望对你学习 K8s 有所帮助。
参考资源:Kubernetes 官方文档
声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
