Kubernetes启动一个Pod

获取镜像

在实际的投产中,公司一般所有企业的私有镜像:我们公司选择的是:https://goharbor.io/。

首先获取一个nginx的镜像,待会儿需要直接启动这个镜像

docker pull nginx  

确认镜像已经在列表中:

[root@CentOS7-Node1 parallels]# docker images
REPOSITORY     TAG                 IMAGE ID            CREATED             SIZE  
nginx          latest              231d40e811cd        2 weeks ago         126MB  

创建Pod

直接在master节点上运行一个镜像,并且启动2台机器。

[root@CentOS7-Node1 parallels]# kubectl run my-nginx --image=nginx --replicas=2 --port=80
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.  
deployment.apps/my-nginx created  
[root@CentOS7-Node1 parallels]# kubectl get pod
NAME                        READY   STATUS    RESTARTS   AGE  
my-nginx-75897978cd-87dnh   1/1     Running   0          4m36s  
my-nginx-75897978cd-nwnrm   1/1     Running   0          4m36s  

这里需要等待一定的时间,容器的状态由ContainerCreating变为Running

查看日志

kubectl logs <pod_name>  
kubectl logs -f <pod_name> # 类似tail -f的方式查看(tail -f 实时查看日志文件 tail -f 日志文件log)  

实际的验证操作:

[root@CentOS7-Node1 parallels]# kubectl logs my-nginx-75897978cd-87dnh
Error from server: Get https://10.211.55.8:10250/containerLogs/default/my-nginx-75897978cd-87dnh/my-nginx: dial tcp 10.211.55.8:10250: connect: no route to host  
[root@CentOS7-Node1 parallels]# kubectl logs my-nginx-75897978cd-nwnrm 

显示Pod资源的详细信息

[root@CentOS7-Node1 parallels]# kubectl describe pod my-nginx-75897978cd-87dnh
Name:         my-nginx-75897978cd-87dnh  
Namespace:    default  
Priority:     0  
Node:         centos7-node2/10.211.55.8  
Start Time:   Thu, 12 Dec 2019 21:26:18 +0800  
Labels:       pod-template-hash=75897978cd  
              run=my-nginx
Annotations:  <none>  
Status:       Running  
IP:           10.32.0.2  
IPs:  
  IP:           10.32.0.2
Controlled By:  ReplicaSet/my-nginx-75897978cd  
Containers:  
  my-nginx:
    Container ID:   docker://43bda4badd180e540ae95bb8b4cd1b2e174b702c616f4e705e48ff6c57a30d40
    Image:          nginx
    Image ID:       docker-pullable://nginx@sha256:50cf965a6e08ec5784009d0fccb380fc479826b6e0e65684d9879170a9df8566
    Port:           80/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Thu, 12 Dec 2019 21:29:00 +0800
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-8s7rp (ro)
Conditions:  
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:  
  default-token-8s7rp:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-8s7rp
    Optional:    false
QoS Class:       BestEffort  
Node-Selectors:  <none>  
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s  
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:  
  Type    Reason     Age        From                    Message
  ----    ------     ----       ----                    -------
  Normal  Scheduled  <unknown>  default-scheduler       Successfully assigned default/my-nginx-75897978cd-87dnh to centos7-node2
  Normal  Pulling    15m        kubelet, centos7-node2  Pulling image "nginx"
  Normal  Pulled     13m        kubelet, centos7-node2  Successfully pulled image "nginx"
  Normal  Created    13m        kubelet, centos7-node2  Created container my-nginx
  Normal  Started    13m        kubelet, centos7-node2  Started container my-nginx

查看所有pod

[root@CentOS7-Node1 parallels]# kubectl get pods --all-namespaces
NAMESPACE     NAME                                    READY   STATUS    RESTARTS   AGE  
default       my-nginx-75897978cd-87dnh               1/1     Running   0          21m  
default       my-nginx-75897978cd-nwnrm               1/1     Running   0          21m  
kube-system   coredns-5644d7b6d9-tfkwk                1/1     Running   0          2d9h  
kube-system   coredns-5644d7b6d9-zwpg9                1/1     Running   0          2d9h  
kube-system   etcd-centos7-node1                      1/1     Running   0          2d9h  
kube-system   kube-apiserver-centos7-node1            1/1     Running   0          2d  
kube-system   kube-controller-manager-centos7-node1   1/1     Running   4          2d9h  
kube-system   kube-proxy-8tqsb                        1/1     Running   0          2d9h  
kube-system   kube-proxy-rxdfv                        1/1     Running   0          2d6h  
kube-system   kube-proxy-vdkhd                        1/1     Running   0          47h  
kube-system   kube-scheduler-centos7-node1            1/1     Running   4          2d9h  
kube-system   weave-net-4q5kr                         2/2     Running   0          2d8h  
kube-system   weave-net-767sf                         2/2     Running   0          2d6h  
kube-system   weave-net-f2pgl                         2/2     Running   1          47h  

进入一个Pod

[root@CentOS7-Node1 parallels]#  kubectl exec -it my-nginx-75897978cd-87dnh -n default -- /bash/sh
Error from server: error dialing backend: dial tcp 10.211.55.8:10250: connect: no route to host  

出现这个错误是因为在机器10.211.55.8没有关闭掉防火墙:

[root@CentOS7-Node2 Workspace]# systemctl disable firewalld && systemctl stop firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.  
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.  

再次进入Pod就成功了,但是什么命令都没有。

[root@CentOS7-Node1 parallels]#  kubectl exec -it my-nginx-75897978cd-87dnh -n default bash
root@my-nginx-75897978cd-87dnh:/# ifconfig  
bash: ifconfig: command not found  
root@my-nginx-75897978cd-87dnh:/# ps aux | grep nginx  
bash: ps: command not found  
root@my-nginx-75897978cd-87dnh:/#  

参考地址:

简栈文化服务订阅号