涓���Kubernetes���舵������VS���舵������

1锛�Kubernetes���舵������

Kubernetes���舵�����$�瑰�锛�
1锛�����璇ユ���¤�琛���疏浚�岛�涓�浼��ㄦ���板���ㄩ��瑕���涔������版��锛�骞朵�澶�涓�疏浚�岛�瀵逛���涓�璇锋���搴���缁�����疏浚��ㄤ��寸��锛�
2锛�澶�涓�疏浚�岛���浠ュ�变韩�稿������涔����版����岛�濡�锛�nginx疏浚�岛���tomcat疏浚�岛�绛�锛�
3锛��稿�崇��Kubernetes璧�婧���锛�ReplicaSet��ReplicationController��Deployment绛�锛��变������舵�����★���浠ヨ�河渠��у�跺�ㄥ��寤虹��Pod��绉伴�芥�����烘�х����骞朵��ㄧ缉瀹规�跺苟涓�浼���纭�缂╁�规��涓�涓�Pod锛��������雾��锛���涓烘����疏浚�岛�寰��扮演��杩����奸�芥��涓��风��锛���浠ョ缉瀹逛换浣�涓�涓�Pod�藉��浠ワ�

2锛�Kubernetes���舵������

Kubernetes���舵�����$�瑰�锛�
1锛����舵�����″��浠ヨ�存����瑕��版��海洋��ㄥ���界�����°��������澶�绾跨�绫诲�������°������绛���锛�姣�濡�锛�mysql�版��搴���kafka��zookeeper绛�锛�锛�
2锛�姣�涓�疏浚�岛��介��瑕���宸辩��绔�����涔���海洋���锛�骞朵���Kubernetes涓���杩�澹版��妯℃�跨���瑰��ヨ�琛�疏浚�涔�����涔��山0��妯℃�垮�ㄥ��寤�pod涔�����寤猴�缁�疏浚���pod涓�锛�妯℃�垮��浠ュ��涔�澶�涓�锛�
3锛��稿�崇��Kubernetes璧�婧���锛�StatefulSet���变������舵�������★���浠ユ��涓�Pod�芥���瑰������绉板��缃�缁���璇���姣�濡�Pod��绉版����StatefulSet��+��搴����板��缁���锛�0��1��2����锛�锛�
4锛��ㄨ�琛�缂╁�规��浣��讹���浠ユ��纭��ラ��浼�缂╁�归�d�涓�Pod锛�浠��板����澶х��寮�彭���骞朵�StatefulSet�ㄥ凡��疏浚�岛�涓��ュ悍�����仪式���涓���璁稿��缂╁�规��浣���锛�

3锛����舵�����″�����舵�����$���哄��

涓昏�琛ㄧ�板�ㄤ互涓��归��锛�
1锛�疏浚�岛��伴��锛����舵�����″��浠ユ��涓�涓���澶�涓�疏浚�岛�锛���姝ゆ����涓ょ����″�归��璋���妯″�锛����舵�����¤���芥��涓�涓�疏浚�岛�锛�涓���璁稿��寤哄�涓�疏浚�岛�锛���姝や�涓��������″�归����璋���锛�
2锛�海洋��ㄥ�凤����舵�����″��浠ユ��海洋��ㄥ�凤�涔���浠ユ病魔��锛��充娇��涔���娉�澶�浠藉���ㄥ�蜂腑���版��锛����舵�����″�椤昏���海洋��ㄥ�凤�骞朵��ㄥ��寤烘���℃�讹�蹇�椤绘��疏浚�璇ュ���ㄥ�山������纾���绌洪�村ぇ广大�锛�
3锛��版��海洋���锛� ���舵�����¤�琛�杩�绋�涓��������版��锛��ゆ�ュ������ф�版��锛��藉���ㄥ�瑰�ㄥ��岛�������浠剁郴缁�涓�锛�濡���疏浚�岛���姝㈡�������わ���杩�河渠��版���藉�涓㈠け锛���娉��惧��锛���瀵逛����舵�����★��℃��宸茬���潘戒�海洋��ㄥ�风����褰�涓�����浠跺��疏浚归�藉��浠ラ���惰�琛�澶�浠斤�澶�浠界���版����浠ヤ�潘斤�涔���浠ョ�ㄤ��㈠��扮演�����°��浣�瀵逛�娌℃����潘藉�风����褰�涓����版��锛�浠��舵����娉�澶�浠藉��淇�海洋���锛�濡���疏浚�岛���姝㈡�������わ�杩�河渠�����潘藉�烽������浠跺��疏浚瑰���蜂�涓㈠け��

4锛�StatefulSet姒�杩�

StatefulSet��Kubernetes��岛���绠$�����舵��搴��ㄧ��璐�潘界�$���у�跺��API����Pods绠$�����雾�涓�锛�淇�璇�Pods��椤哄���涓��存�с��涓�Deployment涓��凤�StatefulSet涔���浣跨�ㄥ�瑰�ㄧ��Spec�ュ��寤�Pod锛�涓�涔�涓���StatefulSet��寤虹��Pods�ㄧ���藉�ㄦ��涓�浼�淇�����涔�����璁帮�岛�濡�Pod Name锛���

5锛�StatefulSet�圭��

1锛�绋冲������涔���海洋���锛���Pod���拌�搴���杩����借�块���扮演�稿������涔����版��锛��轰�PVC�ュ���起�
2锛�绋冲����缃�缁���蹇�锛���Pod���拌�搴�����PodName��HostName涓���锛��轰�Headless Service锛��虫病��Cluster IP��Service锛��ュ���起�
3锛���搴��ㄧ讲锛���搴��╁�锛���Pod����椤哄���锛��ㄩ�ㄧ讲�����╁����跺��瑕�岛���疏浚�涔���椤哄�岛�娆′�娆¤�琛�锛��充�0��N-1锛��ㄤ�涓�涓�Pod杩�琛�涔�������涔�����Pod蹇�椤婚�芥��Running��Ready�舵��锛�锛��轰�init containers�ュ���起�
4锛���搴��剁缉锛���搴����わ��充�N-1��0锛�锛�

河渠���浣跨��StatefulSet疏浚��拌���ㄥ��寤�PVC

1锛���寤�NFS�变韩瀛���

涓轰��逛究锛�广大辩�存�ュ��master���逛��ㄧ讲NFS海洋��ㄤ�锛�

[root@master ~]# yum -y install nfs-utils rpcbind
[root@master ~]# vim /etc/exports
/nfsdata *(rw,sync,no_root_squash)
[root@master ~]# mkdir /nfsdata
[root@master ~]# systemctl start nfs-server
[root@master ~]# systemctl start rpcbind
[root@master ~]# showmount -e
Export list for master:
/nfsdata *

2锛���寤�rbac����

[root@master ~]# vim rbac-rolebind.yaml
apiVersion: v1                            #��寤轰�涓��ㄤ�璁よ�������¤处��
kind: ServiceAccount
metadata:
  name: nfs-provisioner
---
apiVersion: rbac.authorization.k8s.io/v1        #��寤虹兢��瑙���
kind: ClusterRole
metadata:
  name: nfs-provisioner-runner
rules:
   -  apiGroups: [""]
      resources: ["persistentvolumes"]
      verbs: ["get", "list", "watch", "create", "delete"]
   -  apiGroups: [""]
      resources: ["persistentvolumeclaims"]
      verbs: ["get", "list", "watch", "update"]
   -  apiGroups: ["storage.k8s.io"]
      resources: ["storageclasses"]
      verbs: ["get", "list", "watch"]
   -  apiGroups: [""]
      resources: ["events"]
      verbs: ["watch", "create", "update", "patch"]
   -  apiGroups: [""]
      resources: ["services", "endpoints"]
      verbs: ["get","create","list", "watch","update"]
   -  apiGroups: ["extensions"]
      resources: ["podsecuritypolicies"]
      resourceNames: ["nfs-provisioner"]
      verbs: ["use"]
---
kind: ClusterRoleBinding                #广大����¤�よ���ㄦ�蜂�缇ら��瑙���杩�琛�缁�疏浚�
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-provisioner
    namespace: default                    #蹇���海洋�娈碉�����浼���绀洪��璇�
roleRef:
  kind: ClusterRole
  name: nfs-provisioner-runner
  apiGroup: rbac.authorization.k8s.io
[root@master ~]# kubectl apply -f rbac-rolebind.yaml    

3锛���寤�nfs-deployment.璧�婧�

[root@master ~]# vim nfs-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nfs-client-provisioner
spec:
  replicas: 1                              #��疏浚������伴��涓�1
  strategy:
    type: Recreate                      #��疏浚�绛��ョ把��涓洪��缃�
  template:
    metadata:
      labels:
        app: nfs-client-provisioner
    spec:
      serviceAccount: nfs-provisioner            #��疏浚�rbac yanl��浠朵腑��寤虹��璁よ���ㄦ�疯处��
      containers:
        - name: nfs-client-provisioner
          image: registry.cn-hangzhou.aliyuncs.com/open-ali/nfs-client-provisioner     #浣跨�ㄧ������ 
          volumeMounts:
            - name: nfs-client-root
              mountPath:  /persistentvolumes             #��疏浚�疏浚瑰�ㄥ����潘界����褰�
          env:
            - name: PROVISIONER_NAME           #疏浚瑰�ㄥ���������ㄤ���疏浚���岛�海洋��ㄧ����绉�
              value: lzj
            - name: NFS_SERVER                      #疏浚瑰�ㄥ���������ㄤ���疏浚�nfs���$��IP�板��
              value: 192.168.1.1
            - name: NFS_PATH                       #疏浚瑰�ㄥ����������疏浚�nfs���″�ㄥ�瑰�����褰�
              value: /nfsdata
      volumes:                                                #��疏浚���潘藉�板�瑰�ㄥ����nfs��璺�寰���IP
        - name: nfs-client-root
          nfs:
            server: 192.168.1.1
            path: /nfsdata
[root@master ~]# kubectl apply -f nfs-deployment.yaml
[root@master ~]# kubectl get pod 
NAME                                      READY   STATUS    RESTARTS   AGE
nfs-client-provisioner-66df958f9c-mbvhv   1/1     Running   0          2m34s

4锛���寤�SC锛�Storage Class锛�

[root@master ~]# vim sc.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: stateful-nfs
  namespace: xiaojiang-test
provisioner: lzj                  #杩�涓�瑕���nfs-client-provisioner��env��澧�����涓���PROVISIONER_NAME��value�煎�瑰���
reclaimPolicy: Retain               #��疏浚����剁���ヤ负Retain锛����ㄩ���撅�
[root@master ~]# kubectl apply -f sc.yaml 
[root@master ~]# kubectl get StorageClass
NAME           PROVISIONER   AGE
stateful-nfs   lzj           17s

5锛���寤�Pod

[root@master ~]# vim statefulset.yaml 
apiVersion: v1
kind: Service
metadata:
  name: headless-svc                    #浠���绉板氨��浠ユ����澶存����
  labels:
    app: headless-svc
spec:
  ports:
  - port: 80
    name: myweb
  selector:
    app: headless-pod
  clusterIP: None                        #涓�����缇ら����IP�板��锛���浠ヤ��山�璐�潘藉��琛$���藉��
---
apiVersion: apps/v1
kind: StatefulSet                          #疏浚�涔�pod涓�杩�琛���搴���
metadata:
  name: statefulset-test
spec:
  serviceName: headless-svc
  replicas: 3
  selector:
    matchLabels:
      app: headless-pod
  template:
    metadata:
      labels:
        app: headless-pod
    spec:
      containers:
      - image: httpd
        name: myhttpd
        ports:
        - containerPort: 80
          name: httpd
        volumeMounts:
        - mountPath: /usr/local/apache2/htdocs
          name: test
  volumeClaimTemplates:                       #疏浚�涔���寤�PVC浣跨�ㄧ��妯℃��
  - metadata:
      name: test
      annotations:  #杩�����疏浚�storageclass
        volume.beta.kubernetes.io/storage-class: stateful-nfs
    spec:
      accessModes:
        - ReadWriteOnce
      resources:
        requests:
          storage: 100Mi
[root@master ~]# kubectl apply -f statefulset.yaml 
[root@master ~]# kubectl get pod
NAME                                      READY   STATUS    RESTARTS   AGE
nfs-client-provisioner-66df958f9c-mbvhv   1/1     Running   0          10m
statefulset-test-0                        1/1     Running   0          29s
statefulset-test-1                        1/1     Running   0          18s
statefulset-test-2                        1/1     Running   0          11s
[root@master ~]# kubectl get pv
[root@master ~]# kubectl get pvc              #PV涓�PVC宸茬�����
[root@master ~]# ls /nfsdata/
default-test-statefulset-test-0-pvc-54d0b06c-698e-4f1a-8327-255b10978cbe
default-test-statefulset-test-1-pvc-1b499d49-a787-4f2b-b238-404b05f75fd7
default-test-statefulset-test-2-pvc-7766f8da-6f3b-4c1f-9eb8-dfadda1e656f
[root@master ~]# echo "hello world" > /nfsdata/default-test-statefulset-test-0-pvc-54d0b06c-698e-4f1a-8327-255b10978cbe/index.html
[root@master ~]# kubectl get pod -o wide | grep test-0
statefulset-test-0                        1/1     Running   0          4m53s   10.244.2.4   node02   <none>           <none>
[root@master ~]# curl 10.244.2.4
hello world
[root@master ~]# curl -I 10.244.2.4
HTTP/1.1 200 OK
Date: Wed, 12 Feb 2020 09:52:04 GMT
Server: Apache/2.4.41 (Unix)
Last-Modified: Wed, 12 Feb 2020 09:45:37 GMT
ETag: "c-59e5dd5ac0a63"
Accept-Ranges: bytes
Content-Length: 12
Content-Type: text/html
#��浠ョ���雾�板�ㄦ��岛�web椤甸�㈢�����℃��Apache

6锛�瀵�pod杩�琛��存�板苟�╁��

[root@master ~]# vim statefulset.yaml 
apiVersion: v1
kind: Service
metadata:
  name: headless-svc
  labels:
    app: headless-svc
spec:
  ports:
  - port: 80
    name: myweb
  selector:
    app: headless-pod
  clusterIP: None
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: statefulset-test
spec:
  updateStrategy:
    rollingUpdate:
      partition: 2                           #榛�璁ゅ�间负0锛�琛ㄧず�����戒��存�起�锛��间负2琛ㄧず绗�涓�涓�pod杩�琛��存��
  serviceName: headless-svc
  replicas: 10
  selector:
    matchLabels:
      app: headless-pod
  template:
    metadata:
      labels:
        app: headless-pod
    spec:
      containers:
      - image: nginx                       #�存�㈡�╁�规�朵娇�ㄧ������
        name: myhttpd
        ports:
        - containerPort: 80
          name: httpd
        volumeMounts:
        - mountPath: /usr/share/nginx/html/                 #�存�㈠�瑰�ㄤ腑��涓荤��褰�
          name: test
  volumeClaimTemplates:
  - metadata:
      name: test
      annotations:  #杩�����疏浚�storageclass
        volume.beta.kubernetes.io/storage-class: stateful-nfs
    spec:
      accessModes:
        - ReadWriteOnce
      resources:
        requests:
          storage: 100Mi
[root@master ~]# kubectl apply -f statefulset.yaml 
[root@master ~]# kubectl get pod -o wide
NAME                                      READY   STATUS    RESTARTS   AGE     IP           NODE     NOMINATED NODE   READINESS GATES
nfs-client-provisioner-66df958f9c-mbvhv   1/1     Running   0          35m     10.244.2.2   node02   <none>           <none>
statefulset-test-0                        1/1     Running   0          21m     10.244.2.4   node02   <none>           <none>
statefulset-test-1                        1/1     Running   0          20m     10.244.1.4   node01   <none>           <none>
statefulset-test-2                        1/1     Running   0          3m52s   10.244.1.9   node01   <none>           <none>
statefulset-test-3                        1/1     Running   0          4m54s   10.244.2.5   node02   <none>           <none>
statefulset-test-4                        1/1     Running   0          4m43s   10.244.1.6   node01   <none>           <none>
statefulset-test-5                        1/1     Running   0          4m31s   10.244.2.6   node02   <none>           <none>
statefulset-test-6                        1/1     Running   0          4m25s   10.244.1.7   node01   <none>           <none>
statefulset-test-7                        1/1     Running   0          4m19s   10.244.2.7   node02   <none>           <none>
statefulset-test-8                        1/1     Running   0          4m12s   10.244.1.8   node01   <none>           <none>
statefulset-test-9                        1/1     Running   0          4m3s    10.244.2.8   node02   <none>           <none>
[root@master ~]# ls /nfsdata/ | wc -l
10
[root@master ~]# curl -I 10.244.2.4
HTTP/1.1 200 OK
Date: Wed, 12 Feb 2020 10:05:34 GMT
Server: Apache/2.4.41 (Unix)
Last-Modified: Wed, 12 Feb 2020 09:45:37 GMT
ETag: "c-59e5dd5ac0a63"
Accept-Ranges: bytes
Content-Length: 12
Content-Type: text/html
[root@master ~]# curl -I 10.244.2.8
HTTP/1.1 403 Forbidden
Server: nginx/1.17.8
Date: Wed, 12 Feb 2020 10:05:41 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive

�辨�ゅ��浠ョ���哄�ㄥ�ㄦ�╁�无边��缂╁�硅�绋�涓�锛�pod�����������ゆ��浣�涔�����椤哄�锛�骞朵�浼��存��pod锛�杩�广大辨��StatefulSet���圭�戊寅�

�����������������������������版�ょ���锛���璋㈤��璇烩������������������������