一、环境变量配置
Pod中的环境变量配置即env参数
修改pod_base.yaml文件如下,增加env参数
apiVersion: v1
kind: Pod
metadata:
name: pod-base
namespace: dev
labels:
user: redrose2100
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
- name: busybox
image: busybox
imagePullPolicy: Always
command: ["/bin/sh","-c","touch /tmp/hello.txt;while true;do /bin/echo $(date +%T) >> /tmp/hello.txt;sleep 3;done;"]
env:
- name: "username"
value: "admin"
- name: "password"
value: "admin123"
执行如下命令创建pod
[root@master ~]
pod/pod-base created
[root@master ~]
然后执行如下命令进入docker查看变量,如下表示成功
[root@master ~]
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
/
admin
/
admin123
/
这种方式不推荐,推荐时候后面介绍的配置文件的方式
二、端口配置
端口配置ports参数
查看ports帮助信息
[root@master ~]
KIND: Pod
VERSION: v1
RESOURCE: ports <[]Object>
DESCRIPTION:
List of ports to expose from the container. Exposing a port here gives the
system additional information about the network connections a container
uses, but is primarily informational. Not specifying a port here DOES NOT
prevent that port from being exposed. Any port which is listening on the
default "0.0.0.0" address inside a container will be accessible from the
network. Cannot be updated.
ContainerPort represents a network port in a single container.
FIELDS:
containerPort <integer> -required-
Number of port to expose on the pod's IP address. This must be a valid port
number, 0 < x < 65536.
hostIP <string>
What host IP to bind the external port to.
hostPort <integer>
Number of port to expose on the host. If specified, this must be a valid
port number, 0 < x < 65536. If HostNetwork is specified, this must match
ContainerPort. Most containers do not need this.
name <string>
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
named port in a pod must have a unique name. Name for the port that can be
referred to by services.
protocol <string>
Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
[root@master ~]
具体如下:
- name 端口名称,如果指定,必须保证name在pod中是唯一的
- containerPort 容器要监听的端口(0–65536)
- hostPort 容器要再主机上公开的端口,如果设置,主机上只能运行容器的一个副本(一般省略)
- hostIP 要将外部端口绑定到主机IP(一般省略)
- protocol 端口协议,必须是UDP,TCP,SCTP,默认是TCP
编辑 pod_base.yaml文件,将nginx的容器设置端口号和协议
apiVersion: v1
kind: Pod
metadata:
name: pod-base
namespace: dev
labels:
user: redrose2100
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
- name: busybox
image: busybox
imagePullPolicy: Always
command: ["/bin/sh","-c","touch /tmp/hello.txt;while true;do /bin/echo $(date +%T) >> /tmp/hello.txt;sleep 3;done;"]
env:
- name: "username"
value: "admin"
- name: "password"
value: "admin123"
使用如下命令创建
[root@master ~]
pod/pod-base created
[root@master ~]
通过如下命令可以查看到设置的容器端口已经是80了
kubectl get pod pod-base -n dev -o yaml
访问容器中的程序需要使用:podIP:containerPort
三、Pod资源配额
容器中的程序要运行,肯定是要占用一定资源的,比如CPU和内存等,乳沟不对某个容器的资源做限制,那么它就可能吃掉大量资源,导致气他容器无法运行,针对这种情况,kubernetes提供了对内存和CPU的资源进行配额的机制,这种机制主要通过resources选项类实现,它有两个子选项
- limits:用于限制运行时容器的最大占用资源,当容器占用资源超过limits时会被终止,并进行重启
- requests:用于设置容器需要的最小资源,如果环境资源不够,容器就无法启动
如下,编辑pod_base.yaml文件,对nginx容器设置资源上限和下限设置
apiVersion: v1
kind: Pod
metadata:
name: pod-base
namespace: dev
labels:
user: redrose2100
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
resources:
limits:
cpu: "2"
memory: "2G"
requests:
cpu: "1"
memory: "256M"
- name: busybox
image: busybox
imagePullPolicy: Always
command: ["/bin/sh","-c","touch /tmp/hello.txt;while true;do /bin/echo $(date +%T) >> /tmp/hello.txt;sleep 3;done;"]
env:
- name: "username"
value: "admin"
- name: "password"
value: "admin123"
使用如下命令创建pod
[root@master ~]
pod/pod-base created
[root@master ~]
这里可以做个实验,将cpu下限修改为3,上限修改为4,然后再次尝试,因为这里虚拟机的核数是2,下限修改为3后是明显不能满足要求的
apiVersion: v1
kind: Pod
metadata:
name: pod-base
namespace: dev
labels:
user: redrose2100
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
resources:
limits:
cpu: "4"
memory: "2G"
requests:
cpu: "3"
memory: "256M"
- name: busybox
image: busybox
imagePullPolicy: Always
command: ["/bin/sh","-c","touch /tmp/hello.txt;while true;do /bin/echo $(date +%T) >> /tmp/hello.txt;sleep 3;done;"]
env:
- name: "username"
value: "admin"
- name: "password"
value: "admin123"
再次重新创建后通过如下命令可以看到这里提示cpu不够用了
[root@master ~]
Name: pod-base
Namespace: dev
Priority: 0
Node: <none>
Labels: user=redrose2100
Annotations: <none>
Status: Pending
IP:
IPs: <none>
Containers:
nginx:
Image: nginx:latest
Port: 80/TCP
Host Port: 0/TCP
Limits:
cpu: 4
memory: 2G
Requests:
cpu: 3
memory: 256M
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-b4c4b (ro)
busybox:
Image: busybox
Port: <none>
Host Port: <none>
Command:
/bin/sh
-c
touch /tmp/hello.txt;while true;do /bin/echo $(date +%T) >> /tmp/hello.txt;sleep 3;done;
Environment:
username: admin
password: admin123
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-b4c4b (ro)
Conditions:
Type Status
PodScheduled False
Volumes:
kube-api-access-b4c4b:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling 13s default-scheduler 0/3 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master: }, that the pod didn't tolerate, 2 Insufficient cpu.
Warning FailedScheduling 12s default-scheduler 0/3 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master: }, that the pod didn't tolerate, 2 Insufficient cpu.
[root@master ~]
|