k8s控制器:Daemonset

k8s控制器:Daemonset

一、DaemonSet概述

1.1、DaemonSet概述

DaemonSet控制器能够确保k8s集群所有的节点都运行一个相同的pod副本,当向k8s集群中增加node节点时,这个node节点也会自动创建一个pod副本,当node节点从集群移除,这些pod也会自动删除;删除Daemonset也会删除它们创建的pod

1.2、DaemonSet工作原理

daemonset的控制器会监听kuberntes的daemonset对象、pod对象、node对象,这些被监听的对象之变动,就会触发syncLoop循环让kubernetes集群朝着daemonset对象描述的状态进行演进。

1.3、Daemonset典型的应用场景

1)在集群的每个节点上运行存储,比如:glusterd 或 ceph。

2)在每个节点上运行日志收集组件,比如:flunentd 、 logstash、filebeat等。

3)在每个节点上运行监控组件,比如:Prometheus、 Node Exporter 、collectd等

1.4、DaemonSet 与 Deployment 的区别

Deployment 部署的副本 Pod 会分布在各个 Node 上,每个 Node 都可能运行好几个副本。

DaemonSet 的不同之处在于:每个 Node 上最多只能运行一个副本

二、DaemonSet使用案例:部署日志收集组件fluentd

# 编写一个DaemonSet资源清单
[root@k8s-master1 ~]# cat daemonset.yaml 
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: fluentd-elasticsearch
  namespace: kube-system
  labels:
    k8s-app: fluentd-logging
spec:
  selector:
    matchLabels:
      name: fluentd-elasticsearch
  template:
    metadata:
      labels:
        name: fluentd-elasticsearch
    spec:
      tolerations:
      - key: node-role.kubernetes.io/master
        effect: NoSchedule
      containers:
      - name: fluentd-elasticsearch
        image: xianchao/fluentd:v2.5.1
        resources:
          limits:
            memory: 200Mi
          requests:
            cpu: 100m
            memory: 200Mi
        volumeMounts:
        - name: varlog
          mountPath: /var/log
        - name: varlibdockercontainers
          mountPath: /var/lib/docker/containers
          readOnly: true
      terminationGracePeriodSeconds: 30
      volumes:
      - name: varlog
        hostPath:
          path: /var/log
      - name: varlibdockercontainers
        hostPath:
          path: /var/lib/docker/containers

[root@k8s-master1 ~]# kubectl apply -f daemonset.yaml 
daemonset.apps/fluentd-elasticsearch created

[root@k8s-master1 ~]# kubectl get ds -n kube-system
NAME                    DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
calico-node             3         3         3       3            3           kubernetes.io/os=linux   2d12h
fluentd-elasticsearch   3         3         3       3            3           <none>                   8s
kube-proxy              3         3         3       3            3           kubernetes.io/os=linux   2d13h

[root@k8s-master1 ~]# kubectl get pods -n kube-system -o wide -l name=fluentd-elasticsearch
NAME                          READY   STATUS    RESTARTS   AGE   IP               NODE          NOMINATED NODE   READINESS GATES
fluentd-elasticsearch-9hjqc   1/1     Running   0          83s   10.244.159.134   k8s-master1   <none>           <none>
fluentd-elasticsearch-bdfs6   1/1     Running   0          83s   10.244.36.124    k8s-node1     <none>           <none>
fluentd-elasticsearch-wh44b   1/1     Running   0          83s   10.244.169.152   k8s-node2     <none>           <none>

# 镜像更新
# kubectl set image daemonsets fluentd-elasticsearch fluentd-elasticsearch=image_name -n kube-system
上一篇:11.2 Job Seperation causes WARNINGS and ORA-15025 ORA-27041 With Certain Users (文档 ID 1317692.1)


下一篇:如何逆向破解HawkEye keylogger键盘记录器,进入攻击者邮箱?