1、EndPoints
控制管理pod,收录Pod。
创建Service,实际会创建一个同名的Endpoints。
Service只负责提供一个VIP,EndPoints才是提供负载均衡服务的。
将外部的服务接入集群:
---
kind: Endpoints
apiVersion: v1
metadata:
name: mysql
subsets:
- addresses:
- ip: 192.168.11.101
ports:
- port: 33060
---
kind: Service
apiVersion: v1
metadata:
name: mysql
spec:
ports:
- port: 3306
targetPort: 33060
[root@k8s-master-01 ~]# vim mysqld.yaml
[root@k8s-master-01 ~]# kubectl apply -f mysqld.yaml
[root@k8s-master-01 k8s]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
mysql ClusterIP 10.103.53.10 <none> 3306/TCP 11m
[root@k8s-master-01 k8s]# kubectl get pods -A
mysql mysql-c5549fb5-khhs4 1/1 Running 0 10h
[root@k8s-master-01 k8s]# kubectl exec -it -n mysql mysql-c5549fb5-khhs4
root@mysql-c5549fb5-khhs4:/# mysql -uroot -p123456 -h mysql.default.svc.cluster.local
mysql> create database bbs444;
2、Ingress
https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#permanent-redirect-code
[root@k8s-master-01 k8s]# vim deploy.yaml
[root@k8s-master-01 k8s]# cat deploy.yaml |grep image
image: registry.cn-hangzhou.aliyuncs.com/k8sos/ingress-controller:v0.45.0
imagePullPolicy: IfNotPresent
image: docker.io/jettech/kube-webhook-certgen:v1.5.1
imagePullPolicy: IfNotPresent
image: docker.io/jettech/kube-webhook-certgen:v1.5.1
imagePullPolicy: IfNotPresent
[root@k8s-master-01 k8s]# kubectl apply -f deploy.yaml
[root@k8s-master-01 k8s]# kubectl get pods -n ingress-nginx
NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create-kxj4w 0/1 Completed 0 2m29s
ingress-nginx-admission-patch-6wzrn 0/1 Completed 0 2m29s
ingress-nginx-controller-66bb86f576-rdjr2 1/1 Running 0 2m29s
出现上面的1/1代表部署安装成功
Ingress
Nginx Ingress
#部署域名
[root@k8s-master-01 k8s]# vim ingress.yaml
---
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: django
spec:
rules:
- host: www.django.com
http:
paths:
- backend:
serviceName: django
servicePort: 80
path: /
[root@k8s-master-01 k8s]# kubectl apply -f ingress.yaml
[root@k8s-master-01 k8s]# kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
django <none> www.django.com 192.168.15.104 80 4m11s
[root@k8s-master-01 k8s]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.97.151.84 <none> 80:30769/TCP,443:30885/TCP 23m
ingress-nginx-controller-admission ClusterIP 10.110.245.119 <none> 443/TCP
#解析域名
192.168.15.101 www.django.com
www.django.com:30769 可访问
#进入查看底层原理
[root@k8s-master-01 k8s]# kubectl exec -it -n ingress-nginx ingress-nginx-controller-66bb86f576-rdjr2 -- bash
bash-5.1$ vi /etc/nginx/nginx.conf
#rewrite重定向
---
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: django
annotations:
nginx.ingress.kubernetes.io/rewrite-target: www.baidu.com
nginx.ingress.kubernetes.io/temporal-redirect: https://www.google.com
spec:
rules:
- host: www.django.com
http:
paths:
- backend:
serviceName: django
servicePort: 80
path: /
# 错误之后,默认跳转的后端
[root@k8s-master-01 k8s]# vim error.yaml
[root@k8s-master-01 k8s]# kubectl apply -f error.yaml
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: error
spec:
selector:
matchLabels:
app: error
template:
metadata:
labels:
app: error
spec:
containers:
- name: tomcat
image: tomcat
---
kind: Service
apiVersion: v1
metadata:
name: error
spec:
selector:
app: error
ports:
- port: 80
targetPort: 8080
#1.错误监听
nginx.ingress.kubernetes.io/custom-http-errors: "404,415,500,502"
#2.定义一个错误的后端
nginx.ingress.kubernetes.io/default-backend: error
# 永久性重定向
nginx.ingress.kubernetes.io/permanent-redirect: https://www.baidu.com
# 最大链接数
nginx.ingress.kubernetes.io/global-rate-limit: 1
# 白名单
nginx.ingress.kubernetes.io/whitelist-source-range: 192.168.11.102
# 自定义配置(配置片段)
nginx.ingress.kubernetes.io/configuration-snippet: |
deny 192.168.102;
allow all;
3、DaemonSet
每一个节点上都只部署一个Pod(node节点上部署,master上没有因为master节点上不允许调度)
主要用于收集日志
监控
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: daemonset
spec:
selector:
matchLabels:
app: daemonset
template:
metadata:
labels:
app: daemonset
spec:
containers:
- name: nginx
image: nginx
[root@k8s-master-01 k8s]# kubectl set image daemonset/daemonset nginx=nginx:1.19
daemonset.apps/daemonset image updated
[root@k8s-master-01 k8s]# kubectl get pods -o wide
#daemonset支持更新,但是不支持扩容
[root@k8s-master-01 k8s]# kubectl set image daemonset/daemonset nginx=nginx:1.9
daemonset.apps/daemonset image updated
4、StatefulSet
有状态集合。启动有顺序,而deployment是无状态的
是用在有状态的架构之中。
必须依赖于service才能创建的控制器,因为statefulset的网络是统一管理的,之前pod与pod之间网络是分开的,现在不是分开的,它是由service来统一管理的
MySQL
---
kind: Service
apiVersion: v1
metadata:
name: statefulset
spec:
selector:
app: statefulset
ports:
- port: 80
targetPort: 80
---
kind: StatefulSet
apiVersion: apps/v1
metadata:
name: statefulset
spec:
replicas: 5
selector:
matchLabels:
app: statefulset
serviceName: statefulset
template:
metadata:
labels:
app: statefulset
spec:
containers:
- name: nginx
image: nginx
[root@k8s-master-01 k8s]# vim statufulset.yaml
[root@k8s-master-01 k8s]# kubectl apply -f statufulset.yaml
service/statefulset created
statefulset.apps/statefulset created
[root@k8s-master-01 k8s]# kubectl get pods -o wide
#会按顺序启动
#更新镜像会按顺序更新,避免了网络混乱
[root@k8s-master-01 k8s]# kubectl set image statefulset/statefulset nginx=nginx:1.9
5、Job
只执行一次。
---
kind: Job
apiVersion: batch/v1
metadata:
name: job
spec:
template:
metadata:
labels:
app: job
spec:
restartPolicy: OnFailure
containers:
- name: mysql
image: mysql:5.7
command:
- "/bin/sh"
- "-c"
- "mysql -uroot -hmysql.mysql.svc.cluster.local -p123456 -e 'select sleep(20);'"
6、cronJob
定时执行Job
---
kind: CronJob
apiVersion: batch/v1beta1
metadata:
name: cronjob
spec:
jobTemplate:
metadata:
labels:
app: cronjob
spec:
template:
metadata:
labels:
app: cronjob
spec:
restartPolicy: OnFailure
containers:
- name: mysql
image: mysql:5.7
command:
- "/bin/sh"
- "-c"
- "mysql -uroot -hmysql.mysql.svc.cluster.local -p123456 -e 'select sleep(20);'"
schedule: '* * * * *'