文章目录
- 一、Pod资源配置
- 1、非Object配置
- 2、spec.affinity
- 3、spec.containers
- 3.1、spec.containers.ports
- 3.2、spec.containers.env
- 3.3、spec.containers.volumeMounts
- 3.4、spec.containers.livenessProbe
- 3.5、spec.containers.readinessProbe
- 3.6、spec.containers.resources
- 3.7、spec.containers.lifecycle
- 3.8、spec.containers.volumeDevices
- 4、spec.volumes
- 4.1、spec.volumes.emptyDir
- 4.2、spec.volumes.hostPath
- 4.3、spec.volumes.nfs
- 4.4、spec.volumes.configMap
- 4.5、spec.volumes.secret
- 4.6、spec.volumes.persistentVolumeClaim
- 4.7、spec.volumes.storageos
- 5、spec.tolerations
- 6、spec.securityContext
- 二、Deployment资源配置(deploy)
- 三、StatefulSet资源配置(sts)
- 三、DaemonSet资源配置(ds)
- 四、pv资源配置
- 五、pvc资源配置
- 六、Service资源配置(svc)
- 六、Ingress资源配置(ing)
- 七、HorizontalPodAutoscaler资源配置(hpa)
一、Pod资源配置
1、非Object配置
apiVersion: v1
kind: Pod
metadata:
spec:
activeDeadlineSeconds: <integer>
automountServiceAccountToken: <boolean>
dnsPolicy: <string> # 'ClusterFirst', 'Default' or 'None'
enableServiceLinks: <boolean>
hostIPC: <boolean>
hostNetwork: <boolean>
hostPID: <boolean>
hostname: <string>
nodeName: <string>
nodeSelector: <map[string]string>
priority: <integer>
priorityClassName: <string>
restartPolicy: <string> # Always, OnFailure, Never
runtimeClassName: <string>
schedulerName: <string>
serviceAccount: <string>
serviceAccountName: <string>
shareProcessNamespace: <boolean>
subdomain: <string>
terminationGracePeriodSeconds: <integer>
2、spec.affinity
2.1、spec.affinity.nodeAffinity
spec:
affinity: <Object>
nodeAffinity: <Object>
requiredDuringSchedulingIgnoredDuringExecution: <Object>
nodeSelectorTerms: <[]Object> -required-
- matchExpressions: <[]Object>
- key: <string> -required-
operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)
values: <[]string>
- value1
- value2
matchFields: <[]Object> # 通过节点字段
- key: <string> -required-
operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)
values: <[]string>
- value1
- value2
preferredDuringSchedulingIgnoredDuringExecution: <[]Object>
- weight: <integer> -required-
preference: <Object> -required-
matchExpressions: <[]Object> # 通过节点标签
- key: <string> -required-
operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)
values: <[]string>
- value1
- value2
matchFields: <[]Object> # 通过节点字段
- key: <string> -required-
operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)
values: <[]string>
- value1
- value2
2.2、spec.affinity.podAffinity
spec:
affinity: <Object>
podAffinity: <Object>
requiredDuringSchedulingIgnoredDuringExecution: <[]Object>
namespaces: <[]string>
topologyKey: <string> -required-
labelSelector: <Object>
matchLabels: <map[string]string>
key1: value1
key2: value2
matchExpressions:
key: <string> -required-
operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)
values: <[]string>
- value1
- value2
preferredDuringSchedulingIgnoredDuringExecution: <[]Object>
- weight: <integer> -required-
podAffinityTerm: <Object> -required-
namespaces: <[]string>
topologyKey: <string> -required-
labelSelector: <Object>
matchLabels: <map[string]string>
key1: value1
key2: value2
matchExpressions:
key: <string> -required-
operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)
values: <[]string>
- value1
- value2
2.3、spec.affinity.podAntiAffinity
spec:
affinity: <Object>
podAntiAffinity: <Object>
requiredDuringSchedulingIgnoredDuringExecution: <[]Object>
namespaces: <[]string>
topologyKey: <string> -required-
labelSelector: <Object>
matchLabels: <map[string]string>
key1: value1
key2: value2
matchExpressions:
key: <string> -required-
operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)
values: <[]string>
- value1
- value2
preferredDuringSchedulingIgnoredDuringExecution: <[]Object>
- weight: <integer> -required-
podAffinityTerm: <Object> -required-
namespaces: <[]string>
topologyKey: <string> -required-
labelSelector: <Object>
matchLabels: <map[string]string>
key1: value1
key2: value2
matchExpressions:
key: <string> -required-
operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)
values: <[]string>
- value1
- value2
3、spec.containers
spec:
containers: <[]Object> # 容器配置
- name: <string> -required- # 容器名、DNS_LABEL
image: <string> # 镜像名称
imagePullPolicy: <string> # 镜像拉取策略,Always、Never、IfNotPresent
command: ["/bin/sh"]
args: ["-c", "while true; do echo hello; sleep 10;done"]
stdin: <boolean>
stdinOnce: <boolean>
terminationMessagePath: <string>
terminationMessagePolicy: <string>
tty: <boolean>
workingDir: <string>
3.1、spec.containers.ports
spec:
containers: <[]Object>
ports: <[]Object> # 端口配置
- name: <string> # 定义端口名
containerPort: <integer> -required- # 容器暴露的端口
protocol: <string> # UDP, TCP, or SCTP
hostIP: <string>
hostPort: <integer>
3.2、spec.containers.env
spec:
containers: <[]Object>
env: <[]Object> #环境变量配置
- name: <string> -required-
value: <string>
valueFrom: <Object>
configMapKeyRef: <Object>
name: <string>
key: <string> -required-
optional: <boolean>
fieldRef: <Object>
apiVersion: <string>
fieldPath: <string> -required-
resourceFieldRef: <Object>
containerName: <string>
divisor: <string>
resource: <string> -required-
secretKeyRef: <Object>
name: <string>
key: <string> -required-
optional: <boolean>
envFrom: <[]Object>
- configMapRef: <Object>
name: <string>
optional: <boolean>
secretRef: <Object>
name: <string>
optional: <boolean>
prefix: <string>
3.3、spec.containers.volumeMounts
spec:
containers: <[]Object>
volumeMounts: <[]Object> # 容器挂载卷配置
- name: <string> -required-
mountPath: <string> -required-
readOnly: <boolean> # 是否只读
mountPropagation: <string>
subPath: <string>
subPathExpr: <string>
3.4、spec.containers.livenessProbe
spec:
containers: <[]Object>
livenessProbe: <Object> # 存活探针
exec: <Object>
command: <[]string>
httpGet: <Object>
port: <string> -required-
path: <string>
host: <string>
httpHeaders: <[]Object>
name: <string> -required-
value: <string> -required-
scheme: <string>
tcpSocket: <Object> # TCPSocket指定涉及TCP端口的操作
port: <string> -required- # 容器暴露的端口
host: <string> # 默认pod的IP
initialDelaySeconds: <integer> # 设置多少秒后开始探测
failureThreshold: <integer> # 设置连续探测多少次失败后,标记为失败,默认三次
successThreshold: <integer> # 设置失败后探测的最小连续成功次数,默认为1
timeoutSeconds: <integer> # 设置探测超时的秒数,默认1s
periodSeconds: <integer> # 设置执行探测的频率(以秒为单位),默认1s
3.5、spec.containers.readinessProbe
spec:
containers: <[]Object>
readinessProbe: <Object> # 就绪探针
exec: <Object>
command: <[]string>
httpGet: <Object>
port: <string> -required-
path: <string>
host: <string>
httpHeaders: <[]Object>
name: <string> -required-
value: <string> -required-
scheme: <string>
tcpSocket: <Object> # TCPSocket指定涉及TCP端口的操作
port: <string> -required- # 容器暴露的端口
host: <string> # 默认pod的IP
initialDelaySeconds: <integer> # 设置多少秒后开始探测
failureThreshold: <integer> # 设置连续探测多少次失败后,标记为失败,默认三次
successThreshold: <integer> # 设置失败后探测的最小连续成功次数,默认为1
timeoutSeconds: <integer> # 设置探测超时的秒数,默认1s
periodSeconds: <integer> # 设置执行探测的频率(以秒为单位),默认1s
3.6、spec.containers.resources
spec:
containers: <[]Object>
resources: <Object>
resources: <Object> # 资源配置
requests: <map[string]string> # 要求分配的最小资源
memory: "1024Mi" # Mi,Gi
cpu: "500m" # 500m代表0.5CPU
limits: <map[string]string> # 能够分配的最大资源
memory:
cpu:
3.7、spec.containers.lifecycle
spec:
containers: <[]Object>
lifecycle: <Object>
postStart: <Object>
exec: <Object>
command: <[]string>
httpGet: <Object>
port: <string> -required-
path: <string>
host: <string>
httpHeaders: <[]Object>
name: <string> -required-
value: <string> -required-
scheme: <string>
tcpSocket: <Object>
port: <string> -required- # 容器暴露的端口
host: <string> # 默认pod的IP
preStop: <Object>
exec: <Object>
command: <[]string>
httpGet: <Object>
port: <string> -required-
path: <string>
host: <string>
httpHeaders: <[]Object>
name: <string> -required-
value: <string> -required-
scheme: <string>
tcpSocket: <Object>
port: <string> -required- # 容器暴露的端口
host: <string> # 默认pod的IP
3.8、spec.containers.volumeDevices
spec:
containers: <[]Object>
volumeDevices: <[]Object>
- name: <string> -required-
devicePath: <string> -required-
4、spec.volumes
4.1、spec.volumes.emptyDir
spec:
volumes: <[]Object> #数据卷配置
- name: <string> -required- #设置卷名称,与volumeMounts名称对应
emptyDir: <Object>
medium: <string>
sizeLimit: <string>
4.2、spec.volumes.hostPath
spec:
volumes: <[]Object> #数据卷配置
- name: <string> -required- #设置卷名称,与volumeMounts名称对应
hostPath: <Object> #设置挂载宿主机路径
path: <string> -required-
type: <string> #类型:DirectoryOrCreate、Directory、FileOrCreate、File、Socket、CharDevice、BlockDevice
4.3、spec.volumes.nfs
spec:
volumes: <[]Object> #数据卷配置
- name: <string> -required- #设置卷名称,与volumeMounts名称对应
nfs: <Object> #设置NFS服务器
server: <string> -required- #设置NFS服务器地址
path: <string> -required- #设置NFS服务器路径(该路径必须存在)
readOnly: <boolean> #设置是否只读
4.4、spec.volumes.configMap
spec:
volumes: <[]Object> #数据卷配置
- name: <string> -required- #设置卷名称,与volumeMounts名称对应
configMap: <Object>
name: <string> #configmap名称
defaultMode: <integer> #权限设置0~0777,默认0664
optional: <boolean> #指定是否必须定义configmap或其keys
items: <[]Object>
- key: <string> -required-
path: <string> -required-
mode: <integer>
4.5、spec.volumes.secret
spec:
volumes: <[]Object> #数据卷配置
- name: <string> -required- #设置卷名称,与volumeMounts名称对应
secret: <Object>
secretName: <string>
defaultMode: <integer> #权限设置0~0777,默认0664
optional: <boolean> #指定是否必须定义configmap或其keys
4.6、spec.volumes.persistentVolumeClaim
spec:
volumes: <[]Object> #数据卷配置
- name: <string> -required- #设置卷名称,与volumeMounts名称对应
persistentVolumeClaim: <Object>
claimName: <string> -required- #pvc名称
readOnly: <boolean>
4.7、spec.volumes.storageos
spec:
volumes: <[]Object> #数据卷配置
- name: <string> -required- #设置卷名称,与volumeMounts名称对应
storageos: <Object>
volumeName: <string>liangzhuyicong
volumeNamespace: <string>
fsType: <string>
secretRef: <Object>
name: <string>
5、spec.tolerations
spec:
tolerations: <[]Object>
effect: <string> # NoSchedule, PreferNoSchedule, NoExecute
key: <string>
value: <string>
operator: <string> # Exists, Equal
tolerationSeconds: <integer>
6、spec.securityContext
spec:
securityContext: <Object>
fsGroup: <boolean>
runAsGroup: <boolean>
runAsNonRoot: <boolean>
runAsUser: <boolean>
supplementalGroups: <[]integer>
seLinuxOptions: <Object>
level: <string>
role: <string>
type: <string>
user: <string>
sysctls: <[]Object>
name: <string> -required-
value: <string> -required-
二、Deployment资源配置(deploy)
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
spec:
minReadySeconds: <integer> # 设置pod准备就绪的最小秒数
paused: <boolean> # 表示部署已暂停并且deploy控制器不会处理该部署
progressDeadlineSeconds: <integer>
replicas: <integer> # pod的副本数量
revisionHistoryLimit: <integer> # 设置保留的历史版本个数,默认是10
rollbackTo: <Object>
revision: <integer> # 设置回滚的版本,设置为0则回滚到上一个版本
selector: <Object> # pod标签选择器,匹配pod标签,默认使用pods的标签
matchLabels: <map[string]string>
key1: value1
key2: value2
matchExpressions: <[]Object>
operator: <string> -required- #设定标签键与一组值的关系,In, NotIn, Exists and DoesNotExist
key: <string> -required-
values: <[]string>
strategy: <Object> # 将现有pod替换为新pod的部署策略
rollingUpdate: <Object> # 滚动更新配置参数,仅当类型为RollingUpdate
maxSurge: <string> # 滚动更新过程产生的最大pod数量,可以是个数,也可以是百分比
maxUnavailable: <string> #
type: <string> #部署类型,Recreate,RollingUpdate
template: <Object> -required- # 同pod配置
三、StatefulSet资源配置(sts)
apiVersion: apps/v1
kind: StatefulSet
metadata:
spec:
podManagementPolicy: <string> # pod更新替换策略,OrderedReady(默认)、Parallel
replicas: <integer> # 副本数
revisionHistoryLimit: <integer> # 历史版本
serviceName: <string> -required- # 设置headless服务名
selector: <Object> -required- # 标签选择器
matchLabels: <map[string]string>
key1: value1
key2: value2
matchExpressions: <[]Object>
operator: <string> -required- #设定标签键与一组值的关系,In, NotIn, Exists and DoesNotExist
key: <string> -required-
values: <[]string>
template: <Object> -required- # 同pod配置
updateStrategy: <Object>
rollingUpdate: <Object>
partition: <integer> # 默认为0
type: <string> # 默认RollingUpdate
volumeClaimTemplates: <[]Object>
- apiVersion: <string>
kind: <string>
metadata: <Object>
spec: <Object>
accessModes: <[]string>
resources: <Object> # 参考链接:https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
limits: <map[string]string>
requests: <map[string]string>
storage: 5Gi
dataSource: <Object>
apiGroup: <string>
kind: <string> -required-
name: <string> -required-
selector: <Object>
matchLabels: <map[string]string>
key1: value1
key2: value2
matchExpressions: <[]Object>
operator: <string> -required- #设定标签键与一组值的关系,In, NotIn, Exists and DoesNotExist
key: <string> -required-
values: <[]string>
storageClassName: <string>
volumeMode: <string>
volumeName: <string>
三、DaemonSet资源配置(ds)
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
spec:
minReadySeconds: <integer>
revisionHistoryLimit: <integer>
selector: <Object>
template: <Object> -required-
templateGeneration: <integer> #已过时
updateStrategy: <Object>
四、pv资源配置
1、标配
apiVersion: v1
kind: PersistentVolume
metadata:
spec:
accessModes: <[]string>
persistentVolumeReclaimPolicy: <string>
storageClassName: <string>
capacity: <map[string]string>
storage: 5Gi #容量设置
2、spec.nfs
spec:
nfs: <Object>
server: <string> -required- # nfs服务器地址
path: <string> -required- # nfs服务器存储路径设置
readOnly: <boolean> # 是否只读
3、spec.hostPath
spec:
hostPath: <Object>
path: <string> -required-
type: <string> # 参考链接:https://kubernetes.io/docs/concepts/storage/volumes/#hostpath
4、spec.storageos
spec:
storageos: <Object>
fsType: <string> # "ext4", "xfs", "ntfs",未指定默认为ext4
readOnly: <boolean>
volumeName: <string>
volumeNamespace: <string>
secretRef: <Object>
apiVersion: <string>
kind: <string>
name: <string>
namespace: <string>
fieldPath: <string>
resourceVersion: <string>
uid: <string>
五、pvc资源配置
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
spec:
accessModes: <[]string>
storageClassName: <string>
volumeMode: <string>
volumeName: <string>
resources: <Object> # 参考链接:https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
limits: <map[string]string>
requests: <map[string]string>
storage: 5Gi
dataSource: <Object>
apiGroup: <string>
kind: <string> -required-
name: <string> -required-
selector: <Object>
matchLabels: <map[string]string>
key1: value1
key2: value2
matchExpressions: <[]Object>
operator: <string> -required- #设定标签键与一组值的关系,In, NotIn, Exists and DoesNotExist
key: <string> -required-
values: <[]string>
六、Service资源配置(svc)
apiVersion: v1
kind: Service
metadata:
spec:
clusterIP: <string>
externalIPs: <[]string>
externalName: <string>
externalTrafficPolicy: <string>
healthCheckNodePort: <integer>
loadBalancerIP: <string>
loadBalancerSourceRanges: <[]string>
ports: <[]Object>
publishNotReadyAddresses: <boolean>
selector: <map[string]string>
key: value
sessionAffinity: <string>
sessionAffinityConfig: <Object>
clientIP: <Object>
timeoutSeconds: <integer>
type: <string> # ExternalName, ClusterIP, NodePort, LoadBalancer
六、Ingress资源配置(ing)
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
spec:
backend: <Object>
serviceName: <string> -required-
servicePort: <string> -required-
rules: <[]Object>
host: <string>
http: <Object>
paths: <[]Object> -required-
backend: <Object> -required-
serviceName: <string> -required-
servicePort: <string> -required-
path: <string>
tls: <[]Object>
hosts: <[]string>
secretName: <string>
七、HorizontalPodAutoscaler资源配置(hpa)
kubectl autoscale (-f FILENAME | TYPE NAME | TYPE/NAME) [--min=MINPODS] --max=MAXPODS [--cpu-percent=CPU] [options]
spec:
maxReplicas: <integer> -required- # 最大副本数
minReplicas: <integer> # 最小副本数,默认为1
targetCPUUtilizationPercentage: <integer> #
scaleTargetRef: <Object> -required- #设置指定资源类型
apiVersion: <string>
kind: <string> -required-
name: <string> -required-