1.1 控制器概述
Pod是kubernetes所有运行应用或部署服务的基础,可以看作是k8s中运行的机器人,应用单独运行在Pod中不具备高级的特性,比如节点故障时Pod无法自动迁移,Pod多副本横向扩展,应用滚动升级RollingUpdate等,因此Pod一般不会单独使用,需要使用控制器来实现。
我们先看一个概念ReplicationController副本控制器,简称RC,副本控制是实现Pod高可用的基础,其通过定义副本的副本数replicas,当运行的Pod数量少于replicas时RC会自动创建Pod,当Pod数量多于replicas时RC会自动删除多余的Pod,确保当前运行的Pod和RC定义的副本数保持一致。
副本控制器包括Deployment,ReplicaSet,ReplicationController,StatefulSet等。其中常用有两个:Deployment和StatefulSet,Deployment用于无状态服务,StatefulSet用于有状态服务,ReplicaSet作为Deployment后端副本控制器,ReplicationController则是旧使用的副本控制器。
为了实现不同的功能,kubernetes中提供多种不同的控制器满足不同的业务场景,可以分为四类:
- Stateless application无状态化应用,如Deployment,ReplicaSet,RC等;
- Stateful application有状态化应用,需要保存数据状态,如数据库,数据库集群;
- Node daemon节点支撑守护,适用于在所有或部分节点运行Daemon,如日志,监控采集;
- Batch批处理任务,非长期运行服务,分为一次性运行Job和计划运行CronJob两种。
本文我们主要介绍无状态服务副本控制器的使用,包括Deployment,ReplicaSet和ReplicationController。
1.2 Deployment
Deployment是实现无状态应用副本控制器,其通过declarative申明式的方式定义Pod的副本数,Deployment的副本机制是通过ReplicaSet实现,replicas副本的管理通过在ReplicaSet中添加和删除Pod,RollingUpdate通过新建ReplicaSet,然后逐步移除和添加ReplicaSet中的Pod数量,从而实现滚动更新,使用Deployment的场景如下:
- 滚动升级RollingUpdate,后台通过ReplicaSet实现
- 多副本replicas实现,增加副本(高负载)或减少副本(低负载)
- 应用回滚Rollout,版本更新支持回退
1.2.1 Deployment定义
- 我们定义一个Deployment,副本数为3,Pod以模版Template的形式封装在Deployment中,为了结合之前Pod学习内容,我们增加了resource和健康检查的定义,具体实现参考前面介绍的文章。
[root@node-1 happylau]# cat deployment-demo.yaml
apiVersion: apps/v1
kind: Deployment
metadata: #Deployment的元数据信息,包含名字,标签
name: deployment-nginx-demo
labels:
app: nginx
rc: deployment
annotations:
kubernetes.io/replicationcontroller: Deployment
kubernetes.io/description: "ReplicationController Deployment Demo"
spec:
replicas: 3 #副本数量,包含有3个Pod副本
selector: #标签选择器,选择管理包含指定标签的Pod
matchLabels:
app: nginx
rc: deployment
template: #如下是Pod的模板定义,没有apiVersion,Kind属性,需包含metadata定义
metadata: #Pod的元数据信息,必须包含有labels
labels:
app: nginx
rc: deployment
spec: #spec指定容器的属性信息
containers:
- name: nginx-deployment
image: nginx:1.7.9
imagePullPolicy: IfNotPresent
ports: #容器端口信息
- name: http-80-port
protocol: TCP
containerPort: 80
resources: #资源管理,requests请求资源,limits限制资源
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 200m
memory: 256Mi
livenessProbe: #健康检查器livenessProbe,存活检查
httpGet:
path: /index.html
port: 80
scheme: HTTP
initialDelaySeconds: 3
periodSeconds: 5
timeoutSeconds: 2
readinessProbe: #健康检查器readinessProbe,就绪检查
httpGet:
path: /index.html
port: 80
scheme: HTTP
initialDelaySeconds: 3
periodSeconds: 5
timeoutSeconds: 2
Deployment字段说明:
- deployment基本属性,包括apiVersion,Kind,metadata和spec,其中,deployment.metdata指定名称和标签内容,deployment.spec指定部署组的属性信息;
- deployment属性信息包含有replicas,Selector和template,其中replicas指定副本数目,Selector指定管理的Pod标签,template为定义Pod的模板,Deployment通过模板创建Pod;
- deployment.spec.template为Pod定义的模板,和Pod定义不太一样,template中不包含apiVersion和Kind属性,要求必须有metadata,deployment.spec.template.spec为容器的属性信息,其他定义内容和Pod一致。
- 生成Deployment,创建时加一个--record参数,会在annotation中记录deployment.kubernetes.io/revision版本
[root@node-1 happylau]# kubectl apply -f deployment-demo.yaml --record
deployment.apps/deployment-nginx-demo created
- 查看Deployment列表,运行时自动下载镜像,如下已运行了3个副本
[root@node-1 happylau]# kubectl get deployments deployment-nginx-demo
NAME READY UP-TO-DATE AVAILABLE AGE
deployment-nginx-demo 3/3 3 3 2m37s
NAME代表名称,metadata.name字段定义
READY代表Pod的健康状态,前面值是readiness,后面是liveness
UP-TO-DATE代表更新,用于滚动升级
AVAILABLE代表可用
AGE创建至今运行的时长
- 查看Deployment的详情,可以看到Deployment通过一个deployment-nginx-demo-866bb6cf78 replicaset副本控制器控制Pod的副本数量
- 查看replicaset的详情信息,通过Events可查看到deployment-nginx-demo-866bb6cf78创建了三个Pod
- 查看Pod详情,最终通过Pod定义的模版创建container,资源定义,健康检查等包含在Pod定义的模版中
通过上面的实战演练我们可得知Deployment的副本控制功能是由replicaset实现,replicaset生成Deployment中定义的replicas副本的数量,即创建多个副本,如下图所示:
1.2.2 Deployment扩容
当业务比较繁忙时可以通过增加副本数,增加副本数是通过yaml文件中的replicas控制的,当设置了replias后,Deployment控制器会自动根据当前副本数目创建所需的Pod数,这些pod会自动加入到service中实现负载均衡,相反减少副本数,这些pod会自动从service中删除。
- 将deployment的副本数扩容至4个,可通过修改yaml文件的replicas个数或者通过scale命令扩展。
[root@node-1 ~]# kubectl scale --replicas=4 deployment deployment-nginx-demo
deployment.extensions/deployment-nginx-demo scaled
- 查看Deployment副本数量,已增加至4个副本
[root@node-1 ~]# kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
deployment-nginx-demo 4/4 4 4 77m
- 副本的扩容是如何实现的呢?我们查看replicaset的详情信息观察,增加副本的个数是通过replicaset来扩容,通过模版复制新的Pod
- 副本缩容
[root@node-1 ~]# kubectl scale --replicas=2 deployment deployment-nginx-demo
deployment.extensions/deployment-nginx-demo scaled
[root@node-1 ~]# kubectl get deployments deployment-nginx-demo
NAME READY UP-TO-DATE AVAILABLE AGE
deployment-nginx-demo 2/2 2 2 7h41m
通过上面的操作演练我们可以得知:Deployment的扩容是通过ReplicaSet的模版创建Pod或删除Pod实现,scale是手动扩展实现副本的机制,kubernetes还提供了另外一种副本自动扩容机制horizontalpodautoscalers(Horizontal Pod Autoscaling),即通过定义CPU的利用率实现自动的横向扩展,由于需要依赖于监控组件,后续我们再做介绍。
1.2.3 滚动更新
Deployment支持滚动更新,默认创建Deployment后会增加滚动更新的策略,通过逐步替代replicas中的pod实现更新无服务中断(需要结合service),如下图所示:将一个deployment副本数为3的应用更新,先更新10.0.0.6 pod,更新pod应用,替换新的ip,然后加入到service中,以此类推再继续更新其他pod,从而实现滚动更新,不影响服务的升级。
通过类型为:RollingUpdate,每次更新最大的数量maxSurge是replicas总数的25%,最大不可用的数量maxUnavailable为25%,如下是通过kubectl get deployments deployment-nginx-demo -o yaml查看滚动更新相关的策略。
spec:
progressDeadlineSeconds: 600
replicas: 3
revisionHistoryLimit: 10
selector:
matchLabels:
app: nginx
rc: deployment
strategy: #strategy定义的是升级的策略,类型为RollingUpdate
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
- 滚动更新是当pod.template中定义的相关属性变化,如下将镜像更新到1.9.1,通过--record会记录操作命令
[root@node-1 ~]# kubectl set image deployments deployment-nginx-demo nginx-deployment=nginx:1.9.1 --record
deployment.extensions/deployment-nginx-demo image updated
- 查看滚动升级的状态(由于第一次nginx的镜像写错了,容器下载镜像失败,写成nignx,导致修改后有两次record)
[root@node-1 happylau]# kubectl rollout status deployment deployment-nginx-demo
deployment "deployment-nginx-demo" successfully rolled out
查看滚动升级版本,REVSISION代表版本号:
[root@node-1 happylau]# kubectl rollout history deployment deployment-nginx-demo
deployment.extensions/deployment-nginx-demo
REVISION CHANGE-CAUSE
1 <none>
2 kubectl set image deployments deployment-nginx-demo nginx-deployment=nignx:1.9.1 --record=true
3 kubectl set image deployments deployment-nginx-demo nginx-deployment=nignx:1.9.1 --record=true
- 观察Deployment的升级过程,新创建一个RS deployment-nginx-demo-65c8c98c7b,逐渐将旧RS中的pod替换,直至旧的RS deployment-nginx-demo-866bb6cf78上的副本数为0.
- 查看RS的列表,可以看到新的RS的副本数为2,其他RS副本数为0
[root@node-1 ~]# kubectl get replicasets
NAME DESIRED CURRENT READY AGE
deployment-nginx-demo-65c8c98c7b 2 2 2 21m #新的RS,REVSION为3
deployment-nginx-demo-6cb65f58c6 0 0 0 22m #镜像写错的RS,REVISON为2
deployment-nginx-demo-866bb6cf78 0 0 0 40m #旧的RS,对应REVSION为1
- 测试版本升级是否成功
[root@node-1 ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deployment-nginx-demo-65c8c98c7b-bzql9 1/1 Running 0 25m 10.244.1.58 node-2 <none> <none>
deployment-nginx-demo-65c8c98c7b-vrjhp 1/1 Running 0 25m 10.244.2.72 node-3 <none> <none>
[root@node-1 ~]# curl -I http://10.244.2.72
HTTP/1.1 200 OK
Server: nginx/1.9.1 #镜像的版本成功更新
Date: Mon, 28 Oct 2019 15:28:49 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 26 May 2015 15:02:09 GMT
Connection: keep-alive
ETag: "55648af1-264"
Accept-Ranges: bytes
1.2.4 版本回退
如果版本不符合预期,kubernetes提供回退的功能,和滚动更新一样,回退的功能Deployment将替换到原始的RS上,即逐步将Pod的副本替换到旧的RS上.
- 执行回滚,回退到REVISON版本为1
[root@node-1 ~]# kubectl rollout undo deployment deployment-nginx-demo --to-revision=1
deployment.extensions/deployment-nginx-demo rolled back
- 查看Deployment的回退状态和历史版本
[root@node-1 ~]# kubectl rollout status deployment deployment-nginx-demo
deployment "deployment-nginx-demo" successfully rolled out
[root@node-1 ~]# kubectl rollout history deployment deployment-nginx-demo
deployment.extensions/deployment-nginx-demo
REVISION CHANGE-CAUSE
2 kubectl set image deployments deployment-nginx-demo nginx-deployment=nignx:1.9.1 --record=true
3 kubectl set image deployments deployment-nginx-demo nginx-deployment=nignx:1.9.1 --record=true
4 <none>
- 查看Deployment的详情,可以看到RS已经会退到原始的RS了
- 测试nginx的版本
[root@node-1 ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
deployment-nginx-demo-866bb6cf78-9thtn 1/1 Running 0 3m42s 10.244.1.59 node-2 <none> <none>
deployment-nginx-demo-866bb6cf78-ws2hx 1/1 Running 0 3m48s 10.244.2.73 node-3 <none> <none>
#测试版本
[root@node-1 ~]# curl -I http://10.244.1.59
HTTP/1.1 200 OK
Server: nginx/1.7.9 #回退到1.7.9版本
Date: Mon, 28 Oct 2019 15:36:07 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 23 Dec 2014 16:25:09 GMT
Connection: keep-alive
ETag: "54999765-264"
Accept-Ranges: bytes
小结:通过上面的操作演练可知,Deployment是通过ReplicaSet实现Pod副本数的管理(扩容或减少副本数),滚动更新是通过新建RS,将Pod从旧的RS逐步更新到新的RS上;相反,回滚版本将会退到指定版本的ReplicaSet上。
1.3 ReplicaSet
ReplicaSet副本集简称RS,用于实现副本数的控制,通过上面的学习我们可以知道Deployment实际是调用ReplicaSet实现副本的控制,RS不具备滚动升级和回滚的特性,一般推荐使用Deployment,ReplicaSet的定义和Deployment差不多,如下:
- 定义ReplicaSet
[root@node-1 happylau]# cat replicaset-demo.yaml
apiVersion: extensions/v1beta1
kind: ReplicaSet
metadata:
name: replicaset-demo
labels:
controller: replicaset
annotations:
kubernetes.io/description: "Kubernetes Replication Controller Replication"
spec:
replicas: 3 #副本数
selector: #Pod标签选择器
matchLabels:
controller: replicaset
template: #创建Pod的模板
metadata:
labels:
controller: replicaset
spec: #容器信息
containers:
- name: nginx-replicaset-demo
image: nginx:1.7.9
imagePullPolicy: IfNotPresent
ports:
- name: http-80-port
protocol: TCP
containerPort: 80
- 创建RS并查看RS列表
[root@node-1 happylau]# kubectl apply -f replicaset-demo.yaml
replicaset.extensions/replicaset-demo created
[root@node-1 happylau]# kubectl get replicasets replicaset-demo
NAME DESIRED CURRENT READY AGE
replicaset-demo 3 3 3 15s
- 扩展副本数至4个
[root@node-1 happylau]# kubectl scale --replicas=4 replicaset replicaset-demo
replicaset.extensions/replicaset-demo scaled
[root@node-1 happylau]# kubectl get replicasets replicaset-demo
NAME DESIRED CURRENT READY AGE
replicaset-demo 4 4 4 76s
- 减少副本数至2个
[root@node-1 happylau]# kubectl scale --replicas=2 replicaset replicaset-demo
replicaset.extensions/replicaset-demo scaled
[root@node-1 happylau]# kubectl get replicasets replicaset-demo
NAME DESIRED CURRENT READY AGE
replicaset-demo 2 2 2 114s
- 镜像版本升级,验证得知不具备版本升级的能力
[root@node-1 happylau]# kubectl set image replicasets replicaset-demo nginx-replicaset-demo=nginx:1.9.1
replicaset.extensions/replicaset-demo image updated #命令执行成功了
ReplicaSet小结:通过上面的演示可以知道,RS定义和Deployment类似,能实现副本的控制,扩展和缩减,Deployment是更高层次的副本控制器,ReplicaSet主要为Deployment的副本控制器和滚动更新机制,ReplicaSet本身无法提供滚动更新的能力。
1.4 ReplicationController
ReplicationController副本控制器简称RC,是kubernetes中最早的副本控制器,RC是ReplicaSet之前的版本,ReplicationController提供副本控制能力,其定义方式和Deployment,ReplicaSet相类似,如下:
- 定义ReplicationController
[root@node-1 happylau]# cat rc-demo.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: rc-demo
labels:
controller: replicationcontroller
annotations:
kubernetes.io/description: "Kubernetes Replication Controller Replication"
spec:
replicas: 3
selector: #不能使用matchLables字符集模式
controller: replicationcontroller
template:
metadata:
labels:
controller: replicationcontroller
spec:
containers:
- name: nginx-rc-demo
image: nginx:1.7.9
imagePullPolicy: IfNotPresent
ports:
- name: http-80-port
protocol: TCP
containerPort: 80
- 生成RC并查看列表
[root@node-1 happylau]# kubectl apply -f rc-demo.yaml
replicationcontroller/rc-demo created
[root@node-1 happylau]# kubectl get replicationcontrollers
NAME DESIRED CURRENT READY AGE
rc-demo 3 3 3 103s
#查看详情
[root@node-1 happylau]# kubectl describe replicationcontrollers rc-demo
Name: rc-demo
Namespace: default
Selector: controller=replicationcontroller
Labels: controller=replicationcontroller
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"ReplicationController","metadata":{"annotations":{"kubernetes.io/description":"Kubernetes Replication Controlle...
kubernetes.io/description: Kubernetes Replication Controller Replication
Replicas: 3 current / 3 desired
Pods Status: 3 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
Labels: controller=replicationcontroller
Containers:
nginx-rc-demo:
Image: nginx:1.7.9
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfulCreate 113s replication-controller Created pod: rc-demo-hm8s9
Normal SuccessfulCreate 113s replication-controller Created pod: rc-demo-xnfht
Normal SuccessfulCreate 113s replication-controller Created pod: rc-demo-lfhc9
3.副本扩容至4个
[root@node-1 happylau]# kubectl scale --replicas=4 replicationcontroller rc-demo
replicationcontroller/rc-demo scaled
[root@node-1 happylau]# kubectl get replicationcontrollers
NAME DESIRED CURRENT READY AGE
rc-demo 4 4 4 3m23s
- 副本缩容至2个
[root@node-1 happylau]# kubectl scale --replicas=2 replicationcontroller rc-demo
replicationcontroller/rc-demo scaled
[root@node-1 happylau]# kubectl get replicationcontrollers
NAME DESIRED CURRENT READY AGE
rc-demo 2 2 2 3m51s
写在最后
本文介绍了kubernetes中三个副本控制器:Deployment,ReplicaSet和ReplicationController,当前使用最广泛的是Deployment,ReplicaSet为Deployment提供滚动更新机制,RC当前是旧版的副本控制器,当前已废弃,推荐使用Deployment控制器,具备副本控制器,扩展副本,缩减副本,滚动升级和回滚等高级能力。
参考文献
Deployment:https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
ReplicaSet:https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
ReplicationController:https://kubernetes.io/docs/concepts/workloads/controllers/