1、replicaset基础
前面都是通过yaml文件创建自主式pod,如果pod中的服务都是通过单纯的重启策略restartPolicy(always、OnFailure、never)来重启pod,但是如果pod运行的node 异常,重启策略将无法生效。或者当POD被手贱删除后,重启策略也无法生效。此时就需要控制器实现POD数量的一致性。
常见的控制器包括replicationController、replicaset、deployment、statefulset、deamonSet
我司产品所用的副本控制器是replication Controller,但是现在官方已经推荐使用replicaset取代之。
cat > my-first-rs.yaml << EOF
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: first-repicaset
labels:
func: first-rs
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
name: nginx
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- name: test
containerPort: 8080
hostPort: 30001
EOF
[root@master-worker-node-1 replicaset]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
first-repicaset-8mlsk 1/1 Running 0 8s 10.244.31.27 only-worker-node-3 <none> <none>
first-repicaset-g9v52 1/1 Running 0 7s 10.244.132.199 master-worker-node-2 <none> <none>
first-repicaset-hdxpt 1/1 Running 0 8s 10.244.54.41 only-worker-node-4 <none> <none>
上面的nginx pod就可以通过hostip访问,能被访问到还是靠IPtable实现。
Chain CNI-DN-254e4b91f4057a7a08054 (1 references)
pkts bytes target prot opt in out source destination
0 0 CNI-HOSTPORT-SETMARK tcp -- * * 10.244.31.31 0.0.0.0/0 tcp dpt:30001
1 60 CNI-HOSTPORT-SETMARK tcp -- * * 127.0.0.1 0.0.0.0/0 tcp dpt:30001
3 180 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:30001 to:10.244.31.31:80
[root@master-worker-node-1 replicaset]# kubectl get replicaset -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
first-repicaset 3 3 3 2m31s nginx nginx:latest app=nginx
2、replicaset扩容、缩容
方法一:kubectl edit replicaset my-first-rs
[root@master-worker-node-1 replicaset]# kubectl edit replicaset first-repicaset
replicaset.apps/first-repicaset edited
[root@master-worker-node-1 replicaset]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
first-repicaset-8ptmt 1/1 Running 0 6m4s 10.244.31.32 only-worker-node-3 <none> <none>
first-repicaset-cxvqd 1/1 Running 0 6m4s 10.244.132.203 master-worker-node-2 <none> <none>
first-repicaset-l22gd 1/1 Running 0 6s 10.244.31.33 only-worker-node-3 <none> <none>
first-repicaset-sfsbz 1/1 Running 0 6s 10.244.54.46 only-worker-node-4 <none> <none>
first-repicaset-vr77f 1/1 Running 0 6m4s 10.244.54.45 only-worker-node-4 <none> <none>
[root@master-worker-node-1 replicaset]# kubectl get rs
NAME DESIRED CURRENT READY AGE
first-repicaset 5 5 5 6m8s
[root@master-worker-node-1 replicaset]# kubectl get rs -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
first-repicaset 5 5 5 6m11s nginx nginx:latest app=nginx
方法二:修改yaml文件,然后apply
[root@master-worker-node-1 replicaset]# cp my-first-rs.yaml my-first-rs-2.yaml
[root@master-worker-node-1 replicaset]# vi my-first-rs-2.yaml
[root@master-worker-node-1 replicaset]# cat my-first-rs-2.yaml | grep replicas
replicas: 4
[root@master-worker-node-1 replicaset]# kubectl apply -f my-first-rs-2.yaml
replicaset.apps/first-repicaset configured
[root@master-worker-node-1 replicaset]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
first-repicaset-8ptmt 1/1 Running 0 8m38s 10.244.31.32 only-worker-node-3 <none> <none>
first-repicaset-cxvqd 1/1 Running 0 8m38s 10.244.132.203 master-worker-node-2 <none> <none>
first-repicaset-sfsbz 1/1 Running 0 2m40s 10.244.54.46 only-worker-node-4 <none> <none>
first-repicaset-vr77f 1/1 Running 0 8m38s 10.244.54.45 only-worker-node-4 <none> <none>
[root@master-worker-node-1 replicaset]# kubectl get rs -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
first-repicaset 4 4 4 8m45s nginx nginx:latest app=nginx
replicaset更新POD
replicaset更新pod不是自动更新。
修改pod使用的镜像模拟版本更新
[root@master-worker-node-1 replicaset]# diff my-first-rs-update.yaml my-first-rs.yaml
20c20
< image: tomcat:latest
---
> image: nginx:latest #将原始的nginx镜像更换为Tomcat镜像
执行更新操作
[root@master-worker-node-1 replicaset]# kubectl apply -f my-first-rs-update.yaml
replicaset.apps/first-repicaset configured
虽然RS修改修改了镜像信息,但是POD却没有变化,没有进行自动更新
[root@master-worker-node-1 replicaset]# kubectl get rs -o wide
NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
first-repicaset 3 3 3 14m nginx tomcat:latest app=nginx
[root@master-worker-node-1 replicaset]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
first-repicaset-8ptmt 1/1 Running 0 15m 10.244.31.32 only-worker-node-3 <none> <none>
first-repicaset-cxvqd 1/1 Running 0 15m 10.244.132.203 master-worker-node-2 <none> <none>
first-repicaset-vr77f 1/1 Running 0 15m 10.244.54.45 only-worker-node-4 <none> <none>
[root@master-worker-node-1 replicaset]# kubectl get pods first-repicaset-8ptmt -o yaml | grep image -w
- image: nginx:latest
image: docker.io/library/nginx:latest
需要手动删除POD,让pod重建,从而让新pod采用新镜像重建。正式环境不能一次性删除
[root@master-worker-node-1 replicaset]# kubectl delete pods first-repicaset-8ptmt first-repicaset-cxvqd first-repicaset-vr77f
pod "first-repicaset-8ptmt" deleted
pod "first-repicaset-cxvqd" deleted
pod "first-repicaset-vr77f" deleted
[root@master-worker-node-1 replicaset]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
first-repicaset-6jscc 1/1 Running 0 62s 10.244.132.204 master-worker-node-2 <none> <none>
first-repicaset-fqds5 1/1 Running 0 63s 10.244.31.34 only-worker-node-3 <none> <none>
first-repicaset-hj9qm 1/1 Running 0 63s 10.244.54.47 only-worker-node-4 <none> <none>
镜像完成更新
[root@master-worker-node-1 replicaset]# for i in `kubectl get pods -o wide | grep -v NAME | awk '{print $1}' `;do kubectl get pods $i -o yaml | grep image -w ;done
- image: tomcat:latest
image: docker.io/library/tomcat:latest
- image: tomcat:latest
image: docker.io/library/tomcat:latest
- image: tomcat:latest
image: docker.io/library/tomcat:latest
小结
replicaset可以保证POD的运行数量,配合livenessprobe、readinessprobe可以实现运行的业务稳定
replicaset可以实现在线的扩容、缩容
replicaset不能进行自动更新,需要手动删除POD以重建让镜像生效。生产环境中,删除POD,可能出现性能压力。切不能同时删除所有pod,更不能删除RS再重建。