标签:filebeat k8s kubernetes D23 DaemonSet kube 节点 daemonset
1、DaemonSet简介
- DaemonSet资源用于在集群中的每个节点上运行一个pod副本,具有以下特点
- 在每个节点上运行一个pod
- 当向集群中加入一个新节点或者从集群中移除一个节点时,DaemonSet会自动在新节点上启动一个pod或在移除的节点上删除pod
- 可以使用节点选择器或亲和性来定义pod应该在哪些节点上运行
- DaemonSet的特点也决定了它具有以下的应用场景:
- 在每个节点上运行日志采集程序:如filebeat、fluentd,以手机节点级别的日志
- 在每个节点运行监控代理程序,如:Prometheus exporter、 zabbix agent,以收集节点上的监控指标数据
- 在每个节点运行存储组件,如:ceph、glusterfs,以在每个节点上提供分布式存储能力,供应用程序使用
- 在每个节点上运行网络插件,如:calico、flannel,以在每个节点上实现网络转发功能。
2、DaemonSet创建
- 创建一个filebeat日志采集程序,需要在每个节点上进行部署进行采集日志。就要用到DaemonSet来管理filebeat,配置示例如下:
[root@k8s-master k8s]# cat filebeat-ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: filebeat
namespace: kube-system
spec:
selector:
matchLabels:
app: filebeat
template:
metadata:
labels:
app: filebeat
spec:
containers:
- name: filebeat
image: docker.elastic.co/beats/filebeat:8.10.1
volumeMounts:
- name: logs
mountPath: /var/log
volumes:
- name: logs
hostPath:
path: /var/log
- 在上述示例中,定义了一个hostpath类型的卷,用于将节点上的系统日志目录/var/log 挂载到容器中,以便filebeat可以读取系统日志文件
- 创建DaemonSet资源
[root@k8s-master k8s]# kubectl apply -f filebeat-ds.yaml
[root@k8s-master k8s]# kubectl get daemonset -n kube-system
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
filebeat 2 2 2 2 2 <none> 3m12s
kube-proxy 3 3 3 3 3 kubernetes.io/os=linux 24d
- 除了刚刚创建的filebeat,还有kube-proxy,也是通过DaemonSet进行管理
- 查看与filebeat相关的pod和运行的节点
[root@k8s-master k8s]# kubectl get pod -l app=filebeat -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
filebeat-9vl65 1/1 Running 0 5m46s 10.244.58.196 k8s-node02 <none> <none>
filebeat-p7hq5 1/1 Running 0 5m46s 10.244.85.218 k8s-node01 <none> <none>
- 可以看到,pod分别运行在k8s-node01和k8s-node02节点上,为什么k8s-master节点上没有运行呢,这是因为k8s-master节点默认设置了污点,需要配置相应的污点容忍度才能将其调度到该节点上
3、DaemonSet升级
- 可通过更新DaemonSet对象中的image字段或通过 kubectl set image 命令来实现filebeat的升级。
将filebeat从8.10.1 升级到8.10.2
[root@k8s-master k8s]# kubectl set image daemonset/filebeat filebeat=docker.elastic.co/beats/filebeat:8.10.2 -n kube-system
daemonset.apps/filebeat image updated
升级过程中进行检查
[root@k8s-master k8s]# kubectl get pod -l app=filebeat -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
filebeat-bxtjx 1/1 Running 0 85s 10.244.85.224 k8s-node01 <none> <none>
filebeat-tf8mx 0/1 ContainerCreating 0 38s <none> k8s-node02 <none> <none>
4、DaemonSet回滚
[root@k8s-master k8s]# kubectl rollout history daemonset/filebeat -n kube-system
[root@k8s-master k8s]# kubectl rollout history daemonset/filebeat -n kube-system
daemonset.apps/filebeat
REVISION CHANGE-CAUSE
1 <none>
2 <none>
[root@k8s-master k8s]# kubectl rollout undo daemonset/filebeat -n kube-system
daemonset.apps/filebeat rolled back
[root@k8s-master k8s]# kubectl rollout history daemonset/filebeat -n kube-system
daemonset.apps/filebeat
REVISION CHANGE-CAUSE
2 <none>
3 <none>
[root@k8s-master k8s]# kubectl get pod -l app=filebeat -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
filebeat-8q9h7 1/1 Running 0 23s 10.244.58.210 k8s-node02 <none> <none>
filebeat-skjrk 1/1 Running 0 20s 10.244.85.222 k8s-node01 <none> <none>
与Deployment不同,DaemonSet是通过Controllerrevision进行历史版本管理的。每次升级版本时,都会创建一个新的Controllerrevision对象,用于保存该版本的完整配置
[root@k8s-master k8s]# kubectl get controllerrevision -n kube-system
NAME CONTROLLER REVISION AGE
filebeat-7b974cb5bc daemonset.apps/filebeat 3 3h40m
filebeat-96bd7b554 daemonset.apps/filebeat 2 12m
kube-proxy-67485c9d66 daemonset.apps/kube-proxy 1 24d
查看详情
[root@k8s-master k8s]# kubectl describe controllerrevision filebeat-7b974cb5bc -n kube-system
Name: filebeat-7b974cb5bc
Namespace: kube-system
Labels: app=filebeat
controller-revision-hash=7b974cb5bc
Annotations: deprecated.daemonset.template.generation: 1
API Version: apps/v1
Data:
Spec:
Template:
$patch: replace
Metadata:
Creation Timestamp: <nil>
Labels:
App: filebeat
Spec:
Containers:
Image: docker.elastic.co/beats/filebeat:8.10.1
Image Pull Policy: IfNotPresent
Name: filebeat
Resources:
Termination Message Path: /dev/termination-log
Termination Message Policy: File
Volume Mounts:
Mount Path: /var/log
Name: logs
Dns Policy: ClusterFirst
Restart Policy: Always
Scheduler Name: default-scheduler
Security Context:
Termination Grace Period Seconds: 30
Volumes:
Host Path:
Path: /var/log
Type:
Name: logs
Kind: ControllerRevision
Metadata:
Creation Timestamp: 2024-09-20T04:06:54Z
Owner References:
API Version: apps/v1
Block Owner Deletion: true
Controller: true
Kind: DaemonSet
Name: filebeat
UID: 65a60c23-2c4e-45cf-aee5-2a883310d0df
Resource Version: 720105
UID: 779a82cf-90f3-4fbb-9ae8-38c1f6ba368c
Revision: 3
Events: <none>
- ControllerRevision对象实际上将更新的完整配置保存在data字段中。当执行回滚操作时,会读取data字段的内容来应用配置
5、删除
[root@k8s-master k8s]# kubectl delete daemonset filebeat -n kube-system
daemonset.apps "filebeat" deleted
标签:filebeat,
k8s,
kubernetes,
D23,
DaemonSet,
kube,
节点,
daemonset
From: https://www.cnblogs.com/suyj/p/18422654