发布于 2016-01-01 03:45:53 | 429 次阅读 | 评论: 0 | 来源: PHPERZ

这里有新鲜出炉的精品教程，程序狗速度看过来！

Kubernetes 容器集群管理系统

Kubernetes 是来自 Google 云平台的开源容器集群管理系统。基于 Docker 构建一个容器的调度服务。该系统可以自动在一个容器集群中选择一个工作容器供使用。其核心概念是 Container Pod。

---

上一篇我们部署了Kubernetes集群，接下来会在这个集群上运行一个简单的应用。

以下面的图来安装一个简单的静态内容的nginx应用：

首先，我们用复制器启动一个2个备份的nginx Pod。然后在前面挂Service，一个service只能被集群内部访问，一个能被集群外的节点访问。

1. 部署nginx pod 和复制器

#cat nginx-rc.yaml 
apiVersion: v1 
kind: ReplicationController 
metadata: 
  name: nginx-controller 
spec: 
  replicas: 2 
  selector: 
    name: nginx 
  template: 
    metadata: 
      labels: 
        name: nginx 
    spec: 
      containers: 
        - name: nginx 
          image: nginx 
          ports: 
            - containerPort: 80

我们定义了一个nginx pod复制器，复制份数为2，我们使用nginx docker镜像。

执行下面的操作创建nginx pod复制器:

[root@master test]# kubectl create -f nginx-rc.yaml 
replicationcontrollers/nginx-controller

记得先去下载gcr.io镜像，然后改名，否则会提示失败。由于还会下载nginx镜像，所以所创建的Pod需要等待一些时间才能处于running状态。

[root@master test]# kubectl get pods
NAME                     READY     STATUS    RESTARTS   AGE
nginx                    1/1       Running   0          1d
nginx-controller-dkl3v   1/1       Running   0          14s
nginx-controller-hxcq8   1/1       Running   0          14s

我们可以使用describe 命令查看pod的相关信息:

[root@master test]# kubectl describe pod nginx-controller-dkl3v
Name:				nginx-controller-dkl3v
Namespace:			default
Image(s):			nginx
Node:				192.168.32.17/192.168.32.17
Labels:				name=nginx
Status:				Running
Reason:				
Message:			
IP:				172.17.67.2
Replication Controllers:	nginx-controller (2/2 replicas created)
Containers:
  nginx:
    Image:		nginx
    State:		Running
      Started:		Wed, 30 Dec 2015 02:03:19 -0500
    Ready:		True
    Restart Count:	0
Conditions:
  Type		Status
  Ready 	True 
Events:
  FirstSeen				LastSeen			Count	From			SubobjectPath			Reason		Message
  Wed, 30 Dec 2015 02:03:14 -0500	Wed, 30 Dec 2015 02:03:14 -0500	1	{scheduler }						scheduled	Successfully assigned nginx-controller-dkl3v to 192.168.32.17
  Wed, 30 Dec 2015 02:03:15 -0500	Wed, 30 Dec 2015 02:03:15 -0500	1	{kubelet 192.168.32.17}	implicitly required container POD	pulled		Pod container image "kubernetes/pause" already present on machine
  Wed, 30 Dec 2015 02:03:16 -0500	Wed, 30 Dec 2015 02:03:16 -0500	1	{kubelet 192.168.32.17}	implicitly required container POD	created		Created with docker id e88dffe46a28
  Wed, 30 Dec 2015 02:03:17 -0500	Wed, 30 Dec 2015 02:03:17 -0500	1	{kubelet 192.168.32.17}	implicitly required container POD	started		Started with docker id e88dffe46a28
  Wed, 30 Dec 2015 02:03:18 -0500	Wed, 30 Dec 2015 02:03:18 -0500	1	{kubelet 192.168.32.17}	spec.containers{nginx}		created		Created with docker id 25fcb6b4ce09
  Wed, 30 Dec 2015 02:03:19 -0500	Wed, 30 Dec 2015 02:03:19 -0500	1	{kubelet 192.168.32.17}	spec.containers{nginx}		started		Started with docker id 25fcb6b4ce09

2. 部署节点内部可访问的nginx service

Service的type有ClusterIP和NodePort之分，缺省是ClusterIP，这种类型的Service只能在集群内部访问。配置文件如下：

#cat nginx-service-clusterip.yaml 
apiVersion: v1 
kind: Service 
metadata: 
  name: nginx-service-clusterip 
spec: 
  ports: 
    - port: 8001 
      targetPort: 80 
      protocol: TCP 
  selector: 
    name: nginx

执行下面的命令创建service:

[root@master test]# kubectl create -f ./nginx-service-clusterip.yaml 
services/nginx-service-clusterip

查看所创建的service：

[root@master test]# kubectl get service
NAME                      LABELS                                    SELECTOR     IP(S)            PORT(S)
kubernetes                component=apiserver,provider=kubernetes   <none>       10.254.0.1       443/TCP
nginx-service-clusterip   <none>                                    name=nginx   10.254.234.255   8001/TCP

上面的输出告诉我们这个 Service的Cluster IP是10.254.234.255，端口是8001。下面我们验证这个PortalNet IP的工作情况：

在192.168.32.16上执行以下命令：

[root@minion1 ~]# curl -s 10.254.234.255:8001
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

从前面部署复制器的部分我们知道nginx Pod运行在17节点上。上面我们特意从16代理节点上访问我们的服务来体现Service Cluster IP在所有集群代理节点的可到达性。

3. 部署外部可访问的nginx service

下面我们创建NodePort类型的Service，这种类型的Service在集群外部是可以访问。配置文件如下：

cat nginx-service-nodeport.yaml 
apiVersion: v1 
kind: Service 
metadata: 
  name: nginx-service-nodeport 
spec: 
  ports: 
    - port: 8000
      targetPort: 80 
      protocol: TCP 
  type: NodePort
  selector: 
    name: nginx

执行如下命令创建service并进行查看：

[root@master test]# kubectl create -f ./nginx-service-nodeport.yaml 
You have exposed your service on an external port on all nodes in your
cluster.  If you want to expose this service to the external internet, you may
need to set up firewall rules for the service port(s) (tcp:31000) to serve traffic.

See http://releases.k8s.io/HEAD/docs/user-guide/services-firewalls.md for more details.
services/nginx-service-nodeport

[root@master test]# kubectl get service
NAME                      LABELS                                    SELECTOR     IP(S)            PORT(S)
kubernetes                component=apiserver,provider=kubernetes   <none>       10.254.0.1       443/TCP
nginx-service-clusterip   <none>                                    name=nginx   10.254.234.255   8001/TCP
nginx-service-nodeport    <none>                                    name=nginx   10.254.210.68    8000/TCP

创建service时提示需要设置firewall rules，不用去管，不影响后续操作。

查看创建的service：

[root@master test]# kubectl describe service nginx-service-nodeport
Name:			nginx-service-nodeport
Namespace:		default
Labels:			<none>
Selector:		name=nginx
Type:			NodePort
IP:			10.254.210.68
Port:			<unnamed>	8000/TCP
NodePort:		<unnamed>	31000/TCP
Endpoints:		172.17.67.2:80,172.17.67.3:80
Session Affinity:	None
No events.

这个 Service的节点级别端口是31000。下面我们验证这个 Service的工作情况：

[root@master test]# curl -s 192.168.32.16:31000
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

[root@master test]# curl -s 192.168.32.17:31000
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

不管是从16还是17，都能访问到我们的服务。

4. 总结

本文只是一个简单的应用，在应用部署时，了解Kubernetes的应用模型是非常重要的。还需要对Kubernetes进行更深入的研究。