Kubernetes Pod详解
Kubernetes Pod详解
Pod概念
Pod是Kubernetes中最小的可部署单元,是一组共享网络和存储的容器。
Pod生命周期
Pending → Running → Succeeded/Failed
↓
等待调度 运行中 完成/失败
Pod状态
| 状态 | 说明 |
|---|---|
| Pending | 等待调度或拉取镜像 |
| Running | 至少一个容器运行中 |
| Succeeded | 所有容器成功退出 |
| Failed | 至少一个容器失败 |
| Unknown | 状态未知 |
Pod配置详解
apiVersion: v1
kind: Pod
metadata:
name: myapp
labels:
app: myapp
env: production
spec:
# 容器配置
containers:
- name: myapp
image: myapp:v1
ports:
- containerPort: 8080
protocol: TCP
# 资源限制
resources:
requests:
cpu: "100m"
memory: "128Mi"
limits:
cpu: "500m"
memory: "512Mi"
# 环境变量
env:
- name: DB_HOST
value: "mysql-service"
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: db-secret
key: password
# 挂载卷
volumeMounts:
- name: config
mountPath: /etc/config
- name: data
mountPath: /data
# 健康检查
livenessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /ready
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
# 卷配置
volumes:
- name: config
configMap:
name: myapp-config
- name: data
persistentVolumeClaim:
claimName: myapp-data
# 调度配置
nodeSelector:
disk: ssd
# 重启策略
restartPolicy: Always
多容器Pod模式
Sidecar模式
apiVersion: v1
kind: Pod
metadata:
name: app-with-logging
spec:
containers:
- name: app
image: myapp:v1
- name: log-collector
image: fluentd:latest
volumeMounts:
- name: logs
mountPath: /var/log
volumes:
- name: logs
emptyDir: {}
Init容器
apiVersion: v1
kind: Pod
metadata:
name: myapp
spec:
initContainers:
- name: init-db
image: busybox
command: ['sh', '-c', 'until nslookup mysql-service; do sleep 2; done']
containers:
- name: myapp
image: myapp:v1
Pod调度
亲和性
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: disktype
operator: In
values:
- ssd
污点和容忍
spec:
tolerations:
- key: "dedicated"
operator: "Equal"
value: "special-user"
effect: "NoSchedule"
实践:部署应用Pod
# 快速创建Pod
kubectl run nginx --image=nginx --port=80
# 查看Pod
kubectl get pods -o wide
# 查看Pod详情
kubectl describe pod nginx
# 进入Pod
kubectl exec -it nginx -- /bin/bash
# 查看Pod日志
kubectl logs nginx
# 删除Pod
kubectl delete pod nginx
Pod调试
# 查看Pod事件
kubectl describe pod pod_name
# 查看Pod日志
kubectl logs pod_name
kubectl logs pod_name -c container_name
# 调试命令
kubectl exec -it pod_name -- sh
# 创建调试Pod
kubectl run debug --image=busybox --rm -it -- /bin/sh
总结
Pod是Kubernetes的核心概念。理解Pod的生命周期、配置和调度机制,是掌握Kubernetes的关键。