Docker 与 K8S学习笔记(二十四)—— 工作负载的使用

语言: CN / TW / HK

我们前面讲了很多关于Pod的使用,但是在实际应用中,我们不会去直接创建Pod,我们一般通过Kubernetes提供的工作负载(Deployment、DeamonSet、StatefulSet、Job等)完成对一组Pod全生命周期的控制,本节开始我们来看看这些工作负载是如何使用的。

一、Deployments

Deployments可以自动部署一个容器应用的多个副本,监控其副本数量并始终维持这一数量。我们来创建一个Deployments看看:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 3
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80

我们的Deployment会创建并维持三个nginx副本,我们通过kubectl create创建此Deployment:

[[email protected] workspace] kubectl create -f demo_deployment.yml
[[email protected] workspace] kubectl get deployments
NAME               READY   UP-TO-DATE   AVAILABLE   AGE
nginx-deployment   3/3     3            3           2m40s
[[email protected] workspace] kubectl get pods
NAME                               READY   STATUS    RESTARTS   AGE
nginx-deployment-585449566-b6v88   1/1     Running   0          2m4s
nginx-deployment-585449566-p4vb7   1/1     Running   0          2m4s
nginx-deployment-585449566-s95sr   1/1     Running   0          2m4s

我们看到三个nginx的Pod豆启动完毕了,当我们手动杀掉一个Pod,Deployment会自动将其恢复:

[[email protected] workspace] kubectl delete pod nginx-deployment-585449566-b6v88
[[email protected] workspace] kubectl get pods
NAME                               READY   STATUS              RESTARTS   AGE
nginx-deployment-585449566-b6v88   0/1     Terminating         0          7m23s
nginx-deployment-585449566-nbrdm   0/1     ContainerCreating   0          6s
nginx-deployment-585449566-p4vb7   1/1     Running             0          7m23s
nginx-deployment-585449566-s95sr   1/1     Running             0          7m23s

我们前面说过Deployment是自动启动并调度Pod的,这三个Pod最终在哪些节点上运行,完全由master的Scheduler来控制,我们通过-o wide来看看这三个Pod都分布在哪里:

[[email protected] workspace] kubectl get pods -o wide
NAME                               READY   STATUS    RESTARTS   AGE     IP           NODE      NOMINATED NODE   READINESS GATES
nginx-deployment-585449566-nbrdm   1/1     Running   0          3m12s   10.244.1.8   kubevm2   <none>           <none>
nginx-deployment-585449566-p4vb7   1/1     Running   0          10m     10.244.2.5   kubevm3   <none>           <none>
nginx-deployment-585449566-s95sr   1/1     Running   0          10m     10.244.1.7   kubevm2   <none>           <none>

二、DaemonSet

DaemonSet是kubernetes 1.2新增的资源对象,它可以确保在每个Node上仅运行一份Pod的副本,DaemonSet可用于以下场景:

  • 在每个节点上运行集群守护进程

  • 在每个节点上运行日志收集守护进程

  • 在每个节点上运行监控守护进程

我们创建一个DaemonSet看看效果,我们还是以Nginx为例,下面的例子定义的Daemon将会为每个Node都启动一个Nginx容器:

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: nginx-daemonset
  labels:
    app: nginx
spec:
  selector:
    matchLabels:
      name: nginx-daemonset
  template:
    metadata:
      labels:
        name: nginx-daemonset
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80

我们创建此DaemonSet看看:

[[email protected] workspace] kubectl create -f demo_daemonset.yml
daemonset.apps/nginx-daemonset created
[[email protected] workspace] kubectl get DaemonSet
NAME              DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
nginx-daemonset   2         2         2       2            2           <none>          11m
[[email protected] workspace] kubectl get pods -o wide
NAME                    READY   STATUS    RESTARTS   AGE   IP            NODE      NOMINATED NODE   READINESS GATES
nginx-daemonset-49tcp   1/1     Running   0          14m   10.244.1.13   kubevm2   <none>           <none>
nginx-daemonset-w2xc2   1/1     Running   0          14m   10.244.2.11   kubevm3   <none>           <none>

与Deployment不同的是,我们在yaml中没有指定replicas,但是DaemonSet自动为除Master节点外每一个Node都创建了一个副本,这里大家可能会问:为什么Master没有Pod副本呢?这个因为缺省状态下,DaemonSet只会在Node中创建副本,如果需要在Master中也启动Pod,则需要设置容忍度:

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: nginx-daemonset
  labels:
    app: nginx
spec:
  selector:
    matchLabels:
      name: nginx-daemonset
  template:
    metadata:
      labels:
        name: nginx-daemonset
    spec:
      tolerations:
      - key: node-role.kubernetes.io/control-plane
        operator: Exists
        effect: NoSchedule
      - key: node-role.kubernetes.io/master
        operator: Exists
        effect: NoSchedule
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80

我们重新创建DaemonSet,看看效果:

[[email protected] workspace] kubectl get pods -o wide
NAME                    READY   STATUS    RESTARTS   AGE   IP            NODE      NOMINATED NODE   READINESS GATES
nginx-daemonset-45z95   1/1     Running   0          46s   10.244.2.13   kubevm3   <none>           <none>
nginx-daemonset-9z2lt   1/1     Running   0          46s   10.244.0.5    kubevm1   <none>           <none>
nginx-daemonset-cjf6k   1/1     Running   0          46s   10.244.1.15   kubevm2   <none>           <none>

关于容忍度的内容我们后续会详细介绍。

三、Jobs

我们使用Jobs可以定义并启动一个批处理任务,处理完成后,整个批处理任务结束。下面我们创建一个Job,此Job会输出一段文本:

apiVersion: batch/v1
kind: Job
metadata:
  name: echo
spec:
  template:
    spec:
      containers:
      - name: echo
        image: busybox
        command: ["sh", "-c", "echo this a job"]
      restartPolicy:  Never

我们创建Job看一下效果:

[[email protected] workspace] kubectl get job
NAME   COMPLETIONS   DURATION   AGE
echo   1/1           14s        7h3m
[[email protected] workspace] kubectl get pods
NAME         READY   STATUS      RESTARTS   AGE
echo-c5kmf   0/1     Completed   0          7h3m
[[email protected] workspace] kubectl logs echo-c5kmf
this a job

我们设置Job运行完毕后不会重启,所以最终其Pod状态为Complated。

上面的例子只是起了一个Pod比较简单,在实际应用中,我们往往会启动多个Pod并行处理任务,因此Job的使用有以下三种常见模式:

    • Non-parallel Jobs:一个Job只启动一个Pod,当Pod异常会重启Pod,一旦此Pod正常结束,Job将结束。

    • Parallel Jobs with a fixed completiong count:并行Job会启动多个Pod,此时需要设定Job的spec.completions为一个正数,当正常结束的Pod数达到此参数设定值后,Job结束。此外,通过设置spec.parallelism可以设置并行度即同时启动几个Job来处理工作项。

    • Parallel Jobs with a work queue:工作项都放在消息队列中,此模式不需要设置spec.completions参数,而Pod具有以下特性:

  1. 每个Pod都能独立判断和决定释放还有任务项需要处理;

  2. 如果某个Pod正常结束,则Job不会再启动新的Pod,并且其他Pod应该处于即将结束的状态,毕竟队列里没任务了嘛;

  3. 如果所有Pod都结束了,且至少有一个Pod成功结束,则整个Job成功结束。

限于篇幅,关于Job的后两种模式,后面会有专门讲解。

四、CronJob

CronJob其实就是具有定时功能的Job,可以设置Job定时执行或者周期性执行,CronJob使用Cron表达式配置执行周期。我们修改下上面Job定义文件:

apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: echo
spec:
  schedule: "*/1 * * * *"
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: echo
            image: busybox
            command: ["sh", "-c", "echo this a job"]
          restartPolicy:  OnFailure

我们设置每一分钟执行一次,这里也能看出来,在Kubernetes中,CronJob最小调度间隔为分钟级。

[[email protected] workspace] kubectl get cronjob
NAME   SCHEDULE      SUSPEND   ACTIVE   LAST SCHEDULE   AGE
echo   */1 * * * *   False     0        29s             4m48s
[[email protected] workspace] kubectl get pods
NAME                    READY   STATUS      RESTARTS   AGE
echo-1655768220-m5p9x   0/1     Completed   0          2m34s
echo-1655768280-m7gsj   0/1     Completed   0          93s
echo-1655768340-h2n6n   0/1     Completed   0          33s