Kubernetes入门与进阶02
Pod
资源规范
apiVersion: Group/VERSION
alpha内部测试版本; v1v2就是stable稳定版
root@k8s-master02:~# kubectl api-versions
admissionregistration.k8s.io/v1
apiextensions.k8s.io/v1
apiregistration.k8s.io/v1
apps/v1
authentication.k8s.io/v1
...
省略
...
CORE GROUP 就是v1这种不带GROUP的APIVERSION。是早期设计的时候没考虑那么多,后来不便修改。
kind
有的带组了,没带组的就是核心组
NAME 和 SHORTNAMES
metadata
name: 唯一,同一类型(上面的kind)下唯一;对于namepace级别的资源,同一名称空间下,同一类型中,必须唯一。
namespace K8S的namespace和docker的namespace式不同的 K8S Namespace:管“资源归属” 前置式、管理层、逻辑隔离。 先把资源在 Kubernetes API 层面分门别类。 Docker/Linux Namespace:管“进程看到的世界”。 运行时、内核层、系统视图隔离。 真正让容器进程看到“自己的进程、网卡、文件系统、主机名”等。 labels 标签,k: v 键值对,支持被筛选 annotations 注解,k:v 键值对,不能被筛选。
spec
期望的状态,不同资源类型的spec各不相同 了解特定资源类型下有哪些字段可以用
kubectl explain Deployment
kubectl explain Deployment.spec
kubectl explain Deployment.spec.template
kubectl explain Deployment.spec.template.metadata
3种用户:
①应用访问用户②开发运维③底层访问比如node节点等
kubectl命令提供的三种对象管理机制
指令式命令 kubectl create这种就是。属于一次性的操作任务,不适合深度定制 指令式对象配置 指令式,就是具体的操作步骤创建、删除、查看、修改,不像声明式直接要结果,适合深度定制 声明式对象配置 apply关键词,具有幂等性操作的效果,希望应用--有则直接用,不一样就修正,没有就创建。
api server的RESTFUL API CRUD
CRUD
kubectl create kubectl get/describe kubectl edit/patch/replace/set kubectl delete
HTTP method
get post put delete options ...
部署一个应用
1、编排运行,2、service发现和LB
root@k8s-master02:~# kubectl create deployment demoapp --image=ikubernetes/demoapp:v1.0 --replicas=3 --port=80 --dry-run=client -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: demoapp
name: demoapp
spec:
replicas: 3
selector:
matchLabels:
app: demoapp
strategy: {}
template:
metadata:
labels:
app: demoapp
spec:
containers:
- image: ikubernetes/demoapp:v1.0
name: demoapp
ports:
- containerPort: 80
resources: {}
status: {}
解释:
apiVersion: apps/v1 # 使用的 API 版本;Deployment 属于 apps/v1
kind: Deployment # 资源类型:Deployment,表示“部署/控制一组 Pod”
metadata: # 元数据,描述这个资源本身
labels: # 给 Deployment 自己打标签
app: demoapp # 标签 key=app,value=demoapp
name: demoapp # Deployment 的名字叫 demoapp
spec: # 期望状态,告诉 Kubernetes 你想要什么
replicas: 3 # 副本数:希望运行 3 个 Pod
selector: # 选择器,用来找到它要管理哪些 Pod
matchLabels: # 按标签匹配 Pod
app: demoapp # 管理带有 app=demoapp 标签的 Pod
strategy: {} # 更新策略;这里为空,实际默认是 RollingUpdate 滚动更新
template: # Pod 模板,用来创建 Pod
metadata: # Pod 的元数据
labels: # 给 Pod 打标签
app: demoapp # Pod 标签 app=demoapp,必须和 selector 匹配
spec: # Pod 的具体规格
containers: # 容器列表,一个 Pod 里可以有多个容器
- image: ikubernetes/demoapp:v1.0 # 容器镜像:从镜像仓库拉 ikubernetes/demoapp:v1.0
name: demoapp # 容器名字叫 demoapp
ports: # 声明容器暴露的端口
- containerPort: 80 # 容器内部监听/暴露 80 端口
resources: {} # 资源限制/请求为空;没有设置 CPU、内存 request/limit
status: {} # 当前状态;dry-run 生成的 YAML 里为空,真正创建后由 K8S 自动填充
重点看这几组关系:
selector.matchLabels.app = demoapp
template.metadata.labels.app = demoapp
这两个必须能匹配上,否则 Deployment 不知道自己该管理哪些 Pod。
还有:
replicas: 3
表示 Deployment 会通过 ReplicaSet 维持 3 个 Pod。
--dry-run=client -o yaml 的意思是:只在客户端生成 YAML,不真正创建资源。
常规操作
root@k8s-master02:~# kubectl create deployment demoapp --image=ikubernetes/demoapp:v1.0 --replicas=3 --port=80 --dry-run=client -o yaml > deploy-demoapp.yaml
root@k8s-master02:~# vim deploy-demoapp.yaml # 进去删除没必要的配置
root@k8s-master02:~# cat deploy-demoapp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: demoapp
name: demoapp
spec:
replicas: 3
selector:
matchLabels:
app: demoapp
template:
metadata:
labels:
app: demoapp
spec:
containers:
- image: ikubernetes/demoapp:v1.0
name: demoapp
ports:
- containerPort: 80
root@k8s-master02:~#
root@k8s-master02:~# kubectl create -f deploy-demoapp.yaml
deployment.apps/demoapp created
root@k8s-master02:~# kubectl get deployments demoapp
NAME READY UP-TO-DATE AVAILABLE AGE
demoapp 1/3 3 1 2m16s
root@k8s-master02:~#
root@k8s-master02:~# kubectl get deployments demoapp -o wide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
demoapp 1/3 3 1 2m21s demoapp ikubernetes/demoapp:v1.0 app=demoapp
root@k8s-master02:~#
root@k8s-master02:~# kubectl get deployments demoapp -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
creationTimestamp: "2026-05-27T10:12:06Z"
generation: 1
labels:
app: demoapp
name: demoapp
namespace: default
resourceVersion: "2066246"
uid: b411ce34-d934-4e55-a183-1f4b04f94a9a
spec:
progressDeadlineSeconds: 600
replicas: 3
revisionHistoryLimit: 10
selector:
matchLabels:
app: demoapp
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
app: demoapp
spec:
containers:
- image: ikubernetes/demoapp:v1.0
imagePullPolicy: IfNotPresent
name: demoapp
ports:
- containerPort: 80
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2026-05-27T10:12:06Z"
lastUpdateTime: "2026-05-27T10:12:06Z"
message: Deployment does not have minimum availability.
reason: MinimumReplicasUnavailable
status: "False"
type: Available
- lastTransitionTime: "2026-05-27T10:12:06Z"
lastUpdateTime: "2026-05-27T10:14:06Z"
message: ReplicaSet "demoapp-964658bb8" is progressing.
reason: ReplicaSetUpdated
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 3
terminatingReplicas: 0
unavailableReplicas: 2
updatedReplicas: 3
root@k8s-master02:~#
其实资源有三份:
1、自己写的yaml:deploy-demoapp.yaml。
2、部署后生成的:kubectl get deployments demoapp -o yaml上的spec的期望值;保存在etcd里的配置。
3、部署后生成的:kubectl get deployments demoapp -o yaml上的status实际状态;部署后运行起来这是controller实现的,同时status字段也是controller回填的。
cli的写法
显示资源:
kukectl get TYPE [NAME ...] -o {wide|yaml|json}
kubectl get TYPE/NAME ... -O {wide|yaml|json}
删除资源
kubectl delete TYPE [NAME ...]
kubectl delete TYPE/NAME ...
详细的状态描述
kubectl describe TYPE [NAME ...]
kubectl describe TYPE/NAME ...
在pod的某容器内部执行命令
kubectl exec [-it] POD [-c CONTAINER] -- COMMAND [args...] [options]
查看容器日志
kubectl logs [-f] (POD | TYPE/NAME) [-c CONTAINER]
一条cli查看多个type资源
root@k8s-master02:~# kubectl get deploy/nginx svc/whoami
查看所有资源
root@k8s-master02:~# kubectl get all
查看命名空间里的pods
root@k8s-master02:~# kubectl get namespaces
root@k8s-master02:~# kubectl get pods -n calico-system
查看标签
root@k8s-master02:~# kubectl get pods -n kube-system --show-labels
标签过滤
root@k8s-master02:~# kubectl get pods -n kube-system -l component=kube-scheduler
创建service
root@k8s-master02:~# kubectl create service clusterip demoapp --tcp=80:80 --dry-run=client -o yaml > service-demoapp.yaml
root@k8s-master02:~# kubectl create -f service-demoapp.yaml
root@k8s-master02:~# kubectl delete -f service-demoapp.yaml
apply的幂等性
root@k8s-master02:~# kubectl create -f service-demoapp.yaml
service/demoapp created
root@k8s-master02:~#
root@k8s-master02:~# kubectl create -f service-demoapp.yaml
Error from server (AlreadyExists): error when creating "service-demoapp.yaml": services "demoapp" already exists
root@k8s-master02:~#
root@k8s-master02:~# kubectl delete -f service-demoapp.yaml
service "demoapp" deleted from default namespace
root@k8s-master02:~#
root@k8s-master02:~# kubectl apply -f service-demoapp.yaml
service/demoapp created
root@k8s-master02:~# kubectl apply -f service-demoapp.yaml
service/demoapp unchanged
root@k8s-master02:~#
get查看配置对应创建的资源
root@k8s-master02:~# kubectl get -f service-demoapp.yaml
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
demoapp ClusterIP 10.109.81.248 <none> 80/TCP 101s
root@k8s-master02:~#
get pods后查看详情events排错
root@k8s-master01:~# kubectl get pods
root@k8s-master01:~# kubectl describe pod demoapp-964658bb8-8wgz5
进入pod的某个容器内部查看信息并退出
root@k8s-master01:~# kubectl get pods
root@k8s-master01:~# kubectl exec demoapp-964658bb8-8wgz5 -- ifconfig
进入pod的某个容器里
root@k8s-master01:~# kubectl exec -it demoapp-964658bb8-8wgz5 -- /bin/sh
查看日志
root@k8s-master01:~# kubectl get pods
root@k8s-master01:~# kubectl logs backend-79f8849978-z2q4p
root@k8s-master01:~# kubectl logs -f backend-79f8849978-z2q4p