命名空間提供了一種在單個集群內隔離資源組的方法。
創建新的命名空間:
kubectl create namespace development
kubectl create namespace production
在特定命名空間中創建資源:
創建 dev-pod.yaml:
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
namespace: development
spec:
containers:
- name: nginx
image: nginx:1.19.0
應用:
kubectl apply -f dev-pod.yaml
列出特定命名空間中的資源:
kubectl get pods -n development
設置默認命名空間:
kubectl config set-context --current --namespace=development
資源配額和限制可以控制命名空間中資源的使用。
為命名空間創建資源配額:
創建 resource-quota.yaml:
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-resources
namespace: development
spec:
hard:
requests.cpu: "1"
requests.memory: 1Gi
limits.cpu: "2"
limits.memory: 2Gi
pods: "10"
應用:
kubectl apply -f resource-quota.yaml
創建帶有資源限制的 Pod:
創建 limited-pod.yaml:
apiVersion: v1
kind: Pod
metadata:
name: limited-pod
namespace: development
spec:
containers:
- name: app
image: nginx
resources:
requests:
memory: "64Mi"
cpu: "250m"
limits:
memory: "128Mi"
cpu: "500m"
應用:
kubectl apply -f limited-pod.yaml
查看資源配額使用情況:
kubectl describe quota compute-resources -n development
Kubernetes 儀表板是一個基於 Web 的 Kubernetes 用戶界面。
在 Minikube 中啟用儀表板:
minikube addons enable dashboard
啟動儀表板:
minikube dashboard
探索儀表板功能:
我們將部署一個簡單的留言板應用,包括前端、後端和數據庫。
部署 MySQL 數據庫:
創建 mysql-secret.yaml:
apiVersion: v1
kind: Secret
metadata:
name: mysql-secret
type: Opaque
data:
mysql-root-password: cm9vdHBhc3N3b3Jk # base64 encoded 'rootpassword'
創建 mysql-deployment.yaml:
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
spec:
selector:
matchLabels:
app: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: mysql
spec:
containers:
- image: mysql:5.7
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: mysql-root-password
ports:
- containerPort: 3306
name: mysql
---
apiVersion: v1
kind: Service
metadata:
name: mysql
spec:
ports:
- port: 3306
selector:
app: mysql
clusterIP: None
應用:
kubectl apply -f mysql-secret.yaml
kubectl apply -f mysql-deployment.yaml
部署後端服務:
創建 backend-deployment.yaml:
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
spec:
replicas: 2
selector:
matchLabels:
app: backend
template:
metadata:
labels:
app: backend
spec:
containers:
- name: backend
image: your-backend-image:latest # 替換為實際的後端鏡像
env:
- name: DB_HOST
value: mysql
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: mysql-root-password
---
apiVersion: v1
kind: Service
metadata:
name: backend
spec:
selector:
app: backend
ports:
- protocol: TCP
port: 80
targetPort: 8080
應用:
kubectl apply -f backend-deployment.yaml
部署前端服務:
創建 frontend-deployment.yaml:
apiVersion: apps/v1
kind: Deployment
metadata:
name: frontend
spec:
replicas: 3
selector:
matchLabels:
app: frontend
template:
metadata:
labels:
app: frontend
spec:
containers:
- name: frontend
image: your-frontend-image:latest # 替換為實際的前端鏡像
env:
- name: BACKEND_URL
value: http://backend
---
apiVersion: v1
kind: Service
metadata:
name: frontend
spec:
type: NodePort
selector:
app: frontend
ports:
- protocol: TCP
port: 80
targetPort: 80
應用:
kubectl apply -f frontend-deployment.yaml
創建 Ingress 資源:
創建 ingress.yaml:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: app-ingress
spec:
rules:
- host: myapp.info
http:
paths:
- path: /api
pathType: Prefix
backend:
service:
name: backend
port:
number: 80
- path: /
pathType: Prefix
backend:
service:
name: frontend
port:
number: 80
應用:
kubectl apply -f ingress.yaml
模擬問題:
修改後端部署,引入一個錯誤:
kubectl set env deployment/backend DB_HOST=wrong-host
檢查 Pod 狀態:
kubectl get pods
查看 Pod 日誌:
kubectl logs <pod-name>
使用 describe 命令獲取更多信息:
kubectl describe pod <pod-name>
使用 exec 進入容器進行調試:
kubectl exec -it <pod-name> -- /bin/bash
使用 port-forward 直接訪問服務:
kubectl port-forward service/backend 8080:80
查看節點狀態和資源使用:
kubectl top nodes
kubectl top pods
收集所有相關日誌:
kubectl logs -l app=backend --all-containers=true > backend-logs.txt
這個實作過程涵蓋了 Kubernetes 的高級主題,包括命名空間管理、資源配額、使用儀表板、部署多層應用以及問題排查和日誌收集。通過這些步驟,你可以體驗到在實際環境中使用 Kubernetes 的各個方面。
iThome鐵人賽
看影片追技術