K8S之Deployment控制pod

configMap.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: pub-oa-configmap
  namespace: hunter
data:
  MYSQL_HOST: pub-oa-db-svc
  MYSQL_PORT: 3306

sceret.yaml

apiVersion: v1
kind: Secret
metadata:
  name: pub-oa-secret
  namespace: hunter
type: Opaque
data:
  MYSQL_USER: cm9vdA== # 注意加-n参数,echo -n root|base64
  MYSQL_PASSWORD: aHVudGVy

 service-mysql.yaml

apiVersion: apps/v1
kind: Service
metadata:
  name: pub-oa-db-svc
  namespace: hunter
spec:
  ports:
    - port: 3306
      protocal: TCP
      targetPort: 3306
  selector:
    app: pub-oa-db
  type: ClusterIP

 service-web.yaml

# 查看pod节点,并显示labels
# kubectl -n hunter get pods --show-labels
# 查看service
# kubectl -n hunter get svc
# 查看指定service
# kubectl -n hunter get svc pub-oa-web
# 查看某个service详情
# kubectl -n hunter describe svc pub-oa-web
# 查看pub-oa-web的 endpoints情况
# kubectl -n hunter get endpoints pub-oa-web

apiVersion: apps/v1
kind: Service
metadata:
  name: pub-oa-web-svc
  namespace: hunter
spec:
  ports:
    - port: 8080
      protocal: TCP
      targetPort: 8080
  selector:
    app: pub-oa-web
  type: ClusterIP

mysql-deploy.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: pub-oa-db
  namespace: hunter
spec:
  replicas: 1 # 指定pod的副本数量
  selector:
    matchLabels:
      app: pub-oa-db
  template:
    metadata:
      labels: # 给pod打label
        app: pub-oa-db
    spec:
      volumes:
        - name: mysql
          hostPath:
            path: /opt/mysql/data
      nodeSelector: # 使用节点选择器将pod调度到指定的label节点
        component: prod-k8s-node1 # kubectl label node prod-k8s-node1 component=prod-k8s-node1
      containers:
        - name: pub-oa-db
          image: rigistry.cn-shanghai.aliyuncs.com/pub-oa-db:v1
          imagePullPolicy: IfNotPresent # 镜像拉去策略,此外还有Always, Never
          ports:
            - containerPort: 3306
          env:
            - name: MYSQL_USER
              valueFrom:
                secretKeyRef:
                  name: pub-oa-secret
                  key: MYSQL_USER
            - name: MYSQL_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: pub-oa-secret
                  key: MYSQL_PASSWORD
          resources: # 容器资源限制
            requests:
              memory: 100Mi # 当pod内存超过100Mi时,会报OOM
              cpu: 50m # 当cpu超过limit限制时,不会被kill,但是会限制不超过limit值,1 CPU = 1000 millicpu(1 core = 1000m(毫核)),cpu资源是按 “时间片”的方式来分配的
            limits:
              memory: 500Mi
              cpu: 100m
          volumeMounts:
            - name: mysql
              mountPath: /var/lib/mysql

web-deploy.yaml

# overView:
# 1. 添加pod驱逐策略,在某些场景下如节点 NotReady,或则资源不足时,把pod驱逐至其他节点上
# 2. 添加pod更新策略

apiVersion: apps/v1
kind: Deployment
metadata:
  name: pub-oa-web
  namespace: hunter
spec:
  replicas: 1 # 指定pod的副本数量, 扩容web服务,kubectl scale deploy web --replicas=2
  selector:
    matchLabels: # 指定pod选择器
      app: pub-oa-web
  template:
    metadata:
      labels: # 给pod打label
        app: pub-oa-web
    spec:
      nodeSelector: # 使用节点选择器将pod调度到指定的label节点
        component: prod-k8s-node1 # kubectl label node prod-k8s-node1 component=prod-k8s-node1
      containers:
        - name: pub-oa-web
          image: rigistry.cn-shanghai.aliyuncs.com/pub-oa-app:v1
          imagePullPolicy: IfNotPresent # 镜像拉去策略,此外还有Always, Never
          ports:
            - containerPort: 8080
          env:
            - name: MYSQL_HOST
              valueFrom:
                configMapKeyRef:
                  name: pub-oa-configmap
                  key: MYSQL_HOST
            - name: MYSQL_PORT
              valueFrom:
                configMapKeyRef:
                  name: pub-oa-configmap
                  key: MYSQL_PORT
            - name: MYSQL_USER
              valueFrom:
                secretKeyRef:
                  name: pub-oa-secret
                  key: MYSQL_USER
            - name: MYSQL_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: pub-oa-secret
                  key: MYSQL_PASSWORD
          livenessProbe: # 存活性探测
            httpGet: # 此外还有 exec,tcpSocket类型
              path: /code-library/listCodeLibrary
              port: 8080
              scheme: HTTP
            initialDelaySeconds: 10 # 容器启动后,第一次执行探测时需要等待多少秒
            periodSeconds: 10 # 执行探测的频率
            timeoutSeconds: 2 # 探测超时时间
          readinessProbe: # 可用性探测
            httpGet: # 此外还有 exec,tcpSocket类型
              path: /code-library/listCodeLibrary
              port: 8080
              scheme: HTTP
            initialDelaySeconds: 10 # 容器启动后,第一次执行探测时需要等待多少秒
            periodSeconds: 10 # 执行探测的频率
            timeoutSeconds: 2 # 探测超时时间
          resources: # 容器资源限制
            requests:
              memory: 100Mi # 当pod内存超过100Mi时,会报OOM
              cpu: 50m # 当cpu超过limit限制时,不会被kill,但是会限制不超过limit值,1 CPU = 1000 millicpu(1 core = 1000m(毫核)),cpu资源是按 “时间片”的方式来分配的
            limits:
              memory: 500Mi
              cpu: 100m
          volumeMounts:
            - name: mysql
              mountPath: /var/lib/mysql

web-endpoint.yaml

# 为pub-oa-web做节点负载均衡
apiVersion: apps/v1
kind: Service
metadata:
  name: pub-oa-web-np
  namespace: hunter
spec:
  ports:
    - port: 8080
      protocal: TCP
      targetPort: 8080
  selector:
    app: pub-oa-web
  type: NodePort