8
kubernetes之DaemonSet以及滚动更新 - 梨花海棠
source link: https://www.cnblogs.com/xunweidezui/p/16537967.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
1.什么是DaemonSet?
1.1DaemonSet是Pod控制器的又一种实现方式,用于在集群中的全部节点上同时运行一份指定的Pod资源副本,后续加入集群的节点也会自动创建一个相关的Pod对象,当从集群移除节点时,此类Pod对象也将被自动回收无需创建。管理员也可以使用"节点选择器"以及标签指定仅在部分具有特定特征的节点上运行指定的Pod对象。
1.2官方文档: https://kubernetes.io/zh-cn/docs/concepts/workloads/controllers/daemonset/
2.DaemonSet的用法
- 在每个节点上运行集群存储守护进程,如glusterd或Ceph;
- 在每个节点上运行日志收集守护进程,如fluentd、logstash;
- 在每个节点上运行监控系统代理程序,如Prometheus Node Exporter;
- 在每个节点上运行网络插件为Pod提供网络服务,如flannel、Calico;
- 在每个节点上运行kube-Proxy通过API-Server持续监控各个Service及其关联的Pod对象,并将其创建或变动实时反应至当前节点相应的iptables、ipvs规则上;
3.DaemonSet资源规范
DaemonSet是标准的K8s资源类型,它在Spec字段中嵌套了Selector、Template和minReadySeconds,并且功能和用法基本相同,但它不支持使用Replicas,DaemonSet并不是基于期望的副本数来控制Pod资源数量,而是基于节点数量来控制Pod数量;
apiVersion: apps/v1 # API群组及版本;
kind: DaemonSet # 资源类型;
metadata: # Pod元数据;
name: # 资源名称,在作用域中要唯一;
namespace: <string> # 名称空间,DaemonSet隶属名称空间级别;
spec:
minReadySeconds: <integer> # Pod就绪后多少秒内任一容器无Crash方可为就绪,来控制滚动更新的速度,默认值为0,表示新建的Pod对象一旦"就绪"将立即被视作可用,随后开始下一轮更新。如果设定了spec.minReadySeconds: 3表示新建的Pod对象至少要成功运行多久才会被视作可用,即就绪之后还要等待指定的3s才能开始下一批次的更新,在一个批次内新建的所有Pod就绪探测失败,都会导致滚动更新被终止,因此为minReadySeconds设定一个合理的值,不仅能够减缓更新的速度,还能够让Deployment提前发现一部分程序因为Bug导致的升级故障,生产环境中为Pod设置指针探测。
selector: <Object> # 标签选择器,必须匹配template字段中Pod模板中的标签;
template: <Object> # Pod模板对象;
metadata: <Object> # Pod名称
spec: <Object> # Pod详情
revisionHistoryLimit: <integer> # 滚动更新历史记录数量,默认为10;
updateStrategy: <Object> # 滚动更新策略;
type: <string> # 滚动更新类型,可用值有OnDelete和Rollingupdate;
rollingUpdate: <Object> # 滚动更新参数,专用于RollingUpdate类型;
maxSurge: <string> # 更新期间可比期望的Pod数量多出的数量和比例;
maxUnavailable: <string> # 更新期间可比期望的Pod数量缺少的数量或比例;
4.DaemonSet部署Node_exporter示例
- Github地址:https://github.com/prometheus/node_exporter
- DockerHub地址:https://hub.docker.com/r/prom/node-exporter
- Kubernetes1.8版本起,DaemonSet也必须使用selector来匹配Pod模板中指定的标签,而且它也支持matchLabels和matchExpressions两种标签选择器;
# 示例配置文件
root@kubernetes-master01:~# cat daemonSet-node_exporter.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: node-exporter
namespace: default
spec:
selector:
matchLabels:
app: node-exporter
template:
metadata:
labels:
app: node-exporter
spec:
hostNetwork: true # 共享主机网络
hostPID: true # 获取主机的PID
containers:
- name: prometheus-node-exporter
image: prom/node-exporter:v0.18.0
ports:
- name: node-ex-http
containerPort: 9100
hostPort: 9100 # 监听在节点的9100端口上面,节点的9100,实际就在访问这个Pod
livenessProbe:
tcpSocket:
port: node-ex-http
initialDelaySeconds: 5
readinessProbe:
httpGet:
path: '/metrics'
port: node-ex-http
initialDelaySeconds: 5
root@kubernetes-master01:~# kubectl apply -f daemonSet-node_exporter.yaml
4.1 查看Pod实例;
root@kubernetes-master01:~# kubectl get pods -o wide -l app=node-exporter
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
node-exporter-l7lfh 1/1 Running 0 55s xx.0.0.xx kubernetes-xxx <none> <none>
node-exporter-qljd6 1/1 Running 0 55s xx.0.0.xx kubernetes-xxx <none> <none>
4.2 describe命令查看详细信息;
# DaemonSet也可以简写为ds;
root@kubernetes-master01:~# kubectl get daemonset
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
node-exporter 2 2 2 2 2 <none> 3m9s
# describe查看详细信息;
root@kubernetes-master01:~# kubectl describe ds node-exporter
Name: node-exporter
Selector: app=node-exporter
Node-Selector: <none>
Labels: <none>
Annotations: deprecated.daemonset.template.generation: 1
Desired Number of Nodes Scheduled: 2 # 期望的Pod副本数
Current Number of Nodes Scheduled: 2 #
Number of Nodes Scheduled with Up-to-date Pods: 2
Number of Nodes Scheduled with Available Pods: 2
Number of Nodes Misscheduled: 0
Pods Status: 2 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template: # 两个Pod都是Running
Labels: app=node-exporter
Containers:
prometheus-node-exporter:
Image: prom/node-exporter:v0.18.0 # Pod使用的镜像
Port: 9100/TCP # Pod的端口
Host Port: 9100/TCP # 开启了共享宿主机端口
Liveness: tcp-socket :node-ex-http delay=5s timeout=1s period=10s #success=1 #failure=3 # 探针检测
Readiness: http-get http://:node-ex-http/metrics delay=5s timeout=1s period=10s #success=1 #failure=3 # 探针检测
Environment: <none>
Mounts: <none>
Volumes: <none>
Events: # 调度给两个节点
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfulCreate 4m26s daemonset-controller Created pod: node-exporter-qljd6
Normal SuccessfulCreate 4m26s daemonset-controller Created pod: node-exporter-l7lfh
4.3 node_exporter默认监听在TCP的9100端口,可以向任意一节点发起请求也是没有问题;
root@kubernetes-master01:~# curl -s xx.0.0.xx:9100/metrics | grep memory
# HELP node_memory_Active_anon_bytes Memory information field Active_anon_bytes.
# TYPE node_memory_Active_anon_bytes gauge
node_memory_Active_anon_bytes 3.01551616e+08
# HELP node_memory_Active_bytes Memory information field Active_bytes.
# TYPE node_memory_Active_bytes gauge
node_memory_Active_bytes 8.14239744e+08
# HELP node_memory_Active_file_bytes Memory information field Active_file_bytes.
# TYPE node_memory_Active_file_bytes gauge
node_memory_Active_file_bytes 5.12688128e+08
# HELP node_memory_AnonHugePages_bytes Memory information field AnonHugePages_bytes.
# TYPE node_memory_AnonHugePages_bytes gauge
node_memory_AnonHugePages_bytes 0
5.DaemonSet更新方式
1.DaemonSet自1.16版本开始也支持滚动更新机制,相关配置定义在spec.update-Strategy嵌套字段中。目前它支持RollingUpdate(滚动更新)和OnDelete(删除式更新)两种更新策略。滚动更新为默认的更新策略。工作逻辑类似于Deployment控制,不过仅支持使用maxUnavailable属性定义最大不可用Pod资源的副本数(默认为1)而删除式更新的方式则是在删除相应节点的Pod资源后重建并更新为新版本;
5.1 RollingUpdate更新示例:
# image: prom/node-exporter:v0.18.0修改为0.18.1
root@kubernetes-master01:~# cat daemonset-node_exporter.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: node-exporter
namespace: default
spec:
minReadySeconds: 3
revisionHistoryLimit: 20
updateStrategy:
type: RollingUpdate # 更新策略
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: node-exporter
template:
metadata:
labels:
app: node-exporter
spec:
hostNetwork: true # 共享主机网络
hostPID: true # 获取主机的PID
containers:
- name: prometheus-node-exporter
image: prom/node-exporter:v0.18.1
ports:
- name: node-ex-http
containerPort: 9100
hostPort: 9100 # 监听在节点的9100端口上面,节点的9100,实际就在访问这个Pod
livenessProbe:
tcpSocket:
port: node-ex-http
initialDelaySeconds: 5
readinessProbe:
httpGet:
path: '/metrics'
port: node-ex-http
initialDelaySeconds: 5
5.1.1执行滚动更新及状态;
root@kubernetes-master01:~# kubectl apply -f daemonset-node_exporter.yaml && kubectl rollout status daemonset node-exporter
daemonset.apps/node-exporter configured
Waiting for daemon set "node-exporter" rollout to finish: 0 out of 2 new pods have been updated...
Waiting for daemon set "node-exporter" rollout to finish: 0 out of 2 new pods have been updated...
Waiting for daemon set "node-exporter" rollout to finish: 0 out of 2 new pods have been updated...
Waiting for daemon set "node-exporter" rollout to finish: 1 out of 2 new pods have been updated...
Waiting for daemon set "node-exporter" rollout to finish: 1 out of 2 new pods have been updated...
Waiting for daemon set "node-exporter" rollout to finish: 1 out of 2 new pods have been updated...
Waiting for daemon set "node-exporter" rollout to finish: 1 out of 2 new pods have been updated...
Waiting for daemon set "node-exporter" rollout to finish: 1 of 2 updated pods are available...
Waiting for daemon set "node-exporter" rollout to finish: 1 of 2 updated pods are available...
daemon set "node-exporter" successfully rolled out
5.1.2默认的RollingUpdate策略将采用一次更新一个Pod对象,待新建的Pod对象就绪后,再更新下一个Pod对象,直到全部完成。可以看到镜像版本为v0.18.1
root@kubernetes-master01:~# kubectl describe daemonsets.apps node-exporter
Pod Template:
Labels: app=node-exporter
Containers:
prometheus-node-exporter:
Image: prom/node-exporter:v0.18.1 # 镜像版本已经为0.18.1
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfulCreate 46m daemonset-controller Created pod: node-exporter-qljd6
Normal SuccessfulCreate 46m daemonset-controller Created pod: node-exporter-l7lfh
Normal SuccessfulDelete 2m34s daemonset-controller Deleted pod: node-exporter-qljd6
Normal SuccessfulCreate 2m32s daemonset-controller Created pod: node-exporter-q479h
Normal SuccessfulDelete 2m21s daemonset-controller Deleted pod: node-exporter-l7lfh
Normal SuccessfulCreate 2m11s daemonset-controller Created pod: node-exporter-8c2mr
5.2 OnDelete更新示例:
# 修改镜像版本为latest
root@kubernetes-master01:~# cat daemonset-node_exporter.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: node-exporter
namespace: default
spec:
minReadySeconds: 3
revisionHistoryLimit: 10
updateStrategy: # 滚动更新策略
type: OnDelete # 使用OnDelete
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
app: node-exporter
template:
metadata:
labels:
app: node-exporter
spec:
hostNetwork: true # 共享主机网络
hostPID: true # 获取主机的PID
containers:
- name: prometheus-node-exporter
image: prom/node-exporter:latest # 修改镜像版本为latest。
ports:
- name: node-ex-http
containerPort: 9100
hostPort: 9100 # 监听在节点的9100端口上面,节点的9100,实际就在访问这个Pod
livenessProbe:
tcpSocket:
port: node-ex-http
initialDelaySeconds: 5
readinessProbe:
httpGet:
path: '/metrics'
port: node-ex-http
initialDelaySeconds: 5
5.2.1 由于OnDelete并非自动完成升级,它需要管理员手动去删除Pod,然后重新拉起新的Pod,才能完成更新。(对于升级有着先后顺序的软件,这种方法非常有用;)
5.2.2删除Pod;
root@kubernetes-master01:~# kubectl delete pods node-exporter-8c2mr
pod "node-exporter-8c2mr" deleted
root@kubernetes-master01:~# kubectl delete pods node-exporter-q479h
pod "node-exporter-q479h" deleted
5.2.3查看Pod已经被拉起;
root@kubernetes-master01:~# kubectl get pods -l app=node-exporter
NAME READY STATUS RESTARTS AGE
node-exporter-fbmkv 1/1 Running 0 99s
node-exporter-hv69b 1/1 Running 0 85s
5.2.4查看Events和版本,已经升级为latest;
root@kubernetes-master01:~# kubectl describe ds node-exporter
Name: node-exporter
Selector: app=node-exporter
Node-Selector: <none>
Labels: <none>
Annotations: deprecated.daemonset.template.generation: 3
Desired Number of Nodes Scheduled: 2
Current Number of Nodes Scheduled: 2
Number of Nodes Scheduled with Up-to-date Pods: 2
Number of Nodes Scheduled with Available Pods: 2
Number of Nodes Misscheduled: 0
Pods Status: 2 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
Labels: app=node-exporter
Containers:
prometheus-node-exporter:
Image: prom/node-exporter:latest
Port: 9100/TCP
Host Port: 9100/TCP
Liveness: tcp-socket :node-ex-http delay=5s timeout=1s period=10s #success=1 #failure=3
Readiness: http-get http://:node-ex-http/metrics delay=5s timeout=1s period=10s #success=1 #failure=3
Environment: <none>
Mounts: <none>
Volumes: <none>
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfulCreate 3m31s daemonset-controller Created pod: node-exporter-fbmkv
Normal SuccessfulCreate 3m17s daemonset-controller Created pod: node-exporter-hv69b
root@kubernetes-master01:~# kubectl get pods node-exporter-fbmkv -o yaml
- containerID: docker://03e895265b19f82b3086c3bd7c013f7fa5edea96551a669aac164b92ea2e26b5
image: prom/node-exporter:latest
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK