Pod中的环境变量配置即env参数
修改pod_base.yaml文件如下,增加env参数
apiVersion: v1
kind: Pod
metadata:
name: pod-base
namespace: dev
labels:
user: redrose2100
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
- name: busybox
image: busybox
imagePullPolicy: Always
command: ["/bin/sh","-c","touch /tmp/hello.txt;while true;do /bin/echo $(date +%T) >> /tmp/hello.txt;sleep 3;done;"]
env:
- name: "username"
value: "admin"
- name: "password"
value: "admin123"
执行如下命令创建pod
[root@master ~]# kubectl create -f pod_base.yaml pod/pod-base created [root@master ~]#
然后执行如下命令进入docker查看变量,如下表示成功
[root@master ~]# kubectl exec pod-base -n dev -it -c busybox /bin/sh kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead. / # echo $username admin / # echo $password admin123 / #
这种方式不推荐,推荐时候后面介绍的配置文件的方式
二、端口配置端口配置ports参数
查看ports帮助信息
[root@master ~]# kubectl explain pod.spec.containers.ports
KIND: Pod
VERSION: v1
RESOURCE: ports <[]Object>
DEscriptION:
List of ports to expose from the container. Exposing a port here gives the
system additional information about the network connections a container
uses, but is primarily informational. Not specifying a port here DOES NOT
prevent that port from being exposed. Any port which is listening on the
default "0.0.0.0" address inside a container will be accessible from the
network. Cannot be updated.
ContainerPort represents a network port in a single container.
FIELDS:
containerPort -required-
Number of port to expose on the pod's IP address. This must be a valid port
number, 0 < x < 65536.
hostIP
What host IP to bind the external port to.
hostPort
Number of port to expose on the host. If specified, this must be a valid
port number, 0 < x < 65536. If HostNetwork is specified, this must match
ContainerPort. Most containers do not need this.
name
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
named port in a pod must have a unique name. Name for the port that can be
referred to by services.
protocol
Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
[root@master ~]#
具体如下:
name 端口名称,如果指定,必须保证name在pod中是唯一的containerPort 容器要监听的端口(0–65536)hostPort 容器要再主机上公开的端口,如果设置,主机上只能运行容器的一个副本(一般省略)hostIP 要将外部端口绑定到主机IP(一般省略)protocol 端口协议,必须是UDP,TCP,SCTP,默认是TCP
编辑 pod_base.yaml文件,将nginx的容器设置端口号和协议
apiVersion: v1
kind: Pod
metadata:
name: pod-base
namespace: dev
labels:
user: redrose2100
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
- name: busybox
image: busybox
imagePullPolicy: Always
command: ["/bin/sh","-c","touch /tmp/hello.txt;while true;do /bin/echo $(date +%T) >> /tmp/hello.txt;sleep 3;done;"]
env:
- name: "username"
value: "admin"
- name: "password"
value: "admin123"
使用如下命令创建
[root@master ~]# kubectl apply -f pod_base.yaml pod/pod-base created [root@master ~]#
通过如下命令可以查看到设置的容器端口已经是80了
kubectl get pod pod-base -n dev -o yaml
访问容器中的程序需要使用:podIP:containerPort
三、Pod资源配额容器中的程序要运行,肯定是要占用一定资源的,比如CPU和内存等,乳沟不对某个容器的资源做限制,那么它就可能吃掉大量资源,导致气他容器无法运行,针对这种情况,kubernetes提供了对内存和CPU的资源进行配额的机制,这种机制主要通过resources选项类实现,它有两个子选项
limits:用于限制运行时容器的最大占用资源,当容器占用资源超过limits时会被终止,并进行重启requests:用于设置容器需要的最小资源,如果环境资源不够,容器就无法启动
如下,编辑pod_base.yaml文件,对nginx容器设置资源上限和下限设置
apiVersion: v1
kind: Pod
metadata:
name: pod-base
namespace: dev
labels:
user: redrose2100
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
resources:
limits:
cpu: "2"
memory: "2G"
requests:
cpu: "1"
memory: "256M"
- name: busybox
image: busybox
imagePullPolicy: Always
command: ["/bin/sh","-c","touch /tmp/hello.txt;while true;do /bin/echo $(date +%T) >> /tmp/hello.txt;sleep 3;done;"]
env:
- name: "username"
value: "admin"
- name: "password"
value: "admin123"
使用如下命令创建pod
[root@master ~]# kubectl apply -f pod_base.yaml pod/pod-base created [root@master ~]#
这里可以做个实验,将cpu下限修改为3,上限修改为4,然后再次尝试,因为这里虚拟机的核数是2,下限修改为3后是明显不能满足要求的
apiVersion: v1
kind: Pod
metadata:
name: pod-base
namespace: dev
labels:
user: redrose2100
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
resources:
limits:
cpu: "4"
memory: "2G"
requests:
cpu: "3"
memory: "256M"
- name: busybox
image: busybox
imagePullPolicy: Always
command: ["/bin/sh","-c","touch /tmp/hello.txt;while true;do /bin/echo $(date +%T) >> /tmp/hello.txt;sleep 3;done;"]
env:
- name: "username"
value: "admin"
- name: "password"
value: "admin123"
再次重新创建后通过如下命令可以看到这里提示cpu不够用了
[root@master ~]# kubectl describe pod pod-base -n dev Name: pod-base Namespace: dev Priority: 0 Node:Labels: user=redrose2100 Annotations: Status: Pending IP: IPs: Containers: nginx: Image: nginx:latest Port: 80/TCP Host Port: 0/TCP Limits: cpu: 4 memory: 2G Requests: cpu: 3 memory: 256M Environment: Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-b4c4b (ro) busybox: Image: busybox Port: Host Port: Command: /bin/sh -c touch /tmp/hello.txt;while true;do /bin/echo $(date +%T) >> /tmp/hello.txt;sleep 3;done; Environment: username: admin password: admin123 Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-b4c4b (ro) Conditions: Type Status PodScheduled False Volumes: kube-api-access-b4c4b: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 3607 ConfigMapName: kube-root-ca.crt ConfigMapOptional: DownwardAPI: true QoS Class: Burstable Node-Selectors: Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning FailedScheduling 13s default-scheduler 0/3 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master: }, that the pod didn't tolerate, 2 Insufficient cpu. Warning FailedScheduling 12s default-scheduler 0/3 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master: }, that the pod didn't tolerate, 2 Insufficient cpu. [root@master ~]#
