CentOS 7.2基于Kubernetes部署简单应用示例

上一篇我们部署了Kubernetes集群，接下来会在这个集群上运行一个简单的应用。

以下面的图来安装一个简单的静态内容的nginx应用：

首先，我们用复制器启动一个2个备份的nginx Pod。然后在前面挂Service，一个service只能被集群内部访问，一个能被集群外的节点访问。

1. 部署nginx pod 和复制器

#cat nginx-rc.yaml   apiVersion: v1   kind: ReplicationController   metadata:     name: nginx-controller   spec:     replicas: 2     selector:       name: nginx     template:       metadata:         labels:           name: nginx       spec:         containers:           - name: nginx             image: nginx             ports:               - containerPort: 80

我们定义了一个nginx pod复制器，复制份数为2，我们使用nginx docker镜像。

执行下面的操作创建nginx pod复制器:

[root@master test]# kubectl create -f nginx-rc.yaml   replicationcontrollers/nginx-controller

记得先去下载gcr.io镜像，然后改名，否则会提示失败。由于还会下载nginx镜像，所以所创建的Pod需要等待一些时间才能处于running状态。

[root@master test]# kubectl get pods  NAME                     READY     STATUS    RESTARTS   AGE  nginx                    1/1       Running   0          1d  nginx-controller-dkl3v   1/1       Running   0          14s  nginx-controller-hxcq8   1/1       Running   0          14s

我们可以使用describe 命令查看pod的相关信息:

[root@master test]# kubectl describe pod nginx-controller-dkl3v  Name:    nginx-controller-dkl3v  Namespace:   default  Image(s):   nginx  Node:    192.168.32.17/192.168.32.17  Labels:    name=nginx  Status:    Running  Reason:      Message:     IP:    172.17.67.2  Replication Controllers: nginx-controller (2/2 replicas created)  Containers:    nginx:      Image:  nginx      State:  Running        Started:  Wed, 30 Dec 2015 02:03:19 -0500      Ready:  True      Restart Count: 0  Conditions:    Type  Status    Ready  True   Events:    FirstSeen    LastSeen   Count From   SubobjectPath   Reason  Message    Wed, 30 Dec 2015 02:03:14 -0500 Wed, 30 Dec 2015 02:03:14 -0500 1 {scheduler }      scheduled Successfully assigned nginx-controller-dkl3v to 192.168.32.17    Wed, 30 Dec 2015 02:03:15 -0500 Wed, 30 Dec 2015 02:03:15 -0500 1 {kubelet 192.168.32.17} implicitly required container POD pulled  Pod container image "kubernetes/pause" already present on machine    Wed, 30 Dec 2015 02:03:16 -0500 Wed, 30 Dec 2015 02:03:16 -0500 1 {kubelet 192.168.32.17} implicitly required container POD created  Created with docker id e88dffe46a28    Wed, 30 Dec 2015 02:03:17 -0500 Wed, 30 Dec 2015 02:03:17 -0500 1 {kubelet 192.168.32.17} implicitly required container POD started  Started with docker id e88dffe46a28    Wed, 30 Dec 2015 02:03:18 -0500 Wed, 30 Dec 2015 02:03:18 -0500 1 {kubelet 192.168.32.17} spec.containers{nginx}  created  Created with docker id 25fcb6b4ce09    Wed, 30 Dec 2015 02:03:19 -0500 Wed, 30 Dec 2015 02:03:19 -0500 1 {kubelet 192.168.32.17} spec.containers{nginx}  started  Started with docker id 25fcb6b4ce09

2. 部署节点内部可访问的nginx service

Service的type有ClusterIP和NodePort之分，缺省是ClusterIP，这种类型的Service只能在集群内部访问。配置文件如下：

#cat nginx-service-clusterip.yaml   apiVersion: v1   kind: Service   metadata:     name: nginx-service-clusterip   spec:     ports:       - port: 8001         targetPort: 80         protocol: TCP     selector:       name: nginx

执行下面的命令创建service:

[root@master test]# kubectl create -f ./nginx-service-clusterip.yaml   services/nginx-service-clusterip

查看所创建的service：

[root@master test]# kubectl get service  NAME                      LABELS                                    SELECTOR     IP(S)            PORT(S)  kubernetes                component=apiserver,provider=kubernetes   <none>       10.254.0.1       443/TCP  nginx-service-clusterip   <none>                                    name=nginx   10.254.234.255   8001/TCP

上面的输出告诉我们这个 Service的Cluster IP是10.254.234.255，端口是8001。下面我们验证这个PortalNet IP的工作情况：

在192.168.32.16上执行以下命令：

[root@minion1 ~]# curl -s 10.254.234.255:8001  <!DOCTYPE html>  <html>  <head>  <title>Welcome to nginx!</title>  <style>      body {          width: 35em;          margin: 0 auto;          font-family: Tahoma, Verdana, Arial, sans-serif;      }  </style>  </head>  <body>  <h1>Welcome to nginx!</h1>  <p>If you see this page, the nginx web server is successfully installed and  working. Further configuration is required.</p>    <p>For online documentation and support please refer to  <a href="http://nginx.org/">nginx.org</a>.<br/>  Commercial support is available at  <a href="http://nginx.com/">nginx.com</a>.</p>    <p><em>Thank you for using nginx.</em></p>  </body>  </html>

从前面部署复制器的部分我们知道nginx Pod运行在17节点上。上面我们特意从16代理节点上访问我们的服务来体现Service Cluster IP在所有集群代理节点的可到达性。

3. 部署外部可访问的nginx service

下面我们创建NodePort类型的Service，这种类型的Service在集群外部是可以访问。配置文件如下：

cat nginx-service-nodeport.yaml   apiVersion: v1   kind: Service   metadata:     name: nginx-service-nodeport   spec:     ports:       - port: 8000        targetPort: 80         protocol: TCP     type: NodePort    selector:       name: nginx

执行如下命令创建service并进行查看：

[root@master test]# kubectl create -f ./nginx-service-nodeport.yaml   You have exposed your service on an external port on all nodes in your  cluster.  If you want to expose this service to the external internet, you may  need to set up firewall rules for the service port(s) (tcp:31000) to serve traffic.    See http://releases.k8s.io/HEAD/docs/user-guide/services-firewalls.md for more details.  services/nginx-service-nodeport    [root@master test]# kubectl get service  NAME                      LABELS                                    SELECTOR     IP(S)            PORT(S)  kubernetes                component=apiserver,provider=kubernetes   <none>       10.254.0.1       443/TCP  nginx-service-clusterip   <none>                                    name=nginx   10.254.234.255   8001/TCP  nginx-service-nodeport    <none>                                    name=nginx   10.254.210.68    8000/TCP

创建service时提示需要设置firewall rules，不用去管，不影响后续操作。

查看创建的service：

[root@master test]# kubectl describe service nginx-service-nodeport  Name:   nginx-service-nodeport  Namespace:  default  Labels:   <none>  Selector:  name=nginx  Type:   NodePort  IP:   10.254.210.68  Port:   <unnamed> 8000/TCP  NodePort:  <unnamed> 31000/TCP  Endpoints:  172.17.67.2:80,172.17.67.3:80  Session Affinity: None  No events.

这个 Service的节点级别端口是31000。下面我们验证这个 Service的工作情况：

[root@master test]# curl -s 192.168.32.16:31000  <!DOCTYPE html>  <html>  <head>  <title>Welcome to nginx!</title>  <style>      body {          width: 35em;          margin: 0 auto;          font-family: Tahoma, Verdana, Arial, sans-serif;      }  </style>  </head>  <body>  <h1>Welcome to nginx!</h1>  <p>If you see this page, the nginx web server is successfully installed and  working. Further configuration is required.</p>    <p>For online documentation and support please refer to  <a href="http://nginx.org/">nginx.org</a>.<br/>  Commercial support is available at  <a href="http://nginx.com/">nginx.com</a>.</p>    <p><em>Thank you for using nginx.</em></p>  </body>  </html>    [root@master test]# curl -s 192.168.32.17:31000  <!DOCTYPE html>  <html>  <head>  <title>Welcome to nginx!</title>  <style>      body {          width: 35em;          margin: 0 auto;          font-family: Tahoma, Verdana, Arial, sans-serif;      }  </style>  </head>  <body>  <h1>Welcome to nginx!</h1>  <p>If you see this page, the nginx web server is successfully installed and  working. Further configuration is required.</p>    <p>For online documentation and support please refer to  <a href="http://nginx.org/">nginx.org</a>.<br/>  Commercial support is available at  <a href="http://nginx.com/">nginx.com</a>.</p>    <p><em>Thank you for using nginx.</em></p>  </body>  </html>

不管是从16还是17，都能访问到我们的服务。

4. 总结

本文只是一个简单的应用，在应用部署时，了解Kubernetes的应用模型是非常重要的。还需要对Kubernetes进行更深入的研究。

来自： http://my.oschina.net/renguijiayi/blog/592424