yaml file of Kubernetes
How K8S creates resources
K8S has two ways to create resources: the kubectl command and the yaml configuration file.
kubectl command line: The simplest one is OK, but the drawback is obvious. You don't know what's going on behind this command!
yaml Configuration File: Provides a way for you to know more about what it is. The advantages are as follows:
Integrity: The configuration file describes the complete state of a resource and clearly knows what is going on behind the creation of a resource.
Flexibility: Configuration files can create more complex structures than command lines;
Maintainability: Configuration files provide templates for creating resource objects that can be reused.
Scalability: Suitable for cross-environment, large-scale deployment.
What is yaml?
yaml is a language for writing configuration files. Yes, it's a language. If you have used json, it will not be unfamiliar to you. yaml is also known as a superset of json, which is more convenient to use than json.
Structurally, it has two optional types: Lists and Maps. List defines each item with - (dash) and Map is represented by a key:value pair.
YAML grammar rules:
Case-sensitive Use indentation to represent hierarchical relationships Tal keys are not allowed for indentation, only spaces are allowed The number of indented spaces is not important, as long as the elements of the same level are aligned to the left. "#" means a comment, which is ignored by the parser from this character to the end of the line. "---""is an optional separator In Kubernetes, you only need to know two types of structures: Lists Maps
kubernetes yaml file template:
yaml Format pod Define the complete content of the file:
apiVersion: v1 #Required, version number, such as v1
kind: Pod #Necessary, Pod
metadata: #Required, metadata
name: string #Necessary, Pod name
namespace: string #Necessary, the namespace to which Pod belongs
labels: #Custom Label
- name: string #Custom tag name
annotations: #Custom Annotation List
- name: string
spec: #Necessary, detailed definition of container in Pod
containers: #Mandatory, Container List in Pod
- name: string #Required, container name
image: string #Required, the mirror name of the container
imagePullPolicy: [Always | Never | IfNotPresent] #The strategy of getting mirrors Alawys means downloading mirrors IfnotPresent means preferring local mirrors, otherwise downloading mirrors, Nerver means using only local mirrors.
command: [string] #Container startup command list, if not specified, using the startup command used when packaging
args: [string] #Start command parameter list for container
workingDir: string #Working catalogue of containers
volumeMounts: #Storage volume configuration mounted inside the container
- name: string #Referring to the name of the shared storage volume defined by pod, you need the volume name defined in the volume [] section
mountPath: string #The absolute mount path of the volume in the container should be less than 512 characters
readOnly: boolean #Is it read-only mode?
ports: #List of port library numbers to be exposed
- name: string #Port number name
containerPort: int #The port number that the container needs to listen on
hostPort: int #The port number that the container host needs to listen on is the same as Container by default.
protocol: string #Port protocol, support TCP and UDP, default TCP
env: #List of environmental variables to be set before the container runs
- name: string #Name of environment variable
value: string #Values of environmental variables
resources: #Resource Limitation and Request Settings
limits: #Setting of resource constraints
cpu: string #The Cpu limit, in core numbers, will be used for the docker run --cpu-shares parameter
memory: string #Memory limitation, in Mib/Gib units, will be used for docker run --memory parameters
requests: #Resource Request Settings
cpu: string #Cpu request, initial available number of container startup
memory: string #Clear memory, initial available number of container startup
livenessProbe: #For the settings of health checking for each container in Pod, the container will be restarted automatically after several times of non-response detection. The checking methods are exec, httpGet and tcpSocket. Only one of them can be set for a container.
exec: #Inspection mode in Pod container is set to exec mode
command: [string] #Commands or scripts that need to be developed in exec mode
httpGet: #To set the method of health inspection for each container in Pod as HttpGet, Path and port should be formulated.
path: string
port: number
host: string
scheme: string
HttpHeaders:
- name: string
value: string
tcpSocket: #Set the health inspection mode of each container in Pod to tcpSocket mode
port: number
initialDelaySeconds: 0 #The first detection time after the container is started in seconds
timeoutSeconds: 0 #Time-out of waiting response for container health check detection, unit second, default 1 second
periodSeconds: 0 #Regular detection time settings for container monitoring and inspection, unit seconds, default 10 seconds
successThreshold: 0
failureThreshold: 0
securityContext:
privileged:false
restartPolicy: [Always | Never | OnFailure]#Pod's restart strategy, Always says that once the operation is terminated in any way, kubelet will restart. OnFailure says that only Pod exits with a non-zero exit code will restart. Nerver says that the Pod will not be restarted again.
nodeSelector: obeject #Setting NodeSelector means dispatching the Pod to a node containing the label, specified in key: value format
imagePullSecrets: #The secret name used when the Pull image is mirrored, specified in key: secret key format
- name: string
hostNetwork:false #Whether to use the host network mode, default to false, if set to true, means to use the host network
volumes: #Define a list of shared storage volumes on this pod
- name: string #Shared volume names (there are many types of volumes)
emptyDir: {} #The storage volume of type emtyDir is a temporary directory with the same life cycle as Pod. Null value
hostPath: string #A storage volume of type hostPath that represents the directory where Pod is mounted on the host machine
path: string #Pod's host directory, which will be used for mount's directory during the same period
secret: #Storage volumes of type secret mount clusters and defined secre objects inside containers
scretname: string
items:
- key: string
path: string
configMap: #Storage volumes of type configMap mount predefined configMap objects into the container
name: string
items:
- key: stringyaml instance file
apiVersion: extensions/v1beta1 #Interface version
kind: Deployment #Interface type
metadata:
name: ptengine-demo #Deployment name
namespace: ptengine-prd #namespace name
labels:
app: ptengine-demo #Label
spec:
replicas: 3
strategy:
rollingUpdate: ##Because replicas is 3, the total number of pod s is between 2 and 4.
maxSurge: 1 #Start a pod first when rolling upgrade
maxUnavailable: 1 #Maximum number of pod s allowed for rolling upgrades
template:
metadata:
labels:
app: ptengine-demo #Template name must be filled in
sepc: #Define a container template that can contain multiple containers
containers:
- name: ptengine-demo #Mirror Name
image: reg.pt1.com/ptengine-prd/ptengine-demo:0.0.1-SNAPSHOT #Mirror Address
CMD: [ "/bin/sh","-c","cat /etc/config/path/to/special-key" ] #Start CMD
args: #startup parameter
- '-storage.local.retention=$(STORAGE_RETENTION)'
. . . . . . . .
- '-web.external-url=$(EXTERNAL_URL)'
imagePullPolicy: IfNotPresent #If it does not exist, pull it out
livenessProbe: #Indicates whether the container is in live state. If LivenessProbe fails, LivenessProbe will notify kubelet that the corresponding container is not healthy. Kubelet then kill s the container and performs further operations according to RestarPolicy. By default, LivenessProbe is initialized as Success before the first detection. If the container does not provide LivenessProbe, it is also considered Success.
httpGet:
path: /health #If there is no heartbeat detection interface/
port: 8080
scheme: HTTP
initialDelaySeconds: 60 ##How long is the start-up delay to start running detection
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
readinessProbe:
httpGet:
path: /health #If there is no health detection interface/
port: 8080
scheme: HTTP
initialDelaySeconds: 30 ##How long is the start-up delay to start running detection
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
resources: ##CPU memory limitation
requests:
cpu: 2
memory: 2048Mi
limits:
cpu: 2
memory: 2048Mi
env: ##Pass pod = custom Linux OS environment variables directly through environment variables
- name: LOCAL_KEY #Local Key
value: value
- name: CONFIG_MAP_KEY #The local policy can use configMap to configure the Key.
valueFrom:
configMapKeyRef:
name: special-config #Find the name in configmap as special-config
key: special.type #Find the key under data in special-config with name
ports:
- name: http
containerPort: 8080 #Exposing ports to service
volumeMounts: #Mount disks defined in volumes
- name: log-cache
mount: /tmp/log
- name: sdb #Common usage, the volume is destroyed following the container, mounting a directory
mountPath: /data/media
- name: nfs-client-root #Direct mounting of hard disk methods, such as mounting the following nfs directory to / mnt/nfs
mountPath: /mnt/nfs
- name: example-volume-config #In the first advanced usage, log-script and backup-script of ConfigMap are mounted to a relative path/to /... in the / etc/config directory respectively. If there is a file with the same name, they are directly overwritten.
mountPath: /etc/config
- name: rbd-pvc #In Advanced Usage 2, mount PVC (Presistent Volume Claim)
#ConfigMap is mounted directly as a file or directory using volume, where each key-value pair generates a file with key as the file name and value as the content.
volumes: # Define the disk to mount the volumeMounts above
- name: log-cache
emptyDir: {}
- name: sdb #Mount the directory on the host
hostPath:
path: /any/path/it/will/be/replaced
- name: example-volume-config # For ConfigMap file content to the specified path
configMap:
name: example-volume-config #Name in ConfigMap
items:
- key: log-script #Key in ConfigMap
path: path/to/log-script #A relative path/to/log-script in the specified directory
- key: backup-script #Key in ConfigMap
path: path/to/backup-script #A relative path/to/backup-script in the specified directory
- name: nfs-client-root #NFS storage type for mounting
nfs:
server: 10.42.0.55 #NFS server address
path: /opt/public #Showmount-e Take a look at the path
- name: rbd-pvc #Mount PVC Disk
persistentVolumeClaim:
claimName: rbd-pvc1 #Mount the applied pvc diskReference documents:
https://blog.csdn.net/phantom_111/article/details/79427144
https://www.cnblogs.com/bakari/p/10509484.html
https://my.oschina.net/gibsonxue/blog/1840887