云计算-容器云笔记三(k8s运维)

5月 12, 2021

【题目】Pod管理

在master节点/root目录下编写yaml文件nginx.yaml,具体要求如下:
(1)Pod名称:nginx-pod;
(2)命名空间:default;
(3)容器名称:mynginx;
(4)镜像:nginx;拉取策略:IfNotPresent;
(5)容器端口:80

kubectl run mynginx --image=nginx:latest --namespace=default --port=80 --dry-run=client -o yaml

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: mynginx
  name: nginx-pod
  namespace: default
spec:
  containers:
  - image: nginx:latest
    name: mynginx
    imagePullPolicy: ifNotPresent
    ports:
    - containerPort: 80
    resources: {}
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}

【题目】Deployment管理

在master节点/root目录下编写yaml文件nginx-deployment.yaml,具体要求如下:
(1)Deployment名称:nginx-deployment;
(2)命名空间:default;
(3)Pod名称:nginx-deployment,副本数:2;
(4)网络:hostNetwork;
(5)镜像:nginx;
(6)容器端口:80

kubectl create deploy nginx-deployment --image=nginx:latest --namespace=default --dry-run=client -o yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  namespace: default
  labels: 
    app: nginx-deployment
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx-deployment
  template:
    metadata:
      labels:
        app: nginx-deployment
    spec:
      hostNetwork: true
      containers:
      - name: nginx-deployment
        image: nginx:latest
        ports:
        - containerPort: 80

【题目】Namespace管理

在master节点/root目录下编写yaml文件my-namespace.yaml,具体要求如下:
(1)Namespace名称:test。

kubectl create namespace test --dry-run=client -o yaml

apiVersion: v1
kind: Namespace
metadata:
  creationTimestamp: null
  name: test
spec: {}
status: {}

【题目】Service管理

在master节点/root目录下编写yaml文件service-clusterip.yaml,具体要求如下:
(1)Service名称:service-clusterip;
(2)命名空间:default;
(3)集群内部访问端口:80;targetPort: 81;
(4)Service类型:ClusterIP。

kubectl create service clusterip service-clusterip --tcp=80:81 --namespace=default --dry-run=client -o yaml

apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    app: service-clusterip
  name: service-clusterip
  namespace: default
spec:
  ports:
  - name: 80-81
    port: 80
    protocol: TCP
    targetPort: 81
  selector:
    app: service-clusterip
  type: ClusterIP
status:
  loadBalancer: {}

【题目】RBAC管理

在master节点/root目录下编写yaml文件role.yaml,具体要求如下:
(1)Role名称:pod-reader;
(2)命名空间:default;
(3)对default命名空间内的Pod拥有get、watch、list的权限。

kubectl create role pod-reader --verb=get,list,watch --resource=pods --namespace=defaut --dry-run=client -o yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  creationTimestamp: null
  name: pod-reader
rules:
- apiGroups:
  - ""
  resources:
  - pods
  verbs:
  - get
  - list
  - watch

【题目】CronJob管理

kubectl create cronjob hello --image=busybox --schedule='*/1 * * * *' --dry-run=client -o yaml

kind: CronJob
metadata:
  name: hello
spec:
  schedule: "*/1 * * * *"
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: hello
            image: busybox
            args:
            - /bin/sh
            - -c
            - date; echo Hello from the Kubernetes cluster
          restartPolicy: OnFailure

【题目】LimitRange管理

apiVersion: v1
kind: LimitRange
metadata:
  name: mem-limit-range
  namespace: default
spec:
  limits:
  - default:
      memory: 50Gi
      cpu: 5
    defaultRequest:
      memory: 1Gi
      cpu: 1
    type: Container

【题目】ReplicationController管理

在master节点/root目录下编写yaml文件ReplicationController.yaml,具体要求如下:
(1)ReplicationController名称:nginx;
(2)命名空间:default;
(3)副本数:3;
(4)镜像:nginx

apiVersion: v1
kind: ReplicationController
metadata:
  name: nginx
  namespace: default
spec:
  replicas: 3
  selector: 
    app: nginx
  template:
    metadata:
      labels: 
        app: nginx
    spec:
      containers:
        - name: nginx
          image: nginx:latest

【题目】健康检查

在master节点/root目录下编写yaml文件liveness_httpget.yaml,具体要求如下:
(1)Pod名称:liveness-http;
(2)命名空间:default;
(3)镜像:nginx;端口:80;
(4)容器启动时运行命令“echo Healty > /usr/share/nginx/html/healthz”;
(5)httpGet请求的资源路径为/healthz,地址默认为Pod IP,端口使用容器中定义的端口名称HTTP;
(6)启动后延时30秒开始运行检测;
(7)每隔3秒执行一次liveness probe

apiVersion: v1
kind: Pod
metadata:
  name: liveness-http
  namespace: default
spec:
  containers:
    - name: nginx
      image: nginx:latest
      ports:
        - containerPort: 80
      args:
        - /bin/sh
        - -c
        - echo Healty > /usr/share/nginx/html/healthz
      livenessProbe:
        httpGet:
          path: /healthz
          port: http
        initialDelaySeconds: 30
        periodSeconds: 3

【题目】PV管理

在 master节点/root目录下编写yml文件px,y0m,具体要求如下:
(1)PV名称:pv-local;
(2)命名空间: default;
(3)回收策略: Delete;
(4)访问模式:RWO:
(5)挂载路径:node节点/data/k8s/locally;
(6)卷容量:5G。

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-local
  namespace: default
spec:
  capacity:
    storage: 5Gi
  accessModes:
  - ReadWriteOnce
  persistentVolumeReclaimPolicy: Delete
  nfs:
    path: /data/k8s
    server: 127.0.0.1

【题目】HPA管理

在 master节点/root目录下编写yaml文件,具体要求如下:
(1)HPA名称: frontend-scaler;
(2)命名空间: default;
(3)副本数伸缩范围:3-10;
(4)期望每个Pod的CPU使用率为50%

apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata: 
  name: frontend_scaler
  namespace: default
spec:
  maxReplicas: 10
  minReplicas: 3
  scaleTargetRef:
    kind: Deployment
    name: frontend
  targetCPUUtilizationPercentage: 50

【题目】 Resource Quota管理

创建命名空间 quota-example,在 master节点/root目录下编写yaml,具体要求如下:
(1)ResourseQuota名称: compute-resources;
(2)命名空间: quota-example;
(3)命名空间内所有Pod数量不超过4;
(4)命名空间内所有容器内存申请总和不得超过1G;
(5)命名空间内所有内存限制不得超过2G;4
(6)命名空间内所有容器申请的CPU不得超过1
(7)命名空间内所有容器限制的CPU不得超过2。

apiVersion: v1
kind: ResourceQuota
metadata:
  name: compute-resources
  namespace: quota-example
spec:
  hard:
    pods: '4'
    requests.cpu: '1'
    requests.memory: 1Gi
    limits.cpu: '2'
    limits.memory: 2Gi