IT Cloud - страница 14

# test_pod.yml

# kybectl create -f test_pod.yaml

containers:

– name: test

image: debian

To run multiple replicas:

# test_replica_controller.yml

# kybectl create -f test_replica_controller.yml

apiVersion: v1

kind: ReplicationController

metadata:

name: Nginx

spec:

replicas: 3

selector:

app: Nginx // label by which the replica determines the presence of running containers

template:

containers:

– name: test

image: debian

For balancing, a type of service (logical entity) is used – LoadBalancer, in addition to which there is also ClasterIP and Node Port:

appVersion: v1

kind: Service

metadata:

name: test_service

apec:

type: LoadBalanser

ports:

– port: 80

– targetPort: 80

– protocol: TCP

– name: http

selector:

app: WEB

Overlay network plugins (created and configured automatically): Contig, Flannel, GCE networking, Linux bridging, Calico, Kube-DNS, SkyDNS. #configmap apiVersion: v1 kind: ConfigMap metadata: name: config_name data:

Similar to secrets in Docker-swarm, there is a secret for Kubernetes, an example of which can be NGINX settings:

#secrets

apiVersion: v1

kind: Secrets

metadata: name: test_secret

data:

password: ....

And to add a secret to POD, you need to specify it in the POD config:

....

valumes:

secret:

secretName: test_secret

…

Kubernetes has more flavors of Volumes:

* emptyDir;

* hostPatch;

* gcePersistentDisc – drive on Google Cloud;

* awsElasticBlockStore – A disk on Amazon AWS.

volumeMounts:

– name: app

nountPath: ""

volumes:

– name: app

hostPatch:

....

Feature for UI: Dashbord UI

Additionally available:

* Main metrics – collection of metrics;

* Logs collect – collecting logs;

* Scheduled JOBs;

* Autentification;

* Federation – distribution by data centers;

* Helm is a package manager similar to Docker Hub.

https://www.youtube.com/watch?v=FvlwBWvI-Zg

Docker commands

Docker is a more modern counterpart to RKT containers.

In Linux, when a process terminates with PID = 1, then NameSpace is also buried, which leads to the shutdown of the OS, in the case of a container, similarly, since it is a special case of the OS. The delimitation of processes in itself does not provide additional overhead, as well as monitoring and limiting resources for processes, because systemd provides the same configuration options in the host OS. Network virtualization occurs completely: both localhost and bridge, which allows you to create bridges from several containers to one localhost and thereby make it a single one for them, which is actively used in POD Kubernetes.

Run a temporary container interactively -it . To enter, you need to press Ctrl + D, which will send a signal to shutdown, after which it will be removed by –rm to avoid clogging the system with stopped modern containers. If the image is created in such a way that the application is launched in the shell in the container, which is wrong, then the signal will be poisoned to the application, and the container will continue to work with the shell, in which case, to exit in a separate terminal, you will need to kill it by its name –name name_container. For instance,:

Docker run –rm -it –name name_container ubuntu BASH

In the beginning, the Docker CLI had a simple set of commands to manage the lifecycle of containers. Among them:

* Docker run to run the container;

* Docker ps to view running containers;

* Docker rm to remove a container;

* Docker build to create your own image;