k8s-pod的启动
k8s-pod的启动
- 一、命令行启动nginx的pod
- 创建deployment
- 访问节点中的nginx
- 查看部署控制器和副本控制器
- 模拟高可用,将k8s-3关机
- 手动触发重建
- 删除rs会重新启新的rs
- 删除deploy,所管理的rs也会被删除
- 二、yaml文件启pod
- kubectl apply 启动pod
- kubectl apply 使用部署控制器启动pod
- 三、pod的启动流程
官方文档:https://kubernetes.io/zh-cn/docs/concepts/workloads/pods/
pod 是可以在 Kubernetes 中创建和管理的、最小的可部署的计算单元
一、命令行启动nginx的pod
kubectl get查看pod和namespace(ns)
-n 指定命名空间
[root@k8s-1 ~]# kubectl get pod
No resources found in default namespace.
[root@k8s-1 ~]# kubectl get ns
NAME STATUS AGE
default Active 20h
kube-node-lease Active 20h
kube-public Active 20h
kube-system Active 20h
kubernetes-dashboard Active 18h
[root@k8s-1 ~]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-64cc74d646-b7l5l 1/1 Running 0 129m
calico-node-4v7n5 1/1 Running 1 (15h ago) 19h
calico-node-jr9sg 1/1 Running 1 (15h ago) 19h
calico-node-tpsnh 1/1 Running 1 (15h ago) 19h
coredns-6d8c4cb4d-6dtcb 1/1 Running 0 129m
coredns-6d8c4cb4d-jjdrf 1/1 Running 0 129m
etcd-k8s-1 1/1 Running 1 (15h ago) 20h
kube-apiserver-k8s-1 1/1 Running 1 (15h ago) 20h
kube-controller-manager-k8s-1 1/1 Running 1 (15h ago) 20h
kube-proxy-4vvtv 1/1 Running 1 (15h ago) 19h
kube-proxy-7r4kf 1/1 Running 1 (15h ago) 19h
kube-proxy-vpc62 1/1 Running 1 (15h ago) 19h
kube-scheduler-k8s-1 1/1 Running 1 (15h ago) 20h
创建deployment
kubectl create deployment:创建 Deployment 资源- k8s-nginx:Deployment 的名称
--image=nginx:指定使用 nginx 镜像-r 3或 --replicas=3:指定创建 3 个副本
执行成功后会创建 3 个运行 nginx 的 Pod,并由这个 deployment 进行管理。如果某个 Pod 出现故障,deployment 会自动创建新的 pod 来维持 3 个副本的状态
[root@k8s-1 ~]# kubectl create deployment k8s-nginx --image=nginx -r 3
deployment.apps/k8s-nginx created
[root@k8s-1 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
k8s-nginx-6d779d947c-cgc2b 0/1 ContainerCreating 0 14s
k8s-nginx-6d779d947c-nkdpm 0/1 ContainerCreating 0 14s
k8s-nginx-6d779d947c-qhz5w 0/1 ContainerCreating 0 14s# 过一会查看
[root@k8s-1 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
k8s-nginx-6d779d947c-cgc2b 1/1 Running 0 3m30s
k8s-nginx-6d779d947c-nkdpm 1/1 Running 0 3m30s
k8s-nginx-6d779d947c-qhz5w 1/1 Running 0 3m30s# 查看更详细的信息 -o wide
[root@k8s-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
k8s-nginx-6d779d947c-cgc2b 1/1 Running 0 3m46s 10.224.13.68 k8s-3 <none> <none>
k8s-nginx-6d779d947c-nkdpm 1/1 Running 0 3m46s 10.224.13.69 k8s-3 <none> <none>
k8s-nginx-6d779d947c-qhz5w 1/1 Running 0 3m46s 10.224.200.200 k8s-2 <none> <none>[root@k8s-2 ~]# docker images|grep nginx
nginx latest 41f689c20910 4 weeks ago 192MB
访问节点中的nginx
[root@k8s-1 ~]# curl 10.224.13.68
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p><p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p><p><em>Thank you for using nginx.</em></p>
</body>
</html>
查看部署控制器和副本控制器
[root@k8s-1 ~]# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
k8s-nginx 3/3 3 3 8m15s
[root@k8s-1 ~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
k8s-nginx-6d779d947c 3 3 3 8m36s
模拟高可用,将k8s-3关机
[root@k8s-3 ~]# init 0
等一会再次查看,Kubernetes 需要一定时间来检测到节点故障并更新 Pod 状态
[root@k8s-1 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-1 Ready control-plane,master 21h v1.23.17
k8s-2 Ready worker 20h v1.23.17
k8s-3 NotReady worker 20h v1.23.17# 等待约5分钟,Kubernetes 已经完成了故障转移:当 k8s-3 节点不可用时,原运行在该节点上的 Pod 被标记为 Terminating,同时控制器自动在可用的 k8s-2 节点上新建了 Pod,确保应用持续可用
[root@k8s-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
k8s-nginx-6d779d947c-2r6gh 1/1 Running 0 33m 10.224.200.201 k8s-2 <none> <none>
k8s-nginx-6d779d947c-cgc2b 1/1 Terminating 0 50m 10.224.13.68 k8s-3 <none> <none>
k8s-nginx-6d779d947c-mv5qz 1/1 Running 0 33m 10.224.200.202 k8s-2 <none> <none>
k8s-nginx-6d779d947c-nkdpm 1/1 Terminating 0 50m 10.224.13.69 k8s-3 <none> <none>
k8s-nginx-6d779d947c-qhz5w 1/1 Running 0 50m 10.224.200.200 k8s-2 <none> <none>[root@k8s-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
k8s-nginx-6d779d947c-2r6gh 1/1 Running 0 143m 10.224.200.201 k8s-2 <none> <none>
k8s-nginx-6d779d947c-mv5qz 1/1 Running 0 143m 10.224.200.202 k8s-2 <none> <none>
k8s-nginx-6d779d947c-qhz5w 1/1 Running 0 160m 10.224.200.200 k8s-2 <none> <none>
k8s-3 开机并恢复正常后,会被纳入调度范围,新创建的 Pod(包括滚动更新、扩缩容时产生的)可能会被分配到该节点,但已有 Pod 不会自动迁移
手动触发重建
[root@k8s-1 ~]# kubectl rollout restart deployment k8s-nginx
deployment.apps/k8s-nginx restarted
[root@k8s-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
k8s-nginx-5fffdc7cd7-p8h2p 0/1 ContainerCreating 0 2s <none> k8s-3 <none> <none>
k8s-nginx-6d779d947c-2r6gh 1/1 Running 0 147m 10.224.200.201 k8s-2 <none> <none>
k8s-nginx-6d779d947c-mv5qz 1/1 Running 0 147m 10.224.200.202 k8s-2 <none> <none>
k8s-nginx-6d779d947c-qhz5w 1/1 Running 0 164m 10.224.200.200 k8s-2 <none> <none>
[root@k8s-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
k8s-nginx-5fffdc7cd7-2c7fr 1/1 Running 0 24s 10.224.13.71 k8s-3 <none> <none>
k8s-nginx-5fffdc7cd7-ckqhs 1/1 Running 0 35s 10.224.200.203 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-p8h2p 1/1 Running 0 43s 10.224.13.70 k8s-3 <none> <none># 在创建一个就会分配
[root@k8s-1 ~]# kubectl create deployment k8s-nginx-2 --image=nginx -r 3
deployment.apps/k8s-nginx-2 created
[root@k8s-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
k8s-nginx-2-6449bd5588-f8x6k 0/1 ContainerCreating 0 4s <none> k8s-3 <none> <none>
k8s-nginx-2-6449bd5588-fzrqn 0/1 ContainerCreating 0 4s <none> k8s-3 <none> <none>
k8s-nginx-2-6449bd5588-jk22m 0/1 ContainerCreating 0 4s <none> k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-ckqhs 1/1 Running 1 (21h ago) 21h 10.224.200.205 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-jdggz 1/1 Running 0 138m 10.224.200.209 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-vjpj4 1/1 Running 0 138m 10.224.200.210 k8s-2 <none> <none>
[root@k8s-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
k8s-nginx-2-6449bd5588-f8x6k 1/1 Running 0 20s 10.224.13.72 k8s-3 <none> <none>
k8s-nginx-2-6449bd5588-fzrqn 1/1 Running 0 20s 10.224.13.73 k8s-3 <none> <none>
k8s-nginx-2-6449bd5588-jk22m 1/1 Running 0 20s 10.224.200.211 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-ckqhs 1/1 Running 1 (21h ago) 21h 10.224.200.205 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-jdggz 1/1 Running 0 138m 10.224.200.209 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-vjpj4 1/1 Running 0 138m 10.224.200.210 k8s-2 <none> <none>
删除rs会重新启新的rs
[root@k8s-1 ~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
k8s-nginx-2-6449bd5588 3 3 3 4m8s
k8s-nginx-5fffdc7cd7 3 3 3 21h
k8s-nginx-6d779d947c 0 0 0 23h
[root@k8s-1 ~]# kubectl delete rs k8s-nginx-2-6449bd5588
replicaset.apps "k8s-nginx-2-6449bd5588" deleted[root@k8s-1 ~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
k8s-nginx-2-6449bd5588 3 3 0 4s
k8s-nginx-5fffdc7cd7 3 3 3 21h
k8s-nginx-6d779d947c 0 0 0 23h
[root@k8s-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
k8s-nginx-2-6449bd5588-ddqpn 1/1 Running 0 27s 10.224.13.74 k8s-3 <none> <none>
k8s-nginx-2-6449bd5588-knhcb 1/1 Running 0 27s 10.224.200.213 k8s-2 <none> <none>
k8s-nginx-2-6449bd5588-rx6b5 1/1 Running 0 27s 10.224.200.212 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-ckqhs 1/1 Running 1 (21h ago) 21h 10.224.200.205 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-jdggz 1/1 Running 0 144m 10.224.200.209 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-vjpj4 1/1 Running 0 144m 10.224.200.210 k8s-2 <none> <none>
删除deploy,所管理的rs也会被删除
[root@k8s-1 ~]# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
k8s-nginx 3/3 3 3 23h
k8s-nginx-2 3/3 3 3 8m12s
[root@k8s-1 ~]# kubectl delete deploy k8s-nginx-2
deployment.apps "k8s-nginx-2" deleted
[root@k8s-1 ~]# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
k8s-nginx 3/3 3 3 24h
[root@k8s-1 ~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
k8s-nginx-5fffdc7cd7 3 3 3 21h
k8s-nginx-6d779d947c 0 0 0 24h
[root@k8s-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
k8s-nginx-5fffdc7cd7-ckqhs 1/1 Running 1 (21h ago) 21h 10.224.200.205 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-jdggz 1/1 Running 0 147m 10.224.200.209 k8s-2 <none> <none>
k8s-nginx-5fffdc7cd7-vjpj4 1/1 Running 0 147m 10.224.200.210 k8s-2 <none> <none>[root@k8s-1 ~]# kubectl delete deploy k8s-nginx
deployment.apps "k8s-nginx" deleted
[root@k8s-1 ~]# kubectl get pod -o wide
No resources found in default namespace.
二、yaml文件启pod
kubectl apply 启动pod
[root@k8s-1 pod]# vim pod1.yaml
apiVersion: v1 # 指定了使用的 Kubernetes API 版本,v1 是核心 API 组的稳定版本
kind: Pod # k8s里对象的类型,Pod 是 Kubernetes 中最小的部署单元
metadata: # 元数据--》描述数据的数据,对pod进行描述name: nginx # 容器的名字
spec: # 定义对象的详细信息containers:- name: nginximage: nginx:latestports:- containerPort: 80
执行
[root@k8s-1 pod]# kubectl apply -f pod1.yaml
pod/nginx created
[root@k8s-1 pod]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx 1/1 Running 0 18s 10.224.13.75 k8s-3 <none> <none># 停了后,会重新启个新的
[root@k8s-3 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bb425d874e5e nginx "/docker-entrypoint.…" 3 minutes ago Up 3 minutes k8s_nginx_nginx_default_8cfe649e-66c0-4f39-8bab-c05ed496fd6f_0
[root@k8s-3 ~]# docker stop bb425d874e5e
bb425d874e5e[root@k8s-1 pod]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx 1/1 Running 1 (7s ago) 4m25s 10.224.13.75 k8s-3 <none> <none>
[root@k8s-3 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3bdd8fbfa24e nginx "/docker-entrypoint.…" 16 seconds ago Up 15 seconds k8s_nginx_nginx_default_8cfe649e-66c0-4f39-8bab-c05ed496fd6f_1
kubectl apply 使用部署控制器启动pod
[root@k8s-1 pod]# vim nginx-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:name: nginx-deploymentlabels: # 标签app: nginx # 具体的标签company: sc
spec:replicas: 3 # 3个pod,创建一个副本控制器selector: # 选择器matchLabels: # 匹配标签app: nginxtemplate: # 模版metadata:labels:app: nginxspec:containers:- name: nginximage: nginx:latestports:- containerPort: 80
[root@k8s-1 pod]# kubectl apply -f nginx-deployment.yaml
deployment.apps/nginx-deployment created
[root@k8s-1 pod]# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 3/3 3 3 26s
[root@k8s-1 pod]# kubectl get rs
NAME DESIRED CURRENT READY AGE
nginx-deployment-8d545c96d 3 3 3 39s
[root@k8s-1 pod]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 1 (3h19m ago) 3h23m
nginx-deployment-8d545c96d-hp5bx 1/1 Running 0 46s
nginx-deployment-8d545c96d-n7zr5 1/1 Running 0 46s
nginx-deployment-8d545c96d-wp4nt 1/1 Running 0 46s
查看deploy和pod的详细信息
kubectl describe
[root@k8s-1 pod]# kubectl describe deploy nginx-deployment
Name: nginx-deployment
Namespace: default
CreationTimestamp: Wed, 17 Sep 2025 15:19:10 +0800
Labels: app=nginxcompany=sc
Annotations: deployment.kubernetes.io/revision: 1
Selector: app=nginx
Replicas: 3 desired | 3 updated | 3 total | 3 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:Labels: app=nginxContainers:nginx:Image: nginx:latestPort: 80/TCPHost Port: 0/TCPEnvironment: <none>Mounts: <none>Volumes: <none>
Conditions:Type Status Reason---- ------ ------Available True MinimumReplicasAvailableProgressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-deployment-8d545c96d (3/3 replicas created)
Events:Type Reason Age From Message---- ------ ---- ---- -------Normal ScalingReplicaSet 3m57s deployment-controller Scaled up replica set nginx-deployment-8d545c96d to 3[root@k8s-1 pod]# kubectl describe pod nginx-deployment-8d545c96d-hp5bx
Name: nginx-deployment-8d545c96d-hp5bx
Namespace: default
Priority: 0
Node: k8s-3/192.168.168.147
Start Time: Wed, 17 Sep 2025 15:19:10 +0800
Labels: app=nginxpod-template-hash=8d545c96d
Annotations: cni.projectcalico.org/containerID: 00fd62401a9cd47dbc71253c77f1c996876780511ab33a7dc03e990c01bc1447cni.projectcalico.org/podIP: 10.224.13.77/32cni.projectcalico.org/podIPs: 10.224.13.77/32
Status: Running
IP: 10.224.13.77
IPs:IP: 10.224.13.77
Controlled By: ReplicaSet/nginx-deployment-8d545c96d
Containers:nginx:Container ID: docker://7a92106df639169d7c24e7cac16067b21d8fc77460254a3ad4898fc1b5c313d2Image: nginx:latestImage ID: docker-pullable://nginx@sha256:d5f28ef21aabddd098f3dbc21fe5b7a7d7a184720bc07da0b6c9b9820e97f25ePort: 80/TCPHost Port: 0/TCPState: RunningStarted: Wed, 17 Sep 2025 15:19:26 +0800Ready: TrueRestart Count: 0Environment: <none>Mounts:/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-6lbfs (ro)
Conditions:Type StatusInitialized True Ready True ContainersReady True PodScheduled True
Volumes:kube-api-access-6lbfs:Type: Projected (a volume that contains injected data from multiple sources)TokenExpirationSeconds: 3607ConfigMapName: kube-root-ca.crtConfigMapOptional: <nil>DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300snode.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:Type Reason Age From Message---- ------ ---- ---- -------Normal Scheduled 4m31s default-scheduler Successfully assigned default/nginx-deployment-8d545c96d-hp5bx to k8s-3Normal Pulling 4m29s kubelet Pulling image "nginx:latest"Normal Pulled 4m16s kubelet Successfully pulled image "nginx:latest" in 7.307172632s (13.013712244s including waiting)Normal Created 4m16s kubelet Created container nginxNormal Started 4m15s kubelet Started container nginx
进入容器内部
[root@k8s-1 pod]#
kubectl exec -itnginx-deployment-8d545c96d-hp5bx – bash
root@nginx-deployment-8d545c96d-hp5bx:/#
kubectl exec:在运行的 Pod 中执行命令-it:两个参数的组合,-i 保持标准输入打开,-t 分配一个伪终端,这两个参数一起使用可以创建交互式会话- nginx-deployment-8d545c96d-hp5bx:目标 Pod 的名称
--:用于分隔 kubectl 命令和要在 Pod 内执行的命令bash:要在 Pod 内部执行的命令,即启动 bash 终端
三、pod的启动流程
- 管理员使用kubectl(命令行或在yaml文件)给api server发起请求,执行相关操作
- api server接受请求,将数据存入到ETCD数据库
- 通过watch机制,api server通知Controller Manager控制器管理器,去创建相关的rs副本控制器,副本控制器根据yaml文件里的内容去创建多少个副本的pod,pod使用什么镜像等信息,然后会返回给api server,再写到ETCD数据库
- 通过watch机制,通知Scheduler调度器生成相关的调度信息,根据过滤、评分选择好最优的节点服务器去启动pod,再把这些调度信息返回给api server ,写到ETCD数据库
- 通过watch机制,api server会通知被选中执行启动pod的节点服务器上的kubelet去启动pod,kubelet就会调用容器运行时接口(CRI),拉取镜像(如果需要),创建并启动容器
- kube-proxy配置pod的网络信息,返回告诉api server,写到ETCD数据库里
- kubelet启动pod完成后,再返回信息给api server,api server写到ETCD数据库里