- 一、Pod资源配置
- 二、Deployment资源配置(deploy)
- 三、StatefulSet资源配置(sts)
- 三、DaemonSet资源配置(ds)
- 四、Pv资源配置
- 五、Pvc资源配置
- 六、Service资源配置(svc)
- 六、Ingress资源配置(ing)
- 七、ConfigMap资源配置(cm)
- 八、Secret资源配置
- 九、HorizontalPodAutoscaler资源配置(hpa)
- 十、LimitRanges资源配置(limits)
资源配置清单详解
一、Pod资源配置
1、非Object配置
apiVersion: v1kind: Podmetadata:spec:activeDeadlineSeconds: <integer>automountServiceAccountToken: <boolean>dnsPolicy: <string> # 'ClusterFirst', 'Default' or 'None'enableServiceLinks: <boolean>hostIPC: <boolean>hostNetwork: <boolean> # 是否使用宿主机网路,类似于--network=hosthostPID: <boolean>hostname: <string> # 设置主机名称,类似于--hostnamenodeName: <string> #nodeSelector: <map[string]string> # 节点标签选择器priority: <integer>priorityClassName: <string>restartPolicy: <string> # 重启策略:Always, OnFailure, NeverruntimeClassName: <string>schedulerName: <string>serviceAccount: <string>serviceAccountName: <string>shareProcessNamespace: <boolean>subdomain: <string>terminationGracePeriodSeconds: <integer>
2、spec.affinity
2.1、spec.affinity.nodeAffinity:节点亲和性配置
spec:affinity: <Object>nodeAffinity: <Object>requiredDuringSchedulingIgnoredDuringExecution: <Object>nodeSelectorTerms: <[]Object> -required-- matchExpressions: <[]Object>- key: <string> -required-operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)values: <[]string>- value1- value2matchFields: <[]Object> # 通过节点字段- key: <string> -required-operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)values: <[]string>- value1- value2preferredDuringSchedulingIgnoredDuringExecution: <[]Object>- weight: <integer> -required-preference: <Object> -required-matchExpressions: <[]Object> # 通过节点标签- key: <string> -required-operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)values: <[]string>- value1- value2matchFields: <[]Object> # 通过节点字段- key: <string> -required-operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)values: <[]string>- value1- value2
2.2、spec.affinity.podAffinity:pod亲和性配置
spec:affinity: <Object>podAffinity: <Object>requiredDuringSchedulingIgnoredDuringExecution: <[]Object>namespaces: <[]string>topologyKey: <string> -required-labelSelector: <Object>matchLabels: <map[string]string>key1: value1key2: value2matchExpressions:key: <string> -required-operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)values: <[]string>- value1- value2preferredDuringSchedulingIgnoredDuringExecution: <[]Object>- weight: <integer> -required-podAffinityTerm: <Object> -required-namespaces: <[]string>topologyKey: <string> -required-labelSelector: <Object>matchLabels: <map[string]string>key1: value1key2: value2matchExpressions:key: <string> -required-operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)values: <[]string>- value1- value2
2.3、spec.affinity.podAntiAffinity:pod反亲和性配置
spec:affinity: <Object>podAntiAffinity: <Object>requiredDuringSchedulingIgnoredDuringExecution: <[]Object>namespaces: <[]string>topologyKey: <string> -required-labelSelector: <Object>matchLabels: <map[string]string>key1: value1key2: value2matchExpressions:key: <string> -required-operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)values: <[]string>- value1- value2preferredDuringSchedulingIgnoredDuringExecution: <[]Object>- weight: <integer> -required-podAffinityTerm: <Object> -required-namespaces: <[]string>topologyKey: <string> -required-labelSelector: <Object>matchLabels: <map[string]string>key1: value1key2: value2matchExpressions:key: <string> -required-operator: <string> -required- # 设置键值关系(In, NotIn, Exists, DoesNotExist)values: <[]string>- value1- value2
3、spec.containers:容器配置
spec:containers: <[]Object> # 容器配置- name: <string> -required- # 容器名、DNS_LABELimage: <string> # 镜像名称imagePullPolicy: <string> # 镜像拉取策略,Always、Never、IfNotPresentcommand: ["/bin/sh"] # 类似于dockerfile中的entrypiontargs: ["-c", "while true; do echo hello; sleep 10;done"] # 类似于dockerfile中的cmdstdin: <boolean>stdinOnce: <boolean>terminationMessagePath: <string>terminationMessagePolicy: <string>tty: <boolean>workingDir: <string>```持续更新### 3.1、spec.containers.ports:容器端口号配置```yamlspec:containers: <[]Object>ports: <[]Object> # 端口配置- name: <string> # 定义端口名containerPort: <integer> -required- # 容器暴露的端口protocol: <string> # 端口协议,UDP, TCP, or SCTPhostIP: <string> # 指定要绑定的主机IPhostPort: <integer> # 指定主机开放的端口
3.2、spec.containers.env:环境变量设置
spec:持续更新containers: <[]Object>env: <[]Object> #环境变量配置- name: <string> -required- # 环境变量名称,如:MYSQL_ROOT_PASSWORDvalue: <string> # 设置环境变量的值valueFrom: <Object>configMapKeyRef: <Object> # 指定从configmap的键名获取name: <string> # configmap名称key: <string> -required- # configmap资源清单下data字段下的键名optional: <boolean>fieldRef: <Object>apiVersion: <string>fieldPath: <string> -required-resourceFieldRef: <Object>containerName: <string>divisor: <string>resource: <string> -required-secretKeyRef: <Object> # 指定从Secret的键名获取name: <string> # Secret名称key: <string> -required- # Secret资源清单下data字段下的键名optional: <boolean>envFrom: <[]Object>- configMapRef: <Object> # 指定从configmap资源获取name: <string> # 指定configmap名称optional: <boolean>secretRef: <Object> # 指定从Secret资源获取name: <string> # 指定Secret名称optional: <boolean>prefix: <string>
3.3、spec.containers.volumeMounts:容器内部存储卷挂载配置
spec:持续更新containers: <[]Object>volumeMounts: <[]Object> # 容器挂载卷配置- name: <string> -required- # 设置挂载卷名称mountPath: <string> -required- # 设置挂载存储卷的路径readOnly: <boolean> # 是否只读,默认为falsemountPropagation: <string>subPath: <string>subPathExpr: <string>
3.4、spec.containers.livenessProbe:存活状态检测
spec:containers: <[]Object>livenessProbe: <Object> # 存活探针exec: <Object>command: <[]string>httpGet: <Object>port: <string> -required-path: <string>host: <string>httpHeaders: <[]Object>name: <string> -required-value: <string> -required-scheme: <string>tcpSocket: <Object> # TCPSocket指定涉及TCP端口的操作port: <string> -required- # 容器暴露的端口host: <string> # 默认pod的IPinitialDelaySeconds: <integer> # 设置多少秒后开始探测failureThreshold: <integer> # 设置连续探测多少次失败后,标记为失败,默认三次successThreshold: <integer> # 设置失败后探测的最小连续成功次数,默认为1timeoutSeconds: <integer> # 设置探测超时的秒数,默认1speriodSeconds: <integer> # 设置执行探测的频率(以秒为单位),默认1s
3.5、spec.containers.readinessProbe:就绪状态检测
spec:containers: <[]Object>readinessProbe: <Object> # 就绪探针exec: <Object>command: <[]string>httpGet: <Object>port: <string> -required-path: <string>host: <string>httpHeaders: <[]Object>name: <string> -required-value: <string> -required-scheme: <string>tcpSocket: <Object> # TCPSocket指定涉及TCP端口的操作持续更新port: <string> -required- # 容器暴露的端口host: <string> # 默认pod的IPinitialDelaySeconds: <integer> # 设置多少秒后开始探测failureThreshold: <integer> # 设置连续探测多少次失败后,标记为失败,默认三次successThreshold: <integer> # 设置失败后探测的最小连续成功次数,默认为1timeoutSeconds: <integer> # 设置探测超时的秒数,默认1speriodSeconds: <integer> # 设置执行探测的频率(以秒为单位),默认1s
3.6、spec.containers.resources:资源限制
spec:containers: <[]Object>resources: <Object> # 资源配置requests: <map[string]string> # 要求分配的最小资源memory: "1024Mi" # Mi,Gicpu: "500m" # 500m代表0.5CPUlimits: <map[string]string> # 能够分配的最大资源memory:cpu:
3.7、spec.containers.lifecycle
spec:containers: <[]Object>lifecycle: <Object>postStart: <Object>exec: <Object>command: <[]string>httpGet: <Object>持续更新port: <string> -required-path: <string>host: <string>httpHeaders: <[]Object>name: <string> -required-value: <string> -required-scheme: <string>tcpSocket: <Object>port: <string> -required- # 容器暴露的端口host: <string> # 默认pod的IPpreStop: <Object>exec: <Object>command: <[]string>httpGet: <Object>port: <string> -required-path: <string>host: <string>httpHeaders: <[]Object>持续更新name: <string> -required-value: <string> -required-scheme: <string>tcpSocket: <Object>port: <string> -required- # 容器暴露的端口host: <string> # 默认pod的IP
3.8、spec.containers.volumeDevices
spec:containers: <[]Object>volumeDevices: <[]Object>- name: <string> -required-devicePath: <string> -required-
4、spec.volumes:数据存储卷配置
4.1、spec.volumes.emptyDir:使用emptyDir存储
spec:volumes: <[]Object> #数据卷配置- name: <string> -required- #设置卷名称,与volumeMounts名称对应emptyDir: <Object>medium: <string>sizeLimit: <string>
4.2、spec.volumes.hostPath:使用宿主机路径存储
spec:持续更新volumes: <[]Object> #数据卷配置- name: <string> -required- #设置卷名称,与volumeMounts名称对应hostPath: <Object> #设置挂载宿主机路径path: <string> -required-type: <string> #类型:DirectoryOrCreate、Directory、FileOrCreate、File、Socket、CharDevice、BlockDevice
4.3、spec.volumes.nfs:使用nfs网络存储
spec:volumes: <[]Object> #数据卷配置- name: <string> -required- #设置卷名称,与volumeMounts名称对应nfs: <Object> #设置NFS服务器server: <string> -required- #设置NFS服务器地址path: <string> -required- #设置NFS服务器路径(该路径必须存在)持续更新readOnly: <boolean> #设置是否只读
4.4、spec.volumes.configMap:使用configmap存储
spec:volumes: <[]Object> #数据卷配置- name: <string> -required- #设置卷名称,与volumeMounts名称对应configMap: <Object>name: <string> #configmap名称defaultMode: <integer> #权限设置0~0777,默认0664optional: <boolean> #指定是否必须定义configmap或其keysitems: <[]Object>- key: <string> -required-path: <string> -required-mode: <integer>
4.5、spec.volumes.secret:使用Secret存储
spec:volumes: <[]Object> #数据卷配置- name: <string> -required- #设置卷名称,与volumeMounts名称对应secret: <Object>secretName: <string>defaultMode: <integer> #权限设置0~0777,默认0664optional: <boolean> #指定是否必须定义configmap或其keys
4.6、spec.volumes.persistentVolumeClaim:使用pvc存储
spec:volumes: <[]Object> #数据卷配置- name: <string> -required- #设置卷名称,与volumeMounts名称对应persistentVolumeClaim: <Object>claimName: <string> -required- #pvc名称readOnly: <boolean>
4.7、spec.volumes.storageos
spec:volumes: <[]Object> #数据卷配置- name: <string> -required- #设置卷名称,与volumeMounts名称对应storageos: <Object>volumeName: <string>volumeNamespace: <string>fsType: <string>secretRef: <Object>name: <string>
5、spec.tolerations:污点容忍度配置
spec:tolerations: <[]Object>effect: <string> # NoSchedule, PreferNoSchedule, NoExecutekey: <string>value: <string>operator: <string> # Exists, EqualtolerationSeconds: <integer>
6、spec.securityContext
spec:securityContext: <Object>fsGroup: <boolean>runAsGroup: <boolean>runAsNonRoot: <boolean>runAsUser: <boolean>supplementalGroups: <[]integer>seLinuxOptions: <Object>level: <string>role: <string>type: <string>user: <string>sysctls: <[]Object>name: <string> -required-value: <string> -required-
二、Deployment资源配置(deploy)
apiVersion: extensions/v1beta1kind: Deploymentmetadata:spec:minReadySeconds: <integer> # 设置pod准备就绪的最小秒数paused: <boolean> # 表示部署已暂停并且deploy控制器不会处理该部署progressDeadlineSeconds: <integer>replicas: <integer> # pod的副本数量revisionHistoryLimit: <integer> # 设置保留的历史版本个数,默认是10rollbackTo: <Object>revision: <integer> # 设置回滚的版本,设置为0则回滚到上一个版本selector: <Object> # pod标签选择器,匹配pod标签,默认使用pods的标签matchLabels: <map[string]string>key1: value1key2: value2matchExpressions: <[]Object>operator: <string> -required- #设定标签键与一组值的关系,In, NotIn, Exists and DoesNotExistkey: <string> -required-values: <[]string>strategy: <Object> # 将现有pod替换为新pod的部署策略rollingUpdate: <Object> # 滚动更新配置参数,仅当类型为RollingUpdatemaxSurge: <string> # 滚动更新过程产生的最大pod数量,可以是个数,也可以是百分比maxUnavailable: <string> #type: <string> #部署类型,Recreate,RollingUpdatetemplate: <Object> -required- # 同pod配置
三、StatefulSet资源配置(sts)
apiVersion: apps/v1kind: StatefulSetmetadata:spec:podManagementPolicy: <string> # pod更新替换策略,OrderedReady(默认)、Parallelreplicas: <integer> # 副本数revisionHistoryLimit: <integer> # 历史版本serviceName: <string> -required- # 设置headless服务名selector: <Object> -required- # 标签选择器matchLabels: <map[string]string>key1: value1key2: value2matchExpressions: <[]Object>operator: <string> -required- #设定标签键与一组值的关系,In, NotIn, Exists and DoesNotExistkey: <string> -required-values: <[]string>template: <Object> -required- # 同pod配置updateStrategy: <Object>rollingUpdate: <Object>partition: <integer> # 默认为0type: <string> # 默认RollingUpdatevolumeClaimTemplates: <[]Object>- apiVersion: <string>kind: <string>metadata: <Object>spec: <Object>accessModes: <[]string>resources: <Object> # 参考链接:https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/limits: <map[string]string>requests: <map[string]string>storage: 5GidataSource: <Object>apiGroup: <string>kind: <string> -required-name: <string> -required-selector: <Object>matchLabels: <map[string]string>key1: value1key2: value2matchExpressions: <[]Object>operator: <string> -required- #设定标签键与一组值的关系,In, NotIn, Exists and DoesNotExistkey: <string> -required-values: <[]string>storageClassName: <string>volumeMode: <string>volumeName: <string>
三、DaemonSet资源配置(ds)
apiVersion: extensions/v1beta1kind: DaemonSetmetadata:spec:minReadySeconds: <integer>revisionHistoryLimit: <integer>selector: <Object>template: <Object> -required-templateGeneration: <integer> #已过时updateStrategy: <Object>
四、Pv资源配置
1、标配
apiVersion: v1kind: PersistentVolumemetadata:spec:accessModes: <[]string> # 访问模式persistentVolumeReclaimPolicy: <string> # pv空间释放时处理机制storageClassName: <string> # 当前 PY 所属的 StorageClass 的名称capacity: <map[string]string>storage: 5Gi #容量设置
2、spec.nfs
spec:nfs: <Object>server: <string> -required- # nfs服务器地址path: <string> -required- # nfs服务器存储路径设置readOnly: <boolean> # 是否只读
3、spec.hostPath
spec:hostPath: <Object>path: <string> -required-type: <string> # 参考链接:https://kubernetes.io/docs/concepts/storage/volumes/#hostpath
4、spec.storageos
spec:storageos: <Object>fsType: <string> # "ext4", "xfs", "ntfs",未指定默认为ext4readOnly: <boolean>volumeName: <string>volumeNamespace: <string>secretRef: <Object>apiVersion: <string>kind: <string>name: <string>namespace: <string>fieldPath: <string>resourceVersion: <string>uid: <string>
五、Pvc资源配置
apiVersion: v1kind: PersistentVolumeClaimmetadata:spec:accessModes: <[]string>storageClassName: <string>volumeMode: <string>volumeName: <string>resources: <Object> # 参考链接:https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/limits: <map[string]string>requests: <map[string]string>storage: 5GidataSource: <Object>apiGroup: <string>kind: <string> -required-name: <string> -required-selector: <Object>matchLabels: <map[string]string>key1: value1key2: value2matchExpressions: <[]Object>operator: <string> -required- #设定标签键与一组值的关系,In, NotIn, Exists and DoesNotExistkey: <string> -required-values: <[]string>
六、Service资源配置(svc)
apiVersion: v1kind: Servicemetadata:spec:clusterIP: <string>externalIPs: <[]string>externalName: <string>externalTrafficPolicy: <string>healthCheckNodePort: <integer>loadBalancerIP: <string>loadBalancerSourceRanges: <[]string>ports: <[]Object>publishNotReadyAddresses: <boolean>selector: <map[string]string>key: valuesessionAffinity: <string>sessionAffinityConfig: <Object>clientIP: <Object>timeoutSeconds: <integer>type: <string> # ExternalName, ClusterIP, NodePort, LoadBalancer
六、Ingress资源配置(ing)
apiVersion: extensions/v1beta1kind: Ingressmetadata:spec:backend: <Object>serviceName: <string> -required-servicePort: <string> -required-rules: <[]Object>host: <string>http: <Object>paths: <[]Object> -required-backend: <Object> -required-serviceName: <string> -required-servicePort: <string> -required-path: <string>tls: <[]Object>hosts: <[]string>secretName: <string>
七、ConfigMap资源配置(cm)
apiVersion: v1kind: ConfigMapmetadata:binaryData: <map[string]string>data: <map[string]string>
八、Secret资源配置
apiVersion: v1kind: Secretmetadata:data: <map[string]string>stringData: <map[string]string>type: <string>
九、HorizontalPodAutoscaler资源配置(hpa)
kubectl autoscale (-f FILENAME | TYPE NAME | TYPE/NAME) [--min=MINPODS] --max=MAXPODS [--cpu-percent=CPU] [options]
spec:maxReplicas: <integer> -required- # 最大副本数minReplicas: <integer> # 最小副本数,默认为1targetCPUUtilizationPercentage: <integer> #scaleTargetRef: <Object> -required- #设置指定资源类型apiVersion: <string>kind: <string> -required-name: <string> -required-
十、LimitRanges资源配置(limits)
LimitRange 在名称空间中限制 Limits/Requests 的比例。如果指定了 LimitRange 对象的 spec.limits.maxLimitRequestRatio 字段,名称空间中的 Pod/容器的 request 和 limit 都不能为 0,且 limit 除以 request 的结果必须小于或等于 LimitRange 的 spec.limits.maxLimitRequestRatio
apiVersion: v1kind: LimitRangemetadata:name: <string>namespace: <string>labels: <map[string]string>spec:limits:- default: <map[string]string>defaultRequest: <map[string]string>max: <map[string]string>memory: xxxMicpu: xxxmmaxLimitRequestRatio: <map[string]string>memory: 2 # 限定了命名空间中任何Pod的最大内存限定(limit)不能超过最小内存的请求(request)的两倍min: <map[string]string>memory: xxxMicpu: xxxmtype: Container
若有收获,就点个赞吧
0 人点赞
