Shulou(Shulou.com)06/03 Report--

YAML is a concise non-markup language.

Syntax format:

·Indents indicate hierarchical relationships

·Tabs are not supported for indenting, spaces are used for indenting

·Usually indented 2 spaces at the beginning

·Indent a space after a character, such as a colon, comma, etc.

·

"---" indicates YAML format, the beginning of a file

· "#" comment

k8s yaml

Full content of pod definition file in # yaml format: apiVersion: v1 #Required, version number, for example v1kind: Pod #Required, Podmetadata: #Required, metadata name: string #Required, Pod name namespace: string #Required, namespace labels to which Pod belongs: #Custom tags - name: string #Custom tag name annotations: #Custom comment list - name: stringspec: #Required, Detailed definition of containers in Pod: #Required, list of containers in Pod- name: string #Required, container name image: string #Required, image name of container imagePullPolicy: [Always | Never |IfNotPresent] #Policy for obtaining images Alawys means to download images IfnotPresent means to use local images first, otherwise download images Nerver means to use only local images command: [string] #List of container startup commands, if not specified, use the startup command used when packaging args: [string] #Container startup command parameter list workingDir: string #Container working directory volumeMounts: #Storage volume configuration mounted inside container - name: string #The name of the shared storage volume defined by the pod, using the volume name defined in the volumes[] section mountPath: string #The absolute path of the mount in the container should be less than 512 characters readOnly: boolean #Is it read-only mode ports: #List of port library numbers to be exposed - name: string #Port Number Name containerPort: int #Port number on which the container needs to listen hostPort: int #The port number that the container host needs to listen to, the default is the same as Container protocol: string #Port protocol, TCP and UDP supported, default TCP env: #List of environment variables that need to be set before the container runs - name: string #Environment variable name value: string #Value of environment variable resources: #Resource limits and requested settings limits: #Setting of resource limits cpu: string #Cpu limit, in number of cores, will be used for docker run --cpu-shares parameter memory: string #Memory limit, unit can be Mib/Gib, will be used for docker run --memory parameter requests: #Settings for resource requests cpu: string #CPU request, initial available quantity of container startup memory: string #Memory clear, initial available number of container starts livenessProbe: #Set health check for each container in Pod. When no response is detected several times, the container will be restarted automatically. Check methods include exec, httpGet and tcpSocket. For a container, you only need to set one of them. exec: #Set the inspection mode inside the Pod container to exec mode command: [string] #exec mode command or script to be formulated httpGet: #Set the health check method of each container in the Pod to HttpGet, and you need to specify Path and port. path: string port: number host: string scheme: string HttpHeaders: - name: string value: string tcpSocket: #Set the health check mode of each container in the Pod to tcpSocket mode port: number initialDelaySeconds: 0 #Time to detect the first time after the container is started, in seconds timeoutSeconds: 0 #Timeout time for waiting for response to container health check probe, in seconds, default 1 second periodSeconds: 0 #Set the periodic detection time for container monitoring inspection, in seconds, default once every 10 seconds successThreshold: 0 failureThreshold: 0 securityContext: privileged:false restartPolicy: [Always | Never |OnFailure]#Pod restart policy, Always means that kubelet will restart once the operation is terminated in any way, OnFailure means that the Pod will restart only if it exits with a non-zero exit code, Nerver means that the Pod will not be restarted again nodeSelector: object #Set NodeSelector to dispatch the Pod to the node containing this label, specified in the form of key: value imagePullSecrets: #The name of the secret used in Pull mirroring, specified in key: secretkey format - name: string hostNetwork:false #Whether to use host network mode, default is false, if set to true, means to use host network volumes: #Define a list of shared storage volumes on this pod - name: string #Shared storage volume name (there are many types of volumes) emptyDir: {} #Storage volume of type emtyDir, a temporary directory with the same lifecycle as the Pod. to a null value hostPath: string #Storage volume of type hostPath, indicating the directory of the host where the Pod is mounted path: string #The directory of the host where the Pod is located will be used for the directory of mount in the same period secret: #For a storage volume of type secret, mount the cluster and defined secret object inside the container scretname: string items: - key: string path: string configMap: #For storage volumes of configMap type, mount predefined configMap objects inside the container name: string items: - key: string path: string

Example deployment:

deployment yml (a deployment profile for redis)

apiVersion: apps/v1beta1kind: Deploymentmetadata: name: redis-deploymentspec: replicas: 2 template: metadata: labels: app: default.Deployment.redis_server spec: containers: - name: redis image: redis:latest imagePullPolicy: IfNotPresent ports: - containerPort: 6379 volumes: - name: data emptyDir: {}

service yaml

kind: ServiceapiVersion: v1metadata: name: redisspec: type: NodePort ports: - protocol: TCP port: 6379 targetPort: 6379 nodePort: 30379 name: test selector: app: default.Deployment.redis_server

secret yml

apiVersion: v1kind: Secretmetadata: name: mysecretdata: username: xxx password: yyy#Sensitive data must be the result of base64 encoding, such as username and password#above, create secret with kubectl apply -f xxx.yml command

Pod reads secret yml

apiVersion: v1kind: Podmetadata: name: mypodspec: containers: - name: mypod image: busybox args: - /bin/sh - -c - sleep 10; touch /tmp/healthy; sleep 30000 volumeMounts: - name: foo mountPath: "/etc/foo" readOnly: true volumes: - name: foo secret: secretName: mysecret# k8s will create a file under/etc/foo, creating a file for each data, the file name is the key#of the data, that is, there will be username and password two files, the content is the plaintext storage of its contents # volume mode supports dynamic update

Pod can also read secret data using environment variables, but does not support dynamic updates

apiVersion: v1kind: Podmetadata: name: mypodspec: containers: - name: mypod image: busybox args: - /bin/sh - -c - sleep 10; touch /tmp/healthy; sleep 30000 env: - name: SECRET_USERNAME valueFrom: secretKeyRef: name: mysecret key: username - name: SECRET_PASSWORD valueFrom: secretKeyRef: name: mysecret key: password

configMap yml

Similar to Secret.

piVersion: v1kind: ConfigMapmetadata: name: myconfigMapdata: config1: xxx config2: yyy #Call method is similar to secret, the corresponding type is changed to configMap and it is OK

It can also be generated through templates.

·Generate with run command

kubectl run --image=nginx my-deploy -o yaml --dry-run > my-deploy.yaml

·Export with the get command

kubectl get my-deploy/nginx -o=yaml --export > my-deploy.yaml

·Forgot the spelling of the Pod container field

kubectl explain pods.spec.containers

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.