使用DaemonSet部署集群守护进程集
一、使用DaemonSet部署日志收集守护进程集
Fluentd是用于统一日志层的开源数据收集器。Kubernetes开发了Elasticsearch组件来实现集群的日志管理。Elasticsearch是一个搜索引擎,负责存储日志并提供查询接口;Fluentd负责从Kubernetes搜集日志并发送给Elasticsearch。
(1)创建YAML格式的DaemonSet文件
[root@master ~]# vim fluentd-daemonset.yaml
[root@master ~]# cat fluentd-daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet # 资源类型为DaemonSet
metadata:
name: fluentd-elasticsearch
namespace: kube-system # 名称空间采用内置的kube-system
labels:
k8s-app: fluentd-logging # DaemonSet资源的标签
spec:
selector:
matchLabels: # 必须指定与spec.template的标签匹配的Pod选择运算符
name: fluentd-elasticsearch
template: # 创建Pod副本所依据的模板
metadata:
labels: # Pod模板必须指定标签
name: fluentd-elasticsearch
spec:
tolerations: # 容忍度设置,此处设置让该守护进程集在控制平面节点或主节点上运行
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
containers:
- name: fluentd-elasticsearch
image: quay.io/fluentd_elasticsearch/fluentd:v2.5.2 # 镜像
resources: # 容器资源限制
limits:
memory: 200Mi
requests:
cpu: 100m
memory: 200Mi
volumeMounts: # Pod的卷挂载点
- name: varlog
mountPath: /var/log
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
terminationGracePeriodSeconds: 30
volumes: # 声明卷(本例定义了两个卷)
- name: varlog
hostPath: # 卷类型为HostPath(主机路径)
path: /var/log
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers
(2)基于上述YAML配置文件创建DaemonSet
[root@master ~]# kubectl apply -f fluentd-daemonset.yaml
daemonset.apps/fluentd-elasticsearch created
(3)查看该DaemonSet的Pod部署(操作该DaemonSet必须指定名称空间)
[root@master ~]# kubectl get pods --namespace=kube-system -l name=fluentd-elasticsearch -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
fluentd-elasticsearch-4zwp8 0/1 ImagePullBackOff 0 7m1s 10.244.104.25 node2 <none> <none>
fluentd-elasticsearch-gc5nd 0/1 ImagePullBackOff 0 7m1s 10.244.166.169 node1 <none> <none>
fluentd-elasticsearch-w9b8q 0/1 ImagePullBackOff 0 7m1s 10.244.219.95 master <none> <none>
可以发现3个节点各自运行了Pod,DaemonSet会先遍历节点列表,检查是否带有此标签的Pod在运行,若没有,则创建。
(4)查看详细信息
[root@master ~]# kubectl describe daemonset fluentd-elasticsearch --namespace=kube-system
Name: fluentd-elasticsearch
Selector: name=fluentd-elasticsearch
Node-Selector: <none>
Labels: k8s-app=fluentd-logging
Annotations: deprecated.daemonset.template.generation: 1
Desired Number of Nodes Scheduled: 3
Current Number of Nodes Scheduled: 3
Number of Nodes Scheduled with Up-to-date Pods: 3
Number of Nodes Scheduled with Available Pods: 0
Number of Nodes Misscheduled: 0
Pods Status: 0 Running / 3 Waiting / 0 Succeeded / 0 Failed
Pod Template:
Labels: name=fluentd-elasticsearch
Containers:
fluentd-elasticsearch:
Image: quay.io/fluentd_elasticsearch/fluentd:v2.4
Port: <none>
Host Port: <none>
Limits:
memory: 200Mi
Requests:
cpu: 100m
memory: 200Mi
Environment: <none>
Mounts:
/var/lib/docker/containers from varlibdockercontainers (ro)
/var/log from varlog (rw)
Volumes:
varlog:
Type: HostPath (bare host directory volume)
Path: /var/log
HostPathType:
varlibdockercontainers:
Type: HostPath (bare host directory volume)
Path: /var/lib/docker/containers
HostPathType:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfulCreate 10m daemonset-controller Created pod: fluentd-elasticsearch-w9b8q
Normal SuccessfulCreate 10m daemonset-controller Created pod: fluentd-elasticsearch-4zwp8
Normal SuccessfulCreate 10m daemonset-controller Created pod: fluentd-elasticsearch-gc5nd
[root@master ~]#
二、管理DaemonSet部署的集群守护进程集
由于每个节点只能运行一个Pod副本,DaemonSet不支持扩缩容操作。对DaemonSet的管理主要是更新和回滚。
1.对DaemonSet执行滚动更新操作
- OnDelete:在更新DaemonSet模板后,只有用户手动删除旧的Pod之后,新的Pod才会被自动创建。
- RollingUpdate:这是默认的更新策略,即滚动更新。在更新DaemonSet模板后,旧的Pod将被自动终止,并且将以受控方式自动创建新的Pod。期间,每个节点上最多只能有一个DaemonSet部署的Pod运行。
(1)检查DaemonSet的更新策略
[root@master ~]# kubectl get ds/fluentd-elasticsearch -o go-template='{{.spec.updateStrategy.type}}{{"\n"}}' -n kube-system
RollingUpdate
(2)更新DaemonSet模板中的容器镜像
[root@master ~]# kubectl set image ds/fluentd-elasticsearch fluentd-elasticsearch=quay.io/fluentd_elasticsearch/fluentd:v2.6.0 -n kube-system
daemonset.apps/fluentd-elasticsearch image updated
(3)监视DaemonSet的滚动更新状态和进度
[root@master ~]# kubectl rollout status ds/fluentd-elasticsearch -n kube-system
Waiting for daemon set "fluentd-elasticsearch" rollout to finish: 0 of 3 updated pods are available...
2.对DaemonSet执行回滚操作
(1)查看该DaemonSet的修订版本历史
[root@master ~]# kubectl rollout history ds/fluentd-elasticsearch -n kube-system
daemonset.apps/fluentd-elasticsearch
REVISION CHANGE-CAUSE
1 <none>
2 <none>
(2)直接回滚到该DaemonSet的上一版本
[root@master ~]# kubectl rollout undo ds/fluentd-elasticsearch -n kube-system
daemonset.apps/fluentd-elasticsearch rolled back
(3)监视该DaemonSet的回滚进度
[root@master ~]# kubectl rollout status ds/fluentd-elasticsearch -n kube-system
Waiting for daemon set "fluentd-elasticsearch" rollout to finish: 0 of 3 updated pods are available...
3.删除DaemonSet
(1)从名称空间中删除
[root@master ~]# kubectl delete ds fluentd-elasticsearch -n kube-system
daemonset.apps "fluentd-elasticsearch" deleted
(2)进一步验证
[root@master ~]# kubectl get pods -n kube-system -l name=fluentd-elasticsearch -o wide
No resources found in kube-system namespace.