5.4.1 创建DaemonSet资源对象
DaemonSet控制器的spec字段中嵌套使用的字段同样主要包括了前面讲到的Pod控制器资源支持的 selector、template和minReadySeconds,并且功能和用法基本相同,但他不支持使用replicas,毕竟DaemonSet并不是基于期望的副本数来控制Pod资源数量,而是基于节点数量,但是template是必选字段。
下面的资源清单文件(filebeat-ds.yaml)示例中定义了一个名为filebeat-ds的DaemonSet控制器,它将在每个节点上运行一个filebeat进程以收集容器相关的日志数据:
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: filebeat-ds
labels:
app: filebeat
spec:
selector:
matchLabels:
app: filebeat
template:
metadata:
labels:
app: filebeat
name: filebeat
spec:
containers:
- name: filebeat
image: ikubernetes/filebeat:5.6.5-alpine
env:
- name: REDIS_HOST
value: db.ilinux.io:6379
- name: LOG_LEVEL
value: info
通过清单文件创建DaemonSet资源的命令与其他资源的创建并无不同:
**[terminal]
**[delimiter $ ]**[command kubectl apply -f filebeat-ds.yaml]
daemonset.apps "filebeat-ds" created
自 Kubernetes 1.8 版本起,DaemonSet 也必须使用 selector 来匹配 Pod 模板中指定的标签,而且它也支持matchLabels和matchExpressions两种标签选择器。
与其他资源对象相同,用户也可以使用“kubectl describe”命令查看DaemonSet对象的详细信息。下面命令的结果信息中,Node-Selector字段的值为空,表示它需要运行于集群中的每个节点之上。而当前集群的节点数量为5,因此,其期望的Pod副本数(Desired Number of Nodes Scheduled)为5,而当前也已经成功创建了5个相关的Pod对象:
**[terminal]
**[delimiter $ ]**[command kubectl describe daemonsets.apps -n kube-prometheus prometheus-stack-prometheus-node-exporter]
Name: prometheus-stack-prometheus-node-exporter
Selector: app=prometheus-node-exporter,release=prometheus-stack
Node-Selector: <none>
Labels: app=prometheus-node-exporter
app.kubernetes.io/managed-by=Helm
chart=prometheus-node-exporter-1.11.2
heritage=Helm
jobLabel=node-exporter
release=prometheus-stack
Annotations: deprecated.daemonset.template.generation: 1
meta.helm.sh/release-name: prometheus-stack
meta.helm.sh/release-namespace: kube-prometheus
Desired Number of Nodes Scheduled: 5
Current Number of Nodes Scheduled: 5
Number of Nodes Scheduled with Up-to-date Pods: 5
Number of Nodes Scheduled with Available Pods: 5
Number of Nodes Misscheduled: 0
Pods Status: 5 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
Labels: app=prometheus-node-exporter
chart=prometheus-node-exporter-1.11.2
heritage=Helm
jobLabel=node-exporter
release=prometheus-stack
Service Account: prometheus-stack-prometheus-node-exporter
Containers:
node-exporter:
Image: quay.io/prometheus/node-exporter:v1.0.1
Port: 9100/TCP
Host Port: 9100/TCP
Args:
--path.procfs=/host/proc
--path.sysfs=/host/sys
--web.listen-address=$(HOST_IP):9100
--collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+)($|/)
--collector.filesystem.ignored-fs-types=^(autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|sysfs|tracefs)$
Liveness: http-get http://:9100/ delay=0s timeout=1s period=10s #success=1 #failure=3
Readiness: http-get http://:9100/ delay=0s timeout=1s period=10s #success=1 #failure=3
Environment:
HOST_IP: 0.0.0.0
Mounts:
/host/proc from proc (ro)
/host/sys from sys (ro)
Volumes:
proc:
Type: HostPath (bare host directory volume)
Path: /proc
HostPathType:
sys:
Type: HostPath (bare host directory volume)
Path: /sys
HostPathType:
Events: <none>
根据DaemonSet资源本身的意义,prometheus-stack-prometheus-node-exporter 控制器成功创建的5个Pod对象应该分别运行于集群中的每个节点之上,这一点可以通过如下命令进行验证:
**[terminal]
**[delimiter $ ]**[command kubectl get pods -n kube-prometheus -l app=prometheus-node-exporter -o custom-columns=NAME:metadata.name,NODE:spec.nodeName]
NAME NODE
prometheus-stack-prometheus-node-exporter-76zbp node3
prometheus-stack-prometheus-node-exporter-djvdn node5
prometheus-stack-prometheus-node-exporter-qrbfp node1
prometheus-stack-prometheus-node-exporter-zdg6z node4
prometheus-stack-prometheus-node-exporter-zx2gz node2
集群中的部分工作节点偶尔也需要将Pod对象以单一实例形式运行的情况,例如对于拥有特殊硬件的节点来说,可能会需要为其运行特定的监控代理程序(agent)程序,等等。其实实现方式与前面讲到的Pod资源的节点绑定机制类似,只需要在Pod模板的spec字段中嵌套使用nodeSelector字段,并确保其值定义的标签选择器于部分特定工作节点的标签匹配即可。