2017-08-21 17:44:43 +08:00
<!DOCTYPE HTML>
< html lang = "zh-cn" >
< head >
< meta charset = "UTF-8" >
< meta content = "text/html; charset=utf-8" http-equiv = "Content-Type" >
< title > 2.2.9 DaemonSet · Kubernetes Handbook< / title >
< meta http-equiv = "X-UA-Compatible" content = "IE=edge" / >
< meta name = "description" content = "" >
< meta name = "generator" content = "GitBook 3.2.2" >
< meta name = "author" content = "Jimmy Song" >
< link rel = "stylesheet" href = "../gitbook/style.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-splitter/splitter.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-page-toc-button/plugin.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-image-captions/image-captions.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-page-footer-ex/style/plugin.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-search-plus/search.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-highlight/website.css" >
< link rel = "stylesheet" href = "../gitbook/gitbook-plugin-fontsettings/website.css" >
< meta name = "HandheldFriendly" content = "true" / >
< meta name = "viewport" content = "width=device-width, initial-scale=1, user-scalable=no" >
< meta name = "apple-mobile-web-app-capable" content = "yes" >
< meta name = "apple-mobile-web-app-status-bar-style" content = "black" >
< link rel = "apple-touch-icon-precomposed" sizes = "152x152" href = "../gitbook/images/apple-touch-icon-precomposed-152.png" >
< link rel = "shortcut icon" href = "../gitbook/images/favicon.ico" type = "image/x-icon" >
< link rel = "next" href = "serviceaccount.html" / >
< link rel = "prev" href = "statefulset.html" / >
< / head >
< body >
< div class = "book" >
< div class = "book-summary" >
< div id = "book-search-input" role = "search" >
< input type = "text" placeholder = "輸入並搜尋" / >
< / div >
< nav role = "navigation" >
< ul class = "summary" >
< li class = "chapter " data-level = "1.1" data-path = "../" >
< a href = "../" >
1. 前言
< / a >
< / li >
< li class = "chapter " data-level = "1.2" data-path = "./" >
< a href = "./" >
2. 概念原理
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.2.1" data-path = "concepts.html" >
< a href = "concepts.html" >
2.1 设计理念
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2" data-path = "objects.html" >
< a href = "objects.html" >
2017-09-03 13:29:38 +08:00
2.2 Objects
2017-08-21 17:44:43 +08:00
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.2.2.1" data-path = "pod-overview.html" >
< a href = "pod-overview.html" >
2.2.1 Pod
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.2.2.1.1" data-path = "pod.html" >
< a href = "pod.html" >
2.2.1.1 Pod解析
< / a >
2017-08-31 23:28:33 +08:00
< / li >
< li class = "chapter " data-level = "1.2.2.1.2" data-path = "init-containers.html" >
< a href = "init-containers.html" >
2.2.1.2 Init容器
< / a >
2017-09-03 15:58:39 +08:00
< / li >
< li class = "chapter " data-level = "1.2.2.1.3" data-path = "pod-security-policy.html" >
< a href = "pod-security-policy.html" >
2.2.1.3 Pod安全策略
< / a >
2017-08-21 17:44:43 +08:00
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.2.2.2" data-path = "node.html" >
< a href = "node.html" >
2.2.2 Node
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.3" data-path = "namespace.html" >
< a href = "namespace.html" >
2.2.3 Namespace
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.4" data-path = "service.html" >
< a href = "service.html" >
2.2.4 Service
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.5" data-path = "volume.html" >
< a href = "volume.html" >
2.2.5 Volume和Persistent Volume
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.6" data-path = "deployment.html" >
< a href = "deployment.html" >
2.2.6 Deployment
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.7" data-path = "secret.html" >
< a href = "secret.html" >
2.2.7 Secret
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.8" data-path = "statefulset.html" >
< a href = "statefulset.html" >
2.2.8 StatefulSet
< / a >
< / li >
< li class = "chapter active" data-level = "1.2.2.9" data-path = "daemonset.html" >
< a href = "daemonset.html" >
2.2.9 DaemonSet
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.10" data-path = "serviceaccount.html" >
< a href = "serviceaccount.html" >
2.2.10 ServiceAccount
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.11" data-path = "replicaset.html" >
< a href = "replicaset.html" >
2.2.11 ReplicationController和ReplicaSet
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.12" data-path = "job.html" >
< a href = "job.html" >
2.2.12 Job
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.13" data-path = "cronjob.html" >
< a href = "cronjob.html" >
2.2.13 CronJob
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.14" data-path = "ingress.html" >
< a href = "ingress.html" >
2.2.14 Ingress
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.15" data-path = "configmap.html" >
< a href = "configmap.html" >
2.2.15 ConfigMap
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.16" data-path = "horizontal-pod-autoscaling.html" >
< a href = "horizontal-pod-autoscaling.html" >
2.2.16 Horizontal Pod Autoscaling
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.17" data-path = "label.html" >
< a href = "label.html" >
2.2.17 Label
< / a >
2017-09-03 15:58:39 +08:00
< / li >
< li class = "chapter " data-level = "1.2.2.18" data-path = "garbage-collection.html" >
< a href = "garbage-collection.html" >
2.2.18 垃圾收集
< / a >
< / li >
< li class = "chapter " data-level = "1.2.2.19" data-path = "network-policy.html" >
< a href = "network-policy.html" >
2.2.19 NetworkPolicy
< / a >
2017-08-21 17:44:43 +08:00
< / li >
< / ul >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.3" data-path = "../guide/" >
< a href = "../guide/" >
3. 用户指南
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.1" data-path = "../guide/resource-configuration.html" >
< a href = "../guide/resource-configuration.html" >
3.1 资源配置
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.1.1" data-path = "../guide/configure-liveness-readiness-probes.html" >
< a href = "../guide/configure-liveness-readiness-probes.html" >
3.1.1 配置Pod的liveness和readiness探针
< / a >
< / li >
< li class = "chapter " data-level = "1.3.1.2" data-path = "../guide/configure-pod-service-account.html" >
< a href = "../guide/configure-pod-service-account.html" >
3.1.2 配置Pod的Service Account
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.3.2" data-path = "../guide/command-usage.html" >
< a href = "../guide/command-usage.html" >
3.2 命令使用
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.2.1" data-path = "../guide/using-kubectl.html" >
< a href = "../guide/using-kubectl.html" >
3.2.1 使用kubectl
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.3.3" data-path = "../guide/cluster-management.html" >
< a href = "../guide/cluster-management.html" >
3.3 集群管理
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.3.1" data-path = "../guide/managing-tls-in-a-cluster.html" >
< a href = "../guide/managing-tls-in-a-cluster.html" >
3.3.1 管理集群中的TLS
< / a >
2017-08-21 18:44:34 +08:00
< / li >
< li class = "chapter " data-level = "1.3.3.2" data-path = "../guide/kubelet-authentication-authorization.html" >
< a href = "../guide/kubelet-authentication-authorization.html" >
3.3.2 kubelet的认证授权
< / a >
< / li >
< li class = "chapter " data-level = "1.3.3.3" data-path = "../guide/tls-bootstrapping.html" >
< a href = "../guide/tls-bootstrapping.html" >
3.3.3 TLS bootstrap
< / a >
2017-08-31 14:23:44 +08:00
< / li >
< li class = "chapter " data-level = "1.3.3.4" data-path = "../guide/kubectl-user-authentication-authorization.html" >
< a href = "../guide/kubectl-user-authentication-authorization.html" >
3.3.4 kubectl的用户认证授权
< / a >
< / li >
< li class = "chapter " data-level = "1.3.3.5" data-path = "../guide/rbac.html" >
< a href = "../guide/rbac.html" >
3.3.5 RBAC——基于角色的访问控制
< / a >
2017-08-21 17:44:43 +08:00
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.3.4" data-path = "../guide/access-kubernetes-cluster.html" >
< a href = "../guide/access-kubernetes-cluster.html" >
3.4 访问 Kubernetes 集群
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.4.1" data-path = "../guide/access-cluster.html" >
< a href = "../guide/access-cluster.html" >
3.4.1 访问集群
< / a >
< / li >
< li class = "chapter " data-level = "1.3.4.2" data-path = "../guide/authenticate-across-clusters-kubeconfig.html" >
< a href = "../guide/authenticate-across-clusters-kubeconfig.html" >
3.4.2 使用 kubeconfig 文件配置跨集群认证
< / a >
< / li >
< li class = "chapter " data-level = "1.3.4.3" data-path = "../guide/connecting-to-applications-port-forward.html" >
< a href = "../guide/connecting-to-applications-port-forward.html" >
3.4.3 通过端口转发访问集群中的应用程序
< / a >
< / li >
< li class = "chapter " data-level = "1.3.4.4" data-path = "../guide/service-access-application-cluster.html" >
< a href = "../guide/service-access-application-cluster.html" >
3.4.4 使用 service 访问群集中的应用程序
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.3.5" data-path = "../guide/application-development-deployment-flow.html" >
< a href = "../guide/application-development-deployment-flow.html" >
3.5 在kubernetes中开发部署应用
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.3.5.1" data-path = "../guide/deploy-applications-in-kubernetes.html" >
< a href = "../guide/deploy-applications-in-kubernetes.html" >
3.5.1 适用于kubernetes的应用开发部署流程
< / a >
2017-08-21 18:44:34 +08:00
< / li >
< li class = "chapter " data-level = "1.3.5.2" data-path = "../guide/migrating-hadoop-yarn-to-kubernetes.html" >
< a href = "../guide/migrating-hadoop-yarn-to-kubernetes.html" >
3.5.2 迁移传统应用到kubernetes中——以Hadoop YARN为例
< / a >
2017-08-21 17:44:43 +08:00
< / li >
< / ul >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.4" data-path = "../practice/" >
< a href = "../practice/" >
4. 最佳实践
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.1" data-path = "../practice/install-kbernetes1.6-on-centos.html" >
< a href = "../practice/install-kbernetes1.6-on-centos.html" >
4.1 在CentOS上部署kubernetes1.6集群
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.1.1" data-path = "../practice/create-tls-and-secret-key.html" >
< a href = "../practice/create-tls-and-secret-key.html" >
4.1.1 创建TLS证书和秘钥
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.2" data-path = "../practice/create-kubeconfig.html" >
< a href = "../practice/create-kubeconfig.html" >
4.1.2 创建kubeconfig文件
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.3" data-path = "../practice/etcd-cluster-installation.html" >
< a href = "../practice/etcd-cluster-installation.html" >
4.1.3 创建高可用etcd集群
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.4" data-path = "../practice/kubectl-installation.html" >
< a href = "../practice/kubectl-installation.html" >
4.1.4 安装kubectl命令行工具
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.5" data-path = "../practice/master-installation.html" >
< a href = "../practice/master-installation.html" >
4.1.5 部署master节点
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.6" data-path = "../practice/node-installation.html" >
< a href = "../practice/node-installation.html" >
4.1.6 部署node节点
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.7" data-path = "../practice/kubedns-addon-installation.html" >
< a href = "../practice/kubedns-addon-installation.html" >
4.1.7 安装kubedns插件
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.8" data-path = "../practice/dashboard-addon-installation.html" >
< a href = "../practice/dashboard-addon-installation.html" >
4.1.8 安装dashboard插件
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.9" data-path = "../practice/heapster-addon-installation.html" >
< a href = "../practice/heapster-addon-installation.html" >
4.1.9 安装heapster插件
< / a >
< / li >
< li class = "chapter " data-level = "1.4.1.10" data-path = "../practice/efk-addon-installation.html" >
< a href = "../practice/efk-addon-installation.html" >
4.1.10 安装EFK插件
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.4.2" data-path = "../practice/service-discovery-and-loadbalancing.html" >
< a href = "../practice/service-discovery-and-loadbalancing.html" >
4.2 服务发现与负载均衡
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.2.1" data-path = "../practice/traefik-ingress-installation.html" >
< a href = "../practice/traefik-ingress-installation.html" >
4.2.1 安装Traefik ingress
< / a >
< / li >
< li class = "chapter " data-level = "1.4.2.2" data-path = "../practice/distributed-load-test.html" >
< a href = "../practice/distributed-load-test.html" >
4.2.2 分布式负载测试
< / a >
< / li >
< li class = "chapter " data-level = "1.4.2.3" data-path = "../practice/network-and-cluster-perfermance-test.html" >
< a href = "../practice/network-and-cluster-perfermance-test.html" >
4.2.3 网络和集群性能测试
< / a >
< / li >
< li class = "chapter " data-level = "1.4.2.4" data-path = "../practice/edge-node-configuration.html" >
< a href = "../practice/edge-node-configuration.html" >
4.2.4 边缘节点配置
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.4.3" data-path = "../practice/operation.html" >
< a href = "../practice/operation.html" >
4.3 运维管理
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.3.1" data-path = "../practice/service-rolling-update.html" >
< a href = "../practice/service-rolling-update.html" >
4.3.1 服务滚动升级
< / a >
< / li >
< li class = "chapter " data-level = "1.4.3.2" data-path = "../practice/app-log-collection.html" >
< a href = "../practice/app-log-collection.html" >
4.3.2 应用日志收集
< / a >
< / li >
< li class = "chapter " data-level = "1.4.3.3" data-path = "../practice/configuration-best-practice.html" >
< a href = "../practice/configuration-best-practice.html" >
4.3.3 配置最佳实践
< / a >
< / li >
< li class = "chapter " data-level = "1.4.3.4" data-path = "../practice/monitor.html" >
< a href = "../practice/monitor.html" >
4.3.4 集群及应用监控
< / a >
< / li >
< li class = "chapter " data-level = "1.4.3.5" data-path = "../practice/jenkins-ci-cd.html" >
< a href = "../practice/jenkins-ci-cd.html" >
4.3.5 使用Jenkins进行持续构建与发布
< / a >
< / li >
< li class = "chapter " data-level = "1.4.3.6" data-path = "../practice/data-persistence-problem.html" >
< a href = "../practice/data-persistence-problem.html" >
4.3.6 数据持久化问题
< / a >
2017-09-03 15:58:39 +08:00
< / li >
< li class = "chapter " data-level = "1.4.3.7" data-path = "../practice/manage-compute-resources-container.html" >
< a href = "../practice/manage-compute-resources-container.html" >
4.3.7 管理容器的计算资源
< / a >
2017-08-21 17:44:43 +08:00
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.4.4" data-path = "../practice/storage.html" >
< a href = "../practice/storage.html" >
4.4 存储管理
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.4.1" data-path = "../practice/glusterfs.html" >
< a href = "../practice/glusterfs.html" >
4.4.1 GlusterFS
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.4.1.1" data-path = "../practice/using-glusterfs-for-persistent-storage.html" >
< a href = "../practice/using-glusterfs-for-persistent-storage.html" >
4.4.1.1 使用GlusterFS做持久化存储
< / a >
< / li >
< li class = "chapter " data-level = "1.4.4.1.2" data-path = "../practice/storage-for-containers-using-glusterfs-with-openshift.html" >
< a href = "../practice/storage-for-containers-using-glusterfs-with-openshift.html" >
4.4.1.2 在OpenShift中使用GlusterFS做持久化存储
< / a >
2017-09-01 21:04:51 +08:00
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.4.4.2" data-path = "../practice/cephfs.html" >
< a href = "../practice/cephfs.html" >
4.4.2 CephFS
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.4.4.2.1" data-path = "../practice/using-ceph-for-persistent-storage.html" >
< a href = "../practice/using-ceph-for-persistent-storage.html" >
4.4.2.1 使用Ceph做持久化存储
< / a >
2017-08-21 17:44:43 +08:00
< / li >
< / ul >
< / li >
< / ul >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.5" data-path = "../usecases/" >
< a href = "../usecases/" >
5. 领域应用
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.5.1" data-path = "../usecases/microservices.html" >
< a href = "../usecases/microservices.html" >
5.1 微服务架构
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.5.1.1" data-path = "../usecases/istio.html" >
< a href = "../usecases/istio.html" >
5.1.1 Istio
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.5.1.1.1" data-path = "../usecases/istio-installation.html" >
< a href = "../usecases/istio-installation.html" >
5.1.1.1 安装istio
< / a >
< / li >
< li class = "chapter " data-level = "1.5.1.1.2" data-path = "../usecases/configuring-request-routing.html" >
< a href = "../usecases/configuring-request-routing.html" >
5.1.1.2 配置请求的路由规则
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.5.1.2" data-path = "../usecases/linkerd.html" >
< a href = "../usecases/linkerd.html" >
5.1.2 Linkerd
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.5.1.2.1" data-path = "../usecases/linkerd-user-guide.html" >
< a href = "../usecases/linkerd-user-guide.html" >
5.1.2.1 Linkerd 使用指南
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.5.1.3" data-path = "../usecases/service-discovery-in-microservices.html" >
< a href = "../usecases/service-discovery-in-microservices.html" >
5.1.3 微服务中的服务发现
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.5.2" data-path = "../usecases/big-data.html" >
< a href = "../usecases/big-data.html" >
5.2 大数据
< / a >
< ul class = "articles" >
2017-08-30 14:20:52 +08:00
< li class = "chapter " data-level = "1.5.2.1" data-path = "../usecases/spark-standalone-on-kubernetes.html" >
2017-08-21 17:44:43 +08:00
2017-08-30 14:20:52 +08:00
< a href = "../usecases/spark-standalone-on-kubernetes.html" >
2017-08-21 17:44:43 +08:00
2017-08-30 14:20:52 +08:00
5.2.1 Spark standalone on Kubernetes
2017-08-21 17:44:43 +08:00
< / a >
2017-08-31 14:23:44 +08:00
< / li >
< li class = "chapter " data-level = "1.5.2.2" data-path = "../usecases/support-spark-natively-in-kubernetes.html" >
< a href = "../usecases/support-spark-natively-in-kubernetes.html" >
5.2.2 运行支持kubernetes原生调度的Spark程序
< / a >
2017-08-21 17:44:43 +08:00
< / li >
< / ul >
2017-08-30 16:52:33 +08:00
< / li >
< li class = "chapter " data-level = "1.5.3" data-path = "../usecases/serverless.html" >
< a href = "../usecases/serverless.html" >
5.3 Serverless架构
< / a >
2017-08-21 17:44:43 +08:00
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.6" data-path = "../develop/" >
< a href = "../develop/" >
6. 开发指南
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.6.1" data-path = "../develop/developing-environment.html" >
< a href = "../develop/developing-environment.html" >
6.1 开发环境搭建
< / a >
< / li >
< li class = "chapter " data-level = "1.6.2" data-path = "../develop/testing.html" >
< a href = "../develop/testing.html" >
6.2 单元测试和集成测试
< / a >
< / li >
< li class = "chapter " data-level = "1.6.3" data-path = "../develop/client-go-sample.html" >
< a href = "../develop/client-go-sample.html" >
6.3 client-go示例
< / a >
< / li >
< li class = "chapter " data-level = "1.6.4" data-path = "../develop/contribute.html" >
< a href = "../develop/contribute.html" >
6.4 社区贡献
< / a >
< / li >
< / ul >
< / li >
< li class = "chapter " data-level = "1.7" data-path = "../appendix/" >
< a href = "../appendix/" >
7. 附录
< / a >
< ul class = "articles" >
< li class = "chapter " data-level = "1.7.1" data-path = "../appendix/docker-best-practice.html" >
< a href = "../appendix/docker-best-practice.html" >
7.1 Docker最佳实践
< / a >
< / li >
< li class = "chapter " data-level = "1.7.2" data-path = "../appendix/issues.html" >
< a href = "../appendix/issues.html" >
7.2 问题记录
< / a >
< / li >
< li class = "chapter " data-level = "1.7.3" data-path = "../appendix/tricks.html" >
< a href = "../appendix/tricks.html" >
7.3 使用技巧
< / a >
< / li >
< / ul >
< / li >
< li class = "divider" > < / li >
< li >
< a href = "https://www.gitbook.com" target = "blank" class = "gitbook-link" >
本書使用 GitBook 釋出
< / a >
< / li >
< / ul >
< / nav >
< / div >
< div class = "book-body" >
< div class = "body-inner" >
< div class = "book-header" role = "navigation" >
<!-- Title -->
< h1 >
< i class = "fa fa-circle-o-notch fa-spin" > < / i >
< a href = ".." > 2.2.9 DaemonSet< / a >
< / h1 >
< / div >
< div class = "page-wrapper" tabindex = "-1" role = "main" >
< div class = "page-inner" >
< div class = "search-plus" id = "book-search-results" >
< div class = "search-noresults" >
< section class = "normal markdown-section" >
< h1 id = "daemonset" > DaemonSet< / h1 >
< h2 id = "什么是-daemonset?" > 什 么 是 DaemonSet? < / h2 >
< p > < em > DaemonSet< / em > 确 保 全 部 ( 或 者 一 些 ) Node 上 运 行 一 个 Pod 的 副 本 。 当 有 Node 加 入 集 群 时 , 也 会 为 他 们 新 增 一 个 Pod 。 当 有 Node 从 集 群 移 除 时 , 这 些 Pod 也 会 被 回 收 。 删 除 DaemonSet 将 会 删 除 它 创 建 的 所 有 Pod。 < / p >
< p > 使 用 DaemonSet 的 一 些 典 型 用 法 : < / p >
< ul >
< li > 运 行 集 群 存 储 daemon, 例 如 在 每 个 Node 上 运 行 < code > glusterd< / code > 、 < code > ceph< / code > 。 < / li >
< li > 在 每 个 Node 上 运 行 日 志 收 集 daemon, 例 如 < code > fluentd< / code > 、 < code > logstash< / code > 。 < / li >
< li > 在 每 个 Node 上 运 行 监 控 daemon, 例 如 < a href = "https://github.com/prometheus/node_exporter" target = "_blank" > Prometheus Node Exporter< / a > 、 < code > collectd< / code > 、 Datadog 代 理 、 New Relic 代 理 , 或 Ganglia < code > gmond< / code > 。 < / li >
< / ul >
< p > 一 个 简 单 的 用 法 是 , 在 所 有 的 Node 上 都 存 在 一 个 DaemonSet, 将 被 作 为 每 种 类 型 的 daemon 使 用 。
一 个 稍 微 复 杂 的 用 法 可 能 是 , 对 单 独 的 每 种 类 型 的 daemon 使 用 多 个 DaemonSet, 但 具 有 不 同 的 标 志 , 和 /或 对 不 同 硬 件 类 型 具 有 不 同 的 内 存 、 CPU要 求 。 < / p >
< h2 id = "编写-daemonset-spec" > 编 写 DaemonSet Spec< / h2 >
< h3 id = "必需字段" > 必 需 字 段 < / h3 >
< p > 和 其 它 所 有 Kubernetes 配 置 一 样 , DaemonSet 需 要 < code > apiVersion< / code > 、 < code > kind< / code > 和 < code > metadata< / code > 字 段 。 有 关 配 置 文 件 的 通 用 信 息 , 详 见 文 档 < a href = "https://kubernetes.io/docs/user-guide/deploying-applications/" target = "_blank" > 部 署 应 用 < / a > 、 < a href = "https://kubernetes.io/docs/user-guide/configuring-containers/" target = "_blank" > 配 置 容 器 < / a > 和 < a href = "https://kubernetes.io/docs/concepts/tools/kubectl/object-management-overview/" target = "_blank" > 资 源 管 理 < / a > 。 < / p >
< p > DaemonSet 也 需 要 一 个 < a href = "https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status" target = "_blank" > < code > .spec< / code > < / a > 配 置 段 。 < / p >
< h3 id = "pod-模板" > Pod 模 板 < / h3 >
< p > < code > .spec< / code > 唯 一 必 需 的 字 段 是 < code > .spec.template< / code > 。 < / p >
< p > < code > .spec.template< / code > 是 一 个 < a href = "https://kubernetes.io/docs/user-guide/replication-controller/#pod-template" target = "_blank" > Pod 模 板 < / a > 。
它 与 < a href = "https://kubernetes.io/docs/user-guide/pods" target = "_blank" > Pod< / a > 具 有 相 同 的 schema, 除 了 它 是 嵌 套 的 , 而 且 不 具 有 < code > apiVersion< / code > 或 < code > kind< / code > 字 段 。 < / p >
< p > Pod 除 了 必 须 字 段 外 , 在 DaemonSet 中 的 Pod 模 板 必 须 指 定 合 理 的 标 签 ( 查 看 < a href = "#pod-selector" > pod selector< / a > ) 。 < / p >
< p > 在 DaemonSet 中 的 Pod 模 板 必 需 具 有 一 个 值 为 < code > Always< / code > 的 < a href = "https://kubernetes.io/docs/user-guide/pod-states" target = "_blank" > < code > RestartPolicy< / code > < / a > , 或 者 未 指 定 它 的 值 , 默 认 是 < code > Always< / code > 。 < / p >
< h3 id = "pod-selector" > Pod Selector< / h3 >
< p > < code > .spec.selector< / code > 字 段 表 示 Pod Selector, 它 与 < a href = "https://kubernetes.io/docs/concepts/jobs/run-to-completion-finite-workloads/" target = "_blank" > Job< / a > 或 其 它 资 源 的 < code > .sper.selector< / code > 的 原 理 是 相 同 的 。 < / p >
< p > < code > spec.selector< / code > 表 示 一 个 对 象 , 它 由 如 下 两 个 字 段 组 成 : < / p >
< ul >
< li > < code > matchLabels< / code > - 与 < a href = "https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/" target = "_blank" > ReplicationController< / a > 的 < code > .spec.selector< / code > 的 原 理 相 同 。 < / li >
< li > < code > matchExpressions< / code > - 允 许 构 建 更 加 复 杂 的 Selector, 可 以 通 过 指 定 key、 value 列 表 , 以 及 与 key 和 value 列 表 的 相 关 的 操 作 符 。 < / li >
< / ul >
< p > 当 上 述 两 个 字 段 都 指 定 时 , 结 果 表 示 的 是 AND 关 系 。 < / p >
< p > 如 果 指 定 了 < code > .spec.selector< / code > , 必 须 与 < code > .spec.template.metadata.labels< / code > 相 匹 配 。 如 果 没 有 指 定 , 它 们 默 认 是 等 价 的 。 如 果 与 它 们 配 置 的 不 匹 配 , 则 会 被 API 拒 绝 。 < / p >
< p > 如 果 Pod 的 label 与 selector 匹 配 , 或 者 直 接 基 于 其 它 的 DaemonSet、 或 者 Controller( 例 如 ReplicationController) , 也 不 可 以 创 建 任 何 Pod。
否 则 DaemonSet Controller 将 认 为 那 些 Pod 是 它 创 建 的 。 Kubernetes 不 会 阻 止 这 样 做 。 一 个 场 景 是 , 可 能 希 望 在 一 个 具 有 不 同 值 的 、 用 来 测 试 用 的 Node 上 手 动 创 建 Pod。 < / p >
< h3 id = "仅在相同的-node-上运行-pod" > 仅 在 相 同 的 Node 上 运 行 Pod< / h3 >
< p > 如 果 指 定 了 < code > .spec.template.spec.nodeSelector< / code > , DaemonSet Controller 将 在 能 够 匹 配 上 < a href = "https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" target = "_blank" > Node Selector< / a > 的 Node 上 创 建 Pod。
类 似 这 种 情 况 , 可 以 指 定 < code > .spec.template.spec.affinity< / code > , 然 后 DaemonSet Controller 将 在 能 够 匹 配 上 < a href = "https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" target = "_blank" > Node Affinity< / a > 的 Node 上 创 建 Pod。
如 果 根 本 就 没 有 指 定 , 则 DaemonSet Controller 将 在 所 有 Node 上 创 建 Pod。 < / p >
< h2 id = "如果调度-daemon-pod" > 如 果 调 度 Daemon Pod< / h2 >
< p > 正 常 情 况 下 , Pod 运 行 在 哪 个 机 器 上 是 由 Kubernetes 调 度 器 进 行 选 择 的 。 然 而 , 由 Daemon Controller 创 建 的 Pod 已 经 确 定 了 在 哪 个 机 器 上 ( Pod 创 建 时 指 定 了 < code > .spec.nodeName< / code > ) , 因 此 : < / p >
< ul >
< li > DaemonSet Controller 并 不 关 心 一 个 Node 的 < a href = "https://kubernetes.io/docs/admin/node/#manual-node-administration" target = "_blank" > < code > unschedulable< / code > < / a > 字 段 。 < / li >
< li > DaemonSet Controller 可 以 创 建 Pod, 即 使 调 度 器 还 没 有 被 启 动 , 这 对 集 群 启 动 是 非 常 有 帮 助 的 。 < / li >
< / ul >
< p > Daemon Pod 关 心 < a href = "https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature" target = "_blank" > Taint 和 Toleration< / a > , 它 们 会 为 没 有 指 定 < code > tolerationSeconds< / code > 的 < code > node.alpha.kubernetes.io/notReady< / code > 和 < code > node.alpha.kubernetes.io/unreachable< / code > 的 Taint, 而 创 建 具 有 < code > NoExecute< / code > 的 Toleration。 这 确 保 了 当 alpha 特 性 的 < code > TaintBasedEvictions< / code > 被 启 用 , 当 Node 出 现 故 障 , 比 如 网 络 分 区 , 这 时 它 们 将 不 会 被 清 除 掉 ( 当 < code > TaintBasedEvictions< / code > 特 性 没 有 启 用 , 在 这 些 场 景 下 也 不 会 被 清 除 , 但 会 因 为 NodeController 的 硬 编 码 行 为 而 被 清 除 , Toleration 是 不 会 的 ) 。 < / p >
< h2 id = "与-daemon-pod-通信" > 与 Daemon Pod 通 信 < / h2 >
< p > 与 DaemonSet 中 的 Pod 进 行 通 信 , 几 种 可 能 的 模 式 如 下 : < / p >
< ul >
< li > < strong > Push< / strong > : 配 置 DaemonSet 中 的 Pod 向 其 它 Service 发 送 更 新 , 例 如 统 计 数 据 库 。 它 们 没 有 客 户 端 。 < / li >
< li > < strong > NodeIP 和 已 知 端 口 < / strong > : DaemonSet 中 的 Pod 可 以 使 用 < code > hostPort< / code > , 从 而 可 以 通 过 Node IP 访 问 到 Pod。 客 户 端 能 通 过 某 种 方 法 知 道 Node IP 列 表 , 并 且 基 于 此 也 可 以 知 道 端 口 。 < / li >
< li > < strong > DNS< / strong > : 创 建 具 有 相 同 Pod Selector 的 < a href = "https://kubernetes.io/docs/user-guide/services/#headless-services" target = "_blank" > Headless Service< / a > , 然 后 通 过 使 用 < code > endpoints< / code > 资 源 或 从 DNS 检 索 到 多 个 A 记 录 来 发 现 DaemonSet。 < / li >
< li > < strong > Service< / strong > : 创 建 具 有 相 同 Pod Selector 的 Service, 并 使 用 该 Service 访 问 到 某 个 随 机 Node 上 的 daemon。 ( 没 有 办 法 访 问 到 特 定 Node) < / li >
< / ul >
< h2 id = "更新-daemonset" > 更 新 DaemonSet< / h2 >
< p > 如 果 修 改 了 Node Label, DaemonSet 将 立 刻 向 新 匹 配 上 的 Node 添 加 Pod, 同 时 删 除 新 近 无 法 匹 配 上 的 Node 上 的 Pod。 < / p >
< p > 可 以 修 改 DaemonSet 创 建 的 Pod。 然 而 , 不 允 许 对 Pod 的 所 有 字 段 进 行 更 新 。 当 下 次 Node( 即 使 具 有 相 同 的 名 称 ) 被 创 建 时 , DaemonSet Controller 还 会 使 用 最 初 的 模 板 。 < / p >
< p > 可 以 删 除 一 个 DaemonSet。 如 果 使 用 < code > kubectl< / code > 并 指 定 < code > --cascade=false< / code > 选 项 , 则 Pod 将 被 保 留 在 Node 上 。 然 后 可 以 创 建 具 有 不 同 模 板 的 新 DaemonSet。 具 有 不 同 模 板 的 新 DaemonSet 将 鞥 能 够 通 过 Label 匹 配 识 别 所 有 已 经 存 在 的 Pod。 它 不 会 修 改 或 删 除 它 们 , 即 使 是 错 误 匹 配 了 Pod 模 板 。 通 过 删 除 Pod 或 者 删 除 Node, 可 以 强 制 创 建 新 的 Pod。 < / p >
< p > 在 Kubernetes 1.6 或 以 后 版 本 , 可 以 在 DaemonSet 上 < a href = "https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/" target = "_blank" > 执 行 滚 动 升 级 < / a > 。 < / p >
< h3 id = "init-脚本" > init 脚 本 < / h3 >
< p > 很 可 能 通 过 直 接 在 一 个 Node 上 启 动 daemon 进 程 ( 例 如 , 使 用 < code > init< / code > 、 < code > upstartd< / code > 、 或 < code > systemd< / code > ) 。 这 非 常 好 , 然 而 基 于 DaemonSet 来 运 行 这 些 进 程 有 如 下 一 些 好 处 : < / p >
< ul >
< li > 像 对 待 应 用 程 序 一 样 , 具 备 为 daemon 提 供 监 控 和 管 理 日 志 的 能 力 。 < / li >
< li > 为 daemon 和 应 用 城 西 使 用 相 同 的 配 置 语 言 和 工 具 ( 如 Pod 模 板 、 < code > kubectl< / code > ) 。 < / li >
< li > Kubernetes 未 来 版 本 可 能 会 支 持 对 DaemonSet 创 建 Pod 与 Node升 级 工 作 流 进 行 集 成 。 < / li >
< li > 在 资 源 受 限 的 容 器 中 运 行 daemon, 能 够 增 加 daemon 和 应 用 容 器 的 隔 离 性 。 然 而 这 也 实 现 了 在 容 器 中 运 行 daemon, 但 却 不 能 在 Pod 中 运 行 ( 例 如 , 直 接 基 于 Docker 启 动 ) 。 < / li >
< / ul >
< h3 id = "裸-pod" > 裸 Pod< / h3 >
< p > 可 能 要 直 接 创 建 Pod, 同 时 指 定 其 运 行 在 特 定 的 Node 上 。
然 而 , DaemonSet 替 换 了 由 于 任 何 原 因 被 删 除 或 终 止 的 Pod, 例 如 Node 失 败 、 例 行 节 点 维 护 , 比 如 内 和 升 级 。 由 于 这 个 原 因 , 我 们 应 该 使 用 DaemonSet 而 不 是 单 独 创 建 Pod。 < / p >
< h3 id = "静态-pod" > 静 态 Pod< / h3 >
< p > 很 可 能 , 通 过 在 一 个 指 定 目 录 下 编 写 文 件 来 创 建 Pod, 该 目 录 受 Kubelet 所 监 视 。 这 些 Pod 被 称 为 < a href = "https://kubernetes.io/docs/concepts/cluster-administration/static-pod/" target = "_blank" > 静 态 Pod< / a > 。
不 像 DaemonSet, 静 态 Pod 不 受 kubectl 和 其 它 Kubernetes API 客 户 端 管 理 。 静 态 Pod 不 依 赖 于 apiserver, 这 使 得 它 们 在 集 群 启 动 的 情 况 下 非 常 有 用 。
而 且 , 未 来 静 态 Pod 可 能 会 被 废 弃 掉 。 < / p >
< h3 id = "replication-controller" > Replication Controller< / h3 >
< p > DaemonSet 与 < a href = "https://kubernetes.io/docs/user-guide/replication-controller" target = "_blank" > Replication Controller< / a > 非 常 类 似 , 它 们 都 能 创 建 Pod, 这 些 Pod 都 具 有 不 期 望 被 终 止 的 进 程 ( 例 如 , Web 服 务 器 、 存 储 服 务 器 ) 。
为 无 状 态 的 Service 使 用 Replication Controller, 像 frontend, 实 现 对 副 本 的 数 量 进 行 扩 缩 容 、 平 滑 升 级 , 比 之 于 精 确 控 制 Pod 运 行 在 某 个 主 机 上 要 重 要 得 多 。 需 要 Pod 副 本 总 是 运 行 在 全 部 或 特 定 主 机 上 , 并 需 要 先 于 其 他 Pod 启 动 , 当 这 被 认 为 非 常 重 要 时 , 应 该 使 用 Daemon Controller。 < / p >
< footer class = "page-footer-ex" > < span class = "page-footer-ex-copyright" > for GitBook< / span >                       < span class = "page-footer-ex-footer-update" > update
2017-08-21 18:44:34 +08:00
2017-08-21 18:23:34
2017-08-21 17:44:43 +08:00
< / span > < / footer >
< / section >
< / div >
< div class = "search-results" >
< div class = "has-results" >
< h1 class = "search-results-title" > < span class = 'search-results-count' > < / span > results matching "< span class = 'search-query' > < / span > "< / h1 >
< ul class = "search-results-list" > < / ul >
< / div >
< div class = "no-results" >
< h1 class = "search-results-title" > No results matching "< span class = 'search-query' > < / span > "< / h1 >
< / div >
< / div >
< / div >
< / div >
< / div >
< / div >
< a href = "statefulset.html" class = "navigation navigation-prev " aria-label = "Previous page: 2.2.8 StatefulSet" >
< i class = "fa fa-angle-left" > < / i >
< / a >
< a href = "serviceaccount.html" class = "navigation navigation-next " aria-label = "Next page: 2.2.10 ServiceAccount" >
< i class = "fa fa-angle-right" > < / i >
< / a >
< / div >
< script >
var gitbook = gitbook || [];
gitbook.push(function() {
2017-09-06 22:17:23 +08:00
gitbook.page.hasChanged({"page":{"title":"2.2.9 DaemonSet","level":"1.2.2.9","depth":3,"next":{"title":"2.2.10 ServiceAccount","level":"1.2.2.10","depth":3,"path":"concepts/serviceaccount.md","ref":"concepts/serviceaccount.md","articles":[]},"previous":{"title":"2.2.8 StatefulSet","level":"1.2.2.8","depth":3,"path":"concepts/statefulset.md","ref":"concepts/statefulset.md","articles":[]},"dir":"ltr"},"config":{"plugins":["github","codesnippet","splitter","page-toc-button","image-captions","page-footer-ex","editlink","-lunr","-search","search-plus"],"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"pluginsConfig":{"github":{"url":"https://github.com/rootsongjc/kubernetes-handbook"},"editlink":{"label":"编辑本页","multilingual":false,"base":"https://github.com/rootsongjc/kubernetes-handbook/blob/master/"},"page-footer-ex":{"copyright":"for GitBook","update_format":"YYYY-MM-DD HH:mm:ss","update_label":"update"},"splitter":{},"codesnippet":{},"fontsettings":{"theme":"white","family":"sans","size":2},"highlight":{},"page-toc-button":{},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"theme-default":{"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"showLevel":false},"search-plus":{},"image-captions":{"variable_name":"_pictures"}},"page-footer-ex":{"copyright":"Jimmy Song","update_label":"最后更新:","update_format":"YYYY-MM-DD HH:mm:ss"},"theme":"default","author":"Jimmy Song","pdf":{"pageNumbers":true,"fontSize":12,"fontFamily":"Arial","paperSize":"a4","chapterMark":"pagebreak","pageBreaksBefore":"/","margin":{"right":62,"left":62,"top":56,"bottom":56}},"structure":{"langs":"LANGS.md","readme":"README.md","glossary":"GLOSSARY.md","summary":"SUMMARY.md"},"variables":{"_pictures":[{"backlink":"concepts/index.html#fig1.2.1","level":"1.2","list_caption":"Figure: Borg架构","alt":"Borg架构","nro":1,"url":"../images/borg.png","index":1,"caption_template":"Figure: _CAPTION_","label":"Borg架构","attributes":{},"skip":false,"key":"1.2.1"},{"backlink":"concepts/index.html#fig1.2.2","level":"1.2","list_caption":"Figure: Kubernetes架构","alt":"Kubernetes架构","nro":2,"url":"../images/architecture.png","index":2,"caption_template":"Figure: _CAPTION_","label":"Kubernetes架构","attributes":{},"skip":false,"key":"1.2.2"},{"backlink":"concepts/index.html#fig1.2.3","level":"1.2","list_caption":"Figure: kubernetes整体架构示意图","alt":"kubernetes整体架构示意图","nro":3,"url":"../images/kubernetes-whole-arch.png","index":3,"caption_template":"Figure: _CAPTION_","label":"kubernetes整体架构示意图","attributes":{},"skip":false,"key":"1.2.3"},{"backlink":"concepts/index.html#fig1.2.4","level":"1.2","list_caption":"Figure: Kubernetes master架构示意图","alt":"Kubernetes master架构示意图","nro":4,"url":"../images/kubernetes-master-arch.png","index":4,"caption_template":"Figure: _CAPTION_","label":"Kubernetes master架构示意图","attributes":{},"skip":false,"key":"1.2.4"},{"backlink":"concepts/index.html#fig1.2.5","level":"1.2","list_caption":"Figure: kubernetes node架构示意图","alt":"kubernetes node架构示意图","nro":5,"url":"../images/kubernetes-node-arch.png","index":5,"caption_template":"Figure: _CAPTION_","label":"kubernetes node架构示意图","attributes":{},"skip":false,"key":"1.2.5"},{"backlink":"concepts/index.html#fig1.2.6","level":"1.2","list_caption":"Figure: Kubernetes分层架构示意图","alt":"Kubernetes分层架构示意图","nro":6,"url":"../images/kubernetes-layers-arch.jpg","index":6,"caption_template":"Figure: _CAPTION_","label":"Kubernetes分层架构示意图","attributes":{},"skip":false,"key":"1.2.6"},{"backlink":"concepts/concepts.html#fig1.2.1.1","level":"1.2.1","list_caption":"Figure: 分层架构示<E69E84> <E7A4BA>
2017-08-21 17:44:43 +08:00
});
< / script >
< / div >
< script src = "../gitbook/gitbook.js" > < / script >
< script src = "../gitbook/theme.js" > < / script >
< script src = "../gitbook/gitbook-plugin-github/plugin.js" > < / script >
< script src = "../gitbook/gitbook-plugin-splitter/splitter.js" > < / script >
< script src = "../gitbook/gitbook-plugin-page-toc-button/plugin.js" > < / script >
< script src = "../gitbook/gitbook-plugin-editlink/plugin.js" > < / script >
< script src = "../gitbook/gitbook-plugin-search-plus/jquery.mark.min.js" > < / script >
< script src = "../gitbook/gitbook-plugin-search-plus/search.js" > < / script >
< script src = "../gitbook/gitbook-plugin-sharing/buttons.js" > < / script >
< script src = "../gitbook/gitbook-plugin-fontsettings/fontsettings.js" > < / script >
< / body >
< / html >