kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add note about moved content. (#2563)

pull/2337/merge
Steve Perry 2017-02-16 13:20:48 -08:00 committed by GitHub
parent 0da9c85fd4
commit 05c1dfe76c
2 changed files with 4 additions and 247 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

135
docs/user-guide/downward-api/index.md
View File

@ -5,137 +5,6 @@ assignees:
title: Using the Downward API to Convey Pod Properties
---
It is sometimes useful for a container to have information about itself, but we
want to be careful not to over-couple containers to Kubernetes. The downward
API allows containers to consume information about themselves or the system and
expose that information how they want it, without necessarily coupling to the
Kubernetes client or REST API.
{% include user-guide-content-moved.md %}
An example of this is a "legacy" app that is already written assuming
that a particular environment variable will hold a unique identifier. While it
is often possible to "wrap" such applications, this is tedious and error prone,
and violates the goal of low coupling. Instead, the user should be able to use
the Pod's name, for example, and inject it into this well-known variable.
## Capabilities
The following information is available to a `Pod` through the downward API:
* The node's name
*   The pod's name
* The pod's namespace
* The pod's IP
* The pod's service account name
* A container's cpu limit
* A container's cpu request
* A container's memory limit
* A container's memory request
More information will be exposed through this same API over time.
## Exposing pod information into a container
Containers consume information from the downward API using environment
variables or using a volume plugin.
## Environment variables
Most environment variables in the Kubernetes API use the `value` field to carry
simple values. However, the alternate `valueFrom` field allows you to specify
a `fieldRef` to select fields from the pod's definition, and a `resourceFieldRef`
to select fields from one of its container's definition.
The `fieldRef` field is a structure that has an `apiVersion` field and a `fieldPath`
field. The `fieldPath` field is an expression designating a field of the pod. The
`apiVersion` field is the version of the API schema that the `fieldPath` is
written in terms of. If the `apiVersion` field is not specified it is
defaulted to the API version of the enclosing object.
The `fieldRef` is evaluated and the resulting value is used as the value for
the environment variable. This allows users to publish their pod's name in any
environment variable they want.
The `resourceFieldRef` is a structure that has a `containerName` field, a `resource`
field, and a `divisor` field. The `containerName` is the name of a container,
whose resource (cpu or memory) information is to be exposed. The `containerName` is
optional for environment variables and defaults to the current container. The
`resource` field is an expression designating a resource in a container, and the `divisor`
field specifies an output format of the resource being exposed. If the `divisor`
is not specified, it defaults to "1" for cpu and memory. The table shows possible
values for cpu and memory resources for `resource` and `divisor` settings:
| Setting | Cpu | Memory |
| ------------- |-------------| -----|
| resource | limits.cpu, requests.cpu| limits.memory, requests.memory|
| divisor | 1(cores), 1m(millicores) | 1(bytes), 1k(kilobytes), 1M(megabytes), 1G(gigabytes), 1T(terabytes), 1P(petabytes), 1E(exabytes), 1Ki(kibibyte), 1Mi(mebibyte), 1Gi(gibibyte), 1Ti(tebibyte), 1Pi(pebibyte), 1Ei(exbibyte)|
### Example
This is an example of a pod that consumes its name and namespace via the
downward API:
{% include code.html language="yaml" file="dapi-pod.yaml" ghlink="/docs/user-guide/downward-api/dapi-pod.yaml" %}
This is an example of a pod that consumes its container's resources via the downward API:
{% include code.html language="yaml" file="dapi-container-resources.yaml" ghlink="/docs/user-guide/downward-api/dapi-container-resources.yaml" %}
## Downward API volume
Using a similar syntax it's possible to expose pod information to containers using plain text files.
Downward API are dumped to a mounted volume. This is achieved using a `downwardAPI`
volume type and the different items represent the files to be created. `fieldPath` references the field to be exposed.
For exposing a container's resources limits and requests, `containerName` must be specified with `resourceFieldRef`.
Downward API volume permits to store more complex data like [`metadata.labels`](/docs/user-guide/labels) and [`metadata.annotations`](/docs/user-guide/annotations). Currently key/value pair set fields are saved using `key="value"` format:
```conf
key1="value1"
key2="value2"
```
In future, it will be possible to specify an output format option.
Downward API volumes can expose:
* The node's name
* The pod's name
* The pod's namespace
* The pod's labels
* The pod's annotations
* The pod's service account name
* A container's cpu limit
* A container's cpu request
* A container's memory limit
* A container's memory request
The downward API volume refreshes its data in step with the kubelet refresh loop. When labels will be modifiable on the fly without respawning the pod containers will be able to detect changes through mechanisms such as [inotify](https://en.wikipedia.org/wiki/Inotify).
In future, it will be possible to specify a specific annotation or label.
#### Projecting keys to specific paths and file permissions
You can project keys to specific paths and specific permissions on a per-file
basis. The [Secrets](/docs/user-guide/secrets/) user guide explains the syntax.
### Example
This is an example of a pod that consumes its labels and annotations via the downward API volume, labels and annotations are dumped in `/etc/labels` and in `/etc/annotations`, respectively:
{% include code.html language="yaml" file="volume/dapi-volume.yaml" ghlink="/docs/user-guide/downward-api/volume/dapi-volume.yaml" %}
This is an example of a pod that consumes its container's resources via the downward API volume.
{% include code.html language="yaml" file="volume/dapi-volume-resources.yaml" ghlink="/docs/user-guide/downward-api/volume/dapi-volume-resources.yaml" %}
For a more thorough example, see
[environment variables](/docs/user-guide/environment-guide/).
## Default values for container resource limits
If cpu and memory limits are not specified for a container, the downward API will default to the node allocatable value for cpu and memory.
[Exposing Pod Information to Containers Using a DownwardAPIVolumeFile](/docs/tasks/configure-pod-container/downward-api-volume-expose-pod-information/)

116
docs/user-guide/downward-api/volume/index.md
View File

@ -2,118 +2,6 @@
title: Downward API Volumes
---
Following this example, you will create a pod with a downward API volume.
A downward API volume is a k8s volume plugin with the ability to save some pod information in a plain text file. The pod information can be for example some [metadata](https://github.com/kubernetes/kubernetes/tree/{{page.githubbranch}}/docs/devel/api-conventions.md#metadata) or a container's [resources](/docs/user-guide/compute-resources).
{% include user-guide-content-moved.md %}
Supported metadata fields:
1. `metadata.annotations`
2. `metadata.namespace`
3. `metadata.name`
4. `metadata.labels`
Supported container's resources:
1. `limits.cpu`
2. `limits.memory`
3. `requests.cpu`
4. `requests.memory`
### Step Zero: Prerequisites
This example assumes you have a Kubernetes cluster installed and running, and the `kubectl` command line tool somewhere in your path. Please see the [gettingstarted](/docs/getting-started-guides/) for installation instructions for your platform.
### Step One: Create the pod
Use the [dapi-volume.yaml](/docs/user-guide/downward-api/volume/dapi-volume.yaml) file to create a Pod with a downward API volume which stores pod labels and pod annotations to `/etc/labels` and `/etc/annotations` respectively.
```shell
$ kubectl create -f docs/user-guide/downward-api/volume/dapi-volume.yaml
```
### Step Two: Examine pod/container output
The pod displays (every 5 seconds) the content of the dump files which can be executed via the usual `kubectl log` command
```shell
$ kubectl logs kubernetes-downwardapi-volume-example
cluster="test-cluster1"
rack="rack-22"
zone="us-est-coast"
build="two"
builder="john-doe"
kubernetes.io/config.seen="2015-08-24T13:47:23.432459138Z"
kubernetes.io/config.source="api"
```
### Internals
In pod's `/etc` directory one may find the file created by the plugin (system files elided):
```shell
$ kubectl exec kubernetes-downwardapi-volume-example -i -t -- sh
/ # ls -laR /etc
/etc:
total 4
drwxrwxrwt 3 0 0 120 Jun 1 19:55 .
drwxr-xr-x 17 0 0 4096 Jun 1 19:55 ..
drwxr-xr-x 2 0 0 80 Jun 1 19:55 ..6986_01_06_15_55_10.473583074
lrwxrwxrwx 1 0 0 31 Jun 1 19:55 ..data -> ..6986_01_06_15_55_10.473583074
lrwxrwxrwx 1 0 0 18 Jun 1 19:55 annotations -> ..data/annotations
lrwxrwxrwx 1 0 0 13 Jun 1 19:55 labels -> ..data/labels
/etc/..6986_01_06_15_55_10.473583074:
total 8
drwxr-xr-x 2 0 0 80 Jun 1 19:55 .
drwxrwxrwt 3 0 0 120 Jun 1 19:55 ..
-rw-r--r-- 1 0 0 129 Jun 1 19:55 annotations
-rw-r--r-- 1 0 0 59 Jun 1 19:55 labels
/ #
```
The file `labels` is stored in a temporary directory (`..6986_01_06_15_55_10.473583074` in the example above) which is symlinked to by `..data`. Symlinks for annotations and labels in `/etc` point to files containing the actual metadata through the `..data` indirection.  This structure allows for dynamic atomic refresh of the metadata: updates are written to a new temporary directory, and the `..data` symlink is updated atomically using `rename(2)`.
## Example of downward API volume with container resources
Use the `docs/user-guide/downward-api/volume/dapi-volume-resources.yaml` file to create a Pod with a downward API volume which stores its container's limits and requests in /etc.
```shell
$ kubectl create -f docs/user-guide/downward-api/volume/dapi-volume-resources.yaml
```
### Examine pod/container output
In pod's `/etc` directory one may find the files created by the plugin:
```shell
$ kubectl exec kubernetes-downwardapi-volume-example -i -t -- sh
/ # ls -alR /etc
/etc:
total 4
drwxrwxrwt 3 0 0 160 Jun 1 19:47 .
drwxr-xr-x 17 0 0 4096 Jun 1 19:48 ..
drwxr-xr-x 2 0 0 120 Jun 1 19:47 ..6986_01_06_15_47_23.076909525
lrwxrwxrwx 1 0 0 31 Jun 1 19:47 ..data -> ..6986_01_06_15_47_23.076909525
lrwxrwxrwx 1 0 0 16 Jun 1 19:47 cpu_limit -> ..data/cpu_limit
lrwxrwxrwx 1 0 0 18 Jun 1 19:47 cpu_request -> ..data/cpu_request
lrwxrwxrwx 1 0 0 16 Jun 1 19:47 mem_limit -> ..data/mem_limit
lrwxrwxrwx 1 0 0 18 Jun 1 19:47 mem_request -> ..data/mem_request
/etc/..6986_01_06_15_47_23.076909525:
total 16
drwxr-xr-x 2 0 0 120 Jun 1 19:47 .
drwxrwxrwt 3 0 0 160 Jun 1 19:47 ..
-rw-r--r-- 1 0 0 1 Jun 1 19:47 cpu_limit
-rw-r--r-- 1 0 0 1 Jun 1 19:47 cpu_request
-rw-r--r-- 1 0 0 8 Jun 1 19:47 mem_limit
-rw-r--r-- 1 0 0 8 Jun 1 19:47 mem_request
/ # cat /etc/cpu_limit
1
/ # cat /etc/mem_limit
67108864
/ # cat /etc/cpu_request
1
/ # cat /etc/mem_request
33554432
```
[Exposing Pod Information to Containers Using a DownwardAPIVolumeFile](/docs/tasks/configure-pod-container/downward-api-volume-expose-pod-information/)