kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[zh] sync pods-and-endpoint-termination-flow.md

pull/42464/head
windsonsea 2023-08-09 08:57:38 +08:00
parent 6a6bf06972
commit 77afa1f57b
4 changed files with 59 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
content/zh-cn/docs/tutorials/services/connect-applications-service.md
View File

@ -55,7 +55,7 @@ Create an nginx Pod, and note that it has a container port specification:
我们在之前的示例中已经做过,然而让我们以网络连接的视角再重做一遍。
创建一个 Nginx Pod注意其中包含一个容器端口的规约
{{< codenew file="service/networking/run-my-nginx.yaml" >}}
{{< code file="service/networking/run-my-nginx.yaml" >}}
<!--
This makes it accessible from any node in your cluster. Check the nodes the Pod is running on:
@ -149,7 +149,7 @@ This is equivalent to `kubectl apply -f` the following yaml:
-->
这等价于使用 `kubectl create -f` 命令及如下的 yaml 文件创建:
{{< codenew file="service/networking/nginx-svc.yaml" >}}
{{< code file="service/networking/nginx-svc.yaml" >}}
<!--
This specification will create a Service which targets TCP port 80 on any Pod
@ -449,6 +449,15 @@ Following are the manual steps to follow in case you run into problems running m
-->
以下是你在运行 make 时遇到问题时要遵循的手动步骤(例如,在 Windows 上):
<!--
```shell
# Create a public private key pair
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /d/tmp/nginx.key -out /d/tmp/nginx.crt -subj "/CN=my-nginx/O=my-nginx"
# Convert the keys to base64 encoding
cat /d/tmp/nginx.crt | base64
cat /d/tmp/nginx.key | base64
```
-->
```shell
# 创建公钥和相对应的私钥
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /d/tmp/nginx.key -out /d/tmp/nginx.crt -subj "/CN=my-nginx/O=my-nginx"
@ -461,7 +470,7 @@ cat /d/tmp/nginx.key | base64
Use the output from the previous commands to create a yaml file as follows.
The base64 encoded value should all be on a single line.
-->
使用前面命令的输出来创建 yaml 文件,如下所示。 base64 编码的值应全部放在一行上。
如下所示,使用上述命令的输出来创建 yaml 文件。base64 编码的值应全部放在一行上。
```yaml
apiVersion: "v1"
@ -495,7 +504,7 @@ in the secret, and the Service, to expose both ports (80 and 443):
-->
现在修改 Nginx 副本以启动一个使用 Secret 中的证书的 HTTPS 服务器以及相应的用于暴露其端口80 和 443的 Service
{{< codenew file="service/networking/nginx-secure-app.yaml" >}}
{{< code file="service/networking/nginx-secure-app.yaml" >}}
<!--
Noteworthy points about the nginx-secure-app manifest:
@ -548,7 +557,7 @@ for simplicity, the pod only needs nginx.crt to access the Service):
通过创建 Service我们连接了在证书中的 CName 与在 Service 查询时被 Pod 使用的实际 DNS 名字。
让我们从一个 Pod 来测试(为了方便,这里使用同一个 SecretPod 仅需要使用 nginx.crt 去访问 Service
{{< codenew file="service/networking/curlpod.yaml" >}}
{{< code file="service/networking/curlpod.yaml" >}}
```shell
kubectl apply -f ./curlpod.yaml

60
content/zh-cn/docs/tutorials/services/pods-and-endpoint-termination-flow.md
View File

@ -61,62 +61,18 @@ Let's say you have a Deployment containing of a single `nginx` replica
假设你有包含单个 nginx 副本(仅用于演示目的)的一个 Deployment 和一个 Service
{{< codenew file="service/pod-with-graceful-termination.yaml" >}}
{{% code file="service/pod-with-graceful-termination.yaml" %}}
{{% code file="service/explore-graceful-termination-nginx.yaml" %}}
<!--
# extra long grace period
# Real life termination may take any time up to terminationGracePeriodSeconds.
# In this example - just hang around for at least the duration of terminationGracePeriodSeconds,
# at 120 seconds container will be forcibly terminated.
# Note, all this time nginx will keep processing requests.
Now create the Deployment Pod and Service using the above files:
-->
```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
terminationGracePeriodSeconds: 120 # 超长优雅期
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
lifecycle:
preStop:
exec:
# 实际生产环境中的 Pod 终止可能需要执行任何时长,但不会超过 terminationGracePeriodSeconds。
# 在本例中,只需挂起至少 terminationGracePeriodSeconds 所指定的持续时间,
# 在 120 秒时容器将被强制终止。
# 请注意,在所有这些时间点 nginx 都将继续处理请求。
command: [
"/bin/sh", "-c", "sleep 180"
]
现在使用以上文件创建 Deployment Pod 和 Service
---
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
```shell
kubectl apply -f pod-with-graceful-termination.yaml
kubectl apply -f explore-graceful-termination-nginx.yaml
```
<!--

27
content/zh-cn/docs/tutorials/services/source-ip.md
View File

@ -2,7 +2,7 @@
title: 使用源 IP
content_type: tutorial
min-kubernetes-server-version: v1.5
weight: 10
weight: 40
---
<!--
title: Using Source IP
@ -154,6 +154,7 @@ Get the proxy mode on one of the nodes (kube-proxy listens on port 10249):
# 在要查询的节点上的 Shell 中运行
curl http://localhost:10249/proxyMode
```
<!--
The output is:
-->
@ -222,6 +223,7 @@ You can then run a command inside that Pod:
# 从 “kubectl run” 的终端中运行
ip addr
```
```
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
@ -303,6 +305,7 @@ port allocated above.
```shell
for node in $NODES; do curl -s $node:$NODEPORT | grep -i client_address; done
```
<!--
The output is similar to:
-->
@ -386,6 +389,7 @@ for node in $NODES; do curl --connect-timeout 1 -s $node:$NODEPORT | grep -i cli
The output is similar to:
-->
输出类似于:
```
client_address=198.51.100.79
```
@ -447,6 +451,7 @@ kubectl expose deployment source-ip-app --name=loadbalancer --port=80 --target-p
The output is:
-->
输出为:
```
service/loadbalancer exposed
```
@ -455,13 +460,16 @@ service/loadbalancer exposed
Print out the IP addresses of the Service:
-->
打印 Service 的 IP 地址:
```console
kubectl get svc loadbalancer
```
<!--
The output is similar to this:
-->
输出类似于:
```
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
loadbalancer LoadBalancer 10.0.65.118 203.0.113.140 80/TCP 5m
@ -471,13 +479,16 @@ loadbalancer LoadBalancer 10.0.65.118 203.0.113.140 80/TCP 5m
Next, send a request to this Service's external-ip:
-->
接下来,发送请求到 Service 的 的外部 IPExternal-IP
```shell
curl 203.0.113.140
```
<!--
The output is similar to this:
-->
输出类似于:
```
CLIENT VALUES:
client_address=10.240.0.5
@ -524,6 +535,7 @@ kubectl get svc loadbalancer -o yaml | grep -i healthCheckNodePort
The output is similar to this:
-->
输出类似于:
```yaml
healthCheckNodePort: 32122
```
@ -542,6 +554,7 @@ kubectl get pod -o wide -l app=source-ip-app
The output is similar to this:
-->
输出类似于:
```
NAME READY STATUS RESTARTS AGE IP NODE
source-ip-app-826191075-qehz4 1/1 Running 0 20h 10.180.1.136 kubernetes-node-6jst
@ -551,10 +564,15 @@ source-ip-app-826191075-qehz4 1/1 Running 0 20h 10.180.
Use `curl` to fetch the `/healthz` endpoint on various nodes:
-->
使用 `curl` 获取各个节点上的 `/healthz` 端点:
<!--
# Run this locally on a node you choose
-->
```shell
# 在你选择的节点上本地运行
curl localhost:32122/healthz
```
```
1 Service Endpoints found
```
@ -563,10 +581,15 @@ curl localhost:32122/healthz
On a different node you might get a different result:
-->
在不同的节点上,你可能会得到不同的结果:
<!--
# Run this locally on a node you choose
-->
```shell
# 在你选择的节点上本地运行
curl localhost:32122/healthz
```
```
No Service Endpoints Found
```
@ -586,10 +609,12 @@ then use `curl` to query the IPv4 address of the load balancer:
```shell
curl 203.0.113.140
```
<!--
The output is similar to this:
-->
输出类似于:
```
CLIENT VALUES:
client_address=198.51.100.79

11
content/zh-cn/examples/service/explore-graceful-termination-nginx.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80