Merge pull request #19823 from VineethReddy02/vineeth-merged-master-into-dev-1.18-for-syncup
Merged master into dev-1.18 for syncuppull/19116/head
commit
f115a2bf52
|
@ -578,6 +578,9 @@ section
|
||||||
li
|
li
|
||||||
display: inline-block
|
display: inline-block
|
||||||
height: 100%
|
height: 100%
|
||||||
|
margin-right: 10px
|
||||||
|
&:last-child
|
||||||
|
margin-right: 0
|
||||||
|
|
||||||
a
|
a
|
||||||
display: block
|
display: block
|
||||||
|
@ -598,11 +601,11 @@ section
|
||||||
#vendorStrip
|
#vendorStrip
|
||||||
line-height: 44px
|
line-height: 44px
|
||||||
max-width: 100%
|
max-width: 100%
|
||||||
overflow-x: auto
|
|
||||||
-webkit-overflow-scrolling: touch
|
-webkit-overflow-scrolling: touch
|
||||||
|
|
||||||
ul
|
ul
|
||||||
float: none
|
float: none
|
||||||
|
overflow-x: auto
|
||||||
|
|
||||||
#searchBox
|
#searchBox
|
||||||
float: none
|
float: none
|
||||||
|
@ -1052,6 +1055,9 @@ dd
|
||||||
a.issue
|
a.issue
|
||||||
margin-left: 0px
|
margin-left: 0px
|
||||||
|
|
||||||
|
.gridPageHome .flyout-button
|
||||||
|
display: none
|
||||||
|
|
||||||
.feedback--no
|
.feedback--no
|
||||||
margin-left: 1em
|
margin-left: 1em
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@ title: Kubernetes Dokumentation
|
||||||
noedit: true
|
noedit: true
|
||||||
cid: docsHome
|
cid: docsHome
|
||||||
layout: docsportal_home
|
layout: docsportal_home
|
||||||
class: gridPage
|
class: gridPage gridPageHome
|
||||||
linkTitle: "Home"
|
linkTitle: "Home"
|
||||||
main_menu: true
|
main_menu: true
|
||||||
weight: 10
|
weight: 10
|
||||||
|
|
|
@ -68,13 +68,7 @@ resource requests/limits of that type for each Container in the Pod.
|
||||||
## Meaning of CPU
|
## Meaning of CPU
|
||||||
|
|
||||||
Limits and requests for CPU resources are measured in *cpu* units.
|
Limits and requests for CPU resources are measured in *cpu* units.
|
||||||
One cpu, in Kubernetes, is equivalent to:
|
One cpu, in Kubernetes, is equivalent to **1 vCPU/Core** for cloud providers and **1 hyperthread** on bare-metal Intel processors.
|
||||||
|
|
||||||
- 1 AWS vCPU
|
|
||||||
- 1 GCP Core
|
|
||||||
- 1 Azure vCore
|
|
||||||
- 1 IBM vCPU
|
|
||||||
- 1 *Hyperthread* on a bare-metal Intel processor with Hyperthreading
|
|
||||||
|
|
||||||
Fractional requests are allowed. A Container with
|
Fractional requests are allowed. A Container with
|
||||||
`spec.containers[].resources.requests.cpu` of `0.5` is guaranteed half as much
|
`spec.containers[].resources.requests.cpu` of `0.5` is guaranteed half as much
|
||||||
|
|
|
@ -312,6 +312,10 @@ spec:
|
||||||
server: 172.17.0.2
|
server: 172.17.0.2
|
||||||
```
|
```
|
||||||
|
|
||||||
|
{{< note >}}
|
||||||
|
Helper programs relating to the volume type may be required for consumption of a PersistentVolume within a cluster. In this example, the PersistentVolume is of type NFS and the helper program /sbin/mount.nfs is required to support the mounting of NFS filesystems.
|
||||||
|
{{< /note >}}
|
||||||
|
|
||||||
### Capacity
|
### Capacity
|
||||||
|
|
||||||
Generally, a PV will have a specific storage capacity. This is set using the PV's `capacity` attribute. See the Kubernetes [Resource Model](https://git.k8s.io/community/contributors/design-proposals/scheduling/resources.md) to understand the units expected by `capacity`.
|
Generally, a PV will have a specific storage capacity. This is set using the PV's `capacity` attribute. See the Kubernetes [Resource Model](https://git.k8s.io/community/contributors/design-proposals/scheduling/resources.md) to understand the units expected by `capacity`.
|
||||||
|
|
|
@ -14,10 +14,10 @@ This page gives writing style guidelines for the Kubernetes documentation.
|
||||||
These are guidelines, not rules. Use your best judgment, and feel free to
|
These are guidelines, not rules. Use your best judgment, and feel free to
|
||||||
propose changes to this document in a pull request.
|
propose changes to this document in a pull request.
|
||||||
|
|
||||||
For additional information on creating new content for the Kubernetes
|
For additional information on creating new content for the Kubernetes
|
||||||
documentation, read the [Documentation Content
|
documentation, read the [Documentation Content
|
||||||
Guide](/docs/contribute/style/content-guide/) and follow the instructions on
|
Guide](/docs/contribute/style/content-guide/) and follow the instructions on
|
||||||
[using page templates](/docs/contribute/style/page-templates/) and [creating a
|
[using page templates](/docs/contribute/style/page-templates/) and [creating a
|
||||||
documentation pull request](/docs/contribute/start/#improve-existing-content).
|
documentation pull request](/docs/contribute/start/#improve-existing-content).
|
||||||
|
|
||||||
{{% /capture %}}
|
{{% /capture %}}
|
||||||
|
@ -58,11 +58,11 @@ leads to an awkward construction.
|
||||||
{{< table caption = "Do and Don't - API objects" >}}
|
{{< table caption = "Do and Don't - API objects" >}}
|
||||||
Do | Don't
|
Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
The Pod has two containers. | The pod has two containers.
|
The Pod has two containers. | The pod has two containers.
|
||||||
The Deployment is responsible for ... | The Deployment object is responsible for ...
|
The Deployment is responsible for ... | The Deployment object is responsible for ...
|
||||||
A PodList is a list of Pods. | A Pod List is a list of pods.
|
A PodList is a list of Pods. | A Pod List is a list of pods.
|
||||||
The two ContainerPorts ... | The two ContainerPort objects ...
|
The two ContainerPorts ... | The two ContainerPort objects ...
|
||||||
The two ContainerStateTerminated objects ... | The two ContainerStateTerminateds ...
|
The two ContainerStateTerminated objects ... | The two ContainerStateTerminateds ...
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
|
|
||||||
|
@ -83,11 +83,11 @@ represents.
|
||||||
Do | Don't
|
Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
Click **Fork**. | Click "Fork".
|
Click **Fork**. | Click "Fork".
|
||||||
Select **Other**. | Select "Other".
|
Select **Other**. | Select "Other".
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
### Use italics to define or introduce new terms
|
### Use italics to define or introduce new terms
|
||||||
|
|
||||||
{{< table caption = "Do and Don't - Use italics for new terms" >}}
|
{{< table caption = "Do and Don't - Use italics for new terms" >}}
|
||||||
Do | Don't
|
Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
|
@ -102,7 +102,7 @@ Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
Open the `envars.yaml` file. | Open the envars.yaml file.
|
Open the `envars.yaml` file. | Open the envars.yaml file.
|
||||||
Go to the `/docs/tutorials` directory. | Go to the /docs/tutorials directory.
|
Go to the `/docs/tutorials` directory. | Go to the /docs/tutorials directory.
|
||||||
Open the `/_data/concepts.yaml` file. | Open the /_data/concepts.yaml file.
|
Open the `/_data/concepts.yaml` file. | Open the /\_data/concepts.yaml file.
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
### Use the international standard for punctuation inside quotes
|
### Use the international standard for punctuation inside quotes
|
||||||
|
@ -119,18 +119,18 @@ The copy is called a "fork". | The copy is called a "fork."
|
||||||
### Use code style for inline code and commands
|
### Use code style for inline code and commands
|
||||||
|
|
||||||
For inline code in an HTML document, use the `<code>` tag. In a Markdown
|
For inline code in an HTML document, use the `<code>` tag. In a Markdown
|
||||||
document, use the backtick (`).
|
document, use the backtick (`` ` ``).
|
||||||
|
|
||||||
{{< table caption = "Do and Don't - Use code style for inline code and commands" >}}
|
{{< table caption = "Do and Don't - Use code style for inline code and commands" >}}
|
||||||
Do | Don't
|
Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
The `kubectl run`command creates a Deployment. | The "kubectl run" command creates a Deployment.
|
The `kubectl run`command creates a Deployment. | The "kubectl run" command creates a Deployment.
|
||||||
For declarative management, use `kubectl apply`. | For declarative management, use "kubectl apply".
|
For declarative management, use `kubectl apply`. | For declarative management, use "kubectl apply".
|
||||||
Enclose code samples with triple backticks. `(```)`| Enclose code samples with any other syntax.
|
Enclose code samples with triple backticks. (\`\`\`)| Enclose code samples with any other syntax.
|
||||||
Use single backticks to enclose inline code. For example, `var example = true`. | Use two asterisks (**) or an underscore (_) to enclose inline code. For example, **var example = true**.
|
Use single backticks to enclose inline code. For example, `var example = true`. | Use two asterisks (`**`) or an underscore (`_`) to enclose inline code. For example, **var example = true**.
|
||||||
Use triple backticks before and after a multi-line block of code for fenced code blocks. | Use multi-line blocks of code to create diagrams, flowcharts, or other illustrations.
|
Use triple backticks before and after a multi-line block of code for fenced code blocks. | Use multi-line blocks of code to create diagrams, flowcharts, or other illustrations.
|
||||||
Use meaningful variable names that have a context. | Use variable names such as 'foo','bar', and 'baz' that are not meaningful and lack context.
|
Use meaningful variable names that have a context. | Use variable names such as 'foo','bar', and 'baz' that are not meaningful and lack context.
|
||||||
Remove trailing spaces in the code. | Add trailing spaces in the code, where these are important, because the screen reader will read out the spaces as well.
|
Remove trailing spaces in the code. | Add trailing spaces in the code, where these are important, because the screen reader will read out the spaces as well.
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
{{< note >}}
|
{{< note >}}
|
||||||
|
@ -185,7 +185,7 @@ Do | Don't
|
||||||
Set the value of `imagePullPolicy` to Always. | Set the value of `imagePullPolicy` to "Always".
|
Set the value of `imagePullPolicy` to Always. | Set the value of `imagePullPolicy` to "Always".
|
||||||
Set the value of `image` to nginx:1.16. | Set the value of `image` to `nginx:1.16`.
|
Set the value of `image` to nginx:1.16. | Set the value of `image` to `nginx:1.16`.
|
||||||
Set the value of the `replicas` field to 2. | Set the value of the `replicas` field to `2`.
|
Set the value of the `replicas` field to 2. | Set the value of the `replicas` field to `2`.
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
|
|
||||||
## Code snippet formatting
|
## Code snippet formatting
|
||||||
|
@ -196,7 +196,7 @@ Set the value of the `replicas` field to 2. | Set the value of the `replicas` fi
|
||||||
Do | Don't
|
Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
kubectl get pods | $ kubectl get pods
|
kubectl get pods | $ kubectl get pods
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
|
|
||||||
### Separate commands from output
|
### Separate commands from output
|
||||||
|
@ -214,7 +214,7 @@ The output is similar to this:
|
||||||
|
|
||||||
Code examples and configuration examples that include version information should be consistent with the accompanying text.
|
Code examples and configuration examples that include version information should be consistent with the accompanying text.
|
||||||
|
|
||||||
If the information is version specific, the Kubernetes version needs to be defined in the `prerequisites` section of the [Task template](/docs/contribute/style/page-templates/#task-template) or the [Tutorial template] (/docs/contribute/style/page-templates/#tutorial-template). Once the page is saved, the `prerequisites` section is shown as **Before you begin**.
|
If the information is version specific, the Kubernetes version needs to be defined in the `prerequisites` section of the [Task template](/docs/contribute/style/page-templates/#task-template) or the [Tutorial template](/docs/contribute/style/page-templates/#tutorial-template). Once the page is saved, the `prerequisites` section is shown as **Before you begin**.
|
||||||
|
|
||||||
To specify the Kubernetes version for a task or tutorial page, include `min-kubernetes-server-version` in the front matter of the page.
|
To specify the Kubernetes version for a task or tutorial page, include `min-kubernetes-server-version` in the front matter of the page.
|
||||||
|
|
||||||
|
@ -251,11 +251,11 @@ Kubernetes | Kubernetes should always be capitalized.
|
||||||
Docker | Docker should always be capitalized.
|
Docker | Docker should always be capitalized.
|
||||||
SIG Docs | SIG Docs rather than SIG-DOCS or other variations.
|
SIG Docs | SIG Docs rather than SIG-DOCS or other variations.
|
||||||
On-premises | On-premises or On-prem rather than On-premise or other variations.
|
On-premises | On-premises or On-prem rather than On-premise or other variations.
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
## Shortcodes
|
## Shortcodes
|
||||||
|
|
||||||
Hugo [Shortcodes](https://gohugo.io/content-management/shortcodes) help create different rhetorical appeal levels. Our documentation supports three different shortcodes in this category: **Note** {{</* note */>}}, **Caution** {{</* caution */>}}, and **Warning** {{</* warning */>}}.
|
Hugo [Shortcodes](https://gohugo.io/content-management/shortcodes) help create different rhetorical appeal levels. Our documentation supports three different shortcodes in this category: **Note** `{{</* note */>}}`, **Caution** `{{</* caution */>}}`, and **Warning** `{{</* warning */>}}`.
|
||||||
|
|
||||||
1. Surround the text with an opening and closing shortcode.
|
1. Surround the text with an opening and closing shortcode.
|
||||||
|
|
||||||
|
@ -275,7 +275,7 @@ The prefix you choose is the same text for the tag.
|
||||||
|
|
||||||
### Note
|
### Note
|
||||||
|
|
||||||
Use {{</* note */>}} to highlight a tip or a piece of information that may be helpful to know.
|
Use `{{</* note */>}}` to highlight a tip or a piece of information that may be helpful to know.
|
||||||
|
|
||||||
For example:
|
For example:
|
||||||
|
|
||||||
|
@ -291,7 +291,7 @@ The output is:
|
||||||
You can _still_ use Markdown inside these callouts.
|
You can _still_ use Markdown inside these callouts.
|
||||||
{{< /note >}}
|
{{< /note >}}
|
||||||
|
|
||||||
You can use a {{</* note */>}} in a list:
|
You can use a `{{</* note */>}}` in a list:
|
||||||
|
|
||||||
```
|
```
|
||||||
1. Use the note shortcode in a list
|
1. Use the note shortcode in a list
|
||||||
|
@ -323,7 +323,7 @@ The output is:
|
||||||
|
|
||||||
### Caution
|
### Caution
|
||||||
|
|
||||||
Use {{</* caution */>}} to call attention to an important piece of information to avoid pitfalls.
|
Use `{{</* caution */>}}` to call attention to an important piece of information to avoid pitfalls.
|
||||||
|
|
||||||
For example:
|
For example:
|
||||||
|
|
||||||
|
@ -341,7 +341,7 @@ The callout style only applies to the line directly above the tag.
|
||||||
|
|
||||||
### Warning
|
### Warning
|
||||||
|
|
||||||
Use {{</* warning */>}} to indicate danger or a piece of information that is crucial to follow.
|
Use `{{</* warning */>}}` to indicate danger or a piece of information that is crucial to follow.
|
||||||
|
|
||||||
For example:
|
For example:
|
||||||
|
|
||||||
|
@ -359,11 +359,11 @@ Beware.
|
||||||
|
|
||||||
### Katacoda Embedded Live Environment
|
### Katacoda Embedded Live Environment
|
||||||
|
|
||||||
This button lets users run Minikube in their browser using the [Katacoda Terminal](https://www.katacoda.com/embed/panel).
|
This button lets users run Minikube in their browser using the [Katacoda Terminal](https://www.katacoda.com/embed/panel).
|
||||||
It lowers the barrier of entry by allowing users to use Minikube with one click instead of going through the complete
|
It lowers the barrier of entry by allowing users to use Minikube with one click instead of going through the complete
|
||||||
Minikube and Kubectl installation process locally.
|
Minikube and Kubectl installation process locally.
|
||||||
|
|
||||||
The Embedded Live Environment is configured to run `minikube start` and lets users complete tutorials in the same window
|
The Embedded Live Environment is configured to run `minikube start` and lets users complete tutorials in the same window
|
||||||
as the documentation.
|
as the documentation.
|
||||||
|
|
||||||
{{< caution >}}
|
{{< caution >}}
|
||||||
|
@ -376,7 +376,7 @@ For example:
|
||||||
{{</* kat-button */>}}
|
{{</* kat-button */>}}
|
||||||
```
|
```
|
||||||
|
|
||||||
The output is:
|
The output is:
|
||||||
|
|
||||||
{{< kat-button >}}
|
{{< kat-button >}}
|
||||||
|
|
||||||
|
@ -391,7 +391,7 @@ For example:
|
||||||
1. Preheat oven to 350˚F
|
1. Preheat oven to 350˚F
|
||||||
|
|
||||||
1. Prepare the batter, and pour into springform pan.
|
1. Prepare the batter, and pour into springform pan.
|
||||||
{{</* note */>}}Grease the pan for best results.{{</* /note */>}}
|
`{{</* note */>}}Grease the pan for best results.{{</* /note */>}}`
|
||||||
|
|
||||||
1. Bake for 20-25 minutes or until set.
|
1. Bake for 20-25 minutes or until set.
|
||||||
|
|
||||||
|
@ -429,9 +429,9 @@ Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
Update the title in the front matter of the page or blog post. | Use first level heading, as Hugo automatically converts the title in the front matter of the page into a first-level heading.
|
Update the title in the front matter of the page or blog post. | Use first level heading, as Hugo automatically converts the title in the front matter of the page into a first-level heading.
|
||||||
Use ordered headings to provide a meaningful high-level outline of your content. | Use headings level 4 through 6, unless it is absolutely necessary. If your content is that detailed, it may need to be broken into separate articles.
|
Use ordered headings to provide a meaningful high-level outline of your content. | Use headings level 4 through 6, unless it is absolutely necessary. If your content is that detailed, it may need to be broken into separate articles.
|
||||||
Use pound or hash signs (#) for non-blog post content. | Use underlines (--- or ===) to designate first-level headings.
|
Use pound or hash signs (`#`) for non-blog post content. | Use underlines (`---` or `===`) to designate first-level headings.
|
||||||
Use sentence case for headings. For example, **Extend kubectl with plugins** | Use title case for headings. For example, **Extend Kubectl With Plugins**
|
Use sentence case for headings. For example, **Extend kubectl with plugins** | Use title case for headings. For example, **Extend Kubectl With Plugins**
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
### Paragraphs
|
### Paragraphs
|
||||||
|
|
||||||
|
@ -439,8 +439,8 @@ Use sentence case for headings. For example, **Extend kubectl with plugins** | U
|
||||||
Do | Don't
|
Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
Try to keep paragraphs under 6 sentences. | Indent the first paragraph with space characters. For example, ⋅⋅⋅Three spaces before a paragraph will indent it.
|
Try to keep paragraphs under 6 sentences. | Indent the first paragraph with space characters. For example, ⋅⋅⋅Three spaces before a paragraph will indent it.
|
||||||
Use three hyphens (---) to create a horizontal rule. Use horizontal rules for breaks in paragraph content. For example, a change of scene in a story, or a shift of topic within a section. | Use horizontal rules for decoration.
|
Use three hyphens (`---`) to create a horizontal rule. Use horizontal rules for breaks in paragraph content. For example, a change of scene in a story, or a shift of topic within a section. | Use horizontal rules for decoration.
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
### Links
|
### Links
|
||||||
|
|
||||||
|
@ -449,7 +449,7 @@ Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
Write hyperlinks that give you context for the content they link to. For example: Certain ports are open on your machines. See <a href="#check-required-ports">Check required ports</a> for more details. | Use ambiguous terms such as “click here”. For example: Certain ports are open on your machines. See <a href="#check-required-ports">here</a> for more details.
|
Write hyperlinks that give you context for the content they link to. For example: Certain ports are open on your machines. See <a href="#check-required-ports">Check required ports</a> for more details. | Use ambiguous terms such as “click here”. For example: Certain ports are open on your machines. See <a href="#check-required-ports">here</a> for more details.
|
||||||
Write Markdown-style links: `[link text](URL)`. For example: `[Hugo shortcodes](/docs/contribute/style/hugo-shortcodes/#table-captions)` and the output is [Hugo shortcodes](/docs/contribute/style/hugo-shortcodes/#table-captions). | Write HTML-style links: `<a href="/media/examples/link-element-example.css" target="_blank">Visit our tutorial!</a>`, or create links that open in new tabs or windows. For example: `[example website](https://example.com){target="_blank"}`
|
Write Markdown-style links: `[link text](URL)`. For example: `[Hugo shortcodes](/docs/contribute/style/hugo-shortcodes/#table-captions)` and the output is [Hugo shortcodes](/docs/contribute/style/hugo-shortcodes/#table-captions). | Write HTML-style links: `<a href="/media/examples/link-element-example.css" target="_blank">Visit our tutorial!</a>`, or create links that open in new tabs or windows. For example: `[example website](https://example.com){target="_blank"}`
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
|
|
||||||
### Lists
|
### Lists
|
||||||
|
@ -457,17 +457,17 @@ Group items in a list that are related to each other and need to appear in a spe
|
||||||
Website navigation links can also be marked up as list items; after all they are nothing but a group of related links.
|
Website navigation links can also be marked up as list items; after all they are nothing but a group of related links.
|
||||||
|
|
||||||
- End each item in a list with a period if one or more items in the list are complete sentences. For the sake of consistency, normally either all items or none should be complete sentences.
|
- End each item in a list with a period if one or more items in the list are complete sentences. For the sake of consistency, normally either all items or none should be complete sentences.
|
||||||
|
|
||||||
{{< note >}} Ordered lists that are part of an incomplete introductory sentence can be in lowercase and punctuated as if each item was a part of the introductory sentence.{{< /note >}}
|
{{< note >}} Ordered lists that are part of an incomplete introductory sentence can be in lowercase and punctuated as if each item was a part of the introductory sentence.{{< /note >}}
|
||||||
|
|
||||||
- Use the number one (1.) for ordered lists.
|
- Use the number one (`1.`) for ordered lists.
|
||||||
|
|
||||||
- Use (+), (* ), or (-) for unordered lists.
|
- Use (`+`), (`*`), or (`-`) for unordered lists.
|
||||||
|
|
||||||
- Leave a blank line after each list.
|
- Leave a blank line after each list.
|
||||||
|
|
||||||
- Indent nested lists with four spaces (for example, ⋅⋅⋅⋅).
|
- Indent nested lists with four spaces (for example, ⋅⋅⋅⋅).
|
||||||
|
|
||||||
- List items may consist of multiple paragraphs. Each subsequent paragraph in a list item must be indented by either four spaces or one tab.
|
- List items may consist of multiple paragraphs. Each subsequent paragraph in a list item must be indented by either four spaces or one tab.
|
||||||
|
|
||||||
### Tables
|
### Tables
|
||||||
|
@ -486,7 +486,7 @@ This section contains suggested best practices for clear, concise, and consisten
|
||||||
Do | Don't
|
Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
This command starts a proxy. | This command will start a proxy.
|
This command starts a proxy. | This command will start a proxy.
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
|
|
||||||
Exception: Use future or past tense if it is required to convey the correct
|
Exception: Use future or past tense if it is required to convey the correct
|
||||||
|
@ -512,7 +512,7 @@ Use simple and direct language. Avoid using unnecessary phrases, such as saying
|
||||||
Do | Don't
|
Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
To create a ReplicaSet, ... | In order to create a ReplicaSet, ...
|
To create a ReplicaSet, ... | In order to create a ReplicaSet, ...
|
||||||
See the configuration file. | Please see the configuration file.
|
See the configuration file. | Please see the configuration file.
|
||||||
View the Pods. | With this next command, we'll view the Pods.
|
View the Pods. | With this next command, we'll view the Pods.
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
|
@ -522,7 +522,7 @@ View the Pods. | With this next command, we'll view the Pods.
|
||||||
Do | Don't
|
Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
You can create a Deployment by ... | We'll create a Deployment by ...
|
You can create a Deployment by ... | We'll create a Deployment by ...
|
||||||
In the preceding output, you can see... | In the preceding output, we can see ...
|
In the preceding output, you can see... | In the preceding output, we can see ...
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
|
|
||||||
|
@ -583,7 +583,7 @@ considered new in a few months.
|
||||||
Do | Don't
|
Do | Don't
|
||||||
:--| :-----
|
:--| :-----
|
||||||
In version 1.4, ... | In the current version, ...
|
In version 1.4, ... | In the current version, ...
|
||||||
The Federation feature provides ... | The new Federation feature provides ...
|
The Federation feature provides ... | The new Federation feature provides ...
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@ title: Kubernetes Documentation
|
||||||
noedit: true
|
noedit: true
|
||||||
cid: docsHome
|
cid: docsHome
|
||||||
layout: docsportal_home
|
layout: docsportal_home
|
||||||
class: gridPage
|
class: gridPage gridPageHome
|
||||||
linkTitle: "Home"
|
linkTitle: "Home"
|
||||||
main_menu: true
|
main_menu: true
|
||||||
weight: 10
|
weight: 10
|
||||||
|
|
|
@ -184,27 +184,48 @@ sysctl --system
|
||||||
```
|
```
|
||||||
|
|
||||||
{{< tabs name="tab-cri-cri-o-installation" >}}
|
{{< tabs name="tab-cri-cri-o-installation" >}}
|
||||||
{{< tab name="Ubuntu 16.04" codelang="bash" >}}
|
{{< tab name="Debian" codelang="bash" >}}
|
||||||
|
# Debian Unstable/Sid
|
||||||
|
echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_Unstable/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
|
||||||
|
wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/Debian_Unstable/Release.key -O- | sudo apt-key add -
|
||||||
|
|
||||||
# Install prerequisites
|
# Debian Testing
|
||||||
apt-get update
|
echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_Testing/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
|
||||||
apt-get install -y software-properties-common
|
wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/Debian_Testing/Release.key -O- | sudo apt-key add -
|
||||||
|
|
||||||
add-apt-repository ppa:projectatomic/ppa
|
# Debian 10
|
||||||
apt-get update
|
echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_10/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
|
||||||
|
wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/Debian_10/Release.key -O- | sudo apt-key add -
|
||||||
|
|
||||||
|
# Raspbian 10
|
||||||
|
echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Raspbian_10/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
|
||||||
|
wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/Raspbian_10/Release.key -O- | sudo apt-key add -
|
||||||
|
|
||||||
# Install CRI-O
|
# Install CRI-O
|
||||||
apt-get install -y cri-o-1.15
|
sudo apt-get install cri-o-1.17
|
||||||
|
|
||||||
{{< /tab >}}
|
{{< /tab >}}
|
||||||
{{< tab name="CentOS/RHEL 7.4+" codelang="bash" >}}
|
|
||||||
|
|
||||||
|
{{< tab name="Ubuntu 18.04, 19.04 and 19.10" codelang="bash" >}}
|
||||||
|
# Setup repository
|
||||||
|
. /etc/os-release
|
||||||
|
sudo sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/x${NAME}_${VERSION_ID}/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list"
|
||||||
|
wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/x${NAME}_${VERSION_ID}/Release.key -O- | sudo apt-key add -
|
||||||
|
sudo apt-get update
|
||||||
|
|
||||||
|
# Install CRI-O
|
||||||
|
sudo apt-get install cri-o-1.17
|
||||||
|
{{< /tab >}}
|
||||||
|
|
||||||
|
{{< tab name="CentOS/RHEL 7.4+" codelang="bash" >}}
|
||||||
# Install prerequisites
|
# Install prerequisites
|
||||||
yum-config-manager --add-repo=https://cbs.centos.org/repos/paas7-crio-115-release/x86_64/os/
|
yum-config-manager --add-repo=https://cbs.centos.org/repos/paas7-crio-115-release/x86_64/os/
|
||||||
|
|
||||||
# Install CRI-O
|
# Install CRI-O
|
||||||
yum install --nogpgcheck -y cri-o
|
yum install --nogpgcheck -y cri-o
|
||||||
|
{{< /tab >}}
|
||||||
|
|
||||||
|
{{< tab name="openSUSE Tumbleweed" codelang="bash" >}}
|
||||||
|
sudo zypper install cri-o
|
||||||
{{< /tab >}}
|
{{< /tab >}}
|
||||||
{{< /tabs >}}
|
{{< /tabs >}}
|
||||||
|
|
||||||
|
|
|
@ -48,7 +48,7 @@ W wersjach wcześniejszych niż 1.14, punkty końcowe określone przez ich forma
|
||||||
|
|
||||||
**Przykłady pobierania specyfikacji OpenAPI**:
|
**Przykłady pobierania specyfikacji OpenAPI**:
|
||||||
|
|
||||||
Przed 1.10 | Począwszy od Kubernetes 1.10
|
Przed 1.10 | Kubernetes 1.10 i nowszy
|
||||||
----------- | -----------------------------
|
----------- | -----------------------------
|
||||||
GET /swagger.json | GET /openapi/v2 **Accept**: application/json
|
GET /swagger.json | GET /openapi/v2 **Accept**: application/json
|
||||||
GET /swagger-2.0.0.pb-v1 | GET /openapi/v2 **Accept**: application/com.github.proto-openapi.spec.v2@v1.0+protobuf
|
GET /swagger-2.0.0.pb-v1 | GET /openapi/v2 **Accept**: application/com.github.proto-openapi.spec.v2@v1.0+protobuf
|
||||||
|
@ -108,20 +108,21 @@ API może być rozbudowane na dwa sposoby przy użyciu [custom resources](/docs/
|
||||||
i użyć [agregatora](/docs/tasks/access-kubernetes-api/configure-aggregation-layer/),
|
i użyć [agregatora](/docs/tasks/access-kubernetes-api/configure-aggregation-layer/),
|
||||||
aby zintegrować je w sposób niezauważalny dla klientów.
|
aby zintegrować je w sposób niezauważalny dla klientów.
|
||||||
|
|
||||||
## Włączanie grup API
|
## Włączanie i wyłączanie grup API
|
||||||
|
|
||||||
Określone zasoby i grupy API są włączone domyślnie. Włączanie i wyłączanie odbywa się poprzez ustawienie `--runtime-config`
|
Określone zasoby i grupy API są włączone domyślnie. Włączanie i wyłączanie odbywa się poprzez ustawienie `--runtime-config`
|
||||||
w apiserwerze. `--runtime-config` przyjmuje wartości oddzielane przecinkami. Przykładowo, aby wyłączyć batch/v1, należy ustawić
|
w apiserwerze. `--runtime-config` przyjmuje wartości oddzielane przecinkami. Przykładowo, aby wyłączyć batch/v1, należy ustawić
|
||||||
`--runtime-config=batch/v1=false`, aby włączyć batch/v2alpha1, należy ustawić `--runtime-config=batch/v2alpha1`.
|
`--runtime-config=batch/v1=false`, aby włączyć batch/v2alpha1, należy ustawić `--runtime-config=batch/v2alpha1`.
|
||||||
Ta opcja przyjmuje rozdzielony przecinkami zbiór par klucz=wartość, który opisuje konfigurację wykonawczą apiserwera.
|
Ta opcja przyjmuje rozdzielony przecinkami zbiór par klucz=wartość, który opisuje konfigurację wykonawczą apiserwera.
|
||||||
|
|
||||||
WAŻNE: Włączenie lub wyłączenie grup lub zasobów wymaga restartu apiserver i controller-manager, aby zmiany w `--runtime-config` zostały wprowadzone.
|
{{< note >}}Włączenie lub wyłączenie grup lub zasobów wymaga restartu apiserver i controller-manager, aby zmiany w `--runtime-config` zostały wprowadzone.{{< /note >}}
|
||||||
|
|
||||||
## Jak włączać dostęp do grup zasobów
|
## Jak włączać dostęp do grup zasobów extensions/v1beta1
|
||||||
|
|
||||||
DaemonSets, Deployments, HorizontalPodAutoscalers, Ingresses, Jobs and ReplicaSets są domyślnie włączone.
|
DaemonSets, Deployments, HorizontalPodAutoscalers, Ingresses, Jobs i ReplicaSets znajdują się w grupie API `extensions/v1beta1` i są domyślnie włączone.
|
||||||
Pozostałe rozszerzenia mogą być włączane poprzez ustawienie `--runtime-config` w
|
Przykładowo: aby włączyć deployments i daemonsets, ustaw
|
||||||
apiserver. `--runtime-config` przyjmuje wartości rozdzielane przecinkami. Na przykład, aby zablokować deployments oraz ingress, ustaw
|
`--runtime-config=extensions/v1beta1/deployments=true,extensions/v1beta1/daemonsets=true`.
|
||||||
`--runtime-config=extensions/v1beta1/deployments=false,extensions/v1beta1/ingresses=false`
|
|
||||||
|
{{< note >}}Włączanie i wyłączanie pojedynczych zasobów możliwe jest jedynie w ramach grupy API `extensions/v1beta1` z przyczyn historycznych{{< /note >}}
|
||||||
|
|
||||||
{{% /capture %}}
|
{{% /capture %}}
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
---
|
---
|
||||||
title: Kubernetes — co to jest?
|
title: Kubernetes — co to jest?
|
||||||
|
description: >
|
||||||
|
Kubernetes to przenośna, rozszerzalna platforma oprogramowania *open-source* służąca do zarządzania zadaniami i serwisami uruchamianymi w kontenerach. Umożliwia ich deklaratywną konfigurację i automatyzację. Kubernetes posiada duży i dynamicznie rozwijający się ekosystem. Szeroko dostępne są serwisy, wsparcie i dodatkowe narzędzia.
|
||||||
content_template: templates/concept
|
content_template: templates/concept
|
||||||
weight: 10
|
weight: 10
|
||||||
card:
|
card:
|
||||||
|
@ -14,7 +16,7 @@ Na tej stronie znajdziesz ogólne informacje o Kubernetesie.
|
||||||
{{% capture body %}}
|
{{% capture body %}}
|
||||||
Kubernetes to przenośna, rozszerzalna platforma oprogramowania *open-source* służąca do zarządzania zadaniami i serwisami uruchamianymi w kontenerach, która umożliwia deklaratywną konfigurację i automatyzację. Ekosystem Kubernetesa jest duży i dynamicznie się rozwija. Serwisy Kubernetesa, wsparcie i narzędzia są szeroko dostępne.
|
Kubernetes to przenośna, rozszerzalna platforma oprogramowania *open-source* służąca do zarządzania zadaniami i serwisami uruchamianymi w kontenerach, która umożliwia deklaratywną konfigurację i automatyzację. Ekosystem Kubernetesa jest duży i dynamicznie się rozwija. Serwisy Kubernetesa, wsparcie i narzędzia są szeroko dostępne.
|
||||||
|
|
||||||
Nazwa Kubernetes pochodzi z greki i oznacza sternika albo pilota. Google otworzyło projekt Kubernetes publicznie w 2014. Kubernetes korzysta z [piętnastoletniego doświadczenia Google w uruchamianiu wielkoskalowych serwisów](https://ai.google/research/pubs/pub43438) i łączy je z najlepszymi pomysłami i praktykami wypracowanymi przez społeczność.
|
Nazwa Kubernetes pochodzi z greki i oznacza sternika albo pilota. Google otworzyło projekt Kubernetes publicznie w 2014. Kubernetes korzysta z [piętnastoletniego doświadczenia Google w uruchamianiu wielkoskalowych serwisów](/blog/2015/04/borg-predecessor-to-kubernetes/) i łączy je z najlepszymi pomysłami i praktykami wypracowanymi przez społeczność.
|
||||||
|
|
||||||
## Trochę historii
|
## Trochę historii
|
||||||
|
|
||||||
|
@ -42,7 +44,7 @@ Kontenery zyskały popularność ze względu na swoje zalety, takie jak:
|
||||||
* Rozdzielenie zadań *Dev* i *Ops*: obrazy kontenerów powstają w fazie *build/release*, oddzielając w ten sposób aplikacje od infrastruktury.
|
* Rozdzielenie zadań *Dev* i *Ops*: obrazy kontenerów powstają w fazie *build/release*, oddzielając w ten sposób aplikacje od infrastruktury.
|
||||||
* Obserwowalność obejmuje nie tylko informacje i metryki z poziomu systemu operacyjnego, ale także poprawność działania samej aplikacji i inne sygnały.
|
* Obserwowalność obejmuje nie tylko informacje i metryki z poziomu systemu operacyjnego, ale także poprawność działania samej aplikacji i inne sygnały.
|
||||||
* Spójność środowiska na etapach rozwoju oprogramowania, testowania i działania w trybie produkcyjnym: działa w ten sam sposób na laptopie i w chmurze.
|
* Spójność środowiska na etapach rozwoju oprogramowania, testowania i działania w trybie produkcyjnym: działa w ten sam sposób na laptopie i w chmurze.
|
||||||
* Możliwość przenoszenia pomiędzy systemami operacyjnymi i platformami chmurowymi: Ubuntu, RHEL, CoreOS, prywatnymi centrami danych, Google Kubernetes Engine czy gdziekolwiek indziej.
|
* Możliwość przenoszenia pomiędzy systemami operacyjnymi i platformami chmurowymi: Ubuntu, RHEL, CoreOS, prywatnymi centrami danych, największymi dostawcami usług chmurowych czy gdziekolwiek indziej.
|
||||||
* Zarządzanie, które w centrum uwagi ma aplikacje: Poziom abstrakcji przeniesiony jest z warstwy systemu operacyjnego działającego na maszynie wirtualnej na poziom działania aplikacji, która działa na systemie operacyjnym używając zasobów logicznych.
|
* Zarządzanie, które w centrum uwagi ma aplikacje: Poziom abstrakcji przeniesiony jest z warstwy systemu operacyjnego działającego na maszynie wirtualnej na poziom działania aplikacji, która działa na systemie operacyjnym używając zasobów logicznych.
|
||||||
* Luźno powiązane, rozproszone i elastyczne "swobodne" mikro serwisy: Aplikacje podzielone są na mniejsze, niezależne komponenty, które mogą być dynamicznie uruchamiane i zarządzane - nie jest to monolityczny system działający na jednej, dużej maszynie dedykowanej na wyłączność.
|
* Luźno powiązane, rozproszone i elastyczne "swobodne" mikro serwisy: Aplikacje podzielone są na mniejsze, niezależne komponenty, które mogą być dynamicznie uruchamiane i zarządzane - nie jest to monolityczny system działający na jednej, dużej maszynie dedykowanej na wyłączność.
|
||||||
* Izolacja zasobów: wydajność aplikacji możliwa do przewidzenia
|
* Izolacja zasobów: wydajność aplikacji możliwa do przewidzenia
|
||||||
|
|
|
@ -14,6 +14,8 @@ menu:
|
||||||
weight: 20
|
weight: 20
|
||||||
post: >
|
post: >
|
||||||
<p>Naucz się, jak korzystać z Kubernetesa z pomocą dokumentacji, która opisuje pojęcia, zawiera samouczki i informacje źródłowe. Możesz także <a href="/editdocs/" data-auto-burger-exclude>pomóc w jej tworzeniu</a>!</p>
|
<p>Naucz się, jak korzystać z Kubernetesa z pomocą dokumentacji, która opisuje pojęcia, zawiera samouczki i informacje źródłowe. Możesz także <a href="/editdocs/" data-auto-burger-exclude>pomóc w jej tworzeniu</a>!</p>
|
||||||
|
description: >
|
||||||
|
Kubernetes to otwarte oprogramowanie służące do automatyzacji procesów uruchamiania, skalowania i zarządzania aplikacjami w kontenerach. Gospodarzem tego projektu o otwartym kodzie źródłowym jest Cloud Native Computing Foundation.
|
||||||
overview: >
|
overview: >
|
||||||
Kubernetes to otwarte oprogramowanie służące do automatyzacji procesów uruchamiania, skalowania i zarządzania aplikacjami w kontenerach. Gospodarzem tego projektu o otwartym kodzie źródłowym jest Cloud Native Computing Foundation (<a href="https://www.cncf.io/about">CNCF</a>).
|
Kubernetes to otwarte oprogramowanie służące do automatyzacji procesów uruchamiania, skalowania i zarządzania aplikacjami w kontenerach. Gospodarzem tego projektu o otwartym kodzie źródłowym jest Cloud Native Computing Foundation (<a href="https://www.cncf.io/about">CNCF</a>).
|
||||||
cards:
|
cards:
|
||||||
|
@ -37,6 +39,11 @@ cards:
|
||||||
description: "Wyszukaj popularne zadania i dowiedz się, jak sobie z nimi efektywnie poradzić."
|
description: "Wyszukaj popularne zadania i dowiedz się, jak sobie z nimi efektywnie poradzić."
|
||||||
button: "Przegląd zadań"
|
button: "Przegląd zadań"
|
||||||
button_path: "/docs/tasks"
|
button_path: "/docs/tasks"
|
||||||
|
- name: training
|
||||||
|
title: "Szkolenia"
|
||||||
|
description: "Uzyskaj certyfikat Kubernetes i spraw, aby Twoje projekty cloud native zakończyły się sukcesem!"
|
||||||
|
button: "Oferta szkoleń"
|
||||||
|
button_path: "/training"
|
||||||
- name: reference
|
- name: reference
|
||||||
title: Dokumentacja źródłowa
|
title: Dokumentacja źródłowa
|
||||||
description: Zapoznaj się z terminologią, składnią poleceń, typami zasobów API i dokumentacją narzędzi instalacyjnych.
|
description: Zapoznaj się z terminologią, składnią poleceń, typami zasobów API i dokumentacją narzędzi instalacyjnych.
|
||||||
|
|
|
@ -4,7 +4,8 @@ id: cluster
|
||||||
date: 2019-06-15
|
date: 2019-06-15
|
||||||
full_link:
|
full_link:
|
||||||
short_description: >
|
short_description: >
|
||||||
Zestaw maszyn roboczych, nazywanych węzłami, na których uruchamiane są aplikacje w kontenerach. Każdy klaster musi posiadać przynajmniej jeden węzeł.
|
Zestaw maszyn roboczych, nazywanych {{< glossary_tooltip text="węzłami" term_id="node" >}}, na których uruchamiane są aplikacje w kontenerach.
|
||||||
|
Każdy klaster musi posiadać przynajmniej jeden węzeł.
|
||||||
|
|
||||||
aka:
|
aka:
|
||||||
tags:
|
tags:
|
||||||
|
@ -14,4 +15,9 @@ tags:
|
||||||
Zestaw maszyn roboczych, nazywanych węzłami, na których uruchamiane są aplikacje w kontenerach. Każdy klaster musi posiadać przynajmniej jeden węzeł.
|
Zestaw maszyn roboczych, nazywanych węzłami, na których uruchamiane są aplikacje w kontenerach. Każdy klaster musi posiadać przynajmniej jeden węzeł.
|
||||||
|
|
||||||
<!--more-->
|
<!--more-->
|
||||||
Na węźle (lub węzłach) roboczych rozmieszczane są pody, które są częściami składowymi aplikacji. Warstwa sterowania zarządza węzłami roboczymi i podami należącymi do klastra. W środowisku produkcyjnym warstwa sterowania rozłożona jest zazwyczaj na kilka maszyn, a klaster uruchomiony jest na wielu węzłach zapewniając większą niezawodność i odporność na awarie.
|
Na węźle (lub węzłach) roboczych rozmieszczane są {{< glossary_tooltip text="pody" term_id="pod" >}},
|
||||||
|
które są częściami składowymi aplikacji.
|
||||||
|
{{< glossary_tooltip text="Warstwa sterowania" term_id="control-plane" >}} zarządza
|
||||||
|
węzłami roboczymi i podami należącymi do klastra. W środowisku produkcyjnym warstwa sterowania
|
||||||
|
rozłożona jest zazwyczaj na kilka maszyn, a klaster uruchomiony jest na wielu węzłach zapewniając
|
||||||
|
większą niezawodność i odporność na awarie.
|
||||||
|
|
|
@ -11,13 +11,17 @@ tags:
|
||||||
- fundamental
|
- fundamental
|
||||||
- networking
|
- networking
|
||||||
---
|
---
|
||||||
[kube-proxy](/docs/reference/command-line-tools-reference/kube-proxy/) to *proxy* sieciowe, które uruchomione jest na każdym węźle klastra
|
kube-proxy to *proxy* sieciowe, które uruchomione jest na każdym
|
||||||
i uczestniczy w tworzeniu {{< glossary_tooltip term_id="service">}}.
|
{{< glossary_tooltip text="węźle" term_id="node" >}} klastra
|
||||||
|
i uczestniczy w tworzeniu
|
||||||
|
{{< glossary_tooltip text="serwisu" term_id="service">}}.
|
||||||
|
|
||||||
<!--more-->
|
<!--more-->
|
||||||
|
|
||||||
kube-proxy utrzymuje reguły sieciowe na węźle. Dzięki tym regułom
|
[kube-proxy](/docs/reference/command-line-tools-reference/kube-proxy/)
|
||||||
sieci na zewnątrz i wewnątrz klastra mogą komunikować się z Podami.
|
utrzymuje reguły sieciowe na węźle. Dzięki tym regułom
|
||||||
|
sieci na zewnątrz i wewnątrz klastra mogą komunikować się
|
||||||
|
z podami.
|
||||||
|
|
||||||
kube-proxy używa warstwy filtrowania pakietów dostarczanych przez system operacyjny, o ile taka jest dostępna.
|
kube-proxy używa warstwy filtrowania pakietów dostarczanych przez system operacyjny, o ile taka jest dostępna.
|
||||||
W przeciwnym przypadku, kube-proxy samo zajmuje sie przekazywaniem ruchu sieciowego.
|
W przeciwnym przypadku, kube-proxy samo zajmuje sie przekazywaniem ruchu sieciowego.
|
||||||
|
|
|
@ -10,8 +10,13 @@ aka:
|
||||||
tags:
|
tags:
|
||||||
- architecture
|
- architecture
|
||||||
---
|
---
|
||||||
Składnik warstwy sterowania, który śledzi tworzenie nowych podów i przypisuje im węzły, na których powinny zostać uruchomione.
|
Składnik warstwy sterowania, który śledzi tworzenie nowych
|
||||||
|
{{< glossary_tooltip term_id="pod" text="podów" >}} i przypisuje im {{< glossary_tooltip term_id="node" text="węzły">}},
|
||||||
|
na których powinny zostać uruchomione.
|
||||||
|
|
||||||
<!--more-->
|
<!--more-->
|
||||||
|
|
||||||
Przy podejmowaniu decyzji o wyborze węzła brane pod uwagę są wymagania indywidualne i zbiorcze odnośnie zasobów, ograniczenia wynikające z polityk sprzętu i oprogramowania, wymagania *affinity* i *anty-affinity*, lokalizacja danych, zależności między zadaniami i wymagania czasowe.
|
Przy podejmowaniu decyzji o wyborze węzła brane pod uwagę są wymagania
|
||||||
|
indywidualne i zbiorcze odnośnie zasobów, ograniczenia wynikające z polityk
|
||||||
|
sprzętu i oprogramowania, wymagania *affinity* i *anty-affinity*, lokalizacja danych,
|
||||||
|
zależności między zadaniami i wymagania czasowe.
|
||||||
|
|
|
@ -11,8 +11,8 @@ tags:
|
||||||
- fundamental
|
- fundamental
|
||||||
- core-object
|
- core-object
|
||||||
---
|
---
|
||||||
Agent, który działa na każdym węźle klastra. Odpowiada za uruchamianie kontenerów w ramach poda.
|
Agent, który działa na każdym {{< glossary_tooltip text="węźle" term_id="node" >}} klastra. Odpowiada za uruchamianie {{< glossary_tooltip text="kontenerów" term_id="container" >}} w ramach {{< glossary_tooltip text="poda" term_id="pod" >}}.
|
||||||
|
|
||||||
<!--more-->
|
<!--more-->
|
||||||
|
|
||||||
Kubelet korzysta z dostarczanych na różne sposoby PodSpecs i gwarantuje, że kontenery opisane przez te PodSpecs są uruchomione i działają poprawnie. Kubelet nie zarządza kontenerami, które nie zostały utworzone przez Kubernetes.
|
Kubelet korzysta z dostarczanych na różne sposoby PodSpecs i gwarantuje, że kontenery opisane przez te PodSpecs są uruchomione i działają poprawnie. Kubelet nie zarządza kontenerami, które nie zostały utworzone przez Kubernetes.
|
||||||
|
|
|
@ -48,62 +48,6 @@ Aby uruchomić klaster Kubernetes do nauki na lokalnym komputerze, skorzystaj z
|
||||||
|
|
||||||
Wybierając rozwiązanie dla środowiska produkcyjnego musisz zdecydować, którymi poziomami zarządzania klastrem (_abstrakcjami_) chcesz zajmować się sam, a które będą realizowane po stronie zewnętrznego operatora.
|
Wybierając rozwiązanie dla środowiska produkcyjnego musisz zdecydować, którymi poziomami zarządzania klastrem (_abstrakcjami_) chcesz zajmować się sam, a które będą realizowane po stronie zewnętrznego operatora.
|
||||||
|
|
||||||
Przykładowe poziomy abstrakcji klastra Kubernetesa to: {{< glossary_tooltip text="aplikacje" term_id="applications" >}}, {{< glossary_tooltip text="warstwa danych" term_id="data-plane" >}}, {{< glossary_tooltip text="warstwa sterowania" term_id="control-plane" >}}, {{< glossary_tooltip text="infrastruktura klastra" term_id="cluster-infrastructure" >}} i {{< glossary_tooltip text="operacje na klastrze" term_id="cluster-operations" >}}.
|
Aby zapoznać się z listą dostawców posiadających [certyfikację Kubernetes](https://github.com/cncf/k8s-conformance/#certified-kubernetes), odwiedź stronę "[Partnerzy](https://kubernetes.io/partners/#conformance)".
|
||||||
|
|
||||||
Poniższy schemat pokazuje poszczególne poziomy abstrakcji klastra Kubernetes oraz informacje, kto jest za nie odpowiedzialny (sam użytkownik czy zewnętrzny operator).
|
|
||||||
|
|
||||||
Rozwiązania dla środowisk produkcyjnych
|
|
||||||
|
|
||||||
{{< table caption="Tabela z dostawcami i rozwiązaniami dla środowisk produkcyjnych." >}}
|
|
||||||
Poniższa tabela zawiera przegląd dostawców środowisk produkcyjnych i rozwiązań, które oferują.
|
|
||||||
|
|
||||||
|Dostawca | Zarządzana | Chmura "pod klucz" | Prywatne centrum danych | Własne (w chmurze) | Własne (VM lokalne)| Własne (Bare Metal) |
|
|
||||||
| --------- | ------ | ------ | ------ | ------ | ------ | ----- |
|
|
||||||
| [Agile Stacks](https://www.agilestacks.com/products/kubernetes)| | ✔ | ✔ | | |
|
|
||||||
| [Alibaba Cloud](https://www.alibabacloud.com/product/kubernetes)| | ✔ | | | |
|
|
||||||
| [Amazon](https://aws.amazon.com) | [Amazon EKS](https://aws.amazon.com/eks/) |[Amazon EC2](https://aws.amazon.com/ec2/) | | | |
|
|
||||||
| [AppsCode](https://appscode.com/products/pharmer/) | ✔ | | | | |
|
|
||||||
| [APPUiO](https://appuio.ch/) | ✔ | ✔ | ✔ | | | |
|
|
||||||
| [Banzai Cloud Pipeline Kubernetes Engine (PKE)](https://banzaicloud.com/products/pke/) | | ✔ | | ✔ | ✔ | ✔ |
|
|
||||||
| [CenturyLink Cloud](https://www.ctl.io/) | | ✔ | | | |
|
|
||||||
| [Cisco Container Platform](https://cisco.com/go/containers) | | | ✔ | | |
|
|
||||||
| [Cloud Foundry Container Runtime (CFCR)](https://docs-cfcr.cfapps.io/) | | | | ✔ |✔ |
|
|
||||||
| [CloudStack](https://cloudstack.apache.org/) | | | | | ✔|
|
|
||||||
| [Canonical](https://ubuntu.com/kubernetes) | ✔ | ✔ | ✔ | ✔ |✔ | ✔
|
|
||||||
| [Containership](https://containership.io) | ✔ |✔ | | | |
|
|
||||||
| [D2iQ](https://d2iq.com/) | | [Kommander](https://d2iq.com/solutions/ksphere) | [Konvoy](https://d2iq.com/solutions/ksphere/konvoy) | [Konvoy](https://d2iq.com/solutions/ksphere/konvoy) | [Konvoy](https://d2iq.com/solutions/ksphere/konvoy) | [Konvoy](https://d2iq.com/solutions/ksphere/konvoy) |
|
|
||||||
| [Digital Rebar](https://provision.readthedocs.io/en/tip/README.html) | | | | | | ✔
|
|
||||||
| [DigitalOcean](https://www.digitalocean.com/products/kubernetes/) | ✔ | | | | |
|
|
||||||
| [Docker Enterprise](https://www.docker.com/products/docker-enterprise) | |✔ | ✔ | | | ✔
|
|
||||||
| [Gardener](https://gardener.cloud/) | ✔ | ✔ | ✔ | ✔ | ✔ | [Custom Extensions](https://github.com/gardener/gardener/blob/master/docs/extensions/overview.md) |
|
|
||||||
| [Giant Swarm](https://www.giantswarm.io/) | ✔ | ✔ | ✔ | |
|
|
||||||
| [Google](https://cloud.google.com/) | [Google Kubernetes Engine (GKE)](https://cloud.google.com/kubernetes-engine/) | [Google Compute Engine (GCE)](https://cloud.google.com/compute/)|[GKE On-Prem](https://cloud.google.com/gke-on-prem/) | | | | | | | |
|
|
||||||
| [IBM](https://www.ibm.com/in-en/cloud) | [IBM Cloud Kubernetes Service](https://cloud.ibm.com/kubernetes/catalog/cluster)| |[IBM Cloud Private](https://www.ibm.com/in-en/cloud/private) | |
|
|
||||||
| [Ionos](https://www.ionos.com/enterprise-cloud) | [Ionos Managed Kubernetes](https://www.ionos.com/enterprise-cloud/managed-kubernetes) | [Ionos Enterprise Cloud](https://www.ionos.com/enterprise-cloud) | |
|
|
||||||
| [Kontena Pharos](https://www.kontena.io/pharos/) | |✔| ✔ | | |
|
|
||||||
| [KubeOne](https://kubeone.io/) | | ✔ | ✔ | ✔ | ✔ | ✔ |
|
|
||||||
| [Kubermatic](https://kubermatic.io/) | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
|
|
||||||
| [KubeSail](https://kubesail.com/) | ✔ | | | | |
|
|
||||||
| [Kubespray](https://kubespray.io/#/) | | | |✔ | ✔ | ✔ |
|
|
||||||
| [Kublr](https://kublr.com/) |✔ | ✔ |✔ |✔ |✔ |✔ |
|
|
||||||
| [Microsoft Azure](https://azure.microsoft.com) | [Azure Kubernetes Service (AKS)](https://azure.microsoft.com/en-us/services/kubernetes-service/) | | | | |
|
|
||||||
| [Mirantis Cloud Platform](https://www.mirantis.com/software/kubernetes/) | | | ✔ | | |
|
|
||||||
| [NetApp Kubernetes Service (NKS)](https://cloud.netapp.com/kubernetes-service) | ✔ | ✔ | ✔ | | |
|
|
||||||
| [Nirmata](https://www.nirmata.com/) | | ✔ | ✔ | | |
|
|
||||||
| [Nutanix](https://www.nutanix.com/en) | [Nutanix Karbon](https://www.nutanix.com/products/karbon) | [Nutanix Karbon](https://www.nutanix.com/products/karbon) | | | [Nutanix AHV](https://www.nutanix.com/products/acropolis/virtualization) |
|
|
||||||
| [OpenNebula](https://www.opennebula.org) |[OpenNebula Kubernetes](https://marketplace.opennebula.systems/docs/service/kubernetes.html) | | | | |
|
|
||||||
| [OpenShift](https://www.openshift.com) |[OpenShift Dedicated](https://www.openshift.com/products/dedicated/) i [OpenShift Online](https://www.openshift.com/products/online/) | | [OpenShift Container Platform](https://www.openshift.com/products/container-platform/) | | [OpenShift Container Platform](https://www.openshift.com/products/container-platform/) |[OpenShift Container Platform](https://www.openshift.com/products/container-platform/)
|
|
||||||
| [Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE)](https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm) | ✔ | ✔ | | | |
|
|
||||||
| [oVirt](https://www.ovirt.org/) | | | | | ✔ |
|
|
||||||
| [Pivotal](https://pivotal.io/) | | [Enterprise Pivotal Container Service (PKS)](https://pivotal.io/platform/pivotal-container-service) | [Enterprise Pivotal Container Service (PKS)](https://pivotal.io/platform/pivotal-container-service) | | |
|
|
||||||
| [Platform9](https://platform9.com/) | [Platform9 Managed Kubernetes](https://platform9.com/managed-kubernetes/) | | [Platform9 Managed Kubernetes](https://platform9.com/managed-kubernetes/) | ✔ | ✔ | ✔
|
|
||||||
| [Rancher](https://rancher.com/) | | [Rancher 2.x](https://rancher.com/docs/rancher/v2.x/en/) | | [Rancher Kubernetes Engine (RKE)](https://rancher.com/docs/rke/latest/en/) | | [k3s](https://k3s.io/)
|
|
||||||
| [Supergiant](https://supergiant.io/) | |✔ | | | |
|
|
||||||
| [SUSE](https://www.suse.com/) | | ✔ | | | |
|
|
||||||
| [SysEleven](https://www.syseleven.io/) | ✔ | | | | |
|
|
||||||
| [Tencent Cloud](https://intl.cloud.tencent.com/) | [Tencent Kubernetes Engine](https://intl.cloud.tencent.com/product/tke) | ✔ | ✔ | | | ✔ |
|
|
||||||
| [VEXXHOST](https://vexxhost.com/) | ✔ | ✔ | | | |
|
|
||||||
| [VMware](https://cloud.vmware.com/) | [VMware Cloud PKS](https://cloud.vmware.com/vmware-cloud-pks) |[VMware Enterprise PKS](https://cloud.vmware.com/vmware-enterprise-pks) | [VMware Enterprise PKS](https://cloud.vmware.com/vmware-enterprise-pks) | [VMware Essential PKS](https://cloud.vmware.com/vmware-essential-pks) | |[VMware Essential PKS](https://cloud.vmware.com/vmware-essential-pks)
|
|
||||||
| [Z.A.R.V.I.S.](https://zarvis.ai/) | ✔ | | | | | |
|
|
||||||
|
|
||||||
{{% /capture %}}
|
{{% /capture %}}
|
||||||
|
|
|
@ -77,7 +77,7 @@ weight: 10
|
||||||
</div>
|
</div>
|
||||||
<div class="col-md-4">
|
<div class="col-md-4">
|
||||||
<div class="content__box content__box_fill">
|
<div class="content__box content__box_fill">
|
||||||
<p><i>Węzły typu master zarządzają klastrem, pozostałe węzły są wykorzystywane do uruchamiania na nich aplikacji. </i></p>
|
<p><i>Węzły typu master zarządzają klastrem i węzłami wykorzystywanymi do uruchamiania aplikacji. </i></p>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -17,7 +17,7 @@ weight: 40
|
||||||
|
|
||||||
Чтобы работать с Kubernetes, вы используете *объекты API Kubernetes* для описания *желаемого состояния вашего кластера*: какие приложения или другие рабочие нагрузки вы хотите запустить, какие образы контейнеров они используют, количество реплик, какие сетевые и дисковые ресурсы вы хотите использовать и сделать доступными и многое другое. Вы устанавливаете желаемое состояние, создавая объекты с помощью API Kubernetes, обычно через интерфейс командной строки `kubectl`. Вы также можете напрямую использовать API Kubernetes для взаимодействия с кластером и установки или изменения желаемого состояния.
|
Чтобы работать с Kubernetes, вы используете *объекты API Kubernetes* для описания *желаемого состояния вашего кластера*: какие приложения или другие рабочие нагрузки вы хотите запустить, какие образы контейнеров они используют, количество реплик, какие сетевые и дисковые ресурсы вы хотите использовать и сделать доступными и многое другое. Вы устанавливаете желаемое состояние, создавая объекты с помощью API Kubernetes, обычно через интерфейс командной строки `kubectl`. Вы также можете напрямую использовать API Kubernetes для взаимодействия с кластером и установки или изменения желаемого состояния.
|
||||||
|
|
||||||
После того, как вы установили желаемое состояние, *Панель управления Kubernetes* заставляет текущее состояние кластера соответствовать желаемому состоянию с помощью генератора событий жизненного цикла подов ([Pod Lifecycle Event Generator, PLEG](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/node/pod-lifecycle-event-generator.md)). Для этого Kubernetes автоматически выполняет множество задач, таких как запуск или перезапуск контейнеров, масштабирование количества реплик данного приложения и многое другое. Плоскость управления Kubernetes состоит из набора процессов, запущенных в вашем кластере:
|
После того, как вы установили желаемое состояние, *Плоскость управления Kubernetes* заставляет текущее состояние кластера соответствовать желаемому состоянию с помощью генератора событий жизненного цикла подов ([Pod Lifecycle Event Generator, PLEG](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/node/pod-lifecycle-event-generator.md)). Для этого Kubernetes автоматически выполняет множество задач, таких как запуск или перезапуск контейнеров, масштабирование количества реплик данного приложения и многое другое. Плоскость управления Kubernetes состоит из набора процессов, запущенных в вашем кластере:
|
||||||
|
|
||||||
* **Мастер Kubernetes** — это коллекция из трех процессов, которые выполняются на одном узле в вашем кластере, который обозначен как главный узел. Это процессы: [kube-apiserver](/docs/admin/kube-apiserver/), [kube-controller-manager](/docs/admin/kube-controller-manager/) и [kube-scheduler](/docs/admin/kube-scheduler/).
|
* **Мастер Kubernetes** — это коллекция из трех процессов, которые выполняются на одном узле в вашем кластере, который обозначен как главный узел. Это процессы: [kube-apiserver](/docs/admin/kube-apiserver/), [kube-controller-manager](/docs/admin/kube-controller-manager/) и [kube-scheduler](/docs/admin/kube-scheduler/).
|
||||||
* Каждый отдельный неосновной узел в вашем кластере выполняет два процесса:
|
* Каждый отдельный неосновной узел в вашем кластере выполняет два процесса:
|
||||||
|
@ -43,11 +43,11 @@ Kubernetes также содержит абстракции более высо
|
||||||
* [ReplicaSet](/docs/concepts/workloads/controllers/replicaset/)
|
* [ReplicaSet](/docs/concepts/workloads/controllers/replicaset/)
|
||||||
* [Job](/docs/concepts/workloads/controllers/jobs-run-to-completion/)
|
* [Job](/docs/concepts/workloads/controllers/jobs-run-to-completion/)
|
||||||
|
|
||||||
## Панель управления Kubernetes
|
## Плоскость управления Kubernetes
|
||||||
|
|
||||||
Различные части панели управления Kubernetes, такие как мастер Kubernetes и процессы kubelet, определяют, как Kubernetes взаимодействует с кластером. Панель управления поддерживает запись всех объектов Kubernetes в системе и запускает непрерывные циклы управления для обработки состояния этих объектов. В любое время циклы управления панели управления будут реагировать на изменения в кластере и работать, чтобы фактическое состояние всех объектов в системе соответствовало желаемому состоянию, которое вы указали.
|
Различные части панели управления Kubernetes, такие как мастер Kubernetes и процессы kubelet, определяют, как Kubernetes взаимодействует с кластером. Плоскость управления поддерживает запись всех объектов Kubernetes в системе и запускает непрерывные циклы управления для обработки состояния этих объектов. В любое время циклы управления панели управления будут реагировать на изменения в кластере и работать, чтобы фактическое состояние всех объектов в системе соответствовало желаемому состоянию, которое вы указали.
|
||||||
|
|
||||||
Например, когда вы используете API Kubernetes для создания развертывания, вы предоставляете новое желаемое состояние для системы. Панель управления Kubernetes записывает создание этого объекта и выполняет ваши инструкции, запуская необходимые приложения и планируя их на узлы кластера, чтобы фактическое состояние кластера соответствовало желаемому состоянию.
|
Например, когда вы используете API Kubernetes для создания развертывания, вы предоставляете новое желаемое состояние для системы. Плоскость управления Kubernetes записывает создание этого объекта и выполняет ваши инструкции, запуская необходимые приложения и планируя их на узлы кластера, чтобы фактическое состояние кластера соответствовало желаемому состоянию.
|
||||||
|
|
||||||
### Мастер Kubernetes
|
### Мастер Kubernetes
|
||||||
|
|
||||||
|
|
|
@ -23,7 +23,7 @@ card:
|
||||||
|
|
||||||
{{% capture body %}}
|
{{% capture body %}}
|
||||||
|
|
||||||
## Панель управления компонентами
|
## Плоскость управления компонентами
|
||||||
|
|
||||||
Компоненты панели управления отвечают за основные операции кластера (например, планирование), а также обрабатывают события кластера (например, запускают новый {{< glossary_tooltip text="под" term_id="pod">}}, когда поле `replicas` развертывания не соответствует требуемому количеству реплик).
|
Компоненты панели управления отвечают за основные операции кластера (например, планирование), а также обрабатывают события кластера (например, запускают новый {{< glossary_tooltip text="под" term_id="pod">}}, когда поле `replicas` развертывания не соответствует требуемому количеству реплик).
|
||||||
|
|
||||||
|
|
|
@ -74,7 +74,7 @@ PodList — это список Pod. | Pod List — это список подо
|
||||||
Можно | Нельзя
|
Можно | Нельзя
|
||||||
:--| :-----
|
:--| :-----
|
||||||
_Кластер_ — это набор узлов ... | "Кластер" — это набор узлов ...
|
_Кластер_ — это набор узлов ... | "Кластер" — это набор узлов ...
|
||||||
Эти компоненты формируют _панель управления_. | Эти компоненты формируют **панель управления**.
|
Эти компоненты формируют _плоскость управления_. | Эти компоненты формируют **плоскость управления**.
|
||||||
{{< /table >}}
|
{{< /table >}}
|
||||||
|
|
||||||
### Оформляйте как код имена файлов, директории и пути
|
### Оформляйте как код имена файлов, директории и пути
|
||||||
|
|
|
@ -14,4 +14,4 @@ tags:
|
||||||
Набор машин, так называемые узлы, которые запускают контейнеризированные приложения. Кластер имеет как минимум один рабочий узел.
|
Набор машин, так называемые узлы, которые запускают контейнеризированные приложения. Кластер имеет как минимум один рабочий узел.
|
||||||
|
|
||||||
<!--more-->
|
<!--more-->
|
||||||
В рабочих узлах размещены поды, являющиеся компонентами приложения. Панель управления управляет рабочими узлами и подами в кластере. В промышленных средах панель управления обычно запускается на нескольких компьютерах, а кластер, как правило, развёртывается на нескольких узлах, гарантируя отказоустойчивость и высокую надёжность.
|
В рабочих узлах размещены поды, являющиеся компонентами приложения. Плоскость управления управляет рабочими узлами и подами в кластере. В промышленных средах плоскость управления обычно запускается на нескольких компьютерах, а кластер, как правило, развёртывается на нескольких узлах, гарантируя отказоустойчивость и высокую надёжность.
|
||||||
|
|
|
@ -14,4 +14,4 @@ tags:
|
||||||
|
|
||||||
<!--more-->
|
<!--more-->
|
||||||
|
|
||||||
Рабочий узел может быть как виртуальной, так и физической машиной, в зависимости от кластера. У него есть локальные демоны или сервисы, необходимые для запуска {{< glossary_tooltip text="подов" term_id="pod" >}}, а сам он управляется панелью управления. Демоны на узле включают в себя {{< glossary_tooltip text="kubelet" term_id="kubelet" >}}, {{< glossary_tooltip text="kube-proxy" term_id="kube-proxy" >}} и среду выполнения контейнера, основанную на {{< glossary_tooltip text="CRI" term_id="cri" >}}, например {{< glossary_tooltip term_id="docker" >}}.
|
Рабочий узел может быть как виртуальной, так и физической машиной, в зависимости от кластера. У него есть локальные демоны или сервисы, необходимые для запуска {{< glossary_tooltip text="подов" term_id="pod" >}}, а сам он управляется плоскостью управления. Демоны на узле включают в себя {{< glossary_tooltip text="kubelet" term_id="kubelet" >}}, {{< glossary_tooltip text="kube-proxy" term_id="kube-proxy" >}} и среду выполнения контейнера, основанную на {{< glossary_tooltip text="CRI" term_id="cri" >}}, например {{< glossary_tooltip term_id="docker" >}}.
|
||||||
|
|
|
@ -386,7 +386,7 @@ kubectl config use-context minikube
|
||||||
|
|
||||||
### Панель управления
|
### Панель управления
|
||||||
|
|
||||||
Чтобы получить доступ к [панели управления Kubernetes](/docs/tasks/access-application-cluster/web-ui-dashboard/), запустите эту команду в командной оболочке после запуска Minikube, чтобы получить адрес:
|
Чтобы получить доступ к [веб-панели управления Kubernetes](/docs/tasks/access-application-cluster/web-ui-dashboard/), запустите эту команду в командной оболочке после запуска Minikube, чтобы получить адрес:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
minikube dashboard
|
minikube dashboard
|
||||||
|
|
|
@ -8,7 +8,7 @@ menu:
|
||||||
weight: 10
|
weight: 10
|
||||||
post: >
|
post: >
|
||||||
<p>Готовы испачкать руки? Создайте простой кластер Kubernetes с запуском "Hello World" на Node.js</p>
|
<p>Готовы испачкать руки? Создайте простой кластер Kubernetes с запуском "Hello World" на Node.js</p>
|
||||||
card:
|
card:
|
||||||
name: tutorials
|
name: tutorials
|
||||||
weight: 10
|
weight: 10
|
||||||
---
|
---
|
||||||
|
@ -17,7 +17,7 @@ card:
|
||||||
|
|
||||||
Это руководство покажет вам, как запустить простое Hello World Node.js приложение
|
Это руководство покажет вам, как запустить простое Hello World Node.js приложение
|
||||||
на Kubernetes используя [Minikube](/docs/getting-started-guides/minikube) и Katacoda.
|
на Kubernetes используя [Minikube](/docs/getting-started-guides/minikube) и Katacoda.
|
||||||
Katacoda предоставляет бесплатную, встроенную в браузер Kubernetes среду.
|
Katacoda предоставляет бесплатную, встроенную в браузер Kubernetes среду.
|
||||||
|
|
||||||
{{< note >}}
|
{{< note >}}
|
||||||
Вы также можете следовать этому руководству, если вы установили [Minikube locally](/docs/tasks/tools/install-minikube/).
|
Вы также можете следовать этому руководству, если вы установили [Minikube locally](/docs/tasks/tools/install-minikube/).
|
||||||
|
@ -49,13 +49,13 @@ Katacoda предоставляет бесплатную, встроенную
|
||||||
|
|
||||||
## Создание кластера Minikube
|
## Создание кластера Minikube
|
||||||
|
|
||||||
1. Нажмите **Запуск Терминала**
|
1. Нажмите **Запуск Терминала**
|
||||||
|
|
||||||
{{< kat-button >}}
|
{{< kat-button >}}
|
||||||
|
|
||||||
{{< note >}}Если у вас локально установлен Minikube, выполните `minikube start`.{{< /note >}}
|
{{< note >}}Если у вас локально установлен Minikube, выполните `minikube start`.{{< /note >}}
|
||||||
|
|
||||||
2. Откройте панель Kubernetes в браузере:
|
2. Откройте веб-панель Kubernetes в браузере:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
minikube dashboard
|
minikube dashboard
|
||||||
|
@ -111,7 +111,7 @@ Katacoda предоставляет бесплатную, встроенную
|
||||||
```shell
|
```shell
|
||||||
kubectl config view
|
kubectl config view
|
||||||
```
|
```
|
||||||
|
|
||||||
{{< note >}}Больше информации о командах `kubectl` можно найти по ссылке [обзор kubectl](/docs/user-guide/kubectl-overview/).{{< /note >}}
|
{{< note >}}Больше информации о командах `kubectl` можно найти по ссылке [обзор kubectl](/docs/user-guide/kubectl-overview/).{{< /note >}}
|
||||||
|
|
||||||
## Создание сервиса
|
## Создание сервиса
|
||||||
|
@ -123,7 +123,7 @@ Katacoda предоставляет бесплатную, встроенную
|
||||||
```shell
|
```shell
|
||||||
kubectl expose deployment hello-node --type=LoadBalancer --port=8080
|
kubectl expose deployment hello-node --type=LoadBalancer --port=8080
|
||||||
```
|
```
|
||||||
|
|
||||||
Флаг `--type=LoadBalancer` показывает, что сервис должен быть виден вне кластера.
|
Флаг `--type=LoadBalancer` показывает, что сервис должен быть виден вне кластера.
|
||||||
|
|
||||||
2. Посмотреть только что созданный сервис:
|
2. Посмотреть только что созданный сервис:
|
||||||
|
@ -150,7 +150,7 @@ Katacoda предоставляет бесплатную, встроенную
|
||||||
|
|
||||||
4. Только для окружения Katacoda: Нажмите на знак "Плюс", затем нажмите **Select port to view on Host 1**.
|
4. Только для окружения Katacoda: Нажмите на знак "Плюс", затем нажмите **Select port to view on Host 1**.
|
||||||
|
|
||||||
5. Только для окружения Katacoda: Введите `30369` (порт указан рядом с `8080` в выводе сервиса), затем нажмите ???.
|
5. Только для окружения Katacoda: Введите `30369` (порт указан рядом с `8080` в выводе сервиса), затем нажмите ???.
|
||||||
|
|
||||||
Откроется окно браузера, в котором запущено ваше приложение и будет отображено сообщение "Hello World".
|
Откроется окно браузера, в котором запущено ваше приложение и будет отображено сообщение "Hello World".
|
||||||
|
|
||||||
|
@ -186,13 +186,13 @@ Katacoda предоставляет бесплатную, встроенную
|
||||||
storage-provisioner: enabled
|
storage-provisioner: enabled
|
||||||
storage-provisioner-gluster: disabled
|
storage-provisioner-gluster: disabled
|
||||||
```
|
```
|
||||||
|
|
||||||
2. Включить дополнение, например, `metrics-server`:
|
2. Включить дополнение, например, `metrics-server`:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
minikube addons enable metrics-server
|
minikube addons enable metrics-server
|
||||||
```
|
```
|
||||||
|
|
||||||
Вывод:
|
Вывод:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
@ -233,7 +233,7 @@ Katacoda предоставляет бесплатную, встроенную
|
||||||
```shell
|
```shell
|
||||||
minikube addons disable metrics-server
|
minikube addons disable metrics-server
|
||||||
```
|
```
|
||||||
|
|
||||||
Вывод:
|
Вывод:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
|
|
@ -14,6 +14,6 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: nginx
|
- name: nginx
|
||||||
image: nginx:1.8
|
image: nginx:1.14.2
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
|
|
|
@ -14,6 +14,6 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: nginx
|
- name: nginx
|
||||||
image: nginx:1.8 # Update the version of nginx from 1.7.9 to 1.8
|
image: nginx:1.16.1 # Update the version of nginx from 1.14.2 to 1.16.1
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
|
|
|
@ -14,6 +14,6 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: nginx
|
- name: nginx
|
||||||
image: nginx:1.7.9
|
image: nginx:1.14.2
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
|
|
|
@ -20,7 +20,7 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: slave
|
- name: slave
|
||||||
image: gcr.io/google_samples/gb-redisslave:v1
|
image: gcr.io/google_samples/gb-redisslave:v3
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 100m
|
cpu: 100m
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
kind: PersistentVolume
|
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: mysql-pv-volume
|
name: mysql-pv-volume
|
||||||
labels:
|
labels:
|
||||||
|
|
|
@ -106,16 +106,16 @@ spec:
|
||||||
cd /var/lib/mysql
|
cd /var/lib/mysql
|
||||||
|
|
||||||
# Determine binlog position of cloned data, if any.
|
# Determine binlog position of cloned data, if any.
|
||||||
if [[ -f xtrabackup_slave_info ]]; then
|
if [[ -f xtrabackup_slave_info && "x$(<xtrabackup_slave_info)" != "x" ]]; then
|
||||||
# XtraBackup already generated a partial "CHANGE MASTER TO" query
|
# XtraBackup already generated a partial "CHANGE MASTER TO" query
|
||||||
# because we're cloning from an existing slave.
|
# because we're cloning from an existing slave. (Need to remove the tailing semicolon!)
|
||||||
mv xtrabackup_slave_info change_master_to.sql.in
|
cat xtrabackup_slave_info | sed -E 's/;$//g' > change_master_to.sql.in
|
||||||
# Ignore xtrabackup_binlog_info in this case (it's useless).
|
# Ignore xtrabackup_binlog_info in this case (it's useless).
|
||||||
rm -f xtrabackup_binlog_info
|
rm -f xtrabackup_slave_info xtrabackup_binlog_info
|
||||||
elif [[ -f xtrabackup_binlog_info ]]; then
|
elif [[ -f xtrabackup_binlog_info ]]; then
|
||||||
# We're cloning directly from master. Parse binlog position.
|
# We're cloning directly from master. Parse binlog position.
|
||||||
[[ `cat xtrabackup_binlog_info` =~ ^(.*?)[[:space:]]+(.*?)$ ]] || exit 1
|
[[ `cat xtrabackup_binlog_info` =~ ^(.*?)[[:space:]]+(.*?)$ ]] || exit 1
|
||||||
rm xtrabackup_binlog_info
|
rm -f xtrabackup_binlog_info xtrabackup_slave_info
|
||||||
echo "CHANGE MASTER TO MASTER_LOG_FILE='${BASH_REMATCH[1]}',\
|
echo "CHANGE MASTER TO MASTER_LOG_FILE='${BASH_REMATCH[1]}',\
|
||||||
MASTER_LOG_POS=${BASH_REMATCH[2]}" > change_master_to.sql.in
|
MASTER_LOG_POS=${BASH_REMATCH[2]}" > change_master_to.sql.in
|
||||||
fi
|
fi
|
||||||
|
@ -126,16 +126,15 @@ spec:
|
||||||
until mysql -h 127.0.0.1 -e "SELECT 1"; do sleep 1; done
|
until mysql -h 127.0.0.1 -e "SELECT 1"; do sleep 1; done
|
||||||
|
|
||||||
echo "Initializing replication from clone position"
|
echo "Initializing replication from clone position"
|
||||||
|
mysql -h 127.0.0.1 \
|
||||||
|
-e "$(<change_master_to.sql.in), \
|
||||||
|
MASTER_HOST='mysql-0.mysql', \
|
||||||
|
MASTER_USER='root', \
|
||||||
|
MASTER_PASSWORD='', \
|
||||||
|
MASTER_CONNECT_RETRY=10; \
|
||||||
|
START SLAVE;" || exit 1
|
||||||
# In case of container restart, attempt this at-most-once.
|
# In case of container restart, attempt this at-most-once.
|
||||||
mv change_master_to.sql.in change_master_to.sql.orig
|
mv change_master_to.sql.in change_master_to.sql.orig
|
||||||
mysql -h 127.0.0.1 <<EOF
|
|
||||||
$(<change_master_to.sql.orig),
|
|
||||||
MASTER_HOST='mysql-0.mysql',
|
|
||||||
MASTER_USER='root',
|
|
||||||
MASTER_PASSWORD='',
|
|
||||||
MASTER_CONNECT_RETRY=10;
|
|
||||||
START SLAVE;
|
|
||||||
EOF
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Start a server to send backups when requested by peers.
|
# Start a server to send backups when requested by peers.
|
||||||
|
|
|
@ -29,6 +29,6 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: nginx
|
- name: nginx
|
||||||
image: nginx:1.7.9
|
image: nginx:1.14.2
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
|
|
|
@ -14,6 +14,6 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: nginx
|
- name: nginx
|
||||||
image: nginx:1.7.9
|
image: nginx:1.14.2
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
|
|
|
@ -12,3 +12,5 @@ spec:
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: shared-data
|
- name: shared-data
|
||||||
mountPath: /usr/share/nginx/html
|
mountPath: /usr/share/nginx/html
|
||||||
|
hostNetwork: true
|
||||||
|
dnsPolicy: Default
|
||||||
|
|
|
@ -14,6 +14,6 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: nginx
|
- name: nginx
|
||||||
image: nginx:1.7.9
|
image: nginx:1.14.2
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
|
|
|
@ -13,6 +13,6 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: nginx
|
- name: nginx
|
||||||
image: nginx:1.11.9 # update the image
|
image: nginx:1.16.1 # update the image
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
|
|
|
@ -49,7 +49,7 @@ spec:
|
||||||
replicas: 3
|
replicas: 3
|
||||||
updateStrategy:
|
updateStrategy:
|
||||||
type: RollingUpdate
|
type: RollingUpdate
|
||||||
podManagementPolicy: Parallel
|
podManagementPolicy: OrderedReady
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
apiVersion: audit.k8s.io/v1beta1 # This is required.
|
apiVersion: audit.k8s.io/v1 # This is required.
|
||||||
kind: Policy
|
kind: Policy
|
||||||
# Don't generate audit events for all requests in RequestReceived stage.
|
# Don't generate audit events for all requests in RequestReceived stage.
|
||||||
omitStages:
|
omitStages:
|
||||||
|
@ -65,4 +65,4 @@ rules:
|
||||||
# Long-running requests like watches that fall under this rule will not
|
# Long-running requests like watches that fall under this rule will not
|
||||||
# generate an audit event in RequestReceived.
|
# generate an audit event in RequestReceived.
|
||||||
omitStages:
|
omitStages:
|
||||||
- "RequestReceived"
|
- "RequestReceived"
|
||||||
|
|
|
@ -1,42 +1,44 @@
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: DaemonSet
|
kind: DaemonSet
|
||||||
metadata:
|
metadata:
|
||||||
name: fluentd-elasticsearch
|
name: fluentd-elasticsearch
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
labels:
|
labels:
|
||||||
k8s-app: fluentd-logging
|
k8s-app: fluentd-logging
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
name: fluentd-elasticsearch
|
name: fluentd-elasticsearch
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
name: fluentd-elasticsearch
|
name: fluentd-elasticsearch
|
||||||
spec:
|
spec:
|
||||||
tolerations:
|
tolerations:
|
||||||
- key: node-role.kubernetes.io/master
|
# this toleration is to have the daemonset runnable on master nodes
|
||||||
effect: NoSchedule
|
# remove it if your masters can't run pods
|
||||||
containers:
|
- key: node-role.kubernetes.io/master
|
||||||
- name: fluentd-elasticsearch
|
effect: NoSchedule
|
||||||
image: quay.io/fluentd_elasticsearch/fluentd:v2.5.2
|
containers:
|
||||||
resources:
|
- name: fluentd-elasticsearch
|
||||||
limits:
|
image: quay.io/fluentd_elasticsearch/fluentd:v2.5.2
|
||||||
memory: 200Mi
|
resources:
|
||||||
requests:
|
limits:
|
||||||
cpu: 100m
|
memory: 200Mi
|
||||||
memory: 200Mi
|
requests:
|
||||||
volumeMounts:
|
cpu: 100m
|
||||||
- name: varlog
|
memory: 200Mi
|
||||||
mountPath: /var/log
|
volumeMounts:
|
||||||
- name: varlibdockercontainers
|
- name: varlog
|
||||||
mountPath: /var/lib/docker/containers
|
mountPath: /var/log
|
||||||
readOnly: true
|
- name: varlibdockercontainers
|
||||||
terminationGracePeriodSeconds: 30
|
mountPath: /var/lib/docker/containers
|
||||||
volumes:
|
readOnly: true
|
||||||
- name: varlog
|
terminationGracePeriodSeconds: 30
|
||||||
hostPath:
|
volumes:
|
||||||
path: /var/log
|
- name: varlog
|
||||||
- name: varlibdockercontainers
|
hostPath:
|
||||||
hostPath:
|
path: /var/log
|
||||||
path: /var/lib/docker/containers
|
- name: varlibdockercontainers
|
||||||
|
hostPath:
|
||||||
|
path: /var/lib/docker/containers
|
||||||
|
|
|
@ -1,38 +1,21 @@
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: ReplicaSet
|
kind: ReplicaSet
|
||||||
metadata:
|
metadata:
|
||||||
name: frontend
|
name: frontend
|
||||||
labels:
|
labels:
|
||||||
app: guestbook
|
app: guestbook
|
||||||
tier: frontend
|
tier: frontend
|
||||||
spec:
|
spec:
|
||||||
# modify replicas according to your case
|
# modify replicas according to your case
|
||||||
replicas: 3
|
replicas: 3
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
tier: frontend
|
tier: frontend
|
||||||
matchExpressions:
|
template:
|
||||||
- {key: tier, operator: In, values: [frontend]}
|
metadata:
|
||||||
template:
|
labels:
|
||||||
metadata:
|
tier: frontend
|
||||||
labels:
|
spec:
|
||||||
app: guestbook
|
containers:
|
||||||
tier: frontend
|
- name: php-redis
|
||||||
spec:
|
image: gcr.io/google_samples/gb-frontend:v3
|
||||||
containers:
|
|
||||||
- name: php-redis
|
|
||||||
image: gcr.io/google_samples/gb-frontend:v3
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 100m
|
|
||||||
memory: 100Mi
|
|
||||||
env:
|
|
||||||
- name: GET_HOSTS_FROM
|
|
||||||
value: dns
|
|
||||||
# If your cluster config does not include a dns service, then to
|
|
||||||
# instead access environment variables to find service host
|
|
||||||
# info, comment out the 'value: dns' line above, and uncomment the
|
|
||||||
# line below.
|
|
||||||
# value: env
|
|
||||||
ports:
|
|
||||||
- containerPort: 80
|
|
||||||
|
|
|
@ -1,21 +1,21 @@
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: nginx-deployment
|
name: nginx-deployment
|
||||||
labels:
|
labels:
|
||||||
app: nginx
|
app: nginx
|
||||||
spec:
|
spec:
|
||||||
replicas: 3
|
replicas: 3
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: nginx
|
app: nginx
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: nginx
|
app: nginx
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: nginx
|
- name: nginx
|
||||||
image: nginx:1.15.4
|
image: nginx:1.14.2
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
|
|
|
@ -1,379 +1,379 @@
|
||||||
kind: ConfigMap
|
apiVersion: v1
|
||||||
apiVersion: v1
|
kind: ConfigMap
|
||||||
data:
|
data:
|
||||||
containers.input.conf: |-
|
containers.input.conf: |-
|
||||||
# This configuration file for Fluentd is used
|
# This configuration file for Fluentd is used
|
||||||
# to watch changes to Docker log files that live in the
|
# to watch changes to Docker log files that live in the
|
||||||
# directory /var/lib/docker/containers/ and are symbolically
|
# directory /var/lib/docker/containers/ and are symbolically
|
||||||
# linked to from the /var/log/containers directory using names that capture the
|
# linked to from the /var/log/containers directory using names that capture the
|
||||||
# pod name and container name. These logs are then submitted to
|
# pod name and container name. These logs are then submitted to
|
||||||
# Google Cloud Logging which assumes the installation of the cloud-logging plug-in.
|
# Google Cloud Logging which assumes the installation of the cloud-logging plug-in.
|
||||||
#
|
#
|
||||||
# Example
|
# Example
|
||||||
# =======
|
# =======
|
||||||
# A line in the Docker log file might look like this JSON:
|
# A line in the Docker log file might look like this JSON:
|
||||||
#
|
#
|
||||||
# {"log":"2014/09/25 21:15:03 Got request with path wombat\\n",
|
# {"log":"2014/09/25 21:15:03 Got request with path wombat\\n",
|
||||||
# "stream":"stderr",
|
# "stream":"stderr",
|
||||||
# "time":"2014-09-25T21:15:03.499185026Z"}
|
# "time":"2014-09-25T21:15:03.499185026Z"}
|
||||||
#
|
#
|
||||||
# The record reformer is used to write the tag to focus on the pod name
|
# The record reformer is used to write the tag to focus on the pod name
|
||||||
# and the Kubernetes container name. For example a Docker container's logs
|
# and the Kubernetes container name. For example a Docker container's logs
|
||||||
# might be in the directory:
|
# might be in the directory:
|
||||||
# /var/lib/docker/containers/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b
|
# /var/lib/docker/containers/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b
|
||||||
# and in the file:
|
# and in the file:
|
||||||
# 997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b-json.log
|
# 997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b-json.log
|
||||||
# where 997599971ee6... is the Docker ID of the running container.
|
# where 997599971ee6... is the Docker ID of the running container.
|
||||||
# The Kubernetes kubelet makes a symbolic link to this file on the host machine
|
# The Kubernetes kubelet makes a symbolic link to this file on the host machine
|
||||||
# in the /var/log/containers directory which includes the pod name and the Kubernetes
|
# in the /var/log/containers directory which includes the pod name and the Kubernetes
|
||||||
# container name:
|
# container name:
|
||||||
# synthetic-logger-0.25lps-pod_default-synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
|
# synthetic-logger-0.25lps-pod_default-synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
|
||||||
# ->
|
# ->
|
||||||
# /var/lib/docker/containers/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b-json.log
|
# /var/lib/docker/containers/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b/997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b-json.log
|
||||||
# The /var/log directory on the host is mapped to the /var/log directory in the container
|
# The /var/log directory on the host is mapped to the /var/log directory in the container
|
||||||
# running this instance of Fluentd and we end up collecting the file:
|
# running this instance of Fluentd and we end up collecting the file:
|
||||||
# /var/log/containers/synthetic-logger-0.25lps-pod_default-synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
|
# /var/log/containers/synthetic-logger-0.25lps-pod_default-synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
|
||||||
# This results in the tag:
|
# This results in the tag:
|
||||||
# var.log.containers.synthetic-logger-0.25lps-pod_default-synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
|
# var.log.containers.synthetic-logger-0.25lps-pod_default-synth-lgr-997599971ee6366d4a5920d25b79286ad45ff37a74494f262e3bc98d909d0a7b.log
|
||||||
# The record reformer is used is discard the var.log.containers prefix and
|
# The record reformer is used is discard the var.log.containers prefix and
|
||||||
# the Docker container ID suffix and "kubernetes." is pre-pended giving the tag:
|
# the Docker container ID suffix and "kubernetes." is pre-pended giving the tag:
|
||||||
# kubernetes.synthetic-logger-0.25lps-pod_default-synth-lgr
|
# kubernetes.synthetic-logger-0.25lps-pod_default-synth-lgr
|
||||||
# Tag is then parsed by google_cloud plugin and translated to the metadata,
|
# Tag is then parsed by google_cloud plugin and translated to the metadata,
|
||||||
# visible in the log viewer
|
# visible in the log viewer
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# {"log":"[info:2016-02-16T16:04:05.930-08:00] Some log text here\n","stream":"stdout","time":"2016-02-17T00:04:05.931087621Z"}
|
# {"log":"[info:2016-02-16T16:04:05.930-08:00] Some log text here\n","stream":"stdout","time":"2016-02-17T00:04:05.931087621Z"}
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format json
|
format json
|
||||||
time_key time
|
time_key time
|
||||||
path /var/log/containers/*.log
|
path /var/log/containers/*.log
|
||||||
pos_file /var/log/gcp-containers.log.pos
|
pos_file /var/log/gcp-containers.log.pos
|
||||||
time_format %Y-%m-%dT%H:%M:%S.%N%Z
|
time_format %Y-%m-%dT%H:%M:%S.%N%Z
|
||||||
tag reform.*
|
tag reform.*
|
||||||
read_from_head true
|
read_from_head true
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
<filter reform.**>
|
<filter reform.**>
|
||||||
type parser
|
type parser
|
||||||
format /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<log>.*)/
|
format /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<log>.*)/
|
||||||
reserve_data true
|
reserve_data true
|
||||||
suppress_parse_error_log true
|
suppress_parse_error_log true
|
||||||
key_name log
|
key_name log
|
||||||
</filter>
|
</filter>
|
||||||
|
|
||||||
<match reform.**>
|
<match reform.**>
|
||||||
type record_reformer
|
type record_reformer
|
||||||
enable_ruby true
|
enable_ruby true
|
||||||
tag raw.kubernetes.${tag_suffix[4].split('-')[0..-2].join('-')}
|
tag raw.kubernetes.${tag_suffix[4].split('-')[0..-2].join('-')}
|
||||||
</match>
|
</match>
|
||||||
|
|
||||||
# Detect exceptions in the log output and forward them as one log entry.
|
# Detect exceptions in the log output and forward them as one log entry.
|
||||||
<match raw.kubernetes.**>
|
<match raw.kubernetes.**>
|
||||||
@type copy
|
@type copy
|
||||||
|
|
||||||
<store>
|
<store>
|
||||||
@type prometheus
|
@type prometheus
|
||||||
|
|
||||||
<metric>
|
<metric>
|
||||||
type counter
|
type counter
|
||||||
name logging_line_count
|
name logging_line_count
|
||||||
desc Total number of lines generated by application containers
|
desc Total number of lines generated by application containers
|
||||||
<labels>
|
<labels>
|
||||||
tag ${tag}
|
tag ${tag}
|
||||||
</labels>
|
</labels>
|
||||||
</metric>
|
</metric>
|
||||||
</store>
|
</store>
|
||||||
<store>
|
<store>
|
||||||
@type detect_exceptions
|
@type detect_exceptions
|
||||||
|
|
||||||
remove_tag_prefix raw
|
remove_tag_prefix raw
|
||||||
message log
|
message log
|
||||||
stream stream
|
stream stream
|
||||||
multiline_flush_interval 5
|
multiline_flush_interval 5
|
||||||
max_bytes 500000
|
max_bytes 500000
|
||||||
max_lines 1000
|
max_lines 1000
|
||||||
</store>
|
</store>
|
||||||
</match>
|
</match>
|
||||||
system.input.conf: |-
|
system.input.conf: |-
|
||||||
# Example:
|
# Example:
|
||||||
# Dec 21 23:17:22 gke-foo-1-1-4b5cbd14-node-4eoj startupscript: Finished running startup script /var/run/google.startup.script
|
# Dec 21 23:17:22 gke-foo-1-1-4b5cbd14-node-4eoj startupscript: Finished running startup script /var/run/google.startup.script
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format syslog
|
format syslog
|
||||||
path /var/log/startupscript.log
|
path /var/log/startupscript.log
|
||||||
pos_file /var/log/gcp-startupscript.log.pos
|
pos_file /var/log/gcp-startupscript.log.pos
|
||||||
tag startupscript
|
tag startupscript
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Examples:
|
# Examples:
|
||||||
# time="2016-02-04T06:51:03.053580605Z" level=info msg="GET /containers/json"
|
# time="2016-02-04T06:51:03.053580605Z" level=info msg="GET /containers/json"
|
||||||
# time="2016-02-04T07:53:57.505612354Z" level=error msg="HTTP Error" err="No such image: -f" statusCode=404
|
# time="2016-02-04T07:53:57.505612354Z" level=error msg="HTTP Error" err="No such image: -f" statusCode=404
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
|
format /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
|
||||||
path /var/log/docker.log
|
path /var/log/docker.log
|
||||||
pos_file /var/log/gcp-docker.log.pos
|
pos_file /var/log/gcp-docker.log.pos
|
||||||
tag docker
|
tag docker
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# 2016/02/04 06:52:38 filePurge: successfully removed file /var/etcd/data/member/wal/00000000000006d0-00000000010a23d1.wal
|
# 2016/02/04 06:52:38 filePurge: successfully removed file /var/etcd/data/member/wal/00000000000006d0-00000000010a23d1.wal
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
# Not parsing this, because it doesn't have anything particularly useful to
|
# Not parsing this, because it doesn't have anything particularly useful to
|
||||||
# parse out of it (like severities).
|
# parse out of it (like severities).
|
||||||
format none
|
format none
|
||||||
path /var/log/etcd.log
|
path /var/log/etcd.log
|
||||||
pos_file /var/log/gcp-etcd.log.pos
|
pos_file /var/log/gcp-etcd.log.pos
|
||||||
tag etcd
|
tag etcd
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Multi-line parsing is required for all the kube logs because very large log
|
# Multi-line parsing is required for all the kube logs because very large log
|
||||||
# statements, such as those that include entire object bodies, get split into
|
# statements, such as those that include entire object bodies, get split into
|
||||||
# multiple lines by glog.
|
# multiple lines by glog.
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# I0204 07:32:30.020537 3368 server.go:1048] POST /stats/container/: (13.972191ms) 200 [[Go-http-client/1.1] 10.244.1.3:40537]
|
# I0204 07:32:30.020537 3368 server.go:1048] POST /stats/container/: (13.972191ms) 200 [[Go-http-client/1.1] 10.244.1.3:40537]
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format multiline
|
format multiline
|
||||||
multiline_flush_interval 5s
|
multiline_flush_interval 5s
|
||||||
format_firstline /^\w\d{4}/
|
format_firstline /^\w\d{4}/
|
||||||
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
||||||
time_format %m%d %H:%M:%S.%N
|
time_format %m%d %H:%M:%S.%N
|
||||||
path /var/log/kubelet.log
|
path /var/log/kubelet.log
|
||||||
pos_file /var/log/gcp-kubelet.log.pos
|
pos_file /var/log/gcp-kubelet.log.pos
|
||||||
tag kubelet
|
tag kubelet
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# I1118 21:26:53.975789 6 proxier.go:1096] Port "nodePort for kube-system/default-http-backend:http" (:31429/tcp) was open before and is still needed
|
# I1118 21:26:53.975789 6 proxier.go:1096] Port "nodePort for kube-system/default-http-backend:http" (:31429/tcp) was open before and is still needed
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format multiline
|
format multiline
|
||||||
multiline_flush_interval 5s
|
multiline_flush_interval 5s
|
||||||
format_firstline /^\w\d{4}/
|
format_firstline /^\w\d{4}/
|
||||||
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
||||||
time_format %m%d %H:%M:%S.%N
|
time_format %m%d %H:%M:%S.%N
|
||||||
path /var/log/kube-proxy.log
|
path /var/log/kube-proxy.log
|
||||||
pos_file /var/log/gcp-kube-proxy.log.pos
|
pos_file /var/log/gcp-kube-proxy.log.pos
|
||||||
tag kube-proxy
|
tag kube-proxy
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# I0204 07:00:19.604280 5 handlers.go:131] GET /api/v1/nodes: (1.624207ms) 200 [[kube-controller-manager/v1.1.3 (linux/amd64) kubernetes/6a81b50] 127.0.0.1:38266]
|
# I0204 07:00:19.604280 5 handlers.go:131] GET /api/v1/nodes: (1.624207ms) 200 [[kube-controller-manager/v1.1.3 (linux/amd64) kubernetes/6a81b50] 127.0.0.1:38266]
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format multiline
|
format multiline
|
||||||
multiline_flush_interval 5s
|
multiline_flush_interval 5s
|
||||||
format_firstline /^\w\d{4}/
|
format_firstline /^\w\d{4}/
|
||||||
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
||||||
time_format %m%d %H:%M:%S.%N
|
time_format %m%d %H:%M:%S.%N
|
||||||
path /var/log/kube-apiserver.log
|
path /var/log/kube-apiserver.log
|
||||||
pos_file /var/log/gcp-kube-apiserver.log.pos
|
pos_file /var/log/gcp-kube-apiserver.log.pos
|
||||||
tag kube-apiserver
|
tag kube-apiserver
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# 2017-02-09T00:15:57.992775796Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" ip="104.132.1.72" method="GET" user="kubecfg" as="<self>" asgroups="<lookup>" namespace="default" uri="/api/v1/namespaces/default/pods"
|
# 2017-02-09T00:15:57.992775796Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" ip="104.132.1.72" method="GET" user="kubecfg" as="<self>" asgroups="<lookup>" namespace="default" uri="/api/v1/namespaces/default/pods"
|
||||||
# 2017-02-09T00:15:57.993528822Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" response="200"
|
# 2017-02-09T00:15:57.993528822Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" response="200"
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format multiline
|
format multiline
|
||||||
multiline_flush_interval 5s
|
multiline_flush_interval 5s
|
||||||
format_firstline /^\S+\s+AUDIT:/
|
format_firstline /^\S+\s+AUDIT:/
|
||||||
# Fields must be explicitly captured by name to be parsed into the record.
|
# Fields must be explicitly captured by name to be parsed into the record.
|
||||||
# Fields may not always be present, and order may change, so this just looks
|
# Fields may not always be present, and order may change, so this just looks
|
||||||
# for a list of key="\"quoted\" value" pairs separated by spaces.
|
# for a list of key="\"quoted\" value" pairs separated by spaces.
|
||||||
# Unknown fields are ignored.
|
# Unknown fields are ignored.
|
||||||
# Note: We can't separate query/response lines as format1/format2 because
|
# Note: We can't separate query/response lines as format1/format2 because
|
||||||
# they don't always come one after the other for a given query.
|
# they don't always come one after the other for a given query.
|
||||||
# TODO: Maybe add a JSON output mode to audit log so we can get rid of this?
|
# TODO: Maybe add a JSON output mode to audit log so we can get rid of this?
|
||||||
format1 /^(?<time>\S+) AUDIT:(?: (?:id="(?<id>(?:[^"\\]|\\.)*)"|ip="(?<ip>(?:[^"\\]|\\.)*)"|method="(?<method>(?:[^"\\]|\\.)*)"|user="(?<user>(?:[^"\\]|\\.)*)"|groups="(?<groups>(?:[^"\\]|\\.)*)"|as="(?<as>(?:[^"\\]|\\.)*)"|asgroups="(?<asgroups>(?:[^"\\]|\\.)*)"|namespace="(?<namespace>(?:[^"\\]|\\.)*)"|uri="(?<uri>(?:[^"\\]|\\.)*)"|response="(?<response>(?:[^"\\]|\\.)*)"|\w+="(?:[^"\\]|\\.)*"))*/
|
format1 /^(?<time>\S+) AUDIT:(?: (?:id="(?<id>(?:[^"\\]|\\.)*)"|ip="(?<ip>(?:[^"\\]|\\.)*)"|method="(?<method>(?:[^"\\]|\\.)*)"|user="(?<user>(?:[^"\\]|\\.)*)"|groups="(?<groups>(?:[^"\\]|\\.)*)"|as="(?<as>(?:[^"\\]|\\.)*)"|asgroups="(?<asgroups>(?:[^"\\]|\\.)*)"|namespace="(?<namespace>(?:[^"\\]|\\.)*)"|uri="(?<uri>(?:[^"\\]|\\.)*)"|response="(?<response>(?:[^"\\]|\\.)*)"|\w+="(?:[^"\\]|\\.)*"))*/
|
||||||
time_format %FT%T.%L%Z
|
time_format %FT%T.%L%Z
|
||||||
path /var/log/kube-apiserver-audit.log
|
path /var/log/kube-apiserver-audit.log
|
||||||
pos_file /var/log/gcp-kube-apiserver-audit.log.pos
|
pos_file /var/log/gcp-kube-apiserver-audit.log.pos
|
||||||
tag kube-apiserver-audit
|
tag kube-apiserver-audit
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# I0204 06:55:31.872680 5 servicecontroller.go:277] LB already exists and doesn't need update for service kube-system/kubernetes-dashboard
|
# I0204 06:55:31.872680 5 servicecontroller.go:277] LB already exists and doesn't need update for service kube-system/kubernetes-dashboard
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format multiline
|
format multiline
|
||||||
multiline_flush_interval 5s
|
multiline_flush_interval 5s
|
||||||
format_firstline /^\w\d{4}/
|
format_firstline /^\w\d{4}/
|
||||||
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
||||||
time_format %m%d %H:%M:%S.%N
|
time_format %m%d %H:%M:%S.%N
|
||||||
path /var/log/kube-controller-manager.log
|
path /var/log/kube-controller-manager.log
|
||||||
pos_file /var/log/gcp-kube-controller-manager.log.pos
|
pos_file /var/log/gcp-kube-controller-manager.log.pos
|
||||||
tag kube-controller-manager
|
tag kube-controller-manager
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# W0204 06:49:18.239674 7 reflector.go:245] pkg/scheduler/factory/factory.go:193: watch of *api.Service ended with: 401: The event in requested index is outdated and cleared (the requested history has been cleared [2578313/2577886]) [2579312]
|
# W0204 06:49:18.239674 7 reflector.go:245] pkg/scheduler/factory/factory.go:193: watch of *api.Service ended with: 401: The event in requested index is outdated and cleared (the requested history has been cleared [2578313/2577886]) [2579312]
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format multiline
|
format multiline
|
||||||
multiline_flush_interval 5s
|
multiline_flush_interval 5s
|
||||||
format_firstline /^\w\d{4}/
|
format_firstline /^\w\d{4}/
|
||||||
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
||||||
time_format %m%d %H:%M:%S.%N
|
time_format %m%d %H:%M:%S.%N
|
||||||
path /var/log/kube-scheduler.log
|
path /var/log/kube-scheduler.log
|
||||||
pos_file /var/log/gcp-kube-scheduler.log.pos
|
pos_file /var/log/gcp-kube-scheduler.log.pos
|
||||||
tag kube-scheduler
|
tag kube-scheduler
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# I1104 10:36:20.242766 5 rescheduler.go:73] Running Rescheduler
|
# I1104 10:36:20.242766 5 rescheduler.go:73] Running Rescheduler
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format multiline
|
format multiline
|
||||||
multiline_flush_interval 5s
|
multiline_flush_interval 5s
|
||||||
format_firstline /^\w\d{4}/
|
format_firstline /^\w\d{4}/
|
||||||
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
||||||
time_format %m%d %H:%M:%S.%N
|
time_format %m%d %H:%M:%S.%N
|
||||||
path /var/log/rescheduler.log
|
path /var/log/rescheduler.log
|
||||||
pos_file /var/log/gcp-rescheduler.log.pos
|
pos_file /var/log/gcp-rescheduler.log.pos
|
||||||
tag rescheduler
|
tag rescheduler
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# I0603 15:31:05.793605 6 cluster_manager.go:230] Reading config from path /etc/gce.conf
|
# I0603 15:31:05.793605 6 cluster_manager.go:230] Reading config from path /etc/gce.conf
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format multiline
|
format multiline
|
||||||
multiline_flush_interval 5s
|
multiline_flush_interval 5s
|
||||||
format_firstline /^\w\d{4}/
|
format_firstline /^\w\d{4}/
|
||||||
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
||||||
time_format %m%d %H:%M:%S.%N
|
time_format %m%d %H:%M:%S.%N
|
||||||
path /var/log/glbc.log
|
path /var/log/glbc.log
|
||||||
pos_file /var/log/gcp-glbc.log.pos
|
pos_file /var/log/gcp-glbc.log.pos
|
||||||
tag glbc
|
tag glbc
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
# I0603 15:31:05.793605 6 cluster_manager.go:230] Reading config from path /etc/gce.conf
|
# I0603 15:31:05.793605 6 cluster_manager.go:230] Reading config from path /etc/gce.conf
|
||||||
<source>
|
<source>
|
||||||
type tail
|
type tail
|
||||||
format multiline
|
format multiline
|
||||||
multiline_flush_interval 5s
|
multiline_flush_interval 5s
|
||||||
format_firstline /^\w\d{4}/
|
format_firstline /^\w\d{4}/
|
||||||
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
|
||||||
time_format %m%d %H:%M:%S.%N
|
time_format %m%d %H:%M:%S.%N
|
||||||
path /var/log/cluster-autoscaler.log
|
path /var/log/cluster-autoscaler.log
|
||||||
pos_file /var/log/gcp-cluster-autoscaler.log.pos
|
pos_file /var/log/gcp-cluster-autoscaler.log.pos
|
||||||
tag cluster-autoscaler
|
tag cluster-autoscaler
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
# Logs from systemd-journal for interesting services.
|
# Logs from systemd-journal for interesting services.
|
||||||
<source>
|
<source>
|
||||||
type systemd
|
type systemd
|
||||||
filters [{ "_SYSTEMD_UNIT": "docker.service" }]
|
filters [{ "_SYSTEMD_UNIT": "docker.service" }]
|
||||||
pos_file /var/log/gcp-journald-docker.pos
|
pos_file /var/log/gcp-journald-docker.pos
|
||||||
read_from_head true
|
read_from_head true
|
||||||
tag docker
|
tag docker
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
<source>
|
<source>
|
||||||
type systemd
|
type systemd
|
||||||
filters [{ "_SYSTEMD_UNIT": "kubelet.service" }]
|
filters [{ "_SYSTEMD_UNIT": "kubelet.service" }]
|
||||||
pos_file /var/log/gcp-journald-kubelet.pos
|
pos_file /var/log/gcp-journald-kubelet.pos
|
||||||
read_from_head true
|
read_from_head true
|
||||||
tag kubelet
|
tag kubelet
|
||||||
</source>
|
</source>
|
||||||
monitoring.conf: |-
|
monitoring.conf: |-
|
||||||
# Prometheus monitoring
|
# Prometheus monitoring
|
||||||
<source>
|
<source>
|
||||||
@type prometheus
|
@type prometheus
|
||||||
port 80
|
port 80
|
||||||
</source>
|
</source>
|
||||||
|
|
||||||
<source>
|
<source>
|
||||||
@type prometheus_monitor
|
@type prometheus_monitor
|
||||||
</source>
|
</source>
|
||||||
output.conf: |-
|
output.conf: |-
|
||||||
# We use 2 output stanzas - one to handle the container logs and one to handle
|
# We use 2 output stanzas - one to handle the container logs and one to handle
|
||||||
# the node daemon logs, the latter of which explicitly sends its logs to the
|
# the node daemon logs, the latter of which explicitly sends its logs to the
|
||||||
# compute.googleapis.com service rather than container.googleapis.com to keep
|
# compute.googleapis.com service rather than container.googleapis.com to keep
|
||||||
# them separate since most users don't care about the node logs.
|
# them separate since most users don't care about the node logs.
|
||||||
<match kubernetes.**>
|
<match kubernetes.**>
|
||||||
@type copy
|
@type copy
|
||||||
|
|
||||||
<store>
|
<store>
|
||||||
@type google_cloud
|
@type google_cloud
|
||||||
|
|
||||||
# Set the buffer type to file to improve the reliability and reduce the memory consumption
|
# Set the buffer type to file to improve the reliability and reduce the memory consumption
|
||||||
buffer_type file
|
buffer_type file
|
||||||
buffer_path /var/log/fluentd-buffers/kubernetes.containers.buffer
|
buffer_path /var/log/fluentd-buffers/kubernetes.containers.buffer
|
||||||
# Set queue_full action to block because we want to pause gracefully
|
# Set queue_full action to block because we want to pause gracefully
|
||||||
# in case of the off-the-limits load instead of throwing an exception
|
# in case of the off-the-limits load instead of throwing an exception
|
||||||
buffer_queue_full_action block
|
buffer_queue_full_action block
|
||||||
# Set the chunk limit conservatively to avoid exceeding the GCL limit
|
# Set the chunk limit conservatively to avoid exceeding the GCL limit
|
||||||
# of 10MiB per write request.
|
# of 10MiB per write request.
|
||||||
buffer_chunk_limit 2M
|
buffer_chunk_limit 2M
|
||||||
# Cap the combined memory usage of this buffer and the one below to
|
# Cap the combined memory usage of this buffer and the one below to
|
||||||
# 2MiB/chunk * (6 + 2) chunks = 16 MiB
|
# 2MiB/chunk * (6 + 2) chunks = 16 MiB
|
||||||
buffer_queue_limit 6
|
buffer_queue_limit 6
|
||||||
# Never wait more than 5 seconds before flushing logs in the non-error case.
|
# Never wait more than 5 seconds before flushing logs in the non-error case.
|
||||||
flush_interval 5s
|
flush_interval 5s
|
||||||
# Never wait longer than 30 seconds between retries.
|
# Never wait longer than 30 seconds between retries.
|
||||||
max_retry_wait 30
|
max_retry_wait 30
|
||||||
# Disable the limit on the number of retries (retry forever).
|
# Disable the limit on the number of retries (retry forever).
|
||||||
disable_retry_limit
|
disable_retry_limit
|
||||||
# Use multiple threads for processing.
|
# Use multiple threads for processing.
|
||||||
num_threads 2
|
num_threads 2
|
||||||
</store>
|
</store>
|
||||||
<store>
|
<store>
|
||||||
@type prometheus
|
@type prometheus
|
||||||
|
|
||||||
<metric>
|
<metric>
|
||||||
type counter
|
type counter
|
||||||
name logging_entry_count
|
name logging_entry_count
|
||||||
desc Total number of log entries generated by either an application container or a system component
|
desc Total number of log entries generated by either an application container or a system component
|
||||||
<labels>
|
<labels>
|
||||||
tag ${tag}
|
tag ${tag}
|
||||||
component container
|
component container
|
||||||
</labels>
|
</labels>
|
||||||
</metric>
|
</metric>
|
||||||
</store>
|
</store>
|
||||||
</match>
|
</match>
|
||||||
|
|
||||||
# Keep a smaller buffer here since these logs are less important than the user's
|
# Keep a smaller buffer here since these logs are less important than the user's
|
||||||
# container logs.
|
# container logs.
|
||||||
<match **>
|
<match **>
|
||||||
@type copy
|
@type copy
|
||||||
|
|
||||||
<store>
|
<store>
|
||||||
@type google_cloud
|
@type google_cloud
|
||||||
|
|
||||||
detect_subservice false
|
detect_subservice false
|
||||||
buffer_type file
|
buffer_type file
|
||||||
buffer_path /var/log/fluentd-buffers/kubernetes.system.buffer
|
buffer_path /var/log/fluentd-buffers/kubernetes.system.buffer
|
||||||
buffer_queue_full_action block
|
buffer_queue_full_action block
|
||||||
buffer_chunk_limit 2M
|
buffer_chunk_limit 2M
|
||||||
buffer_queue_limit 2
|
buffer_queue_limit 2
|
||||||
flush_interval 5s
|
flush_interval 5s
|
||||||
max_retry_wait 30
|
max_retry_wait 30
|
||||||
disable_retry_limit
|
disable_retry_limit
|
||||||
num_threads 2
|
num_threads 2
|
||||||
</store>
|
</store>
|
||||||
<store>
|
<store>
|
||||||
@type prometheus
|
@type prometheus
|
||||||
|
|
||||||
<metric>
|
<metric>
|
||||||
type counter
|
type counter
|
||||||
name logging_entry_count
|
name logging_entry_count
|
||||||
desc Total number of log entries generated by either an application container or a system component
|
desc Total number of log entries generated by either an application container or a system component
|
||||||
<labels>
|
<labels>
|
||||||
tag ${tag}
|
tag ${tag}
|
||||||
component system
|
component system
|
||||||
</labels>
|
</labels>
|
||||||
</metric>
|
</metric>
|
||||||
</store>
|
</store>
|
||||||
</match>
|
</match>
|
||||||
metadata:
|
metadata:
|
||||||
name: fluentd-gcp-config
|
name: fluentd-gcp-config
|
||||||
labels:
|
labels:
|
||||||
addonmanager.kubernetes.io/mode: Reconcile
|
addonmanager.kubernetes.io/mode: Reconcile
|
||||||
|
|
|
@ -1,37 +1,31 @@
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Pod
|
kind: Pod
|
||||||
metadata:
|
metadata:
|
||||||
name: website
|
name: website
|
||||||
labels:
|
labels:
|
||||||
app: website
|
app: website
|
||||||
role: frontend
|
role: frontend
|
||||||
annotations:
|
annotations:
|
||||||
podpreset.admission.kubernetes.io/podpreset-allow-database: "resource version"
|
podpreset.admission.kubernetes.io/podpreset-allow-database: "resource version"
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: website
|
- name: website
|
||||||
image: nginx
|
image: nginx
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /cache
|
- mountPath: /cache
|
||||||
name: cache-volume
|
name: cache-volume
|
||||||
- mountPath: /etc/app/config.json
|
ports:
|
||||||
readOnly: true
|
- containerPort: 80
|
||||||
name: secret-volume
|
env:
|
||||||
ports:
|
- name: DB_PORT
|
||||||
- containerPort: 80
|
value: "6379"
|
||||||
env:
|
- name: duplicate_key
|
||||||
- name: DB_PORT
|
value: FROM_ENV
|
||||||
value: "6379"
|
- name: expansion
|
||||||
- name: duplicate_key
|
value: $(REPLACE_ME)
|
||||||
value: FROM_ENV
|
envFrom:
|
||||||
- name: expansion
|
- configMapRef:
|
||||||
value: $(REPLACE_ME)
|
name: etcd-env-config
|
||||||
envFrom:
|
volumes:
|
||||||
- configMapRef:
|
- name: cache-volume
|
||||||
name: etcd-env-config
|
emptyDir: {}
|
||||||
volumes:
|
|
||||||
- name: cache-volume
|
|
||||||
emptyDir: {}
|
|
||||||
- name: secret-volume
|
|
||||||
secret:
|
|
||||||
secretName: config-details
|
|
||||||
|
|
|
@ -1,30 +1,24 @@
|
||||||
apiVersion: settings.k8s.io/v1alpha1
|
apiVersion: settings.k8s.io/v1alpha1
|
||||||
kind: PodPreset
|
kind: PodPreset
|
||||||
metadata:
|
metadata:
|
||||||
name: allow-database
|
name: allow-database
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
role: frontend
|
role: frontend
|
||||||
env:
|
env:
|
||||||
- name: DB_PORT
|
- name: DB_PORT
|
||||||
value: "6379"
|
value: "6379"
|
||||||
- name: duplicate_key
|
- name: duplicate_key
|
||||||
value: FROM_ENV
|
value: FROM_ENV
|
||||||
- name: expansion
|
- name: expansion
|
||||||
value: $(REPLACE_ME)
|
value: $(REPLACE_ME)
|
||||||
envFrom:
|
envFrom:
|
||||||
- configMapRef:
|
- configMapRef:
|
||||||
name: etcd-env-config
|
name: etcd-env-config
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /cache
|
- mountPath: /cache
|
||||||
name: cache-volume
|
name: cache-volume
|
||||||
- mountPath: /etc/app/config.json
|
volumes:
|
||||||
readOnly: true
|
- name: cache-volume
|
||||||
name: secret-volume
|
emptyDir: {}
|
||||||
volumes:
|
|
||||||
- name: cache-volume
|
|
||||||
emptyDir: {}
|
|
||||||
- name: secret-volume
|
|
||||||
secret:
|
|
||||||
secretName: config-details
|
|
||||||
|
|
|
@ -5,7 +5,10 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: redis
|
- name: redis
|
||||||
image: kubernetes/redis:v1
|
image: redis:5.0.4
|
||||||
|
command:
|
||||||
|
- redis-server
|
||||||
|
- "/redis-master/redis.conf"
|
||||||
env:
|
env:
|
||||||
- name: MASTER
|
- name: MASTER
|
||||||
value: "true"
|
value: "true"
|
||||||
|
|
|
@ -30,7 +30,6 @@ spec:
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: podinfo
|
- name: podinfo
|
||||||
mountPath: /etc/podinfo
|
mountPath: /etc/podinfo
|
||||||
readOnly: false
|
|
||||||
volumes:
|
volumes:
|
||||||
- name: podinfo
|
- name: podinfo
|
||||||
downwardAPI:
|
downwardAPI:
|
||||||
|
|
|
@ -25,7 +25,6 @@ spec:
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: podinfo
|
- name: podinfo
|
||||||
mountPath: /etc/podinfo
|
mountPath: /etc/podinfo
|
||||||
readOnly: false
|
|
||||||
volumes:
|
volumes:
|
||||||
- name: podinfo
|
- name: podinfo
|
||||||
downwardAPI:
|
downwardAPI:
|
||||||
|
|
|
@ -7,9 +7,9 @@ spec:
|
||||||
- name: test-container
|
- name: test-container
|
||||||
image: nginx
|
image: nginx
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
# name must match the volume name below
|
# name must match the volume name below
|
||||||
- name: secret-volume
|
- name: secret-volume
|
||||||
mountPath: /etc/secret-volume
|
mountPath: /etc/secret-volume
|
||||||
# The secret data is exposed to Containers in the Pod through a Volume.
|
# The secret data is exposed to Containers in the Pod through a Volume.
|
||||||
volumes:
|
volumes:
|
||||||
- name: secret-volume
|
- name: secret-volume
|
||||||
|
|
|
@ -3,5 +3,5 @@ kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
name: test-secret
|
name: test-secret
|
||||||
data:
|
data:
|
||||||
username: bXktYXBwCg==
|
username: bXktYXBw
|
||||||
password: Mzk1MjgkdmRnN0piCg==
|
password: Mzk1MjgkdmRnN0pi
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
kind: Pod
|
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
|
kind: Pod
|
||||||
metadata:
|
metadata:
|
||||||
name: nginx
|
name: nginx
|
||||||
spec:
|
spec:
|
||||||
|
@ -9,7 +9,7 @@ spec:
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /var/run/secrets/tokens
|
- mountPath: /var/run/secrets/tokens
|
||||||
name: vault-token
|
name: vault-token
|
||||||
serviceAccountName: acct
|
serviceAccountName: build-robot
|
||||||
volumes:
|
volumes:
|
||||||
- name: vault-token
|
- name: vault-token
|
||||||
projected:
|
projected:
|
||||||
|
|
|
@ -15,7 +15,7 @@ spec:
|
||||||
path: /healthz
|
path: /healthz
|
||||||
port: 8080
|
port: 8080
|
||||||
httpHeaders:
|
httpHeaders:
|
||||||
- name: X-Custom-Header
|
- name: Custom-Header
|
||||||
value: Awesome
|
value: Awesome
|
||||||
initialDelaySeconds: 3
|
initialDelaySeconds: 3
|
||||||
periodSeconds: 3
|
periodSeconds: 3
|
||||||
|
|
|
@ -5,13 +5,15 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 1000
|
runAsUser: 1000
|
||||||
|
runAsGroup: 3000
|
||||||
fsGroup: 2000
|
fsGroup: 2000
|
||||||
volumes:
|
volumes:
|
||||||
- name: sec-ctx-vol
|
- name: sec-ctx-vol
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
containers:
|
containers:
|
||||||
- name: sec-ctx-demo
|
- name: sec-ctx-demo
|
||||||
image: gcr.io/google-samples/node-hello:1.0
|
image: busybox
|
||||||
|
command: [ "sh", "-c", "sleep 1h" ]
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: sec-ctx-vol
|
- name: sec-ctx-vol
|
||||||
mountPath: /data/demo
|
mountPath: /data/demo
|
||||||
|
|
|
@ -5,6 +5,6 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: nginx
|
- name: nginx
|
||||||
image: nginx:1.7.9
|
image: nginx:1.14.2
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
kind: PersistentVolumeClaim
|
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
metadata:
|
metadata:
|
||||||
name: task-pv-claim
|
name: task-pv-claim
|
||||||
spec:
|
spec:
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
kind: Pod
|
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
|
kind: Pod
|
||||||
metadata:
|
metadata:
|
||||||
name: task-pv-pod
|
name: task-pv-pod
|
||||||
spec:
|
spec:
|
||||||
volumes:
|
volumes:
|
||||||
- name: task-pv-storage
|
- name: task-pv-storage
|
||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
claimName: task-pv-claim
|
claimName: task-pv-claim
|
||||||
containers:
|
containers:
|
||||||
- name: task-pv-container
|
- name: task-pv-container
|
||||||
image: nginx
|
image: nginx
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
kind: PersistentVolume
|
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
|
kind: PersistentVolume
|
||||||
metadata:
|
metadata:
|
||||||
name: task-pv-volume
|
name: task-pv-volume
|
||||||
labels:
|
labels:
|
||||||
|
|
|
@ -1,48 +1,48 @@
|
||||||
apiVersion: policy/v1beta1
|
apiVersion: policy/v1beta1
|
||||||
kind: PodSecurityPolicy
|
kind: PodSecurityPolicy
|
||||||
metadata:
|
metadata:
|
||||||
name: restricted
|
name: restricted
|
||||||
annotations:
|
annotations:
|
||||||
seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default'
|
seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default'
|
||||||
apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
|
apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
|
||||||
seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
|
seccomp.security.alpha.kubernetes.io/defaultProfileName: 'runtime/default'
|
||||||
apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
|
apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
|
||||||
spec:
|
spec:
|
||||||
privileged: false
|
privileged: false
|
||||||
# Required to prevent escalations to root.
|
# Required to prevent escalations to root.
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
# This is redundant with non-root + disallow privilege escalation,
|
# This is redundant with non-root + disallow privilege escalation,
|
||||||
# but we can provide it for defense in depth.
|
# but we can provide it for defense in depth.
|
||||||
requiredDropCapabilities:
|
requiredDropCapabilities:
|
||||||
- ALL
|
- ALL
|
||||||
# Allow core volume types.
|
# Allow core volume types.
|
||||||
volumes:
|
volumes:
|
||||||
- 'configMap'
|
- 'configMap'
|
||||||
- 'emptyDir'
|
- 'emptyDir'
|
||||||
- 'projected'
|
- 'projected'
|
||||||
- 'secret'
|
- 'secret'
|
||||||
- 'downwardAPI'
|
- 'downwardAPI'
|
||||||
# Assume that persistentVolumes set up by the cluster admin are safe to use.
|
# Assume that persistentVolumes set up by the cluster admin are safe to use.
|
||||||
- 'persistentVolumeClaim'
|
- 'persistentVolumeClaim'
|
||||||
hostNetwork: false
|
hostNetwork: false
|
||||||
hostIPC: false
|
hostIPC: false
|
||||||
hostPID: false
|
hostPID: false
|
||||||
runAsUser:
|
runAsUser:
|
||||||
# Require the container to run without root privileges.
|
# Require the container to run without root privileges.
|
||||||
rule: 'MustRunAsNonRoot'
|
rule: 'MustRunAsNonRoot'
|
||||||
seLinux:
|
seLinux:
|
||||||
# This policy assumes the nodes are using AppArmor rather than SELinux.
|
# This policy assumes the nodes are using AppArmor rather than SELinux.
|
||||||
rule: 'RunAsAny'
|
rule: 'RunAsAny'
|
||||||
supplementalGroups:
|
supplementalGroups:
|
||||||
rule: 'MustRunAs'
|
rule: 'MustRunAs'
|
||||||
ranges:
|
ranges:
|
||||||
# Forbid adding the root group.
|
# Forbid adding the root group.
|
||||||
- min: 1
|
- min: 1
|
||||||
max: 65535
|
max: 65535
|
||||||
fsGroup:
|
fsGroup:
|
||||||
rule: 'MustRunAs'
|
rule: 'MustRunAs'
|
||||||
ranges:
|
ranges:
|
||||||
# Forbid adding the root group.
|
# Forbid adding the root group.
|
||||||
- min: 1
|
- min: 1
|
||||||
max: 65535
|
max: 65535
|
||||||
readOnlyRootFilesystem: false
|
readOnlyRootFilesystem: false
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
kind: Service
|
apiVersion: v1
|
||||||
apiVersion: v1
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: hello
|
name: hello
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
app: hello
|
app: hello
|
||||||
tier: backend
|
tier: backend
|
||||||
ports:
|
ports:
|
||||||
- protocol: TCP
|
- protocol: TCP
|
||||||
port: 80
|
port: 80
|
||||||
targetPort: http
|
targetPort: http
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
apiVersion: extensions/v1beta1
|
apiVersion: networking.k8s.io/v1beta1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: test-ingress
|
name: test-ingress
|
||||||
spec:
|
spec:
|
||||||
backend:
|
backend:
|
||||||
serviceName: testsvc
|
serviceName: testsvc
|
||||||
servicePort: 80
|
servicePort: 80
|
||||||
|
|
||||||
|
|
|
@ -1,46 +1,51 @@
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: my-nginx
|
name: my-nginx
|
||||||
labels:
|
labels:
|
||||||
run: my-nginx
|
run: my-nginx
|
||||||
spec:
|
spec:
|
||||||
type: NodePort
|
type: NodePort
|
||||||
ports:
|
ports:
|
||||||
- port: 8080
|
- port: 8080
|
||||||
targetPort: 80
|
targetPort: 80
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
name: http
|
name: http
|
||||||
- port: 443
|
- port: 443
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
name: https
|
name: https
|
||||||
selector:
|
selector:
|
||||||
run: my-nginx
|
run: my-nginx
|
||||||
---
|
---
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: my-nginx
|
name: my-nginx
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
run: my-nginx
|
run: my-nginx
|
||||||
replicas: 1
|
replicas: 1
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
run: my-nginx
|
run: my-nginx
|
||||||
spec:
|
spec:
|
||||||
volumes:
|
volumes:
|
||||||
- name: secret-volume
|
- name: secret-volume
|
||||||
secret:
|
secret:
|
||||||
secretName: nginxsecret
|
secretName: nginxsecret
|
||||||
containers:
|
- name: configmap-volume
|
||||||
- name: nginxhttps
|
configMap:
|
||||||
image: bprashanth/nginxhttps:1.0
|
name: nginxconfigmap
|
||||||
ports:
|
containers:
|
||||||
- containerPort: 443
|
- name: nginxhttps
|
||||||
- containerPort: 80
|
image: bprashanth/nginxhttps:1.0
|
||||||
volumeMounts:
|
ports:
|
||||||
- mountPath: /etc/nginx/ssl
|
- containerPort: 443
|
||||||
name: secret-volume
|
- containerPort: 80
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /etc/nginx/ssl
|
||||||
|
name: secret-volume
|
||||||
|
- mountPath: /etc/nginx/conf.d
|
||||||
|
name: configmap-volume
|
||||||
|
|
|
@ -1,20 +1,20 @@
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Pod
|
kind: Pod
|
||||||
metadata:
|
metadata:
|
||||||
name: my-empty-dir-pod
|
name: my-empty-dir-pod
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- image: microsoft/windowsservercore:1709
|
- image: microsoft/windowsservercore:1709
|
||||||
name: my-empty-dir-pod
|
name: my-empty-dir-pod
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /cache
|
- mountPath: /cache
|
||||||
name: cache-volume
|
name: cache-volume
|
||||||
- mountPath: C:/scratch
|
- mountPath: C:/scratch
|
||||||
name: scratch-volume
|
name: scratch-volume
|
||||||
volumes:
|
volumes:
|
||||||
- name: cache-volume
|
- name: cache-volume
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
- name: scratch-volume
|
- name: scratch-volume
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
beta.kubernetes.io/os: windows
|
beta.kubernetes.io/os: windows
|
||||||
|
|
|
@ -1,17 +1,17 @@
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Pod
|
kind: Pod
|
||||||
metadata:
|
metadata:
|
||||||
name: run-as-username-container-demo
|
name: run-as-username-container-demo
|
||||||
spec:
|
spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
windowsOptions:
|
windowsOptions:
|
||||||
runAsUserName: "ContainerUser"
|
runAsUserName: "ContainerUser"
|
||||||
containers:
|
containers:
|
||||||
- name: run-as-username-demo
|
- name: run-as-username-demo
|
||||||
image: mcr.microsoft.com/windows/servercore:ltsc2019
|
image: mcr.microsoft.com/windows/servercore:ltsc2019
|
||||||
command: ["ping", "-t", "localhost"]
|
command: ["ping", "-t", "localhost"]
|
||||||
securityContext:
|
securityContext:
|
||||||
windowsOptions:
|
windowsOptions:
|
||||||
runAsUserName: "ContainerAdministrator"
|
runAsUserName: "ContainerAdministrator"
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
beta.kubernetes.io/os: windows
|
kubernetes.io/os: windows
|
||||||
|
|
|
@ -1,14 +1,14 @@
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Pod
|
kind: Pod
|
||||||
metadata:
|
metadata:
|
||||||
name: run-as-username-pod-demo
|
name: run-as-username-pod-demo
|
||||||
spec:
|
spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
windowsOptions:
|
windowsOptions:
|
||||||
runAsUserName: "ContainerUser"
|
runAsUserName: "ContainerUser"
|
||||||
containers:
|
containers:
|
||||||
- name: run-as-username-demo
|
- name: run-as-username-demo
|
||||||
image: mcr.microsoft.com/windows/servercore:ltsc2019
|
image: mcr.microsoft.com/windows/servercore:ltsc2019
|
||||||
command: ["ping", "-t", "localhost"]
|
command: ["ping", "-t", "localhost"]
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
beta.kubernetes.io/os: windows
|
kubernetes.io/os: windows
|
||||||
|
|
|
@ -186,3 +186,6 @@ other = "次の項目"
|
||||||
|
|
||||||
[warning]
|
[warning]
|
||||||
other = "警告:"
|
other = "警告:"
|
||||||
|
|
||||||
|
[input_placeholder_email_address]
|
||||||
|
other = "メールアドレス"
|
||||||
|
|
|
@ -22,7 +22,7 @@
|
||||||
{{- if .Params.deprecated }}
|
{{- if .Params.deprecated }}
|
||||||
<link rel="stylesheet" href="{{ "css/deprecation-warning.css" | relURL }}">
|
<link rel="stylesheet" href="{{ "css/deprecation-warning.css" | relURL }}">
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if eq .Params.class "gridPage" }}
|
{{- if or (eq .Params.class "gridPage") (eq .Params.class "gridPage gridPageHome") }}
|
||||||
<link rel="stylesheet" href="{{ "css/gridpage.css" | relURL }}">
|
<link rel="stylesheet" href="{{ "css/gridpage.css" | relURL }}">
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if eq .Params.class "training" }}
|
{{- if eq .Params.class "training" }}
|
||||||
|
|
|
@ -33,12 +33,14 @@ import shutil
|
||||||
import subprocess
|
import subprocess
|
||||||
import sys
|
import sys
|
||||||
import tempfile
|
import tempfile
|
||||||
|
import platform
|
||||||
|
|
||||||
error_msgs = []
|
error_msgs = []
|
||||||
|
|
||||||
# pip should be installed when Python is installed, but just in case...
|
# pip should be installed when Python is installed, but just in case...
|
||||||
if not (shutil.which('pip') or shutil.which('pip3')):
|
if not (shutil.which('pip') or shutil.which('pip3')):
|
||||||
error_msgs.append("Install pip so you can install PyYAML. https://pip.pypa.io/en/stable/installing")
|
error_msgs.append(
|
||||||
|
"Install pip so you can install PyYAML. https://pip.pypa.io/en/stable/installing")
|
||||||
|
|
||||||
reqs = subprocess.check_output([sys.executable, '-m', 'pip', 'freeze'])
|
reqs = subprocess.check_output([sys.executable, '-m', 'pip', 'freeze'])
|
||||||
installed_packages = [r.decode().split('==')[0] for r in reqs.split()]
|
installed_packages = [r.decode().split('==')[0] for r in reqs.split()]
|
||||||
|
@ -203,7 +205,9 @@ def main():
|
||||||
# create the temp work_dir
|
# create the temp work_dir
|
||||||
try:
|
try:
|
||||||
print("Making temp work_dir")
|
print("Making temp work_dir")
|
||||||
work_dir = tempfile.mkdtemp()
|
work_dir = tempfile.mkdtemp(
|
||||||
|
dir='/tmp' if platform.system() == 'Darwin' else tempfile.gettempdir()
|
||||||
|
)
|
||||||
except OSError as ose:
|
except OSError as ose:
|
||||||
print("[Error] Unable to create temp work_dir {}; error: {}"
|
print("[Error] Unable to create temp work_dir {}; error: {}"
|
||||||
.format(work_dir, ose))
|
.format(work_dir, ose))
|
||||||
|
|
Loading…
Reference in New Issue