11.2 Kubernetes基础
面试重要程度:⭐⭐⭐⭐⭐
常见提问方式:Kubernetes的核心组件有哪些?Pod和Container的区别?
预计阅读时间:35分钟
📋 知识点概览
Kubernetes(K8s)是容器编排领域的事实标准,掌握其核心概念和实践对于现代Java开发者至关重要。本节将深入讲解K8s架构、核心资源对象以及服务发现机制。
🏗️ Kubernetes架构详解
集群架构组件
/**
* Kubernetes集群架构
*/
public class KubernetesArchitecture {
/**
* Master节点组件
*/
public enum MasterComponent {
API_SERVER("kube-apiserver", "集群的统一入口,提供RESTful API"),
ETCD("etcd", "分布式键值存储,保存集群状态"),
SCHEDULER("kube-scheduler", "负责Pod调度到合适的Node"),
CONTROLLER_MANAGER("kube-controller-manager", "运行控制器进程"),
CLOUD_CONTROLLER_MANAGER("cloud-controller-manager", "云平台相关控制器");
private final String name;
private final String description;
MasterComponent(String name, String description) {
this.name = name;
this.description = description;
}
}
/**
* Node节点组件
*/
public enum NodeComponent {
KUBELET("kubelet", "节点代理,管理Pod生命周期"),
KUBE_PROXY("kube-proxy", "网络代理,实现Service负载均衡"),
CONTAINER_RUNTIME("container-runtime", "容器运行时(Docker/containerd)");
private final String name;
private final String description;
NodeComponent(String name, String description) {
this.name = name;
this.description = description;
}
}
/**
* 集群网络组件
*/
public static class NetworkComponents {
public static final String[] CNI_PLUGINS = {
"Flannel", // 简单的overlay网络
"Calico", // 支持网络策略的CNI
"Weave Net", // 易于安装的网络方案
"Cilium", // 基于eBPF的高性能网络
"Antrea" // VMware开源的CNI插件
};
/**
* 网络模型说明
*/
public static void explainNetworkModel() {
System.out.println("Kubernetes网络模型要求:");
System.out.println("1. 每个Pod都有独立的IP地址");
System.out.println("2. 同一Node上的Pod可以直接通信");
System.out.println("3. 不同Node上的Pod可以直接通信(无需NAT)");
System.out.println("4. Pod内的容器共享网络命名空间");
}
}
}
🚀 核心资源对象详解
Pod资源管理
# Pod配置示例
apiVersion: v1
kind: Pod
metadata:
name: spring-boot-app
labels:
app: spring-boot
version: v1.0
annotations:
description: "Spring Boot应用Pod"
spec:
# 重启策略
restartPolicy: Always
# 节点选择器
nodeSelector:
disktype: ssd
# 容器配置
containers:
- name: app
image: myregistry/spring-boot-app:v1.0
ports:
- containerPort: 8080
name: http
# 资源限制
resources:
requests:
memory: "512Mi"
cpu: "250m"
limits:
memory: "1Gi"
cpu: "500m"
# 环境变量
env:
- name: SPRING_PROFILES_ACTIVE
value: "prod"
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: db-secret
key: password
# 健康检查
livenessProbe:
httpGet:
path: /actuator/health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /actuator/health/readiness
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
# 数据卷挂载
volumeMounts:
- name: config-volume
mountPath: /app/config
- name: log-volume
mountPath: /app/logs
# 数据卷定义
volumes:
- name: config-volume
configMap:
name: app-config
- name: log-volume
emptyDir: {}
# Init容器
initContainers:
- name: init-db
image: busybox:1.35
command: ['sh', '-c', 'until nslookup db-service; do echo waiting for db; sleep 2; done;']
Deployment控制器
/**
* Deployment资源管理
*/
public class DeploymentManagement {
/**
* Deployment配置示例
*/
public static String getDeploymentYaml() {
return """
apiVersion: apps/v1
kind: Deployment
metadata:
name: spring-boot-deployment
labels:
app: spring-boot
spec:
# 副本数量
replicas: 3
# 选择器
selector:
matchLabels:
app: spring-boot
# 更新策略
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
# Pod模板
template:
metadata:
labels:
app: spring-boot
spec:
containers:
- name: app
image: myregistry/spring-boot-app:v1.0
ports:
- containerPort: 8080
resources:
requests:
memory: "512Mi"
cpu: "250m"
limits:
memory: "1Gi"
cpu: "500m"
livenessProbe:
httpGet:
path: /actuator/health
port: 8080
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /actuator/health/readiness
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
""";
}
/**
* 滚动更新策略
*/
public static class RollingUpdateStrategy {
public static void performRollingUpdate() {
String[] commands = {
"# 更新镜像版本",
"kubectl set image deployment/spring-boot-deployment app=myregistry/spring-boot-app:v2.0",
"",
"# 查看更新状态",
"kubectl rollout status deployment/spring-boot-deployment",
"",
"# 查看更新历史",
"kubectl rollout history deployment/spring-boot-deployment",
"",
"# 回滚到上一版本",
"kubectl rollout undo deployment/spring-boot-deployment",
"",
"# 回滚到指定版本",
"kubectl rollout undo deployment/spring-boot-deployment --to-revision=2",
"",
"# 暂停更新",
"kubectl rollout pause deployment/spring-boot-deployment",
"",
"# 恢复更新",
"kubectl rollout resume deployment/spring-boot-deployment"
};
for (String command : commands) {
System.out.println(command);
}
}
}
}
Service服务发现
# Service配置示例
apiVersion: v1
kind: Service
metadata:
name: spring-boot-service
labels:
app: spring-boot
spec:
# 服务类型
type: ClusterIP # ClusterIP/NodePort/LoadBalancer/ExternalName
# 选择器
selector:
app: spring-boot
# 端口配置
ports:
- name: http
port: 80
targetPort: 8080
protocol: TCP
# 会话亲和性
sessionAffinity: ClientIP
sessionAffinityConfig:
clientIP:
timeoutSeconds: 10800
---
# NodePort Service示例
apiVersion: v1
kind: Service
metadata:
name: spring-boot-nodeport
spec:
type: NodePort
selector:
app: spring-boot
ports:
- port: 80
targetPort: 8080
nodePort: 30080
---
# LoadBalancer Service示例
apiVersion: v1
kind: Service
metadata:
name: spring-boot-lb
spec:
type: LoadBalancer
selector:
app: spring-boot
ports:
- port: 80
targetPort: 8080
loadBalancerSourceRanges:
- 10.0.0.0/8
🔧 ConfigMap和Secret管理
配置管理最佳实践
/**
* Kubernetes配置管理
*/
public class ConfigurationManagement {
/**
* ConfigMap使用示例
*/
public static class ConfigMapExample {
剩余60%内容,订阅专栏后可继续查看/也可单篇购买
Java面试圣经 文章被收录于专栏
Java面试圣经,带你练透java圣经
查看12道真题和解析
投递OPPO等公司10个岗位