锐单电子商城 , 一站式电子元器件采购平台!

  • 电话:400-990-0325

购物车

Kubernetes之Pod镜像拉取策略配置

时间:2023-09-18 05:37:01 二极管kpz

1、默认的镜像拉取策略

1.1 镜像指定的标签是latest默认策略是每次下载更新

编辑pod-imagepullpolicy.yaml内容如下:

apiVersion: v1 kind: Namespace metadata:   name: dev  ---  apiVersion: v1 kind: Pod metadata:   name: pod-image-pull-policy   namespace: dev   labels:     user: redrose2100 spec:   containers:   - name: nginx     image: nginx:latest

使用以下命令创建

[root@master pod]# kubectl apply -f pod-imagepullpolicy.yaml namespace/dev created pod/pod-image-pull-policy created [root@master pod]#

如下,查看pod的简要信息

[root@master pod]# kubectl get pod -n dev NAME                    READY   STATUS    RESTARTS   AGE pod-image-pull-policy   1/1     Running   0          6m9s [root@master pod]#

下列命令查看pod在创建过程中,可以发现这里有下载镜像的操作

[root@master pod]# kubectl describe pod pod-image-pull-policy -n dev Name:         pod-image-pull-policy Namespace:    dev Priority:     0 Node:         node2/192.168.16.42 Start Time:   Mon, 21 Mar 2022 16:49:36  0800 Labels:       user=redrose2100 Annotations:   Status:       Running IP:           10.244.2.25 IPs:   IP:  10.244.2.25 Containers:   nginx:     Container ID:   docker://1d0d85ef687c943c2413ef37ab5ac49a275268c22c250c01debf5319a18418cd     Image:          nginx:latest     Image ID:       docker-pullable://nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31     Port:                Host Port:           State:          Running       Started:      Mon, 21 Mar 2022 16:49:52  0800     Ready:          True     Restart Count:  0     Environment:         Mounts:       /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-wxz2x (ro) Conditions:   Type              Status   Initialized       True   Ready             True   ContainersReady   True   PodScheduled      True Volumes:   kube-api-access-wxz2x:     Type:                    Projected (a volume that contains injected data from multiple sources)     TokenExpirationSeconds:  3607     ConfigMapName:           kube-root-ca.crt     ConfigMapOptional:            DownwardAPI:             true QoS Class:                   BestEffort Node-Selectors:               Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s                              node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events:   Type    Reason     Age    From               Message   ----    ------     ----   ----               -------   Normal  Scheduled  6m40s  default-scheduler  Successfully assigned dev/pod-image-pull-policy to node2   Normal  Pulling    6m40s  kubelet            Pulling image "nginx:latest"   Normal  Pulled     6m25s  kubelet            Successfully pulled image "nginx:latest" in 15.434915091s   Normal  Created    6m25s  kubelet            Created container nginx   Normal  Started    6m24s  kubelet            Started container nginx [root@master pod]#

使用下列命令删除

[root@master pod]# kubectl delete -f pod-imagepullpolicy.yaml namespace "dev" deleted pod "pod-image-pull-policy" deleted [root@master pod]#

1.2 当镜像指定具体标签时,当地现有镜像默认使用

编辑pod-imagepullpolicy.yaml将镜像标签指定为具体值的文件,如下:

apiVersion: v1 kind: Namespace metadata:   name: dev  ---  apiVersion: v1 kind: Pod metadata:   name: pod-image-pull-policy   namespace: dev   labels:     user: redrose2100 spec:   containers:   - name: nginx     image: nginx:1.17.1

使用以下命令创建:

[root@master pod]# kubectl apply -f pod-imagepullpolicy.yaml namespace/dev created pod/pod-image-pull-policy created [root@master pod]#

使用以下命令查询简短信息

[root@master pod]# kubectl get pod -n dev NAME                    READY   STATUS    RESTARTS   AGE pod-image-pull-policy   1/1     Running   0          2m5s [root@master pod]#

从以下命令可以看出,这里没有下载镜像的操作,使用本机已经存在的镜像

[root@master pod]# kubectl describe pod pod-image-pull-policy -n dev Name:         pod-image-pull-policy Namespace:    dev Priority:     0 Node:         node2/192.168.16.42 Start Time:   Mon, 21 Mar 2022 17:02:22  0800 Labels:       user=redrose2100 Annotations:   Status:       Running IP:           10.244.2.26 IPs:   IP:  10.244.2.26 Containers:   nginx:     Container ID:   docker://cce0ce987f105b9e4a6a331664b1e6cdb786795351a27d445ce07bd0b763bb30     Image:          nginx:1.17.1     Image ID:       docker-pullable://nginx@sha256:b4b9b3eee194703fc2fa8afa5b7510c77ae70cfba567af1376a73a967c03dbb
    Port:           
    Host Port:      
    State:          Running
      Started:      Mon, 21 Mar 2022 17:02:23 +0800
    Ready:          True
    Restart Count:  0
    Environment:    
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-gbs9h (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  kube-api-access-gbs9h:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type    Reason     Age    From               Message
  ----    ------     ----   ----               -------
  Normal  Scheduled  2m49s  default-scheduler  Successfully assigned dev/pod-image-pull-policy to node2
  Normal  Pulled     2m48s  kubelet            Container image "nginx:1.17.1" already present on machine
  Normal  Created    2m48s  kubelet            Created container nginx
  Normal  Started    2m48s  kubelet            Started container nginx
[root@master pod]#

使用如下命令删除

[root@master pod]# kubectl delete -f pod-imagepullpolicy.yaml
namespace "dev" deleted
pod "pod-image-pull-policy" deleted
[root@master pod]#

二、自定义镜像拉取策略

2.1 指定每次都从远端仓库拉取镜像

编辑 pod-imagepullpolicy.yaml 文件,通过imagePullPolicy字段设置Always,即可设置每次都从仓库拉取镜像,这里镜像tag设置为1.17.1,如果默认的情况下是不会下载的,这里通过设置让它必须下载,yaml内容如下:

apiVersion: v1
kind: Namespace
metadata:
  name: dev

---

apiVersion: v1
kind: Pod
metadata:
  name: pod-image-pull-policy
  namespace: dev
  labels:
    user: redrose2100
spec:
  containers:
  - name: nginx
    image: nginx:1.17.1
    imagePullPolicy: Always

使用如下命令创建资源

[root@master pod]# kubectl apply -f pod-imagepullpolicy.yaml
namespace/dev created
pod/pod-image-pull-policy created
[root@master pod]#

查看pod创建过程,如下,可以看到此时,镜像是重新下载的

[root@master pod]# kubectl get pod -n dev
NAME                    READY   STATUS    RESTARTS   AGE
pod-image-pull-policy   1/1     Running   0          51s
[root@master pod]# kubectl describe pod pod-image-pull-policy -n dev
Name:         pod-image-pull-policy
Namespace:    dev
Priority:     0
Node:         node2/192.168.16.42
Start Time:   Mon, 21 Mar 2022 17:52:46 +0800
Labels:       user=redrose2100
Annotations:  
Status:       Running
IP:           10.244.2.27
IPs:
  IP:  10.244.2.27
Containers:
  nginx:
    Container ID:   docker://424550f7d6d4d8906bb9f955e143558a430f6e60083f0018291dbc1563c4c4bd
    Image:          nginx:1.17.1
    Image ID:       docker-pullable://nginx@sha256:b4b9b3eee194703fc2fa8afa5b7510c77ae70cfba567af1376a573a967c03dbb
    Port:           
    Host Port:      
    State:          Running
      Started:      Mon, 21 Mar 2022 17:53:02 +0800
    Ready:          True
    Restart Count:  0
    Environment:    
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-5bg2f (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  kube-api-access-5bg2f:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  68s   default-scheduler  Successfully assigned dev/pod-image-pull-policy to node2
  Normal  Pulling    68s   kubelet            Pulling image "nginx:1.17.1"
  Normal  Pulled     52s   kubelet            Successfully pulled image "nginx:1.17.1" in 15.387649503s
  Normal  Created    52s   kubelet            Created container nginx
  Normal  Started    52s   kubelet            Started container nginx
[root@master pod]#

使用如下命令删除资源

[root@master pod]# kubectl delete -f pod-imagepullpolicy.yaml
namespace "dev" deleted
pod "pod-image-pull-policy" deleted
[root@master pod]#

2.2 指定优先使用本机缓存的镜像,如果本地没有在从仓库拉取

编辑 pod-imagepullpolicy.yaml 文件,通过将imagePullPolicy字段设置IfNotPresent,详细内容如下:

apiVersion: v1
kind: Namespace
metadata:
  name: dev

---

apiVersion: v1
kind: Pod
metadata:
  name: pod-image-pull-policy
  namespace: dev
  labels:
    user: redrose2100
spec:
  containers:
  - name: nginx
    image: nginx:1.17.1
    imagePullPolicy: IfNotPresent

使用如下命令创建资源

[root@master pod]# kubectl apply -f pod-imagepullpolicy.yaml
namespace/dev created
pod/pod-image-pull-policy created
[root@master pod]#

使用如下命令查看,可以发现此时又不会去下载镜像,因为本机已经存在镜像了

[root@master pod]# kubectl get pod -n dev
NAME                    READY   STATUS    RESTARTS   AGE
pod-image-pull-policy   1/1     Running   0          32s
[root@master pod]# kubectl describe pod pod-image-pull-policy -n dev
Name:         pod-image-pull-policy
Namespace:    dev
Priority:     0
Node:         node2/192.168.16.42
Start Time:   Mon, 21 Mar 2022 18:15:42 +0800
Labels:       user=redrose2100
Annotations:  
Status:       Running
IP:           10.244.2.28
IPs:
  IP:  10.244.2.28
Containers:
  nginx:
    Container ID:   docker://f881c5d47ea7c396b2804bffbb3854e1f46ba27be2ba4a90fc39896cc5f49198
    Image:          nginx:1.17.1
    Image ID:       docker-pullable://nginx@sha256:b4b9b3eee194703fc2fa8afa5b7510c77ae70cfba567af1376a573a967c03dbb
    Port:           
    Host Port:      
    State:          Running
      Started:      Mon, 21 Mar 2022 18:15:43 +0800
    Ready:          True
    Restart Count:  0
    Environment:    
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-sqr77 (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  kube-api-access-sqr77:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  46s   default-scheduler  Successfully assigned dev/pod-image-pull-policy to node2
  Normal  Pulled     45s   kubelet            Container image "nginx:1.17.1" already present on machine
  Normal  Created    45s   kubelet            Created container nginx
  Normal  Started    45s   kubelet            Started container nginx
[root@master pod]#

使用如下命令删除资源

[root@master pod]# kubectl delete -f pod-imagepullpolicy.yaml
namespace "dev" deleted
pod "pod-image-pull-policy" deleted
[root@master pod]#

2.3 指定只使用本机存在的镜像,如果本机不存在,则直接报错

编辑 pod-imagepullpolicy.yaml 文件,通过将imagePullPolicy字段设置Never,详细内容如下:这里需要将镜像的tag值修改为一个本地不存在的,比如1.17.5

apiVersion: v1
kind: Namespace
metadata:
  name: dev

---

apiVersion: v1
kind: Pod
metadata:
  name: pod-image-pull-policy
  namespace: dev
  labels:
    user: redrose2100
spec:
  containers:
  - name: nginx
    image: nginx:1.17.5
    imagePullPolicy: Never

使用如下命令创建资源

[root@master pod]# kubectl apply -f pod-imagepullpolicy.yaml
namespace/dev created
pod/pod-image-pull-policy created
[root@master pod]#

通过如下命令查询,可以看出,此时因为本机没有此tag的镜像,因此直接失败了,而不会去仓库拉取

[root@master pod]# kubectl get pod -n dev
NAME                    READY   STATUS              RESTARTS   AGE
pod-image-pull-policy   0/1     ErrImageNeverPull   0          35s
[root@master pod]# kubectl describe pod pod-image-pull-policy -n dev
Name:         pod-image-pull-policy
Namespace:    dev
Priority:     0
Node:         node2/192.168.16.42
Start Time:   Mon, 21 Mar 2022 18:19:57 +0800
Labels:       user=redrose2100
Annotations:  
Status:       Pending
IP:           10.244.2.29
IPs:
  IP:  10.244.2.29
Containers:
  nginx:
    Container ID:
    Image:          nginx:1.17.5
    Image ID:
    Port:           
    Host Port:      
    State:          Waiting
      Reason:       ErrImageNeverPull
    Ready:          False
    Restart Count:  0
    Environment:    
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-b5skf (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             False
  ContainersReady   False
  PodScheduled      True
Volumes:
  kube-api-access-b5skf:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason             Age                From               Message
  ----     ------             ----               ----               -------
  Normal   Scheduled          53s                default-scheduler  Successfully assigned dev/pod-image-pull-policy to node2
  Warning  ErrImageNeverPull  15s (x6 over 53s)  kubelet            Container image "nginx:1.17.5" is not present with pull policy of Never
  Warning  Failed             15s (x6 over 53s)  kubelet            Error: ErrImageNeverPull
[root@master pod]#

锐单商城拥有海量元器件数据手册IC替代型号,打造电子元器件IC百科大全!

相关文章