Kubernetes----Pod配置镜像拉取策略
一、默认的镜像拉取策略
1.1 当镜像指定的标签是latest时,默认策略是每次都下载更新
编辑pod-imagepullpolicy.yaml 文件,内容如下:
apiVersion: v1kind: Namespacemetadata: name: dev---apiVersion: v1kind: Podmetadata: name: pod-image-pull-policy namespace: dev labels: user: redrose2100spec: containers: - name: nginx image: nginx:latest
使用如下命令创建
[root@master pod]# kubectl apply -f pod-imagepullpolicy.yamlnamespace/dev createdpod/pod-image-pull-policy created[root@master pod]#
如下,查看pod的简要信息
[root@master pod]# kubectl get pod -n devNAME READY STATUS RESTARTS AGEpod-image-pull-policy 1/1 Running 0 6m9s[root@master pod]#
如下命令查看pod创建的过程,可以发现这里有下载镜像的操作
[root@master pod]# kubectl describe pod pod-image-pull-policy -n devName: pod-image-pull-policyNamespace: devPriority: 0Node: node2/192.168.16.42Start Time: Mon, 21 Mar 2022 16:49:36 +0800Labels: user=redrose2100Annotations: Status: RunningIP: 10.244.2.25IPs: IP: 10.244.2.25Containers: nginx: Container ID: docker://1d0d85ef687c943c2413ef37ab5ac49a275268c22c250c01debf5319a18418cd Image: nginx:latest Image ID: docker-pullable://nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31 Port: Host Port: State: Running Started: Mon, 21 Mar 2022 16:49:52 +0800 Ready: True Restart Count: 0 Environment: Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-wxz2x (ro)Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled TrueVolumes: kube-api-access-wxz2x: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 3607 ConfigMapName: kube-root-ca.crt ConfigMapOptional: DownwardAPI: trueQoS Class: BestEffortNode-Selectors: Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300sEvents: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 6m40s default-scheduler Successfully assigned dev/pod-image-pull-policy to node2 Normal Pulling 6m40s kubelet Pulling image "nginx:latest" Normal Pulled 6m25s kubelet Successfully pulled image "nginx:latest" in 15.434915091s Normal Created 6m25s kubelet Created container nginx Normal Started 6m24s kubelet Started container nginx[root@master pod]#
使用如下命令删除
[root@master pod]# kubectl delete -f pod-imagepullpolicy.yamlnamespace "dev" deletedpod "pod-image-pull-policy" deleted[root@master pod]#
1.2 当镜像指定的是具体标签时,默认采用本地已经存在的镜像
编辑pod-imagepullpolicy.yaml文件,将镜像标签指定为具体值,如下:
apiVersion: v1kind: Namespacemetadata: name: dev---apiVersion: v1kind: Podmetadata: name: pod-image-pull-policy namespace: dev labels: user: redrose2100spec: containers: - name: nginx image: nginx:1.17.1
使用如下命令创建:
[root@master pod]# kubectl apply -f pod-imagepullpolicy.yamlnamespace/dev createdpod/pod-image-pull-policy created[root@master pod]#
使用如下命令查询简要信息
[root@master pod]# kubectl get pod -n devNAME READY STATUS RESTARTS AGEpod-image-pull-policy 1/1 Running 0 2m5s[root@master pod]#
通过如下命令可以看到,这里没有下载镜像的操作,使用的本机已经存在的镜像
[root@master pod]# kubectl describe pod pod-image-pull-policy -n devName: pod-image-pull-policyNamespace: devPriority: 0Node: node2/192.168.16.42Start Time: Mon, 21 Mar 2022 17:02:22 +0800Labels: user=redrose2100Annotations: Status: RunningIP: 10.244.2.26IPs: IP: 10.244.2.26Containers: nginx: Container ID: docker://cce0ce987f105b9e4a6a331664b1e6cdb786795351a27d445ce07bd0b763bb30 Image: nginx:1.17.1 Image ID: docker-pullable://nginx@sha256:b4b9b3eee194703fc2fa8afa5b7510c77ae70cfba567af1376a573a967c03dbb Port: Host Port: State: Running Started: Mon, 21 Mar 2022 17:02:23 +0800 Ready: True Restart Count: 0 Environment: Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-gbs9h (ro)Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled TrueVolumes: kube-api-access-gbs9h: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 3607 ConfigMapName: kube-root-ca.crt ConfigMapOptional: DownwardAPI: trueQoS Class: BestEffortNode-Selectors: Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300sEvents: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 2m49s default-scheduler Successfully assigned dev/pod-image-pull-policy to node2 Normal Pulled 2m48s kubelet Container image "nginx:1.17.1" already present on machine Normal Created 2m48s kubelet Created container nginx Normal Started 2m48s kubelet Started container nginx[root@master pod]#
使用如下命令删除
[root@master pod]# kubectl delete -f pod-imagepullpolicy.yamlnamespace "dev" deletedpod "pod-image-pull-policy" deleted[root@master pod]#
二、自定义镜像拉取策略
2.1 指定每次都从远端仓库拉取镜像
编辑 pod-imagepullpolicy.yaml 文件,通过imagePullPolicy字段设置Always,即可设置每次都从仓库拉取镜像,这里镜像tag设置为1.17.1,如果默认的情况下是不会下载的,这里通过设置让它必须下载,yaml内容如下:
apiVersion: v1kind: Namespacemetadata: name: dev---apiVersion: v1kind: Podmetadata: name: pod-image-pull-policy namespace: dev labels: user: redrose2100spec: containers: - name: nginx image: nginx:1.17.1 imagePullPolicy:
使用如下命令创建资源
[root@master pod]# kubectl apply -f pod-imagepullpolicy.yamlnamespace/dev createdpod/pod-image-pull-policy created[root@master pod]#
查看pod创建过程,如下,可以看到此时,镜像是重新下载的
[root@master pod]# kubectl get pod -n devNAME READY STATUS RESTARTS AGEpod-image-pull-policy 1/1 Running 0 51s[root@master pod]# kubectl describe pod pod-image-pull-policy -n devName: pod-image-pull-policyNamespace: devPriority: 0Node: node2/192.168.16.42Start Time: Mon, 21 Mar 2022 17:52:46 +0800Labels: user=redrose2100Annotations: Status: RunningIP: 10.244.2.27IPs: IP: 10.244.2.27Containers: nginx: Container ID: docker://424550f7d6d4d8906bb9f955e143558a430f6e60083f0018291dbc1563c4c4bd Image: nginx:1.17.1 Image ID: docker-pullable://nginx@sha256:b4b9b3eee194703fc2fa8afa5b7510c77ae70cfba567af1376a573a967c03dbb Port: Host Port: State: Running Started: Mon, 21 Mar 2022 17:53:02 +0800 Ready: True Restart Count: 0 Environment: Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-5bg2f (ro)Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled TrueVolumes: kube-api-access-5bg2f: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 3607 ConfigMapName: kube-root-ca.crt ConfigMapOptional: DownwardAPI: trueQoS Class: BestEffortNode-Selectors: Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300sEvents: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 68s default-scheduler Successfully assigned dev/pod-image-pull-policy to node2 Normal Pulling 68s kubelet Pulling image "nginx:1.17.1" Normal Pulled 52s kubelet Successfully pulled image "nginx:1.17.1" in 15.387649503s Normal Created 52s kubelet Created container nginx Normal Started 52s kubelet Started container nginx[root@master pod]#
使用如下命令删除资源
[root@master pod]# kubectl delete -f pod-imagepullpolicy.yamlnamespace "dev" deletedpod "pod-image-pull-policy" deleted[root@master pod]#
2.2 指定优先使用本机缓存的镜像,如果本地没有在从仓库拉取
编辑 pod-imagepullpolicy.yaml 文件,通过将imagePullPolicy字段设置IfNotPresent,详细内容如下:
apiVersion: v1kind: Namespacemetadata: name: dev---apiVersion: v1kind: Podmetadata: name: pod-image-pull-policy namespace: dev labels: user: redrose2100spec: containers: - name: nginx image: nginx:1.17.1 imagePullPolicy:
使用如下命令创建资源
[root@master pod]# kubectl apply -f pod-imagepullpolicy.yamlnamespace/dev createdpod/pod-image-pull-policy created[root@master pod]#
使用如下命令查看,可以发现此时又不会去下载镜像,因为本机已经存在镜像了
[root@master pod]# kubectl get pod -n devNAME READY STATUS RESTARTS AGEpod-image-pull-policy 1/1 Running 0 32s[root@master pod]# kubectl describe pod pod-image-pull-policy -n devName: pod-image-pull-policyNamespace: devPriority: 0Node: node2/192.168.16.42Start Time: Mon, 21 Mar 2022 18:15:42 +0800Labels: user=redrose2100Annotations: Status: RunningIP: 10.244.2.28IPs: IP: 10.244.2.28Containers: nginx: Container ID: docker://f881c5d47ea7c396b2804bffbb3854e1f46ba27be2ba4a90fc39896cc5f49198 Image: nginx:1.17.1 Image ID: docker-pullable://nginx@sha256:b4b9b3eee194703fc2fa8afa5b7510c77ae70cfba567af1376a573a967c03dbb Port: Host Port: State: Running Started: Mon, 21 Mar 2022 18:15:43 +0800 Ready: True Restart Count: 0 Environment: Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-sqr77 (ro)Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled TrueVolumes: kube-api-access-sqr77: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 3607 ConfigMapName: kube-root-ca.crt ConfigMapOptional: DownwardAPI: trueQoS Class: BestEffortNode-Selectors: Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300sEvents: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 46s default-scheduler Successfully assigned dev/pod-image-pull-policy to node2 Normal Pulled 45s kubelet Container image "nginx:1.17.1" already present on machine Normal Created 45s kubelet Created container nginx Normal Started 45s kubelet Started container nginx[root@master pod]#
使用如下命令删除资源
[root@master pod]# kubectl delete -f pod-imagepullpolicy.yamlnamespace "dev" deletedpod "pod-image-pull-policy" deleted[root@master pod]#
2.3 指定只使用本机存在的镜像,如果本机不存在,则直接报错
编辑 pod-imagepullpolicy.yaml 文件,通过将imagePullPolicy字段设置Never,详细内容如下:这里需要将镜像的tag值修改为一个本地不存在的,比如1.17.5
apiVersion: v1kind: Namespacemetadata: name: dev---apiVersion: v1kind: Podmetadata: name: pod-image-pull-policy namespace: dev labels: user: redrose2100spec: containers: - name: nginx image: nginx:1.17.5 imagePullPolicy:
使用如下命令创建资源
[root@master pod]# kubectl apply -f pod-imagepullpolicy.yamlnamespace/dev createdpod/pod-image-pull-policy created[root@master pod]#
通过如下命令查询,可以看出,此时因为本机没有此tag的镜像,因此直接失败了,而不会去仓库拉取
[root@master pod]# kubectl get pod -n devNAME READY STATUS RESTARTS AGEpod-image-pull-policy 0/1 ErrImageNeverPull 0 35s[root@master pod]# kubectl describe pod pod-image-pull-policy -n devName: pod-image-pull-policyNamespace: devPriority: 0Node: node2/192.168.16.42Start Time: Mon, 21 Mar 2022 18:19:57 +0800Labels: user=redrose2100Annotations: Status: PendingIP: 10.244.2.29IPs: IP: 10.244.2.29Containers: nginx: Container ID: Image: nginx:1.17.5 Image ID: Port: Host Port: State: Waiting Reason: ErrImageNeverPull Ready: False Restart Count: 0 Environment: Mounts: /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-b5skf (ro)Conditions: Type Status Initialized True Ready False ContainersReady False PodScheduled TrueVolumes: kube-api-access-b5skf: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 3607 ConfigMapName: kube-root-ca.crt ConfigMapOptional: DownwardAPI: trueQoS Class: BestEffortNode-Selectors: Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300sEvents: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 53s default-scheduler Successfully assigned dev/pod-image-pull-policy to node2 Warning ErrImageNeverPull 15s (x6 over 53s) kubelet Container image "nginx:1.17.5" is not present with pull policy of Never Warning Failed 15s (x6 over 53s) kubelet Error: ErrImageNeverPull[root@master pod]#
版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。
暂时没有评论,来抢沙发吧~