Kubernetes资源管理Skill kubernetes-resources

这个技能用于管理和操作Kubernetes集群中的各种资源,如Pod、Service、Deployment、ConfigMap、Secret等,是实现容器编排、微服务架构和云原生应用开发的关键技术。关键词:Kubernetes, 容器, 编排, 云原生, DevOps, 部署, 服务发现, 配置管理, 集群管理, 自动化部署。

Docker/K8s 0 次安装 0 次浏览 更新于 3/25/2026

名称: kubernetes-resources 用户可调用: false 描述: 用于管理Kubernetes资源,包括部署、服务、配置映射和密钥。 允许工具: []

Kubernetes资源

了解Kubernetes资源类型及其关系。

核心资源

Pods

Kubernetes中最小的可部署单元:

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  containers:
  - name: app
    image: nginx:1.21

ReplicaSets

维护一组稳定的副本Pods:

apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: my-replicaset
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    # Pod模板

Deployments

管理ReplicaSets并提供声明式更新:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 3
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  # ...

网络资源

Services

将Pods暴露给网络流量:

  • ClusterIP: 仅内部集群访问
  • NodePort: 在每个Node的IP上暴露
  • LoadBalancer: 云提供商负载均衡器
  • ExternalName: DNS CNAME记录
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  type: ClusterIP
  selector:
    app: my-app
  ports:
  - port: 80
    targetPort: 8080

Ingress

HTTP/HTTPS路由到服务:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host: myapp.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: my-service
            port:
              number: 80

存储资源

PersistentVolume

集群级存储资源:

apiVersion: v1
kind: PersistentVolume
metadata:
  name: my-pv
spec:
  capacity:
    storage: 10Gi
  accessModes:
  - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  storageClassName: standard

PersistentVolumeClaim

存储请求:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi
  storageClassName: standard

配置资源

ConfigMaps

非敏感配置数据:

apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  config.json: |
    {
      "key": "value"
    }

Secrets

敏感信息:

apiVersion: v1
kind: Secret
metadata:
  name: app-secret
type: Opaque
stringData:
  username: admin
  password: secret123

工作负载资源

StatefulSet

用于有状态应用程序:

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: web
spec:
  serviceName: "nginx"
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    # Pod模板
  volumeClaimTemplates:
  - metadata:
      name: www
    spec:
      accessModes: [ "ReadWriteOnce" ]
      resources:
        requests:
          storage: 1Gi

DaemonSet

在每个Node上运行Pod:

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: monitoring-agent
spec:
  selector:
    matchLabels:
      name: monitoring-agent
  template:
    # Pod模板

Job

运行到完成的任务:

apiVersion: batch/v1
kind: Job
metadata:
  name: batch-job
spec:
  template:
    spec:
      containers:
      - name: job
        image: busybox
        command: ["echo", "Hello"]
      restartPolicy: Never
  backoffLimit: 4

CronJob

定时作业:

apiVersion: batch/v1
kind: CronJob
metadata:
  name: scheduled-job
spec:
  schedule: "0 0 * * *"
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: job
            image: busybox
            command: ["echo", "Daily task"]
          restartPolicy: OnFailure