在本例中,不包含初始化容器的配置。请参考如下内容。
apiVersion: apps/v1 #必填,指定api版本,规定该值为apps/v1
kind: Deployment #必填,创建应用类型 ,请选择填写Deployment(无状态应用)或StatefulSet(有状态应用)
metadata:
labels: #必填,应用标签,规定该值为app: {应用名称}
app: tomcattest
name: tomcattest #必填,应用名称,与基础配置页面的应用名称保持一致,在同一个应用组下必须唯一;
namespace: spaceh0h8w1lp #基础配置页面所选应用组对应的namespace
spec:
replicas: 1
selector: #必填,标签选择器,必须与template的标签保持一致,为app: {应用名称}
matchLabels:
app: tomcattest
template:
metadata:
annotations:
k8s.v1.cni.cncf.io/networks:net1/net1-subnet,net2/net2-subnet #为容器应用选择网络和子网,网络分别为net1和net2,子网分别为net1-subnet和net2-subnet。
k8s.v1.cni.cncf.io/qoses:net1qos,net2qos #为容器应用选择QoS限速,分别为net1qos和net2qos。
labels:
app: tomcattest
spec:
affinity: #亲和性配置,一种容器的调度策略
nodeAffinity: #节点亲和性,用于自定义选择Pod被调度的节点
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: beta.kubernetes.io/instance-type
operator: In
values:
- adcf1f03-9fda-4cc8-8d29-66f384ed6581
weight: 50
podAffinity: #应用亲和性,决定工作负载的Pod和哪些工作负载的Pod部署在同一个拓扑域
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: apps
operator: In
values:
- testbb
namespaces:
- space2woixyjc
topologyKey: kubernetes.io/hostname
weight: 100
podAntiAffinity: #应用反亲和性,决定工作负载的Pod不和哪些工作负载的Pod部署在同一个拓扑域
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: apps
operator: NotIn
values:
- testccc
topologyKey: kubernetes.io/hostname
weight: 100
containers:
- args: #命令参数
- --port=8080
command: #运行命令
- /bin/start
env: #环境变量,方便部署后灵活变更容器配置
- name: SERVICE_NAME
value: tomcattest
image: os-harbor-svc.default.svc.cloudos:443/user/1df71957d770436493a84f24d9344853/tomcat:8.0 #必填,容器使用的镜像地址
imagePullPolicy: IfNotPresent #必填,启动时检查和更新images的策略,Alaways(每次都检查)、Never(每次都不检查)、IfNotPresent(如果本地有就不检查,没有就拉取)
livenessProbe: #存活性检查
exec:
command:
- /bin/bash
- -c
- /tmp/healthy
failureThreshold: 12
initialDelaySeconds: 12
periodSeconds: 12
successThreshold: 1
timeoutSeconds: 10
name: tomcattest #必填,容器名称
readinessProbe: #可用性检查
failureThreshold: 1
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 3
successThreshold: 2
timeoutSeconds: 3
resources: #必填,容器规格
limits: #必填,运行限制,运行容器需要的最大资源规格
cpu: 300m #cpu资源
memory: 300Mi #内存使用量
requests: #必填,启动限制,运行容器需要的最小资源规格,所填值不能大于运行限制的值
cpu: 200m
memory: 200Mi
securityContext:
capabilities: #Linux内核能力
add:
- DAC_OVERRIDE
- FOWNER
- FSETID
privileged: false #在特权模式下运行容器,容器中的进程实质上等同于主机上的以root身份运行
readOnlyRootFilesystem: true #根文件系统只读权限
runAsUser: 0 #运行用户Uid
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /tmp #挂载路径
name: hostpath-dn2csq7m0
- mountPath: /tmppvc
name: pvc-htb3am891
- mountPath: /conf
name: cm-vhqj6sc90
- mountPath: /seca
name: secret-653i9fy20
dnsPolicy: ClusterFirst
hostIPC: true #是否使用主机的IPC命名空间
hostNetwork: true #是否使用主机的网络命名空间
hostPID: true #是否使用主机的PID命名空间
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
volumes: #支持configMap、secret、persistentVolumeClaim、hostPath等卷类型
- hostPath:
path: /etc/hosts
type: ""
name: hostpath-dn2csq7m0
- name: pvc-htb3am891
persistentVolumeClaim:
claimName: pvctesta
- name: secret-653i9fy20
secret:
defaultMode: 420
secretName: default-token-hb627
- configMap:
defaultMode: 420
name: confgg
name: cm-vhqj6sc90