# Kubernetes中的Pod怎么用
## 目錄
1. [Pod基礎概念](#pod基礎概念)
2. [Pod生命周期](#pod生命周期)
3. [Pod配置詳解](#pod配置詳解)
4. [Pod網絡與存儲](#pod網絡與存儲)
5. [Pod調度與親和性](#pod調度與親和性)
6. [Pod安全與資源管理](#pod安全與資源管理)
7. [Pod調試與故障排查](#pod調試與故障排查)
8. [Pod最佳實踐](#pod最佳實踐)
9. [Pod高級特性](#pod高級特性)
10. [總結](#總結)
---
## Pod基礎概念
### 什么是Pod
Pod是Kubernetes中最小的可部署計算單元,代表集群中運行的單個進程。一個Pod包含:
- 一個或多個容器(緊密耦合)
- 共享存儲/網絡資源
- 容器運行規范
```yaml
# 最簡單的Pod示例
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
spec:
containers:
- name: nginx
image: nginx:1.14.2
共享命名空間:
臨時存儲:
生命周期:
| 特性 | 容器 | Pod |
|---|---|---|
| 隔離性 | 完全隔離 | 部分共享 |
| 調度單元 | 不可直接調度 | 最小調度單元 |
| 網絡 | 獨立網絡棧 | 共享網絡棧 |
kubectl get pod <pod-name> -o jsonpath='{.status.phase}'
conditions:
- type: Initialized
status: "True"
- type: Ready
status: "False"
reason: "ContainersNotReady"
livenessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 3
periodSeconds: 3
apiVersion: v1
kind: Pod
metadata:
name: complex-pod
labels:
app: frontend
env: prod
spec:
containers:
- name: web
image: nginx
ports:
- containerPort: 80
resources:
requests:
cpu: "0.5"
memory: "512Mi"
limits:
cpu: "1"
memory: "1Gi"
- name: logger
image: busybox
command: ["sh", "-c", "tail -f /dev/null"]
restartPolicy: Always
nodeSelector:
disktype: ssd
volumes:
- name: shared-data
emptyDir: {}
- name: config-volume
configMap:
name: app-config
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values: ["amd64"]
securityContext:
runAsUser: 1000
capabilities:
add: ["NET_ADMIN"]
kubectl describe pod <pod-name>
kubectl logs <pod-name> -c <container-name>
kubectl exec -it <pod-name> -- /bin/sh
initContainers:
- name: init-db
image: busybox
command: ['sh', '-c', 'until nslookup db-service; do echo waiting; sleep 2; done']
