如何给 Kubernetes Daemonset 打补丁
How to patch Kubernetes Daemonset
每次我希望公开新的 TCP 端口时,我都需要修补我的 nginx-ingress 守护进程。我查看了文档,但无法理解正确的 kubectl 补丁语法来执行补丁。 yaml 的摘录如下:
spec:
revisionHistoryLimit: 10
selector:
matchLabels:
name: nginx-ingress-microk8s
template:
metadata:
creationTimestamp: null
labels:
name: nginx-ingress-microk8s
spec:
containers:
- args:
- /nginx-ingress-controller
- --configmap=$(POD_NAMESPACE)/nginx-load-balancer-microk8s-conf
- --default-backend-service=ingress/custom-default-backend
- --tcp-services-configmap=$(POD_NAMESPACE)/nginx-ingress-tcp-microk8s-conf
- --udp-services-configmap=$(POD_NAMESPACE)/nginx-ingress-udp-microk8s-conf
- --ingress-class=public
- ' '
- --publish-status-address=127.0.0.1
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: k8s.gcr.io/ingress-nginx/controller:v0.44.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec:
command:
- /wait-shutdown
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
name: nginx-ingress-microk8s
ports:
- containerPort: 80
hostPort: 80
name: http
protocol: TCP
- containerPort: 443
hostPort: 443
name: https
protocol: TCP
- containerPort: 10254
hostPort: 10254
name: health
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
resources: {}
我想使用 kubectl 补丁在端口下附加另一个端口定义,即
- containerPort: 1234
hostPort: 1234
name: my-port-1234
protocol: TCP
修补配置映射很简单,使用:
kubectl patch configmap nginx-ingress-tcp-microk8s-conf -n ingress --type merge -p '{"data":{"1234":"namespace1/api-connect:1234"}}'
但我无法理解如何修改命令以应对 Daemonset 所需的更复杂的更新。
非常感谢收到的任何帮助。谢谢
试试这个命令:
kubectl patch ds/name --type='json' -p='[{"op": "add", "path": "/spec/template/spec/containers/0/ports/1", "value":{"containerPort":8888,"name":"http"}}]'
正如 David 在评论中提到的那样,最好将每个更改都置于版本控制之下。
但是如果你真的需要这样做,这里是命令:
kubectl patch ds -n ingress nginx-ingress-microk8s-controller --type='json' -p='[{"op": "add", "path": "/spec/template/spec/containers/0/ports/-", "value":{"containerPort":1234,"name":"my-port-1234","hostPort":1234,"protocol":"TCP"}}]'
patch 命令在 k8s 文档中有解释:update-api-object-kubectl-patch,
json 类型补丁的详细信息在 rfc6902.
中进行了说明
每次我希望公开新的 TCP 端口时,我都需要修补我的 nginx-ingress 守护进程。我查看了文档,但无法理解正确的 kubectl 补丁语法来执行补丁。 yaml 的摘录如下:
spec:
revisionHistoryLimit: 10
selector:
matchLabels:
name: nginx-ingress-microk8s
template:
metadata:
creationTimestamp: null
labels:
name: nginx-ingress-microk8s
spec:
containers:
- args:
- /nginx-ingress-controller
- --configmap=$(POD_NAMESPACE)/nginx-load-balancer-microk8s-conf
- --default-backend-service=ingress/custom-default-backend
- --tcp-services-configmap=$(POD_NAMESPACE)/nginx-ingress-tcp-microk8s-conf
- --udp-services-configmap=$(POD_NAMESPACE)/nginx-ingress-udp-microk8s-conf
- --ingress-class=public
- ' '
- --publish-status-address=127.0.0.1
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: k8s.gcr.io/ingress-nginx/controller:v0.44.0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec:
command:
- /wait-shutdown
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
name: nginx-ingress-microk8s
ports:
- containerPort: 80
hostPort: 80
name: http
protocol: TCP
- containerPort: 443
hostPort: 443
name: https
protocol: TCP
- containerPort: 10254
hostPort: 10254
name: health
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 10254
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
resources: {}
我想使用 kubectl 补丁在端口下附加另一个端口定义,即
- containerPort: 1234
hostPort: 1234
name: my-port-1234
protocol: TCP
修补配置映射很简单,使用:
kubectl patch configmap nginx-ingress-tcp-microk8s-conf -n ingress --type merge -p '{"data":{"1234":"namespace1/api-connect:1234"}}'
但我无法理解如何修改命令以应对 Daemonset 所需的更复杂的更新。
非常感谢收到的任何帮助。谢谢
试试这个命令:
kubectl patch ds/name --type='json' -p='[{"op": "add", "path": "/spec/template/spec/containers/0/ports/1", "value":{"containerPort":8888,"name":"http"}}]'
正如 David 在评论中提到的那样,最好将每个更改都置于版本控制之下。
但是如果你真的需要这样做,这里是命令:
kubectl patch ds -n ingress nginx-ingress-microk8s-controller --type='json' -p='[{"op": "add", "path": "/spec/template/spec/containers/0/ports/-", "value":{"containerPort":1234,"name":"my-port-1234","hostPort":1234,"protocol":"TCP"}}]'
patch 命令在 k8s 文档中有解释:update-api-object-kubectl-patch, json 类型补丁的详细信息在 rfc6902.
中进行了说明