标签:pods 网络 声明 set nts 问题: win packages cer
文章目录
环境信息
安装步骤
系统配置修改
安装docker
安装kubectl,kubelet,kubeadm
配置Master
配置Node
部署结果检查
K8S部署mysql学习
新建mysql-rc.yaml
创建mysql-svc.yaml
安装
K8S部署JAVA应用
创建deployment
创建service
更新deployment
其他命令
参考
K8S Deployment 命令
环境信息
名称: 版本
Docker 18.06.1-ce
操作系统 Ubuntu16.04
K8s v1.13.2
机器信息
IP 作用 组件
10.2.14.78 Master
10.2.14.79 Node
10.2.14.80 Node
安装步骤
系统配置修改
禁用swap
swapoff -a
同时把/etc/fstab包含swap那行记录删掉。
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
1
2
禁用Selinux
apt install selinux-utils
setenforce 0
1
2
各主机的主机名及ip配置。
本次实战中一共用到三台主机,一台用于Master的部署,领导两台分别为node1和node2。主机名和IP的对应关系如下:
wangcf-k8s-m 10.2.14.78
wangcf-k8s-n1 10.2.14.79
wangcf-k8s-n2 10.2.14.80
1
2
3
同事在每台机器的/etc/hosts配置如下
10.2.14.78 wangcf-k8s-m
10.2.14.79 wangcf-k8s-n1
10.2.14.80 wangcf-k8s-n2
1
2
3
安装docker
在Master和Node节点分别执行如下操作
先安装相关工具
apt-get update && apt-get install -y apt-transport-https curl
1
添加密钥
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
1
安转docker
apt-get install docker.io -y
1
查看docker版本
root@ubuntu:~# docker version
Client:
Version: 18.06.1-ce
API version: 1.38
Go version: go1.10.4
Git commit: e68fc7a
Built: Thu Nov 15 21:12:47 2018
OS/Arch: linux/amd64
Experimental: false
Server:
Engine:
Version: 18.06.1-ce
API version: 1.38 (minimum version 1.12)
Go version: go1.10.4
Git commit: e68fc7a
Built: Sun Nov 11 21:53:22 2018
OS/Arch: linux/amd64
Experimental: false
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
启动docker service
systemctl enable docker
systemctl start docker
systemctl status docker
1
2
3
使用阿里云加速器
由于网络原因,我们在pull Image 的时候,从Docker Hub上下载会很慢。
修改文件
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://alzgoonw.mirror.aliyuncs.com"],
"live-restore": true
}
1
2
3
4
5
重起docker服务
systemctl daemon-reload
systemctl restart docker
1
2
安装kubectl,kubelet,kubeadm
在Master和Node节点分别执行如下操作
接下来添加秘钥
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
1
经测试这里可能报错: gpg:no valid OpenPGP data found
注意:需要通过下面两条命令来解决:curl -O https://packages.cloud.google.com/apt/doc/apt-key.gpg 先保存一个apt-key.gpg的文件,再通过apt-key add apt-key.gpg来加载。
添加Kubernetes软件源
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
1
2
3
4
上面是官方的源,国内不通需要修改为如下
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main
EOF
1
2
3
安装
# apt-get update && apt-get install -y kubelet kubeadm kubectl
# systemctl enable kubelet
1
2
– 修改源—
问题:apt-get update 错误超时,被墙了。需要修改apt-get的源,采用ustc源
vim /etc/apt/sources.list.d/kubernetes.list
增加内容如下,然后重新安装
# deb http://apt.kubernetes.io/ kubernetes-xenial main
deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main
1
2
注:ubuntu16.04 代号为xenial
配置Master
在/etc/profile 下面增加如下环境变量
export KUBECONFIG=/etc/kubernetes/admin.conf
1
# 重起kubelet
systemctl daemon-reload
systemctl restart kubelet
1
2
3
在master节点上执行
kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.2.14.78 --kubernetes-version=v1.13.2 --ignore-preflight-errors=Swap
1
–pod-network-cidr是指配置节点中的pod的可用IP地址,此为内部IP
–apiserver-advertise-address 为master的IP地址
–kubernetes-version 通过kubectl version 可以查看到
不幸的是报错, k8s.gcr.io 被墙了,镜像下载失败
[preflight] You can also perform this action in beforehand using ‘kubeadm config images pull‘
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-apiserver:v1.13.2: output: Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
, error: exit status 1
........
1
2
3
4
5
根据报错信息,在国内网站站上找到相关的镜像(docker需要配置阿里云的镜像仓库)
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.13.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.13.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.13.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.2.24
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.2.6
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.13.2
1
2
3
4
5
6
7
把这些images重新tag一下。
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.13.2 k8s.gcr.io/kube-controller-manager:v1.13.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.13.2 k8s.gcr.io/kube-scheduler:v1.13.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.13.2 k8s.gcr.io/kube-proxy:v1.13.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.13.2 k8s.gcr.io/kube-apiserver:v1.13.2
1
2
3
4
5
6
7
重新执行
kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.2.14.78 --kubernetes-version=v1.13.2 --ignore-preflight-errors=Swap
1
输出结果如下,其中最后一行是节点加入master集群需要的命令
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join 10.2.14.78:6443 --token h7u22o.nk23ias5f1ft8hj9 --discovery-token-ca-cert-hash sha256:9f93785608c9a9de3e5d74e9ed30b8302691abfee7efd946a8c1b80d8582fe92
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
在安装完Master节点后,查看节点信息( kubectl get nodes)会发现节点的状态为noready。查看noready的原因发现是由于cni插件没有配置。其实这是由于还没有配置网络。可以配置多种网络,这里作者选用最长远的fannel网络进行配置。
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
1
配置Node
在各个node节点执行如下命令(对应master配置返回的 kubeadm join命令),加入master集群
kubeadm join 10.2.14.78:6443 --token h7u22o.nk23ias5f1ft8hj9 --discovery-token-ca-cert-hash sha256:9f93785608c9a9de3e5d74e9ed30b8302691abfee7efd946a8c1b80d8582fe92
1
在master查看nodes状态,Node的状态为NotReady
root@wangcf-k8s-m:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
wangcf-k8s-m Ready master 20m v1.13.2
wangcf-k8s-n1 NotReady <none> 8m21s v1.13.2
wangcf-k8s-n2 NotReady <none> 2m40s v1.13.2
1
2
3
4
5
查看pod状态,部分服务没有正常启动,原因是各个node也缺少镜像,需要手动下载,按照在master手动下载镜像的方式下载即可
root@wangcf-k8s-m:~# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-86c58d9df4-hpbbh 0/1 ContainerCreating 0 18m
kube-system coredns-86c58d9df4-qj56q 0/1 ContainerCreating 0 18m
kube-system etcd-wangcf-k8s-m 1/1 Running 2 17m
kube-system kube-apiserver-wangcf-k8s-m 1/1 Running 2 17m
kube-system kube-controller-manager-wangcf-k8s-m 1/1 Running 2 17m
kube-system kube-flannel-ds-amd64-bskks 0/1 Init:0/1 0 2m34s
kube-system kube-flannel-ds-amd64-rdnw2 1/1 Running 0 2m34s
kube-system kube-flannel-ds-amd64-sdbxj 0/1 Init:0/1 0 55s
kube-system kube-proxy-6h6rv 0/1 ContainerCreating 0 55s
kube-system kube-proxy-fsfwq 0/1 ContainerCreating 0 6m36s
kube-system kube-proxy-z7dqx 1/1 Running 2 18m
kube-system kube-scheduler-wangcf-k8s-m 1/1 Running 2 17m
1
2
3
4
5
6
7
8
9
10
11
12
13
14
部署结果检查
root@wangcf-k8s-m:~# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-86c58d9df4-9ptww 1/1 Running 0 4m9s
kube-system coredns-86c58d9df4-xg78d 1/1 Running 0 4m9s
kube-system etcd-wangcf-k8s-m 1/1 Running 2 24m
kube-system kube-apiserver-wangcf-k8s-m 1/1 Running 2 24m
kube-system kube-controller-manager-wangcf-k8s-m 1/1 Running 2 24m
kube-system kube-flannel-ds-amd64-bskks 0/1 Init:0/1 0 9m42s
kube-system kube-flannel-ds-amd64-rdnw2 1/1 Running 0 9m42s
kube-system kube-flannel-ds-amd64-sdbxj 0/1 Init:0/1 0 8m3s
kube-system kube-proxy-6h6rv 1/1 Running 0 8m3s
kube-system kube-proxy-fsfwq 1/1 Running 0 13m
kube-system kube-proxy-z7dqx 1/1 Running 2 25m
kube-system kube-scheduler-wangcf-k8s-m 1/1 Running 2 24m
root@wangcf-k8s-m:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
wangcf-k8s-m Ready master 26m v1.13.2
wangcf-k8s-n1 NotReady <none> 14m v1.13.2
wangcf-k8s-n2 Ready <none> 8m21s v1.13.2
root@wangcf-k8s-m:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
wangcf-k8s-m Ready master 26m v1.13.2
wangcf-k8s-n1 NotReady <none> 14m v1.13.2
wangcf-k8s-n2 Ready <none> 8m24s v1.13.2
root@wangcf-k8s-m:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
wangcf-k8s-m Ready master 26m v1.13.2
wangcf-k8s-n1 NotReady <none> 14m v1.13.2
wangcf-k8s-n2 Ready <none> 8m31s v1.13.2
root@wangcf-k8s-m:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
wangcf-k8s-m Ready master 26m v1.13.2
wangcf-k8s-n1 Ready <none> 14m v1.13.2
wangcf-k8s-n2 Ready <none> 9m5s v1.13.2
root@wangcf-k8s-m:~# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health": "true"}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
K8S部署mysql学习
新建mysql-rc.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: mysql-rc
labels:
name: mysql-rc
spec:
replicas: 1
selector:
name: mysql-pod
template:
metadata:
labels:
name: mysql-pod
spec:
containers:
- name: mysql
image: mysql
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: "password"
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
创建mysql-svc.yaml
[root@k8s-master ~]# cat mysql-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql-svc
labels:
name: mysql-svc
spec:
type: NodePort
ports:
- port: 3306
protocol: TCP
targetPort: 3306
name: http
nodePort: 30000
selector:
name: mysql-pod
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
安装
k8s 执行文件,下载mysql镜像和运行mysqlr容器
[root@k8s-master ~]# kubectl create -f mysql-rc.yaml
replicationcontroller "mysql-rc" created
[root@k8s-master ~]# kubectl create -f mysql-svc.yaml
service "mysql-svc" created
1
2
3
4
在其中一台node节点上看到mysql容器实例已启动
root@wangcf-k8s-n1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
338cd4b675ab mysql "docker-entrypoint.s…" 15 hours ago Up 15 hours k8s_mysql_mysql-rc-d5zht_default_f55914bc-1a49-
1
2
3
进入容器看到mysql的版本为 8.0.13
root@wangcf-k8s-n1:~# docker exec -it 338cd4b675ab bash
root@mysql-rc-d5zht:/# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 23
Server version: 8.0.13 MySQL Community Server - GPL
1
2
3
4
5
6
设置root远程访问
$mysql -u root -p
Enter password:
mysql> use mysql;
mysql> GRANT ALL ON *.* TO ‘root‘@‘%‘;
Query OK, 0 rows affected (0.04 sec)
mysql> ALTER USER ‘root‘@‘%‘ IDENTIFIED WITH mysql_native_password BY ‘password‘;
Query OK, 0 rows affected (0.01 sec)
1
2
3
4
5
6
7
8
最后在mysql客户端连接mysql容器实例
IP:(任意master或node节点IP)
用户名:root
密码:password 【设置的密码】
端口:30000 【设置的端口】
K8S部署JAVA应用
采用deployment方式部署java应用,应用的名称为demo。
通过docker pull wangchunfa/demo 可以下载改测试应用,是一个spring boot项目,对外暴露的端口是8771.
构建docker镜像请参考另一篇博文 《Spring boot项目部署到Docker环境》
创建deployment
新建文件demo_deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: demo-deployment
spec:
replicas: 1
selector:
matchLabels:
app: demo
template:
metadata:
labels:
app: demo
spec:
containers:
- name: wangcf-demo
image: wangchunfa/demo:latest
ports:
- containerPort: 8771
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
注意:apiVersion写apps/v1
1.6版本之前 apiVsersion:extensions/v1beta1
1.6版本到1.9版本之间:apps/v1beta1
1.9版本之后:apps/v1
1
2
3
创建一个deployment部署和查看状态, 最终可以看到我们的应用程序被部署上去了
root@wangcf-k8s-m:~/demo_deployment# kubectl create -f demo_deployment.yaml --record
deployment.apps/demo-deployment created
root@wangcf-k8s-m:~/demo_deployment# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
demo-deployment 1/1 1 1 10s
root@wangcf-k8s-m:~/demo_deployment# kubectl get rs
NAME DESIRED CURRENT READY AGE
demo-deployment-9c754c4d9 1 1 1 10s
1
2
3
4
5
6
7
8
执行命令kubectl get pods -o wide,注意IP列,显示是内部POD网络的IP地址,而不是Node的IP地址
root@wangcf-k8s-m:~/demo_deployment# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo-deployment-9c754c4d9-zp8wl 1/1 Running 0 69s 10.244.1.7 wangcf-k8s-n1 <none> <none>
mysql-rc-d5zht 1/1 Running 0 10d 10.244.1.2 wangcf-k8s-n1 <none> <none>
1
2
3
4
测试应用,正常返回。其中
root@wangcf-k8s-n1:~# curl http://10.244.1.7:8771/api/v1/product/find?id=2
{"id":2,"name":"冰箱 data from port=8771","price":5342,"store":19}
1
2
创建service
采用expose 快捷部署
kubectl expose deployment demo-deployment --type=NodePort --name=demo-svc
root@wangcf-k8s-m:~/demo_deployment# kubectl expose deployment demo-deployment --type=NodePort --port=8771 --protocol=TCP --target-port=30001 --name=demo-svc
service/demo-svc exposed
root@wangcf-k8s-m:~/demo_deployment# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
demo-svc NodePort 10.107.171.26 <none> 8771:31538/TCP 6s
1
2
3
4
5
–port=8771 容器暴露的端口
–target-port=30002 service提供对外访问的端口,目前看不能指定端口
–name=demo-svc 指定service名称
–protocol=TCP 容器内应用对外服务暴露的访问协议
测试应用访问,成功!
root@wangcf-k8s-m:~/demo_deployment# curl http://10.2.14.78:30272/api/v1/product/find?id=2
{"id":2,"name":"冰箱 data from port=8771","price":5342,"store":19}root@wangcf-k8s-m:~/demo_deployment#
1
2
更新deployment
将rs的副本增大为2
root@wangcf-k8s-m:~# kubectl scale deployment demo-deployment --replicas 2
deployment.extensions/demo-deployment scaled
root@wangcf-k8s-m:~/demo_deployment# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
demo-deployment 2/2 2 2 23m
1
2
3
4
5
其他命令
删除deployment
# kubectl delete deployment demo-deployment
1
查看deployment
# kubectl describe deployment demo-deployment
1
查看历史记录
root@wangcf-k8s-m:~/demo_deployment# kubectl rollout history deployment/demo-deployment
deployment.extensions/demo-deployment
REVISION CHANGE-CAUSE
1 kubectl create --filename=demo_deployment.yaml --record=true
1
2
3
4
查看单个revision 的详细信息:
root@wangcf-k8s-m:~/demo_deployment# kubectl rollout history deployment demo-deployment --revision=1
deployment.extensions/demo-deployment with revision #1
Pod Template:
Labels: app=demo
pod-template-hash=9c754c4d9
Annotations: kubernetes.io/change-cause: kubectl create --filename=demo_deployment.yaml --record=true
Containers:
wangcf-demo:
Image: wangchunfa/demo:latest
Port: 8771/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
参考
国内环境Kubernetes v1.12.1的安装与配置
kubernetes部署mysql
K8S Deployment 命令
————————————————
版权声明:本文为CSDN博主「火星冰糖」的原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/wangchunfa122/article/details/86529406
标签:pods 网络 声明 set nts 问题: win packages cer
原文地址:https://www.cnblogs.com/ExMan/p/11613750.html