K8S的集群搭建与入门操作
搭建k8s集群
1.vagrant up创建三个虚拟机
Vagrantfile文件如下:
Vagrant.configure("2") do |config|
(1..3).each do |i|
config.vm.define "k8s-node#{i}" do |node|
# 设置虚拟机的Box
node.vm.box = "centos/7"
# 设置虚拟机的主机名
node.vm.hostname="k8s-node#{i}"
# 设置虚拟机的IP
node.vm.network "private_network", ip: "192.168.56.#{99+i}", netmask: "255.255.255.0"
# 设置主机与虚拟机的共享目录
# node.vm.synced_folder "~/Documents/vagrant/share", "/home/vagrant/share"
# VirtaulBox相关配置
node.vm.provider "virtualbox" do |v|
# 设置虚拟机的名称
v.name = "k8s-node#{i}"
# 设置虚拟机的内存大小
v.memory = 4096
# 设置虚拟机的CPU个数
v.cpus = 4
end
end
end
end2.设置每个虚拟机允许使用密码链接
vagrant ssh k8s-node1
vi /etc/ssh/sshd_config
将PasswordAuthentication no 修改为 yes
重启:service sshd restartNAT网络和前置环境
全局设定-网络-+号 - 创建出一个nat网络
单选一个虚拟机-设置-网络-链接方式选择"nat网络",mac地址重新生成一下
关掉防火墙
systemctl stop firewalld
systemctl disable firewalld关闭 selinux:
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0关闭 swap:
swapoff -a 临时
sed -ri 's/.*swap.*/#&/' /etc/fstab 永久
free -g 验证,swap 必须为 0;添加主机名与 IP 对应关系
vi /etc/hosts
10.0.2.15 k8s-node1
10.0.2.4 k8s-node2
10.0.2.5 k8s-node3将桥接的 IPv4 流量传递到 iptables 的链:
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system安装docker,kubelet,kubeadm,kubectl
Kubernetes 默认 CRI(容器运行时)为 Docker,因此先安装 Docker。
1.安装docker
按照之前的配置可成功:https://www.tinstu.com/2499.html
1、卸载系统之前的 docker
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine2、安装 Docker-CE
安装必须的依赖
sudo yum install -y yum-utils \
device-mapper-persistent-data \
lvm2设置 docker repo 的 yum 位置
sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
安装 docker,以及 docker-cli
sudo yum install -y docker-ce docker-ce-cli containerd.io3、配置 docker 加速.
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://ezla0tv0.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker4、启动 docker & 设置 docker 开机自启
systemctl enable docker添加阿里云的yum源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF3、安装 kubeadm,kubelet 和 kubectl
yum install -y kubelet-1.17.3 kubeadm-1.17.3 kubectl-1.17.3systemctl enable kubelet
systemctl start kubelet部署 k8s-master
1.节点初始化
执行master_images.sh
#!/bin/bash
images=(
kube-apiserver:v1.17.3
kube-proxy:v1.17.3
kube-controller-manager:v1.17.3
kube-scheduler:v1.17.3
coredns:1.6.5
etcd:3.4.3-0
pause:3.1
)
for imageName in ${images[@]} ; do
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
# docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
done
主节点 k8s-node(master)中执行
kubeadm init \
--apiserver-advertise-address=10.0.2.15 \
--image-repository registry.cn-hangzhou.aliyuncs.com/google_containers \ --kubernetes-version v1.17.3 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=10.244.0.0/16
-------------***-------------
上面5行,一定要删除每一行后面的空格,否者报错:
unknown command " " for “kubeadm init”
To see the stack trace of this error execute with --v=5 or higher2、测试 kubectl(主节点执行)
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
$ kubectl get nodes 获取所有节点上面不执行,执行下面的kubectl apply -f kube-flannel.yml 会报:
The connection to the server localhost:8080 was refused - did you specify the right host or port?journalctl -u kubelet 查看 kubelet 日志(先不执行,下一步执行)
kubeadm join 10.0.2.15:6443 --token psdfz7.jiadccmhb0vd6x6p \
--discovery-token-ca-cert-hash sha256:2bc2213accfdedde0895dbfb97f5d19e88902e2e35875140f60c669aa5acde10 安装 Pod 网络插件(CNI)
在上传的k8s文件夹下面执行:
kubectl apply -f kube-flannel.yml
kubectl get nodes 看到master为ready后执行
kubeadm join 10.0.2.15:6443 --token psdfz7.jiadccmhb0vd6x6p \
--discovery-token-ca-cert-hash sha256:2bc2213accfdedde0895dbfb97f5d19e88902e2e35875140f60c669aa5acde10 主节点中执行: watch kubectl get pod -n kube-system -o wide 都为running后执行 kubectl get nodes node1 node2 node3 都为readey
K8S入门
1.部署一个Tomcat
kubectl create deployment tomcat6 --image=tomcat:6.0.53-jre8kubectl get pods -o wide 可以获取到 tomcat 信息
2.暴露访问
kubectl expose deployment tomcat6 --port=80 --target-port=8080 --type=NodePortkubectl get svc 查看暴露在哪一个端口
本地访问:192.168.56.100:30059
3、动态扩容测试
扩容: kubectl scale --replicas=3 deployment tomcat6
扩容了多份,所有无论访问哪个 node 的指定端口,都可以访问到 tomcat6
删除
Kubectl get all
kubectl delete deploy/nginx
kubectl delete service/nginx-servicekubect
1、kubectl 文档
https://kubernetes.io/zh/docs/reference/kubectl/overview/
2、资源类型
https://kubernetes.io/zh/docs/reference/kubectl/overview/#%E8%B5%84%E6%BA%90%E7%B1%BB%E5%9E%8B
3、格式化输出
https://kubernetes.io/zh/docs/reference/kubectl/overview/#%E6%A0%BC%E5%BC%8F%E5%8C%96%E8%BE%93%E5%87%BA
4、常用操作
https://kubernetes.io/zh/docs/reference/kubectl/overview/#%E7%A4%BA%E4%BE%8B-%E5%B8%B8%E7%94%A8%E6%93%8D%E4%BD%9C
5、命令参考
https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands
Ingress
1)、部署 Ingress Controller
k8s文件夹下执行:kubectl apply -f ingress-controller.yml
2)、创建 Ingress 规则
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: web
spec:
rules: - host: tomcat6.atguigu.com
http:
paths: - backend:
serviceName: tomcat6
servicePort: 80
