为了做好运维面试路上的助攻手,特整理了上百道 【运维技术栈面试题集锦】 ,让你面试不慌心不跳,高薪offer怀里抱!
这次整理的面试题,小到shell、MySQL,大到K8s等云原生技术栈,不仅适合运维新人入行面试需要,还适用于想提升进阶跳槽加薪的运维朋友。
本份面试集锦涵盖了
- 174 道运维工程师面试题
- 128道k8s面试题
- 108道shell脚本面试题
- 200道Linux面试题
- 51道docker面试题
- 35道Jenkis面试题
- 78道MongoDB面试题
- 17道ansible面试题
- 60道dubbo面试题
- 53道kafka面试
- 18道mysql面试题
- 40道nginx面试题
- 77道redis面试题
- 28道zookeeper
总计 1000+ 道面试题, 内容 又全含金量又高
- 174道运维工程师面试题
1、什么是运维?
2、在工作中,运维人员经常需要跟运营人员打交道,请问运营人员是做什么工作的?
3、现在给你三百台服务器,你怎么对他们进行管理?
4、简述raid0 raid1raid5二种工作模式的工作原理及特点
5、LVS、Nginx、HAproxy有什么区别?工作中你怎么选择?
6、Squid、Varinsh和Nginx有什么区别,工作中你怎么选择?
7、Tomcat和Resin有什么区别,工作中你怎么选择?
8、什么是中间件?什么是jdk?
9、讲述一下Tomcat8005、8009、8080三个端口的含义?
10、什么叫CDN?
11、什么叫网站灰度发布?
12、简述DNS进行域名解析的过程?
13、RabbitMQ是什么东西?
14、讲一下Keepalived的工作原理?
15、讲述一下LVS三种模式的工作过程?
16、mysql的innodb如何定位锁问题,mysql如何减少主从复制延迟?
17、如何重置mysql root密码?
网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。
一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!
csr-kntm2 5m1s system:node:server4 Pending
[kubeadm@server1 ~]$ kubectl certificate approve csr-dzv8n
certificatesigningrequest.certificates.k8s.io/csr-dzv8n approved
[kubeadm@server1 ~]$ kubectl certificate approve csr-5tzf2
certificatesigningrequest.certificates.k8s.io/csr-5tzf2 approved
[kubeadm@server1 ~]$ kubectl certificate approve csr-kntm2
certificatesigningrequest.certificates.k8s.io/csr-kntm2 approved
签发完成再次查看
[kubeadm@server1 ~]$ kubectl get csr
NAME AGE REQUESTOR CONDITION
csr-5tzf2 8m11s system:node:server3 Approved,Issued
csr-dzv8n 9m46s system:node:server1 Approved,Issued
csr-kntm2 7m39s system:node:server4 Approved,Issued ##签发成功
证书也签发成功再次查看命令能否使用
[kubeadm@server1 ~]$ kubectl top node
Error from server (ServiceUnavailable): the server is currently unable to handle the request (get nodes.metrics.k8s.io)
依然有问题,继续查看日志
[kubeadm@server1 ~]$ kubectl logs -n kube-system metrics-server-64475bbf5d-nms65
I0304 05:53:24.480910 1 serving.go:312] Generated self-signed cert (/tmp/apiserver.crt, /tmp/apiserver.key)
I0304 05:53:25.546441 1 secure_serving.go:116] Serving securely on [::]:4443
这个是侯pod已经没有问题,下来就应该看看服务的问题。
[kubeadm@server1 ~]$ kubectl describe svc metrics-server -n kube-system
Name: metrics-server
Endpoints: 10.244.2.28:4443
[kubeadm@server1 ~]$ kubectl get pod -n kube-system -o wide
metrics-server-64475bbf5d-mfkzt 1/1 Running 0 5m44s 10.244.2.28 server3
两个ip地址相同说明已经找到,这么看服务没有问题。
再回来查看我们的api
[kubeadm@server1 ~]$ kubectl -n kube-system get apiservice
v1beta1.metrics.k8s.io kube-system/metrics-server False (FailedDiscoveryCheck) 71m
服务还是失败的。
[kubeadm@server1 ~]$ kubectl describe -n kube-system apiservice v1beta1.metrics.k8s.io
Message: failing or missing response from https://10.108.202.229:443/apis/metrics.k8s.io/v1beta1: Get https://10.108.202.229:443/apis/metrics.k8s.io/v1beta1: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
从这里看应该是网络的问题。
### 3.网络
从这里看应该是metrics-server-64475bbf5d-mfkzt的网络段和其他的网络段不一样所导致的。
[kubeadm@server1 ~]$ kubectl get pod -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-9d85f5447-rq9rj 1/1 Running 2 41h 10.244.2.26 server3
coredns-9d85f5447-spkdz 1/1 Running 2 41h 10.244.2.25 server3
etcd-server1 1/1 Running 3 41h 192.168.122.2 server1
kube-apiserver-server1 1/1 Running 3 41h 192.168.122.2 server1
kube-controller-manager-server1 1/1 Running 4 41h 192.168.122.2 server1
kube-flannel-ds-amd64-nmhbl 1/1 Running 2 40h 192.168.122.5 server4
kube-flannel-ds-amd64-qxz4d 1/1 Running 2 40h 192.168.122.4 server3
kube-flannel-ds-amd64-zqs9b 1/1 Running 3 40h 192.168.122.2 server1
kube-proxy-4blfr 1/1 Running 3 41h 192.168.122.2 server1
kube-proxy-4p7rg 1/1 Running 2 41h 192.168.122.5 server4
kube-proxy-9n5gp 1/1 Running 2 41h 192.168.122.4 server3
kube-scheduler-server1 1/1 Running 4 41h 192.168.122.2 server1
metrics-server-64475bbf5d-mfkzt 1/1 Running 0 13m 10.244.2.28 server3
解决方法修改网络
在配置文件metrics-server-deployment.yaml中添加一行`hostNetwork: true`
k8s-app: metrics-server
spec:
hostNetwork: true
serviceAccountName: metrics-server
再次查看,就发现配置已经生效,ip已经和其他处于同网段。
[kubeadm@server1 kubernetes]$ kubectl get pod -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
metrics-server-7cf4565bc6-9gkpw 1/1 Running 0 2m29s 192.168.122.5 server4
这样就可以进行使用了,并且可以进行采集了。
[kubeadm@server1 kubernetes]$ kubectl top node
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
server1 152m 7% 879Mi 50%
server3 42m 2% 324Mi 18%
server4 36m 1% 309Mi 17%
## Dashboard部署
从github上面复制文件
*https://github.com/kubernetes/dashboard/blob/v2.0.0-rc5/aio/deploy/recommended.yaml*
将镜像提前下好,或者直接在网上进行拉取都可以。
[kubeadm@server1 dashboard]$ kubectl create -f deploy.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
创建完成后如何访问,如果有图形界面直接使用kubernetes-dashboard的ip进行访问。
[kubeadm@server1 dashboard]$ kubectl get svc -n kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-metrics-scraper ClusterIP 10.109.74.40 8000/TCP 20s
kubernetes-dashboard ClusterIP 10.103.247.85 443/TCP 21s
如果没有图形界面那么就要将端口暴露出来。将type改为`nodeport`。
[kubeadm@server1 dashboard]$ kubectl edit svc -n kubernetes-dashboard kubernetes-dashboard
service/kubernetes-dashboard edited
[kubeadm@server1 dashboard]$ kubectl get svc -n kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-metrics-scraper ClusterIP 10.109.74.40 8000/TCP 62s
kubernetes-dashboard NodePort 10.103.247.85 443:30319/TCP 63s
暴露完成查看kubernetes-dashboard在哪个节点上部署的,那么就用那个节点的ip进行访问。
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200304184606420.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3Bhc3NuZXRZ,size_16,color_FFFFFF,t_70)
访问的是侯记得使用https方法,使用证书加密的方式。
进入界面后我们使用token的方式进行登陆。
如何找到token,首先找到对应的sa,因为sa和token是绑定的。
[kubeadm@server1 dashboard]$ kubectl -n kubernetes-dashboard get sa
NAME SECRETS AGE
default 1 10m
kubernetes-dashboard 1 10m
[kubeadm@server1 dashboard]$ kubectl -n kubernetes-dashboard describe sa kubernetes-dashboard
Name: kubernetes-dashboard
Namespace: kubernetes-dashboard
Labels: k8s-app=kubernetes-dashboard
Annotations:
Image pull secrets:
Mountable secrets: kubernetes-dashboard-token-nvd76
Tokens: kubernetes-dashboard-token-nvd76 ##这里就是我们要找的token
Events:
接着再使用命令拿到token,将下面的token复制进行登陆。
[kubeadm@server1 dashboard]$ kubectl -n kubernetes-dashboard describe secrets kubernetes-dashboard-token-nvd76
Name: kubernetes-dashboard-token-nvd76
Namespace: kubernetes-dashboard
Labels:
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard
kubernetes.io/service-account.uid: 2a74d749-0136-41fb-aa01-73c23e9cdc3e
Type: kubernetes.io/service-account-token
Data
token: eyJhbGciOiJSUzI1NiIsImtpZCI6ImhfMlg3TDBmNVFHOGt0UHY4RTVpVDdwNnhwZG9zT3ZjX1otSU1MN2ltcXcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1udmQ3NiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjJhNzRkNzQ5LTAxMzYtNDFmYi1hYTAxLTczYzIzZTljZGMzZSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.d5qwUlS4OLscaBen8nrDnS75FGT1Kgi0x-ydA3V6TBaaAxnw7iYXfmYOAcd2y2ZU_mDN2cJHpv53LWCzqp5HrapJG9tY8jCtavzbypS_h2mFg7uevbaObtUBPULl6n1kJzkKKcV7i5dffEUsr_XtreO11iZVvac2-Zg9cYO3Tl-1_HLXdm4EpAeSKCLAt1UL8A35NOIk-SdEfVIofyeFmM2Ttfs8WxpKCeahQDquE0-InQC3PpfOe8WkszPw7yzG5C1Ll8Z8xg4vzYqA263UzdAt7rUnM3af8ZjJVC-ezQhT1IHeHmJrI_7t57SBn171lE-wfw55pf2QYidHTZMBKQ
ca.crt: 1025 bytes
namespace: 20 bytes
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200304184636445.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3Bhc3NuZXRZ,size_16,color_FFFFFF,t_70)
登陆上来没有什么权限,因为当初的绑定就没有给多少,只有node和pod的权限。所以我们从新设置rbac
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200304184717488.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3Bhc3NuZXRZ,size_16,color_FFFFFF,t_70)
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。
一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。
一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!