部署等记录
Kubelet:负责在每个节点上管理容器,并与控制平面通信。
Kube Proxy:负责为 Pod 提供网络代理和负载均衡。
API Server:提供 Kubernetes 控制平面的 API,用于管理集群中的资源。
Controller Manager:用于处理控制器的核心组件,确保系统中的期望状态。
Scheduler:负责将新的 Pod 分配到集群中的节点上。
etcd:一种高度一致性的键值存储,用于保存集群的配置数据。
source <(kubectl completion bash)
vi /etc/sysconfig/network-scripts/ifcfg-ens33
systemctl restart network
hostnamectl set-hostname k8s-node1
firewall-cmd --state
systemctl stop firewalld
systemctl disable firewalld
sudo swapoff -a
yum install ntpdate -y
getenforce
setenforce 0
sed -i 's/enforcing/disabled/' /etc/selinux/config
sed -ri 's/.*swap.*/#&/' /etc/fstab
swapoff -a
lsmod | grep br_netfilter
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
EOF
modprobe br_netfilter
lsmod | grep br_netfilter
sysctl --system
rp_filter
yum -y install ipset ipvsadm
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
lsmod | grep -e ipvs -e nf_conntrack_ipv4
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum -y install docker-ce-18.06.3.ce-3.el7
systemctl enable docker && systemctl start docker
docker version
sudo mkdir -p /etc/docker
jsonsudo tee /etc/docker/daemon. <<-'EOF'
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://du3ia00u.mirror.aliyuncs.com"],
"live-restore": true,
"log-driver":"json-file",
"log-opts": {"max-size":"500m", "max-file":"3"},
"storage-driver": "overlay2"
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
yum install -y kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"
KUBE_PROXY_MODE="ipvs"
systemctl enable kubelet
kubeadm init \
--apiserver-advertise-address=192.168.154.3 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.18.0 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubeadm join 192.168.154.3:6443 --token hc6kr6.qak2cnm0pjj2sjfm \
--discovery-token-ca-cert-hash sha256:76aa8f93a66489352d45d9e1851a44fff7719d4e339508522005f47254b1ef01
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
kubectl get nodes
kubeadm token create --print-join-command
kubeadm token create --ttl 0 --print-join-command
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl get cs
kubectl cluster-info
kubectl create deployment nginx --image=nginx:1.14-alpine
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pods,svc
资源管理
所有的内容都抽象为资源,用户需要通过操作资源来管理Kubernetes
`kubectl` 是 Kubernetes 命令行工具,用于与 Kubernetes 集群进行交互和管理。以下是一些常见的 `kubectl` 命令以及它们的基本用途:
操作 资源类型 资源名称 指定参数
kubectl [command] [TYPE] [NAME] [flags]
Namespace是kubernetes系统中一种非常重要的资源,它的主要作用是用来实现多套系统的资源隔离或者多租户的资源隔离
Pod是kubernetes集群进行管理的最小单元,程序要运行必须部署在容器中,而容器必须存在于Pod中。
可以通过Label实现资源的多纬度分组,以便灵活、方便地进行资源分配、调度、配置和部署等管理工作