kubeadm搭建k8s v1.5.2+calico+glusterfs

最新推荐文章于 2024-10-17 09:38:24 发布
最新推荐文章于 2024-10-17 09:38:24 发布
阅读量252 收藏
点赞数
文章标签: 运维 java 网络
原文链接:https://my.oschina.net/u/1791060/blog/830023
版权

2019独角兽企业重金招聘Python工程师标准>>> hot3.png

##环境

docker1 centos7 192.168.75.200

docker2 centos7 192.168.75.201

docker3 centos7 192.168.75.202

物理网络 192.168.75.1/24

Docker version 1.10.3, build 3999ccb-unsupported ,安装过程略

##1.安装kubernetes

安装请参考官网https://kubernetes.io/docs/getting-started-guides/kubeadm/

####安装kubelet,kubectl和kubeadm

# cat <<EOF > /etc/yum.repos.d/kubernetes.repo

[kubernetes]

name=Kubernetes

baseurl=http://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64

enabled=1

gpgcheck=0

repo_gpgcheck=0

EOF

# setenforce 0

####设置代理,不然国内连不上google,45.76.203.146:3129是我在墙外的一个squid服务器

# ssh -N -L 3129:127.0.0.1:3129 root@45.76.203.146

# export http_proxy=http://127.0.0.1:3129

# yum install -y docker kubelet kubeadm kubectl kubernetes-cni

# unset http_proxy

# systemctl enable docker && systemctl start docker

# systemctl enable kubelet && systemctl start kubelet

####初始化master

# kubeadm init

[kubeadm] WARNING: kubeadm is in alpha, please do not use it for production clusters.
[preflight] Running pre-flight checks
[preflight] Starting the kubelet service
[init] Using Kubernetes version: v1.5.2
[tokens] Generated token: "eb2b99.e5d156dd860ef80d"
[certificates] Generated Certificate Authority key and certificate.
[certificates] Generated API Server key and certificate
[certificates] Generated Service Account signing keys
[certificates] Created keys and certificates in "/etc/kubernetes/pki"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/admin.conf"
[apiclient] Created API client, waiting for the control plane to become ready
到这里卡死,Ctrl+C终止

####被墙怎么办

因为gcr.io被墙了,另外一个quay.io网站的image打开也很慢,导致calico一直没正常启动

解决方案:

我是在国外一台服务器上开了个haproxy的tcp代理到gcr.io的443端口,再通过ssh把443端口映射到本地443端口,最后改hosts文件把gcr.io改为127.0.0.1

另外一个quay.io/calico/node的image我是导入的

通过docker save imageid >imageid.img 导出image

拷到k8s上再去docker load < imageid.img

再通过 docker rename imageid REPOSITORY:TAG 去重命名image

####再次初始化

# kubeadm init --pod-network-cidr=10.1.0.0/16

[kubeadm] WARNING: kubeadm is in alpha, please do not use it for production clusters.
[preflight] Running pre-flight checks
[preflight] Starting the kubelet service
[init] Using Kubernetes version: v1.5.2
[tokens] Generated token: "f2ebdb.c0223c3c42185110"
[certificates] Generated Certificate Authority key and certificate.
[certificates] Generated API Server key and certificate
[certificates] Generated Service Account signing keys
[certificates] Created keys and certificates in "/etc/kubernetes/pki"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/admin.conf"
[apiclient] Created API client, waiting for the control plane to become ready
[apiclient] All control plane components are healthy after 22.639406 seconds
[apiclient] Waiting for at least one node to register and become ready
[apiclient] First node is ready after 1.506328 seconds
[apiclient] Creating a test deployment
[apiclient] Test deployment succeeded
[token-discovery] Created the kube-discovery deployment, waiting for it to become ready
[token-discovery] kube-discovery is ready after 3.005029 seconds
[addons] Created essential addon: kube-proxy
[addons] Created essential addon: kube-dns

Your Kubernetes master has initialized successfully!

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
    http://kubernetes.io/docs/admin/addons/

You can now join any number of machines by running the following on each node:

kubeadm join --token=5a674b.d33b282a7825fd65 192.168.75.201

####node加入master

# kubeadm join --token=5a674b.d33b282a7825fd65 192.168.75.201

[kubeadm] WARNING: kubeadm is in alpha, please do not use it for production clusters.
[preflight] Running pre-flight checks
[preflight] Starting the kubelet service
[tokens] Validating provided token
[discovery] Created cluster info discovery client, requesting info from "http://192.168.75.201:9898/cluster-info/v1/?token-id=5a674b"
[discovery] Cluster info object received, verifying signature using given token
[discovery] Cluster info signature and contents are valid, will use API endpoints [https://192.168.75.201:6443]
[bootstrap] Trying to connect to endpoint https://192.168.75.201:6443
[bootstrap] Detected server version: v1.5.2
[bootstrap] Successfully established connection with endpoint "https://192.168.75.201:6443"
[csr] Created API client to obtain unique certificate for this node, generating keys and certificate signing request
[csr] Received signed certificate from the API server:
Issuer: CN=kubernetes | Subject: CN=system:node:docker1 | CA: false
Not before: 2017-01-22 05:00:00 +0000 UTC Not After: 2018-01-22 05:00:00 +0000 UTC
[csr] Generating kubelet configuration
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"

Node join complete:
* Certificate signing request sent to master and response
  received.
* Kubelet informed of new secure connection details.

Run 'kubectl get nodes' on the master to see this machine join.

####在master上查看node

# kubectl get nodes

NAME      STATUS         AGE
docker1   Ready          46s
docker2   Ready,master   11m

####k8s配置安装calico及插件,也可以把文件下下来修改

# cd /etc/kubernetes && wget http://docs.projectcalico.org/v2.0/getting-started/kubernetes/installation/hosted/kubeadm/calico.yaml

修改calico.yaml,修改etcd地址calico的cidr

修改etcd_endpoint,这个是自己搭建的etcd

......
cidr: 10.1.0.0/16
......

# kubectl apply -f calico.yaml

####安装dashboard

# cd /etc/kubernetes && wget https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml Accessing

# kubectl apply -f kubernetes-dashboard.yaml deployment "kubernetes-dashboard" created service "kubernetes-dashboard" created

####查看namespace为kube-system下的pod运行情况

# kubectl get po -o wide --namespace=kube-system

NAME                                       READY     STATUS    RESTARTS   AGE       IP               NODE
calico-etcd-ncsts                          1/1       Running   0          1h        192.168.75.201   docker2
calico-node-qlc5c                          2/2       Running   0          1h        192.168.75.200   docker1
calico-node-xvmvf                          2/2       Running   0          1h        192.168.75.201   docker2
calico-policy-controller-807063459-2jh90   1/1       Running   0          1h        192.168.75.200   docker1
dummy-2088944543-xhc51                     1/1       Running   0          1h        192.168.75.201   docker2
etcd-docker2                               1/1       Running   0          1h        192.168.75.201   docker2
kube-apiserver-docker2                     1/1       Running   0          1h        192.168.75.201   docker2
kube-controller-manager-docker2            1/1       Running   0          1h        192.168.75.201   docker2
kube-discovery-1769846148-f66cz            1/1       Running   0          1h        192.168.75.201   docker2
kube-dns-2924299975-k7bbj                  4/4       Running   65         1h        10.1.72.134      docker1
kube-proxy-9bdlh                           1/1       Running   0          1h        192.168.75.200   docker1
kube-proxy-c02sl                           1/1       Running   0          1h        192.168.75.201   docker2
kube-scheduler-docker2                     1/1       Running   0          1h        192.168.75.201   docker2
kubernetes-dashboard-3203831700-g2v0c      1/1       Running   17         1h        10.1.72.135      docker1

####访问dashboard

默认通过master访问dashboard要认证

可以通过kubeproxy访问

# kubectl proxy --accept-hosts='192.168.75.201' --address='192.168.75.201'

Starting to serve on 192.168.75.201:8001

打开http://192.168.75.201:8001/ui/

##2.安装glusterfs

因为环境里没那么多机器 只好复用了

在2台机器上安装安装glusterfs

# yum install centos-release-gluster38 -y

# yum install glusterfs{,-server,-fuse,-geo-replication,-libs,-api,-cli,-client-xlators} heketi -y

# systemctl start glusterd && systemctl enable glusterd

在docker1上执行gluster,和docker2建立集群

# gluster

gluster> peer probe 192.168.75.201
peer probe: success. 
gluster> peer status
Number of Peers: 1

Hostname: 192.168.75.201
Uuid: 5a50cb29-feaa-4935-8b2d-70e39a0557ba
State: Peer in Cluster (Connected)

####添加卷,测试后删除

gluster> volume create vol1 replica 2 192.168.75.200:/media/gfs 192.168.75.201:/media/gfs force
volume create: vol1: success: please start the volume to access data

####激活卷,测试后删除

gluster> volume start vol1
volume start: vol1: success

##3.配置heketi

# vi /etc/heketi/heketi.json

......
#修改端口,防止端口冲突
  "port": "1234",
......
#允许认证
  "use_auth": true,
......
#admin用户的key改为adminkey
      "key": "adminkey"
......
#修改执行插件为ssh,并配置ssh的所需证书,注意要能对集群中的机器免密ssh登陆,使用ssh-copy-id把pub key拷到每台glusterfs服务器上
    "executor": "ssh",
    "sshexec": {
      "keyfile": "/root/.ssh/id_rsa",
      "user": "root"
    },

    "_db_comment": "Database file name",
    "brick_min_size_gb" : 1,
    "db": "/var/lib/heketi/heketi.db"
  }

####启动heketi

# nohup heketi -config=/etc/heketi/heketi.json &

####配置heketi

注释每台glusterfs上的/etc/sudoers中的require tty,不然加第二个node死活报错,最后把日志级别调高才看到日志里有记录sudo提示require tty

#Defaults    requiretty

####添加cluster

# heketi-cli -user=admin -server=http://192.168.75.200:1234 -secret=adminkey -json=true cluster create

{"id":"d102a74079dd79aceb3c70d6a7e8b7c4","nodes":[],"volumes":[]}

####将3个glusterfs作为node添加到cluster

# heketi-cli -server="http://192.168.75.200:1234" -user="admin" -secret="adminkey" -json=true node add -cluster="d102a74079dd79aceb3c70d6a7e8b7c4" -management-host-name=192.168.75.200 -storage-host-name=192.168.75.200 -zone=1

{"zone":1,"hostnames":{"manage":["192.168.75.200"],"storage":["192.168.75.200"]},"cluster":"d102a74079dd79aceb3c70d6a7e8b7c4","id":"c3638f57b5c5302c6f7cd5136c8fdc5e","devices":[]}

# heketi-cli -server="http://192.168.75.200:1234" -user="admin" -secret="adminkey" -json=true node add -cluster="d102a74079dd79aceb3c70d6a7e8b7c4" -management-host-name=192.168.75.201 -storage-host-name=192.168.75.201 -zone=1

{"zone":1,"hostnames":{"manage":["192.168.75.201"],"storage":["192.168.75.201"]},"cluster":"d102a74079dd79aceb3c70d6a7e8b7c4","id":"0245885cb56c482828413002c7ee994c","devices":[]}

# heketi-cli -server="http://192.168.75.200:1234" -user="admin" -secret="adminkey" -json=true node add -cluster="d102a74079dd79aceb3c70d6a7e8b7c4" -management-host-name=192.168.75.202 -storage-host-name=192.168.75.202 -zone=1

{"zone":1,"hostnames":{"manage":["192.168.75.202"],"storage":["192.168.75.202"]},"cluster":"d102a74079dd79aceb3c70d6a7e8b7c4","id":"4c71d1213937ba01058b6cd7c9d84954","devices":[]}

####创建device,3台虚拟机上各添加了一块硬盘sdb

# heketi-cli -server="http://192.168.75.200:1234" -user="admin" -secret="adminkey" -json=true device add -name="/dev/sdb" -node="c3638f57b5c5302c6f7cd5136c8fdc5e"

Device added successfully

# heketi-cli -server="http://192.168.75.200:1234" -user="admin" -secret="adminkey" -json=true device add -name="/dev/sdb" -node="0245885cb56c482828413002c7ee994c"

Device added successfully

# heketi-cli -server="http://192.168.75.200:1234" -user="admin" -secret="adminkey" -json=true device add -name="/dev/sdb" -node="4c71d1213937ba01058b6cd7c9d84954"

Device added successfully

####添加volumn,这一步没必要做,可以让pvc自动创建

如果添加的volumn小的话可能会提示No Space,看日志是因为min brick limit 要解决这一问题要在heketi.json添加"brick_min_size_gb" : 1 ,1为1G

......
    "brick_min_size_gb" : 1,
    "db": "/var/lib/heketi/heketi.db"
......

size要比brick_min_size_gb大,如果设成1还是报min brick limit,replica必须大于1

# heketi-cli -server="http://192.168.75.200:1234" -user="admin" -secret="adminkey" -json=true volume create -size=3 -replica=2

{"size":3,"name":"vol_dfe295ac4c128e5e8a8cf7c7ce068d97","durability":{"type":"replicate","replicate":{"replica":2},"disperse":{"data":4,"redundancy":2}},"snapshot":{"enable":false,"factor":1},"id":"dfe295ac4c128e5e8a8cf7c7ce068d97","cluster":"d102a74079dd79aceb3c70d6a7e8b7c4","mount":{"glusterfs":{"device":"192.168.75.200:vol_dfe295ac4c128e5e8a8cf7c7ce068d97","options":{"backupvolfile-servers":"192.168.75.201"}}},"bricks":[{"id":"4479d5b212a7ca18caa0277e3f339f90","path":"/var/lib/heketi/mounts/vg_407cbaba20295ac218f0a44adc8b7e6f/brick_4479d5b212a7ca18caa0277e3f339f90/brick","device":"407cbaba20295ac218f0a44adc8b7e6f","node":"c3638f57b5c5302c6f7cd5136c8fdc5e","size":1572864},{"id":"c9489325b3e67bdb84250417c403f361","path":"/var/lib/heketi/mounts/vg_27f69c1a59a19e6d73b5477fdd121303/brick_c9489325b3e67bdb84250417c403f361/brick","device":"27f69c1a59a19e6d73b5477fdd121303","node":"0245885cb56c482828413002c7ee994c","size":1572864},{"id":"e3106832525b143a3913951ea7f24500","path":"/var/lib/heketi/mounts/vg_407cbaba20295ac218f0a44adc8b7e6f/brick_e3106832525b143a3913951ea7f24500/brick","device":"407cbaba20295ac218f0a44adc8b7e6f","node":"c3638f57b5c5302c6f7cd5136c8fdc5e","size":1572864},{"id":"fc3ede0060546f7eab48307efff05985","path":"/var/lib/heketi/mounts/vg_27f69c1a59a19e6d73b5477fdd121303/brick_fc3ede0060546f7eab48307efff05985/brick","device":"27f69c1a59a19e6d73b5477fdd121303","node":"0245885cb56c482828413002c7ee994c","size":1572864}]}

##4.配置kubernetes使用glusterfs

参考https://kubernetes.io/docs/user-guide/persistent-volumes/#persistentvolumeclaims

不过没写glusterfs的pv的样例,找了很久也没找到,只找到老版本的样例,

####创建storageclass

# vi /etc/kubernetes/storageclass-glusterfs.yaml

apiVersion: storage.k8s.io/v1beta1
kind: StorageClass
metadata:
  name: gfs1
provisioner: kubernetes.io/glusterfs
parameters:
  resturl: "http://192.168.75.200:1234"
  restauthenabled: "true"
  restuser: "admin"
  restuserkey: "adminkey"
#secretNamespace和secretName未定义,具体用法看官网

####通过配置创建glusterfs的名为gfs1的storageclass

# kubectl apply -f /etc/kubernetes/storageclass-glusterfs.yaml

####创建persistent volume或persistent volume claim

参考官方文档

https://kubernetes.io/docs/user-guide/persistent-volumes/#access-modes-1

https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#creating-a-persistentvolumeclaim

创建pv,不过pv没样例,报没有定义volume type,最后拿老的文档拼出来的yaml竟然成功了,运气啊,不过我们不用pv,还是用pvc

# vi /etc/kubernetes/pv-pv0001.yaml

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv0001
  labels:
    type: glusterfs
    pv: pv0001
  annotations:
    volume.beta.kubernetes.io/storage-class: "fortest"
spec:
  capacity:
    storage: 2G
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Recycle
  glusterfs:
    endpoints: "glusterfs-cluster"
    path: "abc123"

# kubectl create -f /etc/kubernetes/pv-pv0001.yaml

persistentvolume "pv0001" created

#####这里创建个pvc,请求模式为可多人读写,storage-class为刚刚创建的gfs1,限制请求的存储大小为100M,匹配标签pvc为fortest的资源

# vi /etc/kubernetes/pvc-fortest.yaml

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: default-pvc1
  namespace: default
  annotations:
    volume.beta.kubernetes.io/storage-class: "gfs1"
spec:
  accessModes:
  - ReadWriteMany
  resources:
    requests:
      storage: 2G
#下面这三行加了没用,pvc一直处在pending状态,去掉就好了
#  selector:
#    matchLabels:
#      pvc: "default_pvc1"

# kubectl create -f /etc/kubernetes/pvc-default-pvc1.yaml

persistentvolumeclaim "default-pvc1" created

####查看pvc状态为bound

# kubectl get pvc

NAME           STATUS    VOLUME                                     CAPACITY   ACCESSMODES   AGE
default-pvc1   Bound     pvc-a06d5668-e201-11e6-a4fd-080027520bff   2Gi        RWX           10m

####创建一个pod,使用pvc为fortest

# vi /etc/kubernetes/pod-test1.yaml

kind: Pod
apiVersion: v1
metadata:
  name: test1
  namespace: default
  labels:
    pvc: fortest
    env: test
    app: tomcat
spec:
  containers:
  - name: test-tomcat
    image: docker.io/tomcat
    volumeMounts:
    - mountPath: "/tmp"
      name: vl-test-tomcat
  volumes:
    - name: vl-test-tomcat
      persistentVolumeClaim:
        claimName: fortest

# kubectl create -f /etc/kubernetes/pod-test1.yaml

pod "test1" created

####查看pod发现test1在运行

# kubectl get po -o wide

NAME      READY     STATUS    RESTARTS   AGE       IP            NODE
test1     1/1       Running   0          37s       10.1.72.155   docker1

####进入pod1查看volume被成功挂在到/tmp

# kubectl exec -it -p test1 /bin/bash

W0124 15:13:46.183022   31589 cmd.go:325] -p POD_NAME is DEPRECATED and will be removed in a future version. Use exec POD_NAME instead.
root@test1:/usr/local/tomcat# df -h
Filesystem                                                                                        Size  Used Avail Use% Mounted on
/dev/mapper/docker-253:0-293364-ccad18bbad5ecb98b6fd9471dff9db415c2d7886e058fbe77ca3965079d0fdf6   10G  396M  9.7G   4% /
tmpfs                                                                                             371M     0  371M   0% /dev
tmpfs                                                                                             371M     0  371M   0% /sys/fs/cgroup
192.168.75.200:vol_39ac5a28aca8928778c8715216fd247c                                               2.0G   66M  2.0G   4% /tmp
/dev/mapper/centos-root                                                                            13G  6.0G  7.0G  47% /etc/hosts
shm                                                                                                64M     0   64M   0% /dev/shm
tmpfs                                                                                             371M   12K  371M   1% /run/secrets/kubernetes.io/serviceaccount

##5.以service暴露应用

将pod为test1的tomcat暴露给外网,dns可以解析service的clusterip,域名为<svc-name>.<namespace>.svc.cluster.local,dns服务器只有node,master和容器可以访问,外部无法访问,因为dns暴露出来的方式也是clusterip,这里是10.96.0.10

###使用nodePort方式

创建service配置文件

# cat svc_test1.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    provider: test1
  name: svc-test1
  namespace: default
spec:
  selector:
    env: test
    app: tomcat
  ports:
  - name: http
    port: 8080
    protocol: TCP
    targetPort: 8080
    nodePort: 30080
  type: NodePort

创建service

# kubectl apply -f svc_test1.yaml

service "svc-test1" created

访问任意一台node上的30080端口,均可打开看到tomcat首页

http://192.168.75.200:30080/

http://192.168.75.201:30080/

dns解析

# dig svc-test1.default.svc.cluster.local @10.96.0.10

; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.1 <<>> svc-test1.default.svc.cluster.local @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24787
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;svc-test1.default.svc.cluster.local. IN        A

;; ANSWER SECTION:
svc-test1.default.svc.cluster.local. 30 IN A    10.96.59.39

;; Query time: 4 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: Tue Feb 07 16:23:44 CST 2017
;; MSG SIZE  rcvd: 69

###使用clusterIP方式

# cat svc_ci_test1.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    provider: test1
  name: svc-ci-test1
  namespace: default
spec:
  selector:
    env: test
    app: tomcat
  ports:
  - name: http
    port: 8080
    protocol: TCP
    targetPort: 8080
  type: ClusterIP

通过clusterIP访问,10.96.59.39为自动分配的clusterip

# curl http://10.106.204.126:8080/

# dig svc-ci-test1.default.svc.cluster.local @10.96.0.10

; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.1 <<>> svc-ci-test1.default.svc.cluster.local @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53338
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;svc-ci-test1.default.svc.cluster.local.        IN A

;; ANSWER SECTION:
svc-ci-test1.default.svc.cluster.local. 30 IN A 10.106.204.126

;; Query time: 5 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: Tue Feb 07 16:24:09 CST 2017
;; MSG SIZE  rcvd: 72

使用ExternalNAME

可以指定个域名或ip,会把域名给cname过去

# cat svc_en_test1.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    provider: test1
  name: svc-en-test1
  namespace: default
spec:
  selector:
    env: test
    app: tomcat
  ports:
  - name: http
    port: 8080
    protocol: TCP
    targetPort: 8080
  externalName: www.baidu.com
  type: ExternalName

# dig svc-en-test1.default.svc.cluster.local @10.96.0.10

; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.1 <<>> svc-en-test1.default.svc.cluster.local @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10681
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;svc-en-test1.default.svc.cluster.local.        IN A

;; ANSWER SECTION:
svc-en-test1.default.svc.cluster.local. 30 IN CNAME www.baidu.com.
www.baidu.com.          30      IN      CNAME   www.a.shifen.com.
www.a.shifen.com.       30      IN      A       61.135.169.121
www.a.shifen.com.       30      IN      A       61.135.169.125

;; Query time: 22 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: Tue Feb 07 17:10:20 CST 2017
;; MSG SIZE  rcvd: 142

##ReplicationController

检测探针官方文档

https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

rc操作文档

https://kubernetes.io/docs/user-guide/replication-controller/operations/#sample-file

rc resizing文档

https://kubernetes.io/docs/user-guide/resizing-a-replication-controller/

rolling update

https://kubernetes.io/docs/user-guide/rolling-updates/

使用ReplicationController管理多副本的应用方便水平扩容和收缩。

rc配置文件

# cat rc-test.yaml

kind: ReplicationController
apiVersion: v1
metadata:
  name: rctest1
  labels:
    env: default
    app: rctest1tomcat
  namespace: default
spec:
  replicas: 2
  selector:
    rcname: rctest1
  template:
    metadata:
      labels:
        rcname: rctest1
    spec:
      volumes:
      - name: vl-rc-rctest1-tomcat
        persistentVolumeClaim:
          claimName: default-pvc1
      containers:
      - name: tomcat
        image: tomcat
        volumeMounts:
        - mountPath: "/tmp"
          name: vl-rc-rctest1-tomcat
        ports:
        - containerPort: 8080
          protocol: TCP
        imagePullPolicy: IfNotPresent
        readinessProbe:
          initialDelaySeconds : 5
          httpGet:
            path: /
            port: 8080
            httpHeaders:
              - name: X-my-header
                value: xxxx
          timeoutSeconds: 3
      restartPolicy: Always

####创建rc

# kubectl apply -f rc-test.yaml

replicationcontroller "rctest1" created

# kubectl get rc

NAME      DESIRED   CURRENT   READY     AGE
rctest1   2         2         2         6m

# kubectl describe rc rctest1

Name:           rctest1
Namespace:      default
Image(s):       tomcat
Selector:       rcname=rctest1
Labels:         app=rctest1tomcat
                env=default
Replicas:       2 current / 2 desired
Pods Status:    2 Running / 0 Waiting / 0 Succeeded / 0 Failed
Volumes:
  vl-rc-rctest1-tomcat:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  default-pvc1
    ReadOnly:   false
Events:
  FirstSeen     LastSeen        Count   From                            SubObjectPath   Type            Reason                  Message
  ---------     --------        -----   ----                            -------------   --------        ------                  -------
  7m            7m              1       {replication-controller }                       Normal          SuccessfulCreate        Created pod: rctest1-cqkbw
  7m            7m              1       {replication-controller }                       Normal          SuccessfulCreate        Created pod: rctest1-x3kd9

####resizing rc

自动收缩和扩容可以使用 Horizontal Pod Autoscaler ,参考https://kubernetes.io/docs/user-guide/horizontal-pod-autoscaling/walkthrough/

# kubectl scale rc rctest1 --replicas=3

replicationcontroller "rctest1" scaled

# kubectl get rc

NAME      DESIRED   CURRENT   READY     AGE
rctest1   3         3         3         15m

####更新

具体请参考文档

####更新image

为了省事,直接在docker1上打个新的tag

# docker tag tomcat tomcat:v1

####rolling update rc

可以改文件进行rolling update,也可以指定新的image进行

默认一分钟间隔升降一台,所以操作比较耗时

# kubectl rolling-update rctest1 --image=tomcat:v1

Created rctest1-8fea061ac5168e37a3c989adfba63bd1
Scaling up rctest1-8fea061ac5168e37a3c989adfba63bd1 from 0 to 2, scaling down rctest1 from 2 to 0 (keep 2 pods available, don't exceed 3 pods)
Scaling rctest1-8fea061ac5168e37a3c989adfba63bd1 up to 1
Scaling rctest1 down to 1
Scaling rctest1-8fea061ac5168e37a3c989adfba63bd1 up to 2
Scaling rctest1 down to 0
Update succeeded. Deleting old controller: rctest1
Renaming rctest1 to rctest1-8fea061ac5168e37a3c989adfba63bd1
replicationcontroller "rctest1" rolling updated

####查看rolling update 成功

# kubectl get rc

NAME      DESIRED   CURRENT   READY     AGE
rctest1   2         2         2         2m

# kubectl describe rc rctest1

Name:           rctest1
Namespace:      default
Image(s):       tomcat:v1
Selector:       deployment=8fea061ac5168e37a3c989adfba63bd1,rcname=rctest1
Labels:         app=rctest1tomcat
                env=default
Replicas:       2 current / 2 desired
Pods Status:    2 Running / 0 Waiting / 0 Succeeded / 0 Failed
Volumes:
  vl-rc-rctest1-tomcat:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  default-pvc1
    ReadOnly:   false
No events.

####检测探针的效果测试,这个以后再说吧

转载于:https://my.oschina.net/u/1791060/blog/830023

weixin_34309435
关注
easyui API 中文版合集:1.2.4 + 1.3.6 + 1.4.1 + 1.4.2 +1.5.1 + 1.5.2 +1.5.5版本
07-18
API 中文版.exe、jQuery EasyUI 1.5.1 版 API 中文版.pdf、jQuery EasyUI 1.5.2 版 API 中文版.chm、jQuery EasyUI 1.5.2 版 API 中文版.exe、jQuery EasyUI 1.5.2 版 API 中文版.pdf、jQuery EasyUI 1.5.5 版 API ...
AE/PR插件红巨人视觉特效合成AE/PR插件Red Giant VFX Suite v1.5.2 Mac +安装教程
06-09
【插件简介】 红巨人公司推出一套全新的视频特效合成插件,VFX Suite 应该是Effects Suite和Keying Suite插件包的合体,包含了光工厂,辉光,抠像,跟踪等多个特效插件,非常的...Supercomp v1.5.2 超强特效合成插件
Kubernetes+GlusterFS
weixin_44949973的博客
11-28 257
环境准备: host IP master01 192.168.200.150 node01 192.168.200.151 node02 192.168.200.152 1.使用kubeadm快速安装kubenrnetes集群 略 2.安装,配置GlusterFs: 1.在每台物理主机采用yum安装的方式gluster源以及相关组件: yum -y install c...
kubeadm快速部署kubernetes1.5.2
VF@CSDN
02-06 5402
Kubernetes 1.5.2发布,调整部署文档。 1 环境准备准备了三台机器作安装测试工作,机器信息如下: IP Name Role OS 172.16.1.101 Master01 Controller Centos7.2 172.16.1.106 Minion01 Compute Centos7.2 172.16.1.107 Minin
独立部署GlusterFS+Heketi实现Kubernetes共享存储
weixin_34248023的博客
04-15 287
目录 环境 glusterfs配置 安装 测试 heketi配置 部署 简介 修改heketi配置文件 配置ssh密钥 启动heketi 生产案例 ...
kubernetes网络插件-calico
weixin_38320674的博客
07-06 6543
微信公众号搜索 DevOps和k8s全栈技术 ,即可关注,也可扫描文章最后的二维码关注公众号,每天会分享技术文章供大家参考阅读哈~calico的核心组件(1)Felix:Calico的客...
Kubernetes - - k8s - v1.12.3 动态存储管理GlusterFS及使用Heketi扩容GlusterFS集群
weixin_34152820的博客
12-10 1031
1,准备工作 1.1 所有节点安装GFS客户端 yum install glusterfs glusterfs-fuse -y 1.2 如果不是所有节点要部署GFS管理服务,就在需要部署的节点上打上标签 [root@k8s-master01 ~]# kubectl label node k8s-master01 storagenode=glusterfs node/k8s-master01 lab...
微信智慧外链接致富版v1.5.2+前端
11-23
微信智慧外链接致富版v1.5.2+前端 会员付费模式 场景自动识别(微信内、外、PC均有不同打开场景) 精简短链 朋友圈分享 导流广告 会员炮灰域名 付费会员指定专属品牌域名 过期链接自定义跳转落地页 付费...
【WordPress主题】2022年最新版完整功能demo+插件v1.5.2 + HTML.zip
04-19
"【WordPress主题】2022年最新版完整功能demo+插件v1.5.2 + HTML Rekord - Ajaxify Music - Events - Podcasts Multipurpose WordPress Theme Rekord - ajaxify音乐 - 事件 - 播客多功能Wordpress主题" ---------- ...
源授权V1.5.2版本-打造更专业的PHP域名授权系统.zip
12-27
V1.6 – 2021.10.04 优化程序管理,显示程序名称,数据统计 修复创建程序后创建时间不显示问题 更新卡密状态,类型,使用天数,名称的显示 更新API返回信息同步后台授权返回设置项 修复授权验证不存在问题 修复...
Gluster分布式文件存储
iov_aaron的专栏
05-22 1134
目录 一、GlusterFS Volume 1. Glusterfs Volume介绍 2. Glusterfs Volume类型介绍 二、Heketi使用 1. 基本安装配置 2. 导入GlusterFS信息 3. 创建Volume及管理 4. Heheti基本原理 三、基于Kubernetes的GlusterFS存储卷 1. 创建StorageClass 2. 创建...
GlusterFS常用命令小结
热门推荐
崔炳华
10-12 1万+
GlusterFS常用命令小结     崔炳华 △启动/关闭glusterd服务 /etc/init.d/glusterd start /etc/init.d/glusterd stop   △开机自动启动glusterd服务 chkconfig glusterd on(Red Hat) update-rc.d glusterd defaults(Debian) echo "
添加calico到现有的kubernetes集群中
yevvzi的博客
11-10 6873
要求: 1.已存在的k8s集群版本大于v1.1,想要使用NetworkPolicy,需要大于v1.3.0 2.可以被所有节点访问的etcd集群(可以和k8s共享etcd集群,但是最好建立一个独立的集群) calico组件: 整合ks8/calico一共有三个组件: 1.每个节点运行一个calico/node容器;包含了calico路由必须的bgp客户端 2.calico-cni
kubeadm单集群部署k8s1.15.1&calico网络
weixin_38166905的博客
07-28 872
说明 本次实验在Windows下的VMware进行 系统配置及初始化配置在所有的主机执行 容器镜像全部替换为国内可拉取的 pod网络采用calico 实验环境 主机名 IP地址 角色 OS CPU/MEM 网卡/模式 平台 k8s-master01 192.168.181.158 master CentOS7.6 2C/2G x1/NAT VMware k8s-node...
[置顶] kubernetes资源类型--Volume
ddk4044的博客
08-02 189
在Docker的设计实现中,容器中的数据是临时的,即当容器被销毁时,其中的数据将会丢失。如果需要持久化数据,需要使用Docker数据卷挂载宿主机上的文件或者目录到容器中。在K8S中,当Pod重建的时候,数据是会丢失的,K8S也是通过数据卷挂载来提供Pod数据的持久化的。K8S数据卷是对Docker数据卷的扩展,K8S数据卷是Pod级别的,可以用来实现Pod中容器的文件共享。 支持的类...
k8s calico网络排错
Show something
11-14 7802
本地三个节点搭k8s,结果前两个节点的pod互通,第三个节点不能与前两个的pod通信。 查看路由,发现第三个节点没有建立通信的路由。   hadoop002节点路由详情,加粗为路由详情。hadoop003无此路由。   [root@hadoop002 beh]# route Kernel IP routing table Destination Gateway Genmask Fla...
CentOS 7 安装 GlusterFS
weixin_30809333的博客
08-24 483
CentOS 7 GlusterFS 环境说明: 3台机器安装 GlusterFS 组成一个集群。 使用 docker volume plugin GlusterFS 服务器: 10.6.0.140 10.6.0.192 10.6.0.196 配置 hosts 10.6.0.140 swarm-manager 10.6.0.192 swarm-node-1 10.6.0....
docker-harbor
最新发布
qq_54598007的博客
10-17 862
(1)基于角色控制:用户和仓库都是基于项目进行组织的,而用户在项目中可以拥有不同的权限。(2)基于镜像的复制策略:镜像可以在多个Harbor实例之间进行复制(同步)。(3)支持 LDAP/AD:Harbor 可以集成企业内部已有的 AD/LDAP(类似数据库的一张表),用于对已经存在的用户认证和管理。(4)镜像删除和垃圾回收:镜像可以被删除,也可以回收镜像占用的空间。(5)图形化用户界面:用户可以通过浏览器来浏览,搜索镜像仓库以及对项目进行管理。
Linux下Hadoop 2.6.3 + Spark 1.5.2 + HBase 1.1.2 + Hive 1.2.1 + ZooKeeper 3.4.6 完整安装教程
本指南详细介绍了如何在Linux 64位系统上安装Hadoop 2.6.3、Spark 1.5.2、HBase 1.1.2、Hive 1.2.1和Zookeeper 3.4.6的整合环境,适用于搭建一个三节点(worker1、worker2、worker3)的集群。以下是安装步骤和注意...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值