Kubernates快速入门
#搭建过程中的坑,困扰几天了:
#原来做虚拟机都是vagrant+VirtualBox快速搭建的,习惯了vagrant命令,搭建的时候各个pod跨主机不能通信,一直没有解决,后来更换了vm+centos7.5解决了
#其实解决pod不能跨主机通信的思路有两个:
1.使用单网卡
2.写一个路由来定义流量转发的路径
来一个Master的路由表
双网卡的可以参照一下修改路由
[root@master ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.68.2 0.0.0.0 UG 100 0 0 ens33
10.244.0.0 0.0.0.0 255.255.255.0 U 0 0 0 cni0
10.244.1.0 10.244.1.0 255.255.255.0 UG 0 0 0 flannel.1
10.244.2.0 10.244.2.0 255.255.255.0 UG 0 0 0 flannel.1
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
192.168.68.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
查看节点的所有信息:内存,cpu等等
kubectl describe node node1
查看主节点和node的版本
kubectl version
集群DNS信息:
kubectl cluster-info
Kubernetes master is running at https://192.168.205.10:6443
KubeDNS is running at https://192.168.205.10:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy正式开始使用K8s
kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1 --dry-run=true
创建一个nginx的应用,版本是nginx1.14-alpine,对外的端口是80,创建1个,开始运行
提示:deployment.apps/nginx-deploy created (dry run)->并没有执行
kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1
提示:deployment.apps/nginx-deploy created 创建成功并执行
查看创建应用的情况:
[root@master ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx-deploy 1 1 1 1 1m
DESIRED:期望创建数
CURRENT:创建了几个
UP-TO-DATE:最新状态
AVAILABLE:可以的是几个[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deploy-5b595999-wqt4b 1/1 Running 0 3m
显示控制器的更多信息
[root@master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
nginx-deploy-5b595999-wqt4b 1/1 Running 0 4m 10.244.2.2 node3 <none>[root@master K8s]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
nginx-deploy-5b595999-b7j4q 1/1 Running 0 9m 10.244.2.2 node2 <none>上面可以看到nginx项目的地址是10.244.2.2,在任意的node节点上都可以访问,我之前的环境就是不能访问,
原因是和双网卡有关系。
10.244.2.2在每个node上都可以访问,k8s的外部是不能访问的
通过查看网络我们发现:
master:cni0 10.244.0.1
node1: cni0 10.244.1.1
node2: cni0 10.244.2.1
我们发现10.244.网络是一个大网,每个node上时不同的网段
每个node上都有一个10.244.x.1的子网,保证不会冲突
删除一个Pod
kubectl delete pods nginx-deploy-5b595999-wqt4b
这个时候,再次查看:kubectl get pods -o wide
会发现又生成一个
还是可以访问的
查看DNS
查看DNS
kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 2h
我们每次删除pod都会生成一个pod,但是ip也会更改,这样很不方便,我们要固定IP
kubectl expose deployment nginx-deploy --name=nginx --port=80 --target-port=80 --protocol=TCP 查看kube的DNS地址:
[root@master /]# kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 49m在master节点上安装dns解析工具
yum install bind-utils
dig -t A nginx @10.96.0.10
[root@master /]# dig -t nginx @10.96.0.10
;; Warning, ignoring invalid type nginx
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> -t nginx @10.96.0.10
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50221
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 30 IN NS h.root-servers.net.
. 30 IN NS f.root-servers.net.
. 30 IN NS j.root-servers.net.
. 30 IN NS d.root-servers.net.
. 30 IN NS e.root-servers.net.
. 30 IN NS k.root-servers.net.
. 30 IN NS c.root-servers.net.
. 30 IN NS g.root-servers.net.
. 30 IN NS a.root-servers.net.
. 30 IN NS l.root-servers.net.
. 30 IN NS i.root-servers.net.
. 30 IN NS m.root-servers.net.
. 30 IN NS b.root-servers.net.
;; Query time: 27 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: Wed Sep 05 00:07:09 CST 2018
;; MSG SIZE rcvd: 431
在创建一个pod测试连接
kubectl run client --image=busybox --replicas=1 -it --restart=Never可以发现
/ # cat /etc/resolv.conf
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5
上面的没有给完整的域名
我们在master上重新设置一下域名的解析
[root@master ~]# dig -t A nginx.default.svc.cluster.local @10.96.0.10
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> -t A nginx.default.svc.cluster.local @10.96.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30048
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;nginx.default.svc.cluster.local. IN A
;; ANSWER SECTION:
nginx.default.svc.cluster.local. 5 IN A 10.102.113.55
;; Query time: 0 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: Wed Sep 05 00:12:48 CST 2018
;; MSG SIZE rcvd: 107
再次回到busybox pod上
wget nginx
Connecting to nginx (10.102.113.55:80)
是可以解析nginx的因为busybox里面没有curl,我们也可以尝试
wget -O - -q http://nginx:80/
这样可以直接打印出页面
再次测试:
删除pod后是否还能不能原地址访问成功
获取pods
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 10m
nginx-deploy-5b595999-cvwdl 1/1 Running 0 30m
删除pods
kubectl delete pods nginx-deploy-5b595999-cvwdl
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 11m
nginx-deploy-5b595999-fsxlp 1/1 Running 0 12s
我们在busybox pods中访问 # wget -O - -q http://nginx:80/还是可以访问的
我们关注的不是pod本身,而是service,生成的nginx会生成一个iptables规则,把访问pod地址的都调度到lables标签选择器上。
我们查看nginx资源的详细信息
kubectl describe svc nginx
[root@master ~]# kubectl describe svc nginx
Name: nginx
Namespace: default
Labels: run=nginx-deploy #我们删除pod时,自动创建pod会自动带有这个标签
Annotations: <none>
Selector: run=nginx-deploy #标签选择器
Type: ClusterIP
IP: 10.102.113.55
Port: <unset> 80/TCP
TargetPort: 80/TCP
Endpoints: 10.244.1.3:80
Session Affinity: None
Events: <none>编辑nginx服务:
kubectl edit svc nginx
删除nginx服务:
kubectl delete svc nginx
查看是否删除成功
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 1h
创建一个nginx
kubectl expose deployment nginx-deploy --name=nginx
我们在busybox pod上还是可以访问的
wget -O - -q http://nginx:80/
查看他的信息:[root@master ~]# kubectl describe deployment nginx-deploy
Name: nginx-deploy
Namespace: default
CreationTimestamp: Tue, 04 Sep 2018 23:32:31 +0800
Labels: run=nginx-deploy
Annotations: deployment.kubernetes.io/revision=1
Selector: run=nginx-deploy
Replicas: 1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: run=nginx-deploy
Containers:
nginx-deploy:
Image: nginx:1.14-alpine
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Progressing True NewReplicaSetAvailable
Available True MinimumReplicasAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-deploy-5b595999 (1/1 replicas created)
Events: <none>创建两个pod测试
kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2
查看信息:
[root@master ~]# kubectl get deployment -w
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
myapp 2 2 2 2 31s
nginx-deploy 1 1 1 1 1h
[root@master ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
myapp 2 2 2 2 1m
nginx-deploy 1 1 1 1 1h
[root@master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
client 1/1 Running 0 32m 10.244.2.3 node2 <none>
myapp-848b5b879b-btq8s 1/1 Running 0 2m 10.244.1.4 node1 <none>
myapp-848b5b879b-gnv2h 1/1 Running 0 2m 10.244.2.4 node2 <none>
nginx-deploy-5b595999-fsxlp 1/1 Running 0 21m 10.244.1.3 node1 <none>
在busybox上测试访问
/ # wget -O - -q 10.244.1.4
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # wget -O - -q 10.244.2.4
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
/ # wget -O - -q 10.244.2.4/hostname.html
myapp-848b5b879b-gnv2h
/ # wget -O - -q 10.244.1.4/hostname.html
myapp-848b5b879b-btq8s
通过访问不同的地址获取到不同的内容
我们给myapp创建一个service
kubectl expose deployment myapp --name=myapp --port=80
查看创建:
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 1h
myapp ClusterIP 10.101.151.96 <none> 80/TCP 29s
nginx ClusterIP 10.111.8.112 <none> 80/TCP 13m
通过在busyboy上面访问时随机分发的
# wget -O - -q 10.101.151.96/hostname.html
myapp-848b5b879b-gnv2h
/ # wget -O - -q 10.101.151.96/hostname.html
myapp-848b5b879b-btq8s
/ # wget -O - -q 10.101.151.96/hostname.html
myapp-848b5b879b-gnv2h
/ # wget -O - -q 10.101.151.96/hostname.html
myapp-848b5b879b-btq8s
/ # wget -O - -q 10.101.151.96/hostname.html
myapp-848b5b879b-gnv2h
/ # wget -O - -q myapp/hostname.html
myapp-848b5b879b-btq8s
/ # wget -O - -q myapp/hostname.html
myapp-848b5b879b-gnv2h
/ # wget -O - -q myapp/hostname.html
myapp-848b5b879b-btq8s
/ # wget -O - -q myapp/hostname.html
myapp-848b5b879b-gnv2h
######################
循环执行:
while true; do wget -O - -q myapp/hostname.html; sleep 1; done
######################
将myapp项目动态的变成5个
kubectl scale --replicas=5 deployment myapp
[root@master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 44m
myapp-848b5b879b-4m676 1/1 Running 0 15s
myapp-848b5b879b-btq8s 1/1 Running 0 14m
myapp-848b5b879b-gnv2h 1/1 Running 0 14m
myapp-848b5b879b-hn92j 1/1 Running 0 15s
myapp-848b5b879b-lt4lz 1/1 Running 0 15s
nginx-deploy-5b595999-fsxlp 1/1 Running 0 33m
动态的减少
kubectl scale --replicas=3 deployment myapp
做滚动升级:
在busyboy上运行
while true; do wget -O - -q myapp; sleep 1; done
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
我们开始改变镜像的版本换成最新的
查看某一个容器的详细信息
kubectl describe pods myapp-848b5b879b-btq8s
开始升级镜像:
kubectl set image deployment myapp myapp=ikubernetes/myapp:v2
[root@master ~]# kubectl set image deployment myapp myapp=ikubernetes/myapp:v2
deployment.extensions/myapp image updated
查看更新情况:kubectl rollout status deployment myapp
在pod中开始灰度的发布
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
版本发布错误后回滚到上一个版本
1,kubectl rollout undo deployment myapp
2,执行刚刚发布v2的命令,将v2换成v1即可
我们查看一下iptables的生成规则:
iptables -vnL
也有部分是ipvs
我们在外部访问,怎么办?
kubectl edit svc myapp
将type: ClusterIP更改为NodePort
查看一下:
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 1h
myapp NodePort 10.101.151.96 <none> 80:30478/TCP 25m
nginx ClusterIP 10.111.8.112 <none> 80/TCP 38m
我们发现多了一个端口
803
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
