kubenet安装方式: kubeadm(推荐),二进制安装(下载所有组件的二进制程序,在多台宿主机上安装),第三方工具(rancher,sealos)
根据文档配置一台master,两台node 并分别配置好k8s环境:
https://kubernetes.io/zh-cn/docs/home/
https://pickledfish.cloud/kubernetes/deployment/kubernetes-1-23-cluster-setup.html
pod 是k8s内部底层最小的管理单元: 一个pod里至少有一个容器
[root@k8s-master-1 ~]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-64cc74d646-rgbbs 0/1 Pending 0 8m10s
calico-node-6pxcb 0/1 Init:0/3 0 8m10s
calico-node-bb5d4 0/1 Init:0/3 0 8m10s
calico-node-r7dxg 0/1 Init:0/3 0 8m10s
coredns-6d8c4cb4d-267tv 0/1 Pending 0 29m
coredns-6d8c4cb4d-nvqfv 0/1 Pending 0 29m
etcd-k8s-master-1 1/1 Running 0 29m
kube-apiserver-k8s-master-1 1/1 Running 0 29m
kube-controller-manager-k8s-master-1 1/1 Running 0 29m
kube-proxy-6rv4d 1/1 Running 0 17m
kube-proxy-scxk9 1/1 Running 0 29m
kube-proxy-z4bf7 1/1 Running 0 17m
kube-scheduler-k8s-master-1 1/1 Running 0 29m
[root@k8s-node-1 ~]# mkdir -p $HOME/.kube
[root@k8s-node-1 ~]# scp k8s-master-1:/etc/kubernetes/admin.conf /root/.kube/config
[root@k8s-node-1 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
SLA (Service Level Agreement)服务等级协议,指的是系统服务提供者(provider)对客户(customer)的一个服务承诺。
[root@k8s-master-1 ~]# kubectl get namespace
NAME STATUS AGE
default Active 19h
kube-node-lease Active 19h
kube-public Active 19h
kube-system Active 19h
k8s管理的对象,称呼为资源
[root@k8s-master-1 ~]# kubectl get pod
No resources found in default namespace.
[root@k8s-master-1 ~]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-64cc74d646-rgbbs 1/1 Running 1 (14h ago) 18h
calico-node-6pxcb 1/1 Running 1 (14h ago) 18h
calico-node-bb5d4 1/1 Running 1 (14h ago) 18h
calico-node-r7dxg 1/1 Running 1 (14h ago) 18h
coredns-6d8c4cb4d-267tv 1/1 Running 1 (14h ago) 19h
查看k8s里的所有的资源的名字以及简称
[root@k8s-master-1 ~]# kubectl api-resources
| SHORTNAMES | APIVERSION | NAMESPACED | KIND | |
| bindings | v1 | true | Binding | |
| componentstatuses | cs | v1 | false | ComponentStatus |
| configmaps | cm | v1 | true | ConfigMap |
| endpoints | ep | v1 | true | Endpoints |
| events | ev | v1 | true | Event |
| limitranges | limits | v1 | true | LimitRange |
| namespaces | ns | v1 | false | Namespace |
| nodes | no | v1 | false | Node |
| persistentvolumeclaims | pvc | v1 | true | PersistentVolumeClaim |
[root@k8s-master-1 ~]# kubectl describe pod calico-node-6pxcb -n kube-system 查看kube-system命名空间里的calico-node-6pxcb这个pod 的详情
[root@k8s-master-1 ~]# kubectl describe ns kube-system
Name: kube-system
Labels: kubernetes.io/metadata.name=kube-system
Annotations: <none>
Status: Active
No resource quota.
No LimitRange resource.
删除pod和其他资源
kubectl delete -f https://docs.projectcalico.org/archive/v3.25/manifests/calico.yaml
创建pod和其他资源
kubectl apply -f https://docs.projectcalico.org/archive/v3.25/manifests/calico.yaml
控制平面启动的组件---》本质上是一个pod里的容器--》软件 --》管理工具
kubectl create deployment k8s-nginx --image=nginx -r 3
[root@k8s-master-1 ~]# kubectl describe pod k8s-nginx-6d779d947c-bttmz
[root@k8s-master-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
k8s-nginx-6d779d947c-bttmz 1/1 Running 0 8m17s 10.224.109.65 k8s-node-1
k8s-nginx-6d779d947c-c4qv6 1/1 Running 0 8m17s 10.224.109.66 k8s-node-1
k8s-nginx-6d779d947c-wbh68 1/1 Running 0 8m17s 10.224.140.74 k8s-node-2
kubectl delete deployment k8s-nginx
replication set --》replicaset 副本控制器 :作用是用来保持pod的副本数量
[root@k8s-master-1 ~]# kubectl get replicaset
NAME DESIRED CURRENT READY AGE
k8s-nginx-6d779d947c 3 3 3 16m
[root@k8s-master-1 ~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
k8s-nginx-6d779d947c 3 3 3 16m
deployment ---》部署控制器会自动去创建副本控制器,副本控制器去创建pod
[root@k8s-master-1 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
k8s-nginx-6d779d947c-5zbrb 1/1 Running 0 45s
k8s-nginx-6d779d947c-8stjr 1/1 Running 0 45s
k8s-nginx-6d779d947c-hj8g8 1/1 Running 0 45s
[root@k8s-master-1 ~]# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
k8s-nginx 3/3 3 3 22m
[root@k8s-master-1 ~]# kubectl delete deploy k8s-nginx
deployment.apps "k8s-nginx" deleted
[root@k8s-master-1 ~]# kubectl get pod
No resources found in default namespace.
已经启动pod了--》可以提供web服务
建立一个服务发布node节点里的pod,让外面的机器能够发现我们的pod
docker -p 8080:80
案例:创建一个yaml文件实现创建nginx pod 并发布出去(配置一个服务),让k8s集群外的机器可访问web服务
[root@k8s-master-1 ~]# mkdir nginx
[root@k8s-master-1 ~]# cd nginx
[root@k8s-master-1 nginx]# vim nginx.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app.kubernetes.io/name: sc #给pod打一个标签
spec:
containers:
- name: nginx
image: nginx:stable
ports:
- containerPort: 80
name: http-web-svc
---
apiVersion: v1
kind: Service
metadata:
name: my-service-lijiaqi
spec:
type: NodePort #服务的类型,会在节点服务器上发布出去,访问我们的节点服务器就可以了
selector: #选择器
app.kubernetes.io/name: sc #打了这个标签的pod
ports:
- port: 80 #负载均衡器的端口
targetPort: 80 #pod容器里的端口
nodePort: 30007 #宿主机(节点服务器)
在Kubernetes中,Service 提供了一个稳定且可发现的访问点,用于访问一组动态的后端Pod。通过使用不同类型的 Service,你可以根据需要选择在集群内部还是外部暴露你的应用。同时,Service 和 Endpoints 的结合使用,使得服务发现和负载均衡变得简单和高效。
nodeport 和clusterIP
[root@k8s-master-1 nginx]# kubectl apply -f nginx.yaml 执行yaml文件里的内容,去创建pod和service
pod/nginx created
service/my-service-lijiaqi created
[root@k8s-master-1 nginx]# kubectl get pod -o wide 查看pod
NAME READY STATUS RESTARTS AGE IP NODE
k8s-nginx-6d779d947c-dkpqx 1/1 Running 0 31m 10.224.140.92 k8s-node-2 <none>
k8s-nginx-6d779d947c-fcws8 1/1 Running 0 31m 10.224.140.93 k8s-node-2 <none>
k8s-nginx-6d779d947c-rxdr5 1/1 Running 0 31m 10.224.109.87 k8s-node-1 <none>
nginx 1/1 Running 0 57s 10.224.109.88 k8s-node-1 <none>
[root@k8s-master-1 nginx]# kubectl get svc 查看service的信息
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 25h
my-service-lijiaqi NodePort 10.99.69.9 <none> 80:30007/TCP 75s
访问k8s集群任何一个节点服务器的ip:30007
k8s里对资源进行隔离的,不同的命名空间里的pod默认是不能访问的
[root@k8s-master-1 nginx]# kubectl get ns
NAME STATUS AGE
default Active 4d18h 这是默认的命名空间,启动的pod不指定命名空间,默认在这里
kube-node-lease Active 4d18h
kube-public Active 4d18h
kube-system Active 4d18h k8s内部进行管理功能的命名空间,里面是管理使用的pod
:set paste 设置vim编辑器,使用粘贴功能,避免粘贴到vim里的文本,格式混乱
mkdir /kuboard-data
sudo docker run -d \
--restart=unless-stopped \
--name=kuboard \
-p 80:80/tcp \
-p 10081:10081/tcp \
-e KUBOARD_ENDPOINT="http://192.168.205.141:10081" \
-e KUBOARD_AGENT_SERVER_TCP_PORT="10081" \
-v /kuboard-data:/data \
swr.cn-east-2.myhuaweicloud.com/kuboard/kuboard:v3
metrics-server --》采集k8s集群里的资源的使用情况,例如cpu、内存的使用情况
krew 是k8s内部的yum,可以用来在k8s里安装软件和卸载软件
kuboard 是多k8s集群的管理软件
dashboard 是kubernetes官方提供的一个k8s集群管理软件,只能管理一个k8s集群。
193 containers:
194 - name: kubernetes-dashboard
195 image: kubernetesui/dashboard:v2.7.0
196 imagePullPolicy: Always
197 ports:
198 - containerPort: 8443
199 protocol: TCP
200 args:
201 - --auto-generate-certificates
202 - --namespace=kubernetes-dashboard
203 - --token-ttl=4320
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec: #具体的pod的参数
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
- containerPort: 443
- name: mysql
image: mysql:5.7.41
ports:
- containerPort: 3306
扫一扫
146
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
