一、部署k8s
准备
主master:192.168.255.142
node1:192.168.255.150
node2:192.168.255.200
所有机器:
安装docker源
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
安装docker
yum install -y docker-ce
systemctl start docker
systemctl enable docker
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://jqqwsp8f.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
设置开机自启
systemctl enable docker && systemctl start docker
查看版本
docker --version
安装kubeadm、kubelet核kubectl
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
本地映射/etc/hosts
vim /etc/hosts
192.168.255.142 master
192.168.255.150 node1
192.168.255.180 node2
#指定安装版本
yum install -y kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0
rpm -qa | grep kube
#设置开机自启动
systemctl enable kubelet
#关闭swap
swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
master操作
mkdir k8s && cd k8s
kubeadm init \
--apiserver-advertise-address=192.168.255.142 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.15.0 \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16
#使用kubectl工具
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
#在前面初始化的时候,会有这段哈希值,后面也用于node加入
###记录kubeadm join xxxxxxxxx(用于添加node节点)
kubeadm join 192.168.255.142:6443 --token vvbp4o.91yfaklznloczfnb \
--discovery-token-ca-cert-hash sha256:ace39b8db9d1c40fe31b85ff2923eedbe16d6587491eca10488fa9c31041faea
#安装pod网络插件(flannel)
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml
#查看组件状态 && 查看节点状态(稍等一会)
kubectl get cs
kubectl get nodes
node操作
#docker 拉取flannel镜像
docker pull lizhenliang/flannel:v0.11.0-amd64
前面在master上有这段哈希
#添加节点(kubeadm join,节点token会周期性变化,kubeadm token list查看token)
kubeadm join 192.168.255.142:6443 --token vvbp4o.91yfaklznloczfnb \
--discovery-token-ca-cert-hash sha256:ace39b8db9d1c40fe31b85ff2923eedbe16d6587491eca10488fa9c31041faea
#出错的时候重载配置(node节点)
kubeadm reset
#重载配置(master节点的)
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
需要删除以上配置才可以继续kube init 初始化
#master节点查看node状态 “三个ready”
kubectl get nodes
#打node标签
kubectl label node node1 node-role.kubernetes.io/node=work
kubectl label node node2 node-role.kubernetes.io/node=work
#kubectl get pods -n kube-system 查看pod 状态 "1/1 Running"为正常
kubectl get pods -n kube-system
####重新生成token
#若token 过期或丢失,需要先申请新的token 令牌
kubeadm token create
#列出token
kubeadm token list | awk -F" " '{print $1}' |tail -n 1
#然后获取CA公钥的的hash值
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^ .* //'
#替换join中token及sha256:
kubeadm join 192.168.255.142:6443 --token ld7odd.egdzg4z9h37dvumc \
--discovery-token-ca-cert-hash sha256:8e904682e6c1d670cf8b5524b3e03d1e5e5cb4156984f87414f093dc80e1fb23
二、管理k8s
k8s有两个名称空间——kube-systemspaces 和 kube-public apaces
kubectl run nginx-deployment --image=nginx --port=80 --replicas=3
指定管理器deployment
指定镜像nginx
指定端口80
指定副本集3
kubectl get pods
获取pods信息
kubectl get all
获取所有
kubectl get pods --all-namespaces
获取pods信息,指定名称空间
kubectl delete deploy/nginx-deployment
直接删除控制器下面所有
kubectl delete pod nginx-deployment-8859878f8-p8r5k -n default
shanc指定pod指定名称空间
kubectl get pods,deployment
获取pod和控制器信息
kubectl get pods,deployment,replicaset
获取pod和控制器、副本信息
kubectl expose deployment nginx --port=80 --target-port=80 --name=nginx-service --type=NodePort
先run创建和开启容器,在暴露
kubectl get pods,svc
kubectl get endpoints
kubectl get pods --n default
kubectl get pods --n default -o wide
kubectl logs nginx-7697996758-xgxzd
日志
kubectl set image deployment/nginx nginx=nginx:1.14
kubectl rollout history deployment/nginx
查看历史版本
kubectl rollout undo deployment/nginx
回滚上一次
//进入pod
kubectl exec -it nginx-7697996758-75shs bash
//查看deployment资源
kubectl describe deployment/nginx
create
expose
run
set
get
edit
delete
rollout
top
cordon
uncordon
describe
logs
exec
proxy
cp
auth
wait
replace
label
version