一、集群验证资源准备
### --- 集群验证说明
~~~ 集群验证(集群之前,先部署dashboard)
### --- pod验证流程
~~~ # Pod必须能解析Service
~~~ # Pod必须能解析跨namespace的Service
~~~ # 每个节点都必须要能访问Kubernetes的kubernetes svc 443和kube-dns的service 53
~~~ # Pod和Pod之间可以正常通信
~~~ a)同namespace能通信
~~~ b)跨namespace能通信
~~~ c)跨机器能通信
二、安装busybox
### --- 安装busybox
~~~ # 创建一个busybox的pod
[root@k8s-master01 ~]# cat<<EOF | kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
name: busybox
namespace: default
spec:
containers:
- name: busybox
image: busybox:1.28
command:
- sleep
- "3600"
imagePullPolicy: IfNotPresent
restartPolicy: Always
EOF
### --- 查看Pod运行状态:若是没有指定namespace,默认部署在default命名空间下
[root@k8s-master01 ~]# kubectl get po
NAME READY STATUS RESTARTS AGE
busybox 1/1 Running 0 112s
### --- 每个Pod运行之后都会有一个kubernetes service
[root@k8s-master01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 159m
三、集群验证
### --- Pod必须能解析Service
~~~ 注:解析这个Service在同一个namespaces是否可以解析成功
[root@k8s-master01 ~]# kubectl exec busybox -n default -- nslookup kubernetes
Server: 10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
Name: kubernetes
Address 1: 10.96.0.1 kubernetes.default.svc.cluster.local
### --- Pod必须能解析跨namespace的Service
~~~ 注:跨namespaces是否可以解析成功
[root@k8s-master01 ~]# kubectl exec busybox -n default -- nslookup kube-dns.kube-system
Server: 10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
Name: kube-dns.kube-system
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
### --- 每个节点都必须要能访问Kubernetes的kubernetes svc 443和kube-dns的service 53
~~~ 查看kubernetes-service的IP地址
[root@k8s-master01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 167m
[root@k8s-master01 ~]# yum install -y telnet
[root@k8s-master01 ~]# telnet 10.96.0.1 443
Trying 10.96.0.1...
Connected to 10.96.0.1.
Escape character is '^]'. // 输出该内容说明端口是通的;若是没有自动关闭的情况下,是没有问题的,若是自动关闭状态,可能是故障状态。
### --- 查看kube-dns的端口是否是通的
[root@k8s-master01 ~]# kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 43m
metrics-server ClusterIP 10.97.177.184 <none> 443/TCP
[root@k8s-master01 ~]# telnet 10.96.0.10 53
Trying 10.96.0.10...
Connected to 10.96.0.10.
Escape character is '^]'. // 正常状态
### --- 也可以使用curl命令查看
~~~ 注:所有节点安装telnet
~~~ 注:每个节点都必须要能访问Kubernetes的kubernetes svc 443和kube-dns的service 53
[root@k8s-master01 ~]# curl 10.96.0.10:53
curl: (52) Empty reply from server // 正常状态