K8s快速部署
节点规划
#k8smaster
10.0.0.11
#k8snode1
10.0.0.12
#k8snode2
10.0.0.13所有节点安装docker环境及依赖
上传
docker-k8s.tar到所有节点/opt目录后解压,k8s需要指定docker的版本,版本不匹配可能会出现不兼容
#master,node1,node2
#进入目录解压后全部安装
cd /opt
tar -xf docker-k8s.tar
cd /opt/pkg
yum localinstall -y *.rpm上传
k8s-master.zip到master节点/opt目录后解压
#master
#进入目录解压后全部安装
cd /opt
unzip k8s-master.zip
cd /opt/k8s-master
yum localinstall -y *.rpm上传
k8s-node.zip到node1,node2节点/opt目录后解压
#node1 node2
#解压后全部安装
cd /opt
tar -xf k8s-node.tar
yum localinstall -y *.rpm配置主节点ETCD
#master
vim /etc/etcd/etcd.conf
#修改以下内容
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379"修改完成后重启并测试
#master
重启,并设置开机自动
systemctl restart etcd.service
systemctl enable etcd.service
#键值测试
etcdctl set name 1997sty
etcdctl get name配置Master节点
#master
vi /etc/kubernetes/apiserver
#修改以下内容
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_API_PORT="--port=8080"
KUBE_ETCD_SERVERS="--etcd-servers=http://10.0.0.11:2379"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"修改完成后重启
#master
重启,并设置开机自动
systemctl enable kube-apiserver.service
systemctl start kube-apiserver.service
systemctl enable kube-controller-manager.service
systemctl start kube-controller-manager.service
systemctl enable kube-scheduler.service
systemctl start kube-scheduler.servicenode节点配置
config
#node1,node2
vi /etc/kubernetes/config
#修改以下内容
KUBE_MASTER="--master=http://10.0.0.11:8080"node1节点,kubelet
#node1
vi /etc/kubernetes/kubelet
#修改以下内容
KUBELET_ADDRESS="--address=10.0.0.12"
KUBELET_HOSTNAME="--hostname-override=10.0.0.12"
KUBELET_API_SERVER="--api-servers=http://10.0.0.11:8080"node2节点,kubelet
#node2
vi /etc/kubernetes/kubelet
#修改以下内容
KUBELET_ADDRESS="--address=10.0.0.13"
KUBELET_HOSTNAME="--hostname-override=10.0.0.13"
KUBELET_API_SERVER="--api-servers=http://10.0.0.11:8080"修改完成后重启
#node1,node2
systemctl enable kubelet.service
systemctl start kubelet.service
systemctl enable kube-proxy.service
systemctl start kube-proxy.service验证节点状态
#master
kubectl get nodes所有节点配置flannel网络
#更新yum源
curl http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
#安装flannel
yum install flannel -y所有节点
#master,node1,node2
yum install flannel -y
sed -i 's#http://127.0.0.1:2379#http://10.0.0.11:2379#g' /etc/sysconfig/flanneldmaster节点
#master
#选择网段
etcdctl mk /atomic.io/network/config '{"Network": "172.16.0.0/16"}'
etcdctl get /atomic.io/network/config
systemctl enable flanneld.service
systemctl start flanneld.service
systemctl restart docker
systemctl restart kube-apiserver.service
systemctl restart kube-controller-manager.service
systemctl restart kube-scheduler.servicenode节点
#node1,node2
systemctl enable flanneld.service
systemctl start flanneld.service
systemctl restart docker
systemctl restart kubelet.service
systemctl restart kube-proxy.service配置master为镜像仓库
#master
vi /etc/sysconfig/docker
#修改以下内容
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --registry-mirror=https://registry.docker-cn.com --insecure-registry=10.0.0.11:5000'
#重启服务
systemctl restart docker配置本地registry
#master
#生成registry容器
docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry registry
#拉取镜像修改标签测试镜像仓库
docker pull nginx
docker tag nginx 10.0.0.11:5000/1997sty/nginx:v1
docker push 10.0.0.11:5000/1997sty/nginx:v1node节点配置
#node1,node2
vi /etc/sysconfig/docker
#修改以下内容
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --insecure-registry=10.0.0.11:5000'
#重启服务
systemctl restart docker拉取本地镜像测试
docker pull 10.0.0.11:5000/1997sty/nginx:v1k8s核心资源管理
PODS
创建第一个pod,创建所用的镜像是之前推送的nginx
#master
#创建目录
mkdir /opt/yml -p
#进入目录
cd /opt/yml
#创建yml文件
cat >k8s_pod.yml << EOF
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: web
spec:
containers:
- name: nginx
image: 10.0.0.11:5000/1997sty/nginx:v1
ports:
- containerPort: 80
EOF
#创建镜像
kubectl create -f k8s_pod.yml第一次创建镜像可能会出现以下报错
failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"- 解决方法:将准备好的镜像上传到本地,再推送到本地镜像仓库,修改所有节点的镜像配置文件,重启服务
#master
#从网上寻找资源registry.access.redhat.com/rhel7/pod-infrastructure:latest上传镜像到本地仓库
#进入目录上传镜像文件
cd /opt
#导入镜像
docker load -i pod-infrastructure-latest.tar.gz
#查看镜像并修改标签
docker images
docker tag docker.io/tianyebj/pod-infrastructure:latest 10.0.0.11:5000/1997sty/pod-infrastructure:latest
#推送镜像到本地仓库
docker push 10.0.0.11:5000/1997sty/pod-infrastructure:latest修改所有节点的配置文件并重启服务,再尝试重新创建pod
#node1,node2
vi /etc/kubernetes/kubelet
#修改以下内容
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=10.0.0.11:5000/1997sty/pod-infrastructure:latest"
#重启服务
systemctl restart kubelet.service删除pod,重新创建pod
#master
#删除后重新创建
kubectl delete pod nginx
kubectl create -f k8s_pod.yml当一个镜像更新以后,可以修改yml文件中的镜像信息,然后使用命令更新该pod
#master
#修改镜像标签并推送到本地仓库
docker pull nginx
docker tag docker.io/nginx:latest 10.0.0.11:5000/1997sty/nginx:v2
docker push 10.0.0.11:5000/1997sty/nginx:v2
#修改image信息
cat >k8s_pod.yml << EOF
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: web
spec:
containers:
- name: nginx
image: 10.0.0.11:5000/1997sty/nginx:v2
ports:
- containerPort: 80
EOF
#更新pod
kubectl replace --force -f k8s_pod.yml
#查看pod信息
kubectl get pods命令小结
- kubectl create -f k8s_pod.yml : 根据yml文件创建容器
- kubectl get pods : 查看所有pods信息
- kubectl get pods -o wide : 查看所有pods详细信息
- kubectl get pods nginx -o wide : 过滤查看pods详细信息
- kubectl get pods -o wide -l app=web : 过滤查看pods详细信息
- kubectl get pods -o wide --namespace=1997sty : 过滤查看pods详细信息
- kubectl describe pods : 查看进度和报错情况
- kubectl delete pod nginx : 删除容器
- kubectl replace --force -f k8s_pod.yml : 替换容器
RC
ReplicationController,RC保证在同一时间能够运行指定数量的Pod副本,保证Pod总是可用.如果实际Pod数量比指定的多就结束掉多余的,如果实际数量比指定的少就启动缺少的.当Pod失败,被删除或被终结时RC会自动创建新的Pod来保证副本数量.所以即使只有一个Pod也应该使用RC来进行管理
#master
#创建目录
mkdir /opt/yml -p
#进入目录
cd /opt/yml
#创建yml文件
cat >k8s_nginx_rc.yml<<EOF
apiVersion: v1
kind: ReplicationController
metadata:
name: nginxrc
spec:
replicas: 3
selector:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: 10.0.0.11:5000/1997sty/nginx:v2
ports:
EOF
#创建镜像
kubectl create -f k8s_nginx_rc.yml
#查看创建的容器(会看到3个运行的容器)
kubectl get pods -o wide
#查看rc
kubectl get rc
#删除rc
kubectl delete rc nginxrc副本数增加或减少
#master
#修改配置文件后用该命令再执行一次
kubectl replace -f k8s_nginx_rc.yml
#直接编辑配置(和vi操作类似,立即生效)
kubectl edit rc nginxrc
#修改当前副本数(立即生效)
kubectl scale rc nginxrc --replicas=4滚动升级及回滚
#master
#复制一份配置文件,改动其中的部分参数比如name,image
cp k8s_nginx_rc.yml k8s_nginx1_rc.yml
#逐一升级
kubectl rolling-update nginxrc -f k8s_nginx1_rc.yml --update-period=10s
#在升级过程中,可以在原命令最后加上--rollback进行回退.如果升级完成,则不可以使用这条指令进行回退
kubectl rolling-update nginx nginx1 --update-period=10s --rollback
#如果升级完成后需要回滚,则进行反向操作
kubectl rolling-update nginx -f k8s_nginx_rc.yml --update-period=10s命令小结
- kubectl create -f k8s_nginx_rc.yml : 根据yml文件创建容器
- kubectl get pods : 查看所有pods信息
- kubectl get pods -o wide : 查看所有pods详细信息
- kubectl delete rc nginx : 删除nginx的rc
- kubectl get rc : 查看所有rc信息
- kubectl scale rc RCNAME --replicas=4 : 修改复制集个数为4个
- kubectl rolling-update OLDRCNAME -f NEWRCFILE --update-period=5s : 对容器逐个升级间隔5秒
- kubectl rolling-update OLDRCNAME NEWRCNAME --rollback : 升级过程中回滚
depolyment
Deployment对象,顾名思义,是用于部署应用的对象.它使Kubernetes中最常用的一个对象,它为ReplicaSet和Pod的创建提供了一种声明式的定义方法,从而无需像前两篇文章中那样手动创建ReplicaSet和Pod对象(使用Deployment而不直接创建ReplicaSet是因为Deployment对象拥有许多ReplicaSet没有的特性,例如滚动升级和回滚).
#master
#创建目录
mkdir /opt/yml -p
#进入目录
cd /opt/yml
#创建yml文件
cat >k8s_nginx_dev.yml<<EOF
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx
spec:
replicas: 2
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: 10.0.0.11:5000/1997sty/nginx:v2
ports:
- containerPort: 80
EOF
#创建镜像
kubectl create -f k8s_nginx_dev.yml
#查看创建的容器(会看到2个运行的容器)
kubectl get pods -o wide
#查看deployment
kubectl get deployment
#删除deployment
kubectl delete deployment nginxdeployment滚动升级
#master
#滚动升级镜像
kubectl set image deployment/nginx nginx=10.0.0.11:5000/1997sty/nginx:v1
#回滚操作
kubectl rollout undo deployment/nginx实现自动pod伸缩
- horizontalpodautoscalers(HPA)
#master
#当资源使用到80%时,再启动一个pod,至少启动2个pod,最多6个pod
kubectl autoscale deployment nginx --min=2 --max=6 --cpu-percent=80
#查看配置
kubectl get hpa
#修改配置
kubectl edit hpa nginx命令小结
- kubectl create -f k8s_nginx_dev.yml : 根据yml文件创建容器
- kubectl get pods : 查看所有pods信息
- kubectl get pods -o wide : 查看所有pods详细信息
- kubectl delete deployment nginx : 删除nginx的deployment
- kubectl get deployment : 查看所有deployment信息
- kubectl autoscale deployment nginx --min=2 --max=6 --cpu-percent=80 : 实现自动pod伸缩
- kubectl set image deployment/nginx nginx=10.0.0.11:5000/1997sty/nginx:v1 : deployment滚动升级
- kubectl rollout undo deployment/nginx : deployment回滚
Service
Service可以看作是一组提供相同服务的Pod对外的访问接口.借助Service,应用可以方便地实现服务发现和负载均衡.
#master
#创建目录
mkdir /opt/yml -p
#进入目录
cd /opt/yml
#创建yml文件
cat >k8s_nginx_svc.yml<<EOF
apiVersion: v1
kind: Service
metadata:
name: nginxsvc
spec:
type: NodePort
ports:
- port: 80
nodePort: 30001
selector:
app: nginx
EOF
#创建Service
kubectl create -f k8s_nginx_svc.yml
#查看创建的svc
kubectl get svc
#curl验证
curl -I 10.0.0.12:30001
curl -I 10.0.0.13:30001k8s实现wordpress项目
准备NFS共享存储
#master
#安装服务,创建目录
yum install -y nfs-utils-*
mkdir /data /code
#编辑文件
vim /etc/exports
/data 10.0.0.0/24(rw,async,no_root_squash,no_all_squash)
/code 10.0.0.0/24(rw,async,no_root_squash,no_all_squash)
#启动服务
systemctl restart rpcbind
systemctl restart nfs
systemctl enable rpcbind
systemctl enable nfs
#查看挂载情况
showmount -e准备mysql,Wordpress相关的配置文件
#master
#创建目录
mkdir /opt/yml -p
mkdir /data
mkdir /code
#进入目录
cd /opt/yml
#MYSQL PV定义
cat > nfs_pv_data.yml<<EOF
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv0001
labels:
pv: nfs001
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Recycle
nfs:
path: "/data"
server: 10.0.0.11
readOnly: false
EOF
#Wordpress PV定义
cat > nfs_pv_code.yml<<EOF
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv0002
labels:
pv: nfs002
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Recycle
nfs:
path: "/code"
server: 10.0.0.11
readOnly: false
EOF
#MySQL PVC定义
cat > nfs_pvc_mysql.yml<<EOF
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: pvc0001
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
selector:
matchLabels:
pv: nfs001
EOF
#Wordpress PVC定义
cat > nfs_pvc_wp.yml<<EOF
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: pvc0002
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
selector:
matchLabels:
pv: nfs002
EOF
#创建pv和pvc
kubectl create -f nfs_pv_data.yml
kubectl create -f nfs_pvc_mysql.yml
kubectl create -f nfs_pv_code.yml
kubectl create -f nfs_pvc_wp.ymlmysql rc定义
- 上传
docker-mysql-5.7.tar.gz到/opt下
#master
#进入目录
cd /opt
#导入镜像
docker load -i docker-mysql-5.7.tar.gz
#修改标签并上传到本地仓库
docker tag b7dc06006192 10.0.0.11:5000/1997sty/mysql:5.7
docker push 10.0.0.11:5000/1997sty/mysql:5.7
#生成yaml文件
cat >mysql-rc.yaml << EOF
apiVersion: v1
kind: ReplicationController
metadata:
name: mysql
spec:
replicas: 1
selector:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: docker.io/mysql:5.7
ports:
- containerPort: 3306
volumeMounts:
- name: nfs-vol
mountPath: /var/lib/mysql
env:
- name: MYSQL_ROOT_PASSWORD
value: "somewordpress"
- name: MYSQL_DATABASE
value: "wordpress"
- name: MYSQL_USER
value: "wordpress"
- name: MYSQL_PASSWORD
value: "wordpress"
volumes:
- name: nfs-vol
persistentVolumeClaim:
claimName: pvc0001
EOF
#生成rc
kubectl create -f mysql-rc.yamlMYSQL svc定义
#master
cat > mysql-svc.yaml<<EOF
apiVersion: v1
kind: Service
metadata:
name: mysql
spec:
type: NodePort
ports:
- port: 3306
nodePort: 30336
selector:
app: mysql
EOF
#生成svc
kubectl create -f mysql-svc.yamlwordpress rc定义
- 上传
wordpress-latest.tar.gz到/opt下
#master
#进入目录
cd /opt
#导入镜像
docker load -i wordpress-latest.tar.gz
#修改标签并上传到本地仓库
docker tag e8cebf03929c 10.0.0.11:5000/1997sty/wordpress:latest
docker push 10.0.0.11:5000/1997sty/wordpress:latest
#获取mysql的地址
#获取到的ip填入WORDPRESS_DB_HOST的value中
kubectl get svc mysql
#生成yaml文件
cat >myweb-rc.yaml << EOF
apiVersion: v1
kind: ReplicationController
metadata:
name: myweb
spec:
replicas: 1
selector:
app: myweb
template:
metadata:
labels:
app: myweb
spec:
containers:
- name: myweb
image: docker.io/wordpress:latest
ports:
- containerPort: 80
volumeMounts:
- name: nfs-vol
mountPath: /var/www/html
env:
- name: WORDPRESS_DB_HOST
value: '10.254.251.90'
- name: WORDPRESS_DB_USER
value: 'wordpress'
- name: WORDPRESS_DB_PASSWORD
value: 'wordpress'
volumes:
- name: nfs-vol
persistentVolumeClaim:
claimName: pvc0002
EOF
#生成rc
kubectl create -f myweb-rc.yamlwordpress svc定义
#master
cat > myweb-svc.yaml<<EOF
apiVersion: v1
kind: Service
metadata:
name: myweb
spec:
type: NodePort
ports:
- port: 80
nodePort: 30008
selector:
app: myweb
EOF
#生成svc
kubectl create -f myweb-svc.yaml访问测试
[root@master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
mysql-x1s6h 1/1 Running 0 36m 172.16.57.2 10.0.0.12
myweb-p9jf1 1/1 Running 0 14m 172.16.42.2 10.0.0.13- mysql: 地址10.0.0.12:30336,用户wordpress,密码wordpress
- web: 地址10.0.0.13:30008
Alipay
Wechat
最后一次更新于2020-05-21 11:34
0 条评论