K8S的简单搭建与入门

2021-09-07

环境

image.png

image.png

准备工作

1、更新yum

yum update

2、安装rhsm

yum install *rhsm*

3、安装证书

PS: 如果etc/rhsm/ca/有证书就跳过

wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm

4、校验证书

rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem

开始安装

1、下载k8s

yum install etcd kubernetes -y

2、修改

apiserver中得对外端口和KUBE_ADMISSION_CONTROL去掉SecurityContextDeny,ServiceAccount

修改KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"

cd /etc/kubernetes
vim apiserver

image.png

vim kubelet

修改KUBELET_ARGS="--cluster-dns=10.0.0.110 --cluster-domain=cluster.local"

image.png

3、关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

4、依次启动服务

systemctl start etcd
systemctl start docker
systemctl start kube-apiserver
systemctl start kube-controller-manager
systemctl start kube-scheduler
systemctl start kubelet
systemctl start kube-proxy

安装dashboard

1、docker拉取镜像

docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest

2、搭建kubernetes-dashboard

mkdir -p /opt/k8s_project/dashboard
cd /opt/k8s_project/dashboard
touch kubernetes-dashboard.yaml

3、编辑kubernetes-dashboard.yaml

vim kubernetes-dashboard.yaml

kubernetes-dashboard.yaml:

kind: Deployment 
apiVersion: extensions/v1beta1 
metadata: 
  labels: 
    app: kubernetes-dashboard 
  name: kubernetes-dashboard 
  namespace: kube-system 
spec: 
  replicas: 1 
  selector: 
    matchLabels: 
      app: kubernetes-dashboard 
  template: 
    metadata: 
      labels: 
        app: kubernetes-dashboard  
      annotations: 
        scheduler.alpha.kubernetes.io/tolerations: | 
          [ 
            { 
              "key": "dedicated", 
              "operator": "Equal", 
              "value": "master", 
              "effect": "NoSchedule" 
            } 
          ] 
    spec: 
      containers: 
      - name: kubernetes-dashboard 
        image: docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1 
        imagePullPolicy: Always 
        ports: 
        - containerPort: 9090 
          protocol: TCP 
        args: 
          - --apiserver-host=http://172.17.0.1:8080 #与服务apiserver相连
        livenessProbe: 
          httpGet: 
            path: / 
            port: 9090 
          initialDelaySeconds: 30 
          timeoutSeconds: 30 
--- 
kind: Service 
apiVersion: v1 
metadata: 
  labels: 
    app: kubernetes-dashboard 
  name: kubernetes-dashboard 
  namespace: kube-system 
spec:
  type: NodePort #开启对外端口
  ports: 
  - port: 80 #为内部CLUSTER-IP对应端口80
    targetPort: 9090 #为容器内部所对应端口9090
    nodePort: 30000 #对外端口为30000
  selector: 
    app: kubernetes-dashboard

4、下载kubernetes-dashboard镜像

docker pull docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1

5、创建kubernetes-dashboard命令

kubectl create -f kubernetes-dashboard.yaml

6、查看pods

kubectl get pods --all-namespaces -o wide

image.png

7、查看service

kubectl get svc --all-namespaces -o wide

image.png

PS:意外

如果出现类似以下情况:StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image "registry.access.redhat.com/rhel7/pod-infrastructure:latest""

image.png

重复一遍准备工作,一般是由于rhsm和pem没得

访问

1、直接用公网IP:port进行访问 eg:10.0.0.1:30000

PS:可能存在访问不通

再次运行关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

效果

image.png

常用命令

创建服务

kubectl create -f xxx.yaml 

查看启动

kubectl get svc
kubectl get rc
kubectl get rc -o wide

image.png

查看pods

kubectl get pods

查看日志

kubectl describe pod mysql-rc-1h3n9

image.png

关闭服务

kubectl stop replicationcontroller mysql-rc
or
kubectl delete -f kubernetes-dashboard.yaml 

eg:

# 关闭 foo.
$ kubectl stop replicationcontroller foo
# 通过标签`name=myLabel`来终止 pod 和 service。
$ kubectl stop pods,services -l name=myLabe
# 关闭由`service.json`定义的`service`。
$ kubectl stop -f service.json
# 关闭`path/to/resources`文件夹下所有资源。
$ kubectl stop -f path/to/resources

查看dns解析

nslookup name

docker常用命令

docker ps  #查看运行容器
docker ps -a   #查看所有容器
docker images 查看镜像
docker stop/start/restart xxx 停止、启动、重启
docker pull 拉取
...

安装mysql

mysql-rc.yaml:

apiVersion: v1
kind: ReplicationController
metadata:
  name: mysql-rc
  labels:
    name: mysql-rc
spec:
  replicas: 1
  selector:
    name: mysql-pod
  template:
    metadata:
      labels: 
        name: mysql-pod
    spec:
      containers:
      - name: mysql
        image: mysql
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 3306
        env:
        - name: MYSQL_ROOT_PASSWORD
          value: "root"

mysql-svc.yaml:

apiVersion: v1
kind: Service
metadata:
  name: mysql-service
  labels:
    app: mysql
spec:
  type: NodePort
  selector:
      app: mysql
  ports:
  - protocol : TCP
    nodePort: 30306
    port: 3306
    targetPort: 3306

安装nginx

nginx-rc.yaml

apiVersion: v1
kind: ReplicationController
metadata:
  name: nginx-controller
spec:
  replicas: 1
  selector:
    name: nginx
  template:
    metadata:
      labels:
        name: nginx
    spec:
      containers:
        - name: nginx
          image: nginx
          ports:
            - containerPort: 80

nginx-service.yaml

apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  type: NodePort
  ports:
    - port: 8001 #内部CLUSTER-IP端口8001
      targetPort: 80 #容器内部端口80
      nodePort: 30001 #外网访问ip30001
  selector:
    name: nginx

模板yaml文件,(参考用)

apiVersion: v1
  kind: pod
  metadata:
    name: String
    namespace: String
    labels:
      - name: String
    annotations:
      - name: String
  spec:
    containers:
    - name: String
      image: String
      imagePullPolicy: [Always|Never|IfNotPresent]
      command: [String]
      args: [String]
      workingDir: String
    volumeMounts:
      - name: String
        mountPath: String
        readOnly: boolean
    ports:
      - name: String
        containerPort: int
        hostPort: int
        protocol: String
    env:
      - name: String
        value: String
    resources:
      limits:
        cpu: Srting
        memory: String
      requeste:
        cpu: String
        memory: String
    livenessProbe:
      exec:
        command: [String]
      httpGet:
        path: String
        port: number
        host: String
        scheme: Srtring
        httpHeaders:
          - name: Stirng
            value: String
      tcpSocket:
        port: number
      initialDelaySeconds: 0
      timeoutSeconds: 0
      periodSeconds: 0
      successThreshold: 0
      failureThreshold: 0
      securityContext:
        privileged: falae
    restartPolicy: [Always|Never|OnFailure]
    nodeSelector: object
    imagePullSecrets:
      - name: String
    hostNetwork: false
    volumes:
      - name: String
        meptyDir: {}
        hostPath:
          path: string
        secret:
          secretName: String
          item:
            - key: String
              path: String
        configMap:
          name: String
          items:
            - key: String
              path: String


标题:K8S的简单搭建与入门
作者:sirwsl
地址:https://www.wslhome.top/articles/2021/08/19/1629343649781.html