Kubernetes
部署K8s
本文主要是介绍部署K8s,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
部署K8s
- 准备工作
- 所有节点安装Docker/kubeadm/kubelet
实验环境:
| 角色 | IP | 系统 |
|---|---|---|
| master | 192.168.164.141 | centos8 |
| node1 | 192.168.164.143 | centos8 |
| node2 | 192.168.164.144 | centos8 |
准备工作
1、设置主机名、关闭三台主机的防火墙和selinux、还有swap分区空间
这一步的操作是三台主机都要做的
//设置主机名 [root@master ~]# hostnamectl set-hostname master.example.com [root@master ~]# bash [root@master ~]# hostname master.example.com [root@node1 ~]# hostnamectl set-hostname node1.example.com [root@node1 ~]# bash [root@node1 ~]# hostname node1.example.com [root@node2 ~]# hostnamectl set-hostname node2.example.com [root@node2 ~]# bash [root@node2 ~]# hostname node2.example.com //关闭防护墙 [root@master ~]# systemctl disable --now firewalld.service Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. //关闭selinux [root@master ~]# vim /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted [root@master ~]# setenforce 0 //关闭swap分区空间 [root@master ~]# vim /etc/fstab # # /etc/fstab # Created by anaconda on Fri Nov 12 08:04:53 2021 # # Accessible filesystems, by reference, are maintained under '/dev/disk/'. # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info. # # After editing this file, run 'systemctl daemon-reload' to update systemd # units generated from this file. # /dev/mapper/cs-root / xfs defaults 0 0 UUID=b63f82a7-55fa-4e7c-b94e-71f1a1e3cb74 /boot xfs defaults 0 0 # 把下面一行删除掉即可 # 把下面一行删除掉即可 /dev/mapper/cs-swap none swap defaults 0 0
2、master配置DNS域名解析、IPv4流量传递到iptables的链。
node节点无需任何操作
//master主机上配置域名解析,让三台主机可以互通 [root@master ~]# vim /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 #添加以下三行内容 192.168.164.141 master master.example.com 192.168.164.143 node1 node1.example.com 192.168.164.144 node2 node2.example.com //master上配置流量传递 [root@master ~]# cat > /etc/sysctl.d/k8s.conf << EOF > net.bridge.bridge-nf-call-ip6tables = 1 > net.bridge.bridge-nf-call-iptables = 1 > EOF [root@master ~]# cat /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 [root@master ~]# sysctl --system //让刚刚修改的配置生效 * Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ... kernel.yama.ptrace_scope = 0 * Applying /usr/lib/sysctl.d/50-coredump.conf ... kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e * Applying /usr/lib/sysctl.d/50-default.conf ... kernel.sysrq = 16 kernel.core_uses_pid = 1 kernel.kptr_restrict = 1 net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.promote_secondaries = 1 net.core.default_qdisc = fq_codel fs.protected_hardlinks = 1 fs.protected_symlinks = 1 * Applying /usr/lib/sysctl.d/50-libkcapi-optmem_max.conf ... net.core.optmem_max = 81920 * Applying /usr/lib/sysctl.d/50-pid-max.conf ... kernel.pid_max = 4194304 * Applying /etc/sysctl.d/99-sysctl.conf ... * Applying /etc/sysctl.d/k8s.conf ... //成功读取到新添加的配置文件 * Applying /etc/sysctl.conf ...
3、时间同步、免密登陆
时间同步是所有主机都要做的,这里就拿master为例。而免密登陆是在master上操作,node节点无需任何操作
[root@master ~]# yum clean all //清理缓存
21 文件已删除
[root@master ~]# yum makecache //建立新的缓存,这样速度快而且还不会出现问题
CentOS Stream 8 - AppStream 11 MB/s | 18 MB 00:01
CentOS Stream 8 - BaseOS 9.9 MB/s | 16 MB 00:01
CentOS Stream 8 - Extras 26 kB/s | 16 kB 00:00
Extra Packages for Enterprise 263 kB/s | 980 kB 00:03
Extra Packages for Enterprise 18 kB/s | 137 kB 00:07
Extra Packages for Enterprise 2.7 MB/s | 11 MB 00:04
元数据缓存已建立。
//安装chrony时间同步
[root@master ~]# yum -y install chrony
[root@node1 ~]# yum -y install chrony
[root@node2 ~]# yum -y install chrony
//配置chrony、并设置开机自启
[root@master ~]# vim /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
pool time1.aliyun.com iburst
[root@master ~]# systemctl enable --now chronyd //开机自启
Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service.
[root@master ~]# systemctl status chrony
chronyd.service chrony-wait.service
[root@master ~]# systemctl status chronyd
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; e>
Active: active (running) since Fri 2021-12-17 20:44:11 CST>
Docs: man:chronyd(8)
man:chrony.conf(5)
Process: 84243 ExecStartPost=/usr/libexec/chrony-helper upd>
Process: 84239 ExecStart=/usr/sbin/chronyd $OPTIONS (code=e>
Main PID: 84241 (chronyd)
Tasks: 1 (limit: 23484)
Memory: 2.1M
CGroup: /system.slice/chronyd.service
└─84241 /usr/sbin/chronyd
12月 17 20:44:11 master.example.com systemd[1]: Starting NTP >
12月 17 20:44:11 master.example.com chronyd[84241]: chronyd v>
12月 17 20:44:11 master.example.com chronyd[84241]: Using rig>
12月 17 20:44:11 master.example.com systemd[1]: Started NTP c>
12月 17 20:44:19 master.example.com chronyd[84241]: Selected >
12月 17 20:44:19 master.example.com chronyd[84241]: System cl>
//master上做免密登陆,做这一步前要确保可以在master上ping通每个node
[root@master ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:wp5Ud+MXV0+ly3TI9V+jq/HV59YKc9kyJW2/RN7/Ojo root@master.example.com
The key's randomart image is:
+---[RSA 3072]----+
| *|
| . =+|
| . . o *.*|
| . . . o +.*+|
| + S ..=.=|
| o o .+*+|
| o .o.=+B|
| E+++*|
| ..+o*=|
+----[SHA256]-----+
//把master上密码传给所有人包括自己
[root@master ~]# ssh-copy-id master
[root@master ~]# ssh-copy-id node1
[root@master ~]# ssh-copy-id node2
准备工作完成后把所有的主机全部重启一遍
所有节点安装Docker/kubeadm/kubelet
这一部分的操作是所有主机都要做的,同样是以master为例,如果有特殊配置会罗列出来
Kubernetes默认CRI(容器运行时)为Docker,因此先安装Docker。
1、所有主机安装Docker(包括master),这里以master为例
//下载docker-ce的仓库源
[root@master ~]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
# 如果没有wget直接用yum下载即可 yum -y install wget
--2021-12-17 21:02:55-- https://mirrors.aliyun.com/docker-ce/
linux/centos/docker-ce.repo
正在解析主机 mirrors.aliyun.com (mirrors.aliyun.com)... 119.96
.71.243, 119.96.71.242, 119.96.71.239, ...
正在连接 mirrors.aliyun.com (mirrors.aliyun.com)|119.96.71.243
|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:2081 (2.0K) [application/octet-stream]
正在保存至: “/etc/yum.repos.d/docker-ce.repo”
/etc/yum.repos. 100%[=====>] 2.03K --.-KB/s 用时 0s
2021-12-17 21:02:55 (43.2 MB/s) - 已保存 “/etc/yum.repos.d/doc
ker-ce.repo” [2081/2081])
[root@master ~]# ls /etc/yum.repos.d/
CentOS-Stream-AppStream.repo CentOS-Stream-HighAvailability.repo docker-ce.repo epel-playground.repo
CentOS-Stream-BaseOS.repo CentOS-Stream-Media.repo epel-modular.repo epel.repo
CentOS-Stream-Debuginfo.repo CentOS-Stream-PowerTools.repo epel-next.repo epel-testing-modular.repo
CentOS-Stream-Extras.repo CentOS-Stream-RealTime.repo epel-next-testing.repo epel-testing.repo
//安装Docker
[root@master ~]# systemctl enable --now docker
[root@master ~]# systemctl enable --now docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
//查看版本号
[root@master ~]# docker --version
Docker version 20.10.12, build e91ed57
[root@node1 ~]# docker --version
Docker version 20.10.12, build e91ed57
[root@node2 ~]# docker --version
Docker version 20.10.12, build e91ed57
//配置Docker的加速器
[root@master ~]# cat > /etc/docker/daemon.json << EOF
> {
> "registry-mirrors": ["https://h8ln3iuy.mirror.aliyuncs.com"], //加速器的地址
> "exec-opts": ["native.cgroupdriver=systemd"], //使用原生的systemctl控制
> "log-driver": "json-file", //日志的格式
> "log-opts": { //日志的参数
> "max-size": "100m" //日志单个文件最大100MB,如果超过100就会回滚,会自动再创建一个文件记录日志
> },
> "storage-driver": "overlay2" //存储的驱动
> }
> EOF
2、添加kubernetes(K8s工具)阿里云YUM软件源
添加阿里云的kubernetes,便于安装工具
kubernetes源的地址
cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
3、安装kubeadm,kubelet和kubectl
[root@master ~]# yum install -y kubelet-1.20.0 kubeadm-1.20.0 kubectl-1.20.0 [root@master ~]# systemctl enable kubelet //值设置开机自启,但是不启动 Created symlink /etc/systemd/system/multi-user.target.wants/kubelet.service → /usr/lib/systemd/system/kubelet.service.
4、部署Kubernetes Master
master主机上操作;初始化一个集群
[root@master ~]# kubeadm init --apiserver-advertise-address=192.168.164.141 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.20.0 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16
# --apiserver-advertise-address=192.168.164.141 //master主机的IP
# --image-repository registry.aliyuncs.com/google_containers //使用阿里云的谷歌镜像仓库,因为国内登陆不了谷歌官网
# --kubernetes-version v1.20.0 //kubernetes版本号
# --service-cidr=10.96.0.0/12 //service的网段
# --pod-network-cidr=10.244.0.0/16 //pod的网段
//执行上面那个命令的拉取过程
[init] Using Kubernetes version: v1.20.0
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[WARNING FileExisting-tc]: tc not found in system path
[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 20.10.12. Latest validated version: 19.03
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local master.example.com] and IPs [10.96.0.1 192.168.164.141]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [localhost master.example.com] and IPs [192.168.164.141 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [localhost master.example.com] and IPs [192.168.164.141 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[apiclient] All control plane components are healthy after 15.510333 seconds
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.20" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Skipping phase. Please see --upload-certs
[mark-control-plane] Marking the node master.example.com as control-plane by adding the labels "node-role.kubernetes.io/master=''" and "node-role.kubernetes.io/control-plane='' (deprecated)"
[mark-control-plane] Marking the node master.example.com as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: jdrms8.yoqjpoeylkx9o25x
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
# 如果你想启用使用集群的话就要用下面的命令;如果是普通用户就执行下面的操作
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
# 如果你是管理员用户就执行下面的操作,但是我们一般不会这样操作。
# 因为这是临时的,我们需要做成永久生效的。下面会有教程
export KUBECONFIG=/etc/kubernetes/admin.conf
# 设置一个环境变量告诉系统使用的哪个配置文件
You should now deploy a pod network to the cluster.
# 你需要设置一个pod网络到集群中,使用下面的命令
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.164.141:6443 --token jdrms8.yoqjpoeylkx9o25x \
--discovery-token-ca-cert-hash sha256:0200386756147a66bde1724467396fceba045de5bd845dc7f427d29732d44766
//查看拉取下来的镜像
[root@master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.aliyuncs.com/google_containers/kube-proxy v1.20.0 10cc881966cf 12 months ago 118MB
registry.aliyuncs.com/google_containers/kube-scheduler v1.20.0 3138b6e3d471 12 months ago 46.4MB
registry.aliyuncs.com/google_containers/kube-apiserver v1.20.0 ca9843d3b545 12 months ago 122MB
registry.aliyuncs.com/google_containers/kube-controller-manager v1.20.0 b9fa1895dcaa 12 months ago 116MB
registry.aliyuncs.com/google_containers/etcd 3.4.13-0 0369cf4303ff 15 months ago 253MB
registry.aliyuncs.com/google_containers/coredns 1.7.0 bfe3a36ebd25 18 months ago 45.2MB
registry.aliyuncs.com/google_containers/pause 3.2 80d28bedfe5d 22 months ago 683kB
//根据官方推荐的方式做管理员的操作 把环境变量写成永久的
[root@master kubernetes]# pwd
/etc/kubernetes
[root@master kubernetes]# echo 'export KUBECONFIG=/etc/kubernetes/admin.conf' > /etc/profile.d/k8s.sh
[root@master kubernetes]# source /etc/profile.d/k8s.sh
//查看是否有控制节点
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master.example.com(master主机) NotReady(没有准备好) control-plane,master 22m v1.20.0
5、安装Pod网络插件(CNI)
做一步前要确保主机可以正常访问quay.io这个registery(仓库),因为是从红帽官方的quay.io拉取镜像
[root@master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml Unable to connect to the server: net/http: TLS handshake timeout [root@master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml podsecuritypolicy.policy/psp.flannel.unprivileged created // created 创建完成,出现这个表示完成 clusterrole.rbac.authorization.k8s.io/flannel created //created 创建完成 clusterrolebinding.rbac.authorization.k8s.io/flannel created //created 创建完成 serviceaccount/flannel created configmap/kube-flannel-cfg created daemonset.apps/kube-flannel-ds created //created 创建完成 # 如果下载不下来或者很慢就先把文件下载到本地,然后指定文件路径即可
6、 加入Kubernetes Node
在初始化集群的时候会反馈很多的信息,其中最后一句话是最重要的,这句话是一个命令,是在node端执行的,表示将node主机添加到k8s集群中
到所有的节点上执行这个命令 node1和node2
//node1上执行此命令
[root@node1 ~]# kubeadm join 192.168.164.141:6443 --token jdrms8.yoqjpoeylkx9o25x \
> --discovery-token-ca-cert-hash sha256:0200386756147a66bde1724467396fceba045de5bd845dc7f427d29732d44766
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[WARNING FileExisting-tc]: tc not found in system path
[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 20.10.12. Latest validated version: 19.03
[WARNING Hostname]: hostname "node1.example.com" could not be reached
[WARNING Hostname]: hostname "node1.example.com": lookup node1.example.com on 114.114.114.114:53: no such host
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
//node2上执行命令
[root@node2 ~]# kubeadm join 192.168.164.141:6443 --token jdrms8.yoqjpoeylkx9o25x \
> --discovery-token-ca-cert-hash sha256:0200386756147a66bde1724467396fceba045de5bd845dc7f427d29732d44766
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[WARNING FileExisting-tc]: tc not found in system path
[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 20.10.12. Latest validated version: 19.03
[WARNING Hostname]: hostname "node1.example.com" could not be reached
[WARNING Hostname]: hostname "node1.example.com": lookup node1.example.com on 114.114.114.114:53: no such host
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
//然后去master上查看受控节点的状态
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master.example.com Ready control-plane,master 39m v1.20.0
node1.example.com NotReady <none> 2m52s v1.20.0
node2.example.com NotReady <none> 78s v1.20.0
# 这个时候node1和node2是没有准备好的转态,这是正常的,因为后台还在拉取一些镜像,需要等待一会
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master.example.com Ready control-plane,master 43m v1.20.0
node1.example.com Ready <none> 6m44s v1.20.0
node2.example.com Ready <none> 5m10s v1.20.0
7、管理容器
[root@master ~]# kubectl get ns //查看所有的名称空间类型 NAME STATUS AGE default Active 46m kube-node-lease Active 46m kube-public Active 46m kube-system Active 46m //自动运行的容器都是属于这一类 //查看现有的容器状态 查看容器的状态的时候要指定名称空间 [root@master ~]# kubectl get pods -n kube-system # pods:所有的容器; -n:指定名称空间 NAME READY STATUS RESTARTS AGE coredns-7f89b7bc75-b25b7 1/1 Running 0 49m coredns-7f89b7bc75-fspzk 1/1 Running 0 49m etcd-master.example.com 1/1 Running 0 50m kube-apiserver-master.example.com 1/1 Running 0 50m kube-controller-manager-master.example.com 1/1 Running 0 50m kube-flannel-ds-dxgrv 1/1 Running 0 11m kube-flannel-ds-px4zx 1/1 Running 0 20m kube-flannel-ds-rlxs2 1/1 Running 0 13m kube-proxy-dhw8n 1/1 Running 0 13m kube-proxy-rbrtl 1/1 Running 0 49m kube-proxy-zpr2t 1/1 Running 0 11m kube-scheduler-master.example.com 1/1 Running 0 50m //查看容器时在那个主机上运行、IP是多少 [root@master ~]# kubectl get pods -n kube-system -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES coredns-7f89b7bc75-b25b7 1/1 Running 0 51m 10.244.0.2 master.example.com <none> <none> coredns-7f89b7bc75-fspzk 1/1 Running 0 51m 10.244.0.3 master.example.com <none> <none> etcd-master.example.com 1/1 Running 0 51m 192.168.164.141 master.example.com <none> <none> kube-apiserver-master.example.com 1/1 Running 0 51m 192.168.164.141 master.example.com <none> <none> kube-controller-manager-master.example.com 1/1 Running 0 51m 192.168.164.141 master.example.com <none> <none> kube-flannel-ds-dxgrv 1/1 Running 0 13m 192.168.164.144 node2.example.com <none> <none> kube-flannel-ds-px4zx 1/1 Running 0 21m 192.168.164.141 master.example.com <none> <none> kube-flannel-ds-rlxs2 1/1 Running 0 14m 192.168.164.143 node1.example.com <none> <none> kube-proxy-dhw8n 1/1 Running 0 14m 192.168.164.143 node1.example.com <none> <none> kube-proxy-rbrtl 1/1 Running 0 51m 192.168.164.141 master.example.com <none> <none> kube-proxy-zpr2t 1/1 Running 0 13m 192.168.164.144 node2.example.com <none> <none> kube-scheduler-master.example.com 1/1 Running 0 51m 192.168.164.141 master.example.com <none> <none>
8、测试kubernetes集群
在Kubernetes集群中创建一个pod,验证是否正常运行:
[root@master ~]# kubectl create deployment nginx --image nginx
deployment.apps/nginx created
# 创建一个deployment类型的的容器 名字叫nginx 镜像使用nginx
//暴露端口号
[root@master ~]# kubectl expose deployment nginx --port=80 --type=NodePort
service/nginx exposed
# 暴露deployment类型中的nginx 端口号为80 类型为节点端口
# 这里的暴露是service的端口号,而且他是有IP的。因为我们访问容器时访问的service的IP地址
//查看service的IP地址、端口号等
[root@master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 58m
nginx NodePort 10.106.17.133(serviceIP地址) <none> 80:31177/TCP 38s (暴露的是80端口)
//访问测试
[root@master ~]# curl http://10.106.17.133
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
这篇关于部署K8s的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
您可能喜欢
-
在Kubernetes (k8s) 中搭建三台 Nginx 服务器怎么实现?-icode9专业技术文章分享11-15
-
基于Kubernetes的自定义AWS云平台搭建指南11-05
-
基于Kubernetes Gateway API的现代流量管理方案11-05
-
在Kubernetes上部署你的第一个应用:Nginx服务器11-05
-
利用拓扑感知路由控制Kubernetes中的流量11-05
-
Kubernetes中的层次命名空间:更灵活的资源管理方案11-05
-
5分钟上手 Kubernetes:精简实用的 Kubectl 命令速查宝典!11-05
-
K8s 容器的定向调度与亲和性10-30
-
云原生周刊:K8s未来三大发展方向 丨2024.10.2810-28
-
亚马逊弹性Kubernetes服务(EKS)实战:轻松搭建Kubernetes平台10-25
-
KubeSphere 最佳实战:Kubernetes 部署集群模式 Nacos 实战指南10-22
-
K8sGPT+Ollama:一个免费的Kubernetes自动诊断工具10-10
-
Kubernetes:容器技术和所谓的“丢失”的SIGTERM信号(终止信号)10-10
-
在 Azure Kubernetes 上运行 Ollama10-08
-
10 个你不知道自己需要的 Kubernetes 工具09-26
栏目导航
