k8s常用笔记
安装docker
- // 安装docker
- $ yum install -y docker-ce
- // 开机启动 && 启动服务
- $ systemctl enable docker && systemctl start docker
添加国内yum源
- mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
- wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo
- wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo
- yum clean all && yum makecache
添加kubernetes.repo源
- [kubernetes]
- name=Kubernetes
- baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
- enabled=
- gpgcheck=
- repo_gpgcheck=
- gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
安装kubelet kubeadm kubectl(并设置开机启动,我这里是1.14.3版本)
- yum install -y kubelet-1.14. kubeadm-1.14. kubectl-1.14.
- systemctl enable kubelet && systemctl start kubelet
初始化k8s,这里初始化有点久,耐心等待
- kubeadm init --kubernetes-version=1.14. --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.1.0.0/ --pod-network-cidr=10.244.0.0/
添加flannel网络
- cat <<EOF> /etc/cni/net.d/-flannel.conf
- {"name":"cbr0","type":"flannel","delegate": {"isDefaultGateway": true}}
- EOF
- mkdir /usr/share/oci-umount/oci-umount.d -p
- mkdir /run/flannel/
- cat <<EOF> /run/flannel/subnet.env
- FLANNEL_NETWORK=172.100.1.0/
- FLANNEL_SUBNET=172.100.1.0/
- FLANNEL_MTU=
- FLANNEL_IPMASQ=true
- EOF
kubectl apply -f kube-flannel.yml
- ---
- kind: ClusterRole
- apiVersion: rbac.authorization.k8s.io/v1beta1
- metadata:
- name: flannel
- rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
- - apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- - nodes/status
- verbs:
- - patch
- ---
- kind: ClusterRoleBinding
- apiVersion: rbac.authorization.k8s.io/v1beta1
- metadata:
- name: flannel
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: flannel
- subjects:
- - kind: ServiceAccount
- name: flannel
- namespace: kube-system
- ---
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- name: flannel
- namespace: kube-system
- ---
- kind: ConfigMap
- apiVersion: v1
- metadata:
- name: kube-flannel-cfg
- namespace: kube-system
- labels:
- tier: node
- app: flannel
- data:
- cni-conf.json: |
- {
- "name": "cbr0",
- "plugins": [
- {
- "type": "flannel",
- "delegate": {
- "hairpinMode": true,
- "isDefaultGateway": true
- }
- },
- {
- "type": "portmap",
- "capabilities": {
- "portMappings": true
- }
- }
- ]
- }
- net-conf.json: |
- {
- "Network": "10.244.0.0/16",
- "Backend": {
- "Type": "vxlan"
- }
- }
- ---
- apiVersion: extensions/v1beta1
- kind: DaemonSet
- metadata:
- name: kube-flannel-ds
- namespace: kube-system
- labels:
- tier: node
- app: flannel
- spec:
- template:
- metadata:
- labels:
- tier: node
- app: flannel
- spec:
- hostNetwork: true
- nodeSelector:
- beta.kubernetes.io/arch: amd64
- tolerations:
- - key: node-role.kubernetes.io/master
- operator: Exists
- effect: NoSchedule
- serviceAccountName: flannel
- initContainers:
- - name: install-cni
- image: quay.io/coreos/flannel:v0.9.1
- command:
- - cp
- args:
- - -f
- - /etc/kube-flannel/cni-conf.json
- - /etc/cni/net.d/-flannel.conflist
- volumeMounts:
- - name: cni
- mountPath: /etc/cni/net.d
- - name: flannel-cfg
- mountPath: /etc/kube-flannel/
- containers:
- - name: kube-flannel
- image: quay.io/coreos/flannel:v0.9.1
- command:
- - /opt/bin/flanneld
- args:
- - --ip-masq
- - --kube-subnet-mgr
- resources:
- requests:
- cpu: "100m"
- memory: "100Mi"
- limits:
- cpu: "100m"
- memory: "200Mi"
- securityContext:
- privileged: true
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- volumeMounts:
- - name: run
- mountPath: /run
- - name: flannel-cfg
- mountPath: /etc/kube-flannel/
- volumes:
- - name: run
- hostPath:
- path: /run
- - name: cni
- hostPath:
- path: /etc/cni/net.d
- - name: flannel-cfg
- configMap:
- name: kube-flannel-cfg
master允许运行节点
- kubectl taint nodes --all node-role.kubernetes.io/master-
提示找不到kubectl
- cp /etc/kubernetes/admin.conf ~/.kube/config
查看命令
- //查看所有pod
- kubectl get pods --all-namespaces
- //查看指定名称空间下的pod
- kubectl get pods -n kube-system
- //查看节点错误信息
- journalctl -f -u kubelet
- //查看节点
- kubectl get node
- //查看服务
- kubectl get svc
- //查看rc
- kubectl get rc
- //查看deployment部署
- kubectl get deployment
- //查看pod信息
- kubectl describe pod [PodName] -n kube-system
- //查看pod日志
- kubectl logs -f [PodName] -n kube-system
部署rc
- apiVersion: v1
- kind: ReplicationController
- metadata:
- name: tibos-test
- spec:
- replicas:
- selector:
- name: tibos-test
- template:
- metadata:
- labels:
- name: tibos-test
- spec:
- containers:
- - name: tibos-test
- image: tibos.test
- imagePullPolicy: IfNotPresent
- ports:
- - containerPort:
部署svc
- apiVersion: v1
- kind: Service
- metadata:
- name: tibos-test
- spec:
- type: NodePort
- ports:
- - port:
- protocol: TCP
- targetPort:
- name: http
- nodePort:
- selector:
- name: tibos-test
部署Ingress
- apiVersion: extensions/v1beta1
- kind: Ingress
- metadata:
- name: tibos-ingress
- spec:
- rules:
- - host: wmowm.com
- http:
- paths:
- # 配置Context Path
- - path: /test
- backend:
- serviceName: tibos-test
- servicePort:
- # 配置Context Path
- - path: /test/v2
- backend:
- serviceName: tibos-test-v2
- servicePort:
部署ConfigMap
- apiVersion: v1
- data:
- appsettings.json: |
- {
- "Logging": {
- "LogLevel": {
- "Default": "Warning"
- }
- },
- "AppSettings": {
- "test": "",
- "test2": "第二个版本"
- },
- "AllowedHosts": "*"
- }
- kind: ConfigMap
- metadata:
- creationTimestamp: null
- name: appsettings
- namespace: default
部署Deployment
- apiVersion: extensions/v1beta1
- kind: Deployment
- metadata:
- name: tibos-test-v5
- spec:
- selector:
- matchLabels:
- app: tibos-test-v5
- template:
- metadata:
- labels:
- app: tibos-test-v5
- spec:
- containers:
- - name: tibos-test-v5
- image: tibos.test.v5
- imagePullPolicy: IfNotPresent
- ports:
- - containerPort:
- volumeMounts:
- - mountPath: /app/appsettings.json
- name: test
- readOnly: true
- subPath: appsettings.json
- volumes:
- - configMap:
- defaultMode:
- name: appsettings
- name: test
部署仪盘表
- kubectl apply -f http://mirror.faasx.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
- //允许外部访问
- kubectl proxy --address='0.0.0.0' --accept-hosts='^*$'
- //赋予admin权限,方便访问
- cat kubernetes-dashboard.yaml
- apiVersion: rbac.authorization.k8s.io/v1beta1
- kind: ClusterRoleBinding
- metadata:
- name: kubernetes-dashboard
- labels:
- k8s-app: kubernetes-dashboard
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: cluster-admin
- subjects:
- - kind: ServiceAccount
- name: kubernetes-dashboard
- namespace: kube-system
- //再次加载仪盘表
- kubectl apply -f kubernetes-dashboard.yaml
- //启动代理,并挂载在后台运行
- kubectl proxy --address='0.0.0.0' --accept-hosts='^*$' >/dev/null >& &
- //访问地址
- http://10.0.1.157:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login
滚动升级
- //rc
- kubectl rolling-update tibos-test-v5 --image=tibos.test.v5
- //deployments
- kubectl set image deployment/tibos-test-v5 tibos-test-v5=tibos.test.v5
pod无法访问外网,节点添加一条路由规则
- /sbin/iptables -t nat -I POSTROUTING -s 172.30.60.0/ -j MASQUERADE
k8s常用笔记的更多相关文章
- [转帖] K8S 常用命令
k8s常用命令 原贴地址 查看集群信息: [root@kubernetes-master pods]# kubectl cluster-info kubectl cluster-info展示结果 k ...
- git tag 常用笔记
git tag 常用笔记 查看 tag 列出现有 tag git tag 列出 v1.4.2 相关的 tag git tag -l "v1.4.2" 查看指定 tag 的信息 gi ...
- K8s常用命令操作
K8s常用命令操作 一.kubectl命令补全 1.master安装命令补全,并临时生效 yum install -y bash-completion source /usr/share/bash-c ...
- k8s常用操作命令
K8s常用命令操作 一.kubectl命令补全 .master安装命令补全,并临时生效 yum install -y bash-completion source /usr/share/bash-co ...
- 【K8s学习笔记】K8s是如何部署应用的?
本文内容 本文致力于介绍K8s一些基础概念与串联部署应用的主体流程,使用Minikube实操 基础架构概念回顾 温故而知新,上一节[K8S学习笔记]初识K8S 及架构组件 我们学习了K8s的发展历史. ...
- k8s学习笔记之五:Pod资源清单spec字段常用字段及含义
第一章.前言 在上一篇博客中,我们大致简述了一般情况下资源清单的格式,以及如何获得清单配置的命令帮助,下面我们再讲解下清单中spec字段中比较常见的字段及其含义 第二章.常用字段讲解 spec.con ...
- k8s学习笔记之八:存储卷
第一章.前言 默认情况下容器的数据都是非持久化的, 在容器消亡以后数据也跟着丢失, 所以 Docker 提供了 Volume 机制以便将数据持久化存储. 类似的, Kubernetes 提供了更强大的 ...
- k8s常用命令
K8s一些命令:通过yaml文件创建:kubectl create -f xxx.yaml (不建议使用,无法更新,必须先delete)kubectl apply -f xxx.yaml (创建+更新 ...
- K8S学习笔记之Kubernetes核心概念
0x00 Kubernetes简介 Kubernetes(K8S)是Google开源的容器集群管理系统,其设计源于Google在容器编排方面积累的丰富经验,并结合社区创新的最佳实践. K8S在Doc ...
随机推荐
- Java版基于SpringBoot+Vue.js实现自动创表自动定时采集(各个微信公众号商城产品进行采集)-爬虫篇
- VS2012在解决方案资源管理器显示解决方案名称
工具>选项>项目与解决方案(需点右下方的显示所有)>点上 总是显示解决方案
- bzoj5518 & loj3046 「ZJOI2019」语言 线段树合并+树链的并
题目传送门 https://loj.ac/problem/3046 题解 首先问题就是问有多少条路径是给定的几条路径中的一条的一个子段. 先考虑链的做法. 枚举右端点 \(i\),那么求出 \(j\) ...
- SoupUI 结合loadrunner压力测试
SoupUI 结合loadrunner压力测试 上一篇介绍了SoupUI接口测试,因为工作需要,需要在loadrunner进行websocket的压力测试,当然,SoupUI本身也是可以做性能测试的 ...
- MySQL数据库5事务、视图、触发器、函数、数据库的备份
目录 一.事务(important) 1.1什么是事务? 1.2解决办法 1.2.1事务的语法 1.2.2使用事务解决转账问题代码演示 1.2.3rollback 1.3事务的特性(important ...
- redis学习 --Sorted Set
一.概述: Sorted Set(有序集合)和Set类型极为相似,它们都是字符串的集合,都不允许重复的成员出现在一个Set中.它们之间的主要差别是Sorted Set中的每一个成员都会有一个分数(sc ...
- java中 运算符
我们先讨论 &,&&,| ,|| 这四个运算符 boolean a=true; boolean b=true; boolean c=false; //输出:a为true,b ...
- 小陈现有2个任务A,B要完成,每个任务分别有若干步骤如下 一道网上没啥题解的难题(至少我是这么觉得的)
小陈现有2个任务A,B要完成,每个任务分别有若干步骤如下:A=a1->a2->a3,B=b1->b2->b3->b4->b5.在任何时候,小陈只能专心做某个任务的一 ...
- HTTrack Website Copier 扫描规则
+*.css +*.js -ad.doubleclick.net/* -mime:application/foobar+*.gif +*.jpg +*.jpeg +*.png +*.tif +*.bm ...
- Ntdll.h
转自:https://www.cnblogs.com/gwsbhqt/p/5092390.html 为了能使用上Ntdll.lib库函数,从几份不完整的Ntdll.h中拼凑整理出了比较完整美观的Ntd ...