k8s常用笔记
安装docker
// 安装docker
$ yum install -y docker-ce
// 开机启动 && 启动服务
$ systemctl enable docker && systemctl start docker
添加国内yum源
mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo
yum clean all && yum makecache
添加kubernetes.repo源
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=
gpgcheck=
repo_gpgcheck=
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
安装kubelet kubeadm kubectl(并设置开机启动,我这里是1.14.3版本)
yum install -y kubelet-1.14. kubeadm-1.14. kubectl-1.14. systemctl enable kubelet && systemctl start kubelet
初始化k8s,这里初始化有点久,耐心等待
kubeadm init --kubernetes-version=1.14. --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.1.0.0/ --pod-network-cidr=10.244.0.0/
添加flannel网络
cat <<EOF> /etc/cni/net.d/-flannel.conf
{"name":"cbr0","type":"flannel","delegate": {"isDefaultGateway": true}}
EOF
mkdir /usr/share/oci-umount/oci-umount.d -p
mkdir /run/flannel/
cat <<EOF> /run/flannel/subnet.env
FLANNEL_NETWORK=172.100.1.0/
FLANNEL_SUBNET=172.100.1.0/
FLANNEL_MTU=
FLANNEL_IPMASQ=true
EOF
kubectl apply -f kube-flannel.yml
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: flannel
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- ""
resources:
- nodes
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- patch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: flannel
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flannel
subjects:
- kind: ServiceAccount
name: flannel
namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: flannel
namespace: kube-system
---
kind: ConfigMap
apiVersion: v1
metadata:
name: kube-flannel-cfg
namespace: kube-system
labels:
tier: node
app: flannel
data:
cni-conf.json: |
{
"name": "cbr0",
"plugins": [
{
"type": "flannel",
"delegate": {
"hairpinMode": true,
"isDefaultGateway": true
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
net-conf.json: |
{
"Network": "10.244.0.0/16",
"Backend": {
"Type": "vxlan"
}
}
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-flannel-ds
namespace: kube-system
labels:
tier: node
app: flannel
spec:
template:
metadata:
labels:
tier: node
app: flannel
spec:
hostNetwork: true
nodeSelector:
beta.kubernetes.io/arch: amd64
tolerations:
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
- name: install-cni
image: quay.io/coreos/flannel:v0.9.1
command:
- cp
args:
- -f
- /etc/kube-flannel/cni-conf.json
- /etc/cni/net.d/-flannel.conflist
volumeMounts:
- name: cni
mountPath: /etc/cni/net.d
- name: flannel-cfg
mountPath: /etc/kube-flannel/
containers:
- name: kube-flannel
image: quay.io/coreos/flannel:v0.9.1
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
resources:
requests:
cpu: "100m"
memory: "100Mi"
limits:
cpu: "100m"
memory: "200Mi"
securityContext:
privileged: true
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: run
mountPath: /run
- name: flannel-cfg
mountPath: /etc/kube-flannel/
volumes:
- name: run
hostPath:
path: /run
- name: cni
hostPath:
path: /etc/cni/net.d
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
master允许运行节点
kubectl taint nodes --all node-role.kubernetes.io/master-
提示找不到kubectl
cp /etc/kubernetes/admin.conf ~/.kube/config
查看命令
//查看所有pod
kubectl get pods --all-namespaces //查看指定名称空间下的pod
kubectl get pods -n kube-system //查看节点错误信息
journalctl -f -u kubelet //查看节点
kubectl get node //查看服务
kubectl get svc //查看rc
kubectl get rc //查看deployment部署
kubectl get deployment //查看pod信息
kubectl describe pod [PodName] -n kube-system //查看pod日志
kubectl logs -f [PodName] -n kube-system
部署rc
apiVersion: v1
kind: ReplicationController
metadata:
name: tibos-test
spec:
replicas:
selector:
name: tibos-test
template:
metadata:
labels:
name: tibos-test
spec:
containers:
- name: tibos-test
image: tibos.test
imagePullPolicy: IfNotPresent
ports:
- containerPort:
部署svc
apiVersion: v1
kind: Service
metadata:
name: tibos-test
spec:
type: NodePort
ports:
- port:
protocol: TCP
targetPort:
name: http
nodePort:
selector:
name: tibos-test
部署Ingress
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: tibos-ingress
spec:
rules:
- host: wmowm.com
http:
paths:
# 配置Context Path
- path: /test
backend:
serviceName: tibos-test
servicePort:
# 配置Context Path
- path: /test/v2
backend:
serviceName: tibos-test-v2
servicePort:
部署ConfigMap
apiVersion: v1
data:
appsettings.json: |
{
"Logging": {
"LogLevel": {
"Default": "Warning"
}
},
"AppSettings": {
"test": "",
"test2": "第二个版本"
},
"AllowedHosts": "*"
}
kind: ConfigMap
metadata:
creationTimestamp: null
name: appsettings
namespace: default
部署Deployment
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: tibos-test-v5
spec:
selector:
matchLabels:
app: tibos-test-v5
template:
metadata:
labels:
app: tibos-test-v5
spec:
containers:
- name: tibos-test-v5
image: tibos.test.v5
imagePullPolicy: IfNotPresent
ports:
- containerPort:
volumeMounts:
- mountPath: /app/appsettings.json
name: test
readOnly: true
subPath: appsettings.json
volumes:
- configMap:
defaultMode:
name: appsettings
name: test
部署仪盘表
kubectl apply -f http://mirror.faasx.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml //允许外部访问
kubectl proxy --address='0.0.0.0' --accept-hosts='^*$' //赋予admin权限,方便访问
cat kubernetes-dashboard.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
labels:
k8s-app: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kube-system //再次加载仪盘表
kubectl apply -f kubernetes-dashboard.yaml //启动代理,并挂载在后台运行
kubectl proxy --address='0.0.0.0' --accept-hosts='^*$' >/dev/null >& & //访问地址
http://10.0.1.157:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login
滚动升级
//rc
kubectl rolling-update tibos-test-v5 --image=tibos.test.v5 //deployments
kubectl set image deployment/tibos-test-v5 tibos-test-v5=tibos.test.v5
pod无法访问外网,节点添加一条路由规则
/sbin/iptables -t nat -I POSTROUTING -s 172.30.60.0/ -j MASQUERADE
k8s常用笔记的更多相关文章
- [转帖] K8S 常用命令
k8s常用命令 原贴地址 查看集群信息: [root@kubernetes-master pods]# kubectl cluster-info kubectl cluster-info展示结果 k ...
- git tag 常用笔记
git tag 常用笔记 查看 tag 列出现有 tag git tag 列出 v1.4.2 相关的 tag git tag -l "v1.4.2" 查看指定 tag 的信息 gi ...
- K8s常用命令操作
K8s常用命令操作 一.kubectl命令补全 1.master安装命令补全,并临时生效 yum install -y bash-completion source /usr/share/bash-c ...
- k8s常用操作命令
K8s常用命令操作 一.kubectl命令补全 .master安装命令补全,并临时生效 yum install -y bash-completion source /usr/share/bash-co ...
- 【K8s学习笔记】K8s是如何部署应用的?
本文内容 本文致力于介绍K8s一些基础概念与串联部署应用的主体流程,使用Minikube实操 基础架构概念回顾 温故而知新,上一节[K8S学习笔记]初识K8S 及架构组件 我们学习了K8s的发展历史. ...
- k8s学习笔记之五:Pod资源清单spec字段常用字段及含义
第一章.前言 在上一篇博客中,我们大致简述了一般情况下资源清单的格式,以及如何获得清单配置的命令帮助,下面我们再讲解下清单中spec字段中比较常见的字段及其含义 第二章.常用字段讲解 spec.con ...
- k8s学习笔记之八:存储卷
第一章.前言 默认情况下容器的数据都是非持久化的, 在容器消亡以后数据也跟着丢失, 所以 Docker 提供了 Volume 机制以便将数据持久化存储. 类似的, Kubernetes 提供了更强大的 ...
- k8s常用命令
K8s一些命令:通过yaml文件创建:kubectl create -f xxx.yaml (不建议使用,无法更新,必须先delete)kubectl apply -f xxx.yaml (创建+更新 ...
- K8S学习笔记之Kubernetes核心概念
0x00 Kubernetes简介 Kubernetes(K8S)是Google开源的容器集群管理系统,其设计源于Google在容器编排方面积累的丰富经验,并结合社区创新的最佳实践. K8S在Doc ...
随机推荐
- python面向对象--反射机制
class Black: feture="ugly" def __init__(self,name,addr): self.addr=addr self.name=name def ...
- 股票交易 (单调队列优化DP)
股票交易 $ solution: $ 这道题以前就写了,题目很好,但自己没有发题解,来补一篇: 首先,题目出得很有迷惑性,但我们不难想到状态要设天数,和自己手上的股票数目(因为这两个就是充要信息).而 ...
- 使用Node,Vue和ElasticSearch构建实时搜索引擎
(译者注:相关阅读:node.js,vue.js,Elasticsearch) 介绍 Elasticsearch是一个分布式的RESTful搜索和分析引擎,能够解决越来越多的用例. Elasticse ...
- [POJ1772] Substract
问题描述 We are given a sequence of N positive integers a = [a1, a2, ..., aN] on which we can perform co ...
- Dubbo学习-4-dubbo简单案例-1
模拟一个需求,通过dubbo实现RPC调用: 这里用户服务模块的查询用户地址的功能,就是一个服务提供者,而订单服务模块的创建订单模块就是一个服务消费者: 1. 创建服务提供者的maven工程:user ...
- 【HDOJ6656】Kejin Player(期望DP)
题意:玩一个共有n级的游戏,i级出发每次可以花a[i]的代价,有p[i]的几率变成i+1级,有1-p[i]的几率变成x[i]级,x[i]<=i 多次询问,每次询问从l级升到r级的期望总代价 n, ...
- asp.net开发微信公众平台----目录汇总-持续更新
1.[c#]asp.net微信公众平台开发(1)数据库设计 2.[c#]asp.net微信公众平台开发(2)多层架构框架搭建和入口实现 3.[c#]asp.net微信公众平台开发(3)微信消息封装及反 ...
- 史上最全最实用HBuilder快捷键大全
史上最全最实用HBuilder快捷键大全 一.文件操作二.编辑操作三.插入操作四.转义操作五.选择操作六.跳转操作七.查找操作八.运行九.视图一.文件操作新建菜单: ctrl + N新建: ctrl ...
- 全国地区sql表
/** * 中国省市区--地区SQL表 */ CREATE TABLE `rc_district` ( `id` smallint(5) unsigned NOT NULL AUTO_INCREMEN ...
- LintCode之在O(1)时间复杂度删除链表
题目描述: 分析:因为题目要求不能用循环,而且只给了要删除的节点,并没有给链表.所以我无法取得要删除节点的前一个节点,只能在待删除的节点以及下一个节点上做文章.我的思路是:将待删除的节点的下一个节点的 ...