deployment
#是最常用的controller deployment可以管理pod的多个副本,并确保pod按照期望的状态运行。
replicaset
#实现了pod的多副本管理。使用deployment时会自动创建replicaset,也就是说deployment是通过replicaset来管理pod的多个副本的,我们通常不需要直接使用replicaset。
daemonset
#用于每个node最多只运行一个pod副本的场景。正如其名称所示的,daemonset通常用于运行daemon。
statefuleset
#能够保证pod的每个副本在整个生命周期中名称是不变的,而其他controller不提供这个功能。当某个pod发生故障需要删除并重新启动时,pod的名称会发生变化,同时statefulset会保证副本按照固定的顺序启动、更新或者删除。
job
#用于运行结束就删除的应用,而其他controller中的pod通常是长期持续运行的。
vim /etc/hosts
10.0.0.50 k8s-master
10.0.0.51 k8s-node-01
10.0.0.52 k8s-node-02$ hostnamectl set-hostname k8s-master
$ echo "127.0.0.1 $(hostname)" >> /etc/hosts$ hostnamectl set-hostname k8s-node-01
$ echo "127.0.0.1 $(hostname)" >> /etc/hosts$ hostnamectl set-hostname k8s-node-02
$ echo "127.0.0.1 $(hostname)" >> /etc/hostssystemctl start chronyd.service && systemctl enable chronyd.servicesystemctl stop firewalld && systemctl disable firewalldsetenforce 0
sed -i s/^SELINUX=enforcing$/SELINUX=disabled/ /etc/selinux/configswapoff -a && sysctl -w vm.swappiness=0
vi /etc/fstab
#/dev/mapper/centos-swap swap swap defaults 0 0$ cat < /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 10
EOF $ modprobe br_netfilter$ sysctl -p /etc/sysctl.d/k8s.conf$ ls /proc/sys/net/bridgeip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack_ipv4
$ cat > /etc/sysconfig/modules/ipvs.modules <
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF$ chmod 755 /etc/sysconfig/modules/ipvs.modules$ bash /etc/sysconfig/modules/ipvs.modules$ lsmod | grep -e ip_vs -e nf_conntrack_ipv4$ yum install -y ipset ipvsadmecho "* soft nofile 65536" >> /etc/security/limits.conf
echo "* hard nofile 65536" >> /etc/security/limits.conf
echo "* soft nproc 65536" >> /etc/security/limits.conf
echo "* hard nproc 65536" >> /etc/security/limits.conf
echo "* soft memlock unlimited" >> /etc/security/limits.conf
echo "* hard memlock unlimited" >> /etc/security/limits.confyum install -y epel-release
yum install -y yum-utils device-mapper-persistent-data lvm2 net-tools conntrack-
tools wget vim ntpdate libseccomp libtool-ltdlyum-config-manager --add-repo http://mirrors.aliyun.com/docker-
ce/linux/centos/docker-ce.repoyum install -y docker-ce-18.09.9-3.el7$ vi /lib/systemd/system/docker.serviceExecStart=/usr/bin/docker --graph /apps/dockermkdir -p /etc/docker
cat > /etc/docker/daemon.json << EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
"https://dockerhub.azk8s.cn",
"http://hub-mirror.c.163.com",
"https://registry.docker-cn.com"
],
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m",
"max-file":"5"
}
}
EOF$ systemctl start docker && systemctl enable dockerkubelet: 在集群中的每个节点上用来启动 pod 和 container 等;
kubectl: 用来与集群通信的命令行工具;
kubeadm: 用来初始化集群的指令。
yum install -y kubelet-1.16.3-0yum install -y kubectl-1.16.3-0yum install -y kubeadm-1.16.3-0systemctl start kubelet && systemctl enable kubeletreboot配置 localAPIEndpoint.advertiseAddress 参数,调整为你的 Master 服务器地址;
配置 imageRepository 参数,调整 kubernetes 镜像下载地址为阿里云;
配置 networking.podSubnet 参数,调整为你要设置的网络范围。
$ cat > kubeadm-config.yaml << EOF
apiVersion: kubeadm.k8s.io/v1beta2
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 10.0.0.50
bindPort: 6443
nodeRegistration:
taints:
- effect: PreferNoSchedule
key: node-role.kubernetes.io/master
---
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
imageRepository: registry.aliyuncs.com/google_containers
kubernetesVersion: v1.16.3
networking:
podSubnet: 10.244.0.0/16
serviceSubnet: 10.96.0.0/12
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
mode: ipvs
EOFkubeadm init --config kubeadm-config.yaml......
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as
root:
kubeadm join 192.168.2.11:6443 --token 4udy8a.f77ai0zun477kx0p
--discovery-token-ca-cert-hash
sha256:4645472f24b438e0ecf5964b6dcd64913f68e0f9f7458768cfb96a9ab16b4212$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config$ kubeadm join 192.168.2.11:6443 --token 4udy8a.f77ai0zun477kx0p
--discovery-token-ca-cert-hash
sha256:4645472f24b438e0ecf5964b6dcd64913f68e0f9f7458768cfb96a9ab16b4212$ wget https://docs.projectcalico.org/v3.10/getting-
started/kubernetes/installation/hosted/kubernetes-datastore/calico-
networking/1.7/calico.yamlsed -i s/192.168.0.0/10.244.0.0/g calico.yamlkubectl apply -f calico.yamlkubectl get pod -n kube-system5. 配置 Kubectl 命令自动补全(Master 节点)
yum install -y bash-completionsource /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrcapiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: default-http-backend
labels:
k8s-app: default-http-backend
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
k8s-app: default-http-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
# Any image is permissable as long as:
# 1. It serves a 404 page at /
# 2. It serves 200 on a /healthz endpoint
image: 192.168.121.140:5000/defaultbackend
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
---
apiVersion: v1
kind: Service
metadata:
name: default-http-backend
namespace: kube-system
labels:
k8s-app: default-http-backend
spec:
ports:
- port: 80
targetPort: 8080
selector:
k8s-app: default-http-backendkubectl apply -f default-backend.yaml#访问网站下载文件
https://github.com/kubernetes/ingress-nginx/blob/controller-
v0.48.1/deploy/static/provider/baremetal/deploy.yaml#部署ingress-nginx
kubectl apply -f deploy.yaml
kubectl get pods -n ingress-nginx#ingress_test.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ingress-test
annotations:
kubernetes.io/ingress.class: "nginx"
# 开启use-regex,启用path的正则匹配
nginx.ingress.kubernetes.io/use-regex: "true"
spec:
rules:
# 定义域名
- host: test.ingress.com
http:
paths:
# 不同path转发到不同端口
- path: /
backend:
serviceName: nginx-controller
servicePort: 8000kubectl apply -f ingress_test.yamlvim nginx-rc.yaml
apiVersion: v1
kind: Deployment
metadata:
name: nginx-controller
spec:
replicas: 2
selector:
name: nginx
template:
metadata:
labels:
name: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
cat nginx-server-nodeport.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-service-nodeport
spec:
ports:
- port: 8000
targetPort: 80
protocol: TCP
type: NodePort
selector:
name: nginx
#创建pod以及service
kubectl apply -f nginx-rc.yaml
kubectl apply -f nginx-server-nodeport.yamlcurl -i test.ingress.com
HTTP/1.1 200 OK文章版权归作者所有,未经允许请勿转载,若此文章存在违规行为,您可以联系管理员删除。
转载请注明本文地址:https://www.ucloud.cn/yun/129561.html
摘要:我们要学习,就有首先了解的技术范围基础理论知识库等,要学习,肯定要有入门过程,在这个过程中,学习要从易到难,先从基础学习。组件组件一个集群是由一组被称为节点的机器或虚拟机组成,节点有两种类型。我们要学习 Kubernetes,就有首先了解 Kubernetes 的技术范围、基础理论知识库等,要学习 Kubernetes,肯定要有入门过程,在这个过程中,学习要从易到难,先从基础学习。 接...
摘要:联调测试,无需依赖他人。针对以上问题,有两种解决方法,一个是自己搭建私有服务,另一个是用云服务的镜像管理平台如阿里云的容器镜像服务。利用,先对阿里云的服务进行登录。推送后,就能在阿里云的仓库上看到这个镜像。 Docker简述 Docker是一种OS虚拟化技术,是一个开源的应用容器引擎。它可以让开发者将应用打包到一个可移植的容器中,并且该容器可以运行在几乎所有linux系统中(Windo...
摘要:月日日,灵雀云企业定制培训在深圳招商银行总部圆满结束。灵雀云培训中强调理论实践工具落地相结合。灵雀云是官方认证培训合作伙伴服务提供商。不久之后,灵雀云还将推出微服务的培训课程。 showImg(https://segmentfault.com/img/bVblpFV?w=600&h=334); 12月13日-14日,灵雀云企业定制k8s培训在深圳招商银行总部圆满结束。 来自招行总部信息...
摘要:因此本篇博文将讲解如何在本地构建一个带组件的底包镜像并上传到上供下载使用。 showImg(https://segmentfault.com/img/remote/1460000013318761); 【利用K8S技术栈打造个人私有云系列文章目录】 利用K8S技术栈打造个人私有云(连载之:初章) 利用K8S技术栈打造个人私有云(连载之:K8S集群搭建) 利用K8S技术栈打造个人私...
摘要:因此本篇博文将讲解如何在本地构建一个带组件的底包镜像并上传到上供下载使用。 showImg(https://segmentfault.com/img/remote/1460000013318761); 【利用K8S技术栈打造个人私有云系列文章目录】 利用K8S技术栈打造个人私有云(连载之:初章) 利用K8S技术栈打造个人私有云(连载之:K8S集群搭建) 利用K8S技术栈打造个人私...
阅读 1346·2023-01-11 13:20
阅读 1684·2023-01-11 13:20
阅读 1132·2023-01-11 13:20
阅读 1858·2023-01-11 13:20
阅读 4100·2023-01-11 13:20
阅读 2704·2023-01-11 13:20
阅读 1385·2023-01-11 13:20
阅读 3597·2023-01-11 13:20
