K8S集群技术

1.快速部署K8S环境

   k8s-m :10.0.0.11
   k8s-n1 :10.0.0.12
   k8s-n2 :10.0.0.13

2.所有节点安装docker环境及依赖

   2.1 上传docker-k8s.zip软件到各节点/opt,并解压
   2.2 进入目录进行安装
   cd /opt/docker-k8s
   yum localinstall -y *.rpm

3.master端软件安装

  3.1 上传k8s-master.zip到/opt,并解压
  3.2 进入目录并安装
  cd /opt/k8s-master
  yum localinstall -y *.rpm

4.node节点软件安装
  4.1 上传k8s-node到两个node节点/opt并解压
  4.2 进入目录进行安装
  cd /opt/k8s-node
  yum localinstall -y *.rpm

5.配置主节点ETCD
   vim /etc/etcd/etcd.conf
   ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
   ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379"

 重启服务并测试
  systemctl restart etcd.service
  systemctl enable etcd.service
  etcdctl set name oldguo
  etcdctl get name

6.配置Master节点
 vim /etc/kubernetes/apiserver
 KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
 KUBE_API_PORT="--port=8080"
 KUBE_ETCD_SERVERS="--etcd-servers=http://10.0.0.11:2379"
 KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
 KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

 vim /etc/kubernetes/config

重启服务

systemctl enable kube-apiserver.service
systemctl start kube-apiserver.service
systemctl enable kube-controller-manager.service
systemctl start kube-controller-manager.service
systemctl enable kube-scheduler.service
systemctl start kube-scheduler.service

7.node节点配置

vim /etc/kubernetes/config
KUBE_MASTER="--master=http://10.0.0.11:8080"

vim /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=10.0.0.12/13"
KUBELET_HOSTNAME="--hostname-override=10.0.0.12/13"
KUBELET_API_SERVER="--api-servers=http://10.0.0.11:8080"

重启服务

systemctl enable kubelet.service
systemctl start kubelet.service
systemctl enable kube-proxy.service
systemctl start kube-proxy.service

8.验证节点状态
[root@k8s-m ~]# kubectl get nodes

9.所有节点配置flannel网络

yum install flannel -y

sed -i 's#http://127.0.0.1:2379#http://10.0.0.11:2379#g' /etc/sysconfig/flanne

etcdctl mk /atomic.io/network/config '{ "Network": "172.16.0.0/16" }'
etcdctl get /atomic.io/network/config
{ "Network": "172.16.0.0/16" }

master节点：
systemctl enable flanneld.service
systemctl start flanneld.service
service docker restart
systemctl restart kube-apiserver.service
systemctl restart kube-controller-manager.service
systemctl restart kube-scheduler.service

ifconfig -a

node节点：
systemctl enable flanneld.service
systemctl start flanneld.service
service docker restart
systemctl restart kubelet.service
systemctl restart kube-proxy.service

10.配置master为镜像仓库
#master节点

vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --registry-mirror=https://registry.docker-cn.com --insecure-registry=10.0.0.11:5000'

systemctl restart docker

=========================================================

配置本地register
docker tag nginx 10.0.0.11:5000/oldguo/nginx:v1
docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry  registry
docker push 10.0.0.11:5000/oldguo/nginx:v1

#node节点
vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --insecure-registry=10.0.0.11:5000'
systemctl restart docker

docker pull 10.0.0.11:5000/oldguo/nginx:v1

=======================================

二.k8s核心资源管理

1.PODS
1.1 创建
创建第一个pod
mkdir /opt/yml  -p
cd /opt/yml
[root@k8s-m yml]# cat k8s_pod.yml
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: web
spec:
  containers:
    - name: nginx
      image: 10.0.0.11:5000/oldguo/nginx:v1
      ports:
        - containerPort: 80
[root@k8s-m yml]# kubctl create -f k8s_pod.yml

1.2 查询
kubectl get pod
kubectl get pod -o wide
kubectl describe pod

报错：

++++++++++++++++++++++++++++++++++++++++
failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
+++++++++++++++++++++++++++++++++++++++

registry.access.redhat.com/rhel7/pod-infrastructure:latest
++++++++++++++++++++++++++++++++++++++

解决：
master：上传准备好的容器为本地register（pod-infrastructure-latest.tar.gz）
[root@k8s-m opt]# docker load -i pod-infrastructure-latest.tar.gz
[root@k8s-m opt]# docker images
[root@k8s-m opt]# docker tag docker.io/tianyebj/pod-infrastructure:latest 10.0.0.11:5000/oldguo/pod-infrastructure:latest
[root@k8s-m opt]# docker images
[root@k8s-m opt]# docker push 10.0.0.11:5000/oldguo/pod-infrastructure:latest

node：（所有node节点）
[root@k8s-n1 ~]# vim /etc/kubernetes/kubelet
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=10.0.0.11:5000/oldguo/pod-infrastructure:latest"

systemctl restart kubelet.service

1.3 删除
[root@k8s-m yml]# kubectl delete pod nginx

1.4 更新
master:
[root@k8s-m yml]# docker pull nginx
[root@k8s-m yml]# docker tag docker.io/nginx:latest 10.0.0.11:5000/oldguo/nginx:v2
[root@k8s-m yml]# docker push  10.0.0.11:5000/oldguo/nginx:v2
[root@k8s-m yml]# kubectl replace  --force -f k8s_pod.yml

2.RC(ReplicationController)

作用:高可用
master:
配置yml文件

vim k8s_nginx_rc.yml
apiVersion: v1
kind: ReplicationController
metadata:
  name: nginx

spec:
  replicas: 3
  selector:
    app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: 10.0.0.11:5000/oldguo/nginx:v1
        ports:
        - containerPort: 80

[root@k8s-m yml]# kubectl create -f k8s_nginx_rc.yml   
[root@k8s-m yml]# kubectl get  rc
[root@k8s-m yml]# kubectl delete   rc nginx

副本数增删
1.修改配置文件
vim k8s_nginx_rc.yml
[root@k8s-m yml]# kubectl replace  -f k8s_nginx_rc.yml
2.kubectl edit rc nginx
3.kubectl scale rc nginx --replicas=4

滚动升级及回滚：
cp k8s_nginx_rc.yml k8s_nginx1_rc.yml
kubectl rolling-update nginx -f k8s_nginx1_rc.yml  --update-period=10s

注:

升级出现问题时,升级过程中出现bug.使用以下命令回滚(前提是没有升级完

[root@k8s-master ~]#  kubectl rolling-update nginx  nginx2 --rollback

回退方案即是相反操作即可。

3.Service
创建svc配置文件
vim k8s_nginx_svc.yml
apiVersion: v1
kind: Service
metadata:
  name: nginxsvc
spec:
  type: NodePort
  ports:
    - port: 80
      nodePort: 30001
  selector:
    app: nginx2

[root@k8s-m yml]# kubectl create -f k8s_nginx_svc.yml
[root@k8s-m yml]# kubectl get svc
[root@k8s-m yml]# curl -I 10.0.0.13:30001
[root@k8s-m yml]# curl -I 10.0.0.12:30001

deployment资源管理：

vim  k8s_nginx_dev.yml

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: 10.0.0.11:5000/oldguo/nginx:v2
        ports:
        - containerPort: 80

[root@k8s-m yml]# kubectl create -f k8s_nginx_dev.yml
[root@k8s-m yml]# kubectl get deployment

deployment滚动升级

kubectl set image deployment/nginx nginx=10.0.0.11:5000/oldguo/nginx:v1

kubectl rollout undo deployment/nginx

实现自动pod伸缩
[root@k8s-m yml]# kubectl autoscale deployment nginx --min=2 --max=6 --cpu-percent=80