本文用于指导在windows10环境下从零开始部署基于K8S的Guestbook程序。
1.1 安装虚拟机
本人基于windows操作系统上的虚拟机来搭建K8S环境,软件版本信息信息如下:
- 宿主机系统:windows 10 家庭版版
- VMware Workstation 版本:15 PRO
- 客户机系统版本:CentOS 7.6
下载软件和镜像:
- VMware-workstation-full-15.0.0-10134415.exe
- CentOS-7-x86_64-DVD-1611.iso
安装注意点:
1、选择CentOS 7 64位;
2、处理器配置,如果机器性能本来就不强的话,不要配过多的cpu给虚拟机;
3、内存配置,建议1G内存。最低512M;
4、没有特殊要求的话,选择桥接网络或者使用网络地址转换;
5、 磁盘类型,推荐使用iscsi磁盘
三台机器(centos701,702,703)安装完成后展现如下:
建议:第一台使用镜像安装,另外两台可克隆安装,注意克隆安装后修改IP地址信息。
登录虚拟机,查看centos版本信息:
[root@master]# uname -a
Linux master 3.10.0-957.1.3.el7.x86_64 #1 SMP Thu Nov 29 14:49:43 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@master]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
安装完成后三台虚拟机IP分别为:
192.168.135.128
192.168.135.129
192.168.135.130
安装后要保证虚拟机之间网络互通,虚拟机虚宿主机之间网络互通。
1.2 安装Kubernetes
Kubernetes是一个全新的基于容器技术的分布式架构领先方案。这个方案尽然很新,但它是谷歌十几年以来大规模应用容器技术的经验积累和升华的一个重要成果。确切地说,kubernetes是谷歌严格保密十几年的秘密武器Borg的一个开源版本。Borg是谷歌的一个久负盛名的内部使用的大规模集群管理系统,它基于容器技术,目的是实现资源管理的自动化,以及跨多个数据中心的资源利用率的最大化。2015年4月,传闻许久的Borg论文伴随kubernetes(K8S)的高调宣传被谷歌首次公开,大家才得以了解它的更多内幕。正是由于站在Borg这个前辈的肩膀上,吸取了Borg过去十年间的经验与教训,所以kubernetes一经开源就一鸣惊人,并迅速称霸了容器技术领域。
Kubernetes集群组件:
l etcd 一个高可用的K/V键值对存储和服务发现系统
l flannel 实现夸主机的容器网络的通信
l kube-apiserver 提供kubernetes集群的API调用
l kube-controller-manager 确保集群服务
l kube-scheduler 调度容器,分配到Node
l kubelet 在Node节点上按照配置文件中定义的容器规格启动容器
l kube-proxy 提供网络代理服务
1.2.1 准备阶段
根据前面准备的三台虚拟机,如下图:
修改主机名
hostnamectl master //192.168.135.128
hostnamectl slave //192.168.135.129
hostnamectl slave //192.168.135.130
关闭防火墙服务和selinx,避免与docker容器的防火墙规则冲突
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
1.2.1 安装kube master
第一步:使用yum安装etcd和kubernetes-master
yum -y install etcd kubernetes-master
第二步:编辑/etc/etcd/etcd.conf文件
ETCD_NAME=default
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"
第三步:编辑/etc/kubernetes/apiserver文件
# kubernetes system config
# The following values are used to configure the kube-apiserver
# The address on the local server to listen to.
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
# The port on the local server to listen on.
# KUBE_API_PORT="--port=8080"
# Port minions listen on
# KUBELET_PORT="--kubelet-port=10250"
# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.135.128:2379"
# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
# default admission control policies
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota,AlwaysAdmit"
# Add your own!
KUBE_API_ARGS=""
第四步:启动etcd、kube-apiserver、kube-controller-manager、kube-scheduler等服务,并设置开机启动
启动etcd、kube-apiserver、kube-controller-manager、kube-scheduler等服务,并设置开机启动
for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler; do systemctl restart $SERVICES;systemctl enable $SERVICES;systemctl status $SERVICES ; done
第五步:在etcd中定义flannel网络
etcdctl mk /atomic.io/network/config '{"Network":"172.17.0.0/16"}'
1.2.2 安装kube slave
如下操作在分别在两个slave上执行:
第一步:使用yum安装flannel和kubernetes-node
yum -y install flannel kubernetes-node
第二步:为flannel网络指定etcd服务,修改/etc/sysconfig/flanneld文件
FLANNEL_ETCD=http://192.168:135.128:2379 FLANNEL_ETCD_KEY="/atomic.io/network"
第三步:修改/etc/kubernetes/config文件
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"
# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://192.168.135.128:8080"
第四步:按照如下内容修改对应node的配置文件/etc/kubernetes/kubelet
Slave1:
# kubernetes kubelet (minion) config
# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=127.0.0.1"
# The port for the info server to serve on
# KUBELET_PORT="--port=10250"
# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=192.168.135.129"
# location of the api-server
KUBELET_API_SERVER="--api-servers=http://192.168.135.128:8080"
# pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
#KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0"
# Add your own!
KUBELET_ARGS=""
第五步:在所有Node节点上启动kube-proxy,kubelet,docker,flanneld等服务,并设置开机启动。
for SERVICES in kube-proxy kubelet docker flanneld;do systemctl restart $SERVICES;systemctl enable $SERVICES;systemctl status $SERVICES; done
第五步:在master上验证:
[root@master ]# kubectl get node
NAME STATUS AGE
192.168.135.129 Ready 56d
192.168.135.130 Ready 56d
备注:上述2个节点正常显示,状态为Ready,则说明集群搭建成功.
[root@master ]# etcdctl cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://192.168.135.128:2379
cluster is healthy
在master上执行下面,检查etcd的状态
[root@master taoweizhong]# etcdctl member list
8e9e05c52164694d: name=default peerURLs=http://localhost:2380 clientURLs=http://192.168.135.128:2379 isLeader=true
1.3 部署Guestbook
这个例子是K8S典型例子,我们将创建一个redis-master、两个redis-slave、三个frontend。其中,slave会实时备份master中数据,frontend会向master中写数据,之后会从slave中读取数据。所有系统间的调用(例如slave找master同步数据;frontend找master写数据;frontend找slave读数据等)。
1.3.1 安装docker
安装特定版本(三台虚拟机都需要安装)
Available Packages
* base: mirrors.shu.edu.cn
docker-ce.x86_64 17.03.0.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.03.1.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.03.2.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.03.3.ce-1.el7 docker-ce-stable
docker-ce.x86_64 17.06.0.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.06.1.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.06.2.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.09.0.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.09.1.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.12.0.ce-1.el7.centos @docker-ce-stable
docker-ce.x86_64 17.12.0.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.12.1.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 18.03.0.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 18.03.1.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 18.06.0.ce-3.el7 docker-ce-stable
docker-ce.x86_64 18.06.1.ce-3.el7 docker-ce-stable
docker-ce.x86_64 18.06.2.ce-3.el7 docker-ce-stable
docker-ce.x86_64 18.06.3.ce-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.0-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.1-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.2-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.3-3.el7 docker-ce-stable
启动docker
[root@master ~]# systemctl start docker
设置开机启动
[root@master ~]# systemctl enable docker
使用docker version命令来确认一下
[root@master ]# docker version
Client:
Version: 17.12.0-ce
API version: 1.35
Go version: go1.9.2
Git commit: c97c6d6
Built: Wed Dec 27 20:10:14 2017
OS/Arch: linux/amd64
Server:
Engine:
Version: 17.12.0-ce
API version: 1.35 (minimum version 1.12)
Go version: go1.9.2
Git commit: c97c6d6
Built: Wed Dec 27 20:12:46 2017
OS/Arch: linux/amd64
Experimental: false
1.3.2 镜像下载
需要下载如下镜像。
[root@master taoweizhong]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.access.redhat.com/rhel7/pod-infrastructure latest 99965fb98423 16 months ago 209MB
kubeguide/guestbook-php-frontend latest 47ee16830e89 2 years ago 510MB
registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64 3.0 99e59f495ffa 2 years ago 747kB
kubeguide/redis-master latest 405a0b586f7e 3 years ago 419MB
kubeguide/guestbook-redis-slave latest e0c36a1fa372 3 years ago 110MB
说明:pause-amd64是Kubernetes基础设施的一部分,Kubernetes管理的所有pod里,pause-amd64容器是第一个启动的,用于实现Kubernetes集群里pod之间的网络通讯。
1.3.1 定义配置文件
1、frontend-controller.yaml
[root@master democonfig]# cat frontend-controller.yaml
piVersion: v1
kind: ReplicationController
metadata:
name: frontend
labels:
name: frontend
spec:
replicas: 3
selector:
name: frontend
template:
metadata:
labels:
name: frontend
spec:
containers:
- name: php-redis
image: kubeguide/guestbook-php-frontend
env:
- name: GET_HOSTS_FROM
value: env
ports:
- containerPort: 80
nodeSelector:
disktype: node2
2、frontend-service.yaml
[root@master democonfig]# cat frontend-service.yaml
piVersion: v1
kind: Service
metadata:
name: frontend
labels:
name: frontend
spec:
type: NodePort
ports:
- port: 80
targetport: 80
nodePort: 30003
selector:
name: frontend
3、redis-master-controller.yaml
[root@master democonfig]# cat redis-master-controller.yaml
piVersion: v1
kind: ReplicationController
metadata:
name: redis-master
labels:
name: redis-master
spec:
replicas: 1
selector:
name: redis-master
template:
metadata:
labels:
name: redis-master
spec:
containers:
- name: master
image: kubeguide/redis-master
ports:
- containerPort: 6379
nodeSelector:
disktype: node2
4、redis-master-service.yaml
[root@master democonfig]# cat redis-master-service.yaml
piVersion: v1
kind: Service
metadata:
name: redis-master
labels:
name: redis-master
spec:
ports:
# the port that this service should serve on
- port: 6379
targetPort: 6379
selector:
name: redis-master
5、redis-slave-controller.yaml
[root@master democonfig]# cat redis-slave-controller.yaml
kind: ReplicationController
metadata:
name: redis-slave
labels:
name: redis-slave
spec:
replicas: 2
selector:
name: redis-slave
template:
metadata:
labels:
name: redis-slave
spec:
containers:
- name: slave
image: kubeguide/guestbook-redis-slave
env:
- name: GET_HOSTS_FROM
value: env
ports:
- containerPort: 6379
6、redis-slave-service.yaml
[root@master democonfig]# cat redis-slave-service.yaml
piVersion: v1
kind: Service
metadata:
name: redis-slave
labels:
name: redis-slave
spec:
ports:
# the port that this service should serve on
- port: 6379
targetPort: 6379
selector:
name: redis-slave
1.3.2 启动服务
kubectl create -f redis-master-controller.yaml
kubectl create -f redis-master-service.yaml
kubectl create -f redis-slave-controller.yaml
kubectl create -f redis-slave-service.yaml
kubectl create -f frontend-controller.yaml
kubectl create -f frontend-service.yaml
备注:对应的删除命令是: kubectl delete
1.3.3 基本操作
上述服务启动以后,就可以根据kubectl的命令进行查看和操作
查看节点信息
[root@master]# kubectl get nodes
NAME STATUS AGE
192.168.135.129 Ready 57d
192.168.135.130 Ready 57d
查看pods
[root@master]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
frontend-fqckr 1/1 Running 0 1h 172.16.34.3 192.168.135.130
frontend-p492b 1/1 Running 0 1h 172.16.34.2 192.168.135.130
frontend-wt2p7 1/1 Running 0 1h 172.16.34.4 192.168.135.130
redis-master-mhcwz 1/1 Running 0 1h 172.16.34.5 192.168.135.130
redis-slave-ppplp 1/1 Running 0 1h 172.16.81.7 192.168.135.129
redis-slave-pwmsl 1/1 Running 0 1h 172.16.81.5 192.168.135.129
下面是实际执行界面,供参考:
查看rc
[root@master]# kubectl get rc
NAME DESIRED CURRENT READY AGE
frontend 3 3 3 7d
redis-master 1 1 1 7d
redis-slave 2 2 2 7d
查看service
[root@master]# kubectl get service
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
frontend 10.254.19.41 <nodes> 80:30003/TCP 7d
kubernetes 10.254.0.1 <none> 443/TCP 57d
redis-master 10.254.245.102 <none> 6379/TCP 7d
redis-slave 10.254.131.129 <none> 6379/TCP 7d
查看endpoints
[root@master ]# kubectl get endpoints
NAME ENDPOINTS AGE
frontend 172.16.34.2:80,172.16.34.3:80,172.16.34.4:80 7d
kubernetes 192.168.135.128:6443 57d
redis-master 172.16.34.5:6379 7d
redis-slave 172.16.81.5:6379,172.16.81.7:6379 7d
查看K8S组件状态
[root@master]# kubectl get componentstatuses
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
etcd-0 Healthy {"health": "true"}
scheduler Healthy ok
备注:这些都是命令行操作,K8S也提供dashboard进行查看,需要安装kubernetes-dashboard,后续介绍,同时也可以集成K8S的REST API我们自己开发图形界面。
1.3.4 访问Guestbook
1、 通过虚拟机命令行访问
[root@master ]# curl "192.168.135.130:30003/guestbook.php?cmd=set&key=messages&value=ha"
{"message": "Updated"}
2、 通过虚拟机浏览器访问
在虚拟机中打开firefox浏览器输入:http://192.168.135.130:30003/
3、 通过宿主机命令行访问:
C:Usersxxxxxx>curl "192.168.135.130:30003/guestbook.php?cmd=set&key=messages&value=ha"
{"message": "Updated"}
4、 通过宿主机浏览器访问
通过宿主机访问,在windows中打开IE浏览器输入:http://192.168.135.130:30003/
