1、K8S核心组件
1、Master节点: etcd: 分布式键值对数据库,保存集群状态 api-server: 接受并响应用户的请求 controller: 控制器管理,控制容器的副本数,故障检测 scheduler: 资源调度器,选择启动容器的node节点
2、Node节点: kubelet: 调用docker,管理容器生命周期 kube-proxy: 提供网络访问,负载均衡
2、k8s的安装部署
1、安装docker(所有节点) # yum install docker-1.12.rpm # docker pull gcr.azk8s.cn/google_containers/pause-amd64:3.0 #国内镜像服务器 # systemctl start docker 2、安装etcd(key=value数据库) 1) 安装配置 # yum install -y etcd # vim /etc/etcd/etcd.conf ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379" 2) 启动服务 # systemctl start etcd.service 3) 端口检测及测试服务状态 # etcdctl set name test #设置name=test # etcdctl get name #查看 # netstat -lntp | grep etcd 2379 #客户端连接端口 2380 #etcd集群连接端口 3、安装k8s-master 1) 安装配置 # yum install kubernetes-master -y # vim /etc/kubernetes/apiserver #主配置文件 KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" KUBE_API_PORT="--port=8080" KUBE_ETCD_SERVERS="--etcd-servers=http://10.0.0.11:2379" KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16" KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota" # vim /etc/kubernetes/config #公共配置文件 KUBE_MASTER="--master=http://10.0.0.11:8080" 2) 启动服务 # systemctl start kube-apiserver.service # systemctl start kube-controller-manager.service # systemctl start kube-scheduler.service 3) 测试 # kubectl get cs #检测服务是否正常 4、安装k8s-node 1) 安装配置 # yum install kubernetes-node -y # vim /etc/kubernetes/config #公共配置文件 KUBE_MASTER="--master=http://10.0.0.11:8080" # vim /etc/kubernetes/kubelet #主配置文件 KUBELET_ADDRESS="--address=10.0.0.12" KUBELET_HOSTNAME="--hostname-override=10.0.0.12" KUBELET_API_SERVER="--api-servers=http://10.0.0.11:8080" 2) 启动服务 # systemctl start kubelet.service # systemctl start kube-proxy.service 3) 检查服务(master节点执行) # kubectl get nodes 5、安装flannel(跨主机通信) 1) 安装配置(所有节点) # yum install flannel -y # vim /etc/sysconfig/flanneld FLANNEL_ETCD_ENDPOINTS="http://10.0.1.11:2379" FLANNEL_ETCD_PREFIX="/atomic.io/network" 2) 配置网络(master节点) # etcdctl mk /atomic.io/network/config '{ "Network": "172.16.0.0/16" }' # etcdctl get /atomic.io/network/config 3) 启动服务 # systemctl start flanneld.service 4) 重启所有服务(所有节点) systemctl restart kube-apiserver.service systemctl restart kube-controller-manager.service systemctl restart kube-scheduler.service systemctl restart kubelet.service systemctl restart kube-proxy.service 5) 检查服务 ifconfig flannel0 6、配置私有镜像仓库 1) 配置镜像加速和私有仓库地址(master节点) # vim /etc/sysconfig/docker OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --registry-mirror=https://registry.docker-cn.com --insecure-registry=10.0.0.11:5000' # systemctl restart docker 2) 启动私有仓库(master节点) # docker run -d -p 5000:5000 --restart=always --name registry -v /opt/registry:/var/lib/registry registry 3) 推送镜像测试(node节点) # vim /etc/sysconfig/docker OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --insecure-registry=10.0.0.11:5000' # docker tag nginx 10.0.0.11:5000/oldguo/nginx:v1 # docker push 10.0.0.11:5000/oldguo/nginx:v1 # docker images # docker pull 10.0.0.11:5000/oldguo/nginx:v1
3、pod资源管理
1、yaml的主要组成 apiVersion: v1 api版本 kind: pod 资源类型 metadata: 属性 spec: 详细
2、pod文件 # cat k8s_pod.yml apiVersion: v1 kind: Pod metadata: name: nginx labels: app: web spec: containers: - name: nginx image: 10.0.0.11:5000/oldguonginx:v1 ports: - containerPort: 80
3、pod基本操作 创建 # kubectl create –f ks8_pod.yaml 查询 # kubectl get pod # kubectl get pod -o wide #查看资源列表 # kubectl describe pod #详细查询 # kubectl get pods -o wide --namespace=oldguo #查看不同命名空间的pod 删除 # kubectl delete pod nginx # kubectl delete -f ks8_pod.yaml 更新 # Kubectl replace ks8_pod.yaml # kubectl replace --force -f k8s_pod.yml #强制更新 其他 # kubectl explain pod.spec #yml编写帮助 # kubectl edit pod nginx #在线修改pod配置
4、RC资源管理
1、介绍 ReplicationController: 副本控制器,rc通过标签(metadata)选择器(selector)来管理pod rc: 保证指定数量的pod始终存活,弹性伸缩,滚动升级 2、创建rc文件 # vim nginx-1.13-rc.yaml apiVersion: v1 kind: ReplicationController metadata: name: nginx #rc名 spec: replicas: 3 #副本数 selector: app: nginx #管理pod名 template: metadata: labels: app: nginx #pod名 spec: containers: - name: nginx image: 10.0.0.11:5000/oldguo/nginx:1.13 ports: 3、rc的基本操作 1) 创建 # kubectl create -f nginx-1.13-rc.yaml 2) 查看 # kubectl get rc 3) 删除pod,rc会自动创建 # kubectl delete rc nginx 4) 更新 # kuberctl edit rc nginx #在线修改(不常用) # kubectl scale rc nginx --replicas=2 #修改副本数(推荐) # kubectl replace -f nginx-1.13-rc.yaml #更新(先删再创建,会停服,不推荐) 5) 滚动的升级和回滚 # kubectl rolling-update nginx -f nginx-1.15-rc.yaml --update-period=20s #升级 # kubectl rolling-update nginx -f nginx-1.13-rc.yaml --update-period=10s #回滚 # kubectl rolling-update nginx -f nginx-1.15-rc.yaml --update-period=10s --rollback #升级中回退
5、deployment资源管理
1、介绍 拥有rc的功能,支持事件,状态查看,版本记录等
2、创建deployment文件 # vim nginx-dep.yaml apiVersion: extensions/v1beta1 kind: Deployment metadata: name: nginx spec: replicas: 2 template: metadata: labels: app: nginx spec: containers: - name: nginx image: 10.0.0.11:5000/oldguo/nginx:1.13 ports: - containerPort: 80 3、deployment的基本操作 1) 创建 # kubectl create -f nginx-dep.yaml # kubectl create -f nginx-dep.yaml --record #记录执行的步骤 2) 查看 # kubectl get deploy 3) 删除 # kubectl delete deploy nginx 4) 更新 # kubectl scale deployment nginx --replicas=2 5) 滚动的升级和回滚 # kubectl set image deployment/nginx nginx=10.0.0.11:5000/oldguo/nginx:1.15 # kubectl rollout status deployment nginx #查看状态 # kubectl rollout history deployment nginx #查看历史状态 # kubectl rollout history deployment nginx --revision=2 #查看历史版本 # kubectl rollout undo deployment/nginx #回滚到上次版本 # kubectl rollout undo deployment nginx --to-revision=1 #回滚到指定版本
5、service资源管理
1、介绍 service提供了一个固定虚拟VIP,通过IP访问pod,并且提供负载均衡 Node IP -----> Cluster IP -----> Pod IP
2、创建svc配置文件 # vim nginx-svc.yml apiVersion: v1 kind: Service metadata: name: nginx spec: type: NodePort ports: - port: 80 nodePort: 30001 selector: app: nginx
3、svc的基本操作 1) 创建 # kubectl create -f nginx-svc.yaml 2) 查看 # kubectl get svc 3) 删除 # kubectl delete svc nginx 4) 更新 # kubectl scale deployment nginx --replicas=2
6、持久化存储(PV和PVC)
1、创建pv文件 # vim pv-test01.yaml apiVersion: v1 kind: PersistentVolume metadata: name: test01-pv #pv的名 labels: pv: test01 #标签名 spec: capacity: storage: 10Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: "/data" server: 10.0.0.11 readOnly: false # vim pv-test02.yaml apiVersion: v1 kind: PersistentVolume metadata: name: pv-test02 labels: pv: test02 spec: capacity: storage: 10Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: "/mysql" server: 10.0.0.11 readOnly: false 2、创建pvc文件 # vim pvc_nfs.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc_nfs #pvc的名 spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi selector: matchLabels: pv: test01 #绑定指定的pv(指定标签名) # vim pvc_mysql.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc_mysql spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi selector: matchLabels: pv: test02 3、创建 # kubectl create -f pv-test01.yaml # kubectl create -f pv-test02.yaml # kubectl create -f pvc_nfs.yaml # kubectl create -f pvc_mysql.yaml # kubectl get pv # kubectl get pvc
7、wordpress项目
1、安装配置NFS 1) master节点 # yum install -y nfs-utils-* # mkdir /data # mkdir /code # vim /etc/exports /data 10.0.0.0/24(rw,async,no_root_squash,no_all_squash) /code 10.0.0.0/24(rw,async,no_root_squash,no_all_squash) # systemctl restart rpcbind # systemctl restart nfs # showmount -e 2) node节点 # yum install -y nfs-utils-* # systemctl restart rpcbind # systemctl restart nfs 2、定义pv 1) mysql的pv # vim pv_mysql.yml apiVersion: v1 kind: PersistentVolume metadata: name: pv-data labels: type: pv-mysql spec: capacity: storage: 10Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: "/data" server: 10.0.0.11 readOnly: false 2) wordpress的pv # vim pv_wp.yml apiVersion: v1 kind: PersistentVolume metadata: name: pv-code labels: type: pv-wp spec: capacity: storage: 10Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: "/code" server: 10.0.0.11 readOnly: false 3、定义pvc 1) mysql的pvc # vim pvc_mysql.yml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-mysql spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi selector: matchLabels: type: pv-mysql 2) wordpress的pvc # vim pvc_wp.yml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-wp spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi selector: matchLabels: type: pv-wp 4、创建 pv 和 pvc # kubectl create -f pv_mysql.yml # kubectl create -f pv_wp.yml # kubectl create -f pvc_mysql.yml # kubectl create -f pvc_wp.yml # kubectl get pv # kubectl get pvc 5、创建mysql的rc # vim mysql-rc.yaml apiVersion: v1 kind: ReplicationController metadata: name: mysql spec: replicas: 1 selector: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql image: 10.0.0.11:5000/mysql:5.7 ports: - containerPort: 3306 volumeMounts: - name: nfs-vol mountPath: /var/lib/mysql env: - name: MYSQL_ROOT_PASSWORD value: "123456" - name: MYSQL_DATABASE value: "wordpress" - name: MYSQL_USER value: "wordpress" - name: MYSQL_PASSWORD value: "wordpress" volumes: - name: nfs-vol persistentVolumeClaim: claimName: pvc-mysql # kubectl create -f mysql-rc.yaml 6、创建mysql的svc # vim mysql-svc.yaml apiVersion: v1 kind: Service metadata: name: mysql spec: ports: - port: 3306 selector: app: mysql # kubectl create -f mysql-svc.yaml 7、获取 MySQL 集群 IP # kubectl get svc mysql 10.254.69.58 <none> 3306/TCP 28s 8、创建wordpress的rc # vim wp-rc.yaml apiVersion: v1 kind: ReplicationController metadata: name: myweb spec: replicas: 2 selector: app: myweb template: metadata: labels: app: myweb spec: containers: - name: myweb image: 10.0.0.11:5000/wordpress:latest ports: - containerPort: 80 volumeMounts: - name: nfs-vol mountPath: /var/www/html env: - name: WORDPRESS_DB_HOST value: '10.254.69.58' - name: WORDPRESS_DB_USER value: 'wordpress' - name: WORDPRESS_DB_PASSWORD value: 'wordpress' volumes: - name: nfs-vol persistentVolumeClaim: claimName: pvc-wp # kubectl create -f wp-rc.yaml 9、创建wordpress的svc # vim wp-svc.yaml apiVersion: v1 kind: Service metadata: name: myweb spec: type: NodePort ports: - port: 80 nodePort: 30008 selector: app: myweb # kubectl create -f wp-svc.yaml 10、测试 浏览器访问 http://10.0.0.11:30008/