目錄
一、配置node節點使用kubectl
1、說明
#kubectl 默認通過127.0.0.1:8080端口去訪問apiserver,這個在前面apiserver的配置文件裏有定義了。
#master通過http訪問apiserver,端口8080,而其他節點通過https來訪問apiserver,端口6443用於集羣接口https訪問
#我們目的就是讓node節點上也能像master一樣訪問配置集羣信息
[root@manage01 ~]# netstat -tlunp | grep 6443
tcp 0 0 192.168.192.128:6443 0.0.0.0:* LISTEN 1370/kube-apiserver
[root@manage01 ~]# kubectl -s 127.0.0.1:8080 get node
NAME STATUS ROLES AGE VERSION
192.168.192.129 Ready <none> 6d23h v1.17.3
192.168.192.130 Ready <none> 6d23h v1.17.3
2、拷貝
#拷貝二進制文件、ca和admin證書到節點機器
[root@manage01 ~]# scp /opt/kubernetes/bin/kubectl [email protected]:/usr/bin/
[root@manage01 ~]# scp /opt/kubernetes/ssl/ca*.pem [email protected]:/root
[root@manage01 ~]# scp /opt/kubernetes/ssl/admin*.pem [email protected]:/root
3、部署
#創建並配置/root/.kube/config文件
#這個過程主要爲節點指定集羣管理機器的地址、訪問端口、證書、默認集羣和用戶等信息。
#設置集羣項中名爲kubernetes的apiserver地址和證書
[root@node01 ~]# kubectl config set-cluster kubernetes --server=https://192.168.192.128:6443 --certificate-authority=ca.pem
#設置用戶項中cluster-admin用戶證書認證字段
[root@node01 ~]# kubectl config set-credentials cluster-admin --certificate-authority=ca.pem --client-key=admin-key.pem --client-certificate=admin.pem
#設置環境項中名爲default的默認集羣和用戶
[root@node01 ~]# kubectl config set-context default --cluster=kubernetes --user=cluster-admin
#設置默認環境項爲default
[root@node01 ~]# kubectl config use-context default
4、測試
#節點驗證是否可以訪問集羣信息
[root@node01 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
192.168.192.129 Ready <none> 7d v1.17.3
192.168.192.130 Ready <none> 6d23h v1.17.3
二、熟悉kubectl基本指令-模擬nginx應用生命週期
1、創建應用
#kubectl run創建deployment
[root@k8s-master-101 ~]# kubectl run nginx --replicas=3 --labels="app=nginx-example" --image=nginx:1.10 --port=80
deployment.apps/nginx created
2、查看信息
#kubectl get all查看所有信息
[root@k8s-master-101 ~]# kubectl get all
#kubectl describe查看指定pod信息,pod部署失敗時也可以查看信息排錯
[root@manage01 ~]# kubectl describe pod nginx-6d74bfcd4d-6sdbq
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 2m36s default-scheduler Successfully assigned default/nginx-66ffdc87ff-zwcz2 to 192.168.192.130
Normal Pulled 2m31s kubelet, 192.168.192.130 Container image "nginx:1.10" already present on machine
Normal Created 2m31s kubelet, 192.168.192.130 Created container nginx
Normal Started 2m30s kubelet, 192.168.192.130 Started container nginx
3、指定標籤
#創建應用時可以指定標籤(例如nginx)
#如果不指定鏡像標籤的話,默認會創建一個隨機的標籤,末尾爲run=<Controller_Name>(例如busybox)
[root@manage01 ~]# kubectl run busybox --image=busybox
[root@manage01 ~]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
busybox-846d67867c-6b5fv 0/1 Running 0 2m pod-template-hash=846d67867c,run=busybox
nginx-66ffdc87ff-2c76n 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
nginx-66ffdc87ff-xdlmc 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
nginx-66ffdc87ff-zwcz2 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
#以後可以根據標籤分類查看
[root@manage01 ~]# kubectl get pods -l app=nginx-example
NAME READY STATUS RESTARTS AGE LABELS
nginx-66ffdc87ff-2c76n 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
nginx-66ffdc87ff-xdlmc 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
nginx-66ffdc87ff-zwcz2 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
4、發佈應用
#創建server,指定VIP和端口,發佈nginx應用供內部節點訪問,deployment nginx 指定匹配的deployment的名稱爲nginx
[root@manage01 ~]# kubectl expose deployment nginx --port=18080 --type=NodePort --target-port=80 --name=nginx-service
service/nginx-service exposed
[root@manage01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.10.10.1 <none> 443/TCP 7d10h
nginx-service NodePort 10.10.10.193 <none> 18080:37986/TCP 16s
此時:
集羣內部訪問:VIP地址:指定端口 http://10.10.10.193:18080/
集羣外部訪問:節點地址:生成隨機端口 http://192.168.192.129|130:37986/
5、故障排查
#查看當前pod部署進度,確認是否卡在哪裏
#kubectl describe查看指定deploy、svc、pod信息
[root@k8s-master-101 ~]# kubectl get all
[root@manage01 ~]# kubectl describe pod nginx-6d74bfcd4d-6sdbq
#利用logs查看當前pod輸出日誌
[root@manage01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-66ffdc87ff-2c76n 1/1 Running 0 48m
nginx-66ffdc87ff-xdlmc 1/1 Running 0 48m
nginx-66ffdc87ff-zwcz2 1/1 Running 0 48m
[root@manage01 ~]# kubectl logs nginx-66ffdc87ff-2c76n
#分配僞終端進入pod查看具體應用情況
[root@manage01 ~]# kubectl exec -it nginx-6d74bfcd4d-6sdbq bash
root@nginx-6d74bfcd4d-6sdbq:/#
6、更新操作
#1. 通過命令更新版本(record記錄方便日後發佈查看)
[root@manage01 ~]# kubectl set image deployment/nginx nginx=nginx:1.11 --record
#2. 通過修改配置更新版本
[root@manage01 ~]# kubectl edit deploy/nginx
將nginx版本修改爲1.12,修改後退出就會生效了
#3. 確認是否更新成功,get pods發現name已變,或者describe可查看nginx版本
[root@manage01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-76d7d55c96-6rdhg 1/1 Running 0 83s
nginx-76d7d55c96-hcw9z 1/1 Running 0 119s
nginx-76d7d55c96-p5tjq 1/1 Running 0 2m31s
[root@manage01 ~]# kubectl describe pod nginx-76d7d55c96-6rdhg
7、版本發錯記錄及回滾
#K8S會對發佈做版本記錄
[root@manage01 ~]# kubectl rollout history deploy/nginx
deployment.apps/nginx
REVISION CHANGE-CAUSE
1 kubectl set image deployment/nginx nginx=nginx:1.10 --record=true
2 kubectl set image deployment/nginx nginx=nginx:1.11 --record=true
3 kubectl set image deployment/nginx nginx=nginx:1.12 --record=true
#指定版本回滾
[root@manage01 ~]# kubectl rollout undo deployment/nginx --to-revision=2
deployment.extensions/nginx
8、資源擴容或減少
#資源擴容或減少,kubectl scale指定資源數量,根據實際情況變化
[root@manage01 ~]# kubectl scale deployment/nginx --replicas=5
deployment.extensions/nginx scaled
[root@manage01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
busybox-5fb9cd66d6-flf6r 1/1 Running 0 33m
nginx-58866f58cf-2hlns 1/1 Running 0 92s
nginx-58866f58cf-gnxtz 1/1 Running 0 86s
nginx-58866f58cf-pdhwd 1/1 Running 0 37s
nginx-58866f58cf-pkppn 1/1 Running 0 89s
nginx-58866f58cf-q9cmx 1/1 Running 0 37s
9、資源釋放消亡
#刪除deploy 再刪除service,刪除deploy後, rs和pod會自動釋放
[root@manage01 ~]# kubectl delete deploy/nginx
deployment.apps "nginx" deleted
[root@manage01 ~]# kubectl delete svc/nginx-service
service "nginx-service" deleted
三、yaml文件示例
#創建nginx應用
[root@manage01 yaml]# vi nginx-deployment.yaml
#api版本建議使用最新
apiVersion: apps/v1beta2
#創建資源類型
kind: Deployment
#Deployment信息
metadata:
name: nginx-deployment
namespace: default
labels:
web: nginx
#pod信息
spec:
#副本數量
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
#containers信息
spec:
containers:
- name: nginx
image: nginx:1.10
ports:
- containerPort: 80
#創建服務發佈應用
[root@manage01 yaml]# vi nginx-service.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-service
labels:
app: nginx
spec:
ports:
#集羣地址訪問端口
- port: 18080
targetPort: 80
#selector標籤與depoyment中pod的選擇器標籤一致
selector:
app: nginx
#節點訪問測試
[root@node01 ~]# curl -I 10.10.10.134:18080
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 08 Mar 2020 08:15:36 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 31 Jan 2017 15:01:11 GMT
Connection: keep-alive
ETag: "5890a6b7-264"
Accept-Ranges: bytes