目录
一、配置node节点使用kubectl
1、说明
#kubectl 默认通过127.0.0.1:8080端口去访问apiserver,这个在前面apiserver的配置文件里有定义了。
#master通过http访问apiserver,端口8080,而其他节点通过https来访问apiserver,端口6443用于集群接口https访问
#我们目的就是让node节点上也能像master一样访问配置集群信息
[root@manage01 ~]# netstat -tlunp | grep 6443
tcp 0 0 192.168.192.128:6443 0.0.0.0:* LISTEN 1370/kube-apiserver
[root@manage01 ~]# kubectl -s 127.0.0.1:8080 get node
NAME STATUS ROLES AGE VERSION
192.168.192.129 Ready <none> 6d23h v1.17.3
192.168.192.130 Ready <none> 6d23h v1.17.3
2、拷贝
#拷贝二进制文件、ca和admin证书到节点机器
[root@manage01 ~]# scp /opt/kubernetes/bin/kubectl [email protected]:/usr/bin/
[root@manage01 ~]# scp /opt/kubernetes/ssl/ca*.pem [email protected]:/root
[root@manage01 ~]# scp /opt/kubernetes/ssl/admin*.pem [email protected]:/root
3、部署
#创建并配置/root/.kube/config文件
#这个过程主要为节点指定集群管理机器的地址、访问端口、证书、默认集群和用户等信息。
#设置集群项中名为kubernetes的apiserver地址和证书
[root@node01 ~]# kubectl config set-cluster kubernetes --server=https://192.168.192.128:6443 --certificate-authority=ca.pem
#设置用户项中cluster-admin用户证书认证字段
[root@node01 ~]# kubectl config set-credentials cluster-admin --certificate-authority=ca.pem --client-key=admin-key.pem --client-certificate=admin.pem
#设置环境项中名为default的默认集群和用户
[root@node01 ~]# kubectl config set-context default --cluster=kubernetes --user=cluster-admin
#设置默认环境项为default
[root@node01 ~]# kubectl config use-context default
4、测试
#节点验证是否可以访问集群信息
[root@node01 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
192.168.192.129 Ready <none> 7d v1.17.3
192.168.192.130 Ready <none> 6d23h v1.17.3
二、熟悉kubectl基本指令-模拟nginx应用生命周期
1、创建应用
#kubectl run创建deployment
[root@k8s-master-101 ~]# kubectl run nginx --replicas=3 --labels="app=nginx-example" --image=nginx:1.10 --port=80
deployment.apps/nginx created
2、查看信息
#kubectl get all查看所有信息
[root@k8s-master-101 ~]# kubectl get all
#kubectl describe查看指定pod信息,pod部署失败时也可以查看信息排错
[root@manage01 ~]# kubectl describe pod nginx-6d74bfcd4d-6sdbq
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 2m36s default-scheduler Successfully assigned default/nginx-66ffdc87ff-zwcz2 to 192.168.192.130
Normal Pulled 2m31s kubelet, 192.168.192.130 Container image "nginx:1.10" already present on machine
Normal Created 2m31s kubelet, 192.168.192.130 Created container nginx
Normal Started 2m30s kubelet, 192.168.192.130 Started container nginx
3、指定标签
#创建应用时可以指定标签(例如nginx)
#如果不指定镜像标签的话,默认会创建一个随机的标签,末尾为run=<Controller_Name>(例如busybox)
[root@manage01 ~]# kubectl run busybox --image=busybox
[root@manage01 ~]# kubectl get pods --show-labels
NAME READY STATUS RESTARTS AGE LABELS
busybox-846d67867c-6b5fv 0/1 Running 0 2m pod-template-hash=846d67867c,run=busybox
nginx-66ffdc87ff-2c76n 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
nginx-66ffdc87ff-xdlmc 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
nginx-66ffdc87ff-zwcz2 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
#以后可以根据标签分类查看
[root@manage01 ~]# kubectl get pods -l app=nginx-example
NAME READY STATUS RESTARTS AGE LABELS
nginx-66ffdc87ff-2c76n 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
nginx-66ffdc87ff-xdlmc 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
nginx-66ffdc87ff-zwcz2 1/1 Running 0 13m app=nginx-example,pod-template-hash=66ffdc87ff
4、发布应用
#创建server,指定VIP和端口,发布nginx应用供内部节点访问,deployment nginx 指定匹配的deployment的名称为nginx
[root@manage01 ~]# kubectl expose deployment nginx --port=18080 --type=NodePort --target-port=80 --name=nginx-service
service/nginx-service exposed
[root@manage01 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.10.10.1 <none> 443/TCP 7d10h
nginx-service NodePort 10.10.10.193 <none> 18080:37986/TCP 16s
此时:
集群内部访问:VIP地址:指定端口 http://10.10.10.193:18080/
集群外部访问:节点地址:生成随机端口 http://192.168.192.129|130:37986/
5、故障排查
#查看当前pod部署进度,确认是否卡在哪里
#kubectl describe查看指定deploy、svc、pod信息
[root@k8s-master-101 ~]# kubectl get all
[root@manage01 ~]# kubectl describe pod nginx-6d74bfcd4d-6sdbq
#利用logs查看当前pod输出日志
[root@manage01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-66ffdc87ff-2c76n 1/1 Running 0 48m
nginx-66ffdc87ff-xdlmc 1/1 Running 0 48m
nginx-66ffdc87ff-zwcz2 1/1 Running 0 48m
[root@manage01 ~]# kubectl logs nginx-66ffdc87ff-2c76n
#分配伪终端进入pod查看具体应用情况
[root@manage01 ~]# kubectl exec -it nginx-6d74bfcd4d-6sdbq bash
root@nginx-6d74bfcd4d-6sdbq:/#
6、更新操作
#1. 通过命令更新版本(record记录方便日后发布查看)
[root@manage01 ~]# kubectl set image deployment/nginx nginx=nginx:1.11 --record
#2. 通过修改配置更新版本
[root@manage01 ~]# kubectl edit deploy/nginx
将nginx版本修改为1.12,修改后退出就会生效了
#3. 确认是否更新成功,get pods发现name已变,或者describe可查看nginx版本
[root@manage01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-76d7d55c96-6rdhg 1/1 Running 0 83s
nginx-76d7d55c96-hcw9z 1/1 Running 0 119s
nginx-76d7d55c96-p5tjq 1/1 Running 0 2m31s
[root@manage01 ~]# kubectl describe pod nginx-76d7d55c96-6rdhg
7、版本发错记录及回滚
#K8S会对发布做版本记录
[root@manage01 ~]# kubectl rollout history deploy/nginx
deployment.apps/nginx
REVISION CHANGE-CAUSE
1 kubectl set image deployment/nginx nginx=nginx:1.10 --record=true
2 kubectl set image deployment/nginx nginx=nginx:1.11 --record=true
3 kubectl set image deployment/nginx nginx=nginx:1.12 --record=true
#指定版本回滚
[root@manage01 ~]# kubectl rollout undo deployment/nginx --to-revision=2
deployment.extensions/nginx
8、资源扩容或减少
#资源扩容或减少,kubectl scale指定资源数量,根据实际情况变化
[root@manage01 ~]# kubectl scale deployment/nginx --replicas=5
deployment.extensions/nginx scaled
[root@manage01 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
busybox-5fb9cd66d6-flf6r 1/1 Running 0 33m
nginx-58866f58cf-2hlns 1/1 Running 0 92s
nginx-58866f58cf-gnxtz 1/1 Running 0 86s
nginx-58866f58cf-pdhwd 1/1 Running 0 37s
nginx-58866f58cf-pkppn 1/1 Running 0 89s
nginx-58866f58cf-q9cmx 1/1 Running 0 37s
9、资源释放消亡
#删除deploy 再删除service,删除deploy后, rs和pod会自动释放
[root@manage01 ~]# kubectl delete deploy/nginx
deployment.apps "nginx" deleted
[root@manage01 ~]# kubectl delete svc/nginx-service
service "nginx-service" deleted
三、yaml文件示例
#创建nginx应用
[root@manage01 yaml]# vi nginx-deployment.yaml
#api版本建议使用最新
apiVersion: apps/v1beta2
#创建资源类型
kind: Deployment
#Deployment信息
metadata:
name: nginx-deployment
namespace: default
labels:
web: nginx
#pod信息
spec:
#副本数量
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
#containers信息
spec:
containers:
- name: nginx
image: nginx:1.10
ports:
- containerPort: 80
#创建服务发布应用
[root@manage01 yaml]# vi nginx-service.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-service
labels:
app: nginx
spec:
ports:
#集群地址访问端口
- port: 18080
targetPort: 80
#selector标签与depoyment中pod的选择器标签一致
selector:
app: nginx
#节点访问测试
[root@node01 ~]# curl -I 10.10.10.134:18080
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 08 Mar 2020 08:15:36 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 31 Jan 2017 15:01:11 GMT
Connection: keep-alive
ETag: "5890a6b7-264"
Accept-Ranges: bytes