使用K3S創建本地開發集羣

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/a1/a1f85e11678c1fe86abf0542ab6465b0.png","alt":"Treafik Logo","title":null,"style":null,"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"📖 參考文檔:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https://mp.weixin.qq.com/s?__biz=MzU4MjQ0MTU4Ng==&mid=2247486685&idx=1&sn=e84b383bb73f75d8059bcceeb8413a6a&chksm=fdb903c0cace8ad6bff3cd0aeee1738c5d27db0e9fc20a6b6c00b81da39a033a2ded9c8dfd87","title":null},"content":[{"type":"text","text":"k8s技術圈 - 陽明 - 使用 K3s 和 Traefik 創建本地開發集羣"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"本地集羣需求"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"numberedlist","attrs":{"start":null,"normalizeStart":1},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":1,"align":null,"origin":null},"content":[{"type":"text","text":"輕量; (下載的包小)"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":2,"align":null,"origin":null},"content":[{"type":"text","text":"啓動快; (最好是docker 方式啓動, 而非VM)"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":3,"align":null,"origin":null},"content":[{"type":"text","text":"佔用資源少; (最好是docker 方式啓動, 而非VM. 且需要是一個擁有Kubernetes完整功能的, 精簡的發行版)"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"用過minikube, VM啓動比較慢, 而且下載最新版的時候, 阿里雲的mirror都沒有最新版本的鏡像, 導致一直啓動不起來. 非常難受."}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"基於K3S的K3D完美符合我的以上需求."}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"K3S簡介 - 輕量級 Kubernetes"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"📖 參考文檔:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https://docs.rancher.cn/docs/k3s/_index","title":null},"content":[{"type":"text","text":"rancher.cn - K3s - 輕量級 Kubernetes"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"輕量級 Kubernetes。安裝簡單，內存只有一半，所有的二進制都不到 200MB。包含K3S的完整鏡像大小如下:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":""},"content":[{"type":"text","text":" REPOSITORY                       TAG                 IMAGE ID           CREATED             SIZE\n rancher/k3s                     v1.18.2-k3s1       e9f6bccce7de       6 months ago       151MB"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"我這邊安裝完成後, (又安裝了traefik和Kubernetes dashboard和一個demo deployment), 消耗如下:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"CPU: 0.3 Core"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"內存: 1.2 G"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/81/81f4977892503cd85810560f65f606c5.png","alt":"image-20201107213926142","title":null,"style":null,"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"適用於："}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"邊緣計算-Edge"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"物聯網-IoT"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"CI"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Development"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"ARM"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"嵌入 K8s"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"不想深陷 k8s 運維管理的人"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"K3s 是一個完全符合 Kubernetes 的發行版，有以下增強功能。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"打包爲 "},{"type":"text","marks":[{"type":"strong"}],"text":"單個二進制"},{"type":"text","text":" 文件。"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"基於 "},{"type":"text","marks":[{"type":"strong"}],"text":"sqlite3"},{"type":"text","text":" 的輕量級存儲後端作爲默認存儲機制。 etcd3，MySQL，Postgres 仍然可用。"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"封裝在簡單的啓動程序中，該啓動程序處理很多複雜的 TLS 和選項。"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"默認情況下是安全的，對輕量級環境有合理的默認值。"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"添加了簡單但功能強大的“batteries-included”功能，例如：本地存儲提供程序，服務負載均衡器，"},{"type":"text","marks":[{"type":"strong"}],"text":"Helm"},{"type":"text","text":" controller 和 "},{"type":"text","marks":[{"type":"strong"}],"text":"Traefik"},{"type":"text","text":" ingress controller。"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"所有 Kubernetes 控制平面組件的操作都封裝在單個二進制文件和進程中。這使 K3s 可以自動化和管理複雜的集羣操作，例如分發證書。"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"外部依賴性已最小化（僅需要現代內核和 cgroup 掛載）。 K3s 軟件包需要依賴項，包括："}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"K3D - K3S in docker"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"k3d創建容器化的k3s集羣。 這意味着，您可以使用docker在單臺計算機上啓動多節點k3s集羣。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"K3D 快速入門"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"📖 參考文檔:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https://docs.rancher.cn/docs/octopus/quick-start/_index#1-%E4%BD%BF%E7%94%A8k3d%E6%90%AD%E5%BB%BAk3s%E9%9B%86%E7%BE%A4%E5%8F%AF%E9%80%89","title":null},"content":[{"type":"text","text":"rancher.cn - 使用 k3d 搭建 k3s 集羣"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"使用 k3d 搭建 k3s 集羣. "},{"type":"link","attrs":{"href":"https://github.com/rancher/k3d","title":null},"content":[{"type":"text","text":"k3d"}]},{"type":"text","text":"是快速搭建容器化 k3s 集羣的工具。 可以使用 Docker 在單臺計算機上啓動多節點 k3s 集羣。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"📓 備註:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"我的計算機環境:"}]},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"win10專業版 2004"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"WSL2 + Ubuntu20.04 + docker desktop"}]}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"numberedlist","attrs":{"start":null,"normalizeStart":1},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":1,"align":null,"origin":null},"content":[{"type":"text","text":"運行以下指令，啓動具有 3 個 worker 節點的本地 k3s 集羣。(搭建集羣搭吐了, 有現成官方腳本直接用. 親測國內好用) 使用"},{"type":"codeinline","content":[{"type":"text","text":"root"}]},{"type":"text","text":"執行:"}]}]}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"curl -fL https://octopus-assets.oss-cn-beijing.aliyuncs.com/k3d/cluster-k3s-spinup.sh | bash -"}]},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"⚠️ 注意:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果安裝成功，則應該看到以下日誌:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"codeinline","content":[{"type":"text","text":"please input CTRL+C to stop the local cluster"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"如果想要停止K3S集羣, 請運行"},{"type":"codeinline","content":[{"type":"text","text":"CTRL+C"}]}]}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":" % Total % Received % Xferd Average Speed Time Time Time Current\n Dload Upload Total Spent Left Speed\n100 13549 100 13549 0 0 6784 0 0:00:01 0:00:01 --:--:-- 6781\n[INFO] [1107 17:02:03] cleanup proxy config\n[INFO] [1107 17:02:03] creating edge cluster with v1.18.2\n[INFO] [1107 17:02:03] INGRESS_HTTP_PORT is 54836\n[INFO] [1107 17:02:03] INGRESS_HTTPS_PORT is 54837\nINFO[0000] Created cluster network with ID ba03de48d65b8e1fbef6ff03cbba0b9e9ad008e7cc81d67d8393c69272a1c4b9\nINFO[0000] Add TLS SAN for 0.0.0.0\nINFO[0000] Created docker volume k3d-edge-images\nINFO[0000] Creating cluster [edge]\nINFO[0000] Creating server using docker.io/rancher/k3s:v1.18.2-k3s1...\nINFO[0006] SUCCESS: created cluster [edge]\nINFO[0006] You can now use the cluster with:\n\nexport KUBECONFIG=\"$(k3d get-kubeconfig --name='edge')\"\nkubectl cluster-info\n[WARN] [1107 17:02:09] default kubeconfig has been backup in /root/.kube/config_k3d_bak\n[INFO] [1107 17:02:09] edge cluster's kubeconfig wrote in /root/.kube/config now\n[INFO] [1107 17:02:09] waiting node edge-control-plane for ready\nINFO[0000] Adding 1 agent-nodes to k3d cluster edge...\nINFO[0000] Created agent-node with ID 752aebb8f9bb1af1c5fcf62ff9313163c243835373872595f38de03004257514\n[INFO] [1107 17:02:21] waiting node edge-worker for ready\nINFO[0000] Adding 1 agent-nodes to k3d cluster edge...\nINFO[0000] Created agent-node with ID 7d0aa70e24f387217d3094911a7c0f5fa2f504c1fe3e106b08d00f3a6b11158c\n[INFO] [1107 17:02:34] waiting node edge-worker1 for ready\nINFO[0000] Adding 1 agent-nodes to k3d cluster edge...\nINFO[0000] Created agent-node with ID 7b880c8966f9b8b252c5385ee10167384d9517c87ff60763989b69f5c3f344ab\n[INFO] [1107 17:02:47] waiting node edge-worker2 for ready\n[WARN] [1107 17:02:59] please input CTRL+C to stop the local cluster"}]},{"type":"numberedlist","attrs":{"start":2,"normalizeStart":2},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":2,"align":null,"origin":null},"content":[{"type":"text","text":"打開一個新終端，並配置"},{"type":"codeinline","content":[{"type":"text","text":"KUBECONFIG"}]},{"type":"text","text":"以訪問本地 k3s 集羣。"}]}]}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"export KUBECONFIG=\"$(k3d get-kubeconfig --name='edge')\"\nkubectl cluster-info"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":" 輸出結果如下:"}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"Kubernetes master is running at https://0.0.0.0:54835\nCoreDNS is running at https://0.0.0.0:54835/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy\nMetrics-server is running at https://0.0.0.0:54835/api/v1/namespaces/kube-system/services/https:metrics-server:/proxy"}]},{"type":"numberedlist","attrs":{"start":3,"normalizeStart":3},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":3,"align":null,"origin":null},"content":[{"type":"text","text":"運行"},{"type":"codeinline","content":[{"type":"text","text":"kubectl get node"}]},{"type":"text","text":"命令, 檢查本地 k3s 集羣的節點是否正常:"}]}]}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# kubectl get node\nNAME STATUS ROLES AGE VERSION\nedge-worker Ready 3h17m v1.18.2+k3s1\nedge-worker2 Ready 3h17m v1.18.2+k3s1\nedge-control-plane Ready master 3h17m v1.18.2+k3s1\nedge-worker1 Ready 3h17m v1.18.2+k3s1"}]},{"type":"numberedlist","attrs":{"start":4,"normalizeStart":4},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":4,"align":null,"origin":null},"content":[{"type":"text","text":"運行"},{"type":"codeinline","content":[{"type":"text","text":"kubectl get pod -A"}]},{"type":"text","text":"命令, 檢查本地 k3s 集羣的pod是否正常: (默認就已經部署好了traefik)"}]}]}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"kubectl get pod -A\nNAMESPACE NAME READY STATUS RESTARTS AGE\nkube-system metrics-server-7566d596c8-6h776 1/1 Running 0 3h18m\nkube-system local-path-provisioner-6d59f47c7-sz5tp 1/1 Running 0 3h18m\nkube-system coredns-8655855d6-lmrkq 1/1 Running 0 3h18m\nkube-system svclb-traefik-wxp6k 2/2 Running 0 133m\nkube-system svclb-traefik-jls5w 2/2 Running 0 133m\nkube-system svclb-traefik-j776k 2/2 Running 0 133m\nkube-system svclb-traefik-qbfx4 2/2 Running 0 133m\nkube-system helm-install-traefik-jxptl 0/1 Completed 0 120m\nkube-system traefik-6cbfb44969-r9fj2 1/1 Running 0 118m"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"📓 筆記:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"K3D的快速啓動腳本, 涉及到以下docker鏡像: (只有第一個鏡像是在外邊pull的, 其他鏡像其實都是在啓動後的k3s 容器裏pull的.)"}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# docker images\nREPOSITORY TAG IMAGE ID CREATED SIZE\nrancher/k3s v1.18.2-k3s1 e9f6bccce7de 6 months ago 151MB\nrancher/klipper-helm v0.2.5 6207e2a3f522 6 months ago 136MB\nrancher/library-traefik 1.7.19-amd64 aa764f7db305 12 months ago 85.7MB\nrancher/metrics-server v0.3.6 9dd718864ce6 13 months ago 39.9MB\nrancher/local-path-provisioner v0.0.11 9d12f9848b99 13 months ago 36.2MB\nrancher/coredns-coredns 1.6.3 c4d3d16fe508 14 months ago 44.3MB"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"K3D的快速啓動腳本, 會啓動4個docker容器作爲4個node節點:"}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"sudo docker ps\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\n7b880c8966f9 rancher/k3s:v1.18.2-k3s1 \"/bin/k3s agent --no…\" 3 hours ago Up 3 hours k3d-edge-worker-3\n7d0aa70e24f3 rancher/k3s:v1.18.2-k3s1 \"/bin/k3s agent --no…\" 3 hours ago Up 3 hours k3d-edge-worker-2\n752aebb8f9bb rancher/k3s:v1.18.2-k3s1 \"/bin/k3s agent --no…\" 3 hours ago Up 3 hours k3d-edge-worker-1\ndca9851cf5d6 rancher/k3s:v1.18.2-k3s1 \"/bin/k3s server --h…\" 3 hours ago Up 3 hours 0.0.0.0:54835->54835/tcp, 0.0.0.0:54836->80/tcp, 0.0.0.0:54837->443/tcp k3d-edge-server"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"從上文可以看到, 1個k3s server(就是控制平面), 3個k3s agent. k3s server對外暴露了3個 "},{"type":"text","marks":[{"type":"strong"}],"text":"隨機"},{"type":"text","text":" 端口:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"numberedlist","attrs":{"start":null,"normalizeStart":1},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":1,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"54835->54835"},{"type":"text","text":": K8S API"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":2,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"54836->80"},{"type":"text","text":": K8S Ingress的HTTP端口."}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":3,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"54837->443"},{"type":"text","text":": K8S Ingress的HTTPS端口."}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"部署Traefik Dashboard"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"所以我們要訪問部署在容器中的應用, 就用這2個隨機端口: "},{"type":"link","attrs":{"href":"http://localhost:54836","title":null},"content":[{"type":"text","text":"http://localhost:54836"}]},{"type":"text","text":" 或"},{"type":"link","attrs":{"href":"https://localhost:54836","title":null},"content":[{"type":"text","text":"https://localhost:54836"}]},{"type":"text","text":" . 部署好了後, 默認是沒有任何的Ingress的, 所以訪問這2個地址都是報: "},{"type":"codeinline","content":[{"type":"text","text":"404"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"而且默認腳本是沒有啓用Traefik的Dashboard的, 管理不便. 我們將它啓用起來."}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"首先是進入到k3s server容器裏. 這個容器沒有"},{"type":"codeinline","content":[{"type":"text","text":"/bin/bash"}]},{"type":"text","text":", 只有"},{"type":"codeinline","content":[{"type":"text","text":"/bin/sh"}]},{"type":"text","text":", 如下:"}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# docker exec -it ls /bin\naddgroup cat containerd-shim df expr fstrim i2cdetect ipcs kubectl lsof mkswap openvt ptx runcon sha512sum swapoff tr unxz whoami\nadduser charon containerd-shim-runc-v2 diff factor fuser i2cdump iplink last lspci mktemp partprobe pwd runlevel shred swapon traceroute unzip xargs\nar chattr coreutils dir fallocate getopt i2cget ipneigh less lsscsi modprobe passwd rdate sed shuf switch_root true uptime xtables-legacy-multi\narch chcon cp dircolors false getty i2cset iproute link lsusb more paste readlink seq sleep sync truncate users xxd\narp check-config cpio dirname fbset ginstall id iprule linux32 lzcat mountpoint patch readprofile setarch slirp4netns sysctl tsort usleep xz\narping chgrp crictl dmesg fdflush grep ifconfig ipset linux64 lzma mt pathchk realpath setconsole socat syslogd tty uudecode xzcat\nash chmod crond dnsd fdformat groups ifdown iptables linuxrc lzopcat mv pidof reboot setfattr sort tac ubirename uuencode yes\naux chown crontab dnsdomainname fdisk gunzip ifup iptables-restore ln makedevs nameif pigz renice setkeycodes split tail udhcpc vconfig zcat\nawk chroot csplit dos2unix fgrep gzip inetd iptables-save loadfont md5sum netstat ping reset setlogcons start-stop-daemon tar uevent vdir\nb2sum chrt ctr du find halt init iptunnel loadkmap mdev nice pinky resize setpriv stat tc umount vi\nbase32 chvt cut dumpkmap flannel hdparm insmod join logger mesg nl pipe_progress resume setserial strings tee uname vlock\nbase64 cksum date ebtables flock head install k3s login microcom nohup pivot_root rm setsid stty telnet unexpand w\nbasename clear dc echo fmt hexdump ip k3s-agent logname mkdir nproc portmap rmdir sh su test uniq watch\nblkid cmp dd egrep fold hexedit ip6tables k3s-server loopback mkdosfs nsenter poweroff rmmod sha1sum sulogin tftp unix2dos watchdog\nbridge cni deallocvt eject free host-local ip6tables-restore kill losetup mke2fs nslookup pr route sha224sum sum time unlink wc\nbunzip2 comm delgroup env freeramdisk hostid ip6tables-save killall ls mkfifo nuke printenv run-init sha256sum svc timeout unlzma wget\nbusybox conntrack deluser ether-wake fsck hostname ipaddr killall5 lsattr mknod numfmt printf run-parts sha384sum svok top unlzop which\nbzcat containerd devmem expand fsfreeze hwclock ipcrm klogd lsmod mkpasswd od ps runc sha3sum swanctl touch unpigz who"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"所以通過"},{"type":"codeinline","content":[{"type":"text","text":"/bin/sh"}]},{"type":"text","text":"進入到容器裏:"}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# docker exec -it /bin/sh\n---------------已經進入容器裏--------------\n/ # cd /var/lib/rancher/k3s/server/manifests\n/var/lib/rancher/k3s/server/manifests # vi traefik.yaml"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"編輯後的"},{"type":"codeinline","content":[{"type":"text","text":"traefik.yaml"}]},{"type":"text","text":"如下: (增加:"},{"type":"codeinline","content":[{"type":"text","text":"dashboard.enabled: \"true\""}]},{"type":"text","text":" )"}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"apiVersion: helm.cattle.io/v1\nkind: HelmChart\nmetadata:\n name: traefik\n namespace: kube-system\nspec:\n chart: https://%{KUBERNETES_API}%/static/charts/traefik-1.81.0.tgz\n valuesContent: |-\n rbac:\n enabled: true\n ssl:\n enabled: true\n metrics:\n prometheus:\n enabled: true\n kubernetes:\n ingressEndpoint:\n useDefaultPublishedService: true\n dashboard:\n enabled: true\n image: \"rancher/library-traefik\"\n tolerations:\n - key: \"CriticalAddonsOnly\"\n operator: \"Exists\"\n - key: \"node-role.kubernetes.io/master\"\n operator: \"Exists\"\n effect: \"NoSchedule\""}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"保存後就會重新部署"},{"type":"codeinline","content":[{"type":"text","text":"traefik.yaml"}]},{"type":"text","text":", 如下:"}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# kubectl get events -n kube-system\nLAST SEEN TYPE REASON OBJECT MESSAGE\n43s Normal Pulled pod/helm-install-traefik-jxptl Successfully pulled image \"rancher/klipper-helm:v0.2.5\"\n43s Normal Created pod/helm-install-traefik-jxptl Created container helm\n43s Normal Started pod/helm-install-traefik-jxptl Started container helm\n43s Normal ScalingReplicaSet deployment/traefik Scaled up replica set traefik-6cbfb44969 to 1\n43s Normal SuccessfulCreate replicaset/traefik-6cbfb44969 Created pod: traefik-6cbfb44969-r9fj2\n Normal Scheduled pod/traefik-6cbfb44969-r9fj2 Successfully assigned kube-system/traefik-6cbfb44969-r9fj2 to edge-worker2\n42s Normal Pulling pod/traefik-6cbfb44969-r9fj2 Pulling image \"rancher/library-traefik:1.7.19\"\n42s Normal Completed job/helm-install-traefik Job completed\n41s Normal SandboxChanged pod/helm-install-traefik-jxptl Pod sandbox changed, it will be killed and re-created.\n9s Normal Pulled pod/traefik-6cbfb44969-r9fj2 Successfully pulled image \"rancher/library-traefik:1.7.19\"\n9s Normal Created pod/traefik-6cbfb44969-r9fj2 Created container traefik\n9s Normal Started pod/traefik-6cbfb44969-r9fj2 Started container traefik"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"部署後, 會自動配置ingress, 如下:"}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# kubectl get ingress -A\nNAMESPACE NAME CLASS HOSTS ADDRESS PORTS AGE\nkube-system traefik-dashboard traefik.example.com 172.18.0.2 80 149m"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"所以我們配置hosts: "},{"type":"codeinline","content":[{"type":"text","text":"127.0.0.1 traefik.example.com"}]},{"type":"text","text":". 就可以訪問: "},{"type":"link","attrs":{"href":"http://traefik.example.com:54836/dashboard/","title":null},"content":[{"type":"text","text":"http://traefik.example.com:54836/dashboard/"}]},{"type":"text","text":", 如下圖所示:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/c2/c2db0087062fba9b9e491ebc8ddf8d1a.png","alt":"image-20201107205521383","title":null,"style":null,"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"📓 備註:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"其實還有另一種方法可以進行訪問: "},{"type":"codeinline","content":[{"type":"text","text":"kubectl port-forward"}]},{"type":"text","text":". 如下:"}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":" $ kubectl port-forward $(kubectl get pods --selector \"app=traefik\" --output=name -n kube-system) --address 0.0.0.0 8080:8080 -n kube-system"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"則可以通過"},{"type":"link","attrs":{"href":"http://localhost:8080/dashboard/","title":null},"content":[{"type":"text","text":"http://localhost:8080/dashboard/"}]},{"type":"text","text":" 訪問到traefik的管理頁面."}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"部署應用"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"使用"},{"type":"codeinline","content":[{"type":"text","text":"whoami"}]},{"type":"text","text":" 應用程序部署測試."}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"$ kubectl create deploy whoami --image containous/whoami\ndeployment.apps/whoami created\n$ kubectl expose deploy whoami --port 80\nservice/whoami exposed"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"然後我們定義一個 Ingress 規則來使用我們新的 Traefik，Traefik 既能讀取自己的 CRD IngressRoute，也能讀取傳統的 Ingress 資源。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":" vi whoami-ingress.yaml"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"具體內容如下:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"apiVersion: networking.k8s.io/v1beta1\nkind: Ingress\nmetadata:\n name: whoami\n annotations:\n traefik.ingress.kubernetes.io/router.entrypoints: web,websecure\n traefik.ingress.kubernetes.io/router.tls: \"true\"\nspec:\n rules:\n - http:\n paths:\n - path: /\n backend:\n serviceName: whoami\n servicePort: 80"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"codeinline","content":[{"type":"text","text":"kubectl apply"}]},{"type":"text","text":"應用:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":" kubectl apply -f whoami-ingress.yaml -n default"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在這個例子中，我們在 HTTP 和 HTTPs 兩個入口點上暴露了 whoami 服務，每一個 URL 都會被髮送到該服務上，我們可以在 Traefik Dashboard 上看到新的Ingress。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/61/61a425550387c908d1d32d4609f00121.png","alt":"image-20201107210458283","title":null,"style":null,"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"要測試這個應用我們可以直接在瀏覽器中訪問："},{"type":"link","attrs":{"href":"http://localhost:54836/","title":null},"content":[{"type":"text","text":"http://localhost:54836/"}]},{"type":"text","text":" 即可，這是因爲上面我們安裝 Traefik 的時候自動創建了一個 LoadBalancer 的 Service 服務。爲啥要加端口號, 因爲k3s server在容器裏, 映射到外邊是"},{"type":"codeinline","content":[{"type":"text","text":"54386"}]},{"type":"text","text":" 端口."}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"部署Kubernetes 儀表盤"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"GITHUB_URL=https://github.com/kubernetes/dashboard/releases\nVERSION_KUBE_DASHBOARD=$(curl -w '%{url_effective}' -I -L -s -S ${GITHUB_URL}/latest -o /dev/null | sed -e 's|.*/||')\nkubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/${VERSION_KUBE_DASHBOARD}/aio/deploy/recommended.yaml"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"輸出如下:"}]},{"type":"codeblock","attrs":{"lang":"text"},"content":[{"type":"text","text":"namespace/kubernetes-dashboard created\nserviceaccount/kubernetes-dashboard created\nservice/kubernetes-dashboard created\nsecret/kubernetes-dashboard-certs created\nsecret/kubernetes-dashboard-csrf created\nsecret/kubernetes-dashboard-key-holder created\nconfigmap/kubernetes-dashboard-settings created\nrole.rbac.authorization.k8s.io/kubernetes-dashboard created\nclusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created\nrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created\nclusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created\ndeployment.apps/kubernetes-dashboard created\nservice/dashboard-metrics-scraper created\ndeployment.apps/dashboard-metrics-scraper created"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"驗證pod已正常啓動:"}]},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# kubectl get pod -n kubernetes-dashboard\nNAME READY STATUS RESTARTS AGE\ndashboard-metrics-scraper-6b4884c9d5-ltk42 1/1 Running 0 14m\nkubernetes-dashboard-7d8574ffd9-sptn6 1/1 Running 0 98s"}]},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"儀表盤 RBAC 配置"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"⚠️ 重要:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"本指南中創建的 "},{"type":"codeinline","content":[{"type":"text","text":"admin-user"}]},{"type":"text","text":" 將在儀表板中擁有管理權限。"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"創建以下資源清單文件："}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"vi dashboard.admin-user.yml\n\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n name: admin-user\n namespace: kubernetes-dashboard"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"vi dashboard.admin-user-role.yml\n\napiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n name: admin-user\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: cluster-admin\nsubjects:\n - kind: ServiceAccount\n name: admin-user\n namespace: kubernetes-dashboard"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"部署"},{"type":"codeinline","content":[{"type":"text","text":"admin-user"}]},{"type":"text","text":" 配置:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":" kubectl create -f dashboard.admin-user.yml -f dashboard.admin-user-role.yml"}]},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"獲得 Bearer Token"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":" kubectl -n kubernetes-dashboard describe secret admin-user-token | grep ^token"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"結果如下:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"yaml"},"content":[{"type":"text","text":" token:      eyJhbGciOiJSUzI1NiIsImtpZCI6Im9XNENjc0VlSzVBTDJGRWpPT2VuY1pkbzNJblYybFFwY2YxQnBvZVlMVlEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLXA1Y253Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI0NmI4NGFkYS02MDQ3LTQzN2EtODk2My1lY2NmZWQ4MjE0ZDQiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.N8Zhsf2JU5Hoa8yfhrspJbMGP7AFmfs2JeWXVpDksAEMfWf5mI-MXYcqMkbZ9_Qbwp-h9S7k7oZE41lUp8UXlDWi0Ovm4I4fsuoWqq-aJoyt-c060bWNla1edVZ5BzMTanIYzJHPjS7-cOnsxqg-EtXfdN3JRsiE0QevLvJLhYU37HFc7-cImJ8iH8-r-GHCD8MmuBbTV0EBidLmSo-BdWC5hcZoYghgNtfnMkN0p1e3O23EPRO2XDmaw_lVN4TNgZXPS9hirBD1AZxm1ZE1Iyo2mSOgYjCNQOF8IcaUtjTGqt4RzK4R9AWRbL9z-HMbK_JamcQvDz3fnW3aauCezQ"}]},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"本地訪問儀表盤:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":" kubectl proxy"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"現在可以通過以下網址訪問儀表盤："}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":""},"content":[{"type":"text","text":" http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/\n  使用admin-user Bearer Token Sign In"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/be/be0e5f973af4d205a982b5b9d675564b.png","alt":"image-20201107213623363","title":null,"style":null,"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"更多儀表盤訪問方式"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":4},"content":[{"type":"codeinline","content":[{"type":"text","marks":[{"type":"strong"}],"text":"port-forward"}]},{"type":"text","text":"方式"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":" $ kubectl port-forward $(kubectl get pods --selector \"k8s-app=kubernetes-dashboard\" --output=name -n kubernetes-dashboard) --address 0.0.0.0 8443:8443 -n kubernetes-dashboard"}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"Helm 部署應用"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"codeblock","attrs":{"lang":"shell"},"content":[{"type":"text","text":"# helm repo add stable http://mirror.azure.cn/kubernetes/charts\n# helm repo update\n# helm install jenkins stable/jenkins\nWARNING: This chart is deprecated\nNAME: jenkins\nLAST DEPLOYED: Sat Nov 7 22:25:02 2020\nNAMESPACE: default\nSTATUS: deployed\nREVISION: 1\nNOTES:\n*******************\n****DEPRECATED*****\n*******************\n* The Jenkins chart is deprecated. Future development has been moved to https://github.com/jenkinsci/helm-charts\n\n1. Get your 'admin' user password by running:\n printf $(kubectl get secret --namespace default jenkins -o jsonpath=\"{.data.jenkins-admin-password}\" | base64 --decode);echo\n2. Get the Jenkins URL to visit by running these commands in the same shell:\n export POD_NAME=$(kubectl get pods --namespace default -l \"app.kubernetes.io/component=jenkins-master\" -l \"app.kubernetes.io/instance=jenkins\" -o jsonpath=\"{.items[0].metadata.name}\")\n echo http://127.0.0.1:8080\n kubectl --namespace default port-forward $POD_NAME 8080:8080\n\n3. Login with the password from step 1 and the username: admin\n\n4. Use Jenkins Configuration as Code by specifying configScripts in your values.yaml file, see documentation: http:///configuration-as-code and examples: https://github.com/jenkinsci/configuration-as-code-plugin/tree/master/demos\n\nFor more information on running Jenkins on Kubernetes, visit:\nhttps://cloud.google.com/solutions/jenkins-on-container-engine\nFor more information about Jenkins Configuration as Code, visit:\nhttps://jenkins.io/projects/jcasc/"}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"總結"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"通過K3S/K3D, 有以下優勢:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"numberedlist","attrs":{"start":null,"normalizeStart":1},"content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":1,"align":null,"origin":null},"content":[{"type":"text","text":"創建, 部署, 啓動集羣快;"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":2,"align":null,"origin":null},"content":[{"type":"text","text":"集羣消耗資源少;"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":3,"align":null,"origin":null},"content":[{"type":"text","text":"創建的集羣擁有完善的基礎功能;"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":4,"align":null,"origin":null},"content":[{"type":"text","text":"可以提供和標準K8S集羣一致的:"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}