環(huán)境依賴
- 需要事先正確安裝
Docker Desktop - 筆記本最好不低于16G內(nèi)存
背景說明
學(xué)習(xí)Kubernetes的第一步就需要搭建一個(gè)可用的Kubernetes環(huán)境,這里針對(duì)Windows的安裝過程做簡(jiǎn)要記錄
解決方案
事先安裝Docker Desktop
image.png
日志目錄
安裝過程中可能會(huì)出現(xiàn)錯(cuò)誤需要我們及時(shí)查看日志來排查問題蛹含,日志目錄:C:\ProgramData\DockerDesktop
image.png
版本確認(rèn)
首先確認(rèn)當(dāng)前需要安裝的版本毅厚,從下圖中可以看到需要安裝的版本為v1.22.4
image.png
鏡像配置
確認(rèn)鏡像源配置為阿里云鏡像加速
image.png
安裝鏡像
由于國(guó)內(nèi)的網(wǎng)絡(luò)問題,直接啟用Kubernetes會(huì)無(wú)法正常啟動(dòng)浦箱,如下圖所示
image.png
此時(shí)在github開源庫(kù)中提供了鏡像的阿里云方案https://github.com/AliyunContainerService/k8s-for-docker-desktop
image.png
進(jìn)行分支切換
image.png
找到對(duì)應(yīng)需要安裝的分支吸耿,并下載文件
image.png
文件下載后并解壓
image.png
執(zhí)行鏡像下載命令
image.png
查看已有鏡像
image.png
網(wǎng)絡(luò)配置
進(jìn)入目錄C:\Windows\System32\drivers\etc編輯文件hosts添加一行
# Kubernetes
127.0.0.1 kubernetes.docker.internal
image.png
否則執(zhí)行命令會(huì)出現(xiàn)如下錯(cuò)誤
PS D:\> kubectl.exe cluster-info
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
Unable to connect to the server: dial tcp: lookup kubernetes.docker.internal: no such host
服務(wù)啟用
把勾勾上,等待一段時(shí)間酷窥,就會(huì)發(fā)現(xiàn)下發(fā)那個(gè)kubernetes的點(diǎn)變綠了咽安,代表kubernetes啟動(dòng)成功
image.png
由于啟動(dòng)較慢,這里可以通過命令查看容器的啟動(dòng)狀態(tài)
image.png
命令驗(yàn)證
PS D:\> kubectl.exe cluster-info
Kubernetes control plane is running at https://kubernetes.docker.internal:6443
CoreDNS is running at https://kubernetes.docker.internal:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
此時(shí)即可以說明環(huán)境安裝正常
安裝看板
應(yīng)用配置
PS D:\k8s-for-docker-desktop-1.22.4> kubectl.exe apply -f .\kubernetes-dashboard.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-key-holder created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
deployment.apps/dashboard-metrics-scraper created
安裝進(jìn)度
PS D:\k8s-for-docker-desktop-1.22.4> kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
kubernetes-dashboard-576cb95f94-kx4xb 1/1 Running 0 50s
PS D:\k8s-for-docker-desktop-1.22.4> kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-c45b7869d-m5xvs 0/1 ContainerCreating 0 53s
kubernetes-dashboard-576cb95f94-kx4xb 1/1 Running 0 53s
PS D:\k8s-for-docker-desktop-1.22.4> kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-c45b7869d-m5xvs 0/1 ContainerCreating 0 54s
kubernetes-dashboard-576cb95f94-kx4xb 1/1 Running 0 54s
PS D:\k8s-for-docker-desktop-1.22.4> kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-c45b7869d-m5xvs 1/1 Running 0 2m24s
kubernetes-dashboard-576cb95f94-kx4xb 1/1 Running 0 2m24s
訪問Token
PS C:\Users\86183> $TOKEN=((kubectl -n kube-system describe secret default | Select-String "token:") -split " +")[1]
PS C:\Users\86183> kubectl config set-credentials docker-desktop --token="${TOKEN}"
User "docker-desktop" set.
PS C:\Users\86183> echo $TOKEN
eyJhbGciOiJSUzI1NiIsImtpZCI6InJ5WXh2Y0RTUXR0Tm95dDlxdVA0SS1XX01iNWhQbmZqa1pSOTRjZGpRTEEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2VuLXBiNnFiIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJkYzY2YWExYS1jZWIzLTRlNTctYjU5NC0yNWI3OTY2ZjlhOTYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06ZGVmYXVsdCJ9.xUByTlmquRcGd2BQBWyAMtHA0p0PbXfUaSFLhsHNjpJ7fnqmd35H7c_ydKXDnwIoC1L1HP2mNiRvnyOaOz3ivCSkgdcpirHes5C0t3Y4GQF0Avdx2J3ASI3iULh0jBwYtUUrc8YUMqCwEnhvqoiGDfjjiRl-qVlN_FejSWeSWohdleBVMihfZj205YqwQJXMCD5IhC3n8-H5Sb1dcIY6Uo7OS-1wtfFT_sRJuOMCakQH1WjEZQ5ViZeCUBRAd1ZMfwG4ul5X1aVbB0p_wM95uTUOpM7xDsCGUkKOpioQabvsZmQJmYPlxepLt56rdx0x7o6MlM_aWOzQq6klUiydhw
訪問看板
使用kubectl proxy命令訪問
PS D:\k8s-for-docker-desktop-1.22.4> kubectl proxy
Starting to serve on 127.0.0.1:8001
E0103 21:26:27.189764 18436 proxy_server.go:147] Error while proxying request: context canceled
E0103 21:26:27.189764 18436 proxy_server.go:147] Error while proxying request: context canceled
E0103 21:26:27.190290 18436 proxy_server.go:147] Error while proxying request: context canceled
E0103 21:26:27.190290 18436 proxy_server.go:147] Error while proxying request: context canceled
注意命令行窗口不要關(guān)閉
打開瀏覽器訪問網(wǎng)址
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy
image.png
填入Token并信息登錄
image.png
進(jìn)入后可以看到如下頁(yè)面
image.png
此時(shí)可以看到這里只有一個(gè)默認(rèn)的命名空間蓬推,且右側(cè)有錯(cuò)誤通知消息
image.png
訪問權(quán)限
清理舊提權(quán)
PS C:\Users\86183> kubectl delete clusterrolebinding serviceaccount-cluster-admin
Error from server (NotFound): clusterrolebindings.rbac.authorization.k8s.io "serviceaccount-cluster-admin" not found
創(chuàng)建集群用戶
PS C:\Users\86183> kubectl create clusterrolebinding serviceaccount-cluster-admin --clusterrole=cluster-admin --user=system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard
clusterrolebinding.rbac.authorization.k8s.io/serviceaccount-cluster-admin created
查token用于登錄
PS C:\Users\86183> kubectl describe secrets -n kubernetes-dashboard
Name: default-token-64tln
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: default
kubernetes.io/service-account.uid: e59829ab-b670-41ef-a336-00576bc0a50c
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1099 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6InJ5WXh2Y0RTUXR0Tm95dDlxdVA0SS1XX01iNWhQbmZqa1pSOTRjZGpRTEEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2VuLTY0dGxuIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJlNTk4MjlhYi1iNjcwLTQxZWYtYTMzNi0wMDU3NmJjMGE1MGMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6ZGVmYXVsdCJ9.uP2MZLTxP9upIM80rkRtGe9WQ447XWKLq3ohc78R_oAwNGMxntSiXjckibkfv8Sez5zBzvWlaP5MwkWRR10gJOnM7fL8_en3vMIjRZ7Mc-xXF7q9cT2K81FuvmPOyUkbDpk4PWGKwihfVo-wWgx1KduRVJAhWxakjbLpVKA91Ntqs3Cy2F-pXC65pkjZqzmq815z0lS62raoZczn_z0fWYenKBEfdEgLaBfoteX6cvQvdo-aYy7qKwD9FBWuy-1xxmT1BFBEqRFKgbSgvmE1yJilTfhuaq_fA1TAzB4LxbaEYtwGGdsawUDIIM7ccz1A4Ue01oJx7N8Jc-PixkOQpA
Name: kubernetes-dashboard-certs
Namespace: kubernetes-dashboard
Labels: k8s-app=kubernetes-dashboard
Annotations: <none>
Type: Opaque
Data
====
Name: kubernetes-dashboard-csrf
Namespace: kubernetes-dashboard
Labels: k8s-app=kubernetes-dashboard
Annotations: <none>
Type: Opaque
Data
====
csrf: 256 bytes
Name: kubernetes-dashboard-key-holder
Namespace: kubernetes-dashboard
Type: Opaque
Data
priv: 1679 bytes
Name: kubernetes-dashboard-token-gk6s8
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard
kubernetes.io/service-account.uid: 6f6c9deb-5638-4827-a9bb-765a93a3364a
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1099 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6InJ5WXh2Y0RTUXR0Tm95dDlxdVA0SS1XX01iNWhQbmZqa1pSOTRjZGpRTEEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1nazZzOCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjZmNmM5ZGViLTU2MzgtNDgyNy1hOWJiLTc2NWE5M2EzMzY0YSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.l54H6keE_5nswbim--I-HM9uSw27XAwHCavXr1D2wiLVEbSUrvfUyrn5RoPCOxSopCIRV8y4jbB76kmoE2ZdGhhoolGy-mSMEXX9SXrN3aiXzdfCF-OJ-C1KLCPXPFFiiMur9xLD9317OfCZZ9S6VJ6tUxJ4OPu2Zve5x-3_ZchlxlJ3fZNh6-r7vFN67W0RyFSfYj4nHTQD2e1CEyNEiapbybJyTi2o0CdnJKXRzMomZVVHW_e7K8mehJimygTBpNGbF1BoO6jdMJ2HE5OIwGs4GY-yo9nwdMgA9gFLYcAOtwjED2I1GCLDIN6VWoafOueZR9-oq6rRxCBRrSlF9g
登錄看板
image.png
image.png
此時(shí)這里可以看到多有的命令空間妆棒,且右側(cè)不會(huì)再有報(bào)錯(cuò)通知消息
保證kubeproxy處于啟動(dòng)狀態(tài)
創(chuàng)建應(yīng)用
image.png
此時(shí)查看Pod等待正常運(yùn)行即可
image.png
image.png
訪問應(yīng)用
打開瀏覽器訪問http://localhost:8080/
image.png
參考文檔
https://blog.csdn.net/qq_38836770/article/details/108801300
https://wayneshao.com/posts/10324.html
https://github.com/AliyunContainerService/k8s-for-docker-desktop/issues/180
https://blog.csdn.net/zhangbaoxiang/article/details/106559533
