問(wèn)題:生產(chǎn)環(huán)境部署k8s是使用二進(jìn)制還是使用kubeadm?
https://studygolang.com/articles/18186?fr=sidebar
目前k8s的組件都是通過(guò)systemd來(lái)維護(hù)的胚吁,所以二進(jìn)制安裝画恰,調(diào)試bug比較方便。從官方渠道來(lái)看衩侥,kubeadm是官方提供的開(kāi)源安裝工具艰赞,帶有普適性忿墅。
普遍性來(lái)講蓉冈,使用kubeadm可以帶來(lái)標(biāo)準(zhǔn)化安裝的完整步驟明未。并且kubeadm已經(jīng)是一個(gè)開(kāi)源項(xiàng)目瞳别,團(tuán)隊(duì)投入精力征候,后面產(chǎn)出都融入到這個(gè)項(xiàng)目中了杭攻。對(duì)個(gè)人、團(tuán)隊(duì)都有一種榮譽(yù)感疤坝。反而兆解,二進(jìn)制安裝屬于優(yōu)化版本,自己維護(hù)跑揉,自己使用锅睛。沒(méi)有社區(qū)的協(xié)作,之后的維護(hù)成本高于回報(bào)历谍。
如果沒(méi)有特別的要求现拒,建議直接使用kubeadm組件來(lái)搭建自己的安裝k8s的工具。
kubeadm是官方社區(qū)推出的一個(gè)用于快速部署kubernetes集群的工具望侈。
這個(gè)工具能通過(guò)兩條指令完成一個(gè)kubernetes集群的部署:
# 創(chuàng)建一個(gè) Master 節(jié)點(diǎn)
$ kubeadm init
# 將一個(gè) Node 節(jié)點(diǎn)加入到當(dāng)前集群中
$ kubeadm join <Master節(jié)點(diǎn)的IP和端口>
1. 安裝要求
在開(kāi)始之前印蔬,部署Kubernetes集群機(jī)器需要滿足以下幾個(gè)條件:
- 一臺(tái)或多臺(tái)機(jī)器,操作系統(tǒng) CentOS7.x-86_x64
- 硬件配置:2GB或更多RAM脱衙,2個(gè)CPU或更多CPU侥猬,硬盤(pán)30GB或更多
- 集群中所有機(jī)器之間網(wǎng)絡(luò)互通
- 可以訪問(wèn)外網(wǎng),需要拉取鏡像
- 禁止swap分區(qū)
2. 目標(biāo)
- 在所有節(jié)點(diǎn)上安裝Docker和kubeadm
- 部署Kubernetes Master
- 部署容器網(wǎng)絡(luò)插件
- 部署 Kubernetes Node捐韩,將節(jié)點(diǎn)加入Kubernetes集群中
- 部署Dashboard Web頁(yè)面退唠,可視化查看Kubernetes資源
3. 準(zhǔn)備環(huán)境
Kubernetes架構(gòu)圖:
kubernetes架構(gòu)圖
| 角色 | IP地址 |
|---|---|
| k8s-master | 192.168.0.10 |
| k8s-node1 | 192.168.0.20 |
| k8s-node2 | 192.168.0.30 |
關(guān)閉防火墻:
systemctl stop firewalld
systemctl disable firewalld
關(guān)閉selinux:
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
關(guān)閉swap:
swapoff -a # 臨時(shí)
sed -ri 's/.*swap.*/#&/' /etc/fstab # 永久
根據(jù)規(guī)劃設(shè)置主機(jī)名:
hostnamectl set-hostname <hostname>
在Master添加Hosts:
cat >>/etc/hosts <<EOF
172.16.1.119 k8s-master
172.16.1.120 k8s-node001
172.16.1.121 k8s-node002
EOF
將橋接的IPv4流量傳遞到iptables的鏈:
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
4. 所有節(jié)點(diǎn)安裝Docker/kubeadm/kubelet
Kubernetes默認(rèn)CRI(容器運(yùn)行時(shí))為Docker,因此先安裝Docker奥帘。
4.1 安裝Docker(以一臺(tái)為例铜邮,其他相同)
# 1. 卸載舊版本
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
# 2. 使用存儲(chǔ)庫(kù)安裝
yum install -y yum-utils
# 3. 設(shè)置鏡像倉(cāng)庫(kù)(修改為國(guó)內(nèi)源地址)
yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 5. 更新索引
yum makecache fast
# 4. 安裝docker相關(guān)的依賴 默認(rèn)最新版(docker-ce:社區(qū)版 ee:企業(yè)版)
yum install docker-ce docker-ce-cli containerd.io -y
#5. 安裝特定docker版本(先列出列出可用版本)
yum list docker-ce --showduplicates | sort -r
yum install docker-ce-19.03.9 docker-ce-cli-19.03.9 containerd.io
# 6. 啟動(dòng)docker
systemctl start docker
systemctl enable docker
# 7. 查看版本
[root@k8s-master ~]# docker --version
Docker version 19.03.11, build 42e35e61f3
# 8. 配置docker鏡像加速
## 后續(xù)的kubelet要與docker驅(qū)動(dòng)一致為systemd,這里提前配置好
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
systemctl daemon-reload
systemctl restart docker
4.2 添加kubernetes國(guó)內(nèi)軟件源
$ cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
4.3 所有節(jié)點(diǎn)安裝kubeadm寨蹋,kubelet和kubectl
由于版本更新頻繁松蒜,這里可以指定版本號(hào)部署:
yum install kubelet-1.18.5 kubeadm-1.18.5 kubectl-1.18.5 -y
systemctl enable kubelet
#篩選版本號(hào)
[root@k8s-master ~]# yum list kubelet kubectl kubeadm --showduplicates | sort -r|grep 1.18.5
kubelet.x86_64 1.18.5-0 kubernetes
kubectl.x86_64 1.18.5-0 kubernetes
kubeadm.x86_64 1.18.5-0 kubernetes
5. 部署Kubernetes Master
# kubelet要與docker驅(qū)動(dòng)一致為systemd
# 到kubeadm的啟動(dòng)文件中:KUBELET_KUBECONFIG_ARGS 后面追加 --cgroup-driver=systemd
[root@k8s-master ~]# vim /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=systemd"
注意 : 由于kubeadm 默認(rèn)從官網(wǎng)k8s.grc.io下載所需鏡像,國(guó)內(nèi)無(wú)法訪問(wèn)已旧,因此需要通--image-repository指定阿里云鏡像倉(cāng)庫(kù)地址
#在master節(jié)點(diǎn)執(zhí)行
[root@k8s-master ~]# kubeadm init \
--apiserver-advertise-address=192.168.0.10 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.18.0 \
--service-cidr=10.10.0.0/16 \
--pod-network-cidr=10.244.0.0/16
## --apiserver-advertise-address : master節(jié)點(diǎn)的apiserver-IP通信地址
## --kubernetes-version : k8s版本
## --image-repository : 指定kubeadm鏡像倉(cāng)庫(kù)的地址
## --service-cidr : 指定為Service分配使用的網(wǎng)絡(luò)地址秸苗,由kubernetes管理
## --pod-network-cidr : 指定Pod分配使用的網(wǎng)段地址,通常應(yīng)該與要部署使用的網(wǎng)絡(luò)插件(flannel运褪、calico等)的默認(rèn)設(shè)定保持一致
....
# 記錄生成的最后部分內(nèi)容
kubeadm join 192.168.0.10:6443 --token g2b4cr.044kd5f4gqdqctq8 \
--discovery-token-ca-cert-hash sha256:752c37ab98b7504df0250ed9882cc42b671a11d500530880c0d1b5578498835e
6. 使用kubectl工具
# 在master節(jié)點(diǎn)執(zhí)行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
# 執(zhí)行下面命令惊楼,使kubectl可以自動(dòng)補(bǔ)充
source <(kubectl completion bash)
查看節(jié)點(diǎn),pod
#node節(jié)點(diǎn)為NotReady秸讹,因?yàn)閏orednspod沒(méi)有啟動(dòng)檀咙,缺少網(wǎng)絡(luò)pod
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master NotReady master 16m v1.18.5
[root@k8s-master ~]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-7ff77c879f-qc7mf 0/1 Pending 0 6m
coredns-7ff77c879f-rs5jt 0/1 Pending 0 6m
etcd-k8s-master 1/1 Running 0 6m
kube-apiserver-k8s-master 1/1 Running 0 6m
kube-controller-manager-k8s-master 1/1 Running 0 6m
kube-proxy-nml2s 1/1 Running 0 6m
kube-scheduler-k8s-master 1/1 Running 0 6m
7. 為k8s集群配置網(wǎng)絡(luò)插件(CNI)
Kubernetes CNI網(wǎng)絡(luò)對(duì)比參考
Kubernetes網(wǎng)絡(luò)組件之Calico策略實(shí)踐(BGP、RR璃诀、IPIP)
安裝calico網(wǎng)絡(luò)插件的方法(本文使用calico)
wget https://docs.projectcalico.org/manifests/calico.yaml
kubectl apply -f calico.yaml
#查看集群pod狀態(tài)和node狀態(tài)
[root@k8s-master ~]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-578894d4cd-qqj8q 1/1 Running 0 5m46s
calico-node-dzsq2 1/1 Running 0 5m46s
coredns-7ff77c879f-qc7mf 1/1 Running 0 43m
coredns-7ff77c879f-rs5jt 1/1 Running 0 43m
etcd-k8s-master 1/1 Running 0 43m
kube-apiserver-k8s-master 1/1 Running 0 43m
kube-controller-manager-k8s-master 1/1 Running 0 43m
kube-proxy-nml2s 1/1 Running 0 43m
kube-scheduler-k8s-master 1/1 Running 0 43m
[root@k8s-master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 44m v1.18.5
Calico管理工具
下載工具連接:https://github.com/projectcalico/calicoctl/releases/download/v3.14.2/calicoctl
wget https://github.com/projectcalico/calicoctl/releases/download/v3.14.2/calicoctl
chmod +x calicoctl
mv calicoctl /usr/bin/
#添加配置文件
mkdir /etc/calico
[root@k8s-master yaml]# cat /etc/calico/calicoctl.cfg
apiVersion: projectcalico.org/v3
kind: CalicoAPIConfig
metadata:
spec:
datastoreType: "etcdv3"
etcdEndpoints: "https://192.168.0.10:2379,https://192.168.0.20:2379,https://192.168.0.30:2379"
etcdKeyFile: "/etc/kubernetes/pki/etcd/server.key"
etcdCertFile: "/etc/kubernetes/pki/etcd/server.crt"
etcdCACertFile: "/etc/kubernetes/pki/etcd/ca.crt"
[root@k8s-master yaml]# calicoctl node status
Calico process is running.
IPv4 BGP status
+--------------+-------------------+-------+----------+-------------+
| PEER ADDRESS | PEER TYPE | STATE | SINCE | INFO |
+--------------+-------------------+-------+----------+-------------+
| 172.16.0.20 | node-to-node mesh | up | 02:37:05 | Established |
| 172.16.0.30 | node-to-node mesh | up | 02:37:06 | Established |
+--------------+-------------------+-------+----------+-------------+
IPv6 BGP status
No IPv6 peers found.
#node-to-node mesh:就是node節(jié)點(diǎn)互通的意思
calicoctl get node
calicoctl get ippool
如果node節(jié)點(diǎn)非常多的前提下弧可,node互通就會(huì)形成一個(gè)巨大的服務(wù)網(wǎng)格,連接數(shù)也成倍增加
所以需要通過(guò)Route Reflector模式(RR) 路由反射器
確定一個(gè)或多個(gè)calico節(jié)點(diǎn)充當(dāng)路由反射器劣欢,讓其他節(jié)點(diǎn)從這個(gè)RR節(jié)點(diǎn)獲取路由信息
安裝flannel網(wǎng)絡(luò)插件的方法
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
# 默認(rèn)鏡像地址無(wú)法訪問(wèn)外網(wǎng)棕诵,可以修改為docker hub鏡像倉(cāng)庫(kù)
# 245684979/flannel:v0.12.0-amd64
sed -ri "s#quay.io/coreos/flannel:.*-amd64#245684979/flannel:v0.11.0-amd64#g" kube-flannel.yml
# 需要注意的是如果節(jié)點(diǎn)有多個(gè)網(wǎng)卡的話裁良,需要在 kube-flannel.yml 中使用--iface參數(shù)指定集群主機(jī)內(nèi)網(wǎng)網(wǎng)卡的名稱,否則可能會(huì)出現(xiàn) dns 無(wú)法解析校套。flanneld 啟動(dòng)參數(shù)加上--iface=<iface-name>
args:
- --ip-masq
- --kube-subnet-mgr
- --iface=eth0
部署好calico網(wǎng)絡(luò)插件价脾,Node準(zhǔn)備就緒
8. 加入Kubernetes Node節(jié)點(diǎn)
向集群添加新節(jié)點(diǎn),使用在Master執(zhí)行kubeadm init最后輸出的kubeadm join命令:
#所有node節(jié)點(diǎn)上執(zhí)行
kubeadm join 192.168.0.10:6443 --token g2b4cr.044kd5f4gqdqctq8 \
--discovery-token-ca-cert-hash sha256:752c37ab98b7504df0250ed9882cc42b671a11d500530880c0d1b5578498835e
-----------------------------------------------
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
#翻譯:
該節(jié)點(diǎn)已加入集群:
* 證書(shū)簽名請(qǐng)求已發(fā)送到apiserver并收到了響應(yīng)笛匙。
* Kubelet被告知新的安全連接詳細(xì)信息侨把。
在控制平面上運(yùn)行“ kubectl獲取節(jié)點(diǎn)”以查看該節(jié)點(diǎn)是否已加入集群。
在master節(jié)點(diǎn)查看集群pod狀態(tài)
[root@k8s-master ~]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-578894d4cd-qqj8q 1/1 Running 0 24m
calico-node-64s8s 1/1 Running 0 10m
calico-node-dzsq2 1/1 Running 0 24m
calico-node-j4t7q 1/1 Running 0 10m
coredns-7ff77c879f-qc7mf 1/1 Running 0 61m
coredns-7ff77c879f-rs5jt 1/1 Running 0 61m
etcd-k8s-master 1/1 Running 0 61m
kube-apiserver-k8s-master 1/1 Running 0 61m
kube-controller-manager-k8s-master 1/1 Running 0 61m
kube-proxy-4n4z6 1/1 Running 0 10m
kube-proxy-jls9k 1/1 Running 0 10m
kube-proxy-nml2s 1/1 Running 0 61m
kube-scheduler-k8s-master 1/1 Running 0 61m
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 63m v1.18.5
k8s-node01 Ready <none> 12m v1.18.5
k8s-node02 Ready <none> 11m v1.18.5
9. 測(cè)試kubernetes集群
在Kubernetes集群中創(chuàng)建一個(gè)pod膳算,驗(yàn)證是否正常運(yùn)行:
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
[root@k8s-master ~]# kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/nginx-f89759699-f2dwd 1/1 Running 0 8m59s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.10.0.1 <none> 443/TCP 73m
service/nginx NodePort 10.10.23.7 <none> 80:30480/TCP 6m56s
#本地進(jìn)行訪問(wèn)
[root@k8s-master ~]# curl -I http://10.10.23.7:80
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Fri, 17 Jul 2020 10:47:44 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 07 Jul 2020 15:52:25 GMT
Connection: keep-alive
ETag: "5f049a39-264"
Accept-Ranges: bytes
#測(cè)試完成后刪除pod
kubectl delete deployments nginx
注意: 用kubeadm 安裝的k8s集群默認(rèn)情況 master節(jié)點(diǎn)是不參與POD負(fù)載的座硕,即POD不會(huì)被調(diào)度到master節(jié)點(diǎn)上運(yùn)行弛作,只會(huì)調(diào)度到work 節(jié)點(diǎn)上運(yùn)行涕蜂,但有時(shí)候節(jié)點(diǎn)不夠多,work node資源不夠時(shí)可以通過(guò)命令讓master接受POD調(diào)度映琳,注意這種方式只能臨時(shí)采用机隙,若因參與運(yùn)行POD導(dǎo)致 master資源不足可能會(huì)導(dǎo)致整個(gè)集群不穩(wěn)定。
#讓master節(jié)點(diǎn)參與POD負(fù)載的命令為
kubectl taint nodes --all node-role.kubernetes.io/master
#讓master節(jié)點(diǎn)恢復(fù)不參與POD負(fù)載的命令為
kubectl taint nodes k8s-master node-role.kubernetes.io/master=:NoSchedule
#讓master節(jié)點(diǎn)恢復(fù)不參與POD負(fù)載萨西,并將Node上已經(jīng)存在的Pod驅(qū)逐出去的命令為
kubectl taint nodes k8s-master node-role.kubernetes.io/master=:NoExecute
10. 部署 Dashboard
官方部署dashboard的服務(wù)沒(méi)使用nodeport有鹿,只能集群內(nèi)部訪問(wèn),修改Service為NodePort類型谎脯,暴露到外部
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc7/aio/deploy/recommended.yaml
[root@k8s-master ~]# vim recommended.yaml (32gg)
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
ports:
- port: 443
targetPort: 8443
nodePort: 30001 #添加類型
type: NodePort
selector:
k8s-app: kubernetes-dashboard
# 進(jìn)行構(gòu)建
kubectl apply -f recommended.yaml
#查看dashboard的pod狀態(tài)
[root@k8s-master ~]# kubectl get pods,svc -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
pod/dashboard-metrics-scraper-dc6947fbf-xzbtb 1/1 Running 0 35s
pod/kubernetes-dashboard-5d4dc8b976-28ptb 1/1 Running 0 35s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/dashboard-metrics-scraper ClusterIP 10.10.18.108 <none> 8000/TCP 35s
service/kubernetes-dashboard NodePort 10.10.138.185 <none> 443:30001/TCP 36s
訪問(wèn)地址:https://NodeIP:30001
https://192.168.0.20:30001/
創(chuàng)建服務(wù)帳號(hào)并綁定默認(rèn)集群管理員角色:
kubectl create serviceaccount dashboard-admin -n kube-system
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
使用輸出的token進(jìn)行登錄Dashboard葱跋,執(zhí)行下面命令獲取token
[root@k8s-master ~]# kubectl get secret -n kube-system|grep admin-token
dashboard-admin-token-56vcv kubernetes.io/service-account-token 3 4d14h
#會(huì)生成一串很長(zhǎng)的base64后的字符串
[root@k8s-master ~]# kubectl get secret dashboard-admin-token-56vcv -o jsonpath={.data.token} -n kube-system |base64 -d
eyJhbGciOiJSUzI1NiIsImtpZCI6InhQcU8xTFZFdVFsRXdLT3VtMDdLRDV6OEVhUUItcjNod1NiMTZYbllyWkkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW5 \
0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hb \
WUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tNTZ2Y3YiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkL \
WFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNGFlZTQwZGEtNmE1MS00Mjc1LWE1YzEtZDEwM2UyYzhjNWExI \
iwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.WUdgIC5VWhJAeg-gb95mOKc- \
YlhvMaZdhR1cXiax3bHu44a_U7513DQ5h0IYBvvd3EXsBsavjxZL-DpEHwCHA7l0M5RF1GWHDkdN6MAXVgUO62OdpXXyJMK50QUpOA0yY8PhjoDqUR4wPlWE3-I1xfK_xtxn-au5Z- \
odFxSpzShQFBqjJjWQiAZRqptmHu0o_SaGOHs4SskPmzPXcPKO9bo0iiQY85IOaKvcxwd_993VG1aqRIkvquyjrUVyB7vAxNGPHAWoDG26RwUeE7dsSZSnXUenGu \
CKLz7l68miVkal2QuIIkRX8uwGDGhm3vXmo0ovHcIgBb59I7qoqCN84A
注意 : 在 dashboard 登錄頁(yè)面上直接使用上面創(chuàng)建認(rèn)集群管理員角色后得到的 token 字符串才可登錄,這樣就可以擁有管理員權(quán)限操作整個(gè) kubernetes 集群的對(duì)象源梭,當(dāng)然你也可以為你的登錄用戶新建一個(gè)指定操作權(quán)限的用戶娱俺。登陸后如果沒(méi)有namespace可選,并且提示找不到資源 废麻,那么就是權(quán)限問(wèn)題荠卷。
此時(shí)整體的workload處仍然沒(méi)有CPU和內(nèi)存的信息
image
Pod中也無(wú)法確認(rèn)到資源的詳細(xì)信息
image
需要安裝Metrics Server
#下載官方y(tǒng)aml文件
wget https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.3.6/components.yaml
#修改鏡像地址(默認(rèn)國(guó)外地址)
containers:
- name: metrics-server
image: registry.aliyuncs.com/google_containers/metrics-server-amd64:v0.3.6
imagePullPolicy: IfNotPresent
args:
- --cert-dir=/tmp
- --secure-port=4443
command:
- /metrics-server
- --kubelet-preferred-address-types=InternalIP
- --kubelet-insecure-tls
#構(gòu)建
kubectl apply -f components.yaml
[root@k8s-master ~]# kubectl get pod -n kube-system metrics-server-b8ff4bb4-fvj2w
NAME READY STATUS RESTARTS AGE
metrics-server-b8ff4bb4-fvj2w 1/1 Running 0 18s
#查看node和pod的cpu和內(nèi)存使用率
[root@k8s-master ~]# kubectl top pod
NAME CPU(cores) MEMORY(bytes)
java-demo-b57dd87fb-5rlsl 4m 184Mi
java-demo-b57dd87fb-cp2tq 2m 168Mi
java-demo-b57dd87fb-shr4k 2m 162Mi
web-64c686b49d-479qh 2m 182Mi
web-64c686b49d-jw95h 4m 171Mi
web-64c686b49d-vbbnx 2m 187Mi
[root@k8s-master ~]# kubectl top node
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
k8s-master 370m 18% 1044Mi 36%
k8s-node01 242m 12% 1170Mi 62%
k8s-node02 230m 11% 937Mi 49%
訪問(wèn)dashboard查看CPU和內(nèi)存的使用率的變化情況
image
查看Pod也可以顯示詳細(xì)的資源變化率的情況了
image
解決Google瀏覽器不能打開(kāi)kubernetes dashboard方法
https://blog.csdn.net/Lfwthotpt/article/details/105992874
11. 測(cè)試
#創(chuàng)建一個(gè)nginx的pod
[root@k8s-master ~]# kubectl create deployment nginx --image=nginx
deployment.apps/nginx created
#查看pod狀態(tài)
[root@k8s-master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-f89759699-mr2fk 1/1 Running 0 27s 10.244.58.198 k8s-node02 <none> <none>
#多進(jìn)行訪問(wèn)幾次
[root@k8s-master ~]# curl 10.244.58.198
在dashboard界面進(jìn)行查看和訪問(wèn)
查看此pod的日志并登陸訪問(wèn)
訪問(wèn)登陸此pod容器
