9.集群中測(cè)試啟用一個(gè)nginx實(shí)例
1.在1臺(tái)master上執(zhí)行以下命令
[root@master1 ~]# kubectl run nginx --replicas=2 --labels="run=nginx-service" --image=172.16.0.2:5000/docker.io/nginx --port=80
deployment.apps/nginx created
nginx 為實(shí)例名
--replicas=2 創(chuàng)建2個(gè)復(fù)本
--labels 標(biāo)簽
--image 鏡像地址,搭建的是本地私有倉(cāng)庫(kù)
--port 啟用80端口
查看應(yīng)用名
[root@master1 ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 2 2 2 2 9s
查看復(fù)本名
[root@master1 ~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
nginx-6c9b9fc894 2 2 2 13s
查看node節(jié)點(diǎn)
[root@master1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
172.16.0.8 Ready <none> 1d v1.11.0
172.16.0.9 Ready <none> 1d v1.11.0
查看啟動(dòng)的pod名稱
[root@master1 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6c9b9fc894-8ccwr 1/1 Running 0 22s
nginx-6c9b9fc894-wx449 1/1 Running 0 22s
刪除nginx應(yīng)用執(zhí)行以下命令即可
[root@master1 ~]# kubectl delete deployment nginx
deployment.extensions "nginx" deleted
或kubectl delete deploy/nginx
[root@master1 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
example-service NodePort 169.169.27.9 <none> 80:55313/TCP 23h
kubernetes ClusterIP 169.169.0.1 <none> 443/TCP 5d
或kubectl delete svc/example-service
縮減少或者擴(kuò)容pod
[root@master1 ~]# kubectl scale deployment nginx --replicas=3
deployment.extensions/nginx scaled
[root@master1 ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 3 3 3 3 6d
[root@master1 ~]# kubectl get deployment -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
nginx 3 3 3 3 6d nginx 172.16.0.2:5000/docker.io/nginx run=wbb
分配一個(gè)虛擬集群ip(169.169.0.0段的ip)
[root@master2 ~]#kubectl expose deployment nginx --type=NodePort --name=nginx-service
查看svc集群ip分配情況及刪除
[root@master2 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 169.169.0.1 <none> 443/TCP 5d
nginx-service NodePort 169.169.157.14 <none> 800:52773/TCP 2s
[root@master1 ~]#kubectl delete deployment nginx
[root@master1 ~]# kubectl delete svc example-service
service "example-service" deleted
查看創(chuàng)建的pod分配情況nginx-service
[root@master2 ~]# kubectl describe svc nginx-service
Name: nginx-service
Namespace: default
Labels: run=nginx-service
Annotations: <none>
Selector: run=nginx-service
Type: NodePort
IP: 169.169.157.14
Port: <unset> 800/TCP
TargetPort: 800/TCP
NodePort: <unset> 52773/TCP
Endpoints: 10.10.12.2:800,10.10.36.2:800
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
[root@node1 ~]# curl -L http://10.10.36.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a >nginx.org</a>.
Commercial support is available at
<a >nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@node2 ~]# curl -L http://10.10.12.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a >nginx.org</a>.
Commercial support is available at
<a >nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
以后安裝完后,發(fā)現(xiàn)二個(gè)node間不能互相訪問(wèn),即在node1上執(zhí)行curl http://10.10.12.2,發(fā)現(xiàn)獲取不到nginx數(shù)據(jù),執(zhí)行以下二個(gè)即可
modprobe ip_tables;
iptables -P FORWARD ACCEPT;
注意: 此時(shí)可能會(huì)出現(xiàn)不同node節(jié)點(diǎn)上面的pod之間網(wǎng)絡(luò)不通竞惋,解決方法如下
設(shè)置所有節(jié)點(diǎn)iptables
yum install iptables-services -y;
systemctl disable iptables;
systemctl stop iptables;
modprobe ip_tables;
iptables -P FORWARD ACCEPT;
10.coredns安裝
第一種方式:從官網(wǎng)下載
mkdir coredns && cd coredns
wget https://raw.githubusercontent.com/coredns/deployment/master/kubernetes/coredns.yaml.sed
wget https://raw.githubusercontent.com/coredns/deployment/master/kubernetes/deploy.sh
chmod +x deploy.sh
./deploy.sh -i 10.96.0.10 > coredns.yml
kubectl apply -f coredns.yml
查看
kubectl get pods --namespace kube-system
kubectl get svc --namespace kube-system
然后在所有node節(jié)點(diǎn)的
[root@node2 kubernetes]# cat kubelet.conf
KUBELET_ARGS="--cgroup-driver=systemd
--hostname-override=172.16.0.9
--cert-dir=/etc/kubernetes/pki
--bootstrap-kubeconfig=/etc/kubernetes/bootstrap.kubeconfig
--kubeconfig=/etc/kubernetes/kubelet.kubeconfig
--cluster-dns=169.169.0.2
--cluster-domain=cluster.local" 增加以上二行
然后重啟kubelet服務(wù)
測(cè)試是否生效
1.在master服務(wù)器上生成二個(gè)nginx服務(wù)
kubectl run nginx --replicas=2 --labels="run=wbb" --image=172.16.0.2:5000/docker.io/nginx --port=800
deployment.apps/nginx created
2.在node上查看,nginx的容器和coredns的容器已啟動(dòng)
[root@node2 kubernetes]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4462774c0860 172.16.0.2:5000/docker.io/nginx@sha256:0b5c73966ec996a05672c4aea0a0d1910c6d7495147805ef88205bff51e119f3 "nginx -g 'daemon ..." 32 minutes ago Up 32 minutes k8s_nginx_nginx-66b6fb98fd-gdz97_default_5c2de123-c2ed-11e8-af1a-5254d2b1bb60_0
bfe9625300e7 k8s.gcr.io/pause:3.1 "/pause" 32 minutes ago Up 32 minutes k8s_POD_nginx-66b6fb98fd-gdz97_default_5c2de123-c2ed-11e8-af1a-5254d2b1bb60_0
3ca7f4570d93 docker.io/coredns/coredns@sha256:3e2be1cec87aca0b74b7668bbe8c02964a95a402e45ceb51b2252629d608d03a "/coredns -conf /e..." 3 hours ago Up 3 hours k8s_coredns_coredns-55f86bf584-95xd7_kube-system_5f915bfb-c2d5-11e8-af1a-5254d2b1bb60_0
b204ac0c0a88 k8s.gcr.io/pause:3.1 "/pause" 3 hours ago Up 3 hours k8s_POD_coredns-55f86bf584-95xd7_kube-system_5f915bfb-c2d5-11e8-af1a-5254d2b1bb60_0
在集群的master,node服務(wù)器上執(zhí)行以下,說(shuō)明nginx啟動(dòng)正常
[root@node2 kubernetes]# curl -L http://10.10.36.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a >nginx.org</a>.
Commercial support is available at
<a >nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
登錄任意臺(tái)nginx容器里檢查/etc/resolv.conf里配置文件是否已修改為169.169.0.2dns的虛擬ip
[root@master1 coredns]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-66b6fb98fd-g54fk 1/1 Running 0 34m
nginx-66b6fb98fd-gdz97 1/1 Running 0 34m
說(shuō)明容器里面的dns已指向了coredns了
[root@master1 coredns]# kubectl exec -it nginx-66b6fb98fd-gdz97 /bin/bash
root@nginx-66b6fb98fd-gdz97:/# cat /etc/resolv.conf
nameserver 169.169.0.2
search default.svc.cluster.local svc.cluster.local cluster.local hk1.zfcloud.com
options ndots:5
-------------------------------------------------------------------------------------------------------------------------------------------------------以上coredns安裝完畢
第二種方式:
下載kubernetes源碼包時(shí),里面已包括了coredns的安裝腳本放在
按上面方式也是一樣可以安裝
11.dashboard-ui平臺(tái)安裝
1.下載鏡像文件
然后導(dǎo)入私有倉(cāng)庫(kù)k8s.gcr.io/kubernetes-dashboard-amd64
k8s.gcr.io/kube-apiserver-amd64 v1.11.3 3de571b6587b 2 weeks ago 187 MB
172.16.0.2:5000/k8s.gcr.io/kubernetes-dashboard-amd64 v1.10.0 0dab2435c100 5 weeks ago 122 MB
2.從kubernetes源碼包里直接安裝
ls /root/kubernetes/cluster/addons/dashboard
dashboard-controller.yaml dashboard-rbac.yaml dashboard-secret.yaml dashboard-service.yaml
vim dashboard-controller.yaml
[root@master1 dashboard]# cat dashboard-controller.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
serviceAccountName: dashboard
containers:
- name: kubernetes-dashboard
image: 172.16.0.2:5000/k8s.gcr.io/kubernetes-dashboard-amd64 修改鏡像文件為本地搭建的私有倉(cāng)庫(kù),然后下載鏡像
resources:
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 9090
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
[root@master1 dashboard]# cat dashboard-service.yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
type: NodePort 增加此行
selector:
k8s-app: kubernetes-dashboard
ports:
- port: 80
targetPort: 9090
2.創(chuàng)建文件
[root@master1 dashboard]# kubectl create -f kubernetes-dashboard.yaml dashboard-rbac.yaml dashboard-secret.yaml dashboard-service.yaml 最好一個(gè)個(gè)文件執(zhí)行
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
3.刪除yaml文件產(chǎn)生的容器,用以下方式
kubectl delete -f rc-nginx.yaml
[root@master1 dashboard]# kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE
coredns-55f86bf584-6lg79 1/1 Running 0 2d 10.10.36.3 172.16.0.8
coredns-55f86bf584-95xd7 1/1 Running 0 2d 10.10.12.3 172.16.0.9
kubernetes-dashboard-58c47d9476-gv6x4 1/1 Running 0 1d 10.10.36.4 172.16.0.8 出現(xiàn)此行說(shuō)明dashboard已安裝完成,并啟動(dòng)成功,安裝在172.16.0.8的node節(jié)點(diǎn)服務(wù)器上,容器的ip為10.10.36.4
[root@master1 dashboard]# kubectl get svc -n kube-system -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kube-dns ClusterIP 169.169.0.2 <none> 53/UDP,53/TCP 2d k8s-app=kube-dns
kubernetes-dashboard NodePort 169.169.110.197 <none> 80:17189/TCP 1d k8s-app=kubernetes-dashboard 由于啟用了Nodeport,所 容器有對(duì)外映射一個(gè)17189的端口,到此dashboard平臺(tái)已搭建完畢,但還是不能訪問(wèn)
如何在外網(wǎng)訪問(wèn),并打開頁(yè)面
之前在etcd有安裝haproxy+keepalived
vim /etc/haproxy/haproxy.conf文件中最下面一行增如下內(nèi)容
listen dashborad
bind *:8086 外網(wǎng)訪問(wèn)端口為:8086
mode tcp
maxconn 65535
balance roundrobin
server node1 10.10.36.4:9090 check inter 10000 fall 2 rise 2 weight 1 etcd服務(wù)器可以直接訪問(wèn)dashboard 容器的ip地址,10.10.36.4的9090端口
或者用下面也可以
server node1 172.16.0.8:17189 check inter 10000 fall 2 rise 2 weight 1 node網(wǎng)卡節(jié)點(diǎn)ip:映射的外網(wǎng)端口.通過(guò)harpoxy反射代理來(lái)訪問(wèn)
然后重啟haproxy
瀏覽器輸入以下鏈接訪問(wèn)頁(yè)面
http://172.16.0.100:8086的負(fù)載均衡ip地址
-----------------------------------------------------------------------------------------------------------------------------------------------到此dashboard安裝完畢