汕头制作网站推荐,免费门户网站制作,网站建设需要什么硬件和软件有哪些方面,建设网站的市场分析#xff11;、环境准备
#xff08;1#xff09;配置好网络ip和主机名
control: node1: node2: 配置ip 主机名的过程省略
配置一个简单的基于hosts文件的名称解析 [rootnode1 ~]# vim /etc/hosts // 文件中新增以下三行 192.168.110.10 control 192.168.110.11 node1 1…、环境准备
1配置好网络ip和主机名
control: node1: node2: 配置ip 主机名的过程省略
配置一个简单的基于hosts文件的名称解析 [rootnode1 ~]# vim /etc/hosts // 文件中新增以下三行 192.168.110.10 control 192.168.110.11 node1 192.168.110.22 node2 [rootnode1 ~]# scp /etc/hosts rootnode1:/etc/hosts
The authenticity of host node1 (192.168.110.11) cant be established.
ED25519 key fingerprint is SHA256:84EopGSflyn0EP7RLvmnvaWPJCTe8G99eX4dF6XQzFk.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added node1 (ED25519) to the list of known hosts.
rootnode1s password:
hosts 100% 223 251.9KB/s 00:00
[rootnode1 ~]# scp /etc/hosts rootcontrol:/etc/hosts
The authenticity of host control (192.168.110.10) cant be established.
ED25519 key fingerprint is SHA256:84EopGSflyn0EP7RLvmnvaWPJCTe8G99eX4dF6XQzFk.
This host key is known by the following other names/addresses:~/.ssh/known_hosts:1: node1
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added control (ED25519) to the list of known hosts.
rootcontrols password:
hosts 100% 223 103.3KB/s 00:00
[rootnode1 ~]# scp /etc/hosts rootnode2:/etc/hosts
The authenticity of host node2 (192.168.110.22) cant be established.
ED25519 key fingerprint is SHA256:84EopGSflyn0EP7RLvmnvaWPJCTe8G99eX4dF6XQzFk.
This host key is known by the following other names/addresses:~/.ssh/known_hosts:1: node1~/.ssh/known_hosts:4: control
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added node2 (ED25519) to the list of known hosts.
rootnode2s password:
hosts
2允许root用户远程登录
从第三步开始所有的操作需要在三个节点上一起执行。
3调整防火墙
[rootcontrol ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[rootcontrol ~]# nft flush ruleset
4允许系统转发ipv4数据包
[rootcontrol ~]# vim /etc/sysctl.d/k8s.conf
[rootcontrol ~]# cat /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward 1
[rootcontrol ~]# sysctl -f /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward 1
[rootcontrol ~]# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward 1
5设置容器运行时
[rootcontrol ~]# dnf remove -y podman container* runc*
[rootcontrol ~]# dnf -y install dnf-utils //安装仓库配置命令行工具
[rootcontrol ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
设置docker 仓库安装docker和containerd 服务。
docker 对于容器进行管理的客户端架构docker只是将用户指令打包给containerd 进行容器启动 停止等控制容器的操作。
containerd 实际的容器管理服务
[rootcontrol ~]# dnf makecache
Waiting for process with pid 33407 to finish.
CentOS Stream 9 - BaseOS 1.3 kB/s | 7.5 kB 00:05
CentOS Stream 9 - AppStream 1.3 kB/s | 7.7 kB 00:05
CentOS Stream 9 - Extras packages 1.6 kB/s | 8.6 kB 00:05
Docker CE Stable - x86_64 1.8 kB/s | 58 kB 00:32
Metadata cache created.
[rootcontrol ~]# dnf install docker-ce docker-ce-cli containerd.io
[rootcontrol ~]# systemctl enable --now containerd.service
Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /usr/lib/systemd/system/containerd.service.
[rootcontrol ~]# containerd config dump /etc/containerd/config.toml // 生成完整配置文件
[rootcontrol ~]# containerd config default /etc/containerd/config.toml // 生成完整配置文件
[rootcontrol ~]# vim /etc/containerd/config.toml [rootcontrol ~]# systemctl restart containerd.service
6禁用swap交换分区
[rootcontrol ~]# swapoff -a
[rootcontrol ~]# vim /etc/fstab
[rootcontrol ~]# cat /etc/fstab#
# /etc/fstab
# Created by anaconda on Fri Aug 23 00:45:24 2024
#
# Accessible filesystems, by reference, are maintained under /dev/disk/.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run systemctl daemon-reload to update systemd
# units generated from this file.
#
/dev/mapper/cs_bogon-root / xfs defaults 0 0
UUIDd910d323-150c-40df-bd32-bdfb1f5c93b9 /boot xfs defaults 0 0
UUIDBA00-CA1F /boot/efi vfat umask0077,shortnamewinnt 0 2
#/dev/mapper/cs_bogon-swap none swap defaults 0 0 // 禁止交换分区在重启后挂载激活
二、K8s安装和集群初始化
1安装K8S 安装工具的软件包
[rootcontrol ~]# setenforce 0
[rootcontrol ~]#
[rootcontrol ~]# grep ^SELINUX /etc/selinux/config
SELINUXenforcing
[rootcontrol ~]# sed -i s/^SELINUXenforcing$/SELINUXpermissive/ /etc/selinux/config
[rootcontrol ~]# grep ^SELINUX /etc/selinux/config
SELINUXpermissive
[rootcontrol ~]# cat EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
nameKubernetes
baseurlhttps://pkgs.k8s.io/core:/stable:/v1.31/rpm/
enabled1
gpgcheck1
gpgkeyhttps://pkgs.k8s.io/core:/stable:/v1.31/rpm/repodata/repomd.xml.key
excludekubelet kubeadm kubectl cri-tools kubernetes-cni
EOF
[kubernetes]
nameKubernetes
baseurlhttps://pkgs.k8s.io/core:/stable:/v1.31/rpm/
enabled1
gpgcheck1
gpgkeyhttps://pkgs.k8s.io/core:/stable:/v1.31/rpm/repodata/repomd.xml.key
excludekubelet kubeadm kubectl cri-tools kubernetes-cni
[rootcontrol ~]# dnf -y install kubectl kubelet kubeadm --disableexcludeskubernetes
[rootcontrol ~]# systemctl enable kubelet.service
2集群初始化
核心命令 kubeadm init
获取初始化的默认配置并修改使之符合一般的集群初始化需要。
加快集群初始化进程提前下载集群运行的镜像。
[rootcontrol ~]# kubeadm config print init-defaults init.yml
[rootcontrol ~]# vim init.yml [rootcontrol ~]# kubeadm config images list --config init.yml
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.31.0
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.31.0
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.31.0
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.31.0
registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:v1.11.3
registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.10
registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.15-0
[rootcontrol ~]# kubeadm config images pull --config init.yml
在集群初始化时还是使用较早版本的pause:3.8 手动下载并修改镜像仓库标记即可。
拉取pause:3.8镜像 下面这条命令的作用等同于docker pull
[rootcontrol ~]# crictl -r unix:///var/run/containerd/containerd.sock pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8
Image is up to date for sha256:4873874c08efc72e9729683a83ffbb7502ee729e9a5ac097723806ea7fa13517
[rootcontrol ~]# ctr namespace list
NAME LABELS
k8s.io
改名这条命令的作用等于docker tag
[rootcontrol ~]# ctr --namespace k8s.io image tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8 registry.k8s.io/pause:3.8 registry.k8s.io/pause:3.8
查看所有containerd 可以使用的镜像
[rootcontrol ~]# crictl -r unix:///var/run/containerd/containerd.sock images registry.cn-hangzhou.aliyuncs.com/google_containers/coredns // k8S 集群内部的域名解析 registry.cn-hangzhou.aliyuncs.com/google_containers/etcd // 存储K8S集群的状态数据 registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver // K8S的调用接口 registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager // K8S 的控制器 registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy //工作节点代理 registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler // pod的调度 registry.cn-hangzhou.aliyuncs.com/google_containers/pause // K8S的基础设施 保证所有的节点都有以上列出的所有镜像后开始调整初始化配置并进行集群的初始化。 运行初始化命令只需要在控制节点上运行即可
[rootcontrol ~]# kubeadm init --config init.yml 初始化成功的输出如下图所示 集群内加入新节点的指令这个指令最好保存下来方便使用 保存控制节点的访问配置
[rootcontrol ~]# mkdir -p $HOME/.kube
[rootcontrol ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[rootcontrol ~]# chown $(id -u):$(id -g) $HOME/.kube/config
[rootcontrol ~]# kubectl get nodes //目前只有control节点
NAME STATUS ROLES AGE VERSION
control NotReady control-plane 2m45s v1.31.1
[rootcontrol ~]# echo kubeadm join 192.168.110.10:6443 --token abcdef.0123456789abcdef --discovery-token-ca-cert-hash sha256:6ca63b1e4c639dbb7b7222a2dc5cb2f0ccaaf57f159310be5810ea7006b6f388 .kube/node_join
// echo引号中的内容来自初始化输出直接复制即可每个人的值都不一样
检查目前集群状态
[rootcontrol ~]# kubectl get pods -o wide -A
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system coredns-fcd6c9c4-cvcvt 0/1 Pending 0 5m none none none none
kube-system coredns-fcd6c9c4-m9kxk 0/1 Pending 0 5m none none none none
kube-system etcd-control 1/1 Running 0 5m6s 192.168.110.10 control none none
kube-system kube-apiserver-control 1/1 Running 0 5m6s 192.168.110.10 control none none
kube-system kube-controller-manager-control 1/1 Running 0 5m6s 192.168.110.10 control none none
kube-system kube-proxy-c8cdj 1/1 Running 0 5m 192.168.110.10 control none none
kube-system kube-scheduler-control 1/1 Running 0 5m6s 192.168.110.10 control none none
// 有两个pod的状态不是running原因是没有设置集群需要的网络插件。在node1上执行加入集群的指令 在node2上执行加入集群的指令 //上面两张截图的命令并不完整
在控制节点查看集群节点状态 [rootcontrol ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION control NotReady control-plane 12m v1.31.1 node1 NotReady none 5m44s v1.31.1 node2 NotReady none 4m22s v1.31.1 需要为K8S集群设置网络插件才是完成了K8S集群的搭建搭建完成后还可以使用更多的网络插件结合不同项目的部署需要和实际组网需求。
3部署flannel网络插件
为K8S集群设置flannel网络网络插件以扁平化的网络管理模型实现K8S集群中pod的通信管理配置相当简单。
在控制节点配置完成
[rootcontrol ~]# wget https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
[rootcontrol ~]# grep image kube-flannel.ymlimage: docker.io/flannel/flannel:v0.25.6image: docker.io/flannel/flannel-cni-plugin:v1.5.1-flannel2image: docker.io/flannel/flannel:v0.25.6
[rootcontrol ~]# systemctl start docker
[rootcontrol ~]# systemctl is-enabled docker
disabled
[rootcontrol ~]# vim /etc/docker/daemon.json
{
registry-mirrors: [https://docker.registry.cyou,https://docker-cf.registry.cyou,https://dockercf.jsdelivr.fyi,https://docker.jsdelivr.fyi,https://dockertest.jsdelivr.fyi,https://mirror.aliyuncs.com,https://dockerproxy.com,https://mirror.baidubce.com,https://docker.m.daocloud.io,https://docker.nju.edu.cn,https://docker.mirrors.sjtug.sjtu.edu.cn,https://docker.mirrors.ustc.edu.cn,https://mirror.iscas.ac.cn,https://docker.rainbond.cc]
}
[rootcontrol ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 223.5.5.5
nameserver 8.8.8.8
[rootcontrol ~]# systemctl restart docker
[rootcontrol ~]# docker pull docker.io/flannel/flannel:v0.25.6
[rootcontrol ~]# docker pull docker.io/flannel/flannel-cni-plugin:v1.5.1-flannel2
# 导出镜像并同步给node1 node2然后导入到containerd的镜像仓库中使用ctr
[rootcontrol ~]# docker save -o flannel.tar flannel/flannel:v0.25.6
[rootcontrol ~]# docker save -o flannel-cni.tar flannel/flannel-cni-plugin
[rootcontrol ~]# rm -f flannel-cni.tar
[rootcontrol ~]# docker save -o flannel-cni.tar flannel/flannel-cni-plugin:v1.5.1-flannel2
[rootcontrol ~]# scp flannel.tar rootnode1:/root
The authenticity of host node1 (192.168.110.11) cant be established.
ED25519 key fingerprint is SHA256:84EopGSflyn0EP7RLvmnvaWPJCTe8G99eX4dF6XQzFk.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added node1 (ED25519) to the list of known hosts.
rootnode1s password:
flannel.tar 0% 0 0.0KB/s --:-- ETA^flannel.tar 100% 73MB 55.4MB/s 00:01
[rootcontrol ~]# scp flannel-cni.tar rootnode1:/root
rootnode1s password:
flannel-cni.tar 100% 10MB 47.4MB/s 00:00
[rootcontrol ~]# scp flannel.tar rootnode2:/root
The authenticity of host node2 (192.168.110.22) cant be established.
ED25519 key fingerprint is SHA256:84EopGSflyn0EP7RLvmnvaWPJCTe8G99eX4dF6XQzFk.
This host key is known by the following other names/addresses:~/.ssh/known_hosts:1: node1
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added node2 (ED25519) to the list of known hosts.
rootnode2s password:
flannel.tar 0% 0 0.0KB/s --:-- ETA^flannel.tar 100% 73MB 51.3MB/s 00:01
[rootcontrol ~]# scp flannel-cni.tar rootnode2:/root
rootnode2s password:
flannel-cni.tar 100% 10MB 45.4M
导入镜像
[rootcontrol ~]# ctr --namespace k8s.io image import flannel.tar
unpacking docker.io/flannel/flannel:v0.25.6 (sha256:9450e8226798aa6b2170093618cf20440bce427d4999d9cfe6f43beaab0dd921)...done
[rootcontrol ~]# ctr --namespace k8s.io image import flannel-cni.tar
unpacking docker.io/flannel/flannel-cni-plugin:v1.5.1-flannel2 (sha256:e6e3646e3663e11d1b129f77f49f58a589c633833130c6c8f30bc0c0e7df4e0c)...done
[rootcontrol ~]# crictl -r unix:///var/run/containerd/containerd.sock images
IMAGE TAG IMAGE ID SIZE
docker.io/flannel/flannel-cni-plugin v1.5.1-flannel2 962fd97b50f9c 10.9MB
docker.io/flannel/flannel v0.25.6 f7b837852a098 76.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/coredns v1.11.3 c69fa2e9cbf5f 18.6MB
registry.cn-hangzhou.aliyuncs.com/google_containers/etcd 3.5.15-0 2e96e5913fc06 56.9MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver v1.31.0 604f5db92eaa8 28.1MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager v1.31.0 045733566833c 26.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy v1.31.0 ad83b2ca7b09e 30.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler v1.31.0 1766f54c897f0 20.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.10 873ed75102791 320kB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.8 4873874c08efc 311kB
registry.k8s.io/pause 3.8 4873874c08efc 311kB
node1:
[rootnode1 ~]# ctr --namespace k8s.io image import flannel.tar
unpacking docker.io/flannel/flannel:v0.25.6 (sha256:9450e8226798aa6b2170093618cf20440bce427d4999d9cfe6f43beaab0dd921)...done
[rootnode1 ~]# ctr --namespace k8s.io image import flannel-cni.tar
unpacking docker.io/flannel/flannel-cni-plugin:v1.5.1-flannel2 (sha256:e6e3646e3663e11d1b129f77f49f58a589c633833130c6c8f30bc0c0e7df4e0c)...done
[rootnode1 ~]# crictl -r unix:///var/run/containerd/containerd.sock images
IMAGE TAG IMAGE ID SIZE
docker.io/flannel/flannel-cni-plugin v1.5.1-flannel2 962fd97b50f9c 10.9MB
docker.io/flannel/flannel v0.25.6 f7b837852a098 76.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/coredns v1.11.3 c69fa2e9cbf5f 18.6MB
registry.cn-hangzhou.aliyuncs.com/google_containers/etcd 3.5.15-0 2e96e5913fc06 56.9MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver v1.31.0 604f5db92eaa8 28.1MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager v1.31.0 045733566833c 26.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy v1.31.0 ad83b2ca7b09e 30.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler v1.31.0 1766f54c897f0 20.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.10 873ed75102791 320kB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.8 4873874c08efc 311kB
registry.k8s.io/pause 3.8 4873874c08efc 311kB
node1
node1:
[rootnode1 ~]# ctr --namespace k8s.io image import flannel.tar
unpacking docker.io/flannel/flannel:v0.25.6 (sha256:9450e8226798aa6b2170093618cf20440bce427d4999d9cfe6f43beaab0dd921)...done
[rootnode1 ~]# ctr --namespace k8s.io image import flannel-cni.tar
unpacking docker.io/flannel/flannel-cni-plugin:v1.5.1-flannel2 (sha256:e6e3646e3663e11d1b129f77f49f58a589c633833130c6c8f30bc0c0e7df4e0c)...done
[rootnode1 ~]# crictl -r unix:///var/run/containerd/containerd.sock images
IMAGE TAG IMAGE ID SIZE
docker.io/flannel/flannel-cni-plugin v1.5.1-flannel2 962fd97b50f9c 10.9MB
docker.io/flannel/flannel v0.25.6 f7b837852a098 76.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/coredns v1.11.3 c69fa2e9cbf5f 18.6MB
registry.cn-hangzhou.aliyuncs.com/google_containers/etcd 3.5.15-0 2e96e5913fc06 56.9MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver v1.31.0 604f5db92eaa8 28.1MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager v1.31.0 045733566833c 26.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy v1.31.0 ad83b2ca7b09e 30.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler v1.31.0 1766f54c897f0 20.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.10 873ed75102791 320kB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.8 4873874c08efc 311kB
registry.k8s.io/pause 3.8 4873874c08efc 311kB
node2
[rootnode2 ~]# ctr --namespace k8s.io image import flannel.tar
unpacking docker.io/flannel/flannel:v0.25.6 (sha256:9450e8226798aa6b2170093618cf20440bce427d4999d9cfe6f43beaab0dd921)...done
[rootnode2 ~]# ctr --namespace k8s.io image import flannel-cni.tar
unpacking docker.io/flannel/flannel-cni-plugin:v1.5.1-flannel2 (sha256:e6e3646e3663e11d1b129f77f49f58a589c633833130c6c8f30bc0c0e7df4e0c)...done
control 节点
[rootcontrol ~]# kubectl apply -f kube-flannel.yml
namespace/kube-flannel created
serviceaccount/flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created此时检查K8S集群的核心组件以及节点的状态均显示健康。
此时检查K8S集群的核心组件以及节点的状态均显示健康。
[rootcontrol ~]# kubectl get pods -o wide -A
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-flannel kube-flannel-ds-9fgml 1/1 Running 0 24s 192.168.110.10 control none none
kube-flannel kube-flannel-ds-ghwbq 1/1 Running 0 24s 192.168.110.22 node2 none none
kube-flannel kube-flannel-ds-mkm4r 1/1 Running 0 24s 192.168.110.11 node1 none none
kube-system coredns-fcd6c9c4-cvcvt 1/1 Running 0 33m 10.244.1.2 node1 none none
kube-system coredns-fcd6c9c4-m9kxk 1/1 Running 0 33m 10.244.1.3 node1 none none
kube-system etcd-control 1/1 Running 0 33m 192.168.110.10 control none none
kube-system kube-apiserver-control 1/1 Running 0 33m 192.168.110.10 control none none
kube-system kube-controller-manager-control 1/1 Running 0 33m 192.168.110.10 control none none
kube-system kube-proxy-54j4f 1/1 Running 0 27m 192.168.110.11 node1 none none
kube-system kube-proxy-c8cdj 1/1 Running 0 33m 192.168.110.10 control none none
kube-system kube-proxy-v7td8 1/1 Running 0 26m 192.168.110.22 node2 none none
kube-system kube-scheduler-control 1/1 Running 0 33m 192.168.110.10 control none none
[rootcontrol ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
control Ready control-plane 34m v1.31.1
node1 Ready none 27m v1.31.1
node2 Ready none 26m v1.31.1
至此K8S集群部署完成。 作为一个较为复杂的平台搭建生产环境下搭建时可以选择对应的自动化组件完成搭建简化集群维护和扩展的操作复杂度。
使用K8S集调度运行pod。
[rootcontrol ~]# vim my_nginx.yml
[rootcontrol ~]# cat my_nginx.yml
apiVersion: apps/v1
kind: Deployment
metadata:name: my-nginx // 资源名称
spec:selector:matchLabels:run: my-nginxreplicas: 2 // 调度两个podtemplate:metadata:labels:run: my-nginxspec:containers:- name: my-nginximage: nginx // 镜像imagePullPolicy: IfNotPresent // 镜像不存在的时候进行拉取ports:- containerPort: 80 // 容器内开放80端口访问[rootcontrol ~]# docker pull nginx // 等待缓慢下载完毕
[rootcontrol ~]# docker images nginx
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 39286ab8a5e1 5 weeks ago 188MB
[rootcontrol ~]# docker save -o nginx.tar nginx:latest
[rootcontrol ~]# scp nginx.tar rootnode1:/root
rootnode1s password:
nginx.tar 100% 183MB 77.2MB/s 00:02
[rootcontrol ~]# scp nginx.tar rootnode2:/root
rootnode2s password:
nginx.tar
在node1 和node2 执行镜像导入操作应用容器一般都会调度到work节点所以要保证work节点上有nginx镜像。
[rootnode1 ~]# ctr -n k8s.io image import nginx.tar
unpacking docker.io/library/nginx:latest (sha256:006a20213cb7f7d8edfadffd6791139d25283f590c5066e3fcd803e61a9c0b74)...done
[rootnode1 ~]# crictl -r unix:///var/run/containerd/containerd.sock images
IMAGE TAG IMAGE ID SIZE
docker.io/flannel/flannel-cni-plugin v1.5.1-flannel2 962fd97b50f9c 10.9MB
docker.io/flannel/flannel v0.25.6 f7b837852a098 76.2MB
docker.io/library/nginx latest 39286ab8a5e14 192MB
registry.cn-hangzhou.aliyuncs.com/google_containers/coredns v1.11.3 c69fa2e9cbf5f 18.6MB
registry.cn-hangzhou.aliyuncs.com/google_containers/etcd 3.5.15-0 2e96e5913fc06 56.9MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver v1.31.0 604f5db92eaa8 28.1MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager v1.31.0 045733566833c 26.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy v1.31.0 ad83b2ca7b09e 30.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler v1.31.0 1766f54c897f0 20.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.10 873ed75102791 320kB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.8 4873874c08efc 311kB
registry.k8s.io/pause 3.8 4873874c08efc 311kB[rootnode2 ~]# ctr -n k8s.io image import nginx.tar
unpacking docker.io/library/nginx:latest (sha256:006a20213cb7f7d8edfadffd6791139d25283f590c5066e3fcd803e61a9c0b74)...done
[rootnode2 ~]# crictl -r unix:///var/run/containerd/containerd.sock images
IMAGE TAG IMAGE ID SIZE
docker.io/flannel/flannel-cni-plugin v1.5.1-flannel2 962fd97b50f9c 10.9MB
docker.io/flannel/flannel v0.25.6 f7b837852a098 76.2MB
docker.io/library/nginx latest 39286ab8a5e14 192MB
registry.cn-hangzhou.aliyuncs.com/google_containers/coredns v1.11.3 c69fa2e9cbf5f 18.6MB
registry.cn-hangzhou.aliyuncs.com/google_containers/etcd 3.5.15-0 2e96e5913fc06 56.9MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver v1.31.0 604f5db92eaa8 28.1MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager v1.31.0 045733566833c 26.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy v1.31.0 ad83b2ca7b09e 30.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler v1.31.0 1766f54c897f0 20.2MB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.10 873ed75102791 320kB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.8 4873874c08efc 311kB
registry.k8s.io/pause 3.8 4873874c08efc 311kB
在工作节点上导入完毕镜像就可以回到控制节点上进行应用的调度。
[rootcontrol ~]# kubectl apply -f my_nginx.yml
deployment.apps/my-nginx created
[rootcontrol ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
my-nginx-7549dd6888-lhnr6 1/1 Running 0 7s
my-nginx-7549dd6888-z84x4 1/1 Running 0 7s
// 查看pod分到的IP地址并尝试访问运行在pod中的nginx服务
[rootcontrol ~]# kubectl get pods -l runmy-nginx -o custom-columnsPOD_IP:.status.podIPs
POD_IP
[map[ip:10.244.2.6]]
[map[ip:10.244.1.8]]
[rootcontrol ~]# curl 10.244.2.6
# 访问可以成功 省略输出
[rootcontrol ~]# curl 10.244.1.8
# 访问成功省略输出
或者在控制节点上打开火狐浏览器进行访问 [rootcontrol ~]# kubectl get pods -o wide // 两个pod 一个在node1 一个在node2 NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES my-nginx-7549dd6888-lhnr6 1/1 Running 0 2m32s 10.244.2.6 node2 none none my-nginx-7549dd6888-z84x4 1/1 Running 0 2m32s 10.244.1.8 node1 none none
