devops1--k8s安装
https://blog.csdn.net/qq_29274865/article/details/108437726https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/?spm=a2c6h.12873639.0.0.4e9e5cb0ph0Om9k8s学习:https://www.bilibili.com/
https://blog.csdn.net/qq_29274865/article/details/108437726
https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/?spm=a2c6h.12873639.0.0.4e9e5cb0ph0Om9
k8s学习:https://www.bilibili.com/video/BV1r54y147Zx/?spm_id_from=333.788.recommend_more_video.1
k8s安装步骤:
cat < /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf
cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
[root@master ~]# yum install docker-ce-19.03.8
[root@centos7 app]# systemctl start docker
[root@centos7 app]# systemctl enable docker
[root@master ~]# yum install kubelet-1.18.2 kubeadm-1.18.2 kubectl-1.18.2
kubeadm init
–apiserver-advertise-address=10.14.0.63
–image-repository registry.aliyuncs.com/google_containers
–kubernetes-version=v1.18.2
–service-cidr=10.10.0.0/16
–pod-network-cidr=10.244.0.0/16
kubeadm init --kubernetes-version=v1.18.2
–apiserver-advertise-address=10.14.0.63
–image-repository registry.aliyuncs.com/google_containers
–service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16
kubeadm join 10.14.0.63:6443 --token 762knt.rxezzhoumt0xe7rx
–discovery-token-ca-cert-hash sha256:ec1ffb789b848f392f2f799dd4f969886582e56cf5ce6b3430f4f03e616c1001
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/2140ac876ef134e0ed5af15c65e414cf26827915/Documentation/kube-flannel.yml
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
2、Jenkins在k8s上跑
地址:10.14.0.67:31892
sed -i ‘s/http://updates.jenkins-ci.org/download/https://mirrors.tuna.tsinghua.edu.cn/jenkins/g’ default.json && sed -i ‘s/http://www.google.com/https://www.baidu.com/g’ default.json
3、修改vim /etc/kubernetes/manifests/kube-apiserver.yaml
- --feature-gates=RemoveSelfLink=false
新建:kubectl apply -f /etc/kubernetes/manifests/kube-apiserver.yaml
kubectl exec -ti jenkins-78994c874-h7hkh -n jenkins – /bin/sh
yum remove docker-ce.x86_64
yum remove containerd.io.x86_64
yum remove docker-ce-cli.x86_64
yum remove docker-ce-rootless-extras.x86_64
15、CNI(容器网络接口):
概念:CNI用于链接容器管理系统和网络插件,从容器管理系统获取运行时信息,并对namespace中的interface进行IP和路由的配置,将这些信息交给网络插件处理,处理完后,再交给容器管理系统中。
16、coreDNS:
概念:Kubernetes一般基于Service Name访问服务, CoreDNS就负责把Service Name解析成Cluster IP
测试:kubectl run -it --rm --restart=Never --image=infoblox/dnstools:latest dnstools
nslookup kubernetes
节点主机:dig @10.1.0.10 +short kubernetes.default.svc.cluster.local
查看:
kubectl get pods -n kube-system
kubectl get rs -n kube-system
kubectl get deployment -n kube-system
删除:kubectl delete deployment coredns -n kube-system
查看:kubectl get rs -n kube-system
删除pod:kubectl delete pod coredns-6ccb5d565f-svjh4 -n kube-system
强制删除:kubectl delete pod busybox --grace-period=0 --force -n kube-system
设置dns的IP:./deploy.sh -i 10.1.0.10 -d cluster.local. > dns.yaml
测试:dig @10.1.0.10 kubernetes.default.svc.cluster.local
详细:kubectl describe pod kube-flannel-ds-amd64-698r8 -n kube-system
kubectl logs -f kube-flannel-ds-amd64-698r8
dns位置:cat /etc/resolv.conf
容器测试:docker exec -it c0e515f656bf /bin/sh
17、flannel网络或节点重新加入到集群
删除网卡
kubeadm reset
ifconfig cni0 down
ip link delete cni0
ifconfig flannel.1 down
ip link delete flannel.1
rm -rf /var/lib/cni/
18、节点加入集群生成token
生成:
kubeadm token create
列出token:
kubeadm token list | awk -F" " ‘{print $1}’ |tail -n 1
获取hash值:
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed ‘s/^ .* //’
加入集群:
kubeadm join 192.168.40.8:6443 --token token填这里 --discovery-token-ca-cert-hash sha256:哈希值填这里
生成token和hash值:
kubeadm token create --print-join-command
19、安装k8s
journalctl -xefu kubelet
systemctl daemon-reload #重新加载service服务
20、面板登陆生成token
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk ‘{print $1}’)
token:
eyJhbGciOiJSUzI1NiIsImtpZCI6InpQYXVLT3NMMzdaWHBETkxhRDdJNU9IOFlVM1M0SVhhMTRyOTZkOUVDRW8ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWtyZHpuIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI4MzIxNmY5OS04OTg2LTQ4MTMtYWQ4Yi05OTkwY2QxMDQ3MGYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.dl4Jgbc6xfzTEEHmID75txrahGBYmB239YwNsnaUiWc-j5H9XPvWG2JfVovYkVZzc48VaCv8212BYK1J80cfQMIPZh_TOZkEJK2MISmA15i5fde-EcpqnPUK1YCZqfss2jRZpqiNwfTTaCY_v32aIJK_zKeSUKbvWdsOqfl6Ka-eoPdYzevPMT2ab7vJkcepAlfw3lzhjv6_jSxjkC28UQWbJIjdtxeWjJYoekER1-wkVGe_h7aTxcEhcO1pynTbhqofqmcnlwun0XhSVt9NfIlZXn966tYECWg5WTAnL6YWKk_7BNGpEUwo3_vrDmvb2JfOvCu67LV78edZtH698w
更多推荐
所有评论(0)