Python 3 快速入门 3 —— 模块与
267 2023-04-03 04:23:13
1、k3s是一个轻量级的 Kubernetes 发行版,它针对边缘计算、物联网等场景进行了高度优化。我们希望安装的 Kubernetes 在内存占用方面只是一半的大小。Kubernetes 是一个 10 个字母的单词,简写为 k8s。所以,有 Kubernetes 一半大的东西就是一个 5 个字母的单词,简写为 k3s。k3s 没有全称,也没有官方的发音。
3、环境规划
# 关闭防火墙systemctl stop firewalld# 开机禁用systemctl disable firewalld# 检查状态firewall-cmd --state
4、注意:每台计算机必须具有唯一的主机名。如果您的计算机没有唯一的主机名,请传递K3S_NODE_NAME环境变量,并为每个节点提供一个有效且唯一的主机名。
1、server节点安装
export INSTALL_K3S_VERSION=v1.21.5+k3s2export K3S_NODE_NAME=k3s-masterexport INSTALL_K3S_EXEC="--docker --write-kubeconfig ~/.kube/config --cluster-cidr 10.72.0.0/16 --service-cidr 10.73.0.0/16 --write-kubeconfig-mode 666"# 高可用(配置外部sql,第二个server节点需要配置K3S_TOKEN)# export K3S_TOKEN=server1的token# export INSTALL_K3S_EXEC="--docker --datastore-endpoint=mysql://root:123456@tcp(192.168.3.13:6008)/k3s --write-kubeconfig ~/.kube/config --cluster-cidr 10.72.0.0/16 --service-cidr 10.73.0.0/16 --write-kubeconfig-mode 666"curl -sfL http://rancher-mirror.cnrancher.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh -
2、agent节点安装
cat /var/lib/rancher/k3s/server/node-token
export INSTALL_K3S_VERSION=v1.21.5+k3s2export K3S_NODE_NAME=k3s-node1export INSTALL_K3S_EXEC="--docker --write-kubeconfig ~/.kube/config --cluster-cidr 10.72.0.0/16 --service-cidr 10.73.0.0/16 --write-kubeconfig-mode 666"curl -sfL http://rancher-mirror.cnrancher.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn K3S_URL=https://192.168.3.17:6443 K3S_TOKEN=server1的token sh -
1、server节点安装
cd /usr/local/bin# 下载k3s-airgap-images-amd64.tarwget http://rancher-mirror.cnrancher.com/k3s/v1.21.5-k3s2/k3s-airgap-images-amd64.tar# 下载k3s可执行文件wget http://rancher-mirror.cnrancher.com/k3s/v1.21.5-k3s2/k3s# 下载安装脚本wget http://rancher-mirror.cnrancher.com/k3s/k3s-install.sh# 设置权限chmod +x k3s-install.sh k3s
# 跳过二进制文件下载export INSTALL_K3S_SKIP_DOWNLOAD=true# 修改节点名称export K3S_NODE_NAME=k3s-master# 配置额外参数export INSTALL_K3S_EXEC="--docker --write-kubeconfig ~/.kube/config --cluster-cidr 10.72.0.0/16 --service-cidr 10.73.0.0/16 --write-kubeconfig-mode 666"# 高可用(配置外部sql,第二个server节点需要配置K3S_TOKEN)# export K3S_TOKEN=server1的token# export INSTALL_K3S_EXEC="--docker --datastore-endpoint=mysql://root:123456@tcp(192.168.3.13:6008)/k3s --write-kubeconfig ~/.kube/config --cluster-cidr 10.72.0.0/16 --service-cidr 10.73.0.0/16 --write-kubeconfig-mode 666"# 执行安装脚本./k3s-install.sh
2、agent节点安装
cat /var/lib/rancher/k3s/server/node-token
cd /usr/local/bin# 下载k3s-airgap-images-amd64.tarwget http://rancher-mirror.cnrancher.com/k3s/v1.21.5-k3s2/k3s-airgap-images-amd64.tar# 下载k3s可执行文件wget http://rancher-mirror.cnrancher.com/k3s/v1.21.5-k3s2/k3s# 下载安装脚本wget http://rancher-mirror.cnrancher.com/k3s/k3s-install.sh# 设置权限chmod +x k3s-install.sh k3s
# 跳过二进制文件下载export INSTALL_K3S_SKIP_DOWNLOAD=true# 修改节点名称export K3S_NODE_NAME=k3s-node1# 配置server节点信息,token来自server节点export K3S_URL=https://192.168.3.17:6443export K3S_TOKEN=server1的token# 配置额外参数export INSTALL_K3S_EXEC="--docker --write-kubeconfig ~/.kube/config --cluster-cidr 10.72.0.0/16 --service-cidr 10.73.0.0/16 --write-kubeconfig-mode 666"# 执行安装脚本./k3s-install.sh
1、一个 K3s HA 集群由以下几个部分组成:
2、指定mysql数据库
3、server节点修改
# 配置数据库信息export INSTALL_K3S_EXEC="--docker --datastore-endpoint=mysql://root:123456@tcp(192.168.3.13:6008)/k3s --write-kubeconfig ~/.kube/config --write-kubeconfig-mode 666"
export K3S_TOKEN=server1的token
4、agent节点不做任何修改
在Docker中可以通过配置registry-mirrors来实现从其他镜像仓库中获取K3s镜像。这样配置之后,会先从registry-mirrors配置的地址拉取镜像,如果获取不到才会从默认的docker.io获取镜像,从而满足了我们的需求
vim /etc/docker/daemon.json
{ "insecure-registries":["192.168.3.12:6007"]}
systemctl daemon-reloadsystemctl restart docker
1、kuboard仪表盘(推荐)
官网地址:https://www.kuboard.cn/
安装
kubectl apply -f https://kuboard.cn/install-script/kuboard.yaml
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}')
kubectl delete -f https://kuboard.cn/install-script/kuboard.yaml
2、Kubernetes Dashboard仪表盘
apiVersion: v1kind: Namespacemetadata: name: kubernetes-dashboard---apiVersion: v1kind: ServiceAccountmetadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard---apiVersion: v1kind: ServiceAccountmetadata: name: dashboard-admin namespace: kubernetes-dashboard---kind: ServiceapiVersion: v1metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboardspec: type: NodePort ports: - port: 443 targetPort: 8443 nodePort: 30002 selector: k8s-app: kubernetes-dashboard---apiVersion: v1kind: Secretmetadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard-certs namespace: kubernetes-dashboardtype: Opaque---apiVersion: v1kind: Secretmetadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard-csrf namespace: kubernetes-dashboardtype: Opaquedata: csrf: ""---apiVersion: v1kind: Secretmetadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard-key-holder namespace: kubernetes-dashboardtype: Opaque---kind: ConfigMapapiVersion: v1metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard-settings namespace: kubernetes-dashboard---kind: RoleapiVersion: rbac.authorization.k8s.io/v1metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboardrules: - apiGroups: [""] resources: ["secrets"] resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"] verbs: ["get", "update", "delete"] - apiGroups: [""] resources: ["configmaps"] resourceNames: ["kubernetes-dashboard-settings"] verbs: ["get", "update"] - apiGroups: [""] resources: ["services"] resourceNames: ["heapster", "dashboard-metrics-scraper"] verbs: ["proxy"] - apiGroups: [""] resources: ["services/proxy"] resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"] verbs: ["get"]---kind: ClusterRoleapiVersion: rbac.authorization.k8s.io/v1metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboardrules: - apiGroups: ["metrics.k8s.io"] resources: ["pods", "nodes"] verbs: ["get", "list", "watch"]---apiVersion: rbac.authorization.k8s.io/v1kind: RoleBindingmetadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboardroleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: kubernetes-dashboardsubjects: - kind: ServiceAccount name: kubernetes-dashboard namespace: kubernetes-dashboard---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: name: kubernetes-dashboardroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: kubernetes-dashboardsubjects: - kind: ServiceAccount name: kubernetes-dashboard namespace: kubernetes-dashboard---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: name: dashboard-adminroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-adminsubjects: - kind: ServiceAccount name: dashboard-admin namespace: kubernetes-dashboard---kind: DeploymentapiVersion: apps/v1metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboardspec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: k8s-app: kubernetes-dashboard template: metadata: labels: k8s-app: kubernetes-dashboard spec: containers: - name: kubernetes-dashboard image: kubernetesui/dashboard:v2.4.0 imagePullPolicy: Always ports: - containerPort: 8443 protocol: TCP args: - --auto-generate-certificates - --namespace=kubernetes-dashboard volumeMounts: - name: kubernetes-dashboard-certs mountPath: /certs - mountPath: /tmp name: tmp-volume livenessProbe: httpGet: scheme: HTTPS path: / port: 8443 initialDelaySeconds: 30 timeoutSeconds: 30 securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true runAsUser: 1001 runAsGroup: 2001 volumes: - name: kubernetes-dashboard-certs secret: secretName: kubernetes-dashboard-certs - name: tmp-volume emptyDir: {} serviceAccountName: kubernetes-dashboard nodeSelector: "kubernetes.io/os": linux tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule---kind: ServiceapiVersion: v1metadata: labels: k8s-app: dashboard-metrics-scraper name: dashboard-metrics-scraper namespace: kubernetes-dashboardspec: ports: - port: 8000 targetPort: 8000 selector: k8s-app: dashboard-metrics-scraper---kind: DeploymentapiVersion: apps/v1metadata: labels: k8s-app: dashboard-metrics-scraper name: dashboard-metrics-scraper namespace: kubernetes-dashboardspec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: k8s-app: dashboard-metrics-scraper template: metadata: labels: k8s-app: dashboard-metrics-scraper spec: securityContext: seccompProfile: type: RuntimeDefault containers: - name: dashboard-metrics-scraper image: kubernetesui/metrics-scraper:v1.0.7 ports: - containerPort: 8000 protocol: TCP livenessProbe: httpGet: scheme: HTTP path: / port: 8000 initialDelaySeconds: 30 timeoutSeconds: 30 volumeMounts: - mountPath: /tmp name: tmp-volume securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true runAsUser: 1001 runAsGroup: 2001 serviceAccountName: kubernetes-dashboard nodeSelector: "kubernetes.io/os": linux tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule volumes: - name: tmp-volume emptyDir: {}
kubectl apply -f kubernetes-dashboard.yaml
kubectl -n kubernetes-dashboard describe secret dashboard-admin-token | grep '^token'
kubectl delete -f kubernetes-dashboard.yaml
1、node节点操作
kubectl get node或kubectl get node -o wide
kubectl delete node node1
kubectl label node ${node} node-role.kubernetes.io/worker=worker
2、命名空间操作
kubectl get namespace或kubectl get ns
kubectl create namespace test
kubectl delete namespaces test
3、pod/deployment/service共有(get)
4、pod操作
kubectl get pod或kubectl get pods
kubectl describe pod springboot-demo-dept-6568749656-cztl4 --namespace default
kubectl delete pod pod1
5、controller操作
kubectl get deployment或kubectl get deployment.apps或kubectl get deploy
kubectl get replicaset或kubectl get replicaset.apps
kubectl describe deployment springboot-demo-dept --namespace default
kubectl delete deployment nginx-app
6、service操作
kubectl get service或kubectl get svc
kubectl describe service springboot-demo-svc --namespace default
kubectl delete service nginx-app1
7、显示top资源
kubectl top node
kubectl top pod --all-namespaces
8、查看pod日志
# 实时日志kubectl logs -f pod-name -n pod-namespacekubectl logs --tail 200 -f pod-name -n pod-namespace# 前200条日志kubectl logs --tail 200 pod-name -n pod-namespace
9、其它操作
k3s
kubectl --help
kubectl apply -f xxx.yaml
kubectl delete -f xxx.yaml
systemctl status k3s
systemctl restart k3s
# server节点卸载/usr/local/bin/k3s-uninstall.sh# agent节点卸载/usr/local/bin/k3s-agent-uninstall.sh
1、k3s/k83学习有一定门槛,通过入门教程能够快速掌握基础知识,推荐大家学习
博客园文章:https://www.cnblogs.com/lvlinguang/p/15682696.html
视频教程,百度网盘
链接:https://pan.baidu.com/s/101YH_l0DthYLvMX-5a69qA 提取码:3faf