#Kubernetes# QCloud上的Kubernetes初体验
DevOps
8 minutes read (About 1232 words) 0 visits

#Kubernetes# QCloud上的Kubernetes初体验

QCloud上利用Kubernetes编排应用与服务,主要分为以下四个部分

  • 环境准备 Environment
  • 疑难解决 FAQ
  • 具体案例 Cases
  • 参考文献 References

目录 Table of Contents

环境准备 Environment

更新系统源和软件包

1
2
apt-get upgrade
apt-get update

修改Docker配置

1
2
3
4
5
6
7
8
9
10
# 编辑docker配置
vim /etc/docker/daemon.json

{
  "exe-opts": ["native.cgroupdriver=systemd"], # 修改cgroup driver选项,使docker和k8s一致
  "registry-mirrors": ["https://registry.docker-cn.com"] # 替换成国内镜像源
}

# 重启docker服务
service docker restart 或 systemctl restart docker

安装Kubernetes工具

1
2
3
4
5
6
7
8
9
# 安装依赖工具
apt-get install -y apt-transport-https

# 获取阿里云镜像源密钥
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
echo "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list

# 安装k8s工具
apt-get install -y kubelet kubeadm kubectl

下载Kubernetes镜像

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# 查看所需镜像列表
kubeadm config images list

# 编辑下载镜像文件
vim pull_k8s_images.sh

# 从国内镜像源中下载镜像并替换标签
for i in  `kubeadm config images list`;  do
    imageName=${i#k8s.gcr.io/}
    if [ $imageName != "coredns/coredns:v1.8.0" ]
    then
        docker pull registry.aliyuncs.com/google_containers/$imageName
        docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
        docker rmi registry.aliyuncs.com/google_containers/$imageName
    else
        docker pull coredns/coredns:1.8.0
        docker tag coredns/coredns:1.8.0 k8s.gcr.io/$imageName
        docker rmi coredns/coredns:1.8.0
    fi
done;

初始化Kubernetes主节点

1
2
3
kubeadm init \
--service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16 # 设置网络信息
--ignore-preflight-errors=NumCPU # 允许单核运行

应用Kubernetes配置

1
2
3
4
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
export KUBECONFIG=/etc/kubernetes/admin.conf

下载Kubernetes网络插件

1
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

允许主节点部署

1
kubectl taint nodes --all node-role.kubernetes.io/master-

允许命令行补全

1
2
apt install bash-completion
echo "source <(kubectl completion bash)" >> ~/.bashrc

查看是否部署成功

1
2
kubectl get nodes
kubectl get pods -n kube-system

疑难解决 FAQ

Docker重启服务出现异常

1
2
3
4
5
6
7
8
9
10
11
# 查看日志定位原因
service docker status 或 systemctl status docker

# 是因为/var/run/docker.sock出错了
level=fatal msg="can't create unix socket /var/run/docker.sock: is a directory"

# 删除/var/run/docker.sock文件
rm -rf /var/run/docker.sock

# 重启docker服务
service docker restart 或 systemctl restart docker

Kubernetes忘记加入集群命令

1
2
3
4
5
# 提示的命令
kubeadm join ${ip} --token ${token} --discovery-token-ca-cert-hash ${discovery-token-ca-cert-hash}

# 找回的命令
kubeadm token create --print-join-command

x509: certificate signed by unknown authority

1
2
3
4
5
# 重装后.kube/config变化了,重新应用配置
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
export KUBECONFIG=/etc/kubernetes/admin.conf

Docker容器连接本机MySQL/Redis

Bridge模式

1
2
3
4
5
6
7
# 查看docker容器网络模式
docker inspect ${container_id} | grep -i "network"

# 默认为bridge的模式
"NetworkMode": "bridge"

# 此时localhost仅仅指的是容器自身地址,应使用主机的内网地址

Host模式

1
2
3
4
# 以host的模式启动docker容器
docker run -d --network=host ${registry}:${tag}

# 此时localhost同时代表了容器和主机的地址

Xshell外网远程访问MySQL/Redis

修改 MySQL/Redis 配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# 编辑mysql配置
vim /etc/mysql/my.cnf

# 监听所有网段
[mysqld]
bind-address=0.0.0.0

# 修改远程登录权限
mysql -u root -p
mysql> use mysql;
mysql> update user set host='%' where user='root';

# 重启mysql服务使其重新生效
mysqld --defaults-file=/etc/mysql/my.cnf
service mysql restart 或 systemctl restart mysql

# 编辑redis配置
vim /etc/redis/redis.conf

# 监听所有网段
bind 0.0.0.0

# 重启redis-server服务使其重新生效
redis-server /etc/redis/redis.conf
service redis-server restart 或 systemctl restart redis-server

修改腾讯云服务器安全组规则

1
2
3
# 允许所有网段访问3306和6379这两个端口
0.0.0.0/0 TCP:3306,6379 Allow # ipv4放行
::/0 TCP:3306,6379 Allow # ipv6放行

具体案例 Cases

交叉编译与镜像构建

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# set go env
export GO111MODULE=auto
export GOPROXY=https://goproxy.io,direct
go mod tidy

# build binary executable
mkdir -p ./bin
GOOS=linux GOARCH=amd64 go build -o ./bin/giotto_gateway_core

# Dockerfile
FROM golang
MAINTAINER LotteWong <lottewong21@gmail.com>

WORKDIR /go/src/app
COPY . .

CMD ./bin/giotto_gateway_core -config ./configs/prod/

# docker build
commit=`git rev-parse --short HEAD`
docker build -f ./ci/docker/Dockerfile -t giotto-gateway-core:$commit .

容器部署与容器编排

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# deploy config
apiVersion: apps/v1
kind: Deployment
metadata:
  name: giotto-gateway-core
spec:
  replicas: 3
  selector:
    matchLabels:
      name: giotto-gateway-core
  template:
    metadata:
      labels:
        name: giotto-gateway-core
    spec:
      containers:
        - name: giotto-gateway-core
          image: giotto-gateway-core:d1785da
          imagePullPolicy: Never
          ports:
            - containerPort: 80
            - containerPort: 443
---
# service config
apiVersion: v1
kind: Service
metadata:
  name: giotto-gateway-core
spec:
  ports:
    - port: 80
      name: "http-proxy"
      targetPort: 80
      protocol: TCP
      nodePort: 30080
    - port: 443
      name: "https-proxy"
      targetPort: 443
      protocol: TCP
      nodePort: 30443
  type: NodePort
  selector:
    name: giotto-gateway-core
    
# kubectl create
kubectl create -f ./ci/k8s/core.yaml

参考资料 References

  1. 在 Ubuntu 上安装 K8S 教程
  2. ubuntu k8s 单节点快速安装
  3. docker服务启动失败
  4. K8S在kubeadm init以后查询kubeadm join
  5. x509 certificate signed by unknown authority- Kubernetes
  6. Docker的四种网络模式Bridge模式
  7. mysql 远程连接数据库的二种方法
  8. 解决mysql不用密码也能登录
# Kubernetes, Linux
#Vim# 思维导图:Vim 编辑器
#Microservice# 微服务API网关的设计与实现(6) 系统测试

Comments

Follow

Categories

Archives

Recent

Tag Cloud

Concurrency Docker Fiddler Gin Git GitHub Pages Go-Micro GoConvey GoMock GoMonkey Golang Gorm Grpc Hexo JavaScript Kubernetes Linux Microservice Mock MongoDB Newman Postman Programming Paradigm PromQL Pytest Redis SQL Shell Swagger TypeScript Vim WSL

Tags

Concurrency 6
Docker 3
Fiddler 1
Gin 3
Git 1
GitHub Pages 1
Go-Micro 1
GoConvey 1
GoMock 1
GoMonkey 1
Golang 19
Gorm 1
Grpc 1
Hexo 1
JavaScript 1
Kubernetes 3
Linux 8
Microservice 12
Mock 3
MongoDB 1
Newman 1
Postman 1
Programming Paradigm 2
PromQL 1
Pytest 1
Redis 1
SQL 1
Shell 3
Swagger 1
TypeScript 1
Vim 1
WSL 4

Links

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×