原生Kubernetes容器云平台应用部署与运维

IP 主机名 节点
192.168.117.14 master master节点
192.168.117.15 node node节点
192.168.117.16 node2 新增节点

环境准备(所有节点)

  1. 配置主机映射
[root@master ~]# vim /etc/hosts
192.168.117.14  master
192.168.117.15  node
192.168.117.16  node2
  1. 关闭Swap
[root@master ~]# swapoff -a
[root@master ~]# sed -i 's@\(.*a2f86.*\)@\#\1@g' /etc/fstab 
  1. 配置时间同步
master节点:
[root@master ~]# yum install -y chrony
[root@master ~]# sed -i 's/^server/#&/' /etc/chrony.conf
[root@master ~]# vim /etc/chrony.conf //添加以下配置
local stratum 10
server master iburst
allow all
[root@master ~]# systemctl enable chronyd
[root@master ~]# systemctl restart chronyd
[root@master ~]# timedatectl set-ntp true

node节点:
[root@node ~]# yum install -y chrony
[root@node ~]# sed -i 's/^server/#&/' /etc/chrony.conf
[root@node ~]# vim /etc/chrony.conf //添加如下配置
server 192.168.117.14 iburst
[root@node ~]# systemctl enable chronyd
[root@node ~]# systemctl restart chronyd
  1. 配置路由转发
[root@master ~]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.d/k8s.conf
[root@master ~]# echo 'net.bridge.bridge-nf-call-ip6tables = 1' >> /etc/sysctl.d/k8s.conf
[root@master ~]# echo 'net.bridge.bridge-nf-call-iptables = 1' >> /etc/sysctl.d/k8s.conf
[root@master ~]# modprobe br_netfilter
[root@master ~]# sysctl -p /etc/sysctl.d/k8s.conf 
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
  1. 配置IPVS
[root@master ~]# vim /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
[root@master ~]# chmod 755 /etc/sysconfig/modules/ipvs.modules 
[root@master ~]# sh /etc/sysconfig/modules/ipvs.modules 
  1. 安装ipset软件包
[root@master ~]# yum install -y ipset ipvsadm
  1. 添加阿里云yum源并安装Docker,执行提供的kubernetes_base.sh脚本获取镜像
[root@master ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@master ~]# wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@master ~]# yum clean all
[root@master ~]# yum makecache
[root@master ~]# yum install -y yum-utils device-mapper-persistent-data
[root@master ~]# yum install -y docker-ce docker-ce-cli containerd.io
[root@master ~]# mkdir /etc/docker
[root@master ~]# vim /etc/docker/daemon.json
{
    "exec-opts":["native.cgroupdriver=systemd"]
}
[root@master ~]# systemctl start docker
[root@master ~]# ./kubernetes_base.sh 
[root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl restart docker
[root@master ~]# systemctl enable docker

  1. 配置Kubernetes yum源
[root@master ~]# vim /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
  1. 安装Kubernetes工具并启动Kubelet
[root@master ~]# yum install -y kubelet-1.14.1 kubeadm-1.14.1 kubectl-1.14.1
[root@master ~]# systemctl enable --now kubelet

案例实施

部署wordpress应用
  1. 进入master节点,初始化Kubernetes集群
[root@master ~]# kubeadm init --apiserver-advertise-address 192.168.117.14 --kubernetes-version="v1.14.1" --pod-network-cidr=192.188.0.0/16 --image-repository=registry.aliyuncs.com/google_containers
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.117.14:6443 --token w8ybfg.qhsi4tvrrhk2h2xz \
    --discovery-token-ca-cert-hash sha256:575ddcd924f82ace0768212c175a593a198cfde5e23f972d06cec875eded0d27

  1. 拷贝config配置文件
[root@master ~]# mkdir .kube 
[root@master ~]# cp /etc/kubernetes/admin.conf .kube/config
  1. 用提供的kube-flannel.yml文件安装网络
[root@master ~]# kubectl apply -f yaml/kube-flannel.yaml
  1. 在两个node节点上加入集群
[root@node ~]# kubeadm join 192.168.117.14:6443 --token w8ybfg.qhsi4tvrrhk2h2xz \
    --discovery-token-ca-cert-hash sha256:575ddcd924f82ace0768212c175a593a198cfde5e23f972d06cec875eded0d27 
  1. 创建Pod
[root@master ~]# vim test.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: pod-test
  labels:
    os: centos
spec:
  containers:
  - name: hello
    image: nginx:latest
    imagePullPolicy: Never
    env:
    - name: Test
      value: "123456"
    command: ["bash","-c","while true;do date;sleep 1;done"]
[root@master ~]# kubectl create -f test.yaml 
  1. 查看Pod状态
[root@master ~]# kubectl get pods
NAME       READY   STATUS    RESTARTS   AGE
pod-test   1/1     Running   0          27m
  1. 新建一个命名空间以及Deployment对象
[root@master ~]# kubectl create namespace blog
[root@master ~]# vim wordpress-db.yaml
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: mysql-deploy
  namespace: blog
  labels:
    app: mysql
spec:
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
      - name: mysql
        image: mysql:5.6
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 3306
          name: dbport
        env:
        - name: MYSQL_ROOT_PASSWORD
          value: rootPassWord
        - name: MYSQL_DATABASE
          value: wordpress
        - name: MYSQL_USER
          value: wordpress
        - name: MYSQL_PASSWORD
          value: wordpress
        volumeMounts:
        - name: db
          mountPath: /var/lib/mysql
      volumes:
      - name: db
        hostPath:
          path: /var/lib/mysql
---
apiVersion: v1
kind: Service
metadata:
  name: mysql
  namespace: blog
spec:
  selector:
    app: mysql
  ports:
  - name: mysqlport
    protocol: TCP
    port: 3306
    targetPort: dbport
[root@master ~]# kubectl create -f wordpress-db.yaml 
  1. 查看Service的详细情况
[root@master ~]# kubectl describe svc mysql -n blog
Name:              mysql
Namespace:         blog
Labels:            <none>
Annotations:       <none>
Selector:          app=mysql
Type:              ClusterIP
IP:                10.106.156.104
Port:              mysqlport  3306/TCP
TargetPort:        dbport/TCP
Endpoints:         192.188.1.3:3306
Session Affinity:  None
Events:            <none>
  1. 创建Wordpress服务
[root@master ~]# vim wordpress.yaml
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: wordpress-deploy
  namespace: blog
  labels:
    app: wordpress
spec:
  template:
    metadata:
      labels:
        app: wordpress
    spec:
      containers:
      - name: wordpress
        image: wordpress
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 80
          name: wdport
        env:
        - name: WORDPRESS_DB_HOST
          value: 10.106.156.104:3306    //对应mysql服务的clusterIP
        - name: WORDPRESS_DB_USER
          value: wordpress
        - name: WORDPRESS_DB_PASSWORD
          value: wordpress
---
apiVersion: v1
kind: Service
metadata:
  name: wordpress
  namespace: blog
spec:
  type: NodePort
  selector:
    app: wordpress
  ports:
  - name: wordpressport
    protocol: TCP
    port: 80
    targetPort: wdport
[root@master ~]# kubectl create -f wordpress.yaml
  1. 创建wordpress-pod
[root@master ~]# vim wordpress-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: wordpress
  namespace: blog
spec:
  containers:
  - name: wordpress
    image: wordpress
    imagePullPolicy: IfNotPresent
    ports:
    - containerPort: 80
      name: wdport
    env:
    - name: WORDPRESS_DB_HOST
      value: localhost:3306
    - name: WORDPRESS_DB_USER
      value: wordpress
    - name: WORDPRESS_DB_PASSWORD
      value: wordpress
  - name: mysql
    image: mysql:5.6
    imagePullPolicy: IfNotPresent
    ports:
    - containerPort: 3306
      name: dbport
    env:
    - name: MYSQL_ROOT_PASSWORD
      value: rootPassWord
    - name: MYSQL_DATABASE
      value: wordpress
    - name: MYSQL_USER
      value: wordpress
    - name: MYSQL_PASSWORD
      value: wordpress
    volumeMounts:
    - name: db
      mountPath: /var/lib/mysql
  volumes:
  - name: db
    hostPath:
      path: /var/lib/mysql
[root@master ~]# kubectl create -f wordpress-pod.yaml
  1. 查看服务信息
[root@master ~]# kubectl get svc -n blog
NAME        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
mysql       ClusterIP   10.106.156.104   <none>        3306/TCP       6m8s
wordpress   NodePort    10.98.162.136    <none>        80:30861/TCP   34s
  1. 浏览器访问wordpress应用
    原生Kubernetes容器云平台应用部署与运维插图
Node的隔离与恢复
  1. 隔离node节点/恢复node节点调度
[root@master ~]# kubectl cordon node
[root@master ~]# kubectl get nodes
NAME     STATUS                          ROLES    AGE    VERSION
master   Ready                              master   5d3h   v1.14.1
node     Ready,SchedulingDisabled   <none>   5d3h   v1.14.1
node2    Ready    <none>   14h     v1.14.1

[root@master ~]# kubectl uncordon node
[root@master ~]# kubectl get nodes
NAME     STATUS   ROLES    AGE    VERSION
master   Ready    master   5d3h   v1.14.1
node     Ready    <none>   5d3h   v1.14.1
node2    Ready    <none>   14h     v1.14.1
Pod动态扩容和缩放
  1. 运行Deployment
[root@master ~]# kubectl run nginx --image=nginx:latest
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
deployment.apps/nginx created
  1. Pod扩容,将Nginx Deployment控制的Pod副本数量从初始的1扩容至5
[root@master ~]# kubectl scale deployment nginx --replicas=5
deployment.extensions/nginx scaled
  1. Pod缩容,将Nginx Deployment控制的Pod副本数量从5缩容至2
[root@master ~]# kubectl scale deployment nginx --replicas=2
deployment.extensions/nginx scaled
将Pod调度到指定的Node
  1. 添加/删除标签
[root@master ~]# kubectl label nodes node project=gcxt
node/node labeled
[root@master ~]# kubectl label node node project-
node/node labeled
  1. 调度Pod到指定Node节点
[root@master ~]# kubectl label nodes node project=gcxt
[root@master ~]# vim nginx.yaml
apiVersion: v1
kind: ReplicationController
metadata:
  name: memcached-gcxt
  labels:
    name: memcached-gcxt
spec:
  replicas: 1
  selector:
    name: memcached-gcxt
  template:
    metadata:
      labels:
        name: memcached-gcxt
    spec:
      containers:
      - name: memcached-gcxt
        image: memcached
        command:
        - memcached
        - -m 64
        ports:
        - containerPort: 11211
      nodeSelector:
        project: gcxt
[root@master ~]# kubectl create -f nginx.yaml 
  1. 查看Pod,可以看到Pod被调度到node节点
[root@master ~]# kubectl get pods -owide
NAME                    READY   STATUS    RESTARTS   AGE     IP             NODE    NOMINATED NODE   READINESS GATES
memcached-gcxt-d5r4r    1/1     Running   0          23m   192.188.2.2    node    <none>           <none>
应用滚动升级
  1. 启动Deployment
[root@master ~]# vim httpd.yaml
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: httpd
spec:
  replicas: 3
  template:
    metadata:
      labels:
        run: httpd
    spec:
      containers:
        - name: httpd
          image: httpd:2.2.31
          ports:
            - containerPort: 80
[root@master ~]# kubectl create -f httpd.yaml
  1. 查看Pod和Deployment状态
[root@master ~]# kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
httpd-5ddb558f47-cg6rc   1/1     Running   0          62s
httpd-5ddb558f47-tpzl5   1/1     Running   0          62s
httpd-5ddb558f47-ts7mf   1/1     Running   0          62s
pod-test                 1/1     Running   6          2d16h
[root@master ~]# kubectl get deployments httpd -o wide
NAME    READY   UP-TO-DATE   AVAILABLE   AGE   CONTAINERS   IMAGES         SELECTOR
httpd   3/3     3            3           80s   httpd        httpd:2.2.31   run=httpd
  1. 滚动升级,将httpd.yaml配置文件中的httpd版本改为2.2.32,再次启动
[root@master ~]# vim httpd.yaml
          image: httpd:2.2.32
[root@master ~]# kubectl apply -f httpd.yaml 
  1. 查看Deployment的详细信息,其中的日志信息描述了滚动升级的过程
[root@master ~]# kubectl describe deployment httpd
Events:
  Type    Reason             Age   From                   Message
  ----    ------             ----  ----                   -------
  Normal  ScalingReplicaSet  5m5s  deployment-controller  Scaled up replica set httpd-5ddb558f47 to 3
  Normal  ScalingReplicaSet  66s   deployment-controller  Scaled up replica set httpd-8bdffc6d8 to 1
  Normal  ScalingReplicaSet  64s   deployment-controller  Scaled down replica set httpd-5ddb558f47 to 2
  Normal  ScalingReplicaSet  64s   deployment-controller  Scaled up replica set httpd-8bdffc6d8 to 2
  Normal  ScalingReplicaSet  63s   deployment-controller  Scaled down replica set httpd-5ddb558f47 to 1
  Normal  ScalingReplicaSet  63s   deployment-controller  Scaled up replica set httpd-8bdffc6d8 to 3
  Normal  ScalingReplicaSet  61s   deployment-controller  Scaled down replica set httpd-5ddb558f47 to 0
  1. 创建3个配置文件,唯一不同之处是镜像的版本号
[root@master ~]# vim httpd.v1.yaml
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: httpd
spec:
  revisionHistoryLimit: 10
  replicas: 3
  template:
    metadata:
      labels:
        run: httpd
    spec:
      containers:
        - name: httpd
          image: httpd:2.2.16
          ports:
            - containerPort: 80
[root@master ~]# vim httpd.v2.yaml
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: httpd
spec:
  revisionHistoryLimit: 10
  replicas: 3
  template:
    metadata:
      labels:
        run: httpd
    spec:
      containers:
        - name: httpd
          image: httpd:2.2.17
          ports:
            - containerPort: 80
[root@master ~]# vim httpd.v3.yaml
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: httpd
spec:
  revisionHistoryLimit: 10
  replicas: 3
  template:
    metadata:
      labels:
        run: httpd
    spec:
      containers:
        - name: httpd
          image: httpd:2.2.18
          ports:
            - containerPort: 80
  1. 部署Deployment
[root@master ~]# kubectl apply -f httpd.v1.yaml --record
deployment.apps/httpd configured
[root@master ~]# kubectl apply -f httpd.v2.yaml --record
deployment.apps/httpd configured
[root@master ~]# kubectl apply -f httpd.v3.yaml --record
deployment.apps/httpd configured
  1. 查看Deployment
[root@master ~]# kubectl get deployments -o wide
NAME    READY   UP-TO-DATE   AVAILABLE   AGE     CONTAINERS   IMAGES         SELECTOR
httpd   3/3     1            3           8m28s   httpd        httpd:2.2.18   run=httpd
  1. 查看revision历史记录
[root@master ~]# kubectl rollout history deployment httpd
deployment.extensions/httpd 
REVISION  CHANGE-CAUSE
1         <none>
2         <none>
3         kubectl apply --filename=httpd.v1.yaml --record=true
4         kubectl apply --filename=httpd.v2.yaml --record=true
5         kubectl apply --filename=httpd.v3.yaml --record=true
  1. 回滚到指定版本revision 1
[root@master ~]# kubectl rollout undo deployment httpd --to-revision=1
deployment.extensions/httpd rolled back
[root@master ~]# kubectl get deployments -o wide
NAME    READY   UP-TO-DATE   AVAILABLE   AGE   CONTAINERS   IMAGES         SELECTOR
httpd   3/3     3            3           10m   httpd        httpd:2.2.31   run=httpd
  1. 再次查看revision历史记录,可以看到revision记录也相应增加
[root@master ~]# kubectl rollout history deployment httpd
deployment.extensions/httpd 
REVISION  CHANGE-CAUSE
2         <none>
3         kubectl apply --filename=httpd.v1.yaml --record=true
4         kubectl apply --filename=httpd.v2.yaml --record=true
5         kubectl apply --filename=httpd.v3.yaml --record=true
6         <none>
没有账号? 忘记密码?

社交账号快速登录