終於略過前一篇說明的防火牆的阻擋,今天來記錄ubuntu v21.04安裝k8s(kubernetes) v1.21.2安裝成功的步驟
1.安裝套件apt-transport-https、ca-certificates、curl
sudo apt-get update 遇到網站憑證問題,故加上--allow....設定 sudo apt-get update --allow-unauthenticated --allow-insecure-repositories sudo apt-get install -y apt-transport-https ca-certificates curl
2.安裝kubelet kubeadm kubectl
1) 設定https://packages.cloud.google.com網站憑證
curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/kubernetes-archive-keyring.gpg > /dev/null
2) 設定kubernetes安裝apt
echo "deb [arch=amd64 trusted=yes allow-insecure=yes allow-weak=yes allow-downgrade-to-insecure=yes check-valid-until=no] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list 或 echo "deb [arch=amd64 trusted=yes allow-insecure=yes allow-weak=yes allow-downgrade-to-insecure=yes check-valid-until=no] https://packages.cloud.google.com/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update sudo apt-get install -y kubelet kubeadm kubectl sudo apt-mark hold kubelet kubeadm kubectl
註:出現如下訊息
E: 無法取得 https://apt.kubernetes.io/dists/kubernetes-xenial/main/binary-amd64/Packages,Certificate verification failed: The certificate is NOT trusted. The certificate chain uses insecure algorithm. Could not handshake: Error in the certificate verification. [IP: 34.107.204.206 443] E: Some index files failed to download. They have been ignored, or old ones used instead.
解法: vi etc/apt/apt.conf.d/99verify-peer.conf,若為true,改為false
Acquire { https::Verify-Peer false }
3.swap改由k8s控管,故要關閉swap
swapoff -a sed -e '/swap/ s/^#*/#/' -i /etc/fstab free -m
4.初始master,以建立k8s cluster
1) 建置指令
sudo kubeadm init –-pod-network-cidr 10.5.0.0/16 -–v=5
終於看到成功的畫面
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run “kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.0.2.15:6443 –token xyovgm.p0z428rgi7flwi6a \
–discovery-token-ca-cert-hash sha256:8893a38d20d191ad63714b030926cb904bc468290710237d49d6d11f14a92b48
2)此段需執行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
3)加node使用此token請記錄下來
kubeadm join 10.0.2.15:6443 –token xyovgm.p0z428rgi7flwi6a \
–discovery-token-ca-cert-hash sha256:8893a38d20d191ad63714b030926cb904bc468290710237d49d6d11f14a92b48
5.設定自動補齊功能
sudo apt-get install -y bash-completion
echo “source /etc/bash_completion" >> ~/.bashrc
echo “source <(kubectl completion bash)" >> ~/.bashrc
source <(kubectl completion bash)
6.若無足夠主機建置
kubectl taint nodes --all node-role.kubernetes.io/master-
收到結果: node/ubuntu-virtualbox untainted
7.列出node數
kubectl get nodes
kubectl get nodes -o wide
收到結果: (STATUS為NOT Ready)
8.列出node內容
kubectl describe node ubuntu-virtualbox
9.設定overlay網路: 用flannel
1)wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
2)vi kube-flannel.yml
修改
net-conf.json: |
{
“Network": “10.5.0.0/16″,
“Backend": {
“Type": “vxlan"
}
}
其中Network值需同kubeadm init時設定的pod-network-cidr一致
3)建立overlay網路
kubectl apply -f kube-flannel.yml
如下圖結果:
4)查看pod狀況
kubectl get pods –all-namespaces
如下圖結果:
註: flannel image因公司擋quay.io這個網址無法下載,故此步驟一直停在image Err的STATUS,後來先在外部將image拉下來,再上傳到內部server,步驟如下
外部電腦:
docker pull quay.io/coreos/flannel:v0.14.0-amd64 docker image save flannel -o flannel.tar -- 若已run在container內可以用此方式 docker export --output="flannel.jar" flannel
內部Server:
docker load -i flannel.tar
5) 列出node數
kubectl get nodes -o wide
收到結果: (STATUS為Ready)
10.建立nginx pod
kubectl run nginx --image=nginx
註: kubernets 1.18以後請用以下指令
kubectl create deployment nginx-web --image=nginx
這樣才會連deployment及replicaset一同建立,以kubectl get all查看
kubectl get pods -o wide
如下圖結果:
11.改nodeport
kubectl get deployment -o yaml nginx > nginx.yaml kubectl expose -f nginx.yaml --port=80 --type NodePort 或 kubectl edit svc nginx
12.查看對應的服務port
kubectl get svc
如下圖結果:
13.佈署一個nginx deployment
參考網址: https://kubernetes.io/zh/docs/tasks/run-application/run-stateless-application-deployment/
1) vi nginx_deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 2 # tells deployment to run 2 pods matching the template
template:
metadata:
labels:
app: nginx
spec:
containers:
– name: nginx
image: nginx:latest
ports:
– containerPort: 80
2)建立deployment
kubectl apply -f nginx_deployment.yaml
3)查看deployment、pod、svc
kubectl describe deployment nginx-deployment
kubectl get pods -o wide
kubectl get svc -o wide
如下圖結果:
4)列出deployment建立的Pods
kubectl get pods -l app=nginx
如下圖結果:
5)取得某個pod的描述
kubectl describe pod <pod-name>
14.增加nginx deployment pod由2調整成3
1)調整nginx_deployment.yaml內的replicas為3
2)重建deployment
kubectl apply -f nginx_deployment.yaml
3)查deployment的Pods數量:已變為3
kubectl get pods -l app=nginx
如下圖結果:
15.降低nginx deployment pod由3調整成2
kubectl scale deployment nginx-deployment –replicas=2
查看結果
kubectl get pods -l app=nginx
如下圖結果: