1、ansible安装
# 注意pip 21.0以后不再支持python2和python3.5,需要如下安装
# To install pip for Python 2.7 install it from https://bootstrap.pypa.io/2.7/ :
curl -O https://bootstrap.pypa.io/pip/2.7/get-pip.py
python get-pip.py
python -m pip install --upgrade "pip < 21.0"
# pip安装ansible(国内如果安装太慢可以直接用pip阿里云加速)
pip install ansible -i https://mirrors.aliyun.com/pypi/simple/
sudo pip install -I pyparsing==2.2.0
2、在ansible控制端配置免密码登录
# 更安全 Ed25519 算法
ssh-keygen -t ed25519 -N '' -f ~/.ssh/id_ed25519
# 或者传统 RSA 算法
ssh-keygen -t rsa -b 2048 -N '' -f ~/.ssh/id_rsa
ssh-copy-id $IPs #$IPs为所有节点地址包括自身,按照提示输入yes 和root密码
3、安装ezdown
export release=3.0.0
curl -C- -fLO --retry 3 https://github.com/easzlab/kubeasz/releases/download/${release}/ezdown
chmod +x ./ezdown
./ezdown -D
4、安装集群
./ezdown -S
docker exec -it kubeasz ezctl start-aio
5.验证安装
如果提示kubectl: command not found,退出重新ssh登录一下,环境变量生效即可
$ kubectl version # 验证集群版本
$ kubectl get node # 验证节点就绪 (Ready) 状态
$ kubectl get pod -A # 验证集群pod状态,默认已安装网络插件、coredns、metrics-server等
$ kubectl get svc -A # 验证集群服务状态
6、添加etcd
cd /etc/kubeasz
./ezctl add-etcd default 10.211.55.34
7、添加node
cd /etc/kubeasz
ssh-copy-id 10.211.55.35
./ezctl add-node default 10.211.55.34
8、生成pod-yaml
kubectl create deployment cms-api --image=registry.cn-zhangjiakou.aliyuncs.com/hudongtang-dev/hudongtang-cms-api:v2.4.0.3 -o yaml --dry-run>>cms_api.yaml
9、更改端口映射
spec:
containers:
- image: registry.cn-zhangjiakou.aliyuncs.com/hudongtang-dev/hudongtang-cms-api:v2.4.0.3
name: hudongtang-cms-api
resources: {}
ports:
- containerPort: 8080
10、镜像凭证设置
kubectl create secret docker-registry aliyuncs-registry --docker-server=registry-vpc.cn-zhangjiakou.aliyuncs.com --docker-username=xxx --docker-password=xxx
登陆:
docker login --username=xxxxx --password=xxxxx registry.cn-zhangjiakou.aliyuncs.com
同步配置到其他节点
for n in kubectl get nodes -o wide |awk '{print $6}' |grep -v INTERNAL-IP |xargs;do scp ~/.docker/config.json root@$n:/var/lib/kubelet/config.json; done
11、查看容器状态
kubectl get pods
查看错误信息
kubectl describe pod
12、创建服务
vi cms_api_service.yaml
---
apiVersion: v1
kind: Service
metadata:
name: cmsp-api-service
labels:
name: cms-api-service
spec:
type: NodePort #这里代表是NodePort类型的
ports:
- port: 8080 #这里的端口和clusterIP对应,即ip:8080,供内部访问。
targetPort: 8080 #端口一定要和container暴露出来的端口对应
protocol: TCP
nodePort: 32143 # 所有的节点都会开放此端口,此端口供外部调用。
selector:
app: cms-api #这里选择器一定要选择容器的标签,之前写name:kube-node是错的。
kubectl create -f cms_api_service.yaml
13、查看服务
kubectl get svc
14、删除服务
kubectl delete svc cms-api-service -n default
15、更新服务镜像
kubectl apply -f cms_api.yaml
16、配置环境变量
spec:
containers:
- image: registry.cn-zhangjiakou.aliyuncs.com/hudongtang-dev/hudongtang-cms-api:master
name: hudongtang-cms-api
imagePullPolicy: Always
resources: {}
ports:
- containerPort: 8080
env:
- name: DB_HOST
value: 39.99.144.57
- name: DB_VOTE_HOST
value: 39.99.144.57
17、删除pod
kubectl delete pod node-local-dns-nvkg6 -n kube-system
18、滚动重启
kubectl rollout restart deployment go-platform-grpc
19、停止服务
kubectl scale --replicas=0 deployment/go-platform-api
20、服务彻底删除
kubectl delete pod go-platform-api-64dc544c58-b8zht -n default
kubectl delete deployment go-platform-api -n default
强制更新
kubectl replace -f java-platform-pod.yaml --force
21、具体问题查看
kubectl -n default describe pod go-vote-worker-5847b77c67-pbxr4
22、禁止调度
kubectl cordon 172.26.239.38
23、查看pod节点ip和容器ip
kubectl get pod -o wide
24、node是none的情况
kubectl get nodes
# 设置 test1 为 master 角色
kubectl label nodes 10.0.5.15 node-role.kubernetes.io/master=master2
# 设置 test2 为 node 角色
kubectl label nodes 10.0.5.4 node-role.kubernetes.io/node=node1
# 设置 master 一般情况下不接受负载
kubectl taint nodes 10.0.5.15 node-role.kubernetes.io/master=true:NoSchedule
25、查看所有node
kubectl get pod -o wide --all-namespaces
查看各机器使用情况
kubectl top nodes -n default
26、查看错误信息
kubectl describe pod kubernetes-dashboard-849cd79b75-s2snt --namespace kube-system
kubectl logs -f pods/monitoring-influxdb-fc8f8d5cd-dbs7d -n kube-system
kubectl logs --tail 200 -f kube-apiserver -n kube-system |more
kubectl logs --tail 200 -f podname -n jenkins
用journalctl查看日志非常管用
journalctl -u kube-scheduler
journalctl -xefu kubelet
journalctl -u kube-apiserver
journalctl -u kubelet |tail
journalctl -xe
查看资源消耗
kubectl top pod -n default
该部分仅登录用户可见
Usage: ezctl COMMAND [args]
-------------------------------------------------------------------------------------
Cluster setups:
list to list all of the managed clusters
checkout <cluster> to switch default kubeconfig of the cluster
new <cluster> to start a new k8s deploy with name 'cluster'
setup <cluster> <step> to setup a cluster, also supporting a step-by-step way
start <cluster> to start all of the k8s services stopped by 'ezctl stop'
stop <cluster> to stop all of the k8s services temporarily
upgrade <cluster> to upgrade the k8s cluster
destroy <cluster> to destroy the k8s cluster
backup <cluster> to backup the cluster state (etcd snapshot)
restore <cluster> to restore the cluster state from backups
start-aio to quickly setup an all-in-one cluster with 'default' settings
Cluster ops:
add-etcd <cluster> <ip> to add a etcd-node to the etcd cluster
add-master <cluster> <ip> to add a master node to the k8s cluster
add-node <cluster> <ip> to add a work node to the k8s cluster
del-etcd <cluster> <ip> to delete a etcd-node from the etcd cluster
del-master <cluster> <ip> to delete a master node from the k8s cluster
del-node <cluster> <ip> to delete a work node from the k8s cluster
Extra operation:
kcfg-adm <cluster> <args> to manage client kubeconfig of the k8s cluster
Use "ezctl help <command>" for more information about a given command.
二、集群安装方式
举例创建、安装新集群流程
ezctl new k8s-01
更改配置
1、/etc/kubeasz/clusters/k8s-01/hosts中的master和etcd
2、去除node,等master和etcd安装完毕再装node
3、然后 ezctl setup k8s-01 01 一步一步安装,不要全部安装容易出问题
