User Tools

Site Tools


система_kubernetes

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
система_kubernetes [2022/08/23 17:25]
val [Развертывание]
система_kubernetes [2022/09/27 16:12]
val [Работа со своим репозиторием]
Line 18: Line 18:
 ==== Установка ==== ==== Установка ====
 <​code>​ <​code>​
-root@gate.corp13.un:​~# curl -LO https://​storage.googleapis.com/​kubernetes-release/​release/​`curl -s https://​storage.googleapis.com/​kubernetes-release/​release/​stable.txt`/​bin/​linux/​amd64/​kubectl +# curl -LO https://​storage.googleapis.com/​kubernetes-release/​release/​`curl -s https://​storage.googleapis.com/​kubernetes-release/​release/​stable.txt`/​bin/​linux/​amd64/​kubectl 
-root@gate.corp13.un:​~# chmod +x kubectl + 
-root@gate.corp13.un:​~# mv kubectl /​usr/​local/​bin/​+# chmod +x kubectl 
 + 
 +# mv kubectl /​usr/​local/​bin/​
 </​code>​ </​code>​
  
-==== Подключение к кластеру ====+==== Подключение к новому ​кластеру ====
  
-  ​* Если не minikube, то достаточно только копию .kube/​config +  * [[https://medium.com/@jacobtomlinson/how-to-merge-kubernetes-kubectl-config-files-737b61bd517d|How to merge Kubernetes kubectl config files]]
-  ​* [[https://habr.com/ru/​company/​flant/​blog/​345580/|см. Настройка GitLab Runner]]+
  
 <​code>​ <​code>​
-student@node2:~$ tar zcf kube-config.tar.gz ​.kube/​config .minikube/​ca.crt .minikube/​profiles/minikube+gitlab-runner@server:~$ scp root@node1:.kube/​config .kube/config_new
  
-gitlab-runner@gate:~$ scp student@node2:​kube-config.tar.gz ​.+gitlab-runner@server:~$ cp ~/.kube/config ​~/.kube/config.bak
  
-gitlab-runner@gate:~$ tar -xvf kube-config.tar.gz+gitlab-runner@server:~$ KUBECONFIG=~/​.kube/config:~/.kube/​config_new kubectl config view --flatten > /tmp/config
  
-gitlab-runner@gate:~$ cat .kube/​config +gitlab-runner@server:~$ mv /tmp/config ~/.kube/​config 
-</​code><​code>​ + 
-... +gitlab-runner@server:~$ chmod 600 /​home/​gitlab-runner/​.kube/config ​   #Helm WARNING 
-    ​certificate-authority: /​home/​gitlab-runner/​.minikube/ca.crt + 
-... +gitlab-runner@server:~$ kubectl config get-contexts 
-    ​client-certificate/home/gitlab-runner/​.minikube/​profiles/​minikube/client.crt + 
-    ​client-key:​ /home/gitlab-runner/​.minikube/​profiles/​minikube/​client.key +gitlab-runner@server:~$ rm ~/.kube/config.bak 
-... + 
-</​code><​code>​ +gitlab-runner@server:~$ kubectl config use-context kubernetes-admin@kubernetes 
-gitlab-runner@gate:~$ kubectl get all -o wide --all-namespaces+ 
 +gitlab-runner@server:~$ kubectl get all -o wide --all-namespaces 
 +gitlab-runner@server:​~$ kubectl get all -o wide -A
 </​code>​ </​code>​
 +
 ===== Установка minikube ===== ===== Установка minikube =====
  
   * [[https://​www.linuxtechi.com/​how-to-install-minikube-on-ubuntu/​|How to Install Minikube on Ubuntu 20.04 LTS / 21.04]]   * [[https://​www.linuxtechi.com/​how-to-install-minikube-on-ubuntu/​|How to Install Minikube on Ubuntu 20.04 LTS / 21.04]]
   * [[https://​minikube.sigs.k8s.io/​docs/​start/​|Documentation/​Get Started/​minikube start]]   * [[https://​minikube.sigs.k8s.io/​docs/​start/​|Documentation/​Get Started/​minikube start]]
-  * Технология Docker [[Технология Docker#​Предоставление прав непривилегированным пользователям]] 
  
 <​code>​ <​code>​
-student@node3:~$ minikube delete+root@server:~# apt install -y curl wget apt-transport-https
  
-student@node3:~minikube ​start --driver=docker --insecure-registry "​server.corp13.un:​5000"​+root@server:~# wget https://​storage.googleapis.com/​minikube/​releases/​latest/​minikube-linux-amd64
  
-ИЛИ +root@server:~# mv minikube-linux-amd64 /​usr/​local/​bin/​minikube
-</​code><​code>​ +
-student@node2:~$ sudo apt install conntrack+
  
-https://computingforgeeks.com/install-mirantis-cri-dockerd-as-docker-engine-shim-for-kubernetes+root@server:~# chmod +x /usr/local/bin/minikube 
-...+</​code>​
  
-wget https://​github.com/​kubernetes-sigs/cri-tools/​releases/​download/​v1.24.2/crictl-v1.24.2-linux-amd64.tar.gz+  * Технология Docker [[Технология Docker#​Предоставление прав непривилегированным пользователям]] 
 + 
 +<​code>​ 
 +gitlab-runner@server:~$ ### minikube delete 
 +gitlab-runner@server:​~$ ### rm -rv .minikube/ 
 + 
 +gitlab-runner@server:​~$ time minikube start --driver=docker --insecure-registry "​server.corpX.un:​5000"​ 
 +real    5m8.320s
 ... ...
  
-student@node2:~$ minikube ​start --driver=none --insecure-registry "​server.corp13.un:​5000"​ +gitlab-runner@server:~$ minikube ​status 
-</​code><​code>​ + 
-student@node3:~$ minikube ​status+gitlab-runner@server:~$ minikube ​ip
  
-student@node3:~$ minikube ​ip+gitlab-runner@server:~$ minikube ​kubectl -- get pods -A
  
-student@node3:~$ minikube addons list+gitlab-runner@server:~$ minikube addons list
  
-student@node3:~$ minikube addons configure registry-creds+gitlab-runner@server:~$ minikube addons configure registry-creds
 ... ...
 Do you want to enable Docker Registry? [y/n]: y Do you want to enable Docker Registry? [y/n]: y
--- Enter docker registry server url: http://​server.corp13.un:5000+-- Enter docker registry server url: http://​server.corpX.un:5000
 -- Enter docker registry username: student -- Enter docker registry username: student
 -- Enter docker registry password: -- Enter docker registry password:
 ... ...
  
-student@node3:~$ minikube addons enable registry-creds +gitlab-runner@server:~$ minikube addons enable registry-creds
- +
-student@node3:​~$ minikube dashboard & +
-... +
-Opening http://​127.0.0.1:​NNNNN/​api/​v1/​namespaces/​kubernetes-dashboard/​services/​http:​kubernetes-dashboard:/​proxy/​ in your default browser +
-... +
-/​home/​mobaxterm>​ ssh -L NNNNN:​localhost:​NNNNN student@192.168.13.230 +
-Теперь,​ та же ссылка работает на win host системе+
 </​code>​ </​code>​
  
 +  * [[#​Инструмент командной строки kubectl]]
 ===== Кластер Kubernetes ===== ===== Кластер Kubernetes =====
  
Line 99: Line 101:
   * [[https://​infoit.com.ua/​linux/​kak-ustanovit-kubernetes-na-ubuntu-20-04-lts/​|Как установить Kubernetes на Ubuntu 20.04 LTS]]   * [[https://​infoit.com.ua/​linux/​kak-ustanovit-kubernetes-na-ubuntu-20-04-lts/​|Как установить Kubernetes на Ubuntu 20.04 LTS]]
   * [[https://​www.cloud4y.ru/​blog/​installation-kubernetes/​|Установка Kubernetes]]   * [[https://​www.cloud4y.ru/​blog/​installation-kubernetes/​|Установка Kubernetes]]
 +
 +=== Установка ПО и подготовка узлов ===
  
 <​code>​ <​code>​
-... +node1# ssh-keygen 
-root@node1:~kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.13.201 + 
-... +node1# ​ssh-copy-id node2 
-student@node1:~$ kubectl apply -https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml +node1# ssh-copy-id node3 
-... + 
-student@node1:~$ kubectl ​get pod -o wide --all-namespaces+node1# bash -c ' 
 +http_proxy=http://​proxy.isp.un:3128apt -y install apt-transport-https curl 
 +ssh node2 http_proxy=http://​proxy.isp.un:3128/ apt -y install apt-transport-https curl 
 +ssh node3 http_proxy=http://​proxy.isp.un:3128/ apt -y install apt-transport-https curl 
 +
 + 
 +node1# bash -c ' 
 +curl -s https://​packages.cloud.google.com/​apt/​doc/​apt-key.gpg | sudo apt-key add 
 +ssh node2 "​curl ​-https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add" 
 +ssh node3 "curl -s https://packages.cloud.google.com/​apt/​doc/​apt-key.gpg | sudo apt-key add" 
 +
 + 
 +node1# bash -c ' 
 +apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"​ 
 +ssh node2 apt-add-repository \"deb http://apt.kubernetes.io/​ kubernetes-xenial main\"​ 
 +ssh node3 apt-add-repository \"deb http://​apt.kubernetes.io/​ kubernetes-xenial main\"​ 
 +
 + 
 +node1# bash -c ' 
 +http_proxy=http://​proxy.isp.un:​3128/​ apt -y install kubeadm kubelet ​kubectl ​kubernetes-cni 
 +ssh node2 apt -y install kubeadm kubelet kubectl kubernetes-cni 
 +ssh node3 apt -y install kubeadm kubelet kubectl kubernetes-cni 
 +
 + 
 +node1# bash -c ' 
 +swapoff -a 
 +ssh node2 swapoff -a 
 +ssh node3 swapoff -a 
 +'
  
-student@node1:~$ kubectl get nodes -o wide+node1# bash -c ' 
 +sed -i""​ -e "/​swap/​s/​^/#/"​ /​etc/​fstab 
 +ssh node2 sed -i""​ -e "/​swap/​s/​^/#/"​ /​etc/​fstab 
 +ssh node3 sed -i""​ -e "/​swap/​s/​^/#/"​ /​etc/​fstab 
 +
 +</​code>​ 
 + 
 +=== Инициализация master === 
 + 
 +  * Может понадобиться в случае возникновения ошибки [[https://​github.com/​containerd/​containerd/​issues/​4581|[ERROR CRI]: container runtime is not running]] 
 +<​code>​ 
 +node1# bash -c ' 
 +rm /​etc/​containerd/​config.toml 
 +systemctl restart containerd 
 +ssh node2 rm /​etc/​containerd/​config.toml 
 +ssh node2 systemctl restart containerd 
 +ssh node3 rm /​etc/​containerd/​config.toml 
 +ssh node3 systemctl restart containerd 
 +
 +</​code>​ 
 +<​code>​ 
 +root@node1:~# kubeadm init --pod-network-cidr=10.244.0.0/​16 --apiserver-advertise-address=192.168.X.201 
 + 
 +root@node1:​~#​ mkdir -p $HOME/​.kube 
 + 
 +root@node1:​~#​ cp -i /​etc/​kubernetes/​admin.conf $HOME/​.kube/​config 
 + 
 +root@node1:​~#​ kubectl apply -f https://​raw.githubusercontent.com/​coreos/​flannel/​master/​Documentation/​kube-flannel.yml 
 + 
 +root@node1:​~#​ kubectl get pod -o wide --all-namespaces 
 + 
 +root@node1:​~#​ kubectl get --raw='/​readyz?​verbose'​ 
 +</​code>​ 
 + 
 +=== Подключение worker === 
 + 
 +<​code>​ 
 +root@node2_3:​~#​ curl -k https://​node1:​6443/​livez?​verbose 
 +</​code>​ 
 +  * [[https://​github.com/​containerd/​containerd/​issues/​4581|[ERROR CRI]: container runtime is not running]] 
 +<​code>​ 
 +root@node2_3:​~#​ kubeadm join 192.168.X.201:​6443 --token NNNNNNNNNNNNNNNNNNNN \ 
 +        --discovery-token-ca-cert-hash sha256:​NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 
 +</​code>​ 
 +=== Проверка состояния === 
 +<​code>​ 
 +root@node1:​~#​ kubectl cluster-info 
 + 
 +root@node1:​~# ​kubectl get nodes -o wide
 </​code>​ </​code>​
  
Line 122: Line 202:
  
 <​code>​ <​code>​
-root@nodeN:​~mkdir /etc/containerd/+node1scp server:/​etc/​docker/​daemon.json ​/etc/docker/daemon.json
  
-root@node2:~# cat /​etc/​containerd/​config.toml+server# bash -c ' 
 +scp /​etc/​docker/​daemon.json node2:/​etc/​docker/​daemon.json 
 +scp /​etc/​docker/​daemon.json node3:/​etc/​docker/​daemon.json 
 +service docker restart 
 +ssh node2 service docker restart 
 +ssh node3 service docker restart 
 +
 + 
 +# don't work in cri-tools 1.25, need public project 
 +### node1# docker login http://​server.corpX.un:​5000 
 + 
 +### node1# bash -c ' 
 +ssh node2 mkdir -p .docker 
 +ssh node3 mkdir -p .docker 
 +scp ~/​.docker/​config.json node2:​.docker/​config.json 
 +scp ~/​.docker/​config.json node3:​.docker/​config.json 
 +
 + 
 +root@node1:~# cat /​etc/​containerd/​config.toml
 </​code><​code>​ </​code><​code>​
 version = 2 version = 2
Line 130: Line 228:
 [plugins."​io.containerd.grpc.v1.cri"​.registry] [plugins."​io.containerd.grpc.v1.cri"​.registry]
   [plugins."​io.containerd.grpc.v1.cri"​.registry.mirrors]   [plugins."​io.containerd.grpc.v1.cri"​.registry.mirrors]
-    [plugins."​io.containerd.grpc.v1.cri"​.registry.mirrors."​server.corp13.un:​5000"​] +    [plugins."​io.containerd.grpc.v1.cri"​.registry.mirrors."​server.corpX.un:​5000"​] 
-      endpoint = ["​http://​server.corp13.un:​5000"​]+      endpoint = ["​http://​server.corpX.un:​5000"​]
   [plugins."​io.containerd.grpc.v1.cri"​.registry.configs]   [plugins."​io.containerd.grpc.v1.cri"​.registry.configs]
-    [plugins."​io.containerd.grpc.v1.cri"​.registry.configs."​server.corp13.un:​5000"​.tls]+    [plugins."​io.containerd.grpc.v1.cri"​.registry.configs."​server.corpX.un:​5000"​.tls]
       insecure_skip_verify = true       insecure_skip_verify = true
-[plugins."​io.containerd.grpc.v1.cri"​.registry.configs."​server.corp13.un:​5000"​.auth] +# don't work in cri-tools 1.25, need public project 
-      auth = "​c3R1ZGVudDpwYXNzd29yZA=="​+#[plugins."​io.containerd.grpc.v1.cri"​.registry.configs."​server.corpX.un:​5000"​.auth] 
 +     auth = "​c3R1ZGVudDpwYXNzd29yZA=="​
 </​code><​code>​ </​code><​code>​
-root@node2:~# systemctl restart containerd+node1# bash -c ' 
 +scp /​etc/​containerd/​config.toml ​node2:/​etc/​containerd/​config.toml 
 +scp /​etc/​containerd/​config.toml node3:/​etc/​containerd/​config.toml 
 +systemctl restart containerd 
 +ssh node2 systemctl restart containerd 
 +ssh node3 systemctl restart containerd 
 +'
  
-root@node2:~# containerd config dump+root@nodeN:~# containerd config dump | less
 </​code>​ </​code>​
  
Line 146: Line 251:
  
 <​code>​ <​code>​
-root@node2:~# crictl -r unix:///​run/​containerd/​containerd.sock pull server.corp13.un:​5000/​student/​webd+root@nodeN:~# crictl -r unix:///​run/​containerd/​containerd.sock pull server.corpX.un:​5000/​student/​webd
 </​code>​ </​code>​
 ===== Базовые объекты k8s ===== ===== Базовые объекты k8s =====
Line 155: Line 260:
   * [[https://​kubernetes.io/​ru/​docs/​reference/​kubectl/​docker-cli-to-kubectl/​|kubectl для пользователей Docker]]   * [[https://​kubernetes.io/​ru/​docs/​reference/​kubectl/​docker-cli-to-kubectl/​|kubectl для пользователей Docker]]
   * [[https://​kubernetes.io/​docs/​tasks/​run-application/​run-stateless-application-deployment/​|Run a Stateless Application Using a Deployment]]   * [[https://​kubernetes.io/​docs/​tasks/​run-application/​run-stateless-application-deployment/​|Run a Stateless Application Using a Deployment]]
 +
  
 <​code>​ <​code>​
Line 163: Line 269:
 $ kubectl get deployments $ kubectl get deployments
  
-$ kubectl get pods+$ kubectl get pods -o wide
  
 $ kubectl attach my-debian-NNNNNNNNN-NNNNN $ kubectl attach my-debian-NNNNNNNNN-NNNNN
Line 175: Line 281:
  
 $ kubectl delete deployment my-debian $ kubectl delete deployment my-debian
-</code><​code> +</​code>​ 
-  [[https://​kubernetes.io/​docs/​reference/​glossary/?​all=true#​term-manifest| ​   Kubernetes Documentation Reference Glossary/​Manifest]] +  ​[[https://​kubernetes.io/​docs/​reference/​glossary/?​all=true#​term-manifest|Kubernetes Documentation Reference Glossary/​Manifest]] 
-</​code>​<​code>​+<​code>​
 $ cat my-debian-deployment.yaml $ cat my-debian-deployment.yaml
 </​code><​code>​ </​code><​code>​
Line 205: Line 311:
 </​code>​ </​code>​
 ==== namespace для своего приложения ==== ==== namespace для своего приложения ====
 +
 +  * [[https://​matthewpalmer.net/​kubernetes-app-developer/​articles/​kubernetes-volumes-example-nfs-persistent-volume.html|How to use an NFS volume]]
 +
 <​code>​ <​code>​
 $ kubectl create namespace my-ns $ kubectl create namespace my-ns
Line 210: Line 319:
 $ kubectl get namespaces $ kubectl get namespaces
  
-$ ### kubectl create deployment my-webd --image=server.corp13.un:​5000/​student/​webd:​latest --replicas=2 -n my-ns+$ ### kubectl create deployment my-webd --image=server.corpX.un:​5000/​student/​webd:​latest --replicas=2 -n my-ns 
 + 
 +$ ### kubectl delete deployment my-webd -n my-ns 
 + 
 +$ cd webd/
  
 $ cat my-webd-deployment.yaml $ cat my-webd-deployment.yaml
Line 231: Line 344:
       containers:       containers:
       - name: my-webd       - name: my-webd
-        ​image: server.corp13.un:​5000/​student/​webd:​latest+ 
 +#        ​image: server.corpX.un:​5000/​student/​webd 
 +#        imageserver.corpX.un:​5000/​student/​webd:​ver1.N 
 + 
 +#        livenessProbe:​ 
 +#          httpGet: 
 +#            port: 80 
 + 
 +#        volumeMounts:​ 
 +#        - name: nfs-volume 
 +#          mountPath: /var/www 
 +#      volumes: 
 +#      - name: nfs-volume 
 +#        nfs: 
 +#          server: server.corpX.un 
 +#          path: /var/www
 </​code><​code>​ </​code><​code>​
 $ kubectl apply -f my-webd-deployment.yaml $ kubectl apply -f my-webd-deployment.yaml
Line 240: Line 368:
  
 $ kubectl scale deployment my-webd --replicas=3 -n my-ns $ kubectl scale deployment my-webd --replicas=3 -n my-ns
 +
 +$ kubectl delete pod/​my-webd-NNNNNNNNNN-NNNNN -n my-ns
 </​code>​ </​code>​
  
Line 245: Line 375:
  
   * [[https://​kubernetes.io/​docs/​concepts/​services-networking/​service/​|Kubernetes Documentation Concepts Services, Load Balancing, and Networking Service]]   * [[https://​kubernetes.io/​docs/​concepts/​services-networking/​service/​|Kubernetes Documentation Concepts Services, Load Balancing, and Networking Service]]
 +
 +  * [[https://​stackoverflow.com/​questions/​33069736/​how-do-i-get-logs-from-all-pods-of-a-kubernetes-replication-controller|How do I get logs from all pods of a Kubernetes replication controller?​]]
  
 <​code>​ <​code>​
 $ ### kubectl expose deployment my-webd --type=NodePort --port=80 -n my-ns $ ### kubectl expose deployment my-webd --type=NodePort --port=80 -n my-ns
 +
 +$ ### kubectl delete svc my-webd -n my-ns
  
 $ cat my-webd-service.yaml $ cat my-webd-service.yaml
Line 264: Line 398:
     port: 80     port: 80
 #    nodePort: 30111 #    nodePort: 30111
-#    targetPort: 80 
-#status: 
-#  loadBalancer:​ {} 
 </​code><​code>​ </​code><​code>​
 $ kubectl apply -f my-webd-service.yaml $ kubectl apply -f my-webd-service.yaml
Line 272: Line 403:
 $ kubectl get svc my-webd -n my-ns $ kubectl get svc my-webd -n my-ns
 NAME              TYPE       ​CLUSTER-IP ​      ​EXTERNAL-IP ​  ​PORT(S) ​       AGE NAME              TYPE       ​CLUSTER-IP ​      ​EXTERNAL-IP ​  ​PORT(S) ​       AGE
-my-webd-svc ​  ​NodePort ​  ​10.102.135.146 ​  <​none> ​       80:30350/TCP   18h+my-webd-svc ​  ​NodePort ​  ​10.102.135.146 ​  <​none> ​       80:NNNNN/TCP   18h
  
 $ kubectl describe svc my-webd -n my-ns $ kubectl describe svc my-webd -n my-ns
  
-student@node3:​~minikube service my-webd -n my-ns --url +curl http://node1,2,3:NNNNN
-http://192.168.49.2:30350+
  
-student@node3:~$ curl $(minikube service my-webd -n my-ns --url)+ 
 +$ minikube service list 
 + 
 +$ minikube service my-webd -n my-ns --url 
 +http://​192.168.49.2:NNNNN 
 + 
 +$ curl $(minikube service my-webd -n my-ns --url) 
 + 
 + 
 +$ kubectl logs -l app=my-webd -n my-ns  
 +(доступны опции -f, --tail=2000,​ --previous) 
 +</​code>​ 
 + 
 +==== Удаление объектов ==== 
 +<​code>​ 
 +$ kubectl delete -n my-ns -f my-webd-deployment.yaml,​my-webd-service.yaml 
 + 
 +или 
 + 
 +$ kubectl delete namespace my-ns
 </​code>​ </​code>​
  
Line 285: Line 434:
  
   * [[https://​kubernetes.io/​docs/​tasks/​access-application-cluster/​ingress-minikube/​|Set up Ingress on Minikube with the NGINX Ingress Controller]]   * [[https://​kubernetes.io/​docs/​tasks/​access-application-cluster/​ingress-minikube/​|Set up Ingress on Minikube with the NGINX Ingress Controller]]
-  * [[https://stackoverflow.com/questions/​33069736/​how-do-i-get-logs-from-all-pods-of-a-kubernetes-replication-controller|How do I get logs from all pods of a Kubernetes ​replication controller?]]+  * [[https://www.golinuxcloud.com/kubectl-port-forward/​|kubectl port-forward examples in Kubernetes]]
  
 <​code>​ <​code>​
-student@node2:​~$ minikube addons enable ingress+server# host webd 
 +webd.corpX.un has address 192.168.49.2 
 +  или 
 +webd.corpX.un has address 192.168.X.201 
  
-gitlab-runner@gate:~/webd$ cat my-webd-ingress.yaml+gitlab-runner@server:~$ minikube addons enable ingress 
 +</​code>​ 
 +  * [[https://​kubernetes.github.io/​ingress-nginx/​deploy/#​quick-start|NGINX ingress controller quick-start]] 
 +<​code>​ 
 +server# host webd 
 +webd.corpX.un has address 192.168.X.201 
 + 
 +root@node1:​~#​ kubectl port-forward --namespace=ingress-nginx --address 0.0.0.0 service/​ingress-nginx-controller 80:80 
 + 
 + 
 +gitlab-runner@server:​~/​webd$ ### kubectl create ingress my-webd --class=nginx --rule="​webd.corpX.un/​*=my-webd:​80"​ -n my-ns 
 + 
 +gitlab-runner@server:~/webd$ cat my-webd-ingress.yaml
 </​code><​code>​ </​code><​code>​
 apiVersion: networking.k8s.io/​v1 apiVersion: networking.k8s.io/​v1
Line 297: Line 462:
   name: my-webd   name: my-webd
   namespace: my-ns   namespace: my-ns
-  annotations:​ 
-    nginx.ingress.kubernetes.io/​rewrite-target:​ /$1 
 spec: spec:
 +  ingressClassName:​ nginx
   rules:   rules:
-    ​- host: webd.corp13.un +  ​- host: webd.corpX.un 
-      http: +    http: 
-        paths: +      paths: 
-          path: /(.*) +      - backend: 
-            pathType: Prefix ​ # Попробовать:​ ImplementationSpecific +          service: 
-            ​backend: +            name: my-webd 
-              service: +            port: 
-                name: my-webd +              number: 80 
-                port: +        path: / 
-                  number: 80+        pathType: Prefix 
 +status: 
 +  loadBalancer:​ {}
 </​code><​code>​ </​code><​code>​
 $ kubectl apply -f my-webd-ingress.yaml $ kubectl apply -f my-webd-ingress.yaml
 +
  
 $ kubectl get ingress -n my-ns $ kubectl get ingress -n my-ns
-Напиши,​ что тут?+NAME      CLASS   ​HOSTS ​           ADDRESS ​  ​PORTS ​  AGE 
 +my-webd ​  ​nginx ​  ​webd.corpX.un ​            ​80 ​     11s
  
-root@gate.corp13.un:​~#​ host webd +$ curl webd.corpX.un
-webd.corp13.un is an alias for node2.corp13.un. +
-node2.corp13.un has address 192.168.13.220+
  
-curl webd.corp13.un +### kubectl ​delete ingress ​my-webd -n my-ns
- +
-kubectl ​logs -l app=my-webd -n my-ns +
-</​code>​ +
-==== Удаление объектов ==== +
-<​code>​ +
-$ kubectl delete -n my-ns -f my-webd-deployment.yaml,​my-webd-service.yaml,​my-webd-ingress.yaml +
- +
-или +
- +
-$ kubectl delete namespace my-ns +
-</​code>​ +
- +
-==== Пример с nfs volume ==== +
- +
-  * [[https://​matthewpalmer.net/​kubernetes-app-developer/​articles/​kubernetes-volumes-example-nfs-persistent-volume.html|How to use an NFS volume]] +
- +
-<​code>​ +
-$ cat my-webd-nfs-deployment.yaml +
-... +
-    spec: +
-      containers:​ +
-      - name: my-webd +
-        image: server.corp13.un:​5000/​student/​webd:​latest +
-        volumeMounts:​ +
-        - name: nfs-volume +
-          mountPath: /var/www +
-      volumes: +
-      - name: nfs-volume +
-        nfs: +
-          server: 192.168.13.1 +
-          path: /var/www+
 </​code>​ </​code>​
  
Line 428: Line 563:
  
  
-==== Установка ====+==== Установка ​Helm ====
  
   * [[https://​helm.sh/​docs/​intro/​install/​|Installing Helm]]   * [[https://​helm.sh/​docs/​intro/​install/​|Installing Helm]]
  
 <​code>​ <​code>​
-wget https://​get.helm.sh/​helm-v3.9.0-linux-amd64.tar.gz+server# ​wget https://​get.helm.sh/​helm-v3.9.0-linux-amd64.tar.gz
  
-tar -zxvf helm-v3.9.0-linux-amd64.tar.gz+tar -zxvf helm-v3.9.0-linux-amd64.tar.gz
  
-$ sudo mv linux-amd64/​helm /​usr/​local/​bin/​helm+mv linux-amd64/​helm /​usr/​local/​bin/​helm
 </​code>​ </​code>​
  
 +==== Работа с готовыми Charts ====
 +
 +  * [[https://​kubernetes.github.io/​ingress-nginx/​deploy/​|NGINX Ingress Controller Installation Guide]]
 +
 +<​code>​
 +$ curl https://​raw.githubusercontent.com/​kubernetes/​ingress-nginx/​controller-v1.3.1/​deploy/​static/​provider/​cloud/​deploy.yaml
 +
 +$ kubectl apply -f https://​raw.githubusercontent.com/​kubernetes/​ingress-nginx/​controller-v1.3.1/​deploy/​static/​provider/​cloud/​deploy.yaml
 +
 +$ kubectl delete -f https://​raw.githubusercontent.com/​kubernetes/​ingress-nginx/​controller-v1.3.1/​deploy/​static/​provider/​cloud/​deploy.yaml
 +
 +$ helm upgrade --install ingress-nginx ingress-nginx --repo https://​kubernetes.github.io/​ingress-nginx --namespace ingress-nginx --create-namespace
 +
 +$ helm list --namespace ingress-nginx
 +$ helm list -A
 +
 +$ ### helm delete ingress-nginx --namespace ingress-nginx
 +</​code>​
 ==== Развертывание своего приложения ==== ==== Развертывание своего приложения ====
  
Line 461: Line 614:
 ... ...
 image: image:
-  repository: server.corp13.un:​5000/​student/​webd+  repository: server.corpX.un:​5000/​student/​webd
   pullPolicy: Always   pullPolicy: Always
 ... ...
Line 472: Line 625:
 ingress: ingress:
   enabled: true   enabled: true
 +  className: "​nginx"​
 ... ...
   hosts:   hosts:
Line 483: Line 637:
 ... ...
 </​code><​code>​ </​code><​code>​
-!!! Был замечен "​глюк"​ DNS, из-за которого не загружался Docker образ, "​лечился"​ предварительным созданием namespace +$ helm install my-webd webd-chart/ -n my-ns --create-namespace --wait
- +
-$ helm install my-webd webd-chart/ ​--n my-ns --create-namespace --wait+
  
 $ export HELM_NAMESPACE=my-ns $ export HELM_NAMESPACE=my-ns
Line 506: Line 658:
   * [[https://​medium.com/​containerum/​how-to-make-and-share-your-own-helm-package-50ae40f6c221|How to make and share your own Helm package]]   * [[https://​medium.com/​containerum/​how-to-make-and-share-your-own-helm-package-50ae40f6c221|How to make and share your own Helm package]]
   * [[https://​docs.gitlab.com/​ee/​user/​profile/​personal_access_tokens.html|Gitlab Personal access tokens]]   * [[https://​docs.gitlab.com/​ee/​user/​profile/​personal_access_tokens.html|Gitlab Personal access tokens]]
 +  * role: Mainteiner, api, read_registry,​ write_registry
 <​code>​ <​code>​
-$ helm repo add --username student --password ​NNNNNN-NNNNNNNNNNNNN ​webd http://192.168.13.1/​api/​v4/​projects/​6/​packages/​helm/​stable+$ helm repo add --username student --password ​NNNNN-NNNNNNNNNNNNNNNNNNN ​webd http://server.corpX.un/​api/​v4/​projects/​4/​packages/​helm/​stable 
 +"​webd"​ has been added to your repositories 
 + 
 +$ ### helm repo remove webd
  
 $ helm repo list $ helm repo list
Line 516: Line 671:
  
 $ helm plugin install https://​github.com/​chartmuseum/​helm-push $ helm plugin install https://​github.com/​chartmuseum/​helm-push
 +
 $ helm cm-push webd-chart-0.1.0.tgz webd $ helm cm-push webd-chart-0.1.0.tgz webd
  
Line 538: Line 694:
 ===== Дополнительные материалы ===== ===== Дополнительные материалы =====
  
 +==== bare-metal minikube ====
 +
 +<​code>​
 +student@node2:​~$ sudo apt install conntrack
 +
 +https://​computingforgeeks.com/​install-mirantis-cri-dockerd-as-docker-engine-shim-for-kubernetes/​
 +...
 +
 +wget https://​github.com/​kubernetes-sigs/​cri-tools/​releases/​download/​v1.24.2/​crictl-v1.24.2-linux-amd64.tar.gz
 +...
 +
 +student@node2:​~$ minikube start --driver=none --insecure-registry "​server.corp13.un:​5000"​
 +</​code>​
 +
 +==== minikube dashboard ====
 +<​code>​
 +student@node1:​~$ minikube dashboard &
 +...
 +Opening http://​127.0.0.1:​NNNNN/​api/​v1/​namespaces/​kubernetes-dashboard/​services/​http:​kubernetes-dashboard:/​proxy/​ in your default browser
 +...
 +/​home/​mobaxterm>​ ssh -L NNNNN:​localhost:​NNNNN student@192.168.X.10
 +Теперь,​ та же ссылка работает на win host системе
 +</​code>​
 +
 +==== Подключение к minikube с другой системы ====
 +
 +  * Если не minikube, то достаточно только копию .kube/​config
 +  * [[https://​habr.com/​ru/​company/​flant/​blog/​345580/​|см. Настройка GitLab Runner]]
 +
 +<​code>​
 +student@node1:​~$ tar -cvzf kube-config.tar.gz .kube/​config .minikube/​ca.crt .minikube/​profiles/​minikube
 +
 +gitlab-runner@server:​~$ scp student@node1:​kube-config.tar.gz .
 +
 +gitlab-runner@server:​~$ tar -xvf kube-config.tar.gz
 +
 +gitlab-runner@server:​~$ cat .kube/​config
 +</​code><​code>​
 +...
 +    certificate-authority:​ /​home/​gitlab-runner/​.minikube/​ca.crt
 +...
 +    client-certificate:​ /​home/​gitlab-runner/​.minikube/​profiles/​minikube/​client.crt
 +    client-key: /​home/​gitlab-runner/​.minikube/​profiles/​minikube/​client.key
 +...
 +</​code>​
 ==== kompose ==== ==== kompose ====
  
 +  * [[https://​stackoverflow.com/​questions/​47536536/​whats-the-difference-between-docker-compose-and-kubernetes|What'​s the difference between Docker Compose and Kubernetes?​]]
   * [[https://​loft.sh/​blog/​docker-compose-to-kubernetes-step-by-step-migration/​|Docker Compose to Kubernetes: Step-by-Step Migration]]   * [[https://​loft.sh/​blog/​docker-compose-to-kubernetes-step-by-step-migration/​|Docker Compose to Kubernetes: Step-by-Step Migration]]
   * [[https://​kubernetes.io/​docs/​tasks/​configure-pod-container/​translate-compose-kubernetes/​|Translate a Docker Compose File to Kubernetes Resources]]   * [[https://​kubernetes.io/​docs/​tasks/​configure-pod-container/​translate-compose-kubernetes/​|Translate a Docker Compose File to Kubernetes Resources]]
система_kubernetes.txt · Last modified: 2024/03/26 13:20 by val