User Tools

Site Tools


система_kubernetes

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
система_kubernetes [2022/07/13 16:46]
val [Установка kubectl]
система_kubernetes [2022/09/27 16:12] (current)
val [Работа со своим репозиторием]
Line 18: Line 18:
 ==== Установка ==== ==== Установка ====
 <​code>​ <​code>​
-root@gate.corp13.un:​~# curl -LO https://​storage.googleapis.com/​kubernetes-release/​release/​`curl -s https://​storage.googleapis.com/​kubernetes-release/​release/​stable.txt`/​bin/​linux/​amd64/​kubectl +# curl -LO https://​storage.googleapis.com/​kubernetes-release/​release/​`curl -s https://​storage.googleapis.com/​kubernetes-release/​release/​stable.txt`/​bin/​linux/​amd64/​kubectl 
-root@gate.corp13.un:​~# chmod +x kubectl + 
-root@gate.corp13.un:​~# mv kubectl /​usr/​local/​bin/​+# chmod +x kubectl 
 + 
 +# mv kubectl /​usr/​local/​bin/​
 </​code>​ </​code>​
  
-==== Подключение к кластеру ====+==== Подключение к новому ​кластеру ====
  
-  * Если не minikube, то достаточно только копию ​.kube/config+  * [[https://​medium.com/@jacobtomlinson/​how-to-merge-kubernetes-kubectl-config-files-737b61bd517d|How to merge Kubernetes kubectl ​config ​files]]
  
 <​code>​ <​code>​
-student@node2:~$ tar zcf kube-config.tar.gz ​.kube/​config .minikube/​ca.crt .minikube/​profiles/minikube+gitlab-runner@server:~$ scp root@node1:.kube/​config .kube/config_new
  
-gitlab-runner@gate:~$ scp student@node2:​kube-config.tar.gz ​.+gitlab-runner@server:~$ cp ~/.kube/config ​~/.kube/config.bak
  
-gitlab-runner@gate:~$ tar -xvf kube-config.tar.gz+gitlab-runner@server:~$ KUBECONFIG=~/​.kube/config:~/.kube/​config_new kubectl config view --flatten > /tmp/config
  
-gitlab-runner@gate:~$ cat .kube/​config +gitlab-runner@server:~$ mv /tmp/config ~/.kube/​config 
-</​code><​code>​ + 
-... +gitlab-runner@server:~$ chmod 600 /​home/​gitlab-runner/​.kube/config ​   #Helm WARNING 
-    ​certificate-authority: /​home/​gitlab-runner/​.minikube/ca.crt + 
-... +gitlab-runner@server:~$ kubectl config get-contexts 
-    ​client-certificate/home/gitlab-runner/​.minikube/​profiles/​minikube/client.crt + 
-    ​client-key:​ /home/gitlab-runner/​.minikube/​profiles/​minikube/​client.key +gitlab-runner@server:~$ rm ~/.kube/config.bak 
-... + 
-</​code><​code>​ +gitlab-runner@server:~$ kubectl config use-context kubernetes-admin@kubernetes 
-gitlab-runner@gate:~$ kubectl get all -o wide --all-namespaces+ 
 +gitlab-runner@server:~$ kubectl get all -o wide --all-namespaces 
 +gitlab-runner@server:​~$ kubectl get all -o wide -A
 </​code>​ </​code>​
 +
 ===== Установка minikube ===== ===== Установка minikube =====
  
   * [[https://​www.linuxtechi.com/​how-to-install-minikube-on-ubuntu/​|How to Install Minikube on Ubuntu 20.04 LTS / 21.04]]   * [[https://​www.linuxtechi.com/​how-to-install-minikube-on-ubuntu/​|How to Install Minikube on Ubuntu 20.04 LTS / 21.04]]
   * [[https://​minikube.sigs.k8s.io/​docs/​start/​|Documentation/​Get Started/​minikube start]]   * [[https://​minikube.sigs.k8s.io/​docs/​start/​|Documentation/​Get Started/​minikube start]]
-  * Технология Docker [[Технология Docker#​Предоставление прав непривилегированным пользователям]] 
  
 <​code>​ <​code>​
-student@node3:~$ minikube delete+root@server:~# apt install -y curl wget apt-transport-https
  
-student@node3:~minikube ​start --driver=docker --insecure-registry "​server.corp13.un:​5000"​+root@server:~# wget https://​storage.googleapis.com/​minikube/​releases/​latest/​minikube-linux-amd64
  
-ИЛИ +root@server:~# mv minikube-linux-amd64 /​usr/​local/​bin/​minikube
-</​code><​code>​ +
-student@node2:~$ sudo apt install conntrack+
  
-https://computingforgeeks.com/install-mirantis-cri-dockerd-as-docker-engine-shim-for-kubernetes+root@server:~# chmod +x /usr/local/bin/minikube 
-...+</​code>​
  
-wget https://​github.com/​kubernetes-sigs/cri-tools/​releases/​download/​v1.24.2/crictl-v1.24.2-linux-amd64.tar.gz+  * Технология Docker [[Технология Docker#​Предоставление прав непривилегированным пользователям]] 
 + 
 +<​code>​ 
 +gitlab-runner@server:~$ ### minikube delete 
 +gitlab-runner@server:​~$ ### rm -rv .minikube/ 
 + 
 +gitlab-runner@server:​~$ time minikube start --driver=docker --insecure-registry "​server.corpX.un:​5000"​ 
 +real    5m8.320s
 ... ...
  
-student@node2:~$ minikube ​start --driver=none --insecure-registry "​server.corp13.un:​5000"​ +gitlab-runner@server:~$ minikube ​status 
-</​code><​code>​ + 
-student@node3:~$ minikube ​status+gitlab-runner@server:~$ minikube ​ip
  
-student@node3:~$ minikube ​ip+gitlab-runner@server:~$ minikube ​kubectl -- get pods -A
  
-student@node3:~$ minikube addons list+gitlab-runner@server:~$ minikube addons list
  
-student@node3:~$ minikube addons configure registry-creds+gitlab-runner@server:~$ minikube addons configure registry-creds
 ... ...
 Do you want to enable Docker Registry? [y/n]: y Do you want to enable Docker Registry? [y/n]: y
--- Enter docker registry server url: http://​server.corp13.un:5000+-- Enter docker registry server url: http://​server.corpX.un:5000
 -- Enter docker registry username: student -- Enter docker registry username: student
 -- Enter docker registry password: -- Enter docker registry password:
 ... ...
  
-student@node3:~$ minikube addons enable registry-creds +gitlab-runner@server:~$ minikube addons enable registry-creds
- +
-student@node3:​~$ minikube dashboard & +
-... +
-Opening http://​127.0.0.1:​NNNNN/​api/​v1/​namespaces/​kubernetes-dashboard/​services/​http:​kubernetes-dashboard:/​proxy/​ in your default browser +
-... +
-/​home/​mobaxterm>​ ssh -L NNNNN:​localhost:​NNNNN student@192.168.13.230 +
-Теперь,​ та же ссылка работает на win host системе+
 </​code>​ </​code>​
  
-===== Установка Kubernetes =====+  * [[#​Инструмент командной строки kubectl]] 
 +===== Кластер Kubernetes ===== 
 + 
 +==== Развертывание ​====
  
   * [[https://​infoit.com.ua/​linux/​kak-ustanovit-kubernetes-na-ubuntu-20-04-lts/​|Как установить Kubernetes на Ubuntu 20.04 LTS]]   * [[https://​infoit.com.ua/​linux/​kak-ustanovit-kubernetes-na-ubuntu-20-04-lts/​|Как установить Kubernetes на Ubuntu 20.04 LTS]]
   * [[https://​www.cloud4y.ru/​blog/​installation-kubernetes/​|Установка Kubernetes]]   * [[https://​www.cloud4y.ru/​blog/​installation-kubernetes/​|Установка Kubernetes]]
 +
 +=== Установка ПО и подготовка узлов ===
  
 <​code>​ <​code>​
-... +node1# ssh-keygen 
-root@node1:​~#​ kubeadm init --pod-network-cidr=10.244.0.0/​16 --apiserver-advertise-address=192.168.13.210 + 
-... +node1# ssh-copy-id node2 
-student@node1:~kubectl apply -f https://​raw.githubusercontent.com/​coreos/​flannel/​master/​Documentation/​kube-flannel.yml +node1# ssh-copy-id node3 
-... + 
-student@node1:~kubectl get pod -o wide --all-namespaces+node1# bash -c ' 
 +http_proxy=http://​proxy.isp.un:3128/ apt -y install apt-transport-https curl 
 +ssh node2 http_proxy=http://​proxy.isp.un:​3128/​ apt -y install apt-transport-https curl 
 +ssh node3 http_proxy=http://​proxy.isp.un:​3128/​ apt -y install apt-transport-https curl 
 +
 + 
 +node1# bash -c ' 
 +curl -s https://​packages.cloud.google.com/​apt/​doc/​apt-key.gpg | sudo apt-key add 
 +ssh node2 "curl -s https://​packages.cloud.google.com/​apt/​doc/​apt-key.gpg | sudo apt-key add" 
 +ssh node3 "curl -s https://​packages.cloud.google.com/​apt/​doc/​apt-key.gpg | sudo apt-key add" 
 +
 + 
 +node1# bash -c ' 
 +apt-add-repository "deb http://​apt.kubernetes.io/​ kubernetes-xenial main"​ 
 +ssh node2 apt-add-repository \"deb http://​apt.kubernetes.io/​ kubernetes-xenial main\"​ 
 +ssh node3 apt-add-repository \"deb http://​apt.kubernetes.io/​ kubernetes-xenial main\"​ 
 +
 + 
 +node1# bash -c ' 
 +http_proxy=http://​proxy.isp.un:​3128/​ apt -y install kubeadm kubelet kubectl kubernetes-cni 
 +ssh node2 apt -y install kubeadm kubelet kubectl kubernetes-cni 
 +ssh node3 apt -y install kubeadm kubelet kubectl kubernetes-cni 
 +
 + 
 +node1# bash -c ' 
 +swapoff -a 
 +ssh node2 swapoff -a 
 +ssh node3 swapoff -a 
 +
 + 
 +node1# bash -c ' 
 +sed -i""​ -e "/​swap/​s/​^/#/"​ /​etc/​fstab 
 +ssh node2 sed -i""​ -e "/​swap/​s/​^/#/"​ /​etc/​fstab 
 +ssh node3 sed -i""​ -e "/​swap/​s/​^/#/"​ /​etc/​fstab 
 +
 +</​code>​ 
 + 
 +=== Инициализация master === 
 + 
 +  * Может понадобиться в случае возникновения ошибки [[https://​github.com/​containerd/​containerd/​issues/​4581|[ERROR CRI]: container runtime is not running]] 
 +<​code>​ 
 +node1# bash -c ' 
 +rm /​etc/​containerd/​config.toml 
 +systemctl restart containerd 
 +ssh node2 rm /​etc/​containerd/​config.toml 
 +ssh node2 systemctl restart containerd 
 +ssh node3 rm /​etc/​containerd/​config.toml 
 +ssh node3 systemctl restart containerd 
 +
 +</​code>​ 
 +<​code>​ 
 +root@node1:​~#​ kubeadm init --pod-network-cidr=10.244.0.0/​16 --apiserver-advertise-address=192.168.X.201 
 + 
 +root@node1:​~#​ mkdir -p $HOME/.kube 
 + 
 +root@node1:​~#​ cp -i /​etc/​kubernetes/​admin.conf $HOME/.kube/config 
 + 
 +root@node1:~kubectl apply -f https://​raw.githubusercontent.com/​coreos/​flannel/​master/​Documentation/​kube-flannel.yml 
 + 
 +root@node1:~kubectl get pod -o wide --all-namespaces 
 + 
 +root@node1:​~#​ kubectl get --raw='/​readyz?​verbose'​ 
 +</​code>​ 
 + 
 +=== Подключение worker === 
 + 
 +<​code>​ 
 +root@node2_3:​~#​ curl -k https://​node1:​6443/​livez?​verbose 
 +</​code>​ 
 +  * [[https://​github.com/​containerd/​containerd/​issues/​4581|[ERROR CRI]: container runtime is not running]] 
 +<​code>​ 
 +root@node2_3:​~#​ kubeadm join 192.168.X.201:​6443 --token NNNNNNNNNNNNNNNNNNNN \ 
 +        --discovery-token-ca-cert-hash sha256:​NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 
 +</​code>​ 
 +=== Проверка состояния === 
 +<​code>​ 
 +root@node1:​~#​ kubectl cluster-info 
 + 
 +root@node1:​~#​ kubectl get nodes -o wide 
 +</​code>​ 
 + 
 +==== Настройка доступа к Insecure Private Registry ==== 
 + 
 +  * [[https://​github.com/​containerd/​containerd/​issues/​4938|Unable to pull image from insecure registry, http: server gave HTTP response to HTTPS client #4938]] 
 +  * [[https://​github.com/​containerd/​containerd/​issues/​3847|Containerd cannot pull image from insecure registry #3847]] 
 + 
 +  * [[https://​mrzik.medium.com/​how-to-configure-private-registry-for-kubernetes-cluster-running-with-containerd-cf74697fa382|How to Configure Private Registry for Kubernetes cluster running with containerd]] 
 +  * [[https://​github.com/​containerd/​containerd/​blob/​main/​docs/​PLUGINS.md#​version-header|containerd/​docs/​PLUGINS.md migrate config v1 to v2]] 
 + 
 +  * Docker [[Технология Docker#​Insecure Private Registry]] 
 + 
 +<​code>​ 
 +node1# scp server:/​etc/​docker/​daemon.json /​etc/​docker/​daemon.json 
 + 
 +server# bash -c ' 
 +scp /​etc/​docker/​daemon.json node2:/​etc/​docker/​daemon.json 
 +scp /​etc/​docker/​daemon.json node3:/​etc/​docker/​daemon.json 
 +service docker restart 
 +ssh node2 service docker restart 
 +ssh node3 service docker restart 
 +
 + 
 +# don't work in cri-tools 1.25, need public project 
 +### node1# docker login http://​server.corpX.un:​5000 
 + 
 +### node1# bash -c ' 
 +ssh node2 mkdir -p .docker 
 +ssh node3 mkdir -p .docker 
 +scp ~/​.docker/​config.json node2:​.docker/​config.json 
 +scp ~/​.docker/​config.json node3:​.docker/​config.json 
 +
 + 
 +root@node1:​~#​ cat /​etc/​containerd/​config.toml 
 +</​code><​code>​ 
 +version = 2 
 + 
 +[plugins."​io.containerd.grpc.v1.cri"​.registry] 
 +  [plugins."​io.containerd.grpc.v1.cri"​.registry.mirrors] 
 +    [plugins."​io.containerd.grpc.v1.cri"​.registry.mirrors."​server.corpX.un:​5000"​] 
 +      endpoint = ["​http://​server.corpX.un:​5000"​] 
 +  [plugins."​io.containerd.grpc.v1.cri"​.registry.configs] 
 +    [plugins."​io.containerd.grpc.v1.cri"​.registry.configs."​server.corpX.un:​5000"​.tls] 
 +      insecure_skip_verify = true 
 +# don't work in cri-tools 1.25, need public project 
 +#​[plugins."​io.containerd.grpc.v1.cri"​.registry.configs."​server.corpX.un:​5000"​.auth] 
 +#      auth = "​c3R1ZGVudDpwYXNzd29yZA=="​ 
 +</​code><​code>​ 
 +node1# bash -c ' 
 +scp /​etc/​containerd/​config.toml node2:/​etc/​containerd/​config.toml 
 +scp /​etc/​containerd/​config.toml node3:/​etc/​containerd/​config.toml 
 +systemctl restart containerd 
 +ssh node2 systemctl restart containerd 
 +ssh node3 systemctl restart containerd 
 +
 + 
 +root@nodeN:​~#​ containerd config dump | less 
 +</​code>​ 
 + 
 +Проверка 
 + 
 +<​code>​ 
 +root@nodeN:​~#​ crictl -r unix:///​run/​containerd/​containerd.sock pull server.corpX.un:​5000/​student/​webd
 </​code>​ </​code>​
 ===== Базовые объекты k8s ===== ===== Базовые объекты k8s =====
Line 112: Line 260:
   * [[https://​kubernetes.io/​ru/​docs/​reference/​kubectl/​docker-cli-to-kubectl/​|kubectl для пользователей Docker]]   * [[https://​kubernetes.io/​ru/​docs/​reference/​kubectl/​docker-cli-to-kubectl/​|kubectl для пользователей Docker]]
   * [[https://​kubernetes.io/​docs/​tasks/​run-application/​run-stateless-application-deployment/​|Run a Stateless Application Using a Deployment]]   * [[https://​kubernetes.io/​docs/​tasks/​run-application/​run-stateless-application-deployment/​|Run a Stateless Application Using a Deployment]]
 +
  
 <​code>​ <​code>​
Line 120: Line 269:
 $ kubectl get deployments $ kubectl get deployments
  
-$ kubectl get pods+$ kubectl get pods -o wide
  
 $ kubectl attach my-debian-NNNNNNNNN-NNNNN $ kubectl attach my-debian-NNNNNNNNN-NNNNN
Line 132: Line 281:
  
 $ kubectl delete deployment my-debian $ kubectl delete deployment my-debian
-</code><​code> +</​code>​ 
-  [[https://​kubernetes.io/​docs/​reference/​glossary/?​all=true#​term-manifest| ​   Kubernetes Documentation Reference Glossary/​Manifest]] +  ​[[https://​kubernetes.io/​docs/​reference/​glossary/?​all=true#​term-manifest|Kubernetes Documentation Reference Glossary/​Manifest]] 
-</​code>​<​code>​+<​code>​
 $ cat my-debian-deployment.yaml $ cat my-debian-deployment.yaml
 </​code><​code>​ </​code><​code>​
Line 162: Line 311:
 </​code>​ </​code>​
 ==== namespace для своего приложения ==== ==== namespace для своего приложения ====
 +
 +  * [[https://​matthewpalmer.net/​kubernetes-app-developer/​articles/​kubernetes-volumes-example-nfs-persistent-volume.html|How to use an NFS volume]]
 +
 <​code>​ <​code>​
 $ kubectl create namespace my-ns $ kubectl create namespace my-ns
Line 167: Line 319:
 $ kubectl get namespaces $ kubectl get namespaces
  
-$ ### kubectl create deployment my-webd --image=server.corp13.un:​5000/​student/​webd:​latest --replicas=2 -n my-ns+$ ### kubectl create deployment my-webd --image=server.corpX.un:​5000/​student/​webd:​latest --replicas=2 -n my-ns 
 + 
 +$ ### kubectl delete deployment my-webd -n my-ns 
 + 
 +$ cd webd/
  
 $ cat my-webd-deployment.yaml $ cat my-webd-deployment.yaml
Line 188: Line 344:
       containers:       containers:
       - name: my-webd       - name: my-webd
-        ​image: server.corp13.un:​5000/​student/​webd:​latest+ 
 +#        ​image: server.corpX.un:​5000/​student/​webd 
 +#        imageserver.corpX.un:​5000/​student/​webd:​ver1.N 
 + 
 +#        livenessProbe:​ 
 +#          httpGet: 
 +#            port: 80 
 + 
 +#        volumeMounts:​ 
 +#        - name: nfs-volume 
 +#          mountPath: /var/www 
 +#      volumes: 
 +#      - name: nfs-volume 
 +#        nfs: 
 +#          server: server.corpX.un 
 +#          path: /var/www
 </​code><​code>​ </​code><​code>​
 $ kubectl apply -f my-webd-deployment.yaml $ kubectl apply -f my-webd-deployment.yaml
  
-$ kubectl get all -n my-ns+$ kubectl get all -n my-ns -o wide  
 + 
 +$ kubectl describe -n my-ns pod/​my-webd-NNNNNNNNNN-NNNNN
  
 $ kubectl scale deployment my-webd --replicas=3 -n my-ns $ kubectl scale deployment my-webd --replicas=3 -n my-ns
 +
 +$ kubectl delete pod/​my-webd-NNNNNNNNNN-NNNNN -n my-ns
 </​code>​ </​code>​
  
Line 200: Line 375:
  
   * [[https://​kubernetes.io/​docs/​concepts/​services-networking/​service/​|Kubernetes Documentation Concepts Services, Load Balancing, and Networking Service]]   * [[https://​kubernetes.io/​docs/​concepts/​services-networking/​service/​|Kubernetes Documentation Concepts Services, Load Balancing, and Networking Service]]
 +
 +  * [[https://​stackoverflow.com/​questions/​33069736/​how-do-i-get-logs-from-all-pods-of-a-kubernetes-replication-controller|How do I get logs from all pods of a Kubernetes replication controller?​]]
  
 <​code>​ <​code>​
 $ ### kubectl expose deployment my-webd --type=NodePort --port=80 -n my-ns $ ### kubectl expose deployment my-webd --type=NodePort --port=80 -n my-ns
 +
 +$ ### kubectl delete svc my-webd -n my-ns
  
 $ cat my-webd-service.yaml $ cat my-webd-service.yaml
Line 218: Line 397:
   - protocol: TCP   - protocol: TCP
     port: 80     port: 80
-    targetPort80 +#    nodePort30111
-status: +
-  loadBalancer:​ {}+
 </​code><​code>​ </​code><​code>​
 $ kubectl apply -f my-webd-service.yaml $ kubectl apply -f my-webd-service.yaml
Line 226: Line 403:
 $ kubectl get svc my-webd -n my-ns $ kubectl get svc my-webd -n my-ns
 NAME              TYPE       ​CLUSTER-IP ​      ​EXTERNAL-IP ​  ​PORT(S) ​       AGE NAME              TYPE       ​CLUSTER-IP ​      ​EXTERNAL-IP ​  ​PORT(S) ​       AGE
-my-webd-svc ​  ​NodePort ​  ​10.102.135.146 ​  <​none> ​       80:30350/TCP   18h+my-webd-svc ​  ​NodePort ​  ​10.102.135.146 ​  <​none> ​       80:NNNNN/TCP   18h
  
-student@node3:​~minikube service ​my-webd -n my-ns --url +kubectl describe svc my-webd -n my-ns
-http://​192.168.49.2:​30350+
  
-student@node3:~$ curl $(minikube service my-webd -n my-ns --url)+$ curl http://​node1,​2,​3:​NNNNN 
 + 
 + 
 +$ minikube service list 
 + 
 +$ minikube service my-webd -n my-ns --url 
 +http://​192.168.49.2:NNNNN 
 + 
 +$ curl $(minikube service my-webd -n my-ns --url) 
 + 
 + 
 +$ kubectl logs -l app=my-webd -n my-ns  
 +(доступны опции -f, --tail=2000,​ --previous) 
 +</​code>​ 
 + 
 +==== Удаление объектов ==== 
 +<​code>​ 
 +$ kubectl delete -n my-ns -f my-webd-deployment.yaml,​my-webd-service.yaml 
 + 
 +или 
 + 
 +$ kubectl delete namespace my-ns
 </​code>​ </​code>​
  
Line 237: Line 434:
  
   * [[https://​kubernetes.io/​docs/​tasks/​access-application-cluster/​ingress-minikube/​|Set up Ingress on Minikube with the NGINX Ingress Controller]]   * [[https://​kubernetes.io/​docs/​tasks/​access-application-cluster/​ingress-minikube/​|Set up Ingress on Minikube with the NGINX Ingress Controller]]
-  * [[https://stackoverflow.com/questions/​33069736/​how-do-i-get-logs-from-all-pods-of-a-kubernetes-replication-controller|How do I get logs from all pods of a Kubernetes ​replication controller?]]+  * [[https://www.golinuxcloud.com/kubectl-port-forward/​|kubectl port-forward examples in Kubernetes]]
  
 <​code>​ <​code>​
-student@node2:​~$ minikube addons enable ingress+server# host webd 
 +webd.corpX.un has address 192.168.49.2 
 +  или 
 +webd.corpX.un has address 192.168.X.201
  
-gitlab-runner@gate:~/webd$ cat my-webd-ingress.yaml+ 
 +gitlab-runner@server:~$ minikube addons enable ingress 
 +</​code>​ 
 +  * [[https://​kubernetes.github.io/​ingress-nginx/​deploy/#​quick-start|NGINX ingress controller quick-start]] 
 +<​code>​ 
 +server# host webd 
 +webd.corpX.un has address 192.168.X.201 
 + 
 +root@node1:​~#​ kubectl port-forward --namespace=ingress-nginx --address 0.0.0.0 service/​ingress-nginx-controller 80:80 
 + 
 + 
 +gitlab-runner@server:​~/​webd$ ### kubectl create ingress my-webd --class=nginx --rule="​webd.corpX.un/​*=my-webd:​80"​ -n my-ns 
 + 
 +gitlab-runner@server:~/webd$ cat my-webd-ingress.yaml
 </​code><​code>​ </​code><​code>​
 apiVersion: networking.k8s.io/​v1 apiVersion: networking.k8s.io/​v1
Line 249: Line 462:
   name: my-webd   name: my-webd
   namespace: my-ns   namespace: my-ns
-  annotations:​ 
-    nginx.ingress.kubernetes.io/​rewrite-target:​ /$1 
 spec: spec:
 +  ingressClassName:​ nginx
   rules:   rules:
-    ​- host: webd.corp13.un +  ​- host: webd.corpX.un 
-      http: +    http: 
-        paths: +      paths: 
-          path: /(.*) +      - backend: 
-            pathType: Prefix ​ # Попробовать:​ ImplementationSpecific +          service: 
-            ​backend: +            name: my-webd 
-              service: +            port: 
-                name: my-webd +              number: 80 
-                port: +        path: / 
-                  number: 80+        pathType: Prefix 
 +status: 
 +  loadBalancer:​ {}
 </​code><​code>​ </​code><​code>​
 $ kubectl apply -f my-webd-ingress.yaml $ kubectl apply -f my-webd-ingress.yaml
 +
  
 $ kubectl get ingress -n my-ns $ kubectl get ingress -n my-ns
 +NAME      CLASS   ​HOSTS ​           ADDRESS ​  ​PORTS ​  AGE
 +my-webd ​  ​nginx ​  ​webd.corpX.un ​            ​80 ​     11s
  
-root@gate.corp13.un:​~#​ host webd +$ curl webd.corpX.un
-webd.corp13.un is an alias for node2.corp13.un. +
-node2.corp13.un has address 192.168.13.220+
  
-curl webd.corp13.un +### kubectl ​delete ingress ​my-webd -n my-ns
- +
-kubectl ​logs -l app=my-webd -n my-ns +
-</​code>​ +
-==== Удаление объектов ==== +
-<​code>​ +
-$ kubectl delete -n my-ns -f my-webd-deployment.yaml,​my-webd-service.yaml,​my-webd-ingress.yaml +
- +
-или +
- +
-$ kubectl delete namespace my-ns +
-</​code>​ +
- +
-==== Пример с nfs volume ==== +
- +
-  * [[https://​matthewpalmer.net/​kubernetes-app-developer/​articles/​kubernetes-volumes-example-nfs-persistent-volume.html|How to use an NFS volume]] +
- +
-<​code>​ +
-$ cat my-webd-nfs-deployment.yaml +
-... +
-    spec: +
-      containers:​ +
-      - name: my-webd +
-        image: server.corp13.un:​5000/​student/​webd:​latest +
-        volumeMounts:​ +
-        - name: nfs-volume +
-          mountPath: /var/www +
-      volumes: +
-      - name: nfs-volume +
-        nfs: +
-          server: 192.168.13.1 +
-          path: /var/www+
 </​code>​ </​code>​
  
Line 379: Line 563:
  
  
-==== Установка ====+==== Установка ​Helm ====
  
   * [[https://​helm.sh/​docs/​intro/​install/​|Installing Helm]]   * [[https://​helm.sh/​docs/​intro/​install/​|Installing Helm]]
  
 <​code>​ <​code>​
-wget https://​get.helm.sh/​helm-v3.9.0-linux-amd64.tar.gz+server# ​wget https://​get.helm.sh/​helm-v3.9.0-linux-amd64.tar.gz
  
-tar -zxvf helm-v3.9.0-linux-amd64.tar.gz+tar -zxvf helm-v3.9.0-linux-amd64.tar.gz
  
-$ sudo mv linux-amd64/​helm /​usr/​local/​bin/​helm+mv linux-amd64/​helm /​usr/​local/​bin/​helm
 </​code>​ </​code>​
  
 +==== Работа с готовыми Charts ====
 +
 +  * [[https://​kubernetes.github.io/​ingress-nginx/​deploy/​|NGINX Ingress Controller Installation Guide]]
 +
 +<​code>​
 +$ curl https://​raw.githubusercontent.com/​kubernetes/​ingress-nginx/​controller-v1.3.1/​deploy/​static/​provider/​cloud/​deploy.yaml
 +
 +$ kubectl apply -f https://​raw.githubusercontent.com/​kubernetes/​ingress-nginx/​controller-v1.3.1/​deploy/​static/​provider/​cloud/​deploy.yaml
 +
 +$ kubectl delete -f https://​raw.githubusercontent.com/​kubernetes/​ingress-nginx/​controller-v1.3.1/​deploy/​static/​provider/​cloud/​deploy.yaml
 +
 +$ helm upgrade --install ingress-nginx ingress-nginx --repo https://​kubernetes.github.io/​ingress-nginx --namespace ingress-nginx --create-namespace
 +
 +$ helm list --namespace ingress-nginx
 +$ helm list -A
 +
 +$ ### helm delete ingress-nginx --namespace ingress-nginx
 +</​code>​
 ==== Развертывание своего приложения ==== ==== Развертывание своего приложения ====
  
Line 412: Line 614:
 ... ...
 image: image:
-  repository: server.corp13.un:​5000/​student/​webd+  repository: server.corpX.un:​5000/​student/​webd
   pullPolicy: Always   pullPolicy: Always
 ... ...
Line 423: Line 625:
 ingress: ingress:
   enabled: true   enabled: true
 +  className: "​nginx"​
 ... ...
   hosts:   hosts:
Line 434: Line 637:
 ... ...
 </​code><​code>​ </​code><​code>​
-!!! Был замечен "​глюк"​ DNS, из-за которого не загружался Docker образ, "​лечился"​ предварительным созданием namespace +$ helm install my-webd webd-chart/ -n my-ns --create-namespace --wait
- +
-$ helm install my-webd webd-chart/ ​--n my-ns --create-namespace --wait+
  
 $ export HELM_NAMESPACE=my-ns $ export HELM_NAMESPACE=my-ns
Line 457: Line 658:
   * [[https://​medium.com/​containerum/​how-to-make-and-share-your-own-helm-package-50ae40f6c221|How to make and share your own Helm package]]   * [[https://​medium.com/​containerum/​how-to-make-and-share-your-own-helm-package-50ae40f6c221|How to make and share your own Helm package]]
   * [[https://​docs.gitlab.com/​ee/​user/​profile/​personal_access_tokens.html|Gitlab Personal access tokens]]   * [[https://​docs.gitlab.com/​ee/​user/​profile/​personal_access_tokens.html|Gitlab Personal access tokens]]
 +  * role: Mainteiner, api, read_registry,​ write_registry
 <​code>​ <​code>​
-$ helm repo add --username student --password ​NNNNNN-NNNNNNNNNNNNN ​webd http://192.168.13.1/​api/​v4/​projects/​6/​packages/​helm/​stable+$ helm repo add --username student --password ​NNNNN-NNNNNNNNNNNNNNNNNNN ​webd http://server.corpX.un/​api/​v4/​projects/​4/​packages/​helm/​stable 
 +"​webd"​ has been added to your repositories 
 + 
 +$ ### helm repo remove webd
  
 $ helm repo list $ helm repo list
Line 467: Line 671:
  
 $ helm plugin install https://​github.com/​chartmuseum/​helm-push $ helm plugin install https://​github.com/​chartmuseum/​helm-push
 +
 $ helm cm-push webd-chart-0.1.0.tgz webd $ helm cm-push webd-chart-0.1.0.tgz webd
  
Line 489: Line 694:
 ===== Дополнительные материалы ===== ===== Дополнительные материалы =====
  
 +==== bare-metal minikube ====
 +
 +<​code>​
 +student@node2:​~$ sudo apt install conntrack
 +
 +https://​computingforgeeks.com/​install-mirantis-cri-dockerd-as-docker-engine-shim-for-kubernetes/​
 +...
 +
 +wget https://​github.com/​kubernetes-sigs/​cri-tools/​releases/​download/​v1.24.2/​crictl-v1.24.2-linux-amd64.tar.gz
 +...
 +
 +student@node2:​~$ minikube start --driver=none --insecure-registry "​server.corp13.un:​5000"​
 +</​code>​
 +
 +==== minikube dashboard ====
 +<​code>​
 +student@node1:​~$ minikube dashboard &
 +...
 +Opening http://​127.0.0.1:​NNNNN/​api/​v1/​namespaces/​kubernetes-dashboard/​services/​http:​kubernetes-dashboard:/​proxy/​ in your default browser
 +...
 +/​home/​mobaxterm>​ ssh -L NNNNN:​localhost:​NNNNN student@192.168.X.10
 +Теперь,​ та же ссылка работает на win host системе
 +</​code>​
 +
 +==== Подключение к minikube с другой системы ====
 +
 +  * Если не minikube, то достаточно только копию .kube/​config
 +  * [[https://​habr.com/​ru/​company/​flant/​blog/​345580/​|см. Настройка GitLab Runner]]
 +
 +<​code>​
 +student@node1:​~$ tar -cvzf kube-config.tar.gz .kube/​config .minikube/​ca.crt .minikube/​profiles/​minikube
 +
 +gitlab-runner@server:​~$ scp student@node1:​kube-config.tar.gz .
 +
 +gitlab-runner@server:​~$ tar -xvf kube-config.tar.gz
 +
 +gitlab-runner@server:​~$ cat .kube/​config
 +</​code><​code>​
 +...
 +    certificate-authority:​ /​home/​gitlab-runner/​.minikube/​ca.crt
 +...
 +    client-certificate:​ /​home/​gitlab-runner/​.minikube/​profiles/​minikube/​client.crt
 +    client-key: /​home/​gitlab-runner/​.minikube/​profiles/​minikube/​client.key
 +...
 +</​code>​
 ==== kompose ==== ==== kompose ====
  
 +  * [[https://​stackoverflow.com/​questions/​47536536/​whats-the-difference-between-docker-compose-and-kubernetes|What'​s the difference between Docker Compose and Kubernetes?​]]
   * [[https://​loft.sh/​blog/​docker-compose-to-kubernetes-step-by-step-migration/​|Docker Compose to Kubernetes: Step-by-Step Migration]]   * [[https://​loft.sh/​blog/​docker-compose-to-kubernetes-step-by-step-migration/​|Docker Compose to Kubernetes: Step-by-Step Migration]]
   * [[https://​kubernetes.io/​docs/​tasks/​configure-pod-container/​translate-compose-kubernetes/​|Translate a Docker Compose File to Kubernetes Resources]]   * [[https://​kubernetes.io/​docs/​tasks/​configure-pod-container/​translate-compose-kubernetes/​|Translate a Docker Compose File to Kubernetes Resources]]
система_kubernetes.1657719998.txt.gz · Last modified: 2022/07/13 16:46 by val