User Tools

Site Tools


система_kubernetes

This is an old revision of the document!


Система Kubernetes

Инструмент командной строки kubectl

Установка

root@gate.corp13.un:~# curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
root@gate.corp13.un:~# chmod +x kubectl
root@gate.corp13.un:~# mv kubectl /usr/local/bin/

Подключение к кластеру

student@node2:~$ tar zcf kube-config.tar.gz .kube/config .minikube/ca.crt .minikube/profiles/minikube

gitlab-runner@gate:~$ scp student@node2:kube-config.tar.gz .

gitlab-runner@gate:~$ tar -xvf kube-config.tar.gz

gitlab-runner@gate:~$ cat .kube/config
...
    certificate-authority: /home/gitlab-runner/.minikube/ca.crt
...
    client-certificate: /home/gitlab-runner/.minikube/profiles/minikube/client.crt
    client-key: /home/gitlab-runner/.minikube/profiles/minikube/client.key
...
gitlab-runner@gate:~$ kubectl get all -o wide --all-namespaces

Установка minikube

student@node3:~$ minikube delete

student@node3:~$ minikube start --driver=docker --insecure-registry "server.corp13.un:5000"

ИЛИ
student@node2:~$ sudo apt install conntrack

https://computingforgeeks.com/install-mirantis-cri-dockerd-as-docker-engine-shim-for-kubernetes/
...

wget https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.24.2/crictl-v1.24.2-linux-amd64.tar.gz
...

student@node2:~$ minikube start --driver=none --insecure-registry "server.corp13.un:5000"
student@node3:~$ minikube status

student@node3:~$ minikube ip

student@node3:~$ minikube addons list

student@node3:~$ minikube addons configure registry-creds
...
Do you want to enable Docker Registry? [y/n]: y
-- Enter docker registry server url: http://server.corp13.un:5000
-- Enter docker registry username: student
-- Enter docker registry password:
...

student@node3:~$ minikube addons enable registry-creds

student@node3:~$ minikube dashboard &
...
Opening http://127.0.0.1:NNNNN/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/ in your default browser
...
/home/mobaxterm> ssh -L NNNNN:localhost:NNNNN student@192.168.13.230
Теперь, та же ссылка работает на win host системе

Установка Kubernetes

...
root@node1:~# kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.13.210
...
student@node1:~$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
...
student@node1:~$ kubectl get pod -o wide --all-namespaces

Базовые объекты k8s

Deployment, Replica Sets, Pods

$ kubectl create deployment my-debian --image=debian -- "sleep" "3600"

$ kubectl get all

$ kubectl get deployments

$ kubectl get pods

$ kubectl attach my-debian-NNNNNNNNN-NNNNN

$ kubectl exec -ti my-debian-NNNNNNNNN-NNNNN -- bash
Ctrl-D

$ kubectl get deployment my-debian -o yaml

$ kubectl edit deployment my-debian

$ kubectl delete deployment my-debian
  [[https://kubernetes.io/docs/reference/glossary/?all=true#term-manifest|    Kubernetes Documentation Reference Glossary/Manifest]]
$ cat my-debian-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-debian
spec:
  selector:
    matchLabels:
      app: my-debian
  template:
    metadata:
      labels:
        app: my-debian
    spec:
      containers:
      - name: my-debian
        image: debian
        command: ["/bin/sh"]
        args: ["-c", "while true; do echo hello; sleep 3;done"]
      restartPolicy: Always
$ kubectl create -f my-debian-deployment.yaml
...
$ kubectl delete -f my-debian-deployment.yaml

namespace для своего приложения

$ kubectl create namespace my-ns

$ kubectl get namespaces

$ ### kubectl create deployment my-webd --image=server.corp13.un:5000/student/webd:latest --replicas=2 -n my-ns

$ cat my-webd-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-webd
  namespace: my-ns
spec:
  selector:
    matchLabels:
      app: my-webd
  replicas: 2
  template:
    metadata:
      labels:
        app: my-webd
    spec:
      containers:
      - name: my-webd
        image: server.corp13.un:5000/student/webd:latest
$ kubectl apply -f my-webd-deployment.yaml

$ kubectl get all -n my-ns -o wide 

$ kubectl describe pod my-webd-NNNNNNNNNN-NNNNN -n my-ns

$ kubectl scale deployment my-webd --replicas=3 -n my-ns

Service

$ ### kubectl expose deployment my-webd --type=NodePort --port=80 -n my-ns

$ cat my-webd-service.yaml
apiVersion: v1
kind: Service
metadata:
  name: my-webd
  namespace: my-ns
spec:
  type: NodePort
  selector:
    app: my-webd
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
status:
  loadBalancer: {}
$ kubectl apply -f my-webd-service.yaml

$ kubectl get svc my-webd -n my-ns
NAME              TYPE       CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
my-webd-svc   NodePort   10.102.135.146   <none>        80:30350/TCP   18h

student@node3:~$ minikube service my-webd -n my-ns --url
http://192.168.49.2:30350

student@node3:~$ curl $(minikube service my-webd -n my-ns --url)

Ingress

student@node2:~$ minikube addons enable ingress

gitlab-runner@gate:~/webd$ cat my-webd-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-webd
  namespace: my-ns
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
  rules:
    - host: webd.corp13.un
      http:
        paths:
          - path: /(.*)
            pathType: Prefix  # Попробовать: ImplementationSpecific
            backend:
              service:
                name: my-webd
                port:
                  number: 80
$ kubectl apply -f my-webd-ingress.yaml

$ kubectl get ingress -n my-ns

root@gate.corp13.un:~# host webd
webd.corp13.un is an alias for node2.corp13.un.
node2.corp13.un has address 192.168.13.220

$ curl webd.corp13.un

$ kubectl logs -l app=my-webd -n my-ns

Удаление объектов

$ kubectl delete -n my-ns -f my-webd-deployment.yaml,my-webd-service.yaml,my-webd-ingress.yaml

или

$ kubectl delete namespace my-ns

Пример с nfs volume

$ cat my-webd-nfs-deployment.yaml
...
    spec:
      containers:
      - name: my-webd
        image: server.corp13.un:5000/student/webd:latest
        volumeMounts:
        - name: nfs-volume
          mountPath: /var/www
      volumes:
      - name: nfs-volume
        nfs:
          server: 192.168.13.1
          path: /var/www

Пример с multi container pod

gitlab-runner@gate:~/webd$ cat my-webd-ssh-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-webd-ssh
  namespace: my-ns
spec:
  selector:
    matchLabels:
      app: my-webd-ssh
  replicas: 1
  template:
    metadata:
      labels:
        app: my-webd-ssh
    spec:
      containers:
      - name: my-webd
        image: server.corp13.un:5000/student/webd:latest
        volumeMounts:
        - name: html
          mountPath: /var/www
      - name: my-ssh
        image: atmoz/sftp
        args: ["user3:password3:10003"]
        volumeMounts:
        - name: html
          mountPath: /home/user3/www
      volumes:
      - name: html
        emptyDir: {}
...
$ kubectl describe pod my-webd-NNNNNNNNNN-NNNNN -n my-ns

$ kubectl exec -ti -n my-ns my-webd-NNNNNNNNNN-NNNNN -c my-ssh -- bash

$ ### kubectl expose deployment my-webd-ssh --type=NodePort --port=80,22 -n my-ns

$ cat my-webd-ssh-service.yaml
apiVersion: v1
kind: Service
metadata:
  name: my-webd-ssh
  namespace: my-ns
spec:
  type: NodePort
  selector:
    app: my-webd-ssh
  ports:
  - name: http
    protocol: TCP
    port: 80
    targetPort: 80
  - name: ssh
    protocol: TCP
    port: 22
    targetPort: 22

Helm

Установка

$ wget https://get.helm.sh/helm-v3.9.0-linux-amd64.tar.gz

$ tar -zxvf helm-v3.9.0-linux-amd64.tar.gz

$ sudo mv linux-amd64/helm /usr/local/bin/helm

Развертывание своего приложения

$ helm create webd-chart

$ cat webd-chart/Chart.yaml
...
description: A Helm chart WebD for Kubernetes
...
version: 0.1.1
...
appVersion: "latest"
$ cat webd-chart/values.yaml
...
image:
  repository: server.corp13.un:5000/student/webd
  pullPolicy: Always
...
serviceAccount:
  create: false
...
service:
  type: NodePort
...
ingress:
  enabled: true
...
  hosts:
    - host: webd.corp13.un
...
$ less webd-chart/templates/deployment.yaml
...
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
...
!!! Был замечен "глюк" DNS, из-за которого не загружался Docker образ, "лечился" предварительным созданием namespace

$ helm install my-webd webd-chart/ --n my-ns --create-namespace --wait

$ export HELM_NAMESPACE=my-ns

$ helm list

$ helm upgrade my-webd webd-chart/ --set=image.tag=ver1.10

$ helm history my-webd

$ helm rollback my-webd 1

$ helm uninstall my-webd

Работа со своим репозиторием

$ helm repo add --username student --password NNNNNN-NNNNNNNNNNNNN webd http://192.168.13.1/api/v4/projects/6/packages/helm/stable

$ helm repo list

$ helm package webd-chart
$ ls *tgz

$ helm plugin install https://github.com/chartmuseum/helm-push
$ helm cm-push webd-chart-0.1.0.tgz webd

... С другого кластера подключаем (аналогично) наш репозиторий и ...

$ helm search repo webd

$ helm repo update webd

$ helm install my-webd webd/webd-chart

Работа с публичными репозиториями

$ helm search hub -o json wordpress | jq '.' | less

$ helm repo add bitnami https://charts.bitnami.com/bitnami

$ helm show values bitnami/wordpress

Дополнительные материалы

kompose

root@gate.corp13.un:~# curl -L https://github.com/kubernetes/kompose/releases/download/v1.26.0/kompose-linux-amd64 -o kompose
root@gate.corp13.un:~# chmod +x kompose
root@gate.corp13.un:~# sudo mv ./kompose /usr/local/bin/kompose
gitlab-runner@gate:~/webd$ kompose convert
gitlab-runner@gate:~/webd$ ls *yaml
gitlab-runner@gate:~/webd$ kubectl apply -f sftp-deployment.yaml,vol1-persistentvolumeclaim.yaml,webd-service.yaml,sftp-service.yaml,webd-deployment.yaml
gitlab-runner@gate:~/webd$ kubectl get all
система_kubernetes.1657798014.txt.gz · Last modified: 2022/07/14 14:26 by val