Differences

This shows you the differences between two versions of the page.

--- система_kubernetes [2025/03/24 10:22]
val [Deployment, Replica Sets, Pods]
+++ система_kubernetes [2025/06/18 12:36] (current)
val [Развертывание через kubeadm]
@@ Line 114: / Line 114: @@
 <code>
 gitlab-runner@server:~$ time minikube start --driver=docker --insecure-registry "server.corpX.un:5000"
-real    29m8.320s
+real    41m8.320s
 ...
@@ Line 342: / Line 342: @@
 <code>
 root@node1:~# mkdir -p /etc/containerd/
+root@node1:~# ###containerd config default > /etc/containerd/config.toml
 root@node1:~# cat /etc/containerd/config.toml
@@ Line 362: / Line 364: @@
 root@nodeN:~# containerd config dump | less
+</code>
+== сontainerd v3 ==
+  * [[https://stackoverflow.com/questions/79305194/unable-to-pull-image-from-insecure-registry-http-server-gave-http-response-to/79308521#79308521]]
+<code>
+# mkdir -p /etc/containerd/certs.d/server.corpX.un:5000/
+# cat /etc/containerd/certs.d/server.corpX.un:5000/hosts.toml
+</code><code>
+[host."http://server.corpX.un:5000"]
+  capabilities = ["pull", "resolve", "push"]
+  skip_verify = true
+</code><code>
+# systemctl restart containerd.service
 </code>
@@ Line 368: / Line 386: @@
 <code>
 root@nodeN:~# crictl -r unix:///run/containerd/containerd.sock pull server.corpX.un:5000/student/gowebd
-</code>
+root@kubeN:~# crictl pull server.corpX.un:5000/student/pywebd2
+</code>
 ==== Развертывание через Kubespray ====
@@ Line 522: / Line 541: @@
 $ ###kubectl run -ti --rm my-debian --image=debian --overrides='{"spec": { "nodeSelector": {"kubernetes.io/hostname": "kube4"}}}'
-$ kubectl run my-debian --image=debian -- "sh" "-c" "while :;do echo -n msg:;od -A n -t d -N 1 /dev/urandom;sleep 5; done"
+$ kubectl run my-debian --image=debian -- "sleep" "60"
 $ kubectl get pods
@@ Line 559: / Line 578: @@
 $ kubectl delete deployment my-debian
 </code>
+==== Manifest ====
   * [[https://kubernetes.io/docs/reference/glossary/?all=true#term-manifest|Kubernetes Documentation Reference Glossary/Manifest]]
 <code>
@@ Line 582: / Line 604: @@
         image: debian
         command: ["/bin/sh"]
-        args: ["-c", "while true; do echo hello; sleep 3;done"]
+        args: ["-c", "while :;do echo -n random-value:;od -A n -t d -N 1 /dev/urandom;sleep 5; done"]
+        resources:
+          requests:
+            memory: "64Mi"
+            cpu: "250m"
+          limits:
+            memory: "128Mi"
+            cpu: "500m"
       restartPolicy: Always
 </code><code>
 $ kubectl apply -f my-debian-deployment.yaml #--dry-run=client #-o yaml
+$ kubectl logs -l app=my-debian -f
 ...
 $ kubectl delete -f my-debian-deployment.yaml
@@ Line 637: / Line 668: @@
 #        image: server.corpX.un:5000/student/webd:ver1.N
 #        image: httpd
+#        args: ["gunicorn", "app:app", "--bind", "0.0.0.0:8000", "-k", "uvicorn.workers.UvicornWorker"]
 #        imagePullPolicy: "Always"
@@ Line 669: / Line 701: @@
 #            port: 80
 #            #scheme: HTTPS
-#        resources:
-#          requests:
-#            memory: "64Mi"
-#            cpu: "250m"
-#          limits:
-#            memory: "128Mi"
-#            cpu: "500m"
 #        volumeMounts:
@@ Line 1046: / Line 1069: @@
 <code>
-node1# ### kubectl create ingress my-ingress --class=nginx --rule="webd.corpX.un/*=my-webd:80" -n my-ns
+kube1# ### kubectl create ingress my-ingress --class=nginx --rule="webd.corpX.un/*=my-webd:80" -n my-ns
-node1# cat my-ingress.yaml
+kube1# cat my-ingress.yaml
 </code><code>
 apiVersion: networking.k8s.io/v1
@@ Line 1085: / Line 1108: @@
         pathType: Prefix
 </code><code>
-node1# kubectl apply -f my-ingress.yaml -n my-ns
+kube1# kubectl apply -f my-ingress.yaml -n my-ns
-node1# kubectl get ingress -n my-ns
+kube1# kubectl get ingress -n my-ns
 NAME      CLASS   HOSTS                             ADDRESS                         PORTS   AGE
 my-webd   nginx   webd.corpX.un,gowebd.corpX.un   192.168.X.202,192.168.X.203   80      14m
@@ Line 1102: / Line 1125: @@
 $ kubectl logs -n ingress-nginx -l app.kubernetes.io/name=ingress-nginx -f
-node1# ### kubectl delete ingress my-ingress -n my-ns
+kube1# ### kubectl delete ingress my-ingress -n my-ns
 </code>
@@ Line 1400: / Line 1423: @@
   * Делаем снапшот
   * Что-то ломаем (удаляем пользователя)
-  * Останавливаем сервис
+== Остановка сервиса ==
 <code>
@@ Line 2104: / Line 2128: @@
   * http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
+===== Мониторинг =====
+==== Metrics Server ====
+  * [[https://kubernetes-sigs.github.io/metrics-server/Kubernetes Metrics Server]]
+  * [[https://medium.com/@cloudspinx/fix-error-metrics-api-not-available-in-kubernetes-aa10766e1c2f|Fix “error: Metrics API not available” in Kubernetes]]
+<code>
+kube1:~/metrics-server# curl -L https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.7.2/components.yaml | tee metrics-server-components.yaml
+kube1:~/metrics-server# cat metrics-server-components.yaml
+</code><code>
+...
+      containers:
+      - args:
+        - --cert-dir=/tmp
+        - --kubelet-insecure-tls   # add this
+...
+</code><code>
+kube1:~/metrics-server# kubectl apply -f metrics-server-components.yaml
+kube1# kubectl get pods -A | grep metrics-server
+kube1# kubectl top pod #-n kube-system
+kube1# kubectl top pod -A --sort-by=memory
+kube1# kubectl top node
+</code>
+==== kube-state-metrics ====
+  * [[https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics]]
+  * ... алерты с инфой по упавшим подам ...
+<code>
+kube1# helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+kube1# helm repo update
+kube1# helm install kube-state-metrics prometheus-community/kube-state-metrics -n vm --create-namespace
+kube1# curl kube-state-metrics.vm.svc.cluster.local:8080/metrics
+</code>
 ===== Отладка, troubleshooting =====

Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Differences

Page Tools