User Tools
система_kubernetes
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
система_kubernetes [2026/06/01 08:04] val [Отладка etcd] |
система_kubernetes [2026/06/08 09:07] (current) val [Gateway API] |
||
|---|---|---|---|
| Line 590: | Line 590: | ||
| [kube_control_plane] | [kube_control_plane] | ||
| - | kube[1:2] | + | kube[1:3] |
| - | kube3 | + | |
| [etcd:children] | [etcd:children] | ||
| kube_control_plane | kube_control_plane | ||
| - | #[kube_node] | ||
| - | #kube[1:4] | ||
| [kube_node:children] | [kube_node:children] | ||
| kube_control_plane | kube_control_plane | ||
| </code><code> | </code><code> | ||
| - | server:~# docker run --userns=host --rm -it -v /root/inventory/sample:/inventory -v /root/.ssh/:/root/.ssh/ quay.io/kubespray/kubespray:v2.29.0 bash | + | server:~# docker run --userns=host --rm -it -v /root/inventory/sample:/inventory -v /root/:/root/ quay.io/kubespray/kubespray:v2.29.0 bash |
| root@cf764ca3b291:/kubespray# ansible all -m ping -i /inventory/inventory.ini | root@cf764ca3b291:/kubespray# ansible all -m ping -i /inventory/inventory.ini | ||
| </code> | </code> | ||
| + | * [[Сервис Ansible#Использование ролей]] Ansible для настройки сети | ||
| + | |||
| + | * Может потребоваться | ||
| <code> | <code> | ||
| root@cf764ca3b291:/kubespray# cp -rv inventory/sample/group_vars/ /inventory/ | root@cf764ca3b291:/kubespray# cp -rv inventory/sample/group_vars/ /inventory/ | ||
| </code> | </code> | ||
| - | * Может потребоваться [[#Настройка registry-mirrors для Kubespray]] и [[#Добавление insecure_registries через Kubespray]] | + | * [[#Настройка registry-mirrors для Kubespray]] и [[#Добавление insecure_registries через Kubespray]] |
| <code> | <code> | ||
| root@cf764ca3b291:/kubespray# time ansible-playbook -i /inventory/inventory.ini cluster.yml | root@cf764ca3b291:/kubespray# time ansible-playbook -i /inventory/inventory.ini cluster.yml | ||
| Line 614: | Line 615: | ||
| real 12m18.679s | real 12m18.679s | ||
| ... | ... | ||
| + | </code> | ||
| + | === Удаление вышедшего из строя узла через kubespray === | ||
| + | |||
| + | <code> | ||
| + | root@3c29190fe4cb:/kubespray# time ansible-playbook -i /inventory/inventory.ini remove-node.yml -e "node=kubeN" -e "reset_nodes=false" -e "allow_ungraceful_removal=true" | ||
| + | ... yes | ||
| + | </code> | ||
| + | |||
| + | в случае первого мастер узла понадобится: | ||
| + | <code> | ||
| + | server:~# cat inventory/sample/inventory.ini | ||
| + | ... | ||
| + | [kube_control_plane] | ||
| + | kube2 | ||
| + | kube3 | ||
| + | kube1 | ||
| + | ... | ||
| + | |||
| + | ... ansible-playbook -i /inventory/inventory.ini remove-node.yml ... | ||
| + | |||
| + | |||
| + | kube2:~# kubectl get configmap -n kube-system -o yaml | grep X.221 | ||
| + | kube2:~# kubectl edit configmap cluster-info -n kube-public | ||
| + | kube2:~# kubectl edit configmap kubeadm-config -n kube-system | ||
| </code> | </code> | ||
| Line 1415: | Line 1440: | ||
| spec: | spec: | ||
| loadBalancerIP: "192.168.X.66" | loadBalancerIP: "192.168.X.66" | ||
| - | ingressRoute: | + | ##ingressRoute: |
| - | dashboard: | + | ## dashboard: |
| - | enabled: true | + | ## enabled: true |
| - | matchRule: Host(`dash-tr.corpX.un`) | + | ## matchRule: Host(`dash-tr.corpX.un`) |
| - | entryPoints: | + | ## entryPoints: |
| - | - web | + | ## - web |
| - | providers: | + | #providers: |
| - | kubernetesGateway: | + | # kubernetesGateway: |
| - | enabled: true | + | # enabled: true |
| #gateway: | #gateway: | ||
| # listeners: | # listeners: | ||
| Line 1447: | Line 1472: | ||
| kube1:~/traefik# helm upgrade -i traefik traefik -f values.yaml --repo https://traefik.github.io/charts -n traefik --version 39.0.1 --create-namespace | kube1:~/traefik# helm upgrade -i traefik traefik -f values.yaml --repo https://traefik.github.io/charts -n traefik --version 39.0.1 --create-namespace | ||
| - | kube1:~/traefik# kubectl -n traefik logs pods/traefik-<TAB> | + | kube1:~/traefik# kubectl -n traefik logs deployments/traefik |
| kube1:~/traefik# kubectl -n traefik get endpointslices | kube1:~/traefik# kubectl -n traefik get endpointslices | ||
| Line 3048: | Line 3073: | ||
| kubeN:~# etcdctl endpoint status -w table \ | kubeN:~# etcdctl endpoint status -w table \ | ||
| --endpoints=https://kube1:2379,https://kube2:2379,https://kube3:2379 \ | --endpoints=https://kube1:2379,https://kube2:2379,https://kube3:2379 \ | ||
| - | --cacert=/etc/ssl/etcd/ssl/ca.pem \ | ||
| - | --cert=/etc/ssl/etcd/ssl/node-kube1.pem \ | ||
| - | --key=/etc/ssl/etcd/ssl/node-kube1-key.pem | ||
| - | |||
| - | kubeN:~# etcdctl member remove nnnnnnnnnnnnn \ | ||
| - | --endpoints=https://kubeN:2379 \ | ||
| --cacert=/etc/ssl/etcd/ssl/ca.pem \ | --cacert=/etc/ssl/etcd/ssl/ca.pem \ | ||
| --cert=/etc/ssl/etcd/ssl/node-kube1.pem \ | --cert=/etc/ssl/etcd/ssl/node-kube1.pem \ | ||
система_kubernetes.1780290279.txt.gz · Last modified: 2026/06/01 08:04 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
