大佬教程收集整理的这篇文章主要介绍了腾讯云原生在线技术工坊-202112,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
腾讯云原生在线技术工坊
(略)
(略)
(略)
目标与任务:
了解Docker Volume卷挂载的使用;
了解如何使用Docker启动与连接MySQL数据库;
使用Docker搭建Ghost、wordpress开源项目;
注册腾讯云TKE并创建一个弹性集群(EKS);
掌握如何将镜像推送到腾讯云镜像仓库(个人免费版);
掌握如何通过可视化控制台的方式将Ghost、Wordpress等项目部署到EKS
源代码下载:wget https://hackweek-1251009918.cos.ap-shanghai.myqcloud.com/tke/d/getTing-started-master.zip
app代码结构:
[root@master-101 app]# pwd/sunny/myTKE/app[root@master-101 app]# [root@master-101 app]# tree -L 1.├── package.json├── spec├── src└── yarn.lock2 directories, 2 files[root@master-101 app]#
Dockerfile
[root@master-101 app]# [root@master-101 app]# cat > DockerfileFROM node:12-alpineRUN sed -i 's/dl-cdn.alpinelinux.org/mirrorS.Ustc.edu.cn/g' /etc/apk/repositoriesRUN apk add --no-cache python3 g++ makeRUN yarn config set registry http://mirrors.cloud.tencent.com/npm/WORKDIR /appCOPY . .RUN yarn install --productionCMD ["node", "src/index.js"][root@master-101 app]#
打包镜像
[root@master-101 app]# docker build -t tke-todo .Sending build context to Docker daemon 4.663MBStep 1/8 : FROM node:12-alpine ---> 106bb94759adStep 2/8 : RUN sed -i 's/dl-cdn.alpinelinux.org/mirrorS.Ustc.edu.cn/g' /etc/apk/repositories ---> Using cache ---> 82322ea41d10Step 3/8 : RUN apk add --no-cache python3 g++ make ---> Using cache ---> 15e72162d811Step 4/8 : RUN yarn config set registry http://mirrors.cloud.tencent.com/npm/ ---> Using cache ---> d39f6f777582Step 5/8 : WORKDIR /app ---> Using cache ---> 4d146fc8a328Step 6/8 : COPY . . ---> Using cache ---> 8349068800c2Step 7/8 : RUN yarn install --production ---> Using cache ---> 07cbb2cfcef5Step 8/8 : CMD ["node", "src/index.js"] ---> Using cache ---> aece73128137successfully built aece73128137successfully tagged tke-todo:latest[root@master-101 app]# [root@master-101 app]# docker image ls | grep tke-todotke-todo latest aece73128137 7 days ago 395MB[root@master-101 app]#
运行容器 启动容器时遇到报错:
[root@master-101 app]# docker container run -dp 3001:3000 tke-todoWARNING: IPv4 forWARDing is disabled. Networking will not work.d37bc9ed68ebdb0a5c711e891f2e3130ca5f21b0f98a747f2a1b0ea9bb2491c3docker: Error response from daemon: driver failed progrAMMing external connectivity on endpoint thirsty_wright (3f3ea2ce1e6c7eb3e99f63df263d93ebc77793a178b0c681d732a080bb298242): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 3001 -j DNAT --to-desTination 172.17.0.2:3000 ! -i docker0: iptables: No chain/target/match by that name. (exit status 1)).[root@master-101 ~]#
原因分析: docker服务启动时定义的自定义链docker由于某种原因被清掉。重启docker服务即可重新生成自定义链DOCKER
[root@master-101 ~]# systemctl restart docker [root@master-101 ~]# [root@master-101 app]# docker container run -dp 3001:3000 tke-todo a9b522d82b2263ada943efbf0e54dd89c1d465c9cbfe58c1de5cd9ed63fd69ab [root@master-101 app]# [root@master-101 app]# docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a9b522d82b22 tke-todo "docker-entrypoint.s…" About a minute ago Up About a minute 0.0.0.0:3001->3000/tcp, :::3001->3000/tcp funny_spence [root@master-101 app]#
容器并不会保存数据。数据才是我们应用的核心,那容器会怎样存储数据呢?容器以及Kubernetes等云原生技术存储数据的方式有很多,接下来我们就以此为例介绍一下Volume存储卷
数据不随着容器Container的结束而结束,这称之为数据的持久化。存储卷的生命周期不依赖于单个容器,它可以用来存储和共享应用产生的一些“动态”文件,比如数据库中的数据、日志、用户上传的文件、数据处理产生的数据等等。
创建存储卷
[root@master-101 app]# docker volume create todo-dbtodo-db[root@master-101 app]# [root@master-101 app]# docker volume ls| grep todo-dblocal todo-db[root@master-101 app]# [root@master-101 app]# docker volume inspect todo-db [ { "CreatedAt": "2021-12-31T12:42:41+08:00", "Driver": "local", "Labels": {}, "Mountpoint": "/var/lib/docker/volumes/todo-db/_data", "Name": "todo-db", "Options": {}, "Scope": "local" }][root@master-101 app]#
挂载存储卷
[root@master-101 app]# docker run -dp 3002:3000 -v todo-db:/etc/todos tke-todo2d4ca045f6503b173206a65522f35001dd16fb0a4ab87c863442c11a83eea0d0[root@master-101 app]# [root@master-101 app]# docker container lsCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES2d4ca045f650 tke-todo "docker-entrypoint.s…" 9 seconds ago Up 8 seconds 0.0.0.0:3002->3000/tcp, :::3002->3000/tcp quizzical_dewdneya9b522d82b22 tke-todo "docker-entrypoint.s…" 19 minutes ago Up 19 minutes 0.0.0.0:3001->3000/tcp, :::3001->3000/tcp funny_spence[root@master-101 app]# [root@master-101 app]# docker container inspect quizzical_dewdney | grep Mounts -A 10 "Mounts": [ { "Type": "volume", "Name": "todo-db", "source": "/var/lib/docker/volumes/todo-db/_data", "DesTination": "/etc/todos", "Driver": "local", "Mode": "z", "RW": true, "Propagation": "" }[root@master-101 app]#
使用存储卷不仅可以持久化容器的数据,还可以在多个容器里共享数据。
docker ps #查看正在运行的容器列表,以及找到运行tke-todo的容器IDdocker exec -it <容器ID或name> /bin/sh #换成你的容器ID
开源项目Wordpress:Wordpress官方镜像
数据库MySQL:@H_910_1@mySQL官方镜像
创建逻辑卷
docker volume create wordpress-mysql-data
启动数据库容器
docker run -d --name tke-mysql -v wordpress-mysql-data:/var/lib/mysql -e MYSQL_ROOT_password=tketke -e MYSQL_DATABASE=wordpress mysql:5.7
通常情况下,我们不会用一个容器同时启动wordpress和MySQl,而是将这两个服务用不同的容器启动,那两个不同的容器,它们之间怎样才能连接到一起呢?这就需要用到网络了。
创建网络
在终端中输入以下命令,创建一个网络,名为wordpress-net:
docker network create wordpress-net
桥接
然后再在终端执行以下命令,将之前创建好的tke-mysql桥接到wordpress-net网络
docker network connect wordpress-net tke-mysql
查看tke-mysql容器IP信息
docker inspect -f '{{ $network := index .NetworkSetTings.Networks "wordpress-net" }}{{ $network.Ipaddress}}' tke-mysql
启动wordpress
假设上面查到的tke-mysql的IP为172.20.0.2
docker run -dp 8008:80 --name tke-wordpress --network wordpress-net -v wordpress_data:/var/www/html -e WORDPRESS_DB_HOST=172.20.0.2:3306 -e WORDPRESS_DB_USER=root -e WORDPRESS_DB_password=tketke -e WORDPRESS_db_name=wordpress wordpress
在选择IPv4的CIDR时,由于控制台分配好了输入的逻辑,一般来说只要你最后一位数字不要太大导致IP数量过少即可。一个私有网络VPC可以同时拥有多个子网(默认配置为100个),相同私有网络下不同子网默认内网互通。一般来说尽量给不同的私有网络规划不同的网段,确保相同私有网络的子网网段不同。私有网络和子网的网段掩码一旦设定后,则无法修改。在创建子网时,要保证子网网段的IP容量满足需求(剩余IP数量控制台会实时显示)。比如私有网络网段为10.0.0.0/16,那可以选择10.0.0.0/16到10.0.255.255/28之间的网段作为子网网段。
小知识
镜像要怎么操作才能在Kubernetes集群上运行呢?在大多数情况下,会使用工作负载如Deployment来创建Pod,而Pod类似于豌豆荚,容器就像豌豆荚里的一颗“豌豆”。Deployment声明了Pod的模板和控制Pod的运行策略,适用于部署无状态的应用程序。我们可以根据业务需求,对Deployment中运行的Pod的副本数、调度策略、更新策略等进行声明。
deployment
@R_618_9260@ce
nginx
负载均衡
本章目标与任务
使用minikube在本地搭建kubernetes集群;
了解本地Kubernetes和EKS的Dashboard,并通过Dashboard来了解Kubernetes的基础概念;
掌握如何使用Kubectl连接并查看EKS,了解基础的Kubectl的命令;
通过实战了解Node、Pod、容器之间的关系;
本章已centos 7平台为例。
@H_910_1@minikube和kubectl的安装教程:
@H_910_1@minikube start
执行命令时可能会报错,如下,需要加上参数 --force
[root@master-101 ~]# minikube start* minikube v1.24.0 on Centos 7.6.1810* Using the docker driver based on exisTing profile* The "docker" driver should not be used with root privileges.* If you are running minikube within a VM, consider using --driver=none:* https://minikube.sigs.k8s.io/docs/reference/drivers/none/* Tip: To remove this root owned cluster, run: sudo minikube deleteX ExiTing due to DRV_AS_ROOT: The "docker" driver should not be used with root privileges.[root@master-101 ~]# [root@master-101 ~]# minikube start --force* minikube v1.24.0 on Centos 7.6.1810! minikube skips various validations when --force is supplied; this may lead to unexpected behavior* Using the docker driver based on exisTing profile* The "docker" driver should not be used with root privileges.* If you are running minikube within a VM, consider using --driver=none:* https://minikube.sigs.k8s.io/docs/reference/drivers/none/* Tip: To remove this root owned cluster, run: sudo minikube deleteX The requested memory alLOCATIOn of 1980R_14_11845@iB does not leave room for system overhead (@R_510_10586@l system memory: 1980R_14_11845@iB). You may face stability issues.* Suggestion: Start minikube with less memory allocated: 'minikube start --memory=1980R_14_11845@b'* StarTing control plane node minikube in cluster minikube* Pulling base image ...* RestarTing exisTing docker container for "minikube" ...! This container is having trouble accessing https://k8s.gcr.io* To pull new external images, you may need to configure a proxy: https://minikube.sigs.k8s.io/docs/reference/networking/proxy/* Preparing Kubernetes v1.22.3 on Docker 20.10.8 ...* Verifying Kubernetes components... - Using image gcr.io/k8s-minikube/storage-provisioner:v5 - Using image kubernetesui/dashboard:v2.3.1 - Using image kubernetesui/metrics-scraper:v1.0.7* Enabled addons: default-storageclass, storage-provisioner, dashboard* Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default[root@master-101 ~]#
@H_910_1@minikube dashboard
由于我使用的是win10上面VM的centos7,且为无UI版本,所以即使dashboard启动后,也不能通过browser打开,可以使用proxy实现在win10 host机器上访问。
ssh 1
[root@master-101 ~]# minikube dashboard* Verifying dashboard health ...* Launching proxy ...* Verifying proxy health ...http://127.0.0.1:44662/api/v1/namespaces/kubernetes-dashboard/@R_618_9260@ces/http:kubernetes-dashboard:/proxy/
ssh 2
[root@master-101 ~]# kubectl get po -A NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-78fcd69978-5vbww 1/1 Running 3 (3d8h ago) 7d20h kube-system etcd-minikube 1/1 Running 3 (3d8h ago) 7d20h kube-system kube-apiserver-minikube 1/1 Running 3 (5m7s ago) 7d20h kube-system kube-controller-manager-minikube 1/1 Running 3 (3d8h ago) 7d20h kube-system kube-proxy-42lp8 1/1 Running 3 (3d8h ago) 7d20h kube-system kube-scheduler-minikube 1/1 Running 3 (5m7s ago) 7d20h kube-system storage-provisioner 1/1 Running 9 (4m4s ago) 7d20h kubernetes-dashboard kubernetes-dashboard-654cf69797-d9lm9 1/1 Running 7 (4m4s ago) 7d20h [root@master-101 ~]#
查看dashboard端口信息,9090
kubectl describe po kubernetes-dashboard-654cf69797-d9lm9 -n kubernetes-dashboard...Containers: kubernetes-dashboard: Container ID: docker://7e412ac399215a8e210aff0609ee3a83d2e720cf184471573503c0d2ab97bcf1 Image: kubernetesui/dashboard:v2.3.1@sha256:ec27f462cf1946220f5a9ace416a84a57c18f98c777876a8054405d1428cc92e Image ID: docker-pullable://kubernetesui/dashboard@sha256:ec27f462cf1946220f5a9ace416a84a57c18f98c777876a8054405d1428cc92e Port: 9090/TCP Host Port: 0/TCP...
proxy
@R_830_6749@,使其它主机访问就需要指定监听的地址:
kubectl proxy --address=0.0.0.0 --accept-hosts='^*$' --port=9090
或者命令行:
curl http://192.168.1.101:9090/api/v1/namespaces/kubernetes-dashboard/@R_618_9260@ces/kubernetes-dashboard/proxy -L
[root@master-101 ~]# cd ~/.kube/[root@master-101 .kube]# [root@master-101 .kube]# ll@R_510_10586@l 4drwxr-x---. 4 root root 35 Dec 27 01:00 cache-rw-------. 1 root root 806 Jan 3 21:04 config[root@master-101 .kube]# cat config apiVersion: v1clusters:- cluster: certificate-authority: /root/.minikube/ca.crt extensions: - extension: last-update: Mon, 03 Jan 2022 21:04:28 CST provider: minikube.sigs.k8s.io version: v1.24.0 name: cluster_info server: https://192.168.49.2:8443 name: minikubecontexts:- context: cluster: minikube extensions: - extension: last-update: Mon, 03 Jan 2022 21:04:28 CST provider: minikube.sigs.k8s.io version: v1.24.0 name: context_info namespace: default user: minikube name: minikubecurrent-context: minikubekind: Configpreferences: {}users:- name: minikube user: client-certificate: /root/.minikube/profiles/minikube/client.crt client-key: /root/.minikube/profiles/minikube/client.key[root@master-101 .kube]# [root@master-101 .kube]# cp config{,.orig}[root@master-101 .kube]#
默认情况下,kubectl在$HOME/.kube目录下查找名为config的文件。我们可以通过设置KUBECONFIG环境变量或者设置--kubeconfig参数来指定其他 kubeconfig文件。
kubectl config view #显示合并后的kubeconfig设置,或者显示指定的kubeconfig配置文件。 kubectl config get-contexts #查看kubeconfig中的环境
[root@master-101 .kube]# kubectl config view --kubeconfig ~/.kube/config_tke apiVersion: v1clusters:- cluster: certificate-authority-data: DATA+OMITTED server: https://111.231.210.222:443/ name: cls-rh4p9mppcontexts:- context: cluster: cls-rh4p9mpp user: "100010274107" name: cls-rh4p9mpp-100010274107-context-defaultcurrent-context: cls-rh4p9mpp-100010274107-context-defaultkind: Configpreferences: {}users:- name: "100010274107" user: client-certificate-data: REDACTED client-key-data: REDACTED[root@master-101 .kube]# [root@master-101 .kube]# kubectl config get-contextsCURRENT NAME CLUSTER AUTHINFO NAMESPACE* minikube minikube minikube default[root@master-101 .kube]# [root@master-101 .kube]# kubectl config get-contexts --kubeconfig ~/.kube/config_tkeCURRENT NAME CLUSTER AUTHINFO NAMESPACE* cls-rh4p9mpp-100010274107-context-default cls-rh4p9mpp 100010274107 [root@master-101 .kube]# [root@master-101 .kube]# kubectl config get-contexts CURRENT NAME CLUSTER AUTHINFO NAMESPACE* minikube minikube minikube default[root@master-101 .kube]#
其中*表示是当前的环境,我们可以@R_830_6749@来切换到云端的环境,也可以实现本地集群和云端集群的来回切换:
kubectl config use-context cls-****-context-default #切换到云端K8s集群kubectl config use-context minikube #切换到本地集群kubectl config use-context cls-****-context-default #切换回云端集群
kubectl get nodes #获取节点列表kubectl describe node <node的名称> #了解节点的所有状态kubectl top node <node的名称> #了解节点的内存和CPU使用情况
kubectl get pods -o wide #显示PoD列表kubectl describe pod <pod的名称> #查看Pod的详细信息kubectl top pod <pod的名称>
kubectl get deployment #获取所有的Deploymentkubectl describe deployment <deployment的名称>
kubectl get namespaces
kubectl get @R_618_9260@ceskubectl describe @R_618_9260@ce <@R_618_9260@ce的名称>
kubectl get podskubectl logs <pod的名称> kubectl exec -it <pod的名称> -- /bin/bash# kubectl exec --stdin --tty <pod的名称> -- /bin/sh ,推荐使用bash
在生产实践中,直接使用命令行会让命令不可追溯以及支持的功能属性会比较有限,建议使用Dockerfile来解耦。管理Kubernetes也是一样,控制台、命令行、yaml配置文件可以结合来了解。
了解yaml配置文件与Kubernetes对象之间的关系;
掌握基础的yaml语法,尤其是数据结构Lists和Maps;
了解如何通过yaml文件创建一个Deployment;
使用yaml配置文件部署Wordpress;
获取到每个实例的yaml配置文件:
kubectl get namespaceskubectl get namespace <namespace的名称> -o yamlkubectl get nodeskubectl get node <node的名称> -o yaml kubectl get pods kubectl get pod <pod的名称> -o yaml kubectl get deploymentskubectl get deployment <deployment的名称> -o yamlkubectl get @R_618_9260@ceskubectl get @R_618_9260@ce <@R_618_9260@ce的名称> -o yaml
k8s常用资源对象
查询Kubernetes API支持的API版本以及资源对象
kubectl api-versionskubectl api-resourceskubectl api-resources -o wide #可以了解不同的资源对象的API版本、kind类型、资源对象的简称等
Kubernetes对象的每一份yaml文件一般都会包含5个部分的内容:
apiVersion:该对象所使用的Kubernetes API的版本,不同的Kubernetes版本和资源对象类型,这个值会有所不同,常见的有v1、apps/v1等;
kind:对象的类别,资源类型可以是Deployment、Namespace、@R_618_9260@ce、PersistentVolume等;
@H_720_111@metadata:对象的帮助唯一性标识对象的一些数据,比如名称、uid、标签以及和关于该对象的其他信息;
spec:对象的规约,你所期望的该对象的状态,包括一些container,storage,volume以及其他Kubernetes需要的参数,以及诸如是否在容器失败时重新启动容器的属性。
status:对象的状态,描述了对象的当前状态(Current State),它是由 Kubernetes系统和组件设置并更新的。
重要
spec和status是Kubernetes对象的核心,Kubernetes不同的资源对象有着不同且丰富的参数,尤其是spec和status,而每个对象到底有哪些参数,参数值有哪些规则,参数具体又是什么含义等等,这些无论是在学习还是使用时都很有必要参考官方文档:
yaml配置参考:Kubernetes API,注意这个文档目前没有翻译成中文,中文状态下会看不到内容。
平时也可以使用kubectl explain命令来了解API对象有哪些属性:
kubectl explain deployments kubectl explain podskubectl explain pods.speckubectl explain pods.spec.containers
大小写敏感;
使用缩进表示层级关系;
缩进时只能使用空格,不能使用Tab键;
缩进的空格数量不重要,只要相同层级的元素左侧对齐即可;
# 表示注释,从这个字符一直到行尾,都会被解析器忽略;
[root@master-101 myTKE]# cat nginx-deployment.yaml apiVersion: apps/v1kind: Deployment@H_910_1@metadata: name: nginx-deploymentspec: SELEctor: matchLabels: app: nginx replicas: 2 # 创建2个副本 template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get po -A --kubeconfig ~/.kube/config_tkeNAMESPACE NAME READY STATUS RESTARTS AGEdefault nginx-6b489dcb49-4rts7 1/1 Running 0 73mkube-system coredns-6599bd548d-jwxz5 1/1 Running 0 85mkube-system coredns-6599bd548d-jxncc 1/1 Running 0 85m[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl apply -f ./nginx-deployment.yaml --kubeconfig ~/.kube/config_tkedeployment.apps/nginx-deployment created[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get po -A --kubeconfig ~/.kube/config_tkeNAMESPACE NAME READY STATUS RESTARTS AGEdefault nginx-6b489dcb49-4rts7 1/1 Running 0 73mdefault nginx-deployment-66b6c48dd5-hd2xc 0/1 Pending 0 7sdefault nginx-deployment-66b6c48dd5-kbfdj 0/1 Pending 0 7skube-system coredns-6599bd548d-jwxz5 1/1 Running 0 85mkube-system coredns-6599bd548d-jxncc 1/1 Running 0 85m[root@master-101 myTKE]# [root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get po -A --kubeconfig ~/.kube/config_tkeNAMESPACE NAME READY STATUS RESTARTS AGEdefault nginx-6b489dcb49-4rts7 1/1 Running 0 74mdefault nginx-deployment-66b6c48dd5-hd2xc 1/1 Running 0 33sdefault nginx-deployment-66b6c48dd5-kbfdj 1/1 Running 0 33skube-system coredns-6599bd548d-jwxz5 1/1 Running 0 86mkube-system coredns-6599bd548d-jxncc 1/1 Running 0 86m[root@master-101 myTKE]#
[root@master-101 myTKE]# kubectl describe deploy nginx-deployment --kubeconfig ~/.kube/config_tkeName: nginx-deploymentNamespace: defaultCreation@R_607_6561@amp: Mon, 03 Jan 2022 22:00:02 +0800Labels: <none>Annotations: deployment.kubernetes.io/revision: 1SELEctor: app=nginxReplicas: 2 desired | 2 updated | 2 @R_510_10586@l | 2 available | 0 unavailableStrategyType: Rollingupdate@H_910_1@minReadySeconds: 0RollingupdateStrategy: 25% max unavailable, 25% max surgePod Template: Labels: app=nginx Containers: nginx: Image: nginx:1.14.2 Port: 80/TCP Host Port: 0/TCP Environment: <none> Mounts: <none> Volumes: <none>Conditions: Type Status Reason ---- ------ ------ Available True MinimumReplicasAvailable Progressing True NewReplicaSetAvailableOldReplicaSets: <none>NewReplicaSet: nginx-deployment-66b6c48dd5 (2/2 replicas created)Events: Type Reason Age From message ---- ------ ---- ---- ------- Normal ScalingReplicaSet 2m29s deployment-controller Scaled up replica set nginx-deployment-66b6c48dd5 to 2[root@master-101 myTKE]#
#指令式命令,常用命令有run、create、scale、edit、patch、expose等等kubectl create deployment nginx --image nginx#指令式对象配置,通用格式为kubectl create|delete|replace|get -f <filename|url>kubectl create -f nginx.yaml#声明式对象配置,资源对象的创建、删除以及修改等操作都是通过kubectl apply来实现,它通过对比检查活动对象的当前状态、配置信息等进行更新kubectl apply -f configs/nginx.yaml
kubectl apply -f不仅可以创建资源对象,还可以进行删除、修改等操作,比如将上面deployment.yaml里的replicas的值由2改成5再来部署,@R_612_10585@副本的数量也增加到了5个:
kubectl apply -f ./deployment.yamlkubectl get deploymentskubectl get pods
kubectl apply -f不仅支持单个文件,还支持多个文件、文件夹以及外部链接:
# 通过单个文件创建资源对象kubectl apply -f ./my-manifest.yaml # 通过多个文件创建资源对象kubectl apply -f ./my1.yaml -f ./my2.yaml # 通过文件夹创建资源对象kubectl apply -f ./dir # 通过外部链接创建资源对象 kubectl apply -f https://k8s.io/examples/controllers/nginx-deployment.yaml
在前面,我们已经使用kubectl apply在本地集群创建了nginx的服务,那怎样才能访问它呢?可以使用kubectl port-forWARD命令通过端口转发映射本地端口到指定的pod端口,从而访问集群中的应用程序(Pod),kubectl port-forWARD语法如下:
kubectl port-forWARD <资源类型/资源名称> [本地端口]:<pod的端口>
我们以之前创建的Nginx为例,在命令行终端输入以下命令,然后就可以在浏览器里输入localhost:5001访问nginx了:
kubectl get deployments #获取deployment的名称列表kubectl port-forWARD deployment/nginx-deployment 5001:80
[root@master-101 myTKE]# [root@master-101 myTKE]# cat nginx-@R_618_9260@ce.yaml apiVersion: v1kind: @R_618_9260@ce@H_910_1@metadata: name: nginx-@R_618_9260@ce labels: app: nginxspec: type: NodePort SELEctor: app: nginx ports: - protocol: TCP port: 80 targetPort: 80[root@master-101 myTKE]# [root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get @R_618_9260@ce --kubeconfig ~/.kube/config_tkeNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 192.168.0.1 <none> 443/TCP 94mnginx LoadBalancer 192.168.2.187 111.231.210.221 12380:30532/TCP 82m[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl apply -f ./nginx-@R_618_9260@ce.yaml --kubeconfig ~/.kube/config_tke@R_618_9260@ce/nginx-@R_618_9260@ce created[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get @R_618_9260@ce --kubeconfig ~/.kube/config_tkeNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 192.168.0.1 <none> 443/TCP 95mnginx LoadBalancer 192.168.2.187 111.231.210.221 12380:30532/TCP 83mnginx-@R_618_9260@ce NodePort 192.168.2.189 <none> 80:32058/TCP 3s[root@master-101 myTKE]#
[root@master-101 myTKE]# cat nginx-lb.yamlapiVersion: v1kind: @R_618_9260@ce@H_910_1@metadata: name: nginx-lb namespace: defaultspec: ports: - name: tcp-80-80 port: 80 protocol: TCP targetPort: 80 SELEctor: app: nginx type: LoadBalancer[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl apply -f ./nginx-lb.yaml --kubeconfig ~/.kube/config_tke@R_618_9260@ce/nginx-lb created[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get @R_618_9260@ce --kubeconfig ~/.kube/config_tkeNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 192.168.0.1 <none> 443/TCP 97mnginx LoadBalancer 192.168.2.187 111.231.210.221 12380:30532/TCP 85mnginx-lb LoadBalancer 192.168.15.228 <pending> 80:32018/TCP 7snginx-@R_618_9260@ce NodePort 192.168.2.189 <none> 80:32058/TCP 2m26s[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get @R_618_9260@ce --kubeconfig ~/.kube/config_tkeNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 192.168.0.1 <none> 443/TCP 97mnginx LoadBalancer 192.168.2.187 111.231.210.221 12380:30532/TCP 85mnginx-lb LoadBalancer 192.168.15.228 <pending> 80:32018/TCP 12snginx-@R_618_9260@ce NodePort 192.168.2.189 <none> 80:32058/TCP 2m31s[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get @R_618_9260@ce --kubeconfig ~/.kube/config_tkeNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 192.168.0.1 <none> 443/TCP 97mnginx LoadBalancer 192.168.2.187 111.231.210.221 12380:30532/TCP 85mnginx-lb LoadBalancer 192.168.15.228 139.155.65.80 80:32018/TCP 20snginx-@R_618_9260@ce NodePort 192.168.2.189 <none> 80:32058/TCP 2m39s[root@master-101 myTKE]#
持久卷(PersistentVolume,PV)是集群中的一块存储,可以由管理员事先供应,持久卷是集群资源,就像节点Node也是集群资源一样。PV持久卷和普通的Volume一样,也是使用卷插件来实现的,只是它们拥有独立于任何使用 PV 的 Pod 的生命周期。而持久卷申领(PersistentVolumeClaim,PVC)表达的是用户对存储的请求,PVC申领会耗用PV资源。
pod, pv和pvc关系:
[root@master-101 myTKE]# [root@master-101 myTKE]# cat cfs.yamlapiVersion: v1kind: PersistentVolume@H_910_1@metadata: name: cfsspec: capacity: storage: 10Gi volumeMode: Filesystem accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain mountOptions: - hard - nfsvers=4 nfs: path: / server: 10.0.255.251 #换成你的文件存储CFS的IP地址[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get pv --kubeconfig ~/.kube/config_tkeNo resources found[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl apply -f ./cfs.yaml --kubeconfig ~/.kube/config_tkepersistentvolume/cfs created[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get pv --kubeconfig ~/.kube/config_tkeNAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGEcfs 10Gi RWX Retain Available 3s[root@master-101 myTKE]# [root@master-101 myTKE]# cat cfsclaim.yaml kind: PersistentVolumeClaimapiVersion: v1@H_910_1@metadata: name: cfsclaimspec: accessModes: - ReadWriteMany volumeMode: Filesystem storageClassName: "" resources: requests: storage: 10Gi[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl get pv --kubeconfig ~/.kube/config_tkeNAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGEcfs 10Gi RWX Retain Bound default/cfsclaim 63s[root@master-101 myTKE]#
[root@master-101 myTKE]# cat tke-todo.yamlapiVersion: apps/v1kind: Deployment@H_910_1@metadata: name: tke-todo-deployment labels: k8s-app: tke-todo qcloud-app: tke-todospec: SELEctor: matchLabels: k8s-app: tke-todo qcloud-app: tke-todo replicas: 1 template: metadata: labels: k8s-app: tke-todo qcloud-app: tke-todo spec: containers: - name: tketodo image: ccr.ccs.tencentyun.com/tkegroup/tke-start:1.0.1 ports: - containerPort: 3000 volumeMounts: - mountPath: "/etc/todos" name: mypd volumes: - name: mypd persistentVolumeClaim: claimname: cfsclaim imagePullSecrets: - name: qcloudregistrykey [root@master-101 myTKE]# [root@master-101 myTKE]# kubectl apply -f ./tke-todo.yaml --kubeconfig ~/.kube/config_tkedeployment.apps/tke-todo-deployment created[root@master-101 myTKE]# [root@master-101 myTKE]# cat tke-todo-clb.yaml apiVersion: v1kind: @R_618_9260@ce@H_910_1@metadata: name: tke-todo-clb namespace: defaultspec: ports: - name: tcp-3000-80 port: 80 protocol: TCP targetPort: 3000 SELEctor: k8s-app: tke-todo qcloud-app: tke-todo type: LoadBalancer[root@master-101 myTKE]# [root@master-101 myTKE]# kubectl apply -f ./tke-todo-clb.yaml --kubeconfig ~/.kube/config_tke@R_618_9260@ce/tke-todo-clb created[root@master-101 myTKE]#
以上是大佬教程为你收集整理的腾讯云原生在线技术工坊-202112全部内容,希望文章能够帮你解决腾讯云原生在线技术工坊-202112所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。