k8s学习笔记-快速入门

kubectl describe node k8s-node1 获取节点的详细信息
kubectl run --help 根据镜像创建POD副本
kubectl run nginx-deploy --image=nginx --port=80 --replicas=1
kubectl get pods -o wide
[root@k8s-master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deploy-5b66f76f68-hcmb5 1/1 Running 0 43s 10.244.2.2 k8s-node1 <none> <none>
kubectl describe pod nginx-deploy-5b66f76f68-hcmb5 查看详细的信息
删除创建的POD
kubectl delete pods nginx-deploy-5b66f76f68-hcmb5
创建server
[root@k8s-master ~]# kubectl expose deployment nginx-deploy --name=nginx --port 80 --target-port 80 --protocol=TCP
service/nginx exposed
[root@k8s-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d6h
nginx ClusterIP 10.109.2.190 <none> 80/TCP 12s
然后在节点上访问
[root@k8s-node1 ~]# curl 10.109.2.190
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
创建一个测试的POD
kubectl run pod-client --image=busybox --replicas=1 -ti --restart=Never
kubectl describe pod pod-client
Warning FailedCreatePodSandBox 9m15s kubelet, k8s-node2 Failed create pod sandbox: rpc error: code = Unknown desc =
failed to set up sandbox container "25c9cdda5251e038eb147f10cc0600f765f27a4e99eb5fd4502ebce8a3427769"
network for pod "pod-client": NetworkPlugin cni failed to set up pod "pod-client_default" network:
failed to set bridge addr: "cni0" already has an IP address different from 10.244.1.1/24
Normal Scheduled 9m10s default-scheduler Successfully assigned default/pod-client to k8s-node2
出现这个问题是之前反复添加过,添加之前需要清除下网络
如果出现上面的警告，是 cni0 网桥配置了一个不同网段的 IP 地址导致，删除该网桥（网络插件会自动重新创建）即可修复
推荐的方法：
$ ip link set cni0 down
$ brctl delbr cni0
另一种方法是
重置kubernetes服务，重置网络。删除网络配置，link
kubeadm reset
systemctl stop kubelet
systemctl stop docker
rm -rf /var/lib/cni/
rm -rf /var/lib/kubelet/*
rm -rf /etc/cni/
ifconfig cni0 down
ifconfig flannel.1 down
ifconfig docker0 down
ip link delete cni0
ip link delete flannel.1
systemctl start docker
kubeadm join 进去，具体细节看k8s安装

验证dns

root@k8s-master ~]# kubectl get svc -n kube-system -o wide
NAME       TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)         AGE   SELECTOR
kube-dns   ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP   37d   k8s-app=kube-dns

[root@k8s-master ~]# dig -t A nginx.default.svc.cluster.local @10.96.0.10
; <<>> DiG 9.9.4-RedHat-9.9.4-73.el7_6 <<>> -t A nginx.default.svc.cluster.local @10.96.0.10
;; global options: +cmd

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29269
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;nginx.default.svc.cluster.local. IN A
;; ANSWER SECTION:
nginx.default.svc.cluster.local. 5 IN A 10.105.255.114
;; Query time: 1 msec
;; SERVER: 10.96.0.10#53(10.96.0.10)
;; WHEN: 一 4月 22 14:58:41 CST 2019
;; MSG SIZE rcvd: 96
用POD 测试，下面是几种测试方法：
kubectl run client --image=busybox -it --restart=Never
If you don't see a command prompt, try pressing enter.
/ # cat /etc/resolv.conf
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local localdomain
options ndots:5
/#wget -O - -q http://nginx/
kubectl exec -it pod-client -- nslookup nginx

或者 kubectl exec -it pod-client nslookup nginx
Server: 10.96.0.10
Address: 10.96.0.10:53
Name: nginx.default.svc.cluster.local
Address: 10.96.174.96
*** Can't find nginx.svc.cluster.local: No answer
*** Can't find nginx.cluster.local: No answer
*** Can't find nginx.localdomain: No answer
*** Can't find nginx.default.svc.cluster.local: No answer
*** Can't find nginx.svc.cluster.local: No answer
*** Can't find nginx.cluster.local: No answer
*** Can't find nginx.localdomain: No answer
kubectl exec -it pod-client -- /bin/sh

扩展POD
[root@k8s-master ~]# kubectl scale --replicas=5 deployment myapp
deployment.extensions/myapp scaled
[root@k8s-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 37d
nginx ClusterIP 10.110.209.132 <none> 80/TCP 11m
[root@k8s-master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 2m26s
myapp-9b4987d5-2fb8c 1/1 Running 0 8s
myapp-9b4987d5-2h8gm 1/1 Running 0 8s
myapp-9b4987d5-gth7v 1/1 Running 0 8s
myapp-9b4987d5-tn2q4 1/1 Running 0 4m22s
myapp-9b4987d5-vsq6h 1/1 Running 0 4m22s
nginx-deploy-5b66f76f68-lv66h 1/1 Running 2 33d
升级POD程序
[root@k8s-master ~]# kubectl set image deployment myapp myapp=ikubernetes/myapp:v2
deployment.extensions/myapp image updated
[root@k8s-master ~]# kubectl rollout status deployment myapp
deployment "myapp" successfully rolled out
root@k8s-master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
client 1/1 Running 0 7m38s
myapp-65899575cd-g4jpv 1/1 Running 0 98s
myapp-65899575cd-jcsqh 1/1 Running 0 104s
myapp-65899575cd-p6zww 1/1 Running 0 104s
myapp-65899575cd-rq6lk 1/1 Running 0 99s
myapp-65899575cd-td87v 1/1 Running 0 104s
nginx-deploy-5b66f76f68-lv66h 1/1 Running 2 33d
pod-client 0/1 Error 0 18m

[root@k8s-master ~]# kubectl describe pods myapp-65899575cd-g4jpv

Name: myapp-65899575cd-g4jpv

Namespace: default
Priority: 0
PriorityClassName: <none>
Node: k8s-node1/10.211.55.12
Start Time: Mon, 22 Apr 2019 16:30:52 +0800
Labels: pod-template-hash=65899575cd
run=myapp
Annotations: <none>
Status: Running
IP: 10.244.2.14
Controlled By: ReplicaSet/myapp-65899575cd
Containers:
myapp:
Container ID: docker://e728c453b29e44bfb4e88c0285cd870f00c8d5bc4bc20daef916a98a7418e8ef
Image: ikubernetes/myapp:v2
Image ID: docker-pullable://ikubernetes/myapp@sha256:85a2b81a62f09a414ea33b74fb8aa686ed9b168294b26b4c819df0be0712d358
Port: <none>
Host Port: <none>
State: Running
Started: Mon, 22 Apr 2019 16:30:53 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-zzm2j (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-zzm2j:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-zzm2j
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Pulled 2m53s kubelet, k8s-node1 Container image "ikubernetes/myapp:v2" already present on machine
Normal Created 2m52s kubelet, k8s-node1 Created container
Normal Started 2m52s kubelet, k8s-node1 Started container
Normal Scheduled 2m52s default-scheduler Successfully assigned default/myapp-65899575cd-g4jpv to k8s-node1
回滚之前的版本
[root@k8s-master ~]# kubectl rollout undo deployment myapp
deployment.extensions/myapp rolled back

 

删除部署的资源：

[root@k8s-master ~]# kubectl get deploy -o wide
NAME            READY UP-TO-DATE AVAILABLE       AGE    CONTAINERS    IMAGES                      SELECTOR
myapp             5/5           5                    5              28h       myapp            ikubernetes/myapp:v1    run=myapp
nginx-deploy    1/1            1                     1              35d       nginx-deploy    nginx                          run=nginx-deploy
[root@k8s-master ~]# kubectl delete deploy myapp
deployment.extensions "myapp" deleted
[root@k8s-master ~]# kubectl delete deploy nginx-deploy
deployment.extensions "nginx-deploy" deleted
[root@k8s-master ~]# kubectl get deploy -o wide
No resources found.

遇到的问题1

各节点上配置防火墙
iptables -I INPUT -p tcp -m tcp --dport 10250 -j ACCEPT
-L -vn|more会看到INPUT的reject-with icmp-host-prohibited计数一直在增加。 
10250是kubectl exec使用的，不加会报“Error from server: error dialing backend: 
dial tcp 192.168.128.164:10250: getsockopt: no route to host”。
遇到的问题2
解决flannel下pod及容器无法跨主机互通问题
flaaner 网络默认采用vxlan 类型，这种类型默认用的是UDP 协议发包，所以要看防火墙里面是否DROP 了UDP 协议，最简单的方法是
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F
iptables -L -n
然后重启各节点服务，或者直接重启各节点的系统