阿里云ACK托管版初始化

阿里云ACK托管版配置图例


  阿里云1.30.1版本

集群配置

  在创建过程中注意几个选项

  1. 付费类型 (按量, 包年包月)
  2. 版本
  3. 选择VPC
  4. 网络插件
  5. 节点交换机

 

节点池配置

  1. 托管节点池功能
  2. 节点池实例规格
  3. 节点池期望数
  4. 系统盘容量
  5. 节点池操作系统
  6. 操作系统绑定密钥
  7. ECS标签
    ECS标签
    zone:prod
    ecs/monitor:true
    
    节点标签
    node.kubernetes.io/type:lease
    node.kubernetes.io/env:prod
    node.kubernetes.io/resource:infra
  8. CPU策略
  9. 节点池安全组
    节点池安全组
    
    PROD-SG
  10. 自定义镜像
    节点池系统镜像
    Alibaba_Cloud_OS_3.2
  11. 自定义节点名称
  12. RDS白名单
  13. 节点初始化自定义数据
    #!/bin/bash
    #################################################
    ##################    修改主机名    ###############
    #################################################
    ## 请输入主机的用途,如redis pika mysql k8s app 等
    APP=K8S-WN
    ## 云服务提供商,如ali qcloud baidu ct 等
    VENDOR=ali
    ## 云服务器所在区域,如shanghai hangzhou 等
    REGION=shanghai
    ## 云服务器所在的区号
    ZONE=l
    ## 运行环境
    ENV=INFRA
    ## 服务器的IP地址
    IP=$(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | awk '{print $2}')
    ## 取服务器的IP地址后二位
    LAST_TWO_OCTETS=$(echo "$IP" | awk -F'.' '{print $(NF-1)"-"$NF}')
    
    ## 根据APP变量的值设置主机名
    if [ "$APP" = "k8s" ]; then
      hostnamectl set-hostname --static "${ENV}-${APP}-${LAST_TWO_OCTETS}"
    else
      hostnamectl set-hostname --static "${ENV}-${APP}-${LAST_TWO_OCTETS}"
    fi
    echo "export CONTAINERD_NAMESPACE=k8s.io" >> /root/.bash_profile
    # 拉取rancher镜像
    ctr images pull imagehub.qiangyun.com/rancher/rancher-webhook:v0.4.2
    ctr images pull imagehub.qiangyun.com/rancher/shell:v0.1.22
    ctr images pull imagehub.qiangyun.com/rancher/rancher-agent:v2.8.1

 

组件配置

  1. 集群ingress
  2. 集群DNS
  3. 集群监控
  4. 集群日志
  5. 基础组件



检查副本控制器的resources的配置

  1. deployment
    kubectl get deployments --all-namespaces -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.metadata.namespace}{"\t"}{range .spec.template.spec.containers[*]}{.name}{"\t"}{.resources.requests.cpu}{"\t"}{.resources.requests.memory}{"\t"}{.resources.limits.cpu}{"\t"}{.resources.limits.memory}{"\n"}{end}{end}' | column -t
    arms-prometheus-ack-arms-prometheus      arms-prom    arms-prometheus-operator       1     1Gi    3     4Gi
    kube-state-metrics                       arms-prom    kube-state-metrics             10m   32Mi   500m  2560Mi
    o11y-addon-controller                    arms-prom    controller                     10m   64Mi   500m  256Mi
    ack-cost-exporter                        kube-system  alibaba-cloud-cost-exporter    100m  100Mi  1     1Gi
    ack-helm-manager                         kube-system  manager                        10m   64Mi   500m  128Mi
    ack-kubernetes-cronhpa-controller        kube-system  kubernetes-cronhpa-controller  100m  100Mi  100m  100Mi
    ack-node-local-dns-admission-controller  kube-system  webhook                        100m  100Mi  1     1Gi
    ack-node-problem-detector-eventer        kube-system  eventer                        50m   30Mi   2     2Gi
    ack-vpa-admission-controller             kube-system  admission-controller           50m   200Mi  200m  500Mi
    ack-vpa-recommender                      kube-system  recommender                    50m   500Mi  200m  1000Mi
    ack-vpa-updater                          kube-system  updater                        50m   500Mi  200m  1000Mi
    alibaba-log-controller                   kube-system  alibaba-log-controller         50m   100Mi  200m  400Mi
    alicloud-monitor-controller              kube-system  alicloud-monitor-controller    10m   30Mi   500m  500Mi
    coredns                                  kube-system  coredns                        100m  100Mi  2Gi
    csi-provisioner                          kube-system  external-disk-provisioner      10m   16Mi   500m  1Gi
    external-disk-attacher                   10m          16Mi                           500m  1Gi
    external-disk-resizer                    10m          16Mi                           500m  1Gi
    external-csi-snapshotter                 10m          16Mi                           500m  1Gi
    external-snapshot-controller             10m          16Mi                           500m  1Gi
    external-nas-provisioner                 10m          16Mi                           500m  1Gi
    external-nas-resizer                     10m          16Mi                           500m  1Gi
    external-oss-provisioner                 10m          16Mi                           500m  1Gi
    csi-provisioner                          100m         128Mi                          500m  1Gi
    metrics-server                           kube-system  metrics-server                 100m  200Mi  4     8Gi
    policy-template-controller               kube-system  policy-template-controller     100m  100Mi  100m  256Mi
    security-inspector                       kube-system  security-inspector             100m  100Mi  100m  100Mi
    sls-kube-state-metrics                   kube-system  sls-kube-state-metrics         10m   200Mi  1     1000Mi
    storage-auto-expander                    kube-system  storage-auto-expander          10m   16Mi   100m  512Mi
    storage-cnfs                             kube-system  storage-cnfs                   10m   16Mi   100m  512Mi
    storage-controller                       kube-system  storage-controller             100m  128Mi  500m  500Mi
    storage-monitor                          kube-system  storage-monitor                10m   16Mi   100m  512Mi
    storage-operator                         kube-system  storage-operator               10m   16Mi   100m  128Mi
  2. daemonset
    kubectl get daemonset --all-namespaces -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.metadata.namespace}{"\t"}{range .spec.template.spec.containers[*]}{.name}{"\t"}{.resources.requests.cpu}{"\t"}{.resources.requests.memory}{"\t"}{.resources.limits.cpu}{"\t"}{.resources.limits.memory}{"\n"}{end}{end}' | column -t
    ack-prometheus-gpu-exporter          arms-prom    node-gpu-exporter          10m   32Mi   250m  512Mi
    node-exporter                        arms-prom    node-exporter              10m   128Mi  1     1Gi
    kube-rbac-proxy                      10m          32Mi                       20m   128Mi
    ack-node-problem-detector-daemonset  kube-system  ack-node-problem-detector  100m  200Mi  1     1Gi
    ack-sysom-monitor                    kube-system  sysom                      250m  250Mi  1     1Gi
    csi-plugin                           kube-system  disk-driver-registrar      10m   16Mi   500m  1Gi
    nas-driver-registrar                 10m          16Mi                       500m  1Gi
    oss-driver-registrar                 10m          16Mi                       500m  1Gi
    csi-plugin                           100m         128Mi                      500m  1Gi
    istio-tcpip-bypass                   kube-system  ack-istio-tcpip-bypass     100m  128Mi  500m  256Mi
    kube-proxy-worker                    kube-system  kube-proxy-worker          100m  100Mi  1     500Mi
    kube-proxy-worker-windows            kube-system  kube-proxy-worker
    logtail-ds                           kube-system  logtail                    100m  256Mi  2     2Gi
    node-local-dns                       kube-system  node-cache                 25m   5Mi    1     1Gi
    terway-eniip                         kube-system  terway                     100m  100Mi  100m  256Mi
    policy                               250m         100Mi                      1
  3. statefulsets
    kubectl get statefulsets --all-namespaces -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.metadata.namespace}{"\t"}{range .spec.template.spec.containers[*]}{.name}{"\t"}{.resources.requests.cpu}{"\t"}{.resources.requests.memory}{"\t"}{.resources.limits.cpu}{"\t"}{.resources.limits.memory}{"\n"}{end}{end}' | column -t
    logtail-statefulset  kube-system  logtail  100m  256Mi  2  2Gi

     

新增节点池

  1. Infra-Pool 唯一不同之处, 为什么在Infra-Pool资源池使用污点功能, 原因是因为避免Addons组件被调度到此资源池, 此资源池功能作用于业务基础组件 (中间件)

posted @ 2024-08-11 12:58  MacoPlus  阅读(32)  评论(0编辑  收藏  举报