k8s-学习-14-kubelet详解
k8s-学习-13-kubelet详解
1、使用二进制安装部署K8S的要点
1、基础设置环境准备好:
- Centos7.6系统(内核在3.8.x以上)
- 关闭selinux,关闭firewalld服务
- 时间同步(chronyd)
- 调整Base源,Epel源
- 内核优化(文件描述符大小,内核转发,等等)
2、安装部署bind9内网DNS系统
3、安装部署docker的私有仓库 -- harbor
4、准备证书签发环境 -- cfssl
5、安装部署主动节点服务(4个)
- Etcd
- Apiserver
- Controller-manager
- Scheduler
6、安装部署运算节点服务(2个)
- kubelet
- kube-proxy
2、查看证书信息
[root@hdss7-200 certs]# cfssl-certinfo -cert apiserver.pem { "subject": { "common_name": "k8s-apiserver", "country": "CN", "organization": "od", "organizational_unit": "ops", "locality": "beijing", "province": "beijing", "names": [ "CN", "beijing", "beijing", "od", "ops", "k8s-apiserver" ] }, "issuer": { "common_name": "OldboyEdu", "country": "CN", "organization": "od", "organizational_unit": "ops", "locality": "beijing", "province": "beijing", "names": [ "CN", "beijing", "beijing", "od", "ops", "OldboyEdu" ] }, "serial_number": "277359228170517373750388551602385964782473057337", "sans": [ "kubernetes.default", "kubernetes.default.svc", "kubernetes.default.svc.cluster", "kubernetes.default.svc.cluster.local", "127.0.0.1", "192.168.0.1", "10.4.7.10", "10.4.7.21", "10.4.7.22", "10.4.7.23" ], "not_before": "2022-04-03T09:50:00Z", "not_after": "2042-03-29T09:50:00Z", "sigalg": "SHA256WithRSA", "authority_key_id": "E1:A6:A2:B9:90:3D:58:DB:51:3F:3F:83:19:52:B7:32:EE:BB:CB:4B", "subject_key_id": "E6:CE:9:F8:98:15:E4:3F:90:F1:7E:E7:B5:C5:B9:98:56:BA:92:7", "pem": "-----BEGIN CERTIFICATE-----\nMIIEbzCCA1egAwIBAgIUMJU3yqg9Hlil/ODQ534y/3qmFDkwDQYJKoZIhvcNAQEL\nBQAwYDELMAkGA1UEBhMCQ04xEDAOBgNVBAgTB2JlaWppbmcxEDAOBgNVBAcTB2Jl\naWppbmcxCzAJBgNVBAoTAm9kMQwwCgYDVQQLEwNvcHMxEjAQBgNVBAMTCU9sZGJv\neUVkdTAeFw0yMjA0MDMwOTUwMDBaFw00MjAzMjkwOTUwMDBaMGQxCzAJBgNVBAYT\nAkNOMRAwDgYDVQQIEwdiZWlqaW5nMRAwDgYDVQQHEwdiZWlqaW5nMQswCQYDVQQK\nEwJvZDEMMAoGA1UECxMDb3BzMRYwFAYDVQQDEw1rOHMtYXBpc2VydmVyMIIBIjAN\nBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDzTAXN9OyYSl3rAj0LHBY7Z63uT\npgUEAQaBYtiU9yez0ppyTjxm4I/OF/aa/ampQAv08mKIOLXY9Di/yekfY0WabF5N\nc79wHIbbbjYd2RCuDYVW7PvXY4LgZ785b66I33/cPPWuZB/wU1nwpScgvmR4hvP3\n+WJhbGMqZb3bYsxAXOM8BzQss8rUFaD3SQblEtj7q8NC63KTMZZ9JN/ZKOqKoXLV\nKQk7cXaBhZ53R61ElHkzJTY+hQGH5wXz2dwKIax7j+STZF9gp0oCxw1zZ7VcnAt9\nOWJzgcvABnxJBblKkeXawIonv7fgsNcMtbYtWeGxdorm6mMtBIN5k+ojhwIDAQAB\no4IBGzCCARcwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwG\nA1UdEwEB/wQCMAAwHQYDVR0OBBYEFObOCfiYFeQ/kPF+57XFuZhWupIHMB8GA1Ud\nIwQYMBaAFOGmormQPVjbUT8/gxlStzLuu8tLMIGhBgNVHREEgZkwgZaCEmt1YmVy\nbmV0ZXMuZGVmYXVsdIIWa3ViZXJuZXRlcy5kZWZhdWx0LnN2Y4Iea3ViZXJuZXRl\ncy5kZWZhdWx0LnN2Yy5jbHVzdGVygiRrdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNs\ndXN0ZXIubG9jYWyHBH8AAAGHBMCoAAGHBAoEBwqHBAoEBxWHBAoEBxaHBAoEBxcw\nDQYJKoZIhvcNAQELBQADggEBAJXLPQtCBENcdsdoiRyY29sGN/vDbTEpEohPKxIZ\ntu3qcwGXRdxIb3s8m1Vat3wH7S1sC/iZxH2pqPGYrLSqdE9DQVau/mH+CoqNKnR2\npe4aF01Zo6+LjVFrMY49egk0K54HXJrPql3jBL4NO+w+8/dPu71PUXw11WmeIE1s\n3CcEcYXQ99fVZ6IBhtZJu8g5v10JT8+t76mV2TwzpszKW0Fk0X5zylqQ4UjyCvZr\nsy4oPa/s/VJK+yoq1f9o4u7nNG5t3mKNRS2T180OkaTD0jSNUUavIXdF5O386XC3\nH2ukR7imAQol6YXZWWGTzk+qClCm988yJ0pwnv43pGKRjl8=\n-----END CERTIFICATE-----\n" } [root@hdss7-200 certs]#
3、查看其他域名证书信息
4、kubelet详解
4.1、管理k8s核心资源的三种基本方法:
- 陈述式管理方法 - 主要依赖命令行CLI工具进行管理
- 声明式管理方法 - 主要依赖统一资源配置清单(manifest)进行管理
- GUI式管理方法 - 主要依赖图形化操作界面(web界面)进行管理
4.2、陈述式管理资源方法
# 1、查看名称空间 [root@hdss7-22 kubelet]# kubectl get namespace NAME STATUS AGE default Active 3d20h kube-node-lease Active 3d20h kube-public Active 3d20h kube-system Active 3d20h # 2、查看名称空间内的资源 [root@hdss7-22 kubelet]# kubectl get all -n default NAME READY STATUS RESTARTS AGE pod/nginx-ds-7hxxw 1/1 Running 3 2d19h pod/nginx-ds-n5vrp 1/1 Running 3 2d19h NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 3d20h NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE daemonset.apps/nginx-ds 2 2 2 2 2 <none> 3d11h # 3、名称空间的创建删除 [root@hdss7-22 kubelet]# kubectl create namespace app namespace/app created [root@hdss7-22 kubelet]# kubectl get namespace NAME STATUS AGE app Active 9s default Active 3d20h kube-node-lease Active 3d20h kube-public Active 3d20h kube-system Active 3d20h [root@hdss7-22 kubelet]# [root@hdss7-22 kubelet]# kubectl delete namespace app namespace "app" deleted [root@hdss7-22 kubelet]# [root@hdss7-22 kubelet]# kubectl get namespace NAME STATUS AGE default Active 3d20h kube-node-lease Active 3d20h kube-public Active 3d20h kube-system Active 3d20h [root@hdss7-22 kubelet]#
4、创建deployment
~]# kubectl create deployment nginx-dp --image=harbor.od.com/public/nginx:v1.7.9 -n kube-public
5、查看deployment
~]# kubectl get deployment nginx-dp -o wide -n kube-public
~]# kubectl get pods -o wide -n kube-public
~]# kubectl describe deployment nginx-dp -n kube-public
6、k8s 默认是滚动发布
StrategyType: RollingUpdate
7、进入容器
~]#kubectl exec -it nginx-dp-5dfc689474-4whfn /bin/bash -n kube-public
8、删除pod,删除pod之后会重新拉起另一个pod
~]# kubectl delete pod nginx-dp-5dfc689474-4whfn -n kube-public
9、创建service资源
~]# kubectl expose deployment nginx-dp --port=80 -n kube-public
10、查看service资源
~]# kubectl get svc -n kube-public
11、查看service资源的详细信息
~]# kubectl describe svc nginx-dp -n kube-public
12、pod 扩容
~]# kubectl scale deployment nginx-dp --replicas=2 -n kube-public
13、查看cluster IP 与 Pod IP 的对应关系
1 2 3 4 5 6 7 8 9 10 | ~]# ipvsadm -LnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConnTCP 10.254.0.1:443 nq -> 192.168.16.13:6443 Masq 1 0 0 -> 192.168.16.14:6443 Masq 1 0 0 TCP 10.254.127.91:80 nq -> 172.7.11.3:80 Masq 1 0 0 -> 172.7.21.3:80 Masq 1 0 0 |
4.3、陈述式资源管理方法小结
1.kubernetes集群管理集群资源的唯一入口是通过相应的方法调用apiserver的接口
2.kubectl是官方的CLI命令行工具,用于与apiserver进行通信,将用户在命令行输入的命令,组织并转化为apiserver能识别的信息,进而实现管理k8s各种资源的一种有效途径
3.kubectl的命令大全:kubectl --help
4.陈述式资源管理方法可以满足90%以上的资源管理需求,但他的缺点也很明显
命令冗长、复杂、难以记忆
特定场景下,无法实现管理需求
对资源的增、删、查操作比较简单,改就很痛苦
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· Manus的开源复刻OpenManus初探
· 写一个简单的SQL生成工具
· AI 智能体引爆开源社区「GitHub 热点速览」
· C#/.NET/.NET Core技术前沿周刊 | 第 29 期(2025年3.1-3.9)