最近公司某在线培训系统,直播等方向部分,要求采用k8s进行部署,于是产生了本文作为备忘。
信息记录零散不成体系,各位请一笑而过。
一、环境
开发环境为我的工作macbookpro,安装有 Docker Desktop for MacOS,版本为 2.3.0.4 (大体上为2020.8月左右升级的最新版)
二、开发环境安装步骤
1、准备好敏感词上网,http://localhost:1080 https://localhost:1080 ,并配置到docker preferences resources proxy 页的HTTP和HTTPS代理
2、到 docker preferences kubernetes 页,开启enable kube 和 show system containers开关
注意,本步骤会进行相关镜像的拉取,总大小大约1.3G-1.6G。
下载完毕后,docker images结果:
kubernetesui/dashboard v2.0.3 503bc4b7440b 6 weeks ago 225MB kubernetesui/metrics-scraper v1.0.4 86262685d9ab 4 months ago 36.9MB docker/desktop-storage-provisioner v1.1 e704287ce753 4 months ago 41.8MB docker/desktop-vpnkit-controller v1.0 79da37e5a3aa 5 months ago 36.6MB docker/desktop-kubernetes kubernetes-v1.16.5-cni-v0.7.5-critools-v1.15.0 a86647f0b376 6 months ago 279MB k8s.gcr.io/kube-scheduler v1.16.5 b4d073a9efda 6 months ago 83.5MB k8s.gcr.io/kube-apiserver v1.16.5 fc838b21afbb 6 months ago 159MB k8s.gcr.io/kube-controller-manager v1.16.5 441835dd2301 6 months ago 151MB k8s.gcr.io/kube-proxy v1.16.5 0ee1b8a3ebe0 6 months ago 82.7MB docker/kube-compose-controller v0.4.25-alpha1 129151cdf35f 9 months ago 35.6MB docker/kube-compose-api-server v0.4.25-alpha1 989749268895 9 months ago 50.7MB docker/kube-compose-installer v0.4.25-alpha1 2a71ac5a1359 9 months ago 42.3MB k8s.gcr.io/etcd 3.3.15-0 b2756210eeab 11 months ago 247MB k8s.gcr.io/coredns 1.6.2 bf261d157914 11 months ago 44.1MB k8s.gcr.io/pause 3.1 da86e6ba6ca1 2 years ago 742kB
注意:前两行不能确定是否在本步骤中下载!
docker ps结果:
53bd8272de1b docker/kube-compose-controller "/compose-controller…" 16 hours ago Up 16 hours k8s_compose_compose-78f95d4f8c-hx2rr_docker_71e41cf5-a710-4b2e-a404-889a6ec90584_0 9847fe791a80 docker/desktop-vpnkit-controller "/kube-vpnkit-forwar…" 16 hours ago Up 16 hours k8s_vpnkit-controller_vpnkit-controller_kube-system_34376b86-3c34-4862-98ca-e699629fa27c_0 97e4fba61949 docker/kube-compose-api-server "/api-server --kubec…" 16 hours ago Up 16 hours k8s_compose_compose-api-6ffb89dc58-bhksx_docker_6c4804ac-9e98-4e8e-a51c-52952455f592_0 898a9e778c63 docker/desktop-storage-provisioner "/storage-provisione…" 16 hours ago Up 16 hours k8s_storage-provisioner_storage-provisioner_kube-system_a6728e6b-e5bf-4eda-a90d-0eb14a71a57a_0 a09410d13450 k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_compose-78f95d4f8c-hx2rr_docker_71e41cf5-a710-4b2e-a404-889a6ec90584_0 6c06dac9475b k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_compose-api-6ffb89dc58-bhksx_docker_6c4804ac-9e98-4e8e-a51c-52952455f592_0 c574c3974768 k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_vpnkit-controller_kube-system_34376b86-3c34-4862-98ca-e699629fa27c_0 c6e923346162 k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_storage-provisioner_kube-system_a6728e6b-e5bf-4eda-a90d-0eb14a71a57a_0 bff2ae219f1d bf261d157914 "/coredns -conf /etc…" 16 hours ago Up 16 hours k8s_coredns_coredns-5644d7b6d9-62k6b_kube-system_7e41b11f-5a84-4722-a6f8-6cab26edb776_0 21360ffc845c bf261d157914 "/coredns -conf /etc…" 16 hours ago Up 16 hours k8s_coredns_coredns-5644d7b6d9-78tbk_kube-system_b64f53d9-6fbb-4076-9452-8f0eaec76f0f_0 9e47c5d9d412 k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_coredns-5644d7b6d9-62k6b_kube-system_7e41b11f-5a84-4722-a6f8-6cab26edb776_0 d9b6f8e9922a k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_coredns-5644d7b6d9-78tbk_kube-system_b64f53d9-6fbb-4076-9452-8f0eaec76f0f_0 f7544c5c5c22 0ee1b8a3ebe0 "/usr/local/bin/kube…" 16 hours ago Up 16 hours k8s_kube-proxy_kube-proxy-ck29k_kube-system_3fa23fe2-b888-4cb3-aea7-bbffdd61b4bb_0 7055e59bdc98 k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_kube-proxy-ck29k_kube-system_3fa23fe2-b888-4cb3-aea7-bbffdd61b4bb_0 e2f1306bfcca 441835dd2301 "kube-controller-man…" 16 hours ago Up 16 hours k8s_kube-controller-manager_kube-controller-manager-docker-desktop_kube-system_c9d7fe159210d67175d06db05086b592_0 72727d2eaca6 fc838b21afbb "kube-apiserver --ad…" 16 hours ago Up 16 hours k8s_kube-apiserver_kube-apiserver-docker-desktop_kube-system_2966bdea771eade42b079889c75cf17e_0 763b30caa3df b2756210eeab "etcd --advertise-cl…" 16 hours ago Up 16 hours k8s_etcd_etcd-docker-desktop_kube-system_bc3eca0122540ccc59e959a7805e87e8_0 3193fba5bb1b b4d073a9efda "kube-scheduler --au…" 16 hours ago Up 16 hours k8s_kube-scheduler_kube-scheduler-docker-desktop_kube-system_28dd1b1230fbe15350eb1b896ae9493d_0 c605ae7ed0b4 k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_kube-scheduler-docker-desktop_kube-system_28dd1b1230fbe15350eb1b896ae9493d_0 aeb34525e04b k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_kube-controller-manager-docker-desktop_kube-system_c9d7fe159210d67175d06db05086b592_0 c974f723f6ec k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_kube-apiserver-docker-desktop_kube-system_2966bdea771eade42b079889c75cf17e_0 5fb3dddb9727 k8s.gcr.io/pause:3.1 "/pause" 16 hours ago Up 16 hours k8s_POD_etcd-docker-desktop_kube-system_bc3eca0122540ccc59e959a7805e87e8_0
3、下载dashboard
使用命令 kubectl apply -f ****文件名即可
正常情况下,文件名为 https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.3/aio/deploy/recommended.yaml (其中v2.0.3为版本好,自行进行替换),但本环境在敏感词上网之后,依然无法访问。
于是,打开 https://github.com/kubernetes/dashboard/blob/v2.0.3/aio/deploy/recommended.yaml 文件的最新版本(或者计划安装的版本,本url为2.0.3版本),并将该文件内容手工复制到本地,命名为文件 recommended.yaml
然后执行 kubectl apply -f recommended.yaml ,此时,会输出信息:
[~/docker-compose/k8s]$ kubectl apply -f recommended.yaml namespace/kubernetes-dashboard created serviceaccount/kubernetes-dashboard created service/kubernetes-dashboard created secret/kubernetes-dashboard-certs created secret/kubernetes-dashboard-csrf created secret/kubernetes-dashboard-key-holder created configmap/kubernetes-dashboard-settings created role.rbac.authorization.k8s.io/kubernetes-dashboard created clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created deployment.apps/kubernetes-dashboard created service/dashboard-metrics-scraper created deployment.apps/dashboard-metrics-scraper created
查看k8s状态:
[~/docker-compose/k8s]$ kubectl get namespace NAME STATUS AGE default Active 15h docker Active 15h kube-node-lease Active 15h kube-public Active 15h kube-system Active 15h kubernetes-dashboard Active 6m14s [~/docker-compose/k8s]$ kubectl -n kubernetes-dashboard get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE dashboard-metrics-scraper ClusterIP 10.102.53.221 <none> 8000/TCP 6m34s kubernetes-dashboard ClusterIP 10.106.4.63 <none> 443/TCP 6m34s
[~/docker-compose/k8s]$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 45d91e413a0e kubernetesui/dashboard "/dashboard --insecu…" 19 minutes ago Up 19 minutes k8s_kubernetes-dashboard_kubernetes-dashboard-55fd8c78bd-rv6s8_kubernetes-dashboard_883b77ec-7dad-4e72-94a1-228cc124db23_0 0c3c473a5658 86262685d9ab "/metrics-sidecar" 19 minutes ago Up 19 minutes k8s_dashboard-metrics-scraper_dashboard-metrics-scraper-c79c65bb7-4dcpd_kubernetes-dashboard_8c66c64b-a85b-42ad-8955-7f3894b866ac_0 3aa41f42ac13 k8s.gcr.io/pause:3.1 "/pause" 19 minutes ago Up 19 minutes k8s_POD_dashboard-metrics-scraper-c79c65bb7-4dcpd_kubernetes-dashboard_8c66c64b-a85b-42ad-8955-7f3894b866ac_0 84b6ac23d63c k8s.gcr.io/pause:3.1 "/pause" 19 minutes ago Up 19 minutes k8s_POD_kubernetes-dashboard-55fd8c78bd-rv6s8_kubernetes-dashboard_883b77ec-7dad-4e72-94a1-228cc124db23_0
此时,执行命令 kubectl proxy 打开访问k8s集群的代理:
[~/docker-compose/k8s]$ kubectl proxy Starting to serve on 127.0.0.1:8001
浏览器访问 http://localhost:8001 ,结果如下:
1 { 2 "paths": [ 3 "/api", 4 "/api/v1", 5 "/apis", 6 "/apis/", 7 "/apis/admissionregistration.k8s.io", 8 "/apis/admissionregistration.k8s.io/v1", 9 "/apis/admissionregistration.k8s.io/v1beta1", 10 "/apis/apiextensions.k8s.io", 11 "/apis/apiextensions.k8s.io/v1", 12 "/apis/apiextensions.k8s.io/v1beta1", 13 "/apis/apiregistration.k8s.io", 14 "/apis/apiregistration.k8s.io/v1", 15 "/apis/apiregistration.k8s.io/v1beta1", 16 "/apis/apps", 17 "/apis/apps/v1", 18 "/apis/authentication.k8s.io", 19 "/apis/authentication.k8s.io/v1", 20 "/apis/authentication.k8s.io/v1beta1", 21 "/apis/authorization.k8s.io", 22 "/apis/authorization.k8s.io/v1", 23 "/apis/authorization.k8s.io/v1beta1", 24 "/apis/autoscaling", 25 "/apis/autoscaling/v1", 26 "/apis/autoscaling/v2beta1", 27 "/apis/autoscaling/v2beta2", 28 "/apis/batch", 29 "/apis/batch/v1", 30 "/apis/batch/v1beta1", 31 "/apis/certificates.k8s.io", 32 "/apis/certificates.k8s.io/v1beta1", 33 "/apis/compose.docker.com", 34 "/apis/compose.docker.com/v1alpha3", 35 "/apis/compose.docker.com/v1beta1", 36 "/apis/compose.docker.com/v1beta2", 37 "/apis/coordination.k8s.io", 38 "/apis/coordination.k8s.io/v1", 39 "/apis/coordination.k8s.io/v1beta1", 40 "/apis/events.k8s.io", 41 "/apis/events.k8s.io/v1beta1", 42 "/apis/extensions", 43 "/apis/extensions/v1beta1", 44 "/apis/networking.k8s.io", 45 "/apis/networking.k8s.io/v1", 46 "/apis/networking.k8s.io/v1beta1", 47 "/apis/node.k8s.io", 48 "/apis/node.k8s.io/v1beta1", 49 "/apis/policy", 50 "/apis/policy/v1beta1", 51 "/apis/rbac.authorization.k8s.io", 52 "/apis/rbac.authorization.k8s.io/v1", 53 "/apis/rbac.authorization.k8s.io/v1beta1", 54 "/apis/scheduling.k8s.io", 55 "/apis/scheduling.k8s.io/v1", 56 "/apis/scheduling.k8s.io/v1beta1", 57 "/apis/storage.k8s.io", 58 "/apis/storage.k8s.io/v1", 59 "/apis/storage.k8s.io/v1beta1", 60 "/healthz", 61 "/healthz/autoregister-completion", 62 "/healthz/etcd", 63 "/healthz/log", 64 "/healthz/ping", 65 "/healthz/poststarthook/apiservice-openapi-controller", 66 "/healthz/poststarthook/apiservice-registration-controller", 67 "/healthz/poststarthook/apiservice-status-available-controller", 68 "/healthz/poststarthook/bootstrap-controller", 69 "/healthz/poststarthook/ca-registration", 70 "/healthz/poststarthook/crd-informer-synced", 71 "/healthz/poststarthook/generic-apiserver-start-informers", 72 "/healthz/poststarthook/kube-apiserver-autoregistration", 73 "/healthz/poststarthook/rbac/bootstrap-roles", 74 "/healthz/poststarthook/scheduling/bootstrap-system-priority-classes", 75 "/healthz/poststarthook/start-apiextensions-controllers", 76 "/healthz/poststarthook/start-apiextensions-informers", 77 "/healthz/poststarthook/start-kube-aggregator-informers", 78 "/healthz/poststarthook/start-kube-apiserver-admission-initializer", 79 "/livez", 80 "/livez/autoregister-completion", 81 "/livez/etcd", 82 "/livez/log", 83 "/livez/ping", 84 "/livez/poststarthook/apiservice-openapi-controller", 85 "/livez/poststarthook/apiservice-registration-controller", 86 "/livez/poststarthook/apiservice-status-available-controller", 87 "/livez/poststarthook/bootstrap-controller", 88 "/livez/poststarthook/ca-registration", 89 "/livez/poststarthook/crd-informer-synced", 90 "/livez/poststarthook/generic-apiserver-start-informers", 91 "/livez/poststarthook/kube-apiserver-autoregistration", 92 "/livez/poststarthook/rbac/bootstrap-roles", 93 "/livez/poststarthook/scheduling/bootstrap-system-priority-classes", 94 "/livez/poststarthook/start-apiextensions-controllers", 95 "/livez/poststarthook/start-apiextensions-informers", 96 "/livez/poststarthook/start-kube-aggregator-informers", 97 "/livez/poststarthook/start-kube-apiserver-admission-initializer", 98 "/logs", 99 "/metrics", 100 "/openapi/v2", 101 "/readyz", 102 "/readyz/autoregister-completion", 103 "/readyz/etcd", 104 "/readyz/log", 105 "/readyz/ping", 106 "/readyz/poststarthook/apiservice-openapi-controller", 107 "/readyz/poststarthook/apiservice-registration-controller", 108 "/readyz/poststarthook/apiservice-status-available-controller", 109 "/readyz/poststarthook/bootstrap-controller", 110 "/readyz/poststarthook/ca-registration", 111 "/readyz/poststarthook/crd-informer-synced", 112 "/readyz/poststarthook/generic-apiserver-start-informers", 113 "/readyz/poststarthook/kube-apiserver-autoregistration", 114 "/readyz/poststarthook/rbac/bootstrap-roles", 115 "/readyz/poststarthook/scheduling/bootstrap-system-priority-classes", 116 "/readyz/poststarthook/start-apiextensions-controllers", 117 "/readyz/poststarthook/start-apiextensions-informers", 118 "/readyz/poststarthook/start-kube-aggregator-informers", 119 "/readyz/poststarthook/start-kube-apiserver-admission-initializer", 120 "/readyz/shutdown", 121 "/version" 122 ] 123 }
访问dashboard地址: http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
正常情况下,可以看见提示输出token或者Kubeconfig的网页UI
dashboard安装成功
4、token获取方式:
执行指令:
[~/docker-compose/k8s]$ kubectl -n kubernetes-dashboard describe secret default Name: default-token-mk6pp Namespace: kubernetes-dashboard Labels: <none> Annotations: kubernetes.io/service-account.name: default kubernetes.io/service-account.uid: 68ab945c-d104-41e7-9b7f-c653c6e5fa89 Type: kubernetes.io/service-account-token Data ==== ca.crt: 1025 bytes namespace: 20 bytes token: eyJhbGciOiJSUzI1NiIsImtpZCI6IndSNUktTzFFLW56RzhSbXZQUGh6TlpmbW01UE8ydGdoYWxrb0hvR1BwY00ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2VuLW1rNnBwIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI2OGFiOTQ1Yy1kMTA0LTQxZTctOWI3Zi1jNjUzYzZlNWZhODkiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6ZGVmYXVsdCJ9.VkS4T1zgz6ECi5odASskhSItKWya6pNKt_z1oCWX23EKRyAtaTLJt_FTpmd7Gu_vwn85gM9p07Bl0rkH5iHFE2HfWDiyQ9mtTSVeyXSfACtylxo9NpqeWrJ7-vANh8tRy1rXK6R5oo0CW11UTUcyzs2xRN3TpSGk5TM9xhb4aECEFvYCjqg_UZBmCYlRuUi4F-K9i02_p4r3VCKV33lYOQQDH71-aOd2IlDTq9FEWebpTw7kHS1DNmFnfr0iEe_s_XEqD8mLgooWUk9rSz-gDrp0F-IsvDy-1sJgpTzDbnXbrdUk8lLMCtQrdRbp9JVMOUgaZC9ycMFAr-nN6CeMeA
使用该token登录即可
至此,开发环境和dashboard已经准备完毕。
其他后续事项,下文再补。