k8s部署基础服务

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了k8s部署基础服务相关的知识,希望对你有一定的参考价值。

参考技术A 注意把10.170.208.111 替换成自己linux虚拟机的ip地址

# kubeadm init  \

--apiserver-advertise-address=10.170.208.111  \

--image-repository registry.aliyuncs.com/google_containers  \

--kubernetes-version=v1.19.4  \

--service-cidr=10.96.0.0/12  \

--pod-network-cidr=10.244.0.0/16  \

--token-ttl=0

安装方式建议实用kubeadm安装方式

kubectl taint nodes --all node-role.kubernetes.io/master-

wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

多网卡服务器需要指定网卡

vim kube-flannel.yml

kubectl apply -f kube-flannel.yml

查找问题 journalctl -f -u kubelet.service

kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.6/manifests/namespace.yaml

kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.6/manifests/metallb.yaml

# On first install only

kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"

cat  <<EOF>metallb.cfg

apiVersion: v1

kind: ConfigMap

metadata:

  namespace: metallb-system

  name: config

data:

  config: |

    address-pools:

    - name: default

      protocol: layer2

      addresses:

      - 10.170.208.10-10.170.208.15

EOF

10.170.208.10-10.170.208.15  是负载均衡使用的ip范围

kubectl apply -f metallb.cfg

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml

wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml

vim recommended.yaml

spec:

  type: NodePort

  ports:

    - port: 443

      targetPort: 8443

      nodePort: 30000

  selector:

    k8s-app: kubernetes-dashboard

kubectl apply -f recommended.yaml

cat <<EOF>admin-user.yaml

apiVersion: v1

kind: ServiceAccount

metadata:

  name: admin-user

  namespace: kubernetes-dashboard

EOF

kubectl apply -f admin-user.yaml

serviceaccount/admin-user created

Creating a ClusterRoleBinding

cat <<EOF>ClusterRoleBinding.yaml

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

  name: admin-user

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: cluster-admin

subjects:

- kind: ServiceAccount

  name: admin-user

  namespace: kubernetes-dashboard

EOF

kubectl apply -f ClusterRoleBinding.yaml

使用token进行登录,执行下面命令获取token

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk 'print $1')

kubectl create clusterrolebinding serviceaccount-cluster-admin --clusterrole=cluster-admin --group=system:serviceaccount

curl -L https://istio.io/downloadIstio | sh -

cd istio-1.10.0

export PATH=$PWD/bin:$PATH

istioctl install --set profile=demo -y

kubectl label namespace default istio-injection=enabled

wget https://get.helm.sh/helm-v3.6.1-linux-amd64.tar.gz

tar -zxvf helm-v3.6.1-linux-amd64.tar.gz

mv linux-amd64/helm /usr/local/bin/helm

共享端安装nfs-server,k8s所在主机安装nfs客户端【具体根据linux版本安装对应包】

以ubuntu为例:

apt-get install nfs-kernel-server

vim /etc/exports

/data/k8s *(rw,sync,no_root_squash)

手动

mount -t nfs -o nolock -o tcp 10.170.208.111:/data/k8s    /nfs

自动

vim /etc/fstab

# nfs volumes

10.170.208.111:/data/k8s    /nfs    nfs    defaults    0  0

helm search repo  nfs-client-provisioner

helm install aliyuncs/nfs-client-provisioner --name nfs-storageclass --set nfs.server=10.170.208.111 --set nfs.path=/data/k8s

helm install stable/nfs-client-provisioner --name nfs-storageclass --set nfs.server=10.170.208.111 --set nfs.path=/data/k8s

helm pull stable/nfs-client-provisioner --untar     

cd nfs-client-provisioner/

vim values.yaml     

values.yaml

...

nfs:

  server: 10.170.208.111     

  path: /data/k8s     

  mountOptions:

...

helm install nfs -f values.yaml .

helm pull aliyuncs/kafka

tar -zxvf  kafka-7.2.2.tgz

cd kafka

helm install kafka . -f ./values.yaml --set service.type=NodePort

helm repo add bitnami https://charts.bitnami.com/bitnami

helm install bibt bitnami/postgresql-ha

export POSTGRES_PASSWORD=$(kubectl get secret --namespace default bibt-postgresql-ha-postgresql -o jsonpath=".data.postgresql-password" | base64 --decode)

export | grep POSTGRES_PASSWORD

export REPMGR_PASSWORD=$(kubectl get secret --namespace default bibt-postgresql-ha-postgresql -o jsonpath=".data.repmgr-password" | base64 --decode)

export | grep REPMGR_PASSWORD

helm install redis-service bitnami/redis-cluster

export REDIS_PASSWORD=$(kubectl get secret --namespace "default" redis-service-redis-cluster -o jsonpath=".data.redis-password" | base64 --decode)

export | grep REDIS_PASSWORD

helm install mongodb bitnami/mongodb

export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace default mongodb -o jsonpath=".data.mongodb-root-password" | base64 --decode)

export | grep MONGODB_ROOT_PASSWORD

helm install mqtt emqx/emqx  --set service.type=LoadBalancer

export EMQX_ROOT_PASSWORD=$(kubectl get secret --namespace default mqtt -o jsonpath=".data.emqx-root-password" | base64 --decode)

export | grep EMQX_ROOT_PASSWORD

ElasticSearch 的 Helm Chart 模板是 ES 官方 Github 获取的,它的 Github 地址为 https://github.com/elastic/helm-charts。

# Helm 增加 Elastic 仓库

helm repo add elastic https://helm.elastic.co

# 安装 ElasticSearch Master 节点

helm install elasticsearch  --set antiAffinity=soft  elastic/elasticsearch

helm install kibana  elastic/kibana

helm install apm-server elastic/apm-server

wget https://github.com/elastic/helm-charts/archive/refs/tags/v7.13.2.tar.gz

tar -zxvf v7.13.2.tar.gz

cd helm-charts-7.13.2/filebeat/examples/deployment

make install

helm upgrade --wait --timeout=900s --install --values values.yaml helm-filebeat-deployment ../../

以上是关于k8s部署基础服务的主要内容,如果未能解决你的问题,请参考以下文章

K8s 集群稳定性评估与大规模基础服务部署调优

K8s学习

K8S原理架构与实战(基础篇)

K8S原理架构与实战(基础篇)

K8S原理架构与实战(基础篇)

高可用 kubernetes 集群部署实践