1. k8s 對接glusterfs存儲
a:創(chuàng)建endpoint
#查看
kubectl describe svc myweb
kubectl get endpoints myweb
kubectl describe endpoints myweb
#創(chuàng)建
[root@k8s-master ~]# cd k8s_yaml/
[root@k8s-master k8s_yaml]# mkdir gfs
[root@k8s-master k8s_yaml]# cd gfs/
#添加文件
[root@k8s-master gfs]# vim glusterfs-ep.yaml
apiVersion: v1
kind: Endpoints
metadata:
name: glusterfs
namespace: default
subsets:
- addresses:
- ip: 10.0.0.11
- ip: 10.0.0.12
- ip: 10.0.0.13
ports:
- port: 49152
protocol: TCP
#創(chuàng)建并查看
[root@k8s-master gfs]# kubectl create -f glusterfs-ep.yaml
endpoints "glusterfs" created
[root@k8s-master gfs]# kubectl get endpoints
NAME ENDPOINTS AGE
glusterfs 10.0.0.11:49152,10.0.0.12:49152,10.0.0.13:49152 9s
kubernetes 10.0.0.11:6443 6d
mysql <none> 1d
myweb 172.18.13.7:8080 1d
nginx 172.18.13.7:80 5d
nginx-deployment 172.18.13.5:80 1d
b:glusterfs-svc.yaml
[root@k8s-master gfs]# vim glusterfs-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: glusterfs
namespace: default
spec:
ports:
- port: 49152
protocol: TCP
targetPort: 49152
sessionAffinity: None
type: ClusterIP
[root@k8s-master gfs]# kubectl create -f glusterfs-svc.yaml
service "glusterfs" created
c: 創(chuàng)建gluster類型pv
#配置文件中的glusterfs名是用昨天創(chuàng)建好的wahaha
[root@k8s-master gfs]# vim glusterfs-pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: gluster
labels:
type: glusterfs
spec:
capacity:
storage: 20Gi
accessModes:
- ReadWriteMany
glusterfs:
endpoints: "glusterfs"
path: "wahaha"
readOnly: false
[root@k8s-master gfs]# kubectl create -f glusterfs-pv.yaml
persistentvolume "gluster" created
[root@k8s-master gfs]# kubectl get pv
NAME CAPACITY ACCESSMODES RECLAIMPOLICY STATUS CLAIM REASON AGE
gluster 20Gi RWX Retain Available 5s
d:k8s_pvc.yaml
[root@k8s-master gfs]# vim k8s_pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: tomcat-mysql
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi
[root@k8s-master gfs]# kubectl create -f k8s_pvc.yaml
persistentvolumeclaim "tomcat-mysql" created
[root@k8s-master gfs]# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESSMODES AGE
tomcat-mysql Bound gluster 20Gi RWX 9s
[root@k8s-master gfs]# kubectl get pvc -n default
NAME STATUS VOLUME CAPACITY ACCESSMODES AGE
tomcat-mysql Bound gluster 20Gi RWX 19s
e:mysql-rc-pvc.yaml
[root@k8s-master tomcat_demo]# cp mysql-rc-nfs.yaml mysql-rc-pvc.yaml
[root@k8s-master tomcat_demo]# cat mysql-rc-pvc.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: mysql
spec:
replicas: 1
selector:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
volumes:
- name: mysql
persistentVolumeClaim:
claimName: tomcat-mysql
containers:
- name: mysql
volumeMounts:
- mountPath: /var/lib/mysql
name: mysql
image: 10.0.0.11:5000/mysql:5.7
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: '123456'
[root@k8s-master tomcat_demo]# kubectl delete -f mysql-rc-pvc.yaml
replicationcontroller "mysql" deleted
[root@k8s-master tomcat_demo]# kubectl create -f mysql-rc-pvc.yaml
replicationcontroller "mysql" created
[root@k8s-master tomcat_demo]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
mysql-p2xkq 1/1 Running 0 10m 172.18.81.4 k8s-node1
myweb-41l9f 1/1 Running 1 16h 172.18.13.7 k8s-node2
f:瀏覽器訪問添加數(shù)據(jù)后再刪除pod
image
#創(chuàng)建新數(shù)據(jù)后刪除mysql的pod會自動生成新的pod
kubectl delete pod mysql-m3zm9
瀏覽器再次訪問數(shù)據(jù)還在
image
g:在node2節(jié)點上查看/mnt目錄
[root@k8s-node2 ~]# mount -t glusterfs 10.0.0.11:/wahaha /mnt
[root@k8s-node2 mnt]# df -h
10.0.0.11:/wahaha 30G 615M 30G 3% /mnt
[root@k8s-node2 mnt]# ll
total 188434
-rw-r----- 1 polkitd input 56 Sep 18 09:45 auto.cnf
drwxr-x--- 2 polkitd input 4096 Sep 18 09:47 HPE_APP
-rw-r----- 1 polkitd input 719 Sep 18 09:47 ib_buffer_pool
-rw-r----- 1 polkitd input 79691776 Sep 18 09:47 ibdata1
-rw-r----- 1 polkitd input 50331648 Sep 18 09:47 ib_logfile0
-rw-r----- 1 polkitd input 50331648 Sep 18 09:45 ib_logfile1
-rw-r----- 1 polkitd input 12582912 Sep 18 09:47 ibtmp1
drwxr-x--- 2 polkitd input 4096 Sep 18 09:45 mysql
drwxr-x--- 2 polkitd input 4096 Sep 18 09:45 performance_schema
drwxr-x--- 2 polkitd input 4096 Sep 18 09:45 sys
2. 與jenkins集成實現(xiàn)ci/cd
jenkins 工具
自動化代碼上線
核心功能支持大量的插件
jenkins java代碼
比如之前做的小鳥飛飛是純html頁面
如果想換個小鳥的顏色怎么做呢
html文件 站點
開發(fā)寫好代碼傳給運維 然后運維進行上傳解壓
代碼版本管理軟件
git: github
git check out
git tag
shell腳本
java類型
java項目代碼上線鏈接
java
需要編譯
.cless
2.1 安裝gitlab并上傳代碼
image
需要的軟件下載鏈接 提取碼: dshc
#上傳代碼包
[root@k8s-node2 jenkins-k8s]# ll
total 890176
-rw-r--r-- 1 root root 9128610 Sep 18 10:48 apache-tomcat-8.0.27.tar.gz
-rw-r--r-- 1 root root 569408968 Sep 18 10:49 gitlab-ce-11.9.11-ce.0.el7.x86_64.rpm
-rw-r--r-- 1 root root 166044032 Sep 18 10:48 jdk-8u102-linux-x64.rpm
-rw-r--r-- 1 root root 89566714 Sep 18 10:49 jenkin-data.tar.gz
-rw-r--r-- 1 root root 77289987 Sep 18 10:49 jenkins.war
-rw-r--r-- 1 root root 91014 Sep 18 10:49 xiaoniaofeifei.zip
#安裝
[root@k8s-node2 jenkins-k8s]# rpm -ivh gitlab-ce-11.9.11-ce.0.el7.x86_64.rpm
#配置
vim /etc/gitlab/gitlab.rb
external_url 'http://10.0.0.13'
prometheus_monitoring['enable'] = false
#應(yīng)用并啟動服務(wù)
gitlab-ctl reconfigure
#使用瀏覽器訪問http://10.0.0.13,修改root用戶密碼,創(chuàng)建project
image
image
gitlab 11.1.4(不限版本)漢化方法
image
創(chuàng)建項目
image
image
[root@k8s-node2 opt]# cd /srv/
[root@k8s-node2 srv]# ls
[root@k8s-node2 srv]# git clone https://gitlab.com/xhang/gitlab.git
Cloning into 'gitlab'...
#確保有g(shù)it命令
[root@k8s-node2 srv]# which git
/usr/bin/git
[root@k8s-node2 srv]# git config --global user.name "Administrator"
[root@k8s-node2 srv]# git config --global user.email "admin@example.com"
[root@k8s-node2 srv]# cat /root/.gitconfig
[user]
name = Administrator
email = admin@example.com
[root@k8s-node2 srv]# mv /root/jenkins-k8s/xiaoniaofeifei.zip .
[root@k8s-node2 srv]# unzip xiaoniaofeifei.zip
[root@k8s-node2 srv]# ls
2000.png 21.js icon.png img index.html sound1.mp3 xiaoniaofeifei.zip
上傳代碼
git init
git remote add origin http://10.0.0.13/root/xiaoniao.git
git add .
git commit -m "Initial commit"
#登錄賬戶密碼
[root@k8s-node2 srv]# git push -u origin master
Username for 'http://10.0.0.13': root
Password for 'http://root@10.0.0.13':
上傳成功
image
2.2 安裝jenkins,并自動構(gòu)建docker鏡像
node1上安裝jenkins
[root@k8s-node1 opt]# ll
total 334020
-rw-r--r-- 1 root root 9128610 Sep 18 11:53 apache-tomcat-8.0.27.tar.gz
-rw-r--r-- 1 root root 166044032 Sep 18 11:54 jdk-8u102-linux-x64.rpm
-rw-r--r-- 1 root root 89566714 Sep 18 11:54 jenkin-data.tar.gz
-rw-r--r-- 1 root root 77289987 Sep 18 11:54 jenkins.war
rpm -ivh jdk-8u102-linux-x64.rpm
mkdir /app
tar xf apache-tomcat-8.0.27.tar.gz -C /app
rm -fr /app/apache-tomcat-8.0.27/webapps/*
mv jenkins.war /app/apache-tomcat-8.0.27/webapps/ROOT.war
tar xf jenkin-data.tar.gz -C /root
/app/apache-tomcat-8.0.27/bin/startup.sh
netstat -lntup
2.3 瀏覽器訪問jenkins
訪問http://10.0.0.12:8080/,默認(rèn)賬號密碼admin:123456
image
2.4 配置jenkins拉取gitlab代碼憑據(jù)
a:在jenkins上生成秘鑰對
#生成秘鑰 一路回車
[root@k8s-node1 opt]# ssh-keygen -t rsa
[root@k8s-node1 opt]# ls /root/.ssh/
id_rsa id_rsa.pub known_hosts
b:復(fù)制公鑰粘貼gitlab上
新建秘鑰的進入方法imageimage
c:在node1上查看秘鑰
[root@k8s-node1 opt]# cat /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrlIgDVptvmipg00CP7P955Nbn2h+oy06hUiYWE+htG6VjLSCFjEhrxgXOCX2EAKGLgveWA46MLt4XN2Gi4E1H3aDsM/gBu8D+4487bKuLKv1ZeMeWECcDKL16cjtSQw6ShsCLBwh3aq5TT85I/ypUYMsQ1+N4Iiv4i3g3ozn0yPsyMq9rekW+nHbs8eJL1OzIue6hL78AgI8QuZ7QaCQ5TJDmCwKuLC+B+6ajyNezSxBIlZeBuUE5lacKmvxxnX5Dqzlvf5uGrVRSgPCR6oTTDTHmx2GVHIl7BJLZH/uR4tP7gYoY9fFOM1VyJ8Pjq+XcLGYFWNQKTgxKQO/08sjr root@k8s-node1
image
d:jenkins上創(chuàng)建全局憑據(jù)
image
[root@k8s-node1 opt]# cat /root/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAq5SIA1abb5oqYNNAj+z/eeTW59ofqMtOoVImFhPobRulYy0g
hYxIa8YFzgl9hAChi4L3lgOOjC7eFzdhouBNR92g7DP4AbvA/uOPO2yriyr9WXjH
lhAnAyi9enI7UkMOkobAiwcId2quU0/OSP8qVGDLENfjeCIr+It4N6M59Mj7MjKv
a3pFvpx27PHiS9TsyLnuoS+/AICPELme0GgkOUyQ5gsCriwvgfumo8jXs0sQSJWX
gblBOZWnCpr8cZ1+Q6s5b3+bhq1UUoDwkeqE0w0x5sdhlRyJewSS2R/7keLT+4GK
GPXxTjNVcifD46vl3CxmBVjUCk4MSkDv9PLI6wIDAQABAoIBAQCZBKL0TzXaJuQq
a9xFPzhsLgDWzvmzIHWke03KHMEJJUGvHBzH3V7s9rJQmLgelC197TP+znc/X8Dj
dZmWl3F0aRxN6t8ANMCe0LT5ayXlvFYriAJ/OzJ/p8Krw9pRt8n0NUbb9k6/qR2E
4UR4Z1AJ5jTTdaXAisEqLL/u5pwWR/yJgDeeUY5SC3QU1s2dvFUR/r9sqeXHjaCu
scu3EwU4Mo6+8yEFRpNLf2wMYPZyrb4RCDXpLRnrOHc9M67tiKpdQYplhuuSDD8Y
KOQO2isDigz56CIMBzYKysNG3Vg8LVHkEZ65DVoSF5bI8PcLuZ9Fod2ZYI212z48
Rb6IRUThAoGBAOJNo033aqqEcnXA+0pFgP1uL2q+eSWsztnw4M3OQl9hYZUIcaq6
cGBoIRlw/RiR1b0Q+lvj59+0/hJ9nkAqhcw/gAGPClQQZlVfwJOcx2++3vvDvRoA
3WZlRLswjktNBBDTaCBxEXoEuH1z/zWCEyXQAA1PMLHSkwWk03iazqHRAoGBAMIY
ix5OGBMVkwGzT6+pUojCNoRy5fZ0CxgiO2ILjFo7fYFNHGPXlJ0p85t7izq7hncb
tE8P6LaFGBjoe2+rf3e35TEXgUntmV3BucmodqiNM11RBXP4VW5ed7URCxtrgieo
xPUwDeerBlb0YP9Uohsf+qmqrRAhd5BxvAgjd1H7AoGBANhXWFLkwHga/kFMJ+8s
2s9sUrA9PxuhRG5dNMwK7rC4K82JsQCCE4RWh64Gsi6W3DpOzMij67uVD38lz++P
tzE3U2wqDrmmo+3iB/wV2SMe2ZTd3x3Izd9h2H8LQD0Ed2qOb/Dzpr17XdOw3L2O
iDeRzTrsBaU5pYuzsuaNOBTBAoGADh77ABluZvUK3PTOt1j6SDjY/ondcTDAHeFf
sKJmc6ogV2fkyN7GUSjcMFOsrXk3LzM0ywu9QoosVqOTV2yCuZMHearcHSTMI6YU
fjdjap/bPM7INse6b20wCFxVEomfzoLY0X3NhS1MKMdexzTBFngdJHrmXGYS7M9Z
fr4V0EECgYAb1ZXLghOZDFp80DLryQPaFz63kIf5HKGQM5KJBos7bq5vmxnuyT3f
5BTLNSdmpAdjXmHXvzynEWeg/bkDRXK4iFMvGQj0fo1MNbodyj6BcUSH6M7C1Srm
MVroh40pZQbAdeCOlJmDSdxhiRc0rVlmtTuIzS80yHW91Cfn4nk3ag==
-----END RSA PRIVATE KEY-----
imageimage
e:新建任務(wù)
imageimage
克隆url
image
粘貼url
image
選擇執(zhí)行shell后保存
image
立即構(gòu)建查看控制臺輸出內(nèi)容
image
image
2.5 編寫dockerfile并測試
#node2上編寫
[root@k8s-node2 srv]# ls
2000.png 21.js icon.png img index.html sound1.mp3 xiaoniaofeifei.zip
[root@k8s-node2 srv]# vim dockerfile
a
FROM 10.0.0.11:5000/nginx:1.13
ADD . /usr/share/nginx/html
#構(gòu)建
[root@k8s-node2 srv]# docker build -t xiaoniao:v1 .
#創(chuàng)建容器并查看
[root@k8s-node2 srv]# docker run -d -P xiaoniao:v1
74fe566ac2e1f53eafec83904ea17a2ec0393f82cbb22e05e1465e0f5d29e86f
[root@k8s-node2 srv]# docker ps -a -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
74fe566ac2e1 xiaoniao:v1 "nginx -g 'daemon ..." 20 seconds ago Up 16 seconds 0.0.0.0:32768->80/tcp optimistic_bartik
訪問10.0.0.13:32768
image
[root@k8s-node1 ~]# cd /root/.jenkins/workspace/xiaoniao
[root@k8s-node1 xiaoniao]# ls
2000.png 21.js icon.png img index.html sound1.mp3 xiaoniaofeifei.zip
2.6 在gitlab上上傳代碼
image
添加dockerfile文件和配置內(nèi)容
imageimage
再次點擊配置,構(gòu)建修改shell命令
docker build -t 10.0.0.11:5000/xiaoniao:v1 .
docker push 10.0.0.11:5000/xiaoniao:v1
image
image
立即構(gòu)建
image
控制臺查看
image
去私有倉庫查看一下有沒有xiaoniao的鏡像,并查看版本
[root@k8s-master ~]# cd /opt/myregistry/docker/registry/v2/repositories/
[root@k8s-master repositories]# ls
busybox mysql nginx rhel7 tomcat-app wordpress xiaoniao
[root@k8s-master repositories]# ls xiaoniao/_manifests/tags/
v1
2.7 修改或升級代碼的方法
如果開發(fā)要修改首頁文件
imageimage
讓代碼回滾的方法
docker build -t 10.0.0.11:5000/xiaoniao:v$BUILD_ID .
docker push 10.0.0.11:5000/xiaoniao:v$BUILD_ID
利用環(huán)境變量
imageimage
立即構(gòu)建
image
再次去私有倉庫查看一下
[root@k8s-master repositories]# ls xiaoniao/_manifests/tags/
v1 v4
3. 擴展_使用kubeadm安裝最新版的k8s
適合生產(chǎn)環(huán)境
準(zhǔn)備兩臺新的虛擬機
image
#hosts解析
[root@k8s-node-1 docker_rpm]# cat /etc/hosts
10.0.0.11 k8s-master
10.0.0.12 k8s-node1
3.1 上傳需要的安裝包并解壓安裝
#兩臺虛擬機都需要執(zhí)行
tar xf docker_rpm.tar.gz
ls
cd docker_rpm/
ls
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum localinstall *.rpm -y
systemctl start docker
systemctl enable docker
3.2 kubernetes安裝
#兩臺虛擬機都需要執(zhí)行
tar xf k8s_rpm.tar.gz
ls
cd k8s_rpm/
ls
yum localinstall *.rpm -y
systemctl start kubelet
systemctl enable kubelet
#添加自動補全功能
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc
3.3 使用kubeadm初始化k8s集群
#兩臺虛擬機都需要執(zhí)行
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
#關(guān)閉swap,將swap注釋
vim /etc/fstab
swapoff -a
#在master控制節(jié)點執(zhí)行
kubeadm init --kubernetes-version=v1.15.0 --pod-network-cidr=172.18.0.0/16 --service-cidr=10.254.0.0/16
3.4 給k8s集群加入node節(jié)點
#node節(jié)點執(zhí)行
3.5 為k8s集群配置網(wǎng)絡(luò)插件
[root@k8s-master ~]# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
.
