一、部署
(1)kubeadm工具:
•kubeadm init:初始化一个Master节点•kubeadm join:将工作节点退出集群•kubeadm upgrade:降级K8s版本•kubeadm token:治理 kubeadm join 应用的令牌•kubeadm reset:清空 kubeadm init 或者 kubeadm join 对主机所做的任何更改•kubeadm version:打印 kubeadm 版本•kubeadm alpha:预览可用的新性能(2)初始化配置
# 敞开防火墙systemctl stop firewalldsystemctl disable firewalld# 敞开selinuxsed -i 's/enforcing/disabled/' /etc/selinux/config # 永恒setenforce 0 # 长期# 敞开swapswapoff -a # 长期sed -ri 's/.*swap.*/#&/' /etc/fstab # 永恒# 依据布局设置主机名hostnamectl set-hostname <hostname># 在master增加hostscat >> /etc/hosts << EOF192.168.31.61 k8s-master1192.168.31.62 k8s-node1192.168.31.63 k8s-node2EOF# 将桥接的IPv4流量传递到iptables的链cat > /etc/sysctl.d/k8s.conf << EOFnet.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1EOFsysctl --system # 失效# 工夫同步yum install ntpdate -yntpdate time.windows.com(3)装置docker
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repoyum -y install docker-cesystemctl enable docker && systemctl start docker配置镜像下载加速器:
cat > /etc/docker/daemon.json << EOF{ "registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]}EOFsystemctl restart dockerdocker info增加阿里云YUM软件源
cat > /etc/yum.repos.d/kubernetes.repo << EOF[kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=0repo_gpgcheck=0gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF装置kubeadm,kubelet和kubectl
yum install -y kubelet-1.20.0 kubeadm-1.20.0 kubectl-1.20.0systemctl enable kubelet部署Kubernetes Master
kubeadm init \ --image-repository registry.aliyuncs.com/google_containers \ --kubernetes-version v1.20.0 \ --service-cidr=10.96.0.0/12 \ --pod-network-cidr=10.244.0.0/16 \ --ignore-preflight-errors=all初始化实现后,最初会输入一个join命令,先记住,上面用。
拷贝kubectl应用的连贯k8s认证文件到默认门路:
mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/config查看工作节点:kubectl get nodes
退出Kubernetes Node
向集群增加新节点,执行在kubeadm init输入的kubeadm join命令
kubeadm join **** --token **** \--discovery-token-ca-cert-hash sha256:****默认token有效期为24小时,当过期之后,该token就不可用了。这时就须要从新创立token,能够间接应用命令快捷生成:
kubeadm token create --print-join-command部署容器网络(CNI)
kubectl apply -f calico.yamlkubectl get pods -n kube-system测试kubernetes集群
kubectl create deployment nginx --image=nginxkubectl expose deployment nginx --port=80 --type=NodePortkubectl get pod,svc拜访地址:http://NodeIP:Port
二、常用命令
应用Deployment控制器部署镜像
kubectl create deployment web --image=nginx --replicas=3kubectl get deploy,pods应用service将pod裸露进来
kubectl expose deployment web --port=80 --target-port=80 --type=NodePortkubectl get service部署镜像
kubectl apply -f ***.yamlkubectl create deployment web --image=nginx:1.16 --replicas=3利用降级
kubectl apply -f ***.yamlkubectl set image deployment/web nginx=nginx:1.17程度扩容
批改yaml里replicas值,再applykubectl scale deployment web --replicas=10公布失败回滚
kubectl rollout history deployment/web #查看历史公布版本kubectl rollout undo deployment/web #回滚上一个版本kubectl rollout undo deployment/web --to-revision=2 #回滚历史指定版本利用下线
kubectl delete deploy/webkubectl delete svc/webpod命令
创立pod:kubectl apply -f pod.yaml或者应用命令:kubectl run nginx --image=nginx查看pod:kubectl get podskubectl describe pod <Pod名称>查看日志:kubectl logs <Pod名称> [-c Container]kubectl logs <Pod名称> [-c Container] -f进入容器终端kubectl exec <Pod名称> [-c Container] --bash删除Podkubectl delete pod <Pod名称>service命令
创立servicekubectl apply -f service.yaml查看servicekubectl get service 查看service对应的pod
kubectl get epkubectl get service pod1 -o yamlkubectl get pods -l app=pvc裸露pod上的标签
kubectl get pods --show-labelskubectl get ep -wss -antp|grep 31871主动生成yaml文件
kubectl create deployment java-demo --image=** --dry-run -o yaml > web.yamlkubectl expose deployment java-demo --port=80 --target-port=8080 --type=NodePort --dry-run -o yaml > svc.yaml