k8s | 我的乐与怒 | Vincent's Blog

使用Kind搭建K8S学习环境

背景 K8S集群的搭建由于墙的存在比较麻烦而且也比较占用资源,个人学习搭建K8S学习使用和做一些测试推荐使用Kind来在本地搭建. 安装前置条件需要先安装golang 1.16 或更新的版本. 低版本需要加上 GO111MODULE="on" 如果包无法下载,因为墙可以添加Go package的国内镜像, 设置阿里的镜像 go env -w GOPROXY=https://mirrors.aliyun.com/goproxy/,direct go install

Posted by Vincent on Friday, May 27, 2022

Ingress添加权限验证

生成密码文件 ~ htpasswd -c httpauth admin New password: Re-type new password: Adding password for user admin 添加密文 apiVersion: v1 kind: Secret metadata: name: httpauth data: auth: admin:$apr1$RjgQNPDx$e9htPYO4fELnCxOb07GIK0 配置对你需要增加权限验证的INgress设置注释 nginx.ingress.kubernetes.io/auth-realm: '"Authentication Required - admin"' nginx.ingress.kubernetes.io/auth-secret: httpauth nginx.ingress.kubernetes.io/auth-type: basic INgress YAML如下 apiVersion: extensions/v1beta1 kind: Ingress metadata: annotations: field.cattle.io/creatorId: user-ng7cm field.cattle.io/ingressState: '{"Y29uc3VsL2xvY2FsL2NvbnN1bC5sb2NhbC5waGlsby5pbi8vaHR0cA==":""}' field.cattle.io/publicEndpoints: '[{"addresses":["10.10.0.31"],"port":80,"protocol":"HTTP","serviceName":"local:consul","ingressName":"local:consul","hostname":"consul.local.philo.in","allNodes":true}]' nginx.ingress.kubernetes.io/auth-realm: '"Authentication Required - admin"' nginx.ingress.kubernetes.io/auth-secret: httpauth nginx.ingress.kubernetes.io/auth-type: basic creationTimestamp: "2020-04-23T05:52:00Z" generation: 2 labels: cattle.io/creator: norman name: consul namespace: local resourceVersion: "1102762" selfLink: /apis/extensions/v1beta1/namespaces/local/ingresses/consul uid: a55e4299-2552-401b-91a8-a595fd3ff7e3 spec: rules: - host: consul.local.philo.in http: paths: - backend: serviceName: consul servicePort: http status: loadBalancer: ingress: - ip: 10.10.0.31 - ip: 10.10.0.32 - ip: 10.10.0.41 - ip:

Posted by Vincent on Thursday, April 30, 2020

搭建本地KVM和K8S集群

准备工作版本 Ubuntu 16.04.6 LTS Linux version 4.4.0-142-generic qemu-img version 2.5.0 (Debian 1:2.5+dfsg-5ubuntu10.42) 检查检查是否支持虚拟化 egrep -c '(svm|vmx)' /proc/cpuinfo 返回 0 则不支持,需要看下BIOS里是否没有打开虚拟化支持. 安装KVM sudo apt update sudo apt install qemu qemu-kvm libvirt-bin bridge-utils virt-manager virt-sysperp 配置自启动 sudo systemctl start libvirtd.service sudo systemctl enable libvirtd.service 配置桥接网络修改 /etc/network/interfaces # The loopback network interface auto lo iface lo inet loopback # The bridge interface auto br0 iface br0 inet static address 10.10.0.3 netmask 255.255.255.0 network 10.10.0.1 broadcast 10.10.0.255 gateway 10.10.0.1 dns-nameservers 10.10.0.1 bridge_ports enp1s0 bridge_stp off bridge_fd 0 ubuntu

Posted by Vincent on Thursday, January 9, 2020

安装Kubernetes集群(3) - Prometheus

Prometheus 可以原生监控K8s ,节点和它本身.Prometheus Operator 可以简化Prometheus在K8S 中的安装.使用Prometheus adapter 可以使用自定义指标参数. Prometheus 也提供内建的控制台和查询语言来查询数据和可视化.Prometheus也可以做为Grafana的数据源. 安装Prometheu

Posted by Vincent on Wednesday, April 10, 2019

搭建Kubernetes集群(2) - Ingress

Ingress Ingress允许你配置运行于K8S上的HTTP负载均衡器对服务进行负载均衡. Ingress支持以下功能基于内容的路由基于主机名的路由基于路径的路由支持TLS/SSL请求查看官网对Ingress简介 Ingress 控制器 Ingress控制器是运行在集群中根据Ingress资源进行配置的HTT

Posted by Vincent on Thursday, April 4, 2019

搭建Kubernetes集群(1) - 安装集群

1.准备环境 Ubuntu 16.04 Docker CE 18.09.3 安装Kubeadm,Kubelet,Kubectl 使用 kubeadm config images list 命令.列出当前版本中用到的镜像. 输入如下 k8s.gcr.io/kube-apiserver:v1.13.4 k8s.gcr.io/kube-controller-manager:v1.13.4 k8s.gcr.io/kube-scheduler:v1.13.4 k8s.gcr.io/kube-proxy:v1.13.4 k8s.gcr.io/pause:3.1 k8s.gcr.io/etcd:3.2.24 k8s.gcr.io/coredns:1.2.6 使用脚本拉取国内镜像 #!/bin/bash images=( kube-apiserver:v1.13.4 kube-controller-manager:v1.13.4 kube-scheduler:v1.13.4 kube-proxy:v1.13.4 pause:3.1 etcd:3.2.24 coredns:1.2.6 ) for imageName in ${images[@]} ; do docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName done 重新载入服务 systemctl daemon-reload systemctl restart kubelet 安装flannel插件安装 ETCD 配置网络: /coreos.com/network/config 写入flan

Posted by Vincent on Sunday, March 24, 2019

我的乐与怒