介绍
Kubernetes(常简称为K8s)是用于自动部署、扩展和管理“容器化(containerized)应用程序”的开源系统。该系统由Google设计并捐赠给Cloud Native Computing Foundation(今属Linux基金会)来使用。 它旨在提供“跨主机集群的自动部署、扩展以及运行应用程序容器的平台”,简单来说K8S是容器编排管理平台。 但是Kubernetes主要应用于生产环境,对于初学者、开发、测试却不是很友好,主要是安装比较麻烦。
MicroK8s是一个单一的软件包,其实就是一个简化安装版Kubernetes,使开发人员能够在60秒内获得一个功能齐全、一致且安全的Kubernetes系统。MicroK8s专为本地开发、物联网设备、CI/CD和边缘使用而设计,可作为快照提供,并可在Linux、Windows和Mac上使用,主打一个安装简单快捷。
提到Kubernetes,就不能不提到Kubernetes的容器运行时,在早期版本 Kubernetes 默认容器运行时是Docker,而现在默认的容器运行时为 Containerd 。后面会因为网络原因使用 Docker 来下载镜像并导入到 Containerd。
准备
| 主机 | 系统 | ip | cpu | 内存 | 硬盘 | 备注 |
|---|
| microk8s-01 | ubuntu 22.04 server | 192.168.1.248 | 2 | 4G | 40G | |
这里使用 KVM 创建虚拟机模版,并克隆出需要的虚拟机,也可以使用其他方式获得。
创建模版机
1
2
3
4
5
6
7
8
9
10
11
12
| virt-install \
--connect=qemu:///system \
--virt-type=kvm \
--name=microk8s-00 \
--vcpus=2 \
--memory=4096 \
--location=/kvm/iso/ubuntu-22.04.4-live-server-amd64.iso \
--disk path=/kvm/vm/microk8s-00.qcow2,size=40,format=qcow2 \
--network bridge=br0 \
--graphics none \
--extra-args='console=ttyS0' \
--force
|
克隆虚拟机
1
2
3
4
5
6
7
8
| # 关闭虚拟机(克隆前必须先关闭)
virsh shutdown microk8s-00
# 克隆虚拟机
virt-clone -o microk8s-00 -n microk8s-01 -f /kvm/vm/microk8s-01.qcow2
# 启动新虚拟机
virsh start microk8s-01
|
修改虚拟机
1
2
| # 进入虚拟机
virsh console microk8s-01
|
修改主机名
1
2
3
| microk8s@microk8s-01:~$ sudo vi /etc/hostname
# 修改为microk8s-01
microk8s-01
|
修改网络
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| microk8s@microk8s-01:~$ sudo vi /etc/netplan/00-installer-config.yaml
# 内容如下
network:
ethernets:
enp1s0:
dhcp4: false
dhcp6: false
addresses: [192.168.1.248/24]
routes:
- to: default
via: 192.168.1.1
nameservers:
addresses: [114.114.114.114, 202.106.0.20]
version: 2
|
修改hosts
1
2
3
4
5
| microk8s@microk8s-01:~$ sudo vi /etc/hosts
# 内容
192.168.1.248 microk8s-01
|
重启
1
| microk8s@microk8s-01:~$ sudo reboot
|
这样,一台ubuntu 22.04 server,IP:192.168.1.248,2核,4G内存,40G硬盘的机器就准备好了。
安装及问题解决
安装
microk8s安装很简单,只需要一条命令。但是理想很丰满,现实,,,,,,
1
2
3
4
5
6
7
8
9
10
11
12
| # 安装docker,后面要用他拉取镜像
sudo apt install docker.io
# 安装microk8s
sudo snap install microk8s --classic --channel=1.29/stable
# 移除
#snap remove microk8s
# 查看状态(等待准备好)
microk8s status --wait-ready
|
等待很久都没准备好。猜想是出现问题,而这时候最可能的问题是网络问题。开始排查。。。
问题
1
2
3
4
5
| microk8s@microk8s-01:~$ microk8s kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-77bd7c5b-v7qv6 0/1 Pending 0 10s
kube-system calico-node-tfsf5 0/1 Init:0/2 0 10s
kube-system coredns-864597b5fd-ddhsl 0/1 Pending 0 10s
|
发现有pod没有创建成功。基本可以确定是因为网络原因导致镜像拉取失败。。。
1
| microk8s@microk8s-01:~$ microk8s.kubectl describe pods --all-namespaces
|
1
2
3
4
5
6
| # 省略
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedCreatePodSandBox 112s (x25 over 172m) kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = failed to get sandbox image "registry.k8s.io/pause:3.7": failed to pull image "registry.k8s.io/pause:3.7": failed to pull and unpack image "registry.k8s.io/pause:3.7": failed to resolve reference "registry.k8s.io/pause:3.7": failed to do request: Head "https://us-west2-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.7": dial tcp 64.233.187.82:443: i/o timeout
# 省略
|
问题确定,registry.k8s.io/pause:3.7 镜像拉取失败,导致不能正常创建pod。需要手动处理,可以选择国内镜像,手动拉去替换。
拉取registry.k8s.io/pause:3.7镜像
1
2
3
4
5
6
7
8
9
10
| # 拉取代理镜像
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.7
# 打tag
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.7 k8s.gcr.io/pause:3.7
# 保存为文件
docker save k8s.gcr.io/pause:3.7 > pause:3.7.tar
# 导入到microk8s
microk8s ctr image import pause:3.7.tar
# 清理
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.7
|
镜像处理完成后,稍等一会,发现系统一切正常了。如果还要其他pod没有创建成功,用一样的方法排错即可。
安装扩展
microk8s为了方便,提供了简单的安装扩展的命令
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
| microk8s@microk8s-01:~$ microk8s status
microk8s is running
high-availability: no
datastore master nodes: 127.0.0.1:19001
datastore standby nodes: none
addons:
enabled:
dashboard # (core) The Kubernetes dashboard
dns # (core) CoreDNS
ha-cluster # (core) Configure high availability on the current node
helm # (core) Helm - the package manager for Kubernetes
helm3 # (core) Helm 3 - the package manager for Kubernetes
hostpath-storage # (core) Storage class; allocates storage from host directory
metrics-server # (core) K8s Metrics Server for API access to service metrics
registry # (core) Private image registry exposed on localhost:32000
storage # (core) Alias to hostpath-storage add-on, deprecated
disabled:
cert-manager # (core) Cloud native certificate management
cis-hardening # (core) Apply CIS K8s hardening
community # (core) The community addons repository
gpu # (core) Alias to nvidia add-on
host-access # (core) Allow Pods connecting to Host services smoothly
ingress # (core) Ingress controller for external access
kube-ovn # (core) An advanced network fabric for Kubernetes
mayastor # (core) OpenEBS MayaStor
metallb # (core) Loadbalancer for your Kubernetes cluster
minio # (core) MinIO object storage
nvidia # (core) NVIDIA hardware (GPU and network) support
observability # (core) A lightweight observability stack for logs, traces and metrics
prometheus # (core) Prometheus operator for monitoring and logging
rbac # (core) Role-Based Access Control for authorisation
rook-ceph # (core) Distributed Ceph storage using Rook
|
需要啥扩展只要通过命令安装即可,这里安装几个扩展
1
2
3
4
5
6
7
8
| # 开启控制面板
microk8s enable dashboard
# 开启dns
microk8s enable dns
# 开启镜像库插件
microk8s enable registry
# 开启服务网格
microk8s enable istio
|
测试
部署完成后,可以看看我们系统的状态
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
| microk8s@microk8s-01:~$ microk8s.kubectl get all --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
container-registry pod/registry-6c9fcc695f-559lh 1/1 Running 0 6m49s
kube-system pod/calico-kube-controllers-77bd7c5b-9cqg6 1/1 Running 0 15h
kube-system pod/calico-node-sm97h 1/1 Running 0 15h
kube-system pod/coredns-864597b5fd-lhlfk 1/1 Running 0 15h
kube-system pod/dashboard-metrics-scraper-5657497c4c-5kt94 1/1 Running 0 11h
kube-system pod/hostpath-provisioner-756cd956bc-jv4jr 1/1 Running 0 6m51s
kube-system pod/kubernetes-dashboard-54b48fbf9-qtj4s 1/1 Running 0 11h
kube-system pod/metrics-server-848968bdcd-8lqff 1/1 Running 0 11h
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
container-registry service/registry NodePort 10.152.183.79 <none> 5000:32000/TCP 6m49s
default service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 15h
kube-system service/dashboard-metrics-scraper ClusterIP 10.152.183.98 <none> 8000/TCP 11h
kube-system service/kube-dns ClusterIP 10.152.183.10 <none> 53/UDP,53/TCP,9153/TCP 15h
kube-system service/kubernetes-dashboard ClusterIP 10.152.183.106 <none> 443/TCP 11h
kube-system service/metrics-server ClusterIP 10.152.183.215 <none> 443/TCP 11h
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
kube-system daemonset.apps/calico-node 1 1 1 1 1 kubernetes.io/os=linux 15h
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
container-registry deployment.apps/registry 1/1 1 1 6m49s
kube-system deployment.apps/calico-kube-controllers 1/1 1 1 15h
kube-system deployment.apps/coredns 1/1 1 1 15h
kube-system deployment.apps/dashboard-metrics-scraper 1/1 1 1 11h
kube-system deployment.apps/hostpath-provisioner 1/1 1 1 6m52s
kube-system deployment.apps/kubernetes-dashboard 1/1 1 1 11h
kube-system deployment.apps/metrics-server 1/1 1 1 11h
NAMESPACE NAME DESIRED CURRENT READY AGE
container-registry replicaset.apps/registry-6c9fcc695f 1 1 1 6m49s
kube-system replicaset.apps/calico-kube-controllers-77bd7c5b 1 1 1 15h
kube-system replicaset.apps/coredns-864597b5fd 1 1 1 15h
kube-system replicaset.apps/dashboard-metrics-scraper-5657497c4c 1 1 1 11h
kube-system replicaset.apps/hostpath-provisioner-756cd956bc 1 1 1 6m52s
kube-system replicaset.apps/kubernetes-dashboard-54b48fbf9 1 1 1 11h
kube-system replicaset.apps/metrics-server-848968bdcd 1 1 1 11h
microk8s@microk8s-01:~$ microk8s status
microk8s is running
high-availability: no
datastore master nodes: 127.0.0.1:19001
datastore standby nodes: none
addons:
enabled:
dashboard # (core) The Kubernetes dashboard
dns # (core) CoreDNS
ha-cluster # (core) Configure high availability on the current node
helm # (core) Helm - the package manager for Kubernetes
helm3 # (core) Helm 3 - the package manager for Kubernetes
hostpath-storage # (core) Storage class; allocates storage from host directory
metrics-server # (core) K8s Metrics Server for API access to service metrics
registry # (core) Private image registry exposed on localhost:32000
storage # (core) Alias to hostpath-storage add-on, deprecated
disabled:
cert-manager # (core) Cloud native certificate management
cis-hardening # (core) Apply CIS K8s hardening
community # (core) The community addons repository
gpu # (core) Alias to nvidia add-on
host-access # (core) Allow Pods connecting to Host services smoothly
ingress # (core) Ingress controller for external access
kube-ovn # (core) An advanced network fabric for Kubernetes
mayastor # (core) OpenEBS MayaStor
metallb # (core) Loadbalancer for your Kubernetes cluster
minio # (core) MinIO object storage
nvidia # (core) NVIDIA hardware (GPU and network) support
observability # (core) A lightweight observability stack for logs, traces and metrics
prometheus # (core) Prometheus operator for monitoring and logging
rbac # (core) Role-Based Access Control for authorisation
rook-ceph # (core) Distributed Ceph storage using Rook
|
注: 这里只是开启了 dashboard 并不能访问
:单机部署/云平台-microk8s(一):单机部署-00.png)
:单机部署/云平台-microk8s(一):单机部署-01.png)