Docker基础知识 (18) - Kubernetes(一) | 阿里云 ECS 上部署 Minikube
Kubernetes,也被称为 K8s 或 Kube,是谷歌推出的业界最受欢迎的容器管理/运维工具(容器编排器)。它是一套自动化容器管理/运维的开源平台,包括部署、调度和节点集群的扩展等。
Kubernetes 的详细介绍,请参考 "系统架构与设计(6)- Kubernetes(K8s)"。
Kubernetes: https://kubernetes.io/
Kubernetes GitHub: https://github.com/kubernetes
Minikube 是由 Kubernetes 社区维护的单机版的 Kubernetes 集群快速部署工具,目前支持 MacOS、Linux 以及Windows 等多种操作系统平台。适合在 PC 上作为 K8s 入门环境或开发测试环境使用,由于只支持单节点不支持高可用,因此不能用于生产部署。
Minikube: https://minikube.sigs.k8s.io/docs/start/
Minikube GitHub: https://github.com/kubernetes/minikube
1. 部署环境
    主机:阿里云 ECS
    CPU & 内存:2核(vCPU) 4 GiB
    操作系统: Linux CentOS 7.9 64位 
    Docker 版本:20.10.7
    Kubernetes 版本:1.20.0
    Linux 用户:非 root 权限用户 (用户名自定义,这里以 xxx 表示),属于 docker 用户组 
    注:阿里云 ECS(https://www.aliyun.com/)实例的具体创建过程,参考访问 https://help.aliyun.com/product/25365.html。
        Docker 安装配置请参考 “Docker基础知识 (1) - Docker 架构、Docker 安装、Docker 镜像加速”。 
尝试在本地 Linux 虚拟机 (Win10 + VirtulBox + CentOS) 上部署 Minikube 1.20.0 (Kubernetes 1.20.0) 和 Minikube 1.28.0 (Kubernetes 1.20.0),都无法解决运行 minikube dashboard 和部署应用时的 ImagePullBackOff 错误(访问外网,拉取镜像失败)。
2. 安装 Minikube
    1) 配置镜像源
        $ sudo vim /etc/yum.repos.d/kubernetes.repo
            [kubernetes]
            name=Kubernetes
            baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
            enabled=1
            gpgcheck=1
            repo_gpgcheck=0
            gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
    2) 下载并安装 Minikube
Goolge 版:
$ sudo curl -LO https://storage.googleapis.com/minikube/releases/v1.20.0/minikube-linux-amd64 && sudo install minikube-linux-amd64 /usr/local/bin/minikube
执行结果如下:
            % Total    % Received % Xferd Average  Speed    Time    Time     Time    Current
                                            Dload    Upload   Total   Spent    Left    Speed
            100 60.9M  100 60.9M    0   0   20.1M    0       0:00:03  0:00:03 --:--:-- 20.1M
        
            注: minikube-linux-amd64 适用于 Intel 芯片的主机,在其它芯片的主机上安装,需要找到对应的安装包。
        检查 Minikube 是否安装成功:
            $ minikube version
                minikube version: v1.20.0
                commit: c61663e942ec43b20e8e70839dcca52e44cd85ae
            $ minikube kubectl version
                    > kubectl.sha256: 64 B / 64 B [--------------------------] 100.00% ? p/s 0s
                    > kubectl: 38.37 MiB / 38.37 MiB [-------------] 100.00% 26.28 MiB p/s 1.7s
                Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.0", GitCommit:"faecb196815e248d3ecfb03c680a4507229c2a56", GitTreeState:"clean", BuildDate:"2021-01-13T13:28:09Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"}
                The connection to the server localhost:8080 was refused - did you specify the right host or port?
            注: minikube 自动下载安装 kubectl,这个 kubectl 的运行格式如下。
            
                $ minikube kubectl
    3) 单独安装 kubectl 
        $ sudo yum install -y kubectl-1.20.0
        注:本文没有单独安装 kubectl,下文都使用 minikube kubectl。
3. 启动 Minikube
    1) 启动
     
        $ minikube start --image-mirror-country='cn'  --kubernetes-version=v1.20.0
            😄  minikube v1.20.0 on Centos 7.9.2009
            ✨  Automatically selected the docker driver
                ...
                ▪ Generating certificates and keys ...
                ▪ Booting up control plane ...
                ▪ Configuring RBAC rules ...
            🔎  Verifying Kubernetes components...
                ▪ Using image registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-minikube/storage-provisioner:v5 (global image repository)
            🌟  Enabled addons: default-storageclass, storage-provisioner
            💡  kubectl not found. If you need it, try: 'minikube kubectl -- get pods -A'
            🏄  Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
            命令参数:
                --image-mirror-country: cn 将下载 registry.cn-hangzhou.aliyuncs.com/google_containers 作为安装 Kubernetes 的容器镜像仓库;
                --cpus=2: 为 minikube 虚拟机分配 CPU 核数;
                --memory=2000mb: 为 minikube 虚拟机分配内存数;
                --kubernetes-version=***: minikube 虚拟机将使用的 kubernetes 版本;
                --driver=docker:指定驱动,默认是 docker;
        $ minikube kubectl version
            Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.0", GitCommit:"faecb196815e248d3ecfb03c680a4507229c2a56", GitTreeState:"clean", BuildDate:"2021-01-13T13:28:09Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"}
            Server Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.0", GitCommit:"faecb196815e248d3ecfb03c680a4507229c2a56", GitTreeState:"clean", BuildDate:"2021-01-13T13:20:00Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"}        
    2) 查看 minikube 容器 (Docker)
        $ docker ps
        CONTAINER ID   IMAGE               ...   PORTS                         NAMES
        8b806efdae45   ...kicbase:v0.0.22        127.0.0.1:49157->22/tcp,      minikube
                                                 127.0.0.1:49156->2376/tcp,
                                                 127.0.0.1:49155->5000/tcp,
                                                 127.0.0.1:49154->8443/tcp,
                                                 127.0.0.1:49153->32443/tcp   
4. Minikube 常用命令
    1) 查看集群信息
        $ minikube kubectl cluster-info
            Kubernetes control plane is running at https://192.168.49.2:8443
            KubeDNS is running at https://192.168.49.2:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
    2) 查询节点信息
        $ minikube kubectl get node
            NAME       STATUS   ROLES                  AGE     VERSION
            minikube   Ready    control-plane,master   9m35s   v1.20.2
    3) 查看内部组件
        $ minikube kubectl get pod
            No resources found in default namespace.
    4) 查询全部的名称空间
        $ minikube kubectl -- get pods -A
        NAMESPACE   NAME                              READY  STATUS            RESTARTS  AGE
        kube-system coredns-54d67798b7-k4tjk          1/1    Running           0         10m
        kube-system etcd-minikube                     1/1    Running           0         10m
        kube-system kube-apiserver-minikube           1/1    Running           0         10m
        kube-system kube-controller-manager-minikube  1/1    Running           0         10m
        kube-system kube-proxy-n8gpl                  1/1    Running           0         10m
        kube-system kube-scheduler-minikube           1/1    Running           0         10m
        kube-system storage-provisioner               0/1    ImagePullBackOff  0         10m    
注:这里获取的 kubectl-system 名称空间,是系统内置的。
5. 启动 dashboard
    1) 启动并显示代理地址
        $ minikube dashboard --url
            🔌  Enabling dashboard ...
                ▪ Using image kubernetesui/dashboard:v2.1.0
                ▪ Using image kubernetesui/metrics-scraper:v1.0.4
            🤔  Verifying dashboard health ...
            🚀  Launching proxy ...
            🤔  Verifying proxy health ...
            👉  http://127.0.0.1:34149/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/
        注:这个 URL 只能在宿主机内部访问,在宿主机之外无法直接访问,需要设置 kubectl proxy 代理或其它方式。
    2) 设置 kubectl proxy 代理
        $ minikube kubectl -- proxy --address='0.0.0.0'  --accept-hosts='^*$' &
            
            Starting to serve on [::]:8001
        需要修改 ECS 防火墙规则,允许入方向的 8001 端口通行。
        
        在宿主机之外浏览器访问:http://ECS公网IP:8001/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/
            
    3) 查看 dashboard 状态
    
        # 查看 dashboard service
        $ minikube kubectl -- get svc -n kubernetes-dashboard
            NAME                       TYPE       CLUSTER-IP      EXTERNAL-IP  PORT(S)   AGE
            dashboard-metrics-scraper  ClusterIP  10.102.200.233  <none>       8000/TCP  96s
            kubernetes-dashboard       ClusterIP  10.106.108.8    <none>       80/TCP    96s
        # 查看 Addon 组件
        $ minikube addons list
            |-----------------------------|----------|--------------|
            |         ADDON NAME          | PROFILE  |    STATUS    |
            |-----------------------------|----------|--------------|
            | ambassador                  | minikube | disabled     |
            | auto-pause                  | minikube | disabled     |
            | csi-hostpath-driver         | minikube | disabled     |
            | dashboard                   | minikube | enabled ✅   |
            | default-storageclass        | minikube | enabled ✅   |
            | efk                         | minikube | disabled     |
            | freshpod                    | minikube | disabled     |
            | gcp-auth                    | minikube | disabled     |
            | gvisor                      | minikube | disabled     |
            | helm-tiller                 | minikube | disabled     |
            | ingress                     | minikube | disabled     |
            | ingress-dns                 | minikube | disabled     |
            | istio                       | minikube | disabled     |
            | istio-provisioner           | minikube | disabled     |
            | kubevirt                    | minikube | disabled     |
            | logviewer                   | minikube | disabled     |
            | metallb                     | minikube | disabled     |
            | metrics-server              | minikube | disabled     |
            | nvidia-driver-installer     | minikube | disabled     |
            | nvidia-gpu-device-plugin    | minikube | disabled     |
            | olm                         | minikube | disabled     |
            | pod-security-policy         | minikube | disabled     |
            | registry                    | minikube | disabled     |
            | registry-aliases            | minikube | disabled     |
            | registry-creds              | minikube | disabled     |
            | storage-provisioner         | minikube | enabled ✅   |
            | storage-provisioner-gluster | minikube | disabled     |
            | volumesnapshots             | minikube | disabled     |
            |-----------------------------|----------|--------------|
    4) 停止 dashboard
        $ minikube addons disable dashboard
6. 部署 K8s 单节点应用
    部署⼀个 Nginx,并通过 IP 访问。
    1) 创建 deployment
    
        $ minikube kubectl -- create deployment test-nginx-1-23 --image=nginx:1.23.0
            deployment.apps/test-nginx-1-23 created
        注:deployment 是 Pod 控制器的⼀种,直接删除 Pod 后,会⾃动创建新的 Pod。只能删除 deployment,使用 kubectl delete deployment test-nginx-1-23 命令删除 deployment。
    2) 查看 deployment 和 pod
        $ minikube kubectl get deploy,pod,svc
            NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
            deployment.apps/test-nginx-1-23   1/1     1            1           48s
            NAME                                  READY   STATUS    RESTARTS   AGE
            pod/test-nginx-1-23-54bd8544d-vpwcg   1/1     Running   0          48s
            NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
            service/kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   94m
        注:这里使用了缩写。
            deploy 是 deployment 的缩写; 
            svc 是 service 的缩写;
            参数可以单个使用,比如:kubectl get svc 
    3) 配置 service 端口
        $ minikube kubectl -- expose deployment test-nginx-1-23 --port=80 --type=NodePort 
            service/test-nginx-1-23 exposed
            type 的值:
                ClusterIP:pod 之间内部的通信
                ExternalName:
                LoadBalancer
                NodePort:对外的通信
        $ minikube kubectl get svc
            NAME              TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
            kubernetes        ClusterIP   10.96.0.1       <none>        443/TCP        103m
            test-nginx-1-23   NodePort    10.110.152.84   <none>        80:32167/TCP   30s
    4) 转发端⼝
        $ minikube kubectl -- port-forward --address 0.0.0.0 service/test-nginx-1-23 8080:80 &
            Forwarding from 0.0.0.0:8080 -> 80
            
        访问 http://ECS公网IP:8080/,显示如下内容:
            Welcome to nginx!
            If you see this page, the nginx web server is successfully installed and working. Further configuration is required.
            For online documentation and support please refer to nginx.org.
            Commercial support is available at nginx.com.
            Thank you for using nginx.
    5) 停止 kubectl 进程
        先使用 netstat 列出后台运行的 kubectl 进程,再用 kill pid 命令停止进程。
        $ netstat -tulp | grep kubectl 
            (Not all processes could be identified, non-owned process info
            will not be shown, you would have to be root to see it all.)
            tcp      0      0 0.0.0.0:webcache        0.0.0.0:*       LISTEN      294739/kubectl
            tcp6     0      0 [::]:vcom-tunnel        [::]:*          LISTEN      292319/kubectl
        $ sudo kill -9 294739 292319
7. 卸载 minikube
        # 停止集群
            $ minikube stop
        # 删除集群
        $ minikube delete
    
        # 卸载 minikube 
        $ sudo rm -rf ~/.minikube ~/.kube 
        $ sudo rm -rf /usr/local/bin/minikube /usr/local/bin/localkube
-----------------------
参考:https://developer.aliyun.com/article/221687
 
 
                     
                    
                 
                    
                 
                
            
         
         浙公网安备 33010602011771号
浙公网安备 33010602011771号