标签:kubectl workloads master01 练习 nginx deployment k8s ubuntu
练习主题
- 练习deployment创建扩容所容
- 练习pods自动扩所容和metric安装配置
- 练习升级和回滚
- 练习configmap创建和使用
一 命令创建
创建depolyment nginx,副本为2
kubectl create deployment nginx --image=nginx:1.17.0 --replicas=2
ubuntu@master01:/k8s/cert$ kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 2/2 2 2 2m9s
扩容deployment 到5个
ubuntu@master01:/k8s/cert$ kubectl scale deployment nginx --replicas=5
deployment.apps/nginx scaled
ubuntu@master01:/k8s/cert$ kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 5/5 5 5 3m49s
ubuntu@master01:/k8s/cert$ kubectl get pods
NAME READY STATUS RESTARTS AGE
access1 1/1 Running 1 (3d ago) 3d8h
nginx-c46478757-2672q 1/1 Running 0 3m55s
nginx-c46478757-dbrrz 1/1 Running 0 10s
nginx-c46478757-fnpj9 1/1 Running 0 3m55s
nginx-c46478757-wpr87 1/1 Running 0 10s
nginx-c46478757-xls94 1/1 Running 0 10s
二 创建自动扩容hpa
#cpu超过70%,就扩容
kubectl autoscale deployment nginx --cpu-percent=70 --min=3 --max=6
ubuntu@master01:/k8s/cert$ kubectl get hpa
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
nginx Deployment/nginx <unknown>/70% 3 6 5 2m24s
#TARGETS现实unkonw,查看hpa log,发现是无法unable to get metrics for resource cpu:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedComputeMetricsReplicas 2m6s (x12 over 4m51s) horizontal-pod-autoscaler invalid metrics (1 invalid out of 1), first error is: failed to get cpu utilization: unable to get metrics for resource cpu: unable to fetch metrics from resource metrics API: the server could not find the requested resource (get pods.metrics.k8s.io)
Warning FailedGetResourceMetric 111s (x13 over 4m51s) horizontal-pod-autoscaler failed to get cpu utilization: unable to get metrics for resource cpu: unable to fetch metrics from resource metrics API: the server could not find the requested resource (get pods.metrics.k8s.io)
# 安装metrics-server
wget https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.6.1/components.yaml
修改里面的镜像为:registry.aliyuncs.com/google_containers/metrics-server:v0.6.1
ubuntu@master01:/k8s/cert$ kubectl apply -f components.yaml
serviceaccount/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
service/metrics-server created
deployment.apps/metrics-server created
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
通过yaml创建nginx-deployment,带有资源限制
ubuntu@master01:/k8s$ cat deployment.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 2 # 告知 Deployment 运行 2 个与该模板匹配的 Pod
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.17.0
ports:
- containerPort: 80
resources:
requests:
memory: "100Mi"
cpu: "3"
limits:
cpu: "5"
memory: "200Mi"
#重新创建自动扩容
kubectl autoscale deployment nginx-deployment --cpu-percent=6 --min=2 --max=6
#查看
ubuntu@master01:/k8s$ kubectl get hpa
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
nginx-deployment Deployment/nginx-deployment 0%/6% 2 6 2 11s
#查看创建的wide
ubuntu@master01:/k8s$ kubectl get hpa;kubectl get pods -owide
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
nginx-deployment Deployment/nginx-deployment 0%/6% 2 6 2 4m49s
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
access1 1/1 Running 1 (4d1h ago) 4d9h 172.18.34.67 slave01 <none> <none>
nginx-deployment-fb6cfdd99-nqk4w 1/1 Running 0 22s 172.18.34.78 slave01 <none> <none>
nginx-deployment-fb6cfdd99-zv6hq 1/1 Running 0 22s 172.18.57.206 slave02 <none> <none>
#压测
ab -c10 -n500000 http://172.18.34.79/
#结果
ubuntu@master01:/k8s$ kubectl get hpa;kubectl get pods -owide
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
nginx-deployment Deployment/nginx-deployment 40%/6% 2 6 2 8m42s
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
access1 1/1 Running 1 (4d1h ago) 4d9h 172.18.34.67 slave01 <none> <none>
nginx-deployment-7db5d4875f-5fq6j 0/1 ContainerCreating 0 1s <none> slave01 <none> <none>
nginx-deployment-7db5d4875f-nh49m 1/1 Running 0 64s 172.18.57.207 slave02 <none> <none>
nginx-deployment-7db5d4875f-nqw6r 0/1 ContainerCreating 0 1s <none> slave02 <none> <none>
nginx-deployment-7db5d4875f-nxxmm 1/1 Running 0 64s 172.18.34.79 slave01 <none> <none>
ubuntu@master01:/k8s$ kubectl get hpa;kubectl get pods -owide
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
nginx-deployment Deployment/nginx-deployment 40%/6% 2 6 2 8m43s
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
access1 1/1 Running 1 (4d1h ago) 4d9h 172.18.34.67 slave01 <none> <none>
nginx-deployment-7db5d4875f-5fq6j 1/1 Running 0 2s 172.18.34.80 slave01 <none> <none>
nginx-deployment-7db5d4875f-nh49m 1/1 Running 0 65s 172.18.57.207 slave02 <none> <none>
nginx-deployment-7db5d4875f-nqw6r 1/1 Running 0 2s 172.18.57.208 slave02 <none> <none>
nginx-deployment-7db5d4875f-nxxmm 1/1 Running 0 65s 172.18.34.79 slave01 <none> <none>
ubuntu@master01:/k8s$
#等待一段时间,cpu下去后,pod又会降回去。
nginx-deployment Deployment/nginx-deployment 0%/6% 2 6 2 98m
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
access1 1/1 Running 1 (4d2h ago) 4d10h 172.18.34.67 slave01 <none> <none>
nginx-deployment-7db5d4875f-5fq6j 1/1 Running 0 90m 172.18.34.80 slave01 <none> <none>
nginx-deployment-7db5d4875f-nqw6r 1/1 Running 0 90m 172.18.57.208 slave02 <none> <none>
三 升级和回滚
查看现有版本
ubuntu@master01:/k8s$ kubectl describe pods nginx-deployment-7db5d4875f-5fq6j | grep Image
Image: nginx:1.17.0
Image ID: docker-pullable://nginx@sha256:bdbf36b7f1f77ffe7bd2a32e59235dff6ecf131e3b6b5b96061c652f30685f3a
设置版本升级到nginx1.21.1
ubuntu@master01:/k8s$ kubectl set image deployment nginx-deployment nginx=nginx:1.21.1 --record
Flag --record has been deprecated, --record will be removed in the future
deployment.apps/nginx-deployment image updated
回滚
### 查询可用回滚的版本,可以状态
ubuntu@master01:/k8s$ kubectl rollout history deployment nginx-deployment
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
1 <none>
2 kubectl set image deployment nginx-deployment nginx=nginx:1.21.1 --record=true
ubuntu@master01:/k8s$ kubectl rollout history deployment nginx-deployment --revision=2
deployment.apps/nginx-deployment with revision #2
Pod Template:
Labels: app=nginx
pod-template-hash=6fc76b89c
Annotations: kubernetes.io/change-cause: kubectl set image deployment nginx-deployment nginx=nginx:1.21.1 --record=true
Containers:
nginx:
Image: nginx:1.21.1
Port: 80/TCP
Host Port: 0/TCP
Limits:
cpu: 60m
memory: 600Mi
Requests:
cpu: 10m
memory: 100Mi
Environment: <none>
Mounts: <none>
Volumes: <none>
ubuntu@master01:/k8s$
#执行会滚命令
ubuntu@master01:/k8s$ kubectl rollout undo deployment nginx-deployment --to-revision=1
deployment.apps/nginx-deployment rolled back
ubuntu@master01:/k8s$ kubectl get hpa;kubectl get pods -owide
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
nginx-deployment Deployment/nginx-deployment 0%/6% 2 6 2 109m
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
access1 1/1 Running 1 (4d2h ago) 4d10h 172.18.34.67 slave01 <none> <none>
nginx-deployment-7db5d4875f-hg222 1/1 Running 0 8s 172.18.57.211 slave02 <none> <none>
nginx-deployment-7db5d4875f-jxcdk 1/1 Running 0 7s 172.18.34.83 slave01 <none> <none>
ubuntu@master01:/k8s$ kubectl describe pods nginx-deployment-6fc76b89c-jkwxt | grep Image
Error from server (NotFound): pods "nginx-deployment-6fc76b89c-jkwxt" not found
#查看已经会滚了
ubuntu@master01:/k8s$ kubectl describe pods nginx-deployment-7db5d4875f-jxcdk | grep Image
Image: nginx:1.17.0
Image ID: docker-pullable://nginx@sha256:bdbf36b7f1f77ffe7bd2a32e59235dff6ecf131e3b6b5b96061c652f30685f3a
ubuntu@master01:/k8s$
#查看会滚历史
ubuntu@master01:/k8s$ kubectl rollout history deployment nginx-deployment
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
2 kubectl set image deployment nginx-deployment nginx=nginx:1.21.1 --record=true
3 <none>
四 创建数据存储
4.1 基于env创建
ubuntu@master01:/k8s$ kubectl create configmap dbinfo --from-literal=DB_HOST=mysqlhost --from-literal=DB_USER=root
configmap/dbinfo created
ubuntu@master01:/k8s$
ubuntu@master01:/k8s$ cat pods_configmap.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-env
spec:
containers:
- image: nginx:1.17.0
name: nginx-env
envFrom:
- configMapRef:
name: dbinfo
#创建map
ubuntu@master01:/k8s$ kubectl apply -f pods_configmap.yaml
pod/nginx-env created
#查看
ubuntu@master01:/k8s$ kubectl exec nginx-env -- env | grep HOST
HOSTNAME=nginx-env
DB_HOST=mysqlhost
4.2 基于配置文件挂载
ubuntu@master01:/k8s$ kubectl create configmap nginx-config --from-file=index.html
configmap/nginx-config created
#创建mapfile
cat pods_configmap_fie.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx2
spec:
containers:
- image: nginx:1.17.0
name: nginx2
volumeMounts:
- name: nginx-config-volume
mountPath: /usr/share/nginx/html/
volumes:
- name: nginx-config-volume
configMap:
name: nginx-config
ubuntu@master01:/k8s$ kubectl apply -f pods_configmap_fie.yaml
pod/nginx2 created
ubuntu@master01:/k8s$ kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
access1 1/1 Running 1 (4d3h ago) 4d11h 172.18.34.67 slave01 <none> <none>
nginx-deployment-7db5d4875f-hg222 1/1 Running 0 42m 172.18.57.211 slave02 <none> <none>
nginx-deployment-7db5d4875f-jxcdk 1/1 Running 0 42m 172.18.34.83 slave01 <none> <none>
nginx-env 1/1 Running 0 19m 172.18.57.212 slave02 <none> <none>
nginx2 1/1 Running 0 5s 172.18.57.214 slave02 <none> <none>
ubuntu@master01:/k8s$ kubectl get pods -o wide
#验证结果
ubuntu@master01:/k8s$ curl http://172.18.57.214
"welcome to k8s!"
ubuntu@master01:/k8s$
4.3 基于文件密码配置
#创建密码
cat pods_secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: dbsecret
type: Opaque
data:
pwd: dmJlYXJk
ubuntu@master01:/k8s$ kubectl apply -f pods_secret.yaml
secret/dbsecret created
#创建pods,引入dbsecret配置文件
ubuntu@master01:/k8s$ cat pods_secret_nginx.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx3
spec:
containers:
- image: nginx:1.17.0
name: nginx3
envFrom:
- secretRef:
name: dbsecret
#查看具体密码,已经解析出来了。
ubuntu@master01:/k8s$ kubectl exec nginx3 -- env |grep pwd
pwd=vbeard
ubuntu@master01:/k8s$ cat pods_secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: dbsecret
type: Opaque
data:
pwd: dmJlYXJk
ubuntu@master01:/k8s$
4.4 基于文件挂载密码配置
#创建私钥加密文件
ubuntu@master01:/k8s$ cp multi.rsa_key ssh-privatekey
ubuntu@master01:/k8s$ kubectl create secret generic secretssh --from-file=ssh-privatekey --type=kubernetes.io/ssh-auth
secret/secretssh created
#编写pod文件
cat mount_secret_Pods.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx4
spec:
containers:
- image: nginx:1.17.0
name: nginx4
volumeMounts:
- name: ssh-volume-secret
mountPath: /mnt
readOnly: true
volumes:
- name: ssh-volume-secret
secret:
secretName: secretssh
#创建
kubectl apply -f mount_secret_Pods.yaml
pod/nginx4 configured
#验证:
ubuntu@master01:/k8s$ kubectl exec nginx4 -- cat /mnt/ssh-privatekey
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAtBGttq3s2NV79x0KXZvqqO2H2Ncpsnk07LMHjekO3W3cxDwHN3VI
jLrD1hoYFfwpVpaZM+o+sqI2Gipb1s6zWeYJtYW7xVU+tZlXGmXKKvFpW3hPfoRMhocSKY
其它问题说明
问题1
ubuntu@master01:/k8s/cert$ kubectl top node
Error from server (ServiceUnavailable): the server is currently unable to handle the request (get nodes.metrics.k8s.io)
ubuntu@master01:/k8s/cert$
#查看日志,发现有错误,
I0223 22:53:50.469562 1 server.go:187] "Failed probe" probe="metric-storage-ready" err="no metrics to serve"
I0223 22:53:52.571337 1 server.go:187] "Failed probe" probe="metric-storage-ready" err="no metrics to serve"
I0223 22:54:00.483386 1 server.go:187] "Failed probe" probe="metric-storage-ready" err="no metrics to serve"
E0223 22:54:01.756750 1 scraper.go:140] "Failed to scrape node" err="Get \"https://192.168.64.86:10250/metrics/resource\": x509: cannot validate certificate for 192.168.64.86 because it doesn't contain any IP SANs" node="slave02"
E0223 22:54:01.758239 1 scraper.go:140] "Failed to scrape node" err="Get \"https://192.168.64.84:10250/metrics/resource\": x509: cannot validate certificate for 192.168.64.84 because it doesn't contain any IP SANs" node="master01"
E0223 22:54:01.772904 1 scraper.go:140] "Failed to scrape node" err="Get \"https://192.168.64.85:10250/metrics/resource\": x509: cannot validate certificate for 192.168.64.85 because it doesn't contain any IP SANs" node="slave01"
解决:- --kubelet-insecure-tls
问题2
ubuntu@master01:/k8s/cert$ kubectl describe hpa
Warning: autoscaling/v2beta2 HorizontalPodAutoscaler is deprecated in v1.23+, unavailable in v1.26+; use autoscaling/v2 HorizontalPodAutoscaler
Name: nginx
Namespace: default
Labels: <none>
Annotations: <none>
CreationTimestamp: Fri, 24 Feb 2023 20:18:06 +0800
Reference: Deployment/nginx
Metrics: ( current / target )
resource cpu on pods (as a percentage of request): <unknown> / 50%
Min replicas: 3
Max replicas: 6
Deployment pods: 5 current / 0 desired
Conditions:
Type Status Reason Message
---- ------ ------ -------
AbleToScale True SucceededGetScale the HPA controller was able to get the target's current scale
ScalingActive False FailedGetResourceMetric the HPA was unable to compute the replica count: failed to get cpu utilization: missing request for cpu
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedComputeMetricsReplicas 63s (x12 over 3m49s) horizontal-pod-autoscaler invalid metrics (1 invalid out of 1), first error is: failed to get cpu utilization: missing request for cpu
Warning FailedGetResourceMetric 48s (x13 over 3m49s) horizontal-pod-autoscaler failed to get cpu utilization: missing request for cpu
#解决,需要用有limits限制资源参数才行。
ubuntu@master01:/k8s$ kubectl get hpa
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
nginx-deployment Deployment/nginx-deployment 0%/50% 2 6 2 115s
标签:kubectl,
workloads,
master01,
练习,
nginx,
deployment,
k8s,
ubuntu
From: https://www.cnblogs.com/vbear/p/17150037.html