当前位置：首页 > news >正文

福建微网站建设wordpress 语录小程序

news 2025/12/18 13:49:40

福建微网站建设,wordpress 语录小程序,推广方案怎么做,互联网公司和软件公司一、Kubernetes简介 kubernetes 的本质是一组服务器集群#xff0c;它可以在集群的每个节点上运行特定的程序#xff0c;来对节点中的容器进行管理。目的是实现资源管理的自动化#xff0c;主要提供了如下的主要功能#xff1a; 自我修复#xff1a;一旦某一个容器崩溃它可以在集群的每个节点上运行特定的程序来对节点中的容器进行管理。目的是实现资源管理的自动化主要提供了如下的主要功能自我修复一旦某一个容器崩溃能够在1秒中左右迅速启动新的容器弹性伸缩可以根据需要自动对集群中正在运行的容器数量进行调整服务发现服务可以通过自动发现的形式找到它所依赖的服务负载均衡如果一个服务起动了多个容器能够自动实现请求的负载均衡版本回退如果发现新发布的程序版本有问题可以立即回退到原来的版本存储编排可以根据容器自身的需求自动创建存储卷 1.1 K8s组件及其用途 k8s集群包括2种角色master管理节点和node工作节点至少要有一个node工作节点。 kubectl 是一个客户端的管理工具直接管理API server提供一个请求到一个api server中间有一个auth认证判断是否有权限访问。 1、Master 节点包含4大组件分别是kube-api server、kube-controller-master、kube-scheduler、etcd备注etcd可以单独部署集群不必在master节点上组件名称作用 kube-apiservermaster核心组件k8s集群的统一访问入口各组件的协调者以RESTful API提供接口方式所有的对象资源的增删改查和监听操作都交给APIServer处理后再提交给etcd数据库做持久化存储kube-controller-manager 处理集群中常规后台任务一个资源对应一个控制器而controller-Manager就是负责处理这些控制器的例如 deployment-controller、endpoint-controller负责维护集群的状态比如程序部署安排故障检测自动扩展滚动更新等kube-schedulerscheduler根据调度算法为新创建的pod选择一个node节点负责集群资源调度按照调度策略将pod绑定到某个node节点上即给pod分配一个家)etcd分布式键值存储数据库用于保存集群状态数据比如PodService等对象信息etcd可以有多个etcd数据库集群也可以不与master节点在一起只要master能通过网络连接etcd数据库即可 2、Node节点包含2大组件分别是kubelet、kube-proxy 组件名称作用 kubelet kubelet 是Master在Node节点上的Agent管理node节点主机运行容器的生命周期比如创建容器Pod挂载数据卷下载secret获取容器和节点状态等工作kubelet 将每个Pod转换成一组容器负责维护容器的生命周期即通过控制docker来创建、更新、销毁容器kube-proxy在Node节点上实现Pod网络代理维护网络规则和四层负载均衡工作实现让Pod节点一个或者多个容器对外提供服务负责提供集群内部的服务发现和负载均衡 1.2 K8s常用名词概念名词概念Master 集群控制节点每个集群需要至少一个 master 节点负责集群的管控 Node 工作负载节点由 master 分配容器到这些 node 工作节点上然后 node 节点上的 Pod kubernetes 的最小控制单元容器都是运行在 pod 中的一个 pod 中可以有 1 个或者多个容器 Controller 控制器通过它来实现对 pod 的管理比如启动 pod 、停止 pod 、伸缩 pod 的数量等 Service pod 对外服务的统一入口下面可以维护者同一类的多个 pod Label 标签用于对 pod 进行分类同一类 pod 会拥有相同的标签 NameSpace命名空间用来隔离pod的运行环境二、K8s环境部署 2.1 docker仓库环境部署 [rootdocker-hub ~]# hostname docker-hub# 修改配置文件 [rootdocker-hub ~]# cd /etc/yum.repos.d/ [rootdocker-hub yum.repos.d]# vim docker.repo [rootdocker-hub yum.repos.d]# cat docker.repo [docker] namedocker-ce baseurlhttps://mirrors.aliyun.com/docker-ce/linux/rhel/9/x86_64/stable/ gpgcheck0# 安装docker镜像 [rootdocker-hub yum.repos.d]# yum install docker-ce -y已安装:containerd.io-1.7.22-3.1.el9.x86_64docker-buildx-plugin-0.17.1-1.el9.x86_64docker-ce-3:27.3.1-1.el9.x86_64docker-ce-cli-1:27.3.1-1.el9.x86_64docker-ce-rootless-extras-27.3.1-1.el9.x86_64docker-compose-plugin-2.29.7-1.el9.x86_64[rootdocker-hub yum.repos.d]# vim /usr/lib/systemd/system/docker.service ExecStart/usr/bin/dockerd -H fd:// --containerd/run/containerd/containerd.sock- -iptablestrue# 启动docker [rootdocker-hub yum.repos.d]# systemctl enable --now docker.service [rootdocker-hub yum.repos.d]# docker info# 从本地上传registry并导入 [rootdocker-hub ~]# ls 公共视频文档音乐 anaconda-ks.cfg registry.tag.gz 模板图片下载桌面 [rootdocker-hub ~]# docker load -i registry.tag.gz ce7f800efff9: Loading layer 7.644MB/7.644MB 30609d4f10dd: Loading layer 792.6kB/792.6kB 3b6a51496c9d: Loading layer 17.55MB/17.55MB e704e9e3e9dc: Loading layer 3.584kB/3.584kB f019f591461d: Loading layer 2.048kB/2.048kB Loaded image: registry:latest [rootdocker-hub ~]# mkdir certs# 做解析 [rootdocker-hub ~]# vim /etc/hosts [rootdocker-hub ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.25.254.250 harbor.yee.org reg.yee.org[rootdocker-hub ~]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/yee.org.key -subjectAltName DNS:reg.yee.org -x509 -days 365 -out certs/yee.org.crt You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ., the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:Shanxi Locality Name (eg, city) [Default City]:XIan Organization Name (eg, company) [Default Company Ltd]:docker Organizational Unit Name (eg, section) []:registry Common Name (eg, your name or your servers hostname) []:reg.yee.org Email Address []:adminyee.org# 上传本地harbor包并解压缩 [rootdocker-hub ~]# tar zxf harbor-offline-installer-v2.5.4.tgz [rootdocker-hub ~]# ls 公共文档 anaconda-ks.cfg registry.tag.gz 模板下载 certs 视频音乐 harbor 图片桌面 harbor-offline-installer-v2.5.4.tgz# 修改配置文件 [rootdocker-hub ~]# cd harbor/ [rootdocker-hub harbor]# cp harbor.yml.tmpl harbor.yml [rootdocker-hub harbor]# vim harbor.yml hostname: reg.yee.org certificate: /data/certs/yee.org.crt private_key: /data/certs/yee.org.key harbor_admin_password: 123[rootdocker-hub ~]# docker load -i nginx-latest.tar.gz 9853575bc4f9: Loading layer 77.83MB/77.83MB 72db5db515fd: Loading layer 114MB/114MB 8b87c0c66524: Loading layer 3.584kB/3.584kB ec1a2ca4ac87: Loading layer 4.608kB/4.608kB 55e54df86207: Loading layer 2.56kB/2.56kB f4f00eaedec7: Loading layer 5.12kB/5.12kB 5f0272c6e96d: Loading layer 7.168kB/7.168kB Loaded image: nginx:latest [rootdocker-hub ~]# mkdir /data/ [rootdocker-hub ~]# cd /data/ [rootdocker-hub data]# cp /root/certs/ /data/ -r [rootdocker-hub data]# cd [rootdocker-hub ~]# cd harbor/ [rootdocker-hub harbor]# ./install.sh --with-chartmuseum[rootdocker-hub harbor]# cd /root/certs/ [rootdocker-hub certs]# ls yee.org.crt yee.org.key [rootdocker-hub certs]# cp /root/certs/yee.org.crt /etc/docker/certs.d/reg.yee.org/ca.crt 做本地解析路径C:\Windows\System32\drivers\etc 测试harbor环境上传镜像在docker界面创建文件夹yee 至此harbor仓库搭建完成。 2.2 K8s集群部署 2.1.1 K8s环境部署说明 K8S 中文官网 https://kubernetes.io/zh-cn/ 在本次实验中我们采用一主多从集群结构类型一台master节点两台node节点。其中maser结点命名为node结点命名为node1、node2 主机名ip扮演的角色k8s-master172.25.254.200 K8s集群控制节点 k8s-node1172.25.254.10K8s集群工作节点k8s-node2172.25.254.20K8s集群工作节点 2.1.2 K8s集群实验环境搭建注意所有节点禁用selinux和防火墙所有节点同步时间和解析所有节点安装docker-ce所有节点禁用swap注意注释掉/etc/fstab文件中的定义 1、本地解析 [rootk8s-node1 ~]# scp /etc/hosts root172.25.254.20:/etc/hosts [rootk8s-node1 ~]# scp /etc/hosts root172.25.254.100:/etc/hosts [rootk8s-node1 ~]# scp /etc/hosts root172.25.254.250:/etc/hosts 2、检测软件仓库 3、安装docker镜像 1、配置私有仓库使其支持认证 2、创建目录目录与域名相同 3、在docker中将hub拷贝给主机master并将其命名为ca.crt 重启 4、检测 5、在node1、node2中拉取镜像 # 将master中的后缀为rpm的所有文件全部拷贝到node1、node2中 [rootk8s-master ~]# scp *.rpm root172.25.254.10:/mnt [rootk8s-master ~]# scp *.rpm root172.25.254.20:/mnt# 在node1、node2中查看 [rootk8s-node1 ~]# cd /mnt/ [rootk8s-node1 mnt]# ls containerd.io-1.7.20-3.1.el9.x86_64.rpm docker-buildx-plugin-0.16.2-1.el9.x86_64.rpm docker-ce-27.1.2-1.el9.x86_64.rpm docker-ce-cli-27.1.2-1.el9.x86_64.rpm docker-ce-rootless-extras-27.1.2-1.el9.x86_64.rpm docker-compose-plugin-2.29.1-1.el9.x86_64.rpm hgfs[rootk8s-node2 ~]# cd /mnt/ [rootk8s-node2 mnt]# ls containerd.io-1.7.20-3.1.el9.x86_64.rpm docker-buildx-plugin-0.16.2-1.el9.x86_64.rpm docker-ce-27.1.2-1.el9.x86_64.rpm docker-ce-cli-27.1.2-1.el9.x86_64.rpm docker-ce-rootless-extras-27.1.2-1.el9.x86_64.rpm docker-compose-plugin-2.29.1-1.el9.x86_64.rpm hgfs# 在node1、node2安装 [rootk8s-node2 mnt]# dnf install *.rpm -y2.3 K8s 安装 2.3.1 所有禁用swap和本地解析 [rootk8s-master mnt]# swapon -s Filename Type Size Used Priority /dev/nvme0n1p2 partition 5242876 0 -2 [rootk8s-node1 ~]# systemctl mask dev-nvme0n1p3.device Created symlink /etc/systemd/system/dev-nvme0n1p3.device → /dev/null. [rootk8s-node2 ~]# systemctl mask dev-nvme0n1p3.device Created symlink /etc/systemd/system/dev-nvme0n1p3.device → /dev/null.[rootk8s-node2 ~]# swapoff /dev/dm-1 [rootk8s-node2 ~]# swapon -s [rootk8s-node1 dev]# systemctl status dev-dm\\x2d1.swap ● dev-dm\x2d1.swap - /dev/dm-1Follows: unit currently follows state of dev-mapper-rhel\x2dswap.swapLoaded: loadedActive: active since Thu 2024-09-26 17:59:08 CST; 2 days agoUntil: Thu 2024-09-26 17:59:08 CST; 2 days agoWhat: /dev/dm-1 [rootk8s-node1 dev]# systemctl mask dev-dm\\x2d1.swap Created symlink /etc/systemd/system/dev-dm\x2d1.swap → /dev/null. [rootk8s-node1 dev]# vim /etc/fstab [rootk8s-node1 dev]# swapoff /dev/dm-1 [rootk8s-node1 dev]# swapon -s2.3.2 依赖的安装 [rootk8s-master mnt]# scp cri-dockerd-0.3.14-3.el8.x86_64.rpm libcgroup-0.41-19.el8.x86_64.rpm root172.25.254.10:/opt/ root172.25.254.10s password: cri-dockerd-0.3.14-3.el8.x86_64.rpm 100% 11MB 182.8MB/s 00:00 libcgroup-0.41-19.el8.x86_64.rpm 100% 69KB 45.6MB/s 00:00 [rootk8s-master mnt]# scp cri-dockerd-0.3.14-3.el8.x86_64.rpm libcgroup-0.41-19.el8.x86_64.rpm root172.25.254.20:/opt/ root172.25.254.20s password: cri-dockerd-0.3.14-3.el8.x86_64.rpm 100% 11MB 214.2MB/s 00:00 libcgroup-0.41-19.el8.x86_64.rpm 100% 69KB 69.3MB/s 00:00[rootk8s-node1 ~]# dnf install /opt/*.rpm -y [rootk8s-node2 ~]# dnf install /opt/*.rpm -y [rootk8s-node1 ~]# systemctl enable --now cri-docker.service Created symlink /etc/systemd/system/multi-user.target.wants/cri-docker.service → /usr/lib/systemd/system/cri-docker.service.[rootk8s-node2 ~]# systemctl enable --now cri-docker.service Created symlink /etc/systemd/system/multi-user.target.wants/cri-docker.service → /usr/lib/systemd/system/cri-docker.service.[rootk8s-master yum.repos.d]# dnf install kubelet-1.30.0 kubeadm-1.30.0 --downloadonly --downloaddir/mnt[rootk8s-master yum.repos.d]# scp /etc/yum.repos.d/k8s.repo root172.25.254.20:/etc/yum.repos.d/ root172.25.254.20s password: k8s.repo 100% 98 198.4KB/s 00:00 [rootk8s-master yum.repos.d]# scp /etc/yum.repos.d/k8s.repo root172.25.254.10:/etc/yum.repos.d/ root172.25.254.10s password: k8s.repo [rootk8s-node1 mnt]# dnf install kubelet-1.30.0 kubeadm-1.30.0 --downloadonly --downloaddir/mnt -y [rootk8s-node1 mnt]# dnf install kubectl-1.30.0 -y 2.3.3 设置kubectl命令补齐 [rootk8s-master ~]# dnf install bash-completion -y [rootk8s-master ~]# echo source (kubectl completion bash) ~/.bashrc [rootk8s-master ~]# source ~/.bashrc2.3.4 在节点安装cri-docker及其在master节点拉取K8S所需镜像 [rootk8s-master ~]# kubeadm config images pull \--image-repository registry.aliyuncs.com/google_containers \--kubernetes-version v1.30.0 \--cri-socketunix:///var/run/cri-dockerd.sock [config/images] Pulled registry.aliyuncs.com/google_containers/kube-apiserver:v1.30.0 [config/images] Pulled registry.aliyuncs.com/google_containers/kube-controller-manager:v1.30.0 [config/images] Pulled registry.aliyuncs.com/google_containers/kube-scheduler:v1.30.0 [config/images] Pulled registry.aliyuncs.com/google_containers/kube-proxy:v1.30.0 [config/images] Pulled registry.aliyuncs.com/google_containers/coredns:v1.11.1 [config/images] Pulled registry.aliyuncs.com/google_containers/pause:3.9 [config/images] Pulled registry.aliyuncs.com/google_containers/etcd:3.5.12-0 [rootk8s-master ~]# kubeadm config images pull \--image-repository registry.aliyuncs.com/google_containers \--kubernetes-version v1.30.0 \--cri-socketunix:///var/run/cri-dockerd.sock [config/images] Pulled registry.aliyuncs.com/google_containers/kube-apiserver:v1.30.0 [config/images] Pulled registry.aliyuncs.com/google_containers/kube-controller-manager:v1.30.0 [config/images] Pulled registry.aliyuncs.com/google_containers/kube-scheduler:v1.30.0 [config/images] Pulled registry.aliyuncs.com/google_containers/kube-proxy:v1.30.0 [config/images] Pulled registry.aliyuncs.com/google_containers/coredns:v1.11.1 [config/images] Pulled registry.aliyuncs.com/google_containers/pause:3.9 [config/images] Pulled registry.aliyuncs.com/google_containers/etcd:3.5.12-02.3.5 集群初始化 [rootk8s-master ~]# systemctl status kubelet.service [rootk8s-master ~]# kubeadm init --pod-network-cidr10.244.0.0/16 \ --image-repository reg.timinglee.org/k8s \ --kubernetes-version v1.30.0 \ --cri-socketunix:///var/run/cri-dockerd.sock [rootk8s-master ~]# echo export KUBECONFIG/etc/kubernetes/admin.conf ~/.bash_profile [rootk8s-master ~]# kubectl get node NAME STATUS ROLES AGE VERSION k8s-master.timinglee.org NotReady control-plane 4m25s v1.30.0 rootk8s-master ~]# kubectl get pod -A NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-647dc95897-2sgn8 0/1 Pending 0 6m13s kube-system coredns-647dc95897-bvtxb 0/1 Pending 0 6m13s kube-system etcd-k8s-master.timinglee.org 1/1 Running 0 6m29s kube-system kube-apiserver-k8s-master.timinglee.org 1/1 Running 0 6m30s kube-system kube-controller-manager-k8s-master.timinglee.org 1/1 Running 0 6m29s2.3.6 节点扩容 # node1与node2相同操作 [rootk8s-node1 ~]# kubeadm join 172.25.254.100:6443 --token 5hwptm.zwn7epa6pvatbpwf --discovery-token-ca-cert-hash sha256:52f1a83b70ffc8744db5570288ab51987ef2b563bf906ba4244a300f61e9db23 --crisocketunix:///var/run/cri-dockerd.sock[rootk8s-master ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-master.yee.org Ready control-plane 98m v1.30.0 k8s-node1.yee.org Ready none 21m v1.30.0 k8s-node2.yee.org Ready none 21m v1.30.0# 建立 [rootk8s-master ~]# kubectl run test --image nginx# 查看状态 [rootk8s-master ~]# kubectl get pods NAME READY STATUS RESTARTS AGE test 1/1 Running 0 6m29s# 删除 rootk8s-master ~]# kubectl delete pod

查看全文

http://www.w-s-a.com/news/51495/