Phetolelo ea sengoloa e lokisitsoe bosiung ba pele thupelo e qala .
Haeba u bala sena, mohlomong u utloile ho hong ka Kubernetes ('me haeba ho se joalo, u fihlile joang moo?) Empa hantle-ntle Kubernetes ke eng? Sena ? Kapa ? Ebile see se bolela eng?
Ho bua 'nete, ha ke na bonnete ba 100%. Empa ke nahana hore hoa thahasellisa ho cheka ka hare ho basebetsi le ho bona se hlileng se etsahalang Kubernetes tlas'a mekhahlelo ea eona e mengata ea li-abstractions. Kahoo molemong oa ho ithabisa, ha re shebeng hore na "sehlopha sa "Kubernetes" se nyane se shebahala joang. (Sena se tla ba bonolo ho feta .)
Ke nahana hore u na le tsebo ea mantlha ea Kubernetes, Linux, le lijana. Ntho e 'ngoe le e 'ngoe eo re buang ka eona mona ke ea merero ea lipatlisiso / thuto feela, u se ke ua beha leha e le efe ea eona tlhahiso!
tjhebokakaretso
Kubernetes e na le likarolo tse ngata. Ho latela , moaho o shebahala tjena:
Ho na le bonyane likarolo tse robeli tse bontšitsoeng mona, empa re tla iphapanyetsa boholo ba tsona. Ke batla ho bolela hore ntho e fokolang e ka bitsoang Kubernetes e na le likarolo tse tharo tsa mantlha:
- kubelet
- kube-apiserver (e itšetlehileng ka etcd - database ea eona)
- nako ea nako ea setshelo (Docker tabeng ena)
Ha re bone hore na litokomane li re'ng ka e 'ngoe le e 'ngoe ea tsona (., .). Qalong kubelet:
Moemeli ea mathang nodeng ka 'ngoe sehlopheng. E etsa bonnete ba hore lijana li ntse li sebetsa ka har'a pod.
E utloahala e le bonolo ho lekana. Ho thoe'ng ka nako ea ho sebetsa ea setshelo (nako ea ho sebetsa ea setshelo)?
Nako ea ho sebetsa ea setshelo ke lenaneo le etselitsoeng ho tsamaisa lijana.
E ruta haholo. Empa haeba u tloaelane le Docker, u lokela ho ba le mohopolo o akaretsang oa seo e se etsang. (Lintlha tsa karohano ea boikarabello lipakeng tsa nako ea nako ea setshelo le kobelet ha e le hantle ke tse poteletseng 'me nke ke ka kena ho tsona mona.)
И Seva ea API?
API Server ke karolo ea taolo ea Kubernetes e pepesang Kubernetes API. Seva ea API ke lehlakore la bareki la phanele ea taolo ea Kubernetes
Mang kapa mang ea kileng a etsa letho ka Kubernetes o tlameha ho sebelisana le API ka kotloloho kapa ka kubectl. Ena ke pelo ea se etsang Kubernetes Kubernetes - boko bo fetolang lithaba tsa YAML tseo bohle re li tsebang le ho li rata (?) hore e be lisebelisoa tse sebetsang. Ho bonahala ho hlakile hore API e lokela ho ba teng maemong a rona a fokolang.
Litekanyetso
- Mochini oa sebele oa Linux kapa oa 'mele o nang le phihlello ea metso (ke sebelisa Ubuntu 18.04 mochining oa sebele).
- 'Me ho tsohle!
Ho kenya boring
Re hloka ho kenya Docker mochining oo re tla o sebelisa. (Nke ke ka bua ka botlalo mabapi le hore na Docker le lijana li sebetsa joang; haeba u thahasella, ho na le ). Ha re e kenye le apt:
$ sudo apt install docker.io
$ sudo systemctl start docker
Ka mor'a moo, re hloka ho fumana li-binary tsa Kubernetes. Ha e le hantle, bakeng sa tlhahiso ea pele ea "sehlopha" sa rona re hloka feela kubelet, kaha ho tsamaisa likarolo tse ling tsa seva tseo re ka li sebelisang kubelet. Ho sebelisana le sehlopha sa rona ka mor'a hore se sebetse, re tla sebelisa hape kubectl.
$ curl -L https://dl.k8s.io/v1.18.5/kubernetes-server-linux-amd64.tar.gz > server.tar.gz
$ tar xzvf server.tar.gz
$ cp kubernetes/server/bin/kubelet .
$ cp kubernetes/server/bin/kubectl .
$ ./kubelet --version
Kubernetes v1.18.5
Ho etsahalang haeba re matha feela kubelet?
$ ./kubelet
F0609 04:03:29.105194 4583 server.go:254] mkdir /var/lib/kubelet: permission denied
kubelet e tlameha ho matha joalo ka motso. Hoa utloahala, kaha o hloka ho laola node eohle. Ha re shebeng li-parameter tsa eona:
$ ./kubelet -h
<слишком много строк, чтобы разместить здесь>
$ ./kubelet -h | wc -l
284Khele, likhetho tse ngata! Ka lehlohonolo, re hloka tse 'maloa feela tsa tsona. Mona ke e 'ngoe ea liparamente tseo re li ratang:
--pod-manifest-path stringTsela e eang bukeng e nang le lifaele tsa static pods, kapa tsela e eang faeleng e hlalosang li-pods tse tsitsitseng. Lifaele tse qalang ka matheba li hlokomolohuoa. (E HLOKOMENG: Khetho ena e tlameha ho hlophisoa faeleng ea tlhophiso e fetiselitsoeng ho Kubelet ka khetho ea --config. Ho fumana lintlha tse ling, bona .)
Khetho ena e re lumella ho matha - li-pods tse sa laoloang ka Kubernetes API. Li-pods tse tsitsitseng ha li sebelisoe hangata, empa li loketse haholo ho phahamisa sehlopha ka potlako, 'me sena ke sona seo re se hlokang. Re tla iphapanyetsa temoso ena e kholo (hape, u se ke ua tsamaisa sena tlhahisong!) 'me u bone hore na re ka etsa hore pod e sebetse.
Pele re tla theha directory bakeng sa li-pods tse tsitsitseng ebe re matha kubelet:
$ mkdir pods
$ sudo ./kubelet --pod-manifest-path=podsEbe, ka fensetereng e 'ngoe ea terminal/tmux/eng kapa eng, re tla theha ponts'o ea pod:
$ cat <<EOF > pods/hello.yaml
apiVersion: v1
kind: Pod
metadata:
name: hello
spec:
containers:
- image: busybox
name: hello
command: ["echo", "hello world!"]
EOF
kubelet e qala ho ngola litemoso tse ling 'me ho bonahala eka ha ho letho le etsahalang. Empa seo hase ’nete! Ha re shebeng Docker:
$ sudo docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8c8a35e26663 busybox "echo 'hello world!'" 36 seconds ago Exited (0) 36 seconds ago k8s_hello_hello-mink8s_default_ab61ef0307c6e0dee2ab05dc1ff94812_4
68f670c3c85f k8s.gcr.io/pause:3.2 "/pause" 2 minutes ago Up 2 minutes k8s_POD_hello-mink8s_default_ab61ef0307c6e0dee2ab05dc1ff94812_0
$ sudo docker logs k8s_hello_hello-mink8s_default_ab61ef0307c6e0dee2ab05dc1ff94812_4
hello world!
kubelet Ke balile pod manifest mme ka fa Docker taelo ea ho hlahisa lijana tse 'maloa ho latela litlhaloso tsa rona. (Haeba u ntse u ipotsa ka setshelo sa "khefutsa", ke Kubernetes hack - bona .) Kubelet e tla thakgola setshelo sa rona busybox ka taelo e boletsoeng mme e tla qala hape ka nako e sa lekanyetsoang ho fihlela static pod e hlakotsoe.
Itebohele. Re sa tsoa tla ka e 'ngoe ea mekhoa e ferekanyang ka ho fetesisa ea ho hlahisa mongolo ho terminal!
Qala etcd
Sepheo sa rona sa mantlha ke ho tsamaisa Kubernetes API, empa ho etsa joalo re hloka ho qala pele . Ha re qaleng sehlopha se fokolang sa etcd ka ho beha litlhophiso tsa lona bukeng ea li-pods (mohlala, pods/etcd.yaml):
apiVersion: v1
kind: Pod
metadata:
name: etcd
namespace: kube-system
spec:
containers:
- name: etcd
command:
- etcd
- --data-dir=/var/lib/etcd
image: k8s.gcr.io/etcd:3.4.3-0
volumeMounts:
- mountPath: /var/lib/etcd
name: etcd-data
hostNetwork: true
volumes:
- hostPath:
path: /var/lib/etcd
type: DirectoryOrCreate
name: etcd-dataHaeba o kile oa sebetsa le Kubernetes, lifaele tsena tsa YAML li lokela ho u tseba. Ho na le lintlha tse peli feela tse lokelang ho hlokomeloa mona:
Re kentse foldara ea moamoheli /var/lib/etcd ka pod e le hore data ea etcd e bolokehe ka mor'a ho qala bocha (haeba sena se sa etsoe, boemo ba lihlopha bo tla hlakoloa nako le nako ha pod e tsosolosoa, e ke keng ea e-ba molemo esita le ho kenya Kubernetes e fokolang).
Re kentse hostNetwork: true. Litlhophiso tsena, ka mokhoa o makatsang, li hlophisa joalo-joalo ho sebelisa marang-rang a moamoheli ho fapana le marang-rang a ka hare a pod (sena se tla nolofalletsa seva sa API ho fumana sehlopha sa etcd).
Cheke e bonolo e bonts'a hore etcd e hlile e sebetsa ho localhost mme e boloka data ho disk:
$ curl localhost:2379/version
{"etcdserver":"3.4.3","etcdcluster":"3.4.0"}
$ sudo tree /var/lib/etcd/
/var/lib/etcd/
└── member
├── snap
│ └── db
└── wal
├── 0.tmp
└── 0000000000000000-0000000000000000.walHo qala seva sa API
Ho tsamaisa seva ea Kubernetes API ho bonolo le ho feta. Parameter e le 'ngoe feela e lokelang ho fetisoa ke --etcd-servers, e etsa seo u se lebeletseng:
apiVersion: v1
kind: Pod
metadata:
name: kube-apiserver
namespace: kube-system
spec:
containers:
- name: kube-apiserver
command:
- kube-apiserver
- --etcd-servers=http://127.0.0.1:2379
image: k8s.gcr.io/kube-apiserver:v1.18.5
hostNetwork: true
Beha faele ena ea YAML bukeng pods, mme seva sa API se tla qala. Ho hlahloba le curl e bonts'a hore Kubernetes API e mametse ho port 8080 ka phihlello e bulehileng ka botlalo - ha ho netefatso e hlokahalang!
$ curl localhost:8080/healthz
ok
$ curl localhost:8080/api/v1/pods
{
"kind": "PodList",
"apiVersion": "v1",
"metadata": {
"selfLink": "/api/v1/pods",
"resourceVersion": "59"
},
"items": []
}(Hape, u se ke ua tsamaisa sena tlhahisong! Ke ile ka makala hanyane hore maemo a kamehla ha a sireletsehe. Empa ke nahana hore sena ke ho etsa hore nts'etsopele le tlhahlobo e be bonolo.)
'Me, ho makatsang ke hore, kubectl e sebetsa ntle le litlhophiso tse ling!
$ ./kubectl version
Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.5", GitCommit:"e6503f8d8f769ace2f338794c914a96fc335df0f", GitTreeState:"clean", BuildDate:"2020-06-26T03:47:41Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.5", GitCommit:"e6503f8d8f769ace2f338794c914a96fc335df0f", GitTreeState:"clean", BuildDate:"2020-06-26T03:39:24Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
$ ./kubectl get pod
No resources found in default namespace.bothata
Empa ha u cheka ho teba hanyane, ho bonahala ho na le ho hong ho sa tsamaeeng hantle:
$ ./kubectl get pod -n kube-system
No resources found in kube-system namespace.Li-pods tseo re li entseng li felile! Ebile, node ea rona ea kubelet ha e so fumanehe ho hang:
$ ./kubectl get nodes
No resources found in default namespace.Bothata ke bofe? Haeba u hopola lirapa tse 'maloa tse fetileng, re ile ra qala ho belet ka sete e bonolo haholo ea mela ea taelo, ka hona, kubelet ha e tsebe ho ikopanya le seva sa API le ho e tsebisa ka boemo ba eona. Ka mor'a ho ithuta litokomane, re fumana folakha e tsamaisanang le eona:
--kubeconfig string
Tsela ea ho ea faeleng kubeconfig, e hlalosang mokhoa oa ho hokela ho seva sa API. Ho fumaneha --kubeconfig e nolofalletsa mokhoa oa seva sa API, che --kubeconfig e nolofalletsa mokhoa oa offline.
Nako ena kaofela, re sa tsebe, re ne re ntse re tsamaisa kubelet ka "offline mode". (Haeba re ne re le pedantic, re ne re ka nahana ka kubelet e ikemetseng e le "minimum Viable Kubernetes", empa seo se ne se tla tena haholo). Ho etsa hore tlhophiso ea "sebele" e sebetse, re hloka ho fetisetsa faele ea kubeconfig ho kubelet kahoo e tseba ho bua le seva sa API. Ka lehlohonolo e bonolo haholo (kaha ha re na mathata ka netefatso kapa litifikeiti):
apiVersion: v1
kind: Config
clusters:
- cluster:
server: http://127.0.0.1:8080
name: mink8s
contexts:
- context:
cluster: mink8s
name: mink8s
current-context: mink8s
Boloka sena joalo ka kubeconfig.yaml, bolaea mokhoa kubelet 'me u qale hape ka li-parameter tse hlokahalang:
$ sudo ./kubelet --pod-manifest-path=pods --kubeconfig=kubeconfig.yaml(By the way, ha u ka leka ho kena API ka curl ha kubelet e sa sebetse, u tla fumana hore e ntse e matha! Kubelet ha se "motsoali" oa li-pods tsa eona joalo ka Docker, e tšoana le "control". daemon.” Lijana tse laoloang ke kubelet li tla tsoela pele ho sebetsa ho fihlela kubelet e li emisa.)
Ka metsotso e seng mekae kubectl e lokela ho re bontša li-pods le li-node kamoo re lebelletseng:
$ ./kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
default hello-mink8s 0/1 CrashLoopBackOff 261 21h
kube-system etcd-mink8s 1/1 Running 0 21h
kube-system kube-apiserver-mink8s 1/1 Running 0 21h
$ ./kubectl get nodes -owide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
mink8s Ready <none> 21h v1.18.5 10.70.10.228 <none> Ubuntu 18.04.4 LTS 4.15.0-109-generic docker://19.3.6Ha re ithoriseng ka nako ena (kea tseba hore ke se ke ntse ke ithorisa) - re na le "sehlopha" se fokolang sa Kubernetes se nang le API e sebetsang ka botlalo!
Re qala ka tlase
Joale ha re boneng hore na API e khona ho etsa eng. Ha re qaleng ka nginx pod:
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- image: nginx
name: nginxMona re fumana phoso e khahlisang haholo:
$ ./kubectl apply -f nginx.yaml
Error from server (Forbidden): error when creating "nginx.yaml": pods "nginx" is
forbidden: error looking up service account default/default: serviceaccount
"default" not found
$ ./kubectl get serviceaccounts
No resources found in default namespace.Mona re bona kamoo tikoloho ea rona ea Kubernetes e sa fellang ka bomalimabe - ha re na li-account tsa lits'ebeletso. Ha re leke hape ka ho iketsetsa akhaonto ea litšebeletso 'me re bone se etsahalang:
$ cat <<EOS | ./kubectl apply -f -
apiVersion: v1
kind: ServiceAccount
metadata:
name: default
namespace: default
EOS
serviceaccount/default created
$ ./kubectl apply -f nginx.yaml
Error from server (ServerTimeout): error when creating "nginx.yaml": No API
token found for service account "default", retry after the token is
automatically created and added to the service accountLe ha re theha ak'haonte ea ts'ebeletso ka letsoho, lets'oao la netefatso ha le hlahisoe. Ha re ntse re tsoela pele ho leka "sehlopha" sa rona sa minimalistic, re tla fumana hore boholo ba lintho tse molemo tse atisang ho etsahala ka bobona li tla be li le sieo. Seva ea Kubernetes API ke ntho e fokolang haholo, 'me boholo ba ho phahamisa boima le tlhophiso ea othomathike e etsahala ho balaoli ba fapaneng le mesebetsi ea morao-rao e seng e ntse e sebetsa.
Re ka rarolla bothata bona ka ho beha khetho automountServiceAccountToken bakeng sa ak'haonte ea litšebeletso (kaha re ke ke ra tlameha ho e sebelisa):
$ cat <<EOS | ./kubectl apply -f -
apiVersion: v1
kind: ServiceAccount
metadata:
name: default
namespace: default
automountServiceAccountToken: false
EOS
serviceaccount/default configured
$ ./kubectl apply -f nginx.yaml
pod/nginx created
$ ./kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 0/1 Pending 0 13mQetellong, letlapa le hlahile! Empa ha e le hantle e ke ke ea qala hobane ha re na (scheduler) ke karolo e 'ngoe ea bohlokoa ea Kubernetes. Hape, rea bona hore Kubernetes API ke "semumu" ka mokhoa o makatsang - ha o theha Pod ho API, e ea e ngolisa, empa ha e leke ho fumana hore na e ka tsamaisa node efe.
Ha e le hantle, ha u hloke sehlophisi ho tsamaisa pod. U ka eketsa node ka bowena ho manifesto ho parameter nodeName:
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- image: nginx
name: nginx
nodeName: mink8s
(Etsa sebaka mink8s ho lebitso la node.) Kamora ho hlakola le ho kenya kopo, rea bona hore nginx e se e qalile mme e mametse aterese ea IP e kahare:
$ ./kubectl delete pod nginx
pod "nginx" deleted
$ ./kubectl apply -f nginx.yaml
pod/nginx created
$ ./kubectl get pods -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx 1/1 Running 0 30s 172.17.0.2 mink8s <none> <none>
$ curl -s 172.17.0.2 | head -4
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>Ho etsa bonnete ba hore marang-rang pakeng tsa li-pods a sebetsa ka nepo, re ka tsamaisa curl ho tloha pod e 'ngoe:
$ cat <<EOS | ./kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
name: curl
spec:
containers:
- image: curlimages/curl
name: curl
command: ["curl", "172.17.0.2"]
nodeName: mink8s
EOS
pod/curl created
$ ./kubectl logs curl | head -6
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>Hoa thahasellisa ho cheka tikolohong ena le ho bona se sebetsang le se sa sebetseng. Ke fumane hore ConfigMap le Lekunutu li sebetsa joalo ka ha ho lebelletsoe, empa Tšebeletso le Tšebeliso ha li etse joalo.
Katleho!
Poso ena e nka nako e telele, ka hona ke tla phatlalatsa tlholo mme ke re ena ke tlhophiso e sebetsang e ka bitsoang "Kubernetes". Ho akaretsa: li-binary tse 'ne, li-parameter tsa mela e mehlano le mela e 45 feela ea YAML (eseng). haholo ka litekanyetso Kubernetes) mme re na le lintho tse 'maloa tse sebetsang:
- Li-pods li laoloa ho sebelisoa Kubernetes API e tloaelehileng (e nang le li-hacks tse 'maloa)
- U ka kenya le ho laola litšoantšo tsa setshelo sa sechaba
- Li-pods li lula li phela 'me li qala hape
- Khokahano lipakeng tsa li-pods ka har'a node e le 'ngoe e sebetsa hantle haholo
- ConfigMap, Lekunutu le mosebetsi o bonolo oa ho kenya polokelo ka moo ho lebelletsoeng
Empa boholo ba se etsang hore Kubernetes e be molemo e le kannete bo ntse bo le sieo, joalo ka:
- Sehlophisi sa Pod
- Netefatso/ tumello
- Li-node tse ngata
- Marang-rang a litšebeletso
- Clustered ka hare DNS
- Balaoli ba li-account tsa lits'ebeletso, li-deployments, kopanyo le bafani ba maru le lintho tse ling tse ngata tse tlisoang ke Kubernetes.
Joale re ile ra fumana eng? Kubernetes API, e sebetsang ka bo eona, ehlile ke sethala sa setshelo automation. Ha e etse ho hongata - ke mosebetsi bakeng sa balaoli ba fapaneng le basebelisi ba sebelisang API - empa e fana ka tikoloho e tsitsitseng bakeng sa boiketsetso.
Bala haholoanyane:
Source: www.habr.com