Sawubona wonke umuntu!
Kwenzeka ukuthi ithimba lethu elincane, lingasho ukuthi muva nje, futhi ngokuqinisekile hhayi ngokuzumayo, likhule ukuhambisa eminye (futhi esikhathini esizayo yonke) imikhiqizo ku-Kubernetes.
Kwakunezizathu eziningi zalokhu, kodwa indaba yethu ayiphathelene neholide.
Akukho esingakwenza mayelana nesisekelo sengqalasizinda. vCloud Director kanye vCloud Director. Sakhetha entsha futhi sanquma ukuqala.
Ngaphinda futhi, ngibheka βIndlela Enzima,β ngisheshe ngafinyelela esiphethweni sokuthi ithuluzi lokuzenzakalela okungenani izinqubo eziyisisekelo, njengokuthunyelwa nokulinganisa, belidingeka izolo. Ukungena okujulile ku-Google kuveza umkhiqizo ofana ne-VMware Container Service Extension (CSE) - umkhiqizo womthombo ovulekile okuvumela ukuthi wenze ngokuzenzakalelayo ukudalwa nokulinganisa amaqoqo e-k8s kulawo aku-vCloud.
Umshwana wokuzihlangula: I-CSE inemikhawulo yayo, kodwa ngezinjongo zethu ibiphelele. Futhi, ikhambi kufanele lisekelwe umhlinzeki wamafu, kodwa njengoba ingxenye yeseva nayo ingumthombo ovulekile, cela umphathi wakho oseduze ukuthi ayenze itholakale :)
Ukuze uqale ukuyisebenzisa, udinga i-akhawunti yomqondisi enhlanganweni ye-vCloud kanye nenethiwekhi eyakhiwe ngaphambilini eyakhiwe yeqoqo (ngesikhathi senqubo yokuthunyelwa, udinga ukufinyelela kwe-inthanethi kusuka kule nethiwekhi, ungakhohlwa ukulungisa i-Firewall/NAT). Ukukhuluma akunandaba. Kulesi sibonelo, ake sithathe 10.0.240.0/24
Kusukela ngemva kokudalwa, iqoqo lizodinga ukuphathwa ngandlela-thile, kunconywa ukuba ne-VPN enomzila oya kunethiwekhi edaliwe. Sisebenzisa i-SSL VPN ejwayelekile elungiselelwe ku-Edge Gateway yenhlangano yethu.
Okulandelayo, udinga ukufaka iklayenti le-CSE lapho amaqoqo e-k8s azophathwa khona. Endabeni yami, lena ilaptop esebenzayo kanye neziqukathi ezimbalwa ezifihlwe kahle ezishayela i-automation.
Iklayenti lidinga inguqulo yePython 3.7.3 nangaphezulu efakwe futhi imojula ifakwe , ngakho-ke asifake kokubili.
pip3 install vcd-cli
pip3 install container-service-extension
Ngemva kokufaka, sibheka inguqulo ye-CSE futhi sithole okulandelayo:
# vcd cse version
Error: No such command "cse".
Akulindelekile, kodwa kuyalungiseka. Njengoba kwenzeka, i-CSE idinga ukunamathiselwa njengemojula ku-vcd-cli.
Ukuze wenze lokhu, kufanele uqale ungene ngemvume ku-vcd-cli enhlanganweni yethu:
# vcd login MyCloud.provider.com org-dev admin
Password:
admin logged in, org: 'org-dev', vdc: 'org-dev_vDC01'
Ngemva kwalokhu, i-vcd-cli izodala ifayela lokumisa ~/.vcd-cli/profiles.yaml
Ekugcineni udinga ukwengeza okulandelayo:
extensions:
- container_service_extension.client.cse
Bese sihlola futhi:
# vcd cse version
CSE, Container Service Extension for VMware vCloud Director, version 2.5.0
Isigaba sokufaka iklayenti siphelile. Ake sizame ukuphakela iqoqo lokuqala.
I-CSE inamasethi amaningana emingcele yokusetshenziswa, wonke angabukwa
Okokuqala, masidale okhiye bokufinyelela okungenaphasiwedi kuqoqo elizayo. Leli phuzu libalulekile, njengoba ngokuzenzakalelayo, ukungena ngemvume kwephasiwedi kuma-node kuzokhutshazwa, futhi uma ungabeki okhiye, ungathola umsebenzi omningi ngokusebenzisa ama-consoles omshini obonakalayo, okungekho lula.
# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
Ake sizame ukuqala ukudala iqoqo:
vcd cse cluster create MyCluster --network k8s_cluster_net --ssh-key ~/.ssh/id_rsa.pub --nodes 3 --enable-nfsUma sithola iphutha Iphutha: Isikhathi siphelelwe yisikhathi noma umsebenzisi akangenanga ngemvume. Sicela ungene kabusha. - phinda ungene ku-vcd-cli ku-vCloud njengoba kuchazwe ngenhla bese uzama futhi.
Kulokhu konke kuhamba kahle futhi umsebenzi wokudala iqoqo usuqalile.
cluster operation: Creating cluster vApp 'MyCluster' (38959587-54f4-4a49-8f2e-61c3a3e879e0) from template 'photon-v2_k8-1.12_weave-2.3.0' (revision 1)
Kuzothatha cishe imizuzu engama-20 ukuqeda umsebenzi; okwamanje, ake sibheke amapharamitha ayisisekelo wokuqalisa.
β inethiwekhi β inethiwekhi esiyidale ngaphambilini.
-ssh-key - izikhiye esizidalile, ezizobhalwa kuma-cluster nodes
βamanodi n β Inani lamanodi Abasebenzi kuqoqo. Kuzohlala kukhona inkosi eyodwa, lokhu umkhawulo we-CSE
-vumela-nfs - dala enye i-node yamasheya e-NFS ngaphansi kwamavolumu aqhubekayo. Inketho encane ye-pedal; sizobuyela ekushuneni ekwenzayo ngokuhamba kwesikhathi.
Ngaleso sikhathi, ku-vCloud ungabheka ngokubukeka ukwakhiwa kweqoqo
Uma umsebenzi wokudala iqoqo usuqediwe, selilungele ukusetshenziswa.
Ake sihlole ukufaneleka kokuthunyelwa ngomyalo Ulwazi lweqoqo le-vcd cse MyCluster
Okulandelayo sidinga ukuthola ukucushwa kweqoqo ukuze sikusebenzise kubctl
# vcd cse cluster config MyCluster > ./.kube/config
Futhi ungabheka isimo seqoqo ulisebenzisa:
Kuleli qophelo, iqoqo lingabhekwa njengelisebenza ngokwemibandela, uma kungeyona indaba enevolumu eqhubekayo. Njengoba siku-vCloud, ngeke sikwazi ukusebenzisa i-vSphere Provider. Inketho --vumela-nfs iklanyelwe ukuxazulula lesi sihluku, kodwa ayizange isebenze ngokuphelele. Kudingeka ukulungiswa mathupha.
Ukuqala, i-node yethu idinga ukudala idiski Ezimele ehlukile ku-vCloud. Lokhu kuqinisekisa ukuthi idatha yethu ngeke inyamalale kanye neqoqo uma isuswa. Futhi, xhuma idiski ku-NFS
# vcd disk create nfs-shares-1 100g --description 'Kubernetes NFS shares'
# vcd vapp attach mycluster nfsd-9604 nfs-shares-1
Ngemuva kwalokho, sihamba nge-ssh (udale okhiye ngempela?) endaweni yethu ye-NFS futhi ekugcineni sixhume idiski:
root@nfsd-9604:~# parted /dev/sdb
(parted) mklabel gpt
Warning: The existing disk label on /dev/sdb will be destroyed and all data on
this disk will be lost. Do you want to continue?
Yes/No? yes
(parted) unit GB
(parted) mkpart primary 0 100
(parted) print
Model: VMware Virtual disk (scsi)
Disk /dev/sdb: 100GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags:
Number Start End Size File system Name Flags
1 0.00GB 100GB 100GB primary
(parted) quit
root@nfsd-9604:~# mkfs -t ext4 /dev/sdb1
Creating filesystem with 24413696 4k blocks and 6111232 inodes
Filesystem UUID: 8622c0f5-4044-4ebf-95a5-0372256b34f0
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424, 20480000, 23887872
Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done
Dala uhla lwemibhalo lwedatha bese ufaka ukwahlukanisa okusha lapho:
mkdir /export
echo '/dev/sdb1 /export ext4 defaults 0 0' >> /etc/fstab
mount -a
Masidale izingxenye ezinhlanu zokuhlola futhi sabelane ngazo zeqoqo:
>cd /export
>mkdir vol1 vol2 vol3 vol4 vol5
>vi /etc/exports
#ΠΠΎΠ±Π°Π²ΠΈΠΌ ΡΡΠΎ Π² ΠΊΠΎΠ½Π΅Ρ ΡΠ°ΠΉΠ»Π°
/export/vol1 *(rw,sync,no_root_squash,no_subtree_check)
/export/vol2 *(rw,sync,no_root_squash,no_subtree_check)
/export/vol3 *(rw,sync,no_root_squash,no_subtree_check)
/export/vol4 *(rw,sync,no_root_squash,no_subtree_check)
/export/vol5 *(rw,sync,no_root_squash,no_subtree_check)
#:wq! ;)
#ΠΠ°Π»Π΅Π΅ - ΡΠΊΡΠΏΠΎΡΡΠΈΡΡΠ΅ΠΌ ΡΠ°Π·Π΄Π΅Π»Ρ
>exportfs -r
Ngemuva kwawo wonke lo mlingo, singakha i-PV ne-PVC kuqoqo lethu into efana nale:
I-PV:
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-vol1
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
nfs:
# Same IP as the NFS host we ssh'ed to earlier.
server: 10.150.200.22
path: "/export/vol1"
EOF
I-PVC:
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nfs-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: ""
resources:
requests:
storage: 10Gi
EOF
Yilapho indaba yokudalwa kweqoqo elilodwa iphetha khona futhi indaba yomjikelezo wempilo yalo iqala. Njengebhonasi, kunemiyalo emibili ewusizo ye-CSE ekuvumela ukuthi kwesinye isikhathi ulondoloze izinsiza noma cha:
#Π£Π²Π΅Π»ΠΈΡΠΈΠ²Π°Π΅ΠΌ ΡΠ°Π·ΠΌΠ΅Ρ ΠΊΠ»Π°ΡΡΠ΅ΡΠ° Π΄ΠΎ 8 Π²ΠΎΡΠΊΠ΅Ρ Π½ΠΎΠ΄
>cse cluster resize MyCluster --network k8s_cluster_net --nodes 8
#ΠΡΠ²ΠΎΠ΄ΠΈΠΌ Π½Π΅Π½ΡΠΆΠ½ΡΠ΅ Π½ΠΎΠ΄Ρ ΠΈΠ· ΠΊΠ»Π°ΡΡΠ΅ΡΠ° Ρ ΠΈΡ
ΠΏΠΎΡΠ»Π΅Π΄ΡΡΡΠΈΠΌ ΡΠ΄Π°Π»Π΅Π½ΠΈΠ΅ΠΌ
>vcd cse node delete MyCluster node-1a2v node-6685 --yes
Ngiyabonga nonke ngesikhathi senu, uma unemibuzo, buza kumazwana.
Source: www.habr.com