Kubernetes(K8s)
1. What is Kubernetes?
Deploy containerized applications that orchestrate dorker containers
2. Kubernetes architecture
User – Primary node – Secondary node
K8s composition:
-
master
-
A unique entry point for all requests to the API Server
-
Etcd stores cluster data and automatically discovers three clusters
-
The controller – manager pod management
Pod has stateful and stateless data to persist
-
The sheduler dispatcher schedules resource confirmations deployed on Node
-
-
nodes
- Kubelet Master agent on node, API to deliver tasks, kubelet management node scheduling management pod
- Kube-proxy implements POD network proxy in Node
- Container Runtime Container engine
Pod is the transient controller that determines the number of pods
Service prevents POD from losing contact
Pollcies strategy
Labels tag
Namespaces namespace isolation
3. Install k8s
Server hardware configuration requirements
- Before deploying the K8S cluster, the server must meet the following conditions:
- 1️ one or more servers, operating system CentOS 7.X-86_x64.
- 2️ hard disk configuration: memory 2GB or more, CPU2 core or more, hard disk 30GB or more.
- 3️ network communication between all machines in the cluster.
- 4️ can access the external network, and mirror image needs to be drawn.
- 5️ disallow swap partition.
There are several main ways to deploy a Kubernetes environment (cluster) :
(1) minikube
Minikube can run Kubernetes tools locally. Minikube can run a single-node Kubernetes cluster on personal computers (including Windows, macOS, and Linux PCS) so that you can try Kubernetes or do daily development work;
Kubernetes. IO/docs/tutori…
(2) kind
A tool like Kind and Minikube that lets you run Kubernetes on your local computer. This tool requires Docker to be installed and configured.
kind.sigs.k8s.io/
(3) the kubeadm
Kubeadm is a K8s deployment tool, providing Kubeadm init and Kubeadm join two operation commands, you can quickly deploy a Kubernetes cluster;
Official Address:
Kubernetes. IO/docs/refere…
Kubernetes. IO/docs/setup /…
(4) Binary package
Download the distribution binary package from Github, manually deploy and install each component, form Kubernetes cluster, the steps are tedious, but can let you have a clearer understanding of each component;
(5) Yum install
Kubernetes cluster: Kubernetes cluster: Kubernetes cluster: Kubernetes cluster: Kubernetes
(6) Third-party tools
There are some great packages of tools, using these tools to install the K8S environment;
(7) Spend money
Direct purchase similar ali cloud such public cloud platform K8S, one key to fix;
Kubeadm deployment Kubernetes
Kubeadm is the official community launched a tool for rapid deployment of Kubernetes cluster, this tool can complete the deployment of a Kubernetes cluster through two instructions;
Create a Master node
kubeadm init
Add nodes to the Master cluster:
$kubeadm join <Master node IP and port >
Selinux sed -i 's/enforcing/disabled/' /etc/selinux/config # permanent setenforce 0 # temporary # disable swap (k8s disable virtual memory to improve performance) sed -ri 's/.*swap.*/#&/' /etc/fstab # permanent swapoff -a # temporary Cat >> /etc/hosts << EOF 192.168.172.134 k8smaster 192.168.172.135 k8snode /etc/sysctl.d/k8s.conf << EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 sysctl Yum install ntpdate -y ntpdate time.windows.comCopy the code
4. Deploy docker using K8S
Steps:
- Package maven – > jar
- Use dokerFile to generate docker image and upload it to remote image warehouse push
- K8s pulls the image, runs the container, and sets the external exposed port
eg:
Kubectl create Deployment nginx --image=nginx:lastest Nginx --port=80 --type=NodePort # kubectl get deployment kubectl delete deployment Kubectl delete pod nginx~ kubectl get service(s) kubectl --help # kubectl create deployment springboot-jar --dry-run -o yaml > boot-delpoy.yaml # generate yaml file # deploy from yML file kubectl apply -f boot-deploy.yamlCopy the code
5. Graphical interface
- Download mirror
- The deployment of
- Create account
- Binding authority
- Access token
6. Yml configuration details
# [mandatory] apiVersion: v1 # [mandatory] Pod kind: Pod # [mandatory] metadata: # [mandatory] Pod name name: Tags: namespaces: String # # labels: - name: String # # [List] Annotations: -name: String # [mandatory -object] containers: class: # [mandatory -list] containers: # String # container will choose 】 【 name of mirror image: the String # [String] every time try to pull the mirror | use only local mirror | mirror is used, if the local without the pull imagePullPolicy: [Always | Never | IfNotPresent] # [List] container startup command List, if not specified, use the mirror used in packaging startup command command: [String] # [List] container startup command args parameter List: [String] # [List] Set volumeMounts: Name: String # The absolute path to mount the volume to the container. The value must contain no more than 512 characters. ReadOnly: Boolean # [List] List of ports to expose ports: String # Port number of the container to listen on containerPort: Int # Port number of the container host to listen on. By default, it is the same as containerPort. HostPort: Int # Specifies the port protocol, which supports TCP and UDP. The default value is TCP protocol: String # [List] Specifies the List of environment variables to be set before the container is run. Env: Value: String # [Object] Resources: # [Object] limits: CPU: String # Memory limit, which can be in MB, GB, etc., will be used for docker run. String # [Object] set resource limits for requests: # CPU requests (in MB, GB, etc.) String # [Object] For Pod container health check Settings, when the probe has no response several times, the system will automatically restart the container. Methods that can be set include exec, httpGet, and tcpSocket. LivenessProbe: # [Object] set the health check for each container, exec command: HttpGet: # [Object] Set health check for each container in Pod, HTTGet. You need to specify path and port path: String Port: Number host: String Scheme: String httpHeaders: -name: String value: String tcpSocket: # [Object] tcpSocket port: Number # The first probe after the container has been started, in s initialDelaySeconds: Number # Set the timeout for the probe wait response to the container health check in seconds, default is 1s. If the timeout period is exceeded, the container is considered unhealthy and will be restarted. PeriodSeconds PeriodperiodSeconds: Number successThreshold: 0 failureThreshold: 0 securityContext: privileged: Boolean # Pod restart strategy When you stop running, will restart after the termination of | kubelet will report to the master, not only Pod to restart | a non-zero exit code ends, kubelet will restart the container. If the container terminates normally (with an exit code of 0), it does not restart. RestartPolicy: [Always | Never | OnFailure] # set the Label of the Node, to the key: value format specified, Pod will be scheduled to have the Label on the Node nodeSelector: ImagePullSecrets: - name: String # Specifies whether to use the host network mode. The default value is false. HostNetwork: Boolean # [List] specifies the volume of the shared storage volume defined on the Pod. Volumes: EmptyDir, hostPath, secret, NFS, Glusterfs, cephfs, configmap-name String # [Object] emptyDir: {} emptyDir: {} # [Object] hostPath: # [Object] hostPath: # [Object] String # [Object] A storage volume of type Secret, which means to mount predefined secret objects in the cluster to the container secret: secretName: String items: -key: String path: String # [Object] A storage volume whose type is configMap, which means that predefined configMap objects of the cluster are mounted to the container. ConfigMap: name: String Items: -key: String Path: StringCopy the code
7. The port exposes the Ingress
K8s application structure:
-
ingress
-
a.com
-
service
- pod
- pod
- pod
-
-
b.com
-
service
- pod
- pod
- pod
-
-
c.com
-
service
- pod
- pod
- pod
-
-
K8s cluster internal POD,service have their own IP but can not provide access to the Internet
Services can be exposed via NodePort, but this is not flexible
In production: Ingress is a cluster gateway. It is not built with K8S and can be used through ingress-nginx
- Install the Ingress Nginx
- Configuration rules
8 Deploy the microservice project
-
The project itself is jar package or WAR
-
Create an image (Dockerfile)
FROM jdk1.8.0_251 MAINTAINER zhj ADD spring-cloud-alibaba-gateway-1.0.0.jar /opt RUN chmod +x /opt/spring-cloud-alibaba-gateway-1.0.0.jar CMD java -jar /opt/spring-cloud-alibaba-gateway-1.0.0.jar Copy the code
Docker build-t spring-cloud-alibaba-gateway-1.0.0 -f dockerfile-gateway
Build the mirror
Docker build -t {Dokerfile} -f {Dokerfile file}
-
K8s deployment service
(1)
Kubectl create deployment spring-cloud-alibaba-gateway --image=spring-cloud-alibaba-gateway-1.0.0 -- dry-run-o yaml > gateway-delpoy.yamlCopy the code
Obtaining a local image must be configured in gateway-delpoy.yaml
containers:
– image: spring — cloud – alibaba – gateway – 1.0.0
ImagePullPolicy: Never # pull
(2)
kubectl apply -f gateway-delpoy.yaml
Rapid capacity expansion is supported
-
K8s Exposure service
kubectl expose deployment spring-cloud-alibaba-gateway –port=8080 –target-port = 8080 –type=NodePort
Target-port represents the port (code) used when the program is run
Port External ports of containers (ports accessed between containers)
Node-port indicates that the number of ports exposed to the server is usually more than 30000
-
Kubectl logs -f {pod name} #
-
Configure the ingress-nginx binding domain name
K8s is suitable for stateless services, and stateful services are suitable for standalone deployment
Stateful database, configuration center, registry