刚刚接触容器化的东西,很想自己搭建一个kubernetes(k8s)环境用于开发和测试,帮助学习,记录一下从零学习了解k8s
的过程(网上的资源是在太多太杂).
准备
新手学习的第一步就是首先去官网和github
观摩一圈,看一下quick start
之类的.
官方教程大概分为了这么几类,乍一看还是比较清晰明了的.
我首先打开了安装页面,尝试获取一些安装相关的知识
根据 tutorials
中的提示,我选择最快捷的minikube的方式进行单机安装(主要是真正的安装需要较多的服务器资源,而且还有环境问题,对于新手来说不是太友好),minikube 将这些全部封装,解除了这些后顾之忧.
mac上进行安装minikube:
brew cask install minikube
minikube 实际就是本地创建了一个虚拟机,里面运行了kubernetes
的一些必要的环境,相当于 k8s 的服务环境,创建 pod,service,deployment... 等等都是在里面进行创建和管理.
mac 上面安装 kubectl
,客户端操作工具
brew install kubernetes-cli
启动集群
minikube start
启动完成后会分配新的虚拟机地址,可以通过kubectl cluster-info
进行查看
配置 proxy 代理
由于官方案例中的 docker 镜像获取很多都被 GFW 阻断了,为了学习和测试过程顺利,如果方便,还是建议配置相关代理.
需要相关能访问墙外的代理工具,我这里用到的
shadowsocks
, 比如我的http代理启动在http://127.0.0.1:1087
,并且确保可以进行 http 的代理(如果没有,可以使用将一些其他工具将 socks5 协议转为 http 协议),因为很多默认只有socks5 代理
通过上面可知,虚拟机的 ip 地址为192.168.99.100,我的宿主机的网关和地址为192.168.99.1,将代理工具设置为局域网可以访问或者0.0.0.0
,便于虚拟机访问.
查询 docker 官网的代理配置(https://docs.docker.com/config/daemon/systemd/),总结为以下几个步骤,以下脚本需要在minikube ssh
进入虚拟机内部执行(可以先在宿主机写好后,用 scp
复制到虚拟机中),大概意思就是为 minikube 里面的 docker 设置到宿主机的代理,并且重启:
sudo mkdir /etc/systemd/system/docker.service.d
echo '[Service]
Environment="HTTP_PROXY=http://192.168.99.1:1087"' > /tmp/docker-http-vpn.txt
echo '[Service]
Environment="HTTPS_PROXY=http://192.168.99.1:1087"' > /tmp/docker-https-vpn.txt
sudo cp /tmp/docker-http-vpn.txt /etc/systemd/system/docker.service.d/http-proxy.conf
sudo cp /tmp/docker-https-vpn.txt /etc/systemd/system/docker.service.d/https-proxy.conf
echo "copy successfully!"
sudo systemctl daemon-reload
echo "daemon-reload success!"
sudo systemctl restart docker
echo "docker successfully restarted!"
执行成功后,docker pull
命令的执行 就可以避免 GFW 的干扰了.
执行结果
~ kubectl describe pods kubernetes-bootcamp-5c69669756-52pjw
Name: kubernetes-bootcamp-5c69669756-52pjw
Namespace: default
Node: minikube/192.168.99.100
Start Time: Fri, 28 Dec 2018 10:43:21 +0800
Labels: pod-template-hash=1725225312
run=kubernetes-bootcamp
Annotations:
Status: Running
IP: 172.17.0.2
Controlled By: ReplicaSet/kubernetes-bootcamp-5c69669756
Containers:
kubernetes-bootcamp:
Container ID: docker://0a334692877ac3beb07856c381e74cf63290e4784bf053713744dab9653c84a1
Image: gcr.io/google-samples/kubernetes-bootcamp:v1
Image ID: docker-pullable://gcr.io/google-samples/kubernetes-bootcamp@sha256:0d6b8ee63bb57c5f5b6156f446b3bc3b3c143d233037f3a2f00e279c8fcc64af
Port: 8080/TCP
Host Port: 0/TCP
State: Running
Started: Fri, 28 Dec 2018 11:08:22 +0800
Ready: True
Restart Count: 0
Environment:
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-kkjv7 (ro)
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
Volumes:
default-token-kkjv7:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-kkjv7
Optional: false
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 25m default-scheduler Successfully assigned kubernetes-bootcamp-5c69669756-52pjw to minikube
Normal SuccessfulMountVolume 25m kubelet, minikube MountVolume.SetUp succeeded for volume "default-token-kkjv7"
Warning FailedCreatePodSandBox 19m (x12 over 24m) kubelet, minikube Failed create pod sandbox: rpc error: code = Unknown desc = failed pulling image "k8s.gcr.io/pause-amd64:3.1": Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
Normal SuccessfulMountVolume 14m kubelet, minikube MountVolume.SetUp succeeded for volume "default-token-kkjv7"
Warning FailedCreatePodSandBox 13m (x3 over 14m) kubelet, minikube Failed create pod sandbox: rpc error: code = Unknown desc = failed pulling image "k8s.gcr.io/pause-amd64:3.1": Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
Warning FailedCreatePodSandBox 8m54s (x22 over 13m) kubelet, minikube Failed create pod sandbox: rpc error: code = Unknown desc = failed pulling image "k8s.gcr.io/pause-amd64:3.1": Error response from daemon: Get https://k8s.gcr.io/v2/: proxyconnect tcp: dial tcp 192.168.99.1:1087: getsockopt: connection refused
Normal SuccessfulMountVolume 3m53s kubelet, minikube MountVolume.SetUp succeeded for volume "default-token-kkjv7"
Warning FailedCreatePodSandBox 3m38s kubelet, minikube Failed create pod sandbox: rpc error: code = Unknown desc = failed pulling image "k8s.gcr.io/pause-amd64:3.1": error during connect: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.31/images/create?fromImage=k8s.gcr.io%2Fpause-amd64&tag=3.1: EOF
Warning FailedCreatePodSandBox 2m26s (x5 over 3m23s) kubelet, minikube Failed create pod sandbox: rpc error: code = Unknown desc = failed pulling image "k8s.gcr.io/pause-amd64:3.1": Error response from daemon: Get https://k8s.gcr.io/v2/: proxyconnect tcp: dial tcp 192.168.99.1:1087: getsockopt: connection refused
Normal Pulling 2m9s kubelet, minikube pulling image "gcr.io/google-samples/kubernetes-bootcamp:v1"
Normal Pulled 13s kubelet, minikube Successfully pulled image "gcr.io/google-samples/kubernetes-bootcamp:v1"
Normal Created 13s kubelet, minikube Created container
Normal Started 13s kubelet, minikube Started container
接下来会继续介绍k8s
相关的概念和组件等.