今天在给测试k8s各类发行版本的时候发现了名为k0s的发行版,听过k3s,却没听过k0s。轻量级的kubernetes早已存在。那么k0s存在的意义是什么,说到这里我痛恨国内互联网恶臭现象,除了主题,文章一字不换的复制,复制也好,起码标个原作者链接吧。说着轻量级可是文章里并没有轻量级这个词,也没说明优化了哪些地方,删了什么功能。据我亲身实践,k0s不是轻量级kubernetes发行版,简化了kubernetes部署步骤。(个人意见)
k0s 号称是一款简易、稳定且经过认证的 Kubernetes 发行版,它提供了构建 Kubernetes 集群所需的所有内容,预先配置了所有所需的功能,使得构建 Kubernetes 集群只需复制一个可执行文件到每个主机并运行它即可。
为写这篇文章我斥巨资5元钱购买竞价实例来做实验
预构建二进制文件简称二进制包,由于k0s官网懒得做各类发行版本包,所以只有linux全发行版通用二进制文件,如下所述
引用:我们真的不想开始维护各种OS发行版的安装和打包。因此,单一二进制文件的包装模型允许我们更多地关注核心问题,而不是包装的不同风格,如DEBs、rpm和其他。
请到官方Github releases获取二进制文件,截止本文更新日期,稳定版本为0.9.1,测试版本为v0.10.0-beta1,我将使用0.9.1版本部署k0s,皆为 Linux amd64平台,如使用Linux arm64平台请将amd64更换为arm64。
指令(请检查网络是否通畅,如网络不通畅请将github.com更换为file.share.cloudyun.xyz,目前提供k0s-v0.9.1版本包括win以及Source code,其它版本将于几天后手动/另类方法同步):
wget https://github.com/k0sproject/k0s/releases/download/v0.9.1/k0s-v0.9.1-amd64 -O /usr/local/bin/k0s #获取预构建二进制文件,如使用arm64平台请将amd更换为arm
chmod +x /usr/local/bin/k0s #赋予可执行权限
如未安装wget与curl,请使用一下指令安装:
apt update && apt install -y wget curl #ubuntu/debian
yum makecache && yum install -y wget curl #centos/fedora
因k0s不提供内置kubectl,需要额外安装kubectl,安装在何处都行不一定非得在宿主机内
指令(该地址于境内网络通畅/镜像多,暂不予提供镜像):
curl --output /usr/local/bin/kubectl -L "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" #如使用arm64平台请将amd更换为arm
chmod +x /usr/local/bin/kubectl #赋予可执行权限
部分地区网络并不通畅造成下载错误请于该页使用阿里云镜像,切记只需安装kubectl无需安装kubeadm,kubelet。
[root@VM-0-8-centos ~]# k0s version #获取k0s版本信息
v0.9.1 #返回版本为v0.9.1
[root@VM-0-8-centos ~]# kubectl version #获取kubectl版本信息
Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.2", GitCommit:"faecb196815e248d3ecfb03c680a4507229c2a56", GitTreeState:"clean", BuildDate:"2021-01-13T13:28:09Z", GoVersion:"go1.15.5", Compiler:"gc", Platform:"linux/amd64"} #版本为1.20.2
如遇到以下错误:
The connection to the server localhost:8080 was refused - did you specify the right host or port?
该错误可忽视毕竟真没将k8s安装进系统也没正确的配置文件
mkdir -p ${HOME}/.k0s #在当前用户目录下创建.k0s文件 一般为 /home/username/.k0s
k0s default-config | tee ${HOME}/.k0s/k0s.yaml 将默认配置文件写入/home/username/.k0s/k0s.yaml
请使用你最拿手的编辑器编辑${HOME}/.k0s/k0s.yaml文件,具体配置文件如下看情况修改
apiVersion: k0s.k0sproject.io/v1beta1
images: #所需镜像
konnectivity:
image: us.gcr.io/k8s-artifacts-prod/kas-network-proxy/proxy-agent
version: v0.0.13
metricsserver:
image: gcr.io/k8s-staging-metrics-server/metrics-server
version: v0.3.7
kubeproxy:
image: k8s.gcr.io/kube-proxy
version: v1.20.1
coredns:
image: docker.io/coredns/coredns
version: 1.7.0
calico:
cni:
image: calico/cni
version: v3.16.2
flexvolume:
image: calico/pod2daemon-flexvol
version: v3.16.2
node:
image: calico/node
version: v3.16.2
kubecontrollers:
image: calico/kube-controllers
version: v3.16.2
installConfig:
users: #运行etcd与kine的用户以及apiserver/scheduler user
etcdUser: etcd
kineUser: kube-apiserver
konnectivityUser: konnectivity-server
kubeAPIserverUser: kube-apiserver
kubeSchedulerUser: kube-scheduler
kind: Cluster #集群 类型
metadata:
name: k0s #metadata不用说
spec:
api:
address: 10.206.0.8 #node内网ip
externalAddress: ""
sans:
- 10.206.0.8
- 10.206.0.8
- youdomain.com #可在此添加自定域名sans,以使用HA
extraArgs: {}
controllerManager:
extraArgs: {}
scheduler:
extraArgs: {}
storage: #后端存储数据库默认为etcd
type: etcd
kine: null
etcd:
peerAddress: 10.206.0.8
#如使用mysql psql sqlite请将上述修改为如下,sqlite无法使用HA
#storage: #后端存储数据库默认为etcd
# type: kine
# etcd: null
# kine:
# dataSource: mysql://username:password@tcp(domian/ip:port)/database
#暂不推荐使用还留有bug没修复,集群创建了,也能用kubectl控制可kine容器频繁重启且数据库也没有kine表,个人感觉压根没连过,望修复
network:
podCIDR: 10.244.0.0/16
serviceCIDR: 10.96.0.0/12
provider: calico #集群网络组件
calico:
mode: vxlan #网络组件
vxlanPort: 4789
vxlanVNI: 4096
mtu: 1450
wireguard: false #是否开启wg某种魔法一样的东西 ,magic
flexVolumeDriverPath: /usr/libexec/k0s/kubelet-plugins/volume/exec/nodeagent~uds
withWindowsNodes: false #在windows系统node一同工作?
podSecurityPolicy:
defaultPolicy: 00-k0s-privileged
workerProfiles: []
telemetry:
interval: 10m0s
enabled: true
运行k0s
经历了这么多总算可以运行k0s,是骡子是马,拉出来遛遛,配置文件请不要复制请使用系统生成的
使用如下命令运行k0s:
k0s server -c ${HOME}/.k0s/k0s.yaml --enable-worker # --enable-worker该选项可加可不加如果你资源充足且只想将该node作为master node无需添加该选项,这就是上面说的自托管的隔离 control plane
arm64运行master node且使用etcd,请先设置环境变量否则无法运行etcd ,就像这样:export ETCD_UNSUPPORTED_ARCH arm64
,不然:etcd on unsupported platform without ETCD_UNSUPPORTED_ARCH=arm64 set.
建议使用screen开一个窗口在后台测试运行,这样也不要找k0s pid了,直接kill screen pid且方便使用kubectl测试,嫌麻烦的话前台运行再开一个ssh窗口
如配置没问题,你应该会看到如下一大堆INFO
如有问题请检查配置文件,评论或给我发送邮件,邮箱地址:[email protected],请准确的表达出你所遇到的问题
使用kubectl管理k8s
mkdir /kube
sudo cat /var/lib/k0s/pki/admin.conf | tee /kube/kubeconfig #KUBECONFIG写入到/kube/kubeconfig
export KUBECONFIG="/kube/kubeconfig" #设置KUBECONFIG的具体位置以让kubectl读取
使用kubectl测试k0s是否运行及相关容器是否运行
命令:
kubectl get pod -A
你会看到如下场面,容器在init在创建,如果一直显示Pending,这也很正常因为你只允许了master node作为控制平面并没有运行worker,除非你修改配置文件或让worker node加入,容器才能正常运行
使用如下命令:
ln -s ~/.k0s/k0s.yaml ~/k0s.yaml #如不执行该命令报错为:
ERRO[2021-01-22 20:32:47] Failed to read cluster config: failed to read config file at /root/k0s.yaml: open /root/k0s.yaml: no such file or directory #违背常理的存放地址
k0s install #将k0s作为service运行在系统里可使用systemctl进行管理,如创建成功会出现如下信息
INFO[2021-01-22 20:39:42] creating user: etcd #创建etcd用户k0s.yaml配置内的,可修改
INFO[2021-01-22 20:39:42] creating user: kube-apiserver #创建kube-apiserver用户k0s.yaml配置内的,可修改
INFO[2021-01-22 20:39:42] creating user: konnectivity-server #创建konnectivity-server用户k0s.yaml配置内的,可修改
INFO[2021-01-22 20:39:43] creating user: kube-scheduler #创建kube-scheduler用户k0s.yaml配置内的,可修改
INFO[2021-01-22 20:39:43] Installing k0s service #将k0s作为服务安装进系统
systemctl enable k0s --now #k0s添加开机自启并启动
有些时候你想修改某些配置的时候你可通过 k0s.service配置,例如在k0s.server添加arm64环境变量,这样就不需要手动export了
请使用你最拿手的编辑器修改此文件/etc/systemd/system/k0s.service
文件内容:
[Unit]
Description=k0s - Zero Friction Kubernetes
ConditionFileIsExecutable=/usr/local/bin/k0s
After=network.target
[Service]
StartLimitInterval=5
StartLimitBurst=10
ExecStart=/usr/local/bin/k0s "server" "--config" "/root/.k0s/k0s.yaml" #这里是k0s运行脚本如需在master node 添加 worker请往后添加 "--enable-worker" 像这样ExecStart=/usr/local/bin/k0s "server" "--config" "/root/.k0s/k0s.yaml" "--enable-worker"
Environment="ETCD_UNSUPPORTED_ARCH=arm64" #ram etcd用户请添加此项否则无法运行etcd
Restart=always
RestartSec=120
EnvironmentFile=-/etc/sysconfig/k0s
KillMode=process
[Install]
WantedBy=multi-user.target
在完成你的修改后请运行systemctl daemon-reload && systemctl restart k0s
以重载配置文件并重启k0s
worker:
在master上执行:
[root@VM-0-8-centos ~]# k0s token create --role=worker # 获取worker加入token
H4sIAAAAAAAC/2yV0Y6jOhKG7/sp8gIzx0DS6kTaiyFtkzbBfTAuO/gOMNMkNoQmJCFZ7buvOjMj7Urnrlz16/sty6r/qej3sh5O+2O3ml28p8qdT2M9nFZP32a/69XTbDabnerhUg+rWTOO/Wn1118e+u6j5+/o+8vqeT4PHpqqHsb9z31VjPW34jw2x2E/3r6ZYixWs22Gxm3mrTkYKvbhK5cUMtA0RQT4Y4bGtfVoBjzkmL2mSvYakSADGmrkpDiwtQyqRamO16KDSyHxgkeLSXVvC4akSyC5GsS5gn5bej0tNvogLOEcrnHqSGiQwVwaljqySQWRHMhcwKJJPN0r18RG9jm006EW5FNJHmrQQbJxTGIyF6qnNfY+UxEyjmnDu+paf/R/ZuH/zgTQrsb6M5VyrdFCpZYwifnOvBJdSr3IW08lpM/FjuvEykD7hhTghQk2rxCQzdoxmh8YBpDrVBKZAkYZUGwQeWgzRC5fbwLAP3mnh8xBYJQuErUkzC5wFoS+tl7zvuO3Ek1DYWlcH/JY3DWvYAxES05l9IFy0Nds46j2PVlvmo0iDWNqyVnkeKb6u27nA+ya/TtuUoZobl4brnfumvvkVmVjr30eZT/6eRHIHlo6GrvcMp93tZNTveOBBJmC31uO6AmsYwKwn/o6SBBBsB5TEy0OyaZ5S1q6161eJyL0crQIChjf1y05GcmLauO2CviugHTBpEHS2qna9Auz6bfSpwIgGRLHtiWh69yOKtvwvsBLwoCh3DMntiOhJEboA2XMv8Zm12faNVHpz+8Jps8G91nsNXHSglfbKRBBP0LErhKRLINmjH0XG/wy5wd3rvfjXEnznkXLu2jHOAmSK+x0oT6OnvEnqaNmkQRScOVIveOtCPJrGY0nfeBv5rYMoZ0CbV1aHpp7tePCQJPCbdzGPj9X2H2myrDUkpD7PS8sDdfWCxk2YSKl5RtD0v0yAJChQW6dtn0ImHbC6Tew3jpV+ZwDhRR4CPBxEfB25QhPUnGsPbJLLYXCY7ToIDZYIsDLiIumz16pkoodmXqZZMCoxOQ9bc1QqWYooFqYe/j1B+/cklAgFn7555YM1U6TDKZ3vnFat/0z/OhF3eYXhpr3QmE/DoxMhfaTww8/I3phiGz5bXmWGFDdkfcKYDAY+0yGF2FpwJB3zXfJnGNy5cFxSjxGABq0tqbjdxIkaL6oJSHJ/c0z0eQq3yMFTDdNwlPuXycNzcB8PFXSrI3DA4PpuZLNvVBjwtWUKCWfRbSMFbA+hXmcObgb3ysyX/tKjVn9qrkiXBlp4kIlF32g61KxocTNmUmqdbQ4M0xvevdxL9GY146csk0zlWh5KrAdMtUcTNrTKpJdFsGtks1QQyO3t6WnnJ2yVyJKZ1SFWSAgv5k7waVjn1VUBYVnpwIdvRQRnCAK9S6dK8KbtAtzUMto7fjWCPM3oJEKm04saN7KTS/lrrdJQK1w7r2OKMR+w3jUhKKTwthpvvXp7X1DrMLJvFTookXqKfFjYqrZig2OMzT1ddQHfwsU/97NRNj0I0Uyk9hFGbBQYnjs5W16/NfTbNYVbb2aWXR6qo7dWE/jr5T4Vf9KiT+R8VB9Nc6nx+lc1q4ev5XH43gah6L/f9p5GOpu/PaH9GjafWdWs/Wx+7n/eOqH+mc91F1Vn1azf//n6Yv6MP8N+Qf8w/hxhfFo6241q323fLl+b8bgZV9djuXy9PLTtNen/wYAAP//NgS1uwIHAAA=
在worker上执行:
k0s worker "worker-join-token" #使用master给的worker token加入
master 01:
在master上执行(请确保你的后端数据库支持HA):
[root@VM-0-8-centos ~]# k0s token create --role=controller --expiry=1h #创建master0x加入token 有效期为一小时,可更改
H4sIAAAAAAAC/3RV0Y6jOhZ876/ID/RcA0lrEmkfhrRN2gTnYnzs4DfATJPYITSQDslq/33VmRlp9+G+HZ8qVVmWVfVUdAdZ98Ph3K5mn95T5S7DWPfD6ul59ntePc1ms9lQ9591v5o149gNq7/+8tA3H718Q9++r5bzefDgVHU/Hn4eqmKsn4vL2Jz7w3h7NsVYrGbbDI3bzFtzMFQcwlcuKWSgaYoI8AeGxrX1aAY85Ji9pkp2GpEgAxpq5KQ4srUMqkWpzteihc9C4gWPFpNq3xYMSZdAcjWIcwXdtvQ6Wmz0UVjCOVzj1JHQIIO5NCx1ZJMKIjmQuYBFk3i6U66JjexyOE3HWpAPJXmoQQfJxjGJyVyojtbY+0hFyDimDW+ra/3e/cHC/8UE0LbG+iOVcq3RQqWWMIn53rwSXUq9yE+eSkiXiz3XiZWB9g0pwAsTbF4hIJu1YzQ/Mgwg16kkMgWMMqDYIPLgZoh8fr0JAP/gre4zB4FRukjUkjC7wFkQ+tp6zW7PbyWa+sLSuD7msbhrXsEYiBMZyugd5aCv2cZR7Xuy3jQbRRrG1JKzyPFMdXd9mvewbw473KQM0dy8Nlzv3TX3ya3Kxk77PMp+dPMikB2c6Gjscst83tZOTvWeBxJkCn5nOaIDWMcEYD/1dZAggmA9piZaHJNN85ac6EGf9DoRoZejRVDAuFufyGAkL6qN2yrg+wLSBZMGSWunatMtzKbbSp8KgKRPHNuWhK5zO6psw7sCLwkDhnLPDGxPQkmM0EfKmH+Nzb7LtGui0p/fE0xfDO6y2Gvi5ARebadABN0IEbtKRLIMmjH2XWzw9zk/ukt9GOdKml0WLe/iNMZJkFxhrwv1fvaMP0kdNYskkIIrR+o9P4kgv5bROOgjfzO3ZQinKdDWpeWxuVd7Lgw0KdzGbezzS4XdR6oMSy0Jud/xwtJwbb2QYRMmUlq+MSQ9LAMAGRrk1umpCwHTVjj9BtZbpyqfc6CQAg8B3j8FvF05wpNUHGuP7FNLofAYLVqIDZYI8DLioumyV6qkYmemvk8yYFRisktPpq9U0xdQLcw9/PqDd25JKBALv/xzS/pqr0kG045vnNan7gV+dKI+5Z8MNbtCYT8OjEyF9pPjDz8jemGIPPHb8iIxoLoluwqgNxj7TIafwtKAIe+a75M5x+TKg/OUeIwANGhtTcvvJEjQfFFLQpL7m2eiyVW+RwqYbpqEQ+5fJw1Nz3w8VdKsjcM9g+mlks29UGPC1ZQoJV9EtIwVsC6FeZw5uBvfKzJf+0qNWf2quSJcGWniQiWf+kjXpWJ9iZsLk1TraHFhmN70/v1eojGvHRmyTTOVaDkU2PaZao4m7WgVyTaL4FbJpq+hkdvb0lPOTtkrEaUzqsIsEJDfzJ3g0rGPKqqCwrNTgc5eighOEIV6n84V4U3ahjmoZbR2fGuE+RvQSIVNJxY0b+Wmk3Lf2SSgVji3qyMKsd8wHjWhaKUwdppvfXrbbYhVOJmXCn1qkXpK/JiYarZig+MMTV0ddcHfAsW/s5kIm76nSGYSuygDFkoMj1zepud/Pc1mbXGqVzOLhqfq3I71NP5qiV/zr5b4UxkP1tfiMnydvjj92bm6fy7P53EY+6L7f8FL39ft+PxH7LG0h9asZutz+/Pw/tT19c+6r9uqHlazf//n6Uv44f9L5B8cHvaPi4xnW7erWfnx0V7qb2bxc1hW7npvLsvbR3d8+m8AAAD//4OF1g8IBwAA
master 02:
k0s server "master-join-token" #master0x使用master token加入master,请确保内网联通
问题1.
INFO[2021-01-22 21:02:28] 2021-01-22 21:02:28.513556 C | etcdserver: create snapshot directory error: mkdir /var/lib/k0s/etcd/member/snap: permission denied component=etcd #用户权限不足无法创建文件多半是用systemctl运行了
请使用systemctl运行k0s
问题2.
/var/lib/k0s/etcd exist #文件已存在
rm -rf /var/lib/k0s/etcd #删除或使用systemctl运行
我感觉部署没比kubeadm部署简单到哪里去,虽然难但它依旧是一个不错的发行版本,且也不轻量,过几天写篇kubeadm microk8s k3s k0s 部署的kubernetes评测,最近时间紧。
推销自己博客https://blog.cloudyun.xyz