TakeMyHandNow
TakeMyHandNow

k8s集群搭建

k8s集群搭建

虚拟机环境准备
  • vagrant初始化三台sentos/7环境(需要先安装vagrant)

Vagrantfile文件:

Vagrant.configure("2") do |config|
   (1..3).each do |i|
        config.vm.define "k8s-node#{i}" do |node|
            # 设置虚拟机的Box
            node.vm.box = "centos/7"

            # 设置虚拟机的主机名
            node.vm.hostname="k8s-node#{i}"

            # 设置虚拟机的IP
            node.vm.network "private_network", ip: "192.168.56.#{99+i}", netmask: "255.255.255.0"

            # 设置主机与虚拟机的共享目录
            # node.vm.synced_folder "~/Documents/vagrant/share", "/home/vagrant/share"

            # VirtaulBox相关配置
            node.vm.provider "virtualbox" do |v|
                # 设置虚拟机的名称
                v.name = "k8s-node#{i}"
                # 设置虚拟机的内存大小
                v.memory = 2048
                # 设置虚拟机的CPU个数
                v.cpus = 4
            end
        end
   end
end

在当前目录下运行

#启动
vagrant up
#连接某个虚拟机(以下步骤三台都需要执行)
vagrant ssh k8s-node1
#切换root用户
su root
#输入密码
vagrant
#设置可远程账号密码登陆
vi /etc/ssh/sshd_config
#PasswordAuthentication no改为PasswordAuthentication yes 并保存编辑
#重启sshd服务
service sshd restart
#退出,执行其他两台操作
exit
  • 设置每个虚拟机网络连接方式为NET网络,MAC地址记得重新刷下保存
# 查看默认的网卡
[root@k8s-node1 ~]# ip route show
default via 10.0.2.2 dev eth0 proto dhcp metric 100  # 默认使用eth0

10.0.2.0/24 dev eth0 proto kernel scope link src 10.0.2.15 metric 100  # 网关和ip

192.168.56.0/24 dev eth1 proto kernel scope link src 192.168.56.100 metric 101

能够看到路由表中记录的是,通过端口eth0进行数据包的收发。

分别查看k8s-node1,k8s-node2和k8s-node3的eth0所绑定的IP地址,发现它们都是相同的,全都是10.0.2.15,这些地址是供kubernetes集群通信用的;eth1上的IP地址,是通远程管理使用的。

[root@k8s-node1 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:8d:e4:a1 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global noprefixroute dynamic eth0
       valid_lft 488sec preferred_lft 488sec
    inet6 fe80::a00:27ff:fe8d:e4a1/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:bb:c0:06 brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.100/24 brd 192.168.56.255 scope global noprefixroute eth1

*原因分析:这是因为它们使用是端口转发规则,使用同一个地址,通过不同的端口来区分。但是这种端口转发规则在以后的使用中会产生很多不必要的问题,所以需要修改为NAT网络类型

*解决:在virtualBox中 管理->全局设置->网络->添加新NET网络 保存

修改为NET网络连接,并刷新MAC地址

k8s集群搭建_第1张图片

  • 保证三台虚拟机可以互相ping通和外网也能ping通

  • 设置Linux环境

    关闭防火墙

    systemctl stop firewalld
systemctl disable firewalld

    关闭seLinux Linux默认安全策略

    sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0

    关闭swap(关闭内存交换)

    #临时关闭
swapoff -a
#永久关闭
sed -ri 's/.*swap.*/#&/' /etc/fstab

    添加主机名对应ip关系

    #查看主机名
hostname

    如果主机名不正确,可以通过“hostnamectl set-hostname :指定新的hostname”命令来进行修改。

    vi /etc/hosts
10.0.2.4 k8s-node1
10.0.2.15 k8s-node2
10.0.2.5 k8s-node3

    将桥接的IPV4流量传递到iptables的链:

    cat > /etc/sysctl.d/k8s.conf <

    应用规则:

    sysctl --system
所有节点安装docker、kubeam、kubelet、kubectl

安装docker

  • 卸载之前的docker

    sudo yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-engine

  • 安装Docker -CE

    sudo yum install -y yum-utils \
device-mapper-persistent-data \
lvm2
# 设置docker repo的yum位置
sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo
# 安装docker,docker-cli
sudo yum -y install docker-ce docker-ce-cli containerd.io

  • 配置docker加速

    sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://8eorvk5t.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

  • 设置docker开机启动

    systemctl enable docker

  • 添加阿里云yum源

    cat > /etc/yum.repos.d/kubernetes.repo <

  • 安装kubeadm、kubelet、kubectl

    yum install -y kubelet-1.17.3 kubeadm-1.17.3 kubectl-1.17.3

  • 开机启动 & 启动

    systemctl enable kubelet
systemctl start kubelet
部署k8s-master

(1)master节点初始化

  • 在master节点上创建并执行 master_images.sh
#!/bin/bash

images=(
	kube-apiserver:v1.17.3
    kube-proxy:v1.17.3
	kube-controller-manager:v1.17.3
	kube-scheduler:v1.17.3
	coredns:1.6.5
	etcd:3.4.3-0
    pause:3.1
)

for imageName in ${images[@]} ; do
    docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
#   docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName  k8s.gcr.io/$imageName
done

  • 初始化kubeadm (注:10.0.2.4需要根据ip addr查看默认eth0网卡的地址,pod-network-cidr为pod之间访问网络)

    kubeadm init \
--apiserver-advertise-address=10.0.2.4 \
--image-repository registry.cn-hangzhou.aliyuncs.com/google_containers \
--kubernetes-version   v1.17.3 \
--service-cidr=10.96.0.0/16  \
--pod-network-cidr=10.244.0.0/16

    #运行后结果
Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 10.0.2.4:6443 --token 94epyx.ew2xu6ofhdmrbzgr \
    --discovery-token-ca-cert-hash sha256:fc07908cb01204efc79b51d836956a447c41b20436509bcf1dc21b28b0a37ce9

  • master执行

    mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

  • 在master节点上执行按照POD网络插件

    kubectl apply -f \
https://raw.githubusercontent.com/coreos/flanne/master/Documentation/kube-flannel.yml

  • 以上地址可能被墙,可以直接获取本地已经下载的flannel.yml运行即可

    kubectl apply -f kube-flannel.yml

  • 等待两三分钟

    #查看指定名称空间的pods
kubectl get pods -n kube-system
#查看所有名称空间的pods (kube-flannel-ds-amd64-9cx8m  为running状态)
kubectl get pods --all-namespaces

  • 查看master上的节点信息

    #  所有status为(ready状态) 需要等待几分钟
kubectl get nodes

  • 每个node节点执行

    kubeadm join 10.0.2.4:6443 --token 94epyx.ew2xu6ofhdmrbzgr \
    --discovery-token-ca-cert-hash sha256:fc07908cb01204efc79b51d836956a447c41b20436509bcf1dc21b28b0a37ce9

  • master查看节点

    [root@k8s-node1 opt]# kubectl get nodes;
NAME        STATUS     ROLES    AGE   VERSION
k8s-node1   Ready      master   47m   v1.17.3
k8s-node2   NotReady      75s   v1.17.3
k8s-node3   NotReady      76s   v1.17.3

  • 监控pod进度

    watch kubectl get pod -n kube-system -o wide
入门操作kubernetes集群

(1)在主节点创建一个tomcat

kubectl create deployment tomcat6 --image=tomcat:6.0.53-jre8

  • 获取所有的资源

    [root@k8s-node1 ~]# kubectl get all
NAME                           READY   STATUS              RESTARTS   AGE
pod/tomcat6-5f7ccf4cb9-42rp4   0/1     ContainerCreating   0          21s

NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
service/kubernetes   ClusterIP   10.96.0.1            443/TCP   2d2h

NAME                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/tomcat6   0/1     1            0           21s

NAME                                 DESIRED   CURRENT   READY   AGE
replicaset.apps/tomcat6-5f7ccf4cb9   1         1         0       21s
[root@k8s-node1 ~]#

  • 获取更广泛的信息(可以看到tomcat被部署到node3节点了)

    [root@k8s-node1 ~]# kubectl get all -o wide
NAME                           READY   STATUS    RESTARTS   AGE     IP           NODE        NOMINATED NODE   READINESS GATES
pod/tomcat6-5f7ccf4cb9-42rp4   1/1     Running   0          2m36s   10.244.2.2   k8s-node3              

NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE    SELECTOR
service/kubernetes   ClusterIP   10.96.0.1            443/TCP   2d2h   

NAME                      READY   UP-TO-DATE   AVAILABLE   AGE     CONTAINERS   IMAGES               SELECTOR
deployment.apps/tomcat6   1/1     1            1           2m36s   tomcat       tomcat:6.0.53-jre8   app=tomcat6

NAME                                 DESIRED   CURRENT   READY   AGE     CONTAINERS   IMAGES               SELECTOR
replicaset.apps/tomcat6-5f7ccf4cb9   1         1         1       2m36s   tomcat       tomcat:6.0.53-jre8   app=tomcat6,pod-template-hash=5f7ccf4cb9

  • 在node3节点查看镜像,已经运行的容器

    [root@k8s-node3 ~]# docker images
REPOSITORY                                                       TAG             IMAGE ID       CREATED       SIZE
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy   v1.17.3         ae853e93800d   2 years ago   116MB
quay.io/coreos/flannel                                           v0.11.0-amd64   ff281650a721   3 years ago   52.6MB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause        3.1             da86e6ba6ca1   4 years ago   742kB
tomcat                                                           6.0.53-jre8     49ab0583115a   4 years ago   290MB

[root@k8s-node3 ~]# docker ps
CONTAINER ID   IMAGE                                                           COMMAND                  CREATED          STATUS          PORTS     NAMES
82af330e9ce9   tomcat                                                          "catalina.sh run"        5 minutes ago    Up 5 minutes              k8s_tomcat_tomcat6-5f7ccf4cb9-42rp4_default_017f3e40-97ba-426b-807c-81b1246b1457_0
a8ffef6fc19d   registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1   "/pause"                 6 minutes ago    Up 6 minutes              k8s_POD_tomcat6-5f7ccf4cb9-42rp4_default_017f3e40-97ba-426b-807c-81b1246b1457_0
1e983064186b   ff281650a721                                                    "/opt/bin/flanneld -…"   16 minutes ago   Up 16 minutes             k8s_kube-flannel_kube-flannel-ds-amd64-7g2jf_kube-system_91b4dcf3-4132-4b38-8fda-728ea4c5bcc1_1
5b4dfb391af9   ae853e93800d                                                    "/usr/local/bin/kube…"   16 minutes ago   Up 16 minutes             k8s_kube-proxy_kube-proxy-qqwnh_kube-system_cdbe57ad-29d4-44a5-bfcc-27bde6967f26_1
7e8f1c697f09   registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1   "/pause"                 16 minutes ago   Up 16 minutes             k8s_POD_kube-flannel-ds-amd64-7g2jf_kube-system_91b4dcf3-4132-4b38-8fda-728ea4c5bcc1_1
4d1c952f7231   registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1   "/pause"                 16 minutes ago   Up 16 minutes             k8s_POD_kube-proxy-qqwnh_kube-system_cdbe57ad-29d4-44a5-bfcc-27bde6967f26_1

  • 在node1上执行

    [root@k8s-node1 ~]# kubectl get pods
NAME                       READY   STATUS    RESTARTS   AGE
tomcat6-5f7ccf4cb9-42rp4   1/1     Running   0          7m23s

[root@k8s-node1 ~]# kubectl get pods --all-namespaces
NAMESPACE     NAME                                READY   STATUS    RESTARTS   AGE
default       tomcat6-5f7ccf4cb9-42rp4            1/1     Running   0          9m25s
kube-system   coredns-7f9c544f75-5kjwt            1/1     Running   1          2d3h
kube-system   coredns-7f9c544f75-h64jq            1/1     Running   1          2d3h
kube-system   etcd-k8s-node1                      1/1     Running   1          2d3h
kube-system   kube-apiserver-k8s-node1            1/1     Running   1          2d3h
kube-system   kube-controller-manager-k8s-node1   1/1     Running   1          2d3h
kube-system   kube-flannel-ds-amd64-7g2jf         1/1     Running   1          2d2h
kube-system   kube-flannel-ds-amd64-9cx8m         1/1     Running   1          2d2h
kube-system   kube-flannel-ds-amd64-rzzh7         1/1     Running   1          2d2h
kube-system   kube-proxy-l2zlv                    1/1     Running   1          2d2h
kube-system   kube-proxy-n5lkp                    1/1     Running   1          2d3h
kube-system   kube-proxy-qqwnh                    1/1     Running   1          2d2h
kube-system   kube-scheduler-k8s-node1            1/1     Running   1          2d3h

  • node3模拟停止tomcat服务(发现会重新拉起服务)

    [root@k8s-node3 ~]# docker stop 8660708b06f5
8660708b06f5

[root@k8s-node3 ~]# docker ps
CONTAINER ID   IMAGE                                                           COMMAND                  CREATED          STATUS          PORTS     NAMES
236063153c29   49ab0583115a                                                    "catalina.sh run"        2 seconds ago    Up 1 second               k8s_tomcat_tomcat6-5f7ccf4cb9-42rp4_default_017f3e40-97ba-426b-807c-81b1246b1457_2
a8ffef6fc19d   registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1   "/pause"                 14 minutes ago   Up 14 minutes             k8s_POD_tomcat6-5f7ccf4cb9-42rp4_default_017f3e40-97ba-426b-807c-81b1246b1457_0
1e983064186b   ff281650a721                                                    "/opt/bin/flanneld -…"   24 minutes ago   Up 24 minutes             k8s_kube-flannel_kube-flannel-ds-amd64-7g2jf_kube-system_91b4dcf3-4132-4b38-8fda-728ea4c5bcc1_1
5b4dfb391af9   ae853e93800d                                                    "/usr/local/bin/kube…"   24 minutes ago   Up 24 minutes             k8s_kube-proxy_kube-proxy-qqwnh_kube-system_cdbe57ad-29d4-44a5-bfcc-27bde6967f26_1
7e8f1c697f09   registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1   "/pause"                 24 minutes ago   Up 24 minutes             k8s_POD_kube-flannel-ds-amd64-7g2jf_kube-system_91b4dcf3-4132-4b38-8fda-728ea4c5bcc1_1
4d1c952f7231   registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1   "/pause"                 24 minutes ago   Up 24 minutes             k8s_POD_kube-proxy-qqwnh_kube-system_cdbe57ad-29d4-44a5-bfcc-27bde6967f26_1

  • 模拟node3服务器宕机,关闭node3服务器

    [root@k8s-node1 ~]# kubectl get nodes
NAME        STATUS     ROLES    AGE    VERSION
k8s-node1   Ready      master   2d3h   v1.17.3
k8s-node2   Ready         2d2h   v1.17.3
k8s-node3   NotReady      2d2h   v1.17.3

  • 等几分钟才能容灾恢复(node2节点会创建tomcat镜像和实例并启动)

    [root@k8s-node1 ~]# kubectl get pods -o wide
NAME                       READY   STATUS              RESTARTS   AGE   IP           NODE        NOMINATED NODE   READINESS GATES
tomcat6-5f7ccf4cb9-42rp4   1/1     Terminating         2          22m   10.244.2.2   k8s-node3              
tomcat6-5f7ccf4cb9-7fmb8   0/1     ContainerCreating   0          1s           k8s-node2              

[root@k8s-node1 ~]# kubectl get pods -o wide
NAME                       READY   STATUS        RESTARTS   AGE   IP           NODE        NOMINATED NODE   READINESS GATES
tomcat6-5f7ccf4cb9-42rp4   1/1     Terminating   2          24m   10.244.2.2   k8s-node3              
tomcat6-5f7ccf4cb9-7fmb8   1/1     Running       0          2m    10.244.1.2   k8s-node2

(2)暴露nginx访问

  • master上执行(service端口80,代理到容器端口8080,用户访问接口随机生成)

    [root@k8s-node1 ~]# kubectl expose deployment tomcat6 --port=80 --target-port=8080 --type=NodePort

service/tomcat6 exposed

  • 查看服务 (暴露端口为31380)

    [root@k8s-node1 ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1               443/TCP        2d3h
tomcat6      NodePort    10.96.135.188           80:31380/TCP   76s

[root@k8s-node1 ~]# kubectl get svc -o wide
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE     SE                                                                         LECTOR
kubernetes   ClusterIP   10.96.0.1               443/TCP        2d3h    
tomcat6      NodePort    10.96.135.188           80:31380/TCP   7m20s   ap                                                                        p=tomcat6

    浏览器输入http://192.168.56.100:31380/可到tomcat首页

  • 输入下面命令可以看到pod和封装pod 的service,pod是部署产生的,部署还有一个副本

    [root@k8s-node1 ~]# kubectl get all
NAME                           READY   STATUS    RESTARTS   AGE
pod/tomcat6-5f7ccf4cb9-7fmb8   1/1     Running   0          27m

NAME                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
service/kubernetes   ClusterIP   10.96.0.1               443/TCP        2d3h
service/tomcat6      NodePort    10.96.135.188           80:31380/TCP   11m

NAME                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/tomcat6   1/1     1            1           49m

NAME                                 DESIRED   CURRENT   READY   AGE
replicaset.apps/tomcat6-5f7ccf4cb9   1         1         1       49m

(3)动态扩容测试

  • kubectl get deployment

    [root@k8s-node1 ~]# kubectl get deployment
NAME      READY   UP-TO-DATE   AVAILABLE   AGE
tomcat6   1/1     1            1           53m

  • 扩容为3份

    [root@k8s-node1 ~]# kubectl scale --replicas=3 deployment tomcat6
deployment.apps/tomcat6 scaled

[root@k8s-node1 ~]# kubectl get pods -o wide
NAME                       READY   STATUS    RESTARTS   AGE   IP           NODE        NOMINATED NODE   READINESS GATES
tomcat6-5f7ccf4cb9-7fmb8   1/1     Running   0          34m   10.244.1.2   k8s-node2              
tomcat6-5f7ccf4cb9-m98hp   1/1     Running   0          75s   10.244.1.3   k8s-node2              
tomcat6-5f7ccf4cb9-r89jv   1/1     Running   0          75s   10.244.2.3   k8s-node3

  • 缩容也一样 kubectl scale --replicas=1 deployment tomcat6

  • 删除部署和service

    
[root@k8s-node1 ~]# kubectl get all
NAME                           READY   STATUS    RESTARTS   AGE
pod/tomcat6-5f7ccf4cb9-r89jv   1/1     Running   0          7m9s

NAME                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
service/kubernetes   ClusterIP   10.96.0.1               443/TCP        2d3h
service/tomcat6      NodePort    10.96.135.188           80:31380/TCP   24m

NAME                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/tomcat6   1/1     1            1           62m

NAME                                 DESIRED   CURRENT   READY   AGE
replicaset.apps/tomcat6-5f7ccf4cb9   1         1         1       62m

[root@k8s-node1 ~]# kubectl delete deployment.apps/tomcat6
deployment.apps "tomcat6" deleted

[root@k8s-node1 ~]# kubectl get all
NAME                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
service/kubernetes   ClusterIP   10.96.0.1               443/TCP        2d3h
service/tomcat6      NodePort    10.96.135.188           80:31380/TCP   26m
[root@k8s-node1 ~]# kubectl get pods
No resources found in default namespace.

[root@k8s-node1 ~]# kubectl delete service/tomcat6
service "tomcat6" deleted
K8s细节

(1)yaml输出

  • 帮助命令
#help
[root@k8s-node1 ~]# kubectl create deployment tomcat6 --image=tomcat:6.0.53-jre8 --help
Create a deployment with the specified name.

Aliases:
deployment, deploy

Examples:
  # Create a new deployment named my-dep that runs the busybox image.
  kubectl create deployment my-dep --image=busybox

Options:
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
the template. Only applies to golang and jsonpath output formats.
      --dry-run=false: If true, only print the object that would be sent, without sending it.
      --generator='': The name of the API generator to use.
      --image=[]: Image name to run.
  -o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file.
      --save-config=false: If true, the configuration of current object will be saved in its annotation. Otherwise, the
annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future.
      --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The
template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview].
      --validate=true: If true, use a schema to validate the input before sending it

Usage:
  kubectl create deployment NAME --image=image [--dry-run] [options]

Use "kubectl options" for a list of global command-line options (applies to all commands).
  • 查看yaml (–dry-run并不会真正执行这条命令)
[root@k8s-node1 ~]# kubectl create deployment tomcat6 --image=tomcat:6.0.53-jre8 --dry-run -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: tomcat6
  name: tomcat6
spec:
  replicas: 1
  selector:
    matchLabels:
      app: tomcat6
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: tomcat6
    spec:
      containers:
      - image: tomcat:6.0.53-jre8
        name: tomcat
        resources: {}
status: {}

  • yaml输出到文件

    kubectl create deployment tomcat6 --image=tomcat:6.0.53-jre8 --dry-run -o yaml > tomcat6.yaml

  • vi编辑,并保存

    apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: tomcat6
  name: tomcat6
spec:
  replicas: 3
  selector:
    matchLabels:
      app: tomcat6
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: tomcat6
    spec:
      containers:
      - image: tomcat:6.0.53-jre8
        name: tomcat

  • 运行yaml,并查看

    [root@k8s-node1 ~]# kubectl apply -f tomcat6.yaml
deployment.apps/tomcat6 created

[root@k8s-node1 ~]# kubectl get pods
NAME                       READY   STATUS    RESTARTS   AGE
tomcat6-5f7ccf4cb9-h2wdb   1/1     Running   0          30s
tomcat6-5f7ccf4cb9-slddq   1/1     Running   0          30s
tomcat6-5f7ccf4cb9-vcp2v   1/1     Running   0          30s
[root@k8s-node1 ~]#

  • 查看某个pod,生成yaml

    [root@k8s-node1 ~]# kubectl get pods
NAME                       READY   STATUS    RESTARTS   AGE
tomcat6-5f7ccf4cb9-h2wdb   1/1     Running   0          13m
tomcat6-5f7ccf4cb9-slddq   1/1     Running   0          13m
tomcat6-5f7ccf4cb9-vcp2v   1/1     Running   0          13m

[root@k8s-node1 ~]# kubectl get pods tomcat6-5f7ccf4cb9-h2wdb
NAME                       READY   STATUS    RESTARTS   AGE
tomcat6-5f7ccf4cb9-h2wdb   1/1     Running   0          14m

[root@k8s-node1 ~]# kubectl get pods tomcat6-5f7ccf4cb9-h2wdb -o yaml

  • 关联部署和service

    [root@k8s-node1 ~]# kubectl create deployment tomcat6 --image=tomcat:6.0.53-jre8 --dry-run -o yaml > tomcat6-deployment.yaml


[root@k8s-node1 ~]# kubectl expose deployment tomcat6 --port=80 --target-port=8080 --type=NodePort --dry-run -o yaml
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    app: tomcat6
  name: tomcat6
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 8080
  selector:
    app: tomcat6
  type: NodePort
status:
  loadBalancer: {}

#copy上面暴露服务的yaml用---进行拼接,表示部署完毕并暴露服务
[root@k8s-node1 ~]#vi tomcat6-deployment.yaml
apiVersion: apps/v1
kind: Deployment  #部署
metadata:
  labels:
    app: tomcat6  #标签
  name: tomcat6
spec:
  replicas: 3 #副本数
  selector:
    matchLabels:
      app: tomcat6
  template:
    metadata:
      labels:
        app: tomcat6
    spec:
      containers:
      - image: tomcat:6.0.53-jre8
        name: tomcat
---
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    app: tomcat6
  name: tomcat6
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 8080
  selector:
    app: tomcat6
  type: NodePort

  • 部署并暴露服务

    [root@k8s-node1 ~]# kubectl apply -f tomcat6-deployment.yaml
deployment.apps/tomcat6 created
service/tomcat6 created
Ingress

通过Ingress发现pod进行关联。基于域名访问
通过Ingress controller实现POD负载均衡
支持TCP/UDP 4层负载均衡和HTTP 7层负载均衡

  • ingress管理多个service

  • service管理多个pods

部署Ingress controller

  • 执行“k8s/ingress-controller.yaml”

    [root@k8s-node1 k8s]# kubectl apply -f ingress-controller.yaml
namespace/ingress-nginx created
configmap/nginx-configuration created
configmap/tcp-services created
configmap/udp-services created
serviceaccount/nginx-ingress-serviceaccount created
clusterrole.rbac.authorization.k8s.io/nginx-ingress-clusterrole created
role.rbac.authorization.k8s.io/nginx-ingress-role created
rolebinding.rbac.authorization.k8s.io/nginx-ingress-role-nisa-binding created
clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-clusterrole-nisa-binding created
daemonset.apps/nginx-ingress-controller created
service/ingress-nginx created

  • 查看

    [root@k8s-node1 k8s]# kubectl get pods --all-namespaces
NAMESPACE       NAME                                READY   STATUS              RESTAR                                                                          TS   AGE
default         tomcat6-5f7ccf4cb9-7tsfd            1/1     Running             0                                                                                    28m
default         tomcat6-5f7ccf4cb9-kggt4            1/1     Running             0                                                                                    28m
default         tomcat6-5f7ccf4cb9-zdv97            1/1     Running             0                                                                                    28m
ingress-nginx   nginx-ingress-controller-2nn5c      0/1     ContainerCreating   0                                                                                    96s
ingress-nginx   nginx-ingress-controller-lm95q      0/1     Running             0                                                                                    96s
kube-system     coredns-7f9c544f75-5kjwt            1/1     Running             3                                                                                    6d23h
kube-system     coredns-7f9c544f75-h64jq            1/1     Running             3                                                                                    6d23h
kube-system     etcd-k8s-node1                      1/1     Running             3                                                                                    6d23h
kube-system     kube-apiserver-k8s-node1            1/1     Running             3                                                                                    6d23h
kube-system     kube-controller-manager-k8s-node1   1/1     Running             3                                                                                    6d23h
kube-system     kube-flannel-ds-amd64-7g2jf         1/1     Running             4                                                                                    6d23h
kube-system     kube-flannel-ds-amd64-9cx8m         1/1     Running             3                                                                                    6d23h
kube-system     kube-flannel-ds-amd64-rzzh7         1/1     Running             3                                                                                    6d23h
kube-system     kube-proxy-l2zlv                    1/1     Running             3                                                                                    6d23h
kube-system     kube-proxy-n5lkp                    1/1     Running             3                                                                                    6d23h
kube-system     kube-proxy-qqwnh                    1/1     Running             4                                                                                    6d23h
kube-system     kube-scheduler-k8s-node1            1/1     Running             3                                                                                    6d23h

  • master节点负责调度,具体node2和node3执行,能够看到它们正在下载镜像(status为ContainerCreating)

    [root@k8s-node1 k8s]# kubectl get pods --all-namespaces
NAMESPACE       NAME                                READY   STATUS              RESTAR                                                                          TS   AGE
default         tomcat6-5f7ccf4cb9-7tsfd            1/1     Running             0                                                                                    28m
default         tomcat6-5f7ccf4cb9-kggt4            1/1     Running             0                                                                                    28m
default         tomcat6-5f7ccf4cb9-zdv97            1/1     Running             0                                                                                    28m
ingress-nginx   nginx-ingress-controller-2nn5c      0/1     ContainerCreating   0                                                                                    96s
ingress-nginx   nginx-ingress-controller-lm95q      0/1     Running             0

创建Ingress规则

通过Ingress发现pod进行关联。基于域名访问
通过Ingress controller实现POD负载均衡
支持TCP/UDP 4层负载均衡和HTTP 7层负载均衡

  • Ingress管理多个service
  • service管理多个pods

(1)部署Ingress contoller

  • 执行“k8s/ingress-controller.yaml”

    [root@k8s-node1 k8s]# kubectl apply -f ingress-controller.yaml 
namespace/ingress-nginx created
configmap/nginx-configuration created
configmap/tcp-services created
configmap/udp-services created
serviceaccount/nginx-ingress-serviceaccount created
clusterrole.rbac.authorization.k8s.io/nginx-ingress-clusterrole created
role.rbac.authorization.k8s.io/nginx-ingress-role created
rolebinding.rbac.authorization.k8s.io/nginx-ingress-role-nisa-binding created
clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-clusterrole-nisa-binding created
daemonset.apps/nginx-ingress-controller created
service/ingress-nginx created

  • 查看 (这里master节点负责调度,具体执行node1和node2完成,能够看到他们正在下载镜像)

    [root@k8s-node1 ~]# kubectl get pods --all-namespaces
NAMESPACE       NAME                                READY   STATUS    RESTARTS   AGE
default         tomcat6-5f7ccf4cb9-7tsfd            1/1     Running   1          47h
default         tomcat6-5f7ccf4cb9-kggt4            1/1     Running   1          47h
default         tomcat6-5f7ccf4cb9-zdv97            1/1     Running   1          47h
ingress-nginx   nginx-ingress-controller-2nn5c      1/1     ContainerCreating   2          47h
ingress-nginx   nginx-ingress-controller-lm95q      1/1     ContainerCreating   2          47h
kube-system     coredns-7f9c544f75-5kjwt            1/1     Running   4          8d
kube-system     coredns-7f9c544f75-h64jq            1/1     Running   4          8d
kube-system     etcd-k8s-node1                      1/1     Running   4          8d
kube-system     kube-apiserver-k8s-node1            1/1     Running   4          8d
kube-system     kube-controller-manager-k8s-node1   1/1     Running   4          8d
kube-system     kube-flannel-ds-amd64-7g2jf         1/1     Running   5          8d
kube-system     kube-flannel-ds-amd64-9cx8m         1/1     Running   4          8d
kube-system     kube-flannel-ds-amd64-rzzh7         1/1     Running   4          8d
kube-system     kube-proxy-l2zlv                    1/1     Running   4          8d
kube-system     kube-proxy-n5lkp                    1/1     Running   4          8d
kube-system     kube-proxy-qqwnh                    1/1     Running   5          8d
kube-system     kube-scheduler-k8s-node1            1/1     Running   4          8d

(2)创建Ingress规则

  • 创建ingress-tomcat6.yaml (vi编辑)

    apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: web
spec:
  rules:
  - host: tomcat6.kubenetes.com
    http:
       paths: 
          - backend: 
              serviceName: tomcat6
              servicePort: 80

  • 应用

    [root@k8s-node1 k8s]# kubectl apply -f ingress-tomcat6.yaml
ingress.extensions/web created

  • 修改本机的hosts文件,添加域名转换规则

    #kubernetes
192.168.56.102 tomcat6.kubenetes.com

    测试: http://tomcat6.kubenetes.com/ 访问到tomcat

    并且集群中即便有一个节点不可用,也不影响整体的运行。

安装kubernetes可视化界面——KubeSphere

1)安装helm(master节点执行)

helm是kubernetes的包管理器。包管理器类似于Ubuntu中使用的apt、Centos中使用的yum或者Python中使用的pip一样,能够快速查找、下载和安装使用包。Helm由客户端组件helm和服务端组件Tiller组成,能够将一组k8s资源打包统一管理,是查找、共享和使用kubernetes构建软件的最佳方式。

  • 安装

    curl -L http://git.io/get_helm.sh | bash

墙原因,上传我们给定的get_helm.sh,chmod 700,然后./get_helm.sh
可能有文件各式兼容行问题,用vi打开该sh文件,输入:
:set ff
回车,显示fileformat=dos,重新设置下文件格式:
:set ff=unix
保存退出
:wq

注意:如果安装失败,可以去https://github.com/helm/helm/releases/tag/v2.17.0下载压缩包helm-v2.17.0-linux-amd64.tar.gz 
解压
tar xf helm-v2.17.0-linux-amd64.tar.gz 
cp linux-amd64/helm /usr/local/bin
cp linux-amd64/tiller /usr/local/bin

  • 验证版本

    helm version

  • 创建权限,创建helm-rbac.yaml,写入如下内容

    apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system

  • 应用配置

    kubectl apply -f helm-rbac.yaml

安装Tiller(master执行)

  • 初始化

    helm init --service-account=tiller --tiller-image=sapcc/tiller:v2.16.3 --history-max 300 
--tiller-image  
指定镜像,否则会被墙

    等待节点上部署的tiller完成即可

  • helm和tiller查看

    helm
tiller

  • 测试

    helm install stable/nginx-ingress --name nginx-ingress

安装openEBS

它是k8s的存储类型StorageClass,因为集群里没有StorageClass,所以我们安装OpenEBS作为StorageClass,且必须手动指定默认是它

  • 查看所有节点信息

    [root@k8s-node1 k8s]# kubectl get node -o wide
NAME        STATUS   ROLES    AGE   VERSION   INTERNAL-IP   EXTERNAL-IP   OS-IMAGE                KERNEL-VERSION           CONTAINER-RUNTIME
k8s-node1   Ready    master   10d   v1.17.3   10.0.2.4              CentOS Linux 7 (Core)   3.10.0-1127.el7.x86_64   docker://20.10.13
k8s-node2   Ready       10d   v1.17.3   10.0.2.15             CentOS Linux 7 (Core)   3.10.0-1127.el7.x86_64   docker://20.10.13
k8s-node3   Ready       10d   v1.17.3   10.0.2.5              CentOS Linux 7 (Core)   3.10.0-1127.el7.x86_64   docker://20.10.13

  • 确认master节点是否有Taint,如下看到master节点有Taint。

    [root@k8s-node1 k8s]# kubectl describe node k8s-node1 | grep Taint
Taints:             node-role.kubernetes.io/master:NoSchedule

  • 去掉master节点的Taint

    [root@k8s-node1 k8s]# kubectl taint nodes k8s-node1 node-role.kubernetes.io/master:NoSchedule-
node/k8s-node1 untainted

  • 再次查看,发现已经没有Taint

    [root@k8s-node1 k8s]# kubectl describe node k8s-node1 | grep Taint                          Taints:

  • 创建OpenEBS的namespaces,OpenEBS相关资源将创建在这个namespaces下:

    kubectl create ns openebs

  • vi编辑openebs-operator-1.7.0.yaml

    # This manifest deploys the OpenEBS control plane components, with associated CRs & RBAC rules
# NOTE: On GKE, deploy the openebs-operator.yaml in admin context

# Create the OpenEBS namespace
apiVersion: v1
kind: Namespace
metadata:
  name: openebs
---
# Create Maya Service Account
apiVersion: v1
kind: ServiceAccount
metadata:
  name: openebs-maya-operator
  namespace: openebs
---
# Define Role that allows operations on K8s pods/deployments
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: openebs-maya-operator
rules:
- apiGroups: ["*"]
  resources: ["nodes", "nodes/proxy"]
  verbs: ["*"]
- apiGroups: ["*"]
  resources: ["namespaces", "services", "pods", "pods/exec", "deployments", "deployments/finalizers", "replicationcontrollers", "replicasets", "events", "endpoints", "configmaps", "secrets", "jobs", "cronjobs"]
  verbs: ["*"]
- apiGroups: ["*"]
  resources: ["statefulsets", "daemonsets"]
  verbs: ["*"]
- apiGroups: ["*"]
  resources: ["resourcequotas", "limitranges"]
  verbs: ["list", "watch"]
- apiGroups: ["*"]
  resources: ["ingresses", "horizontalpodautoscalers", "verticalpodautoscalers", "certificatesigningrequests"]
  verbs: ["list", "watch"]
- apiGroups: ["*"]
  resources: ["storageclasses", "persistentvolumeclaims", "persistentvolumes"]
  verbs: ["*"]
- apiGroups: ["volumesnapshot.external-storage.k8s.io"]
  resources: ["volumesnapshots", "volumesnapshotdatas"]
  verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["apiextensions.k8s.io"]
  resources: ["customresourcedefinitions"]
  verbs: [ "get", "list", "create", "update", "delete", "patch"]
- apiGroups: ["*"]
  resources: [ "disks", "blockdevices", "blockdeviceclaims"]
  verbs: ["*" ]
- apiGroups: ["*"]
  resources: [ "cstorpoolclusters", "storagepoolclaims", "storagepoolclaims/finalizers", "cstorpoolclusters/finalizers", "storagepools"]
  verbs: ["*" ]
- apiGroups: ["*"]
  resources: [ "castemplates", "runtasks"]
  verbs: ["*" ]
- apiGroups: ["*"]
  resources: [ "cstorpools", "cstorpools/finalizers", "cstorvolumereplicas", "cstorvolumes", "cstorvolumeclaims", "cstorvolumepolicies"]
  verbs: ["*" ]
- apiGroups: ["*"]
  resources: [ "cstorpoolinstances", "cstorpoolinstances/finalizers"]
  verbs: ["*" ]
- apiGroups: ["*"]
  resources: [ "cstorbackups", "cstorrestores", "cstorcompletedbackups"]
  verbs: ["*" ]
- apiGroups: ["coordination.k8s.io"]
  resources: ["leases"]
  verbs: ["get", "watch", "list", "delete", "update", "create"]
- apiGroups: ["admissionregistration.k8s.io"]
  resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"]
  verbs: ["get", "create", "list", "delete", "update", "patch"]
- nonResourceURLs: ["/metrics"]
  verbs: ["get"]
- apiGroups: ["*"]
  resources: ["upgradetasks"]
  verbs: ["*"]
- apiGroups: ["*"]
  resources: ["poddisruptionbudgets"]
  verbs: ["get", "list", "create", "delete", "watch"]
---
# Bind the Service Account with the Role Privileges.
# TODO: Check if default account also needs to be there
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: openebs-maya-operator
subjects:
- kind: ServiceAccount
  name: openebs-maya-operator
  namespace: openebs
roleRef:
  kind: ClusterRole
  name: openebs-maya-operator
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: maya-apiserver
  namespace: openebs
  labels:
    name: maya-apiserver
    openebs.io/component-name: maya-apiserver
    openebs.io/version: 1.7.0
spec:
  selector:
    matchLabels:
      name: maya-apiserver
      openebs.io/component-name: maya-apiserver
  replicas: 1
  strategy:
    type: Recreate
    rollingUpdate: null
  template:
    metadata:
      labels:
        name: maya-apiserver
        openebs.io/component-name: maya-apiserver
        openebs.io/version: 1.7.0
    spec:
      serviceAccountName: openebs-maya-operator
      containers:
      - name: maya-apiserver
        imagePullPolicy: IfNotPresent
        image: quay.io/openebs/m-apiserver:1.7.0
        ports:
        - containerPort: 5656
        env:
        # OPENEBS_IO_KUBE_CONFIG enables maya api service to connect to K8s
        # based on this config. This is ignored if empty.
        # This is supported for maya api server version 0.5.2 onwards
        #- name: OPENEBS_IO_KUBE_CONFIG
        #  value: "/home/ubuntu/.kube/config"
        # OPENEBS_IO_K8S_MASTER enables maya api service to connect to K8s
        # based on this address. This is ignored if empty.
        # This is supported for maya api server version 0.5.2 onwards
        #- name: OPENEBS_IO_K8S_MASTER
        #  value: "http://172.28.128.3:8080"
        # OPENEBS_NAMESPACE provides the namespace of this deployment as an
        # environment variable
        - name: OPENEBS_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        # OPENEBS_SERVICE_ACCOUNT provides the service account of this pod as
        # environment variable
        - name: OPENEBS_SERVICE_ACCOUNT
          valueFrom:
            fieldRef:
              fieldPath: spec.serviceAccountName
        # OPENEBS_MAYA_POD_NAME provides the name of this pod as
        # environment variable
        - name: OPENEBS_MAYA_POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        # If OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG is false then OpenEBS default
        # storageclass and storagepool will not be created.
        - name: OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG
          value: "true"
        # OPENEBS_IO_INSTALL_DEFAULT_CSTOR_SPARSE_POOL decides whether default cstor sparse pool should be
        # configured as a part of openebs installation.
        # If "true" a default cstor sparse pool will be configured, if "false" it will not be configured.
        # This value takes effect only if OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG
        # is set to true
        - name: OPENEBS_IO_INSTALL_DEFAULT_CSTOR_SPARSE_POOL
          value: "false"
        # OPENEBS_IO_BASE_DIR is used to configure base directory for openebs on host path.
        # Where OpenEBS can store required files. Default base path will be /var/openebs
        # - name: OPENEBS_IO_BASE_DIR
        #   value: "/var/openebs"
        # OPENEBS_IO_CSTOR_TARGET_DIR can be used to specify the hostpath
        # to be used for saving the shared content between the side cars
        # of cstor volume pod.
        # The default path used is /var/openebs/sparse
        #- name: OPENEBS_IO_CSTOR_TARGET_DIR
        #  value: "/var/openebs/sparse"
        # OPENEBS_IO_CSTOR_POOL_SPARSE_DIR can be used to specify the hostpath
        # to be used for saving the shared content between the side cars
        # of cstor pool pod. This ENV is also used to indicate the location
        # of the sparse devices.
        # The default path used is /var/openebs/sparse
        #- name: OPENEBS_IO_CSTOR_POOL_SPARSE_DIR
        #  value: "/var/openebs/sparse"
        # OPENEBS_IO_JIVA_POOL_DIR can be used to specify the hostpath
        # to be used for default Jiva StoragePool loaded by OpenEBS
        # The default path used is /var/openebs
        # This value takes effect only if OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG
        # is set to true
        #- name: OPENEBS_IO_JIVA_POOL_DIR
        #  value: "/var/openebs"
        # OPENEBS_IO_LOCALPV_HOSTPATH_DIR can be used to specify the hostpath
        # to be used for default openebs-hostpath storageclass loaded by OpenEBS
        # The default path used is /var/openebs/local
        # This value takes effect only if OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG
        # is set to true
        #- name: OPENEBS_IO_LOCALPV_HOSTPATH_DIR
        #  value: "/var/openebs/local"
        - name: OPENEBS_IO_JIVA_CONTROLLER_IMAGE
          value: "quay.io/openebs/jiva:1.7.1"
        - name: OPENEBS_IO_JIVA_REPLICA_IMAGE
          value: "quay.io/openebs/jiva:1.7.1"
        - name: OPENEBS_IO_JIVA_REPLICA_COUNT
          value: "3"
        - name: OPENEBS_IO_CSTOR_TARGET_IMAGE
          value: "quay.io/openebs/cstor-istgt:1.7.0"
        - name: OPENEBS_IO_CSTOR_POOL_IMAGE
          value: "quay.io/openebs/cstor-pool:1.7.0"
        - name: OPENEBS_IO_CSTOR_POOL_MGMT_IMAGE
          value: "quay.io/openebs/cstor-pool-mgmt:1.7.0"
        - name: OPENEBS_IO_CSTOR_VOLUME_MGMT_IMAGE
          value: "quay.io/openebs/cstor-volume-mgmt:1.7.0"
        - name: OPENEBS_IO_VOLUME_MONITOR_IMAGE
          value: "quay.io/openebs/m-exporter:1.7.0"
        - name: OPENEBS_IO_CSTOR_POOL_EXPORTER_IMAGE
          value: "quay.io/openebs/m-exporter:1.7.0"
        - name: OPENEBS_IO_HELPER_IMAGE
          value: "quay.io/openebs/linux-utils:1.7.0"
        # OPENEBS_IO_ENABLE_ANALYTICS if set to true sends anonymous usage
        # events to Google Analytics
        - name: OPENEBS_IO_ENABLE_ANALYTICS
          value: "true"
        - name: OPENEBS_IO_INSTALLER_TYPE
          value: "openebs-operator"
        # OPENEBS_IO_ANALYTICS_PING_INTERVAL can be used to specify the duration (in hours)
        # for periodic ping events sent to Google Analytics.
        # Default is 24h.
        # Minimum is 1h. You can convert this to weekly by setting 168h
        #- name: OPENEBS_IO_ANALYTICS_PING_INTERVAL
        #  value: "24h"
        livenessProbe:
          exec:
            command:
            - /usr/local/bin/mayactl
            - version
          initialDelaySeconds: 30
          periodSeconds: 60
        readinessProbe:
          exec:
            command:
            - /usr/local/bin/mayactl
            - version
          initialDelaySeconds: 30
          periodSeconds: 60
---
apiVersion: v1
kind: Service
metadata:
  name: maya-apiserver-service
  namespace: openebs
  labels:
    openebs.io/component-name: maya-apiserver-svc
spec:
  ports:
  - name: api
    port: 5656
    protocol: TCP
    targetPort: 5656
  selector:
    name: maya-apiserver
  sessionAffinity: None
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: openebs-provisioner
  namespace: openebs
  labels:
    name: openebs-provisioner
    openebs.io/component-name: openebs-provisioner
    openebs.io/version: 1.7.0
spec:
  selector:
    matchLabels:
      name: openebs-provisioner
      openebs.io/component-name: openebs-provisioner
  replicas: 1
  strategy:
    type: Recreate
    rollingUpdate: null
  template:
    metadata:
      labels:
        name: openebs-provisioner
        openebs.io/component-name: openebs-provisioner
        openebs.io/version: 1.7.0
    spec:
      serviceAccountName: openebs-maya-operator
      containers:
      - name: openebs-provisioner
        imagePullPolicy: IfNotPresent
        image: quay.io/openebs/openebs-k8s-provisioner:1.7.0
        env:
        # OPENEBS_IO_K8S_MASTER enables openebs provisioner to connect to K8s
        # based on this address. This is ignored if empty.
        # This is supported for openebs provisioner version 0.5.2 onwards
        #- name: OPENEBS_IO_K8S_MASTER
        #  value: "http://10.128.0.12:8080"
        # OPENEBS_IO_KUBE_CONFIG enables openebs provisioner to connect to K8s
        # based on this config. This is ignored if empty.
        # This is supported for openebs provisioner version 0.5.2 onwards
        #- name: OPENEBS_IO_KUBE_CONFIG
        #  value: "/home/ubuntu/.kube/config"
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        - name: OPENEBS_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        # OPENEBS_MAYA_SERVICE_NAME provides the maya-apiserver K8s service name,
        # that provisioner should forward the volume create/delete requests.
        # If not present, "maya-apiserver-service" will be used for lookup.
        # This is supported for openebs provisioner version 0.5.3-RC1 onwards
        #- name: OPENEBS_MAYA_SERVICE_NAME
        #  value: "maya-apiserver-apiservice"
        livenessProbe:
          exec:
            command:
            - pgrep
            - ".*openebs"
          initialDelaySeconds: 30
          periodSeconds: 60
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: openebs-snapshot-operator
  namespace: openebs
  labels:
    name: openebs-snapshot-operator
    openebs.io/component-name: openebs-snapshot-operator
    openebs.io/version: 1.7.0
spec:
  selector:
    matchLabels:
      name: openebs-snapshot-operator
      openebs.io/component-name: openebs-snapshot-operator
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        name: openebs-snapshot-operator
        openebs.io/component-name: openebs-snapshot-operator
        openebs.io/version: 1.7.0
    spec:
      serviceAccountName: openebs-maya-operator
      containers:
        - name: snapshot-controller
          image: quay.io/openebs/snapshot-controller:1.7.0
          imagePullPolicy: IfNotPresent
          env:
          - name: OPENEBS_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
          livenessProbe:
            exec:
              command:
              - pgrep
              - ".*controller"
            initialDelaySeconds: 30
            periodSeconds: 60
        # OPENEBS_MAYA_SERVICE_NAME provides the maya-apiserver K8s service name,
        # that snapshot controller should forward the snapshot create/delete requests.
        # If not present, "maya-apiserver-service" will be used for lookup.
        # This is supported for openebs provisioner version 0.5.3-RC1 onwards
        #- name: OPENEBS_MAYA_SERVICE_NAME
        #  value: "maya-apiserver-apiservice"
        - name: snapshot-provisioner
          image: quay.io/openebs/snapshot-provisioner:1.7.0
          imagePullPolicy: IfNotPresent
          env:
          - name: OPENEBS_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
        # OPENEBS_MAYA_SERVICE_NAME provides the maya-apiserver K8s service name,
        # that snapshot provisioner  should forward the clone create/delete requests.
        # If not present, "maya-apiserver-service" will be used for lookup.
        # This is supported for openebs provisioner version 0.5.3-RC1 onwards
        #- name: OPENEBS_MAYA_SERVICE_NAME
        #  value: "maya-apiserver-apiservice"
          livenessProbe:
            exec:
              command:
              - pgrep
              - ".*provisioner"
            initialDelaySeconds: 30
            periodSeconds: 60
---
# This is the node-disk-manager related config.
# It can be used to customize the disks probes and filters
apiVersion: v1
kind: ConfigMap
metadata:
  name: openebs-ndm-config
  namespace: openebs
  labels:
    openebs.io/component-name: ndm-config
data:
  # udev-probe is default or primary probe which should be enabled to run ndm
  # filterconfigs contails configs of filters - in their form fo include
  # and exclude comma separated strings
  node-disk-manager.config: |
    probeconfigs:
      - key: udev-probe
        name: udev probe
        state: true
      - key: seachest-probe
        name: seachest probe
        state: false
      - key: smart-probe
        name: smart probe
        state: true
    filterconfigs:
      - key: os-disk-exclude-filter
        name: os disk exclude filter
        state: true
        exclude: "/,/etc/hosts,/boot"
      - key: vendor-filter
        name: vendor filter
        state: true
        include: ""
        exclude: "CLOUDBYT,OpenEBS"
      - key: path-filter
        name: path filter
        state: true
        include: ""
        exclude: "loop,/dev/fd0,/dev/sr0,/dev/ram,/dev/dm-,/dev/md"
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: openebs-ndm
  namespace: openebs
  labels:
    name: openebs-ndm
    openebs.io/component-name: ndm
    openebs.io/version: 1.7.0
spec:
  selector:
    matchLabels:
      name: openebs-ndm
      openebs.io/component-name: ndm
  updateStrategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        name: openebs-ndm
        openebs.io/component-name: ndm
        openebs.io/version: 1.7.0
    spec:
      # By default the node-disk-manager will be run on all kubernetes nodes
      # If you would like to limit this to only some nodes, say the nodes
      # that have storage attached, you could label those node and use
      # nodeSelector.
      #
      # e.g. label the storage nodes with - "openebs.io/nodegroup"="storage-node"
      # kubectl label node  "openebs.io/nodegroup"="storage-node"
      #nodeSelector:
      #  "openebs.io/nodegroup": "storage-node"
      serviceAccountName: openebs-maya-operator
      hostNetwork: true
      containers:
      - name: node-disk-manager
        image: quay.io/openebs/node-disk-manager-amd64:v0.4.7
        imagePullPolicy: Always
        securityContext:
          privileged: true
        volumeMounts:
        - name: config
          mountPath: /host/node-disk-manager.config
          subPath: node-disk-manager.config
          readOnly: true
        - name: udev
          mountPath: /run/udev
        - name: procmount
          mountPath: /host/proc
          readOnly: true
        - name: basepath
          mountPath: /var/openebs/ndm
        - name: sparsepath
          mountPath: /var/openebs/sparse
        env:
        # namespace in which NDM is installed will be passed to NDM Daemonset
        # as environment variable
        - name: NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        # pass hostname as env variable using downward API to the NDM container
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        # specify the directory where the sparse files need to be created.
        # if not specified, then sparse files will not be created.
        - name: SPARSE_FILE_DIR
          value: "/var/openebs/sparse"
        # Size(bytes) of the sparse file to be created.
        - name: SPARSE_FILE_SIZE
          value: "10737418240"
        # Specify the number of sparse files to be created
        - name: SPARSE_FILE_COUNT
          value: "0"
        livenessProbe:
          exec:
            command:
            - pgrep
            - ".*ndm"
          initialDelaySeconds: 30
          periodSeconds: 60
      volumes:
      - name: config
        configMap:
          name: openebs-ndm-config
      - name: udev
        hostPath:
          path: /run/udev
          type: Directory
      # mount /proc (to access mount file of process 1 of host) inside container
      # to read mount-point of disks and partitions
      - name: procmount
        hostPath:
          path: /proc
          type: Directory
      - name: basepath
        hostPath:
          path: /var/openebs/ndm
          type: DirectoryOrCreate
      - name: sparsepath
        hostPath:
          path: /var/openebs/sparse
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: openebs-ndm-operator
  namespace: openebs
  labels:
    name: openebs-ndm-operator
    openebs.io/component-name: ndm-operator
    openebs.io/version: 1.7.0
spec:
  selector:
    matchLabels:
      name: openebs-ndm-operator
      openebs.io/component-name: ndm-operator
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        name: openebs-ndm-operator
        openebs.io/component-name: ndm-operator
        openebs.io/version: 1.7.0
    spec:
      serviceAccountName: openebs-maya-operator
      containers:
        - name: node-disk-operator
          image: quay.io/openebs/node-disk-operator-amd64:v0.4.7
          imagePullPolicy: Always
          readinessProbe:
            exec:
              command:
                - stat
                - /tmp/operator-sdk-ready
            initialDelaySeconds: 4
            periodSeconds: 10
            failureThreshold: 1
          env:
            - name: WATCH_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: POD_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
            # the service account of the ndm-operator pod
            - name: SERVICE_ACCOUNT
              valueFrom:
                fieldRef:
                  fieldPath: spec.serviceAccountName
            - name: OPERATOR_NAME
              value: "node-disk-operator"
            - name: CLEANUP_JOB_IMAGE
              value: "quay.io/openebs/linux-utils:1.7.0"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: openebs-admission-server
  namespace: openebs
  labels:
    app: admission-webhook
    openebs.io/component-name: admission-webhook
    openebs.io/version: 1.7.0
spec:
  replicas: 1
  strategy:
    type: Recreate
    rollingUpdate: null
  selector:
    matchLabels:
      app: admission-webhook
  template:
    metadata:
      labels:
        app: admission-webhook
        openebs.io/component-name: admission-webhook
        openebs.io/version: 1.7.0
    spec:
      serviceAccountName: openebs-maya-operator
      containers:
        - name: admission-webhook
          image: quay.io/openebs/admission-server:1.7.0
          imagePullPolicy: IfNotPresent
          args:
            - -alsologtostderr
            - -v=2
            - 2>&1
          env:
            - name: OPENEBS_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: ADMISSION_WEBHOOK_NAME
              value: "openebs-admission-server"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: openebs-localpv-provisioner
  namespace: openebs
  labels:
    name: openebs-localpv-provisioner
    openebs.io/component-name: openebs-localpv-provisioner
    openebs.io/version: 1.7.0
spec:
  selector:
    matchLabels:
      name: openebs-localpv-provisioner
      openebs.io/component-name: openebs-localpv-provisioner
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        name: openebs-localpv-provisioner
        openebs.io/component-name: openebs-localpv-provisioner
        openebs.io/version: 1.7.0
    spec:
      serviceAccountName: openebs-maya-operator
      containers:
      - name: openebs-provisioner-hostpath
        imagePullPolicy: Always
        image: quay.io/openebs/provisioner-localpv:1.7.0
        env:
        # OPENEBS_IO_K8S_MASTER enables openebs provisioner to connect to K8s
        # based on this address. This is ignored if empty.
        # This is supported for openebs provisioner version 0.5.2 onwards
        #- name: OPENEBS_IO_K8S_MASTER
        #  value: "http://10.128.0.12:8080"
        # OPENEBS_IO_KUBE_CONFIG enables openebs provisioner to connect to K8s
        # based on this config. This is ignored if empty.
        # This is supported for openebs provisioner version 0.5.2 onwards
        #- name: OPENEBS_IO_KUBE_CONFIG
        #  value: "/home/ubuntu/.kube/config"
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        - name: OPENEBS_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        # OPENEBS_SERVICE_ACCOUNT provides the service account of this pod as
        # environment variable
        - name: OPENEBS_SERVICE_ACCOUNT
          valueFrom:
            fieldRef:
              fieldPath: spec.serviceAccountName
        - name: OPENEBS_IO_ENABLE_ANALYTICS
          value: "true"
        - name: OPENEBS_IO_INSTALLER_TYPE
          value: "openebs-operator"
        - name: OPENEBS_IO_HELPER_IMAGE
          value: "quay.io/openebs/linux-utils:1.7.0"
        livenessProbe:
          exec:
            command:
            - pgrep
            - ".*localpv"
          initialDelaySeconds: 30
          periodSeconds: 60
---

  • 执行

    kubectl apply -f openebs-operator-1.7.0.yaml

kubectl get sc
#发现No resources found in default namespace.

kubectl get pods --all-namespaces
#等待所有openebs的状态都是Running

  • 将openebs-hostpath设置为默认的StorageClass

    kubectl patch storageclass openebs-hostpath -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

  • 查看

    [root@k8s-node1 k8s]# kubectl get sc
NAME                         PROVISIONER                                                RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
openebs-device               openebs.io/local                                           Delete          WaitForFirstConsumer   false                  4m19s
openebs-hostpath (default)   openebs.io/local                                           Delete          WaitForFirstConsumer   false                  4m19s
openebs-jiva-default         openebs.io/provisioner-iscsi                               Delete          Immediate              false                  4m19s
openebs-snapshot-promoter    volumesnapshot.external-storage.k8s.io/snapshot-promoter   Delete          Immediate              false                  4m19s

  • 至此openEBS的LocalPV已作为默认的存储类型创建成功。由于开头手动去掉了master节点的Taint,可以在安装玩OpenEBS后将master节点的Taint加上,避免业务相关的工作负载调度到master节点抢占master资源 (master节点名字要改成自己的)

    kubectl taint nodes master node-role.kubernetes.io=master:NoSchedule

你可能感兴趣的:(网络,linux,运维)

  • android系统selinux中添加新属性property 辉色投像
    1.定位/android/system/sepolicy/private/property_contexts声明属性开头:persist.charge声明属性类型:u:object_r:system_prop:s0图12.定位到android/system/sepolicy/public/domain.te删除neverallow{domain-init}default_prop:property
  • Linux下QT开发的动态库界面弹出操作(SDL2) 13jjyao QT类qt开发语言sdl2linux
    需求:操作系统为linux,开发框架为qt,做成需带界面的qt动态库,调用方为java等非qt程序难点:调用方为java等非qt程序,也就是说调用方肯定不带QApplication::exec(),缺少了这个,QTimer等事件和QT创建的窗口将不能弹出(包括opencv也是不能弹出);这与qt调用本身qt库是有本质的区别的思路:1.调用方缺QApplication::exec(),那么我们在接口
  • linux sdl windows.h,Windows下的SDL安装 奔跑吧linux内核 linuxsdlwindows.h
    首先你要下载并安装SDL开发包。如果装在C盘下,路径为C:\SDL1.2.5如果在WINDOWS下。你可以按以下步骤:1.打开VC++,点击"Tools",Options2,点击directories选项3.选择"Includefiles"增加一个新的路径。"C:\SDL1.2.5\include"4,现在选择"Libaryfiles“增加"C:\SDL1.2.5\lib"现在你可以开始编写你的第
  • linux中sdl的使用教程,sdl使用入门 Melissa Corvinus linux中sdl的使用教程
    本文通过一个简单示例讲解SDL的基本使用流程。示例中展示一个窗口,窗口里面有个随机颜色快随机移动。当我们鼠标点击关闭按钮时间窗口关闭。基本步骤如下:1.初始化SDL并创建一个窗口。SDL_Init()初始化SDL_CreateWindow()创建窗口2.纹理渲染存储RGB和存储纹理的区别:比如一个从左到右由红色渐变到蓝色的矩形,用存储RGB的话就需要把矩形中每个点的具体颜色值存储下来;而纹理只是一
  • PHP环境搭建详细教程 好看资源平台 前端php
    PHP是一个流行的服务器端脚本语言,广泛用于Web开发。为了使PHP能够在本地或服务器上运行,我们需要搭建一个合适的PHP环境。本教程将结合最新资料,介绍在不同操作系统上搭建PHP开发环境的多种方法,包括Windows、macOS和Linux系统的安装步骤,以及本地和Docker环境的配置。1.PHP环境搭建概述PHP环境的搭建主要分为以下几类:集成开发环境:例如XAMPP、WAMP、MAMP,这
  • 基于社交网络算法优化的二维最大熵图像分割 智能算法研学社(Jack旭) 智能优化算法应用图像分割算法php开发语言
    智能优化算法应用:基于社交网络优化的二维最大熵图像阈值分割-附代码文章目录智能优化算法应用:基于社交网络优化的二维最大熵图像阈值分割-附代码1.前言2.二维最大熵阈值分割原理3.基于社交网络优化的多阈值分割4.算法结果:5.参考文献:6.Matlab代码摘要:本文介绍基于最大熵的图像分割,并且应用社交网络算法进行阈值寻优。1.前言阅读此文章前,请阅读《图像分割:直方图区域划分及信息统计介绍》htt
  • 使用 FinalShell 进行远程连接(ssh 远程连接 Linux 服务器) 编程经验分享 开发工具服务器sshlinux
    目录前言基本使用教程新建远程连接连接主机自定义命令路由追踪前言后端开发,必然需要和服务器打交道,部署应用,排查问题,查看运行日志等等。一般服务器都是集中部署在机房中,也有一些直接是云服务器,总而言之,程序员不可能直接和服务器直接操作,一般都是通过ssh连接来登录服务器。刚接触远程连接时,使用的是XSHELL来远程连接服务器,连接上就能够操作远程服务器了,但是仅用XSHELL并没有上传下载文件的功能
  • 2023-04-17|篮球女孩 长一木
    1小学抑或初中阶段,在课外书了解到她的故事。“篮球女孩”。当时佩服她的顽强,也对生命多了一丝敬畏。今天刚好在公众号看到,长大后的“篮球女孩”。佩服之余又满是心疼。网络侵删祝那素未蒙面的女孩,未来一切顺遂。
  • 在一台Ubuntu计算机上构建Hyperledger Fabric网络 落叶无声9 区块链超级账本Hyperledgerfabric区块链ubuntu构建hyperledgerfabric
    在一台Ubuntu计算机上构建HyperledgerFabric网络Hyperledgerfabric是一个开源的区块链应用程序平台,为开发基于区块链的应用程序提供了一个起点。当我们提到HyperledgerFabric网络时,我们指的是使用HyperledgerFabric的正在运行的系统。即使只使用最少数量的组件,部署Fabric网络也不是一件容易的事。Fabric社区创建了一个名为Cello
  • libyuv之linux编译 jaronho Linuxlinux运维服务器
    文章目录一、下载源码二、编译源码三、注意事项1、银河麒麟系统(aarch64)(1)解决armv8-a+dotprod+i8mm指令集支持问题(2)解决armv9-a+sve2指令集支持问题一、下载源码到GitHub网站下载https://github.com/lemenkov/libyuv源码,或者用直接用git克隆到本地,如:gitclonehttps://github.com/lemenko
  • 【华为OD技术面试真题 - 技术面】-测试八股文真题题库(1) 算法大师 华为od面试python算法前端
    华为OD面试真题精选专栏:华为OD面试真题精选目录:2024华为OD面试手撕代码真题目录以及八股文真题目录文章目录华为OD面试真题精选1.黑盒测试和白盒测试的区别2.假设我们公司现在开发一个类似于微信的软件1.0版本,现在要你测试这个功能:打开聊天窗口,输入文本,限制字数在200字以内。问你怎么提取测试点。功能测试性能测试安全性测试可用性测试跨平台兼容性测试网络环境测试3.接口测试的工具你了解哪些
  • ARM驱动学习之5 LEDS驱动 JT灬新一 嵌入式C底层arm开发学习单片机
    ARM驱动学习之5LEDS驱动知识点:•linuxGPIO申请函数和赋值函数–gpio_request–gpio_set_value•三星平台配置GPIO函数–s3c_gpio_cfgpin•GPIO配置输出模式的宏变量–S3C_GPIO_OUTPUT注意点:DRIVER_NAME和DEVICE_NAME匹配。实现步骤:1.加入需要的头文件://Linux平台的gpio头文件#include//三
  • 【华为OD技术面试真题精选 - 非技术题】 -HR面,综合面_华为od hr面 一个射手座的程序媛 程序员华为od面试职场和发展
    最后的话最近很多小伙伴找我要Linux学习资料,于是我翻箱倒柜,整理了一些优质资源,涵盖视频、电子书、PPT等共享给大家!资料预览给大家整理的视频资料:给大家整理的电子书资料:如果本文对你有帮助,欢迎点赞、收藏、转发给朋友,让我有持续创作的动力!网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。需要这份系统化的资料的朋友,可以点击这里获
  • 《在战“疫”中成长致敬生活》观后感 梅子刘的刀
    (作者:周晨)今天上午,我看了“我是接班人”网络大课堂《在战役中成长致敬生活》。有很多人拿出自己攒下的钱,默默地捐给了武汉,有几千块钱的、有几万块钱的,也有十几万块钱的。连小朋友也把自己的压岁钱捐给了武汉。有名环卫工人把自己五年的积蓄全部捐给了武汉。有名外卖小哥为医护人员买鞋子送吃的。还有已经治愈出院的新型肺炎病人捐了400毫升的血浆。还有位叫大树的叔叔,虽然他没有钱,但是他地里有蔬菜,捐了几大卡
  • 简介Shell、zsh、bash zhaosuningsn Shellzshbashshelllinuxbash
    Shell是Linux和Unix的外壳,类似衣服,负责外界与Linux和Unix内核的交互联系。例如接收终端用户及各种应用程序的命令,把接收的命令翻译成内核能理解的语言,传递给内核,并把内核处理接收的命令的结果返回给外界,即Shell是外界和内核沟通的桥梁或大门。Linux和Unix提供了多种Shell,其中有种bash,当然还有其他好多种。Mac电脑中不但有bash,还有一个zsh,预装的,据说
  • Linux MariaDB使用OpenSSL安装SSL证书 Meta39 MySQLOracleMariaDBLinuxWindowsssllinuxmariadb
    进入到证书存放目录,批量删除.pem证书警告:确保已经进入到证书存放目录find.-typef-iname\*.pem-delete查看是否安装OpenSSLopensslversion没有则安装yuminstallopensslopenssl-devel开启SSL编辑/etc/my.cnf文件(没有的话就创建,但是要注意,在/etc/my.cnf.d/server.cnf配置了datadir的,
  • 中原焦点团队网络初中级30期阴丽丽坚持分享第三百八十八次2022.10.18分享 约练次数(74) 咨询师(6) 来访者(53) 观察者(15) 阴丽丽
    今天是忙碌的一天,一早起来,总想着找点把事情弄完,可总也弄不完。就这样弄着吧!孩子的事,自己的事都在那里搁置着,不想做,有点欧!今天总体还不错,只是在下午起床时走神了俩小时,也算是给自己的放松吧!今日难得1.儿子乖巧、听话,努力配合,一天下来也是忙忙碌碌,这真的很难得!2.儿子今天录的视频被班主任认可,这真的很难得3.我今天早上做核酸时,自己把教案整了一下,这真的很难得
  • 网络编程基础 记得开心一点啊 网络
    目录♫什么是网络编程♫Socket套接字♪什么是Socket套接字♪数据报套接字♪流套接字♫数据报套接字通信模型♪数据报套接字通讯模型♪DatagramSocket♪DatagramPacket♪实现UDP的服务端代码♪实现UDP的客户端代码♫流套接字通信模型♪流套接字通讯模型♪ServerSocket♪Socket♪实现TCP的服务端代码♪实现TCP的客户端代码♫什么是网络编程网络编程,指网络上
  • 【从浅识到熟知Linux】Linux发展史 Jammingpro 从浅学到熟知Linuxlinux运维服务器
    归属专栏:从浅学到熟知Linux个人主页:Jammingpro每日努力一点点,技术变化看得见文章前言:本篇文章记录Linux发展的历史,因在介绍Linux过程中涉及的其他操作系统及人物,本文对相关内容也有所介绍。文章目录Unix发展史Linux发展史开源Linux官网企业应用情况发行版本在学习Linux前,我们可能都会问Linux从哪里来?它是如何发展的。但在介绍Linux之前,需要先介绍一下Un
  • 多子女家庭问题 3e5c5362403c
    杨宁宁焦点解决网络初17中19坚持分享589天(2021.3.20)本周约练我1次,总计166次,读书打卡第256天案例督导收获:【家有老大篇】被爱与高期待下的独舞家里的第一个孩子往往集万千宠爱于一身。爸爸妈妈、爷爷奶奶、姥姥姥爷的目光都聚焦在他的身上。在这种光环下长大的孩子,就如小皇帝一般,衣来伸手、饭来张口。拥有爱的同时,也意味着拥有了更高的被期待,父母会花血本给你报各种各样的早教班,给你买各
  • 父母教育孩子的方式,将影响孩子一生 树英教育
    为什么有些孩子总是充满自信与快乐?独立、有主见又坚强?而有些孩子却自卑、胆怯,软弱又过度依赖父母?为什么有些孩子总是健康、阳光又富于创造力?而有些孩子却悲观、孤僻又思想空乏?一个孩子的行为取决于孩子的思想,思想取决于环境和自己的认知,认知取决于教育。父母是孩子人生中的第一位教育者,父母养育孩子的方式,将决定他们人生的高度,影响他们的一生。网络图,侵权即删优秀的父母就像园丁,既要浇水施肥,又要修剪杂
  • linux 发展史 种树的猴子 内核java操作系统linux大数据
    linux发展史说明此前对linux认识模糊一知半解,近期通过学习将自己对于linux的发展总结一下方便大家日后的学习。那Linux是目前一款非常火热的开源操作系统,可是linux是什么时候出现的,又是因为什么样的原因被开发出来的呢。以下将对linux的发展历程进行详细的讲解。目录一、Linux发展背景二、UINIX的诞生三、UNIX的重要分支-BSD的诞生四、Minix的诞生五、GNU与Free
  • Linux sh命令 fengyehongWorld Linuxlinux
    目录一.基本语法二.选项2.1-c字符串中读取内容,并执行2.1.1基本用法2.1.2获取当前目录下失效的超链接2.2-x每个命令执行之前,将其打印出来2.3结合Here文档使用一.基本语法⏹Linux和Unix系统中用于执行shell脚本或运行命令的命令。sh[选项][脚本文件][参数...]⏹选项-c:从字符串中读取内容,并执行。-x:在每个命令执行之前,将其打印出来。-s:从标准流中读取内容
  • Linux vi常用命令 fengyehongWorld Linuxlinux
    参考资料viコマンド(vimコマンド)リファレンス目录一.保存系命令二.删除系命令三.移动系命令四.复制粘贴系命令一.保存系命令⏹保存并退出:wq⏹强制保存并退出:wq!⏹退出(文件未编辑):q⏹强制退出(忽略已编辑内容):q!⏹另存为:w新文件名二.删除系命令⏹删除当前行dd⏹清空整个文档gg:移动到文档顶部dG:删除到最后一行ggdG三.移动系命令⏹移动到文档顶部gg⏹移动到文档底部#方式1G
  • 2024.9.6 Python,华为笔试题总结,字符串格式化,字符串操作,广度优先搜索解决公司组织绩效互评问题,无向图 RaidenQ python华为leetcode算法力扣广度优先无向图
    1.字符串格式化name="Alice"age=30formatted_string="Name:{},Age:{}".format(name,age)print(formatted_string)或者name="Alice"age=30formatted_string=f"Name:{name},Age:{age}"print(formatted_string)2.网络健康检查第一行有两个整数m
  • 戴容容 中原焦点团队.网络初级第33期,坚持分享第19天 2022年3月9日 TessDai
    《每个人眼中的世界都是不同的》“一千个人眼里有一千个哈姆雷特”世界是多元的,每个人都有自己的道理,人人按照自己的理解去看待这个世界的人和物.我们如此,其他人也是如此.因此,任何事情,我们要放下自己以为的真理,去理解他人认为的真理,只有同频方能共振.孩子在慢慢长大的过程中慢慢学会独立,甚至对抗.尤其当孩子处于青春期的时候,他们开始有很多自己独立的想法,和一些特立独行的做法,家长常常会觉得不可思议,觉
  • 第1步win10宿主机与虚拟机通过NAT共享上网互通 学习3人组 大数据大数据
    VM的CentOS采用NAT共用宿主机网卡宿主机器无法连接到虚拟CentOS要实现宿主机与虚拟机通信,原理就是给宿主机的网卡配置一个与虚拟机网关相同网段的IP地址,实现可以互通。1、查看虚拟机的IP地址2、编辑虚拟机的虚拟网络的NAT和DHCP的配置,设置虚拟机的网卡选择NAT共享模式3、宿主机的IP配置,确保vnet8的IPV4属性与虚拟机在同一网段4、ping测试连通性[root@localh
  • 网络通信流程 记得开心一点啊 服务器网络运维
    目录♫IP地址♫子网掩码♫MAC地址♫相关设备♫ARP寻址♫网络通信流程♫IP地址我们已经知道IP地址由网络号+主机号组成,根据IP地址的不同可以有5钟划分网络号和主机号的方案:其中,各类地址的表示范围是:分类范围适用网络网络数量主机最大连接数A类0.0.0.0~127.255.255.255大型网络12616777214【(2^24)-2】B类128.0.0.0~191.255.255.255中
  • Java爬虫框架(一)--架构设计 狼图腾-狼之传说 java框架java任务html解析器存储电子商务
    一、架构图那里搜网络爬虫框架主要针对电子商务网站进行数据爬取,分析,存储,索引。爬虫:爬虫负责爬取,解析,处理电子商务网站的网页的内容数据库:存储商品信息索引:商品的全文搜索索引Task队列:需要爬取的网页列表Visited表:已经爬取过的网页列表爬虫监控平台:web平台可以启动,停止爬虫,管理爬虫,task队列,visited表。二、爬虫1.流程1)Scheduler启动爬虫器,TaskMast
  • Linux查看服务器日志 TPBoreas 运维linux运维
    一、tail这个是我最常用的一种查看方式用法如下:tail-n10test.log查询日志尾部最后10行的日志;tail-n+10test.log查询10行之后的所有日志;tail-fn10test.log循环实时查看最后1000行记录(最常用的)一般还会配合着grep用,(实时抓包)例如:tail-fn1000test.log|grep'关键字'(动态抓包)tail-fn1000test.log
  • Spring4.1新特性——Spring MVC增强 jinnianshilongnian spring 4.1
    目录 Spring4.1新特性——综述 Spring4.1新特性——Spring核心部分及其他 Spring4.1新特性——Spring缓存框架增强 Spring4.1新特性——异步调用和事件机制的异常处理 Spring4.1新特性——数据库集成测试脚本初始化 Spring4.1新特性——Spring MVC增强 Spring4.1新特性——页面自动化测试框架Spring MVC T
  • mysql 性能查询优化 annan211 javasql优化mysql应用服务器
    1 时间到底花在哪了? mysql在执行查询的时候需要执行一系列的子任务,这些子任务包含了整个查询周期最重要的阶段,这其中包含了大量为了 检索数据列到存储引擎的调用以及调用后的数据处理,包括排序、分组等。在完成这些任务的时候,查询需要在不同的地方 花费时间,包括网络、cpu计算、生成统计信息和执行计划、锁等待等。尤其是向底层存储引擎检索数据的调用操作。这些调用需要在内存操
  • windows系统配置 cherishLC windows
    删除Hiberfil.sys :使用命令powercfg -h off 关闭休眠功能即可: http://jingyan.baidu.com/article/f3ad7d0fc0992e09c2345b51.html 类似的还有pagefile.sys msconfig 配置启动项 shutdown 定时关机 ipconfig 查看网络配置 ipconfig /flushdns
  • 人体的排毒时间 Array_06 工作
    ======================== ||  人体的排毒时间是什么时候?|| ======================== 转载于: http://zhidao.baidu.com/link?url=ibaGlicVslAQhVdWWVevU4TMjhiKaNBWCpZ1NS6igCQ78EkNJZFsEjCjl3T5EdXU9SaPg04bh8MbY1bR
  • ZooKeeper cugfy zookeeper
    Zookeeper是一个高性能,分布式的,开源分布式应用协调服务。它提供了简单原始的功能,分布式应用可以基于它实现更高级的服务,比如同步, 配置管理,集群管理,名空间。它被设计为易于编程,使用文件系统目录树作为数据模型。服务端跑在java上,提供java和C的客户端API。 Zookeeper是Google的Chubby一个开源的实现,是高有效和可靠的协同工作系统,Zookeeper能够用来lea
  • 网络爬虫的乱码处理 随意而生 爬虫网络
    下边简单总结下关于网络爬虫的乱码处理。注意,这里不仅是中文乱码,还包括一些如日文、韩文 、俄文、藏文之类的乱码处理,因为他们的解决方式 是一致的,故在此统一说明。     网络爬虫,有两种选择,一是选择nutch、hetriex,二是自写爬虫,两者在处理乱码时,原理是一致的,但前者处理乱码时,要看懂源码后进行修改才可以,所以要废劲一些;而后者更自由方便,可以在编码处理
  • Xcode常用快捷键 张亚雄 xcode
    一、总结的常用命令:     隐藏xcode command+h     退出xcode command+q     关闭窗口 command+w     关闭所有窗口 command+option+w     关闭当前
  • mongoDB索引操作 adminjun mongodb索引
    一、索引基础:    MongoDB的索引几乎与传统的关系型数据库一模一样,这其中也包括一些基本的优化技巧。下面是创建索引的命令:    > db.test.ensureIndex({"username":1})    可以通过下面的名称查看索引是否已经成功建立: &nbs
  • 成都软件园实习那些话 aijuans 成都 软件园 实习
    无聊之中,翻了一下日志,发现上一篇经历是很久以前的事了,悔过~~   断断续续离开了学校快一年了,习惯了那里一天天的幼稚、成长的环境,到这里有点与世隔绝的感觉。不过还好,那是刚到这里时的想法,现在感觉在这挺好,不管怎么样,最要感谢的还是老师能给这么好的一次催化成长的机会,在这里确实看到了好多好多能想到或想不到的东西。   都说在外面和学校相比最明显的差距就是与人相处比较困难,因为在外面每个人都
  • Linux下FTP服务器安装及配置 ayaoxinchao linuxFTP服务器vsftp
    检测是否安装了FTP [root@localhost ~]# rpm -q vsftpd 如果未安装:package vsftpd is not installed  安装了则显示:vsftpd-2.0.5-28.el5累死的版本信息   安装FTP 运行yum install vsftpd命令,如[root@localhost ~]# yum install vsf
  • 使用mongo-java-driver获取文档id和查找文档 BigBird2012 driver
    注:本文所有代码都使用的mongo-java-driver实现。   在MongoDB中,一个集合(collection)在概念上就类似我们SQL数据库中的表(Table),这个集合包含了一系列文档(document)。一个DBObject对象表示我们想添加到集合(collection)中的一个文档(document),MongoDB会自动为我们创建的每个文档添加一个id,这个id在
  • JSONObject以及json串 bijian1013 jsonJSONObject
    一.JAR包简介     要使程序可以运行必须引入JSON-lib包,JSON-lib包同时依赖于以下的JAR包:     1.commons-lang-2.0.jar     2.commons-beanutils-1.7.0.jar     3.commons-collections-3.1.jar &n
  • [Zookeeper学习笔记之三]Zookeeper实例创建和会话建立的异步特性 bit1129 zookeeper
    为了说明问题,看个简单的代码,   import org.apache.zookeeper.*; import java.io.IOException; import java.util.concurrent.CountDownLatch; import java.util.concurrent.ThreadLocal
  • 【Scala十二】Scala核心六:Trait bit1129 scala
    Traits are a fundamental unit of code reuse in Scala. A trait encapsulates method and field definitions, which can then be reused by mixing them into classes. Unlike class inheritance, in which each c
  • weblogic version 10.3破解 ronin47 weblogic
    版本:WebLogic Server 10.3 说明:%DOMAIN_HOME%:指WebLogic Server 域(Domain)目录 例如我的做测试的域的根目录 DOMAIN_HOME=D:/Weblogic/Middleware/user_projects/domains/base_domain 1.为了保证操作安全,备份%DOMAIN_HOME%/security/Defa
  • 求第n个斐波那契数 BrokenDreams
            今天看到群友发的一个问题:写一个小程序打印第n个斐波那契数。         自己试了下,搞了好久。。。基础要加强了。           &nbs
  • 读《研磨设计模式》-代码笔记-访问者模式-Visitor bylijinnan java设计模式
    声明: 本文只为方便我个人查阅和理解,详细的分析以及源代码请移步 原作者的博客http://chjavach.iteye.com/ import java.util.ArrayList; import java.util.List; interface IVisitor { //第二次分派,Visitor调用Element void visitConcret
  • MatConvNet的excise 3改为网络配置文件形式 cherishLC matlab
    MatConvNet为vlFeat作者写的matlab下的卷积神经网络工具包,可以使用GPU。 主页: http://www.vlfeat.org/matconvnet/ 教程: http://www.robots.ox.ac.uk/~vgg/practicals/cnn/index.html 注意:需要下载新版的MatConvNet替换掉教程中工具包中的matconvnet: http
  • ZK Timeout再讨论 chenchao051 zookeepertimeouthbase
    http://crazyjvm.iteye.com/blog/1693757 文中提到相关超时问题,但是又出现了一个问题,我把min和max都设置成了180000,但是仍然出现了以下的异常信息: Client session timed out, have not heard from server in 154339ms for sessionid 0x13a3f7732340003
  • CASE WHEN 用法介绍 daizj sqlgroup bycase when
    CASE WHEN 用法介绍 1. CASE WHEN 表达式有两种形式 --简单Case函数  CASE sex  WHEN '1' THEN '男'  WHEN '2' THEN '女'  ELSE '其他' END  --Case搜索函数  CASE WHEN sex = '1' THEN
  • PHP技巧汇总:提高PHP性能的53个技巧 dcj3sjt126com PHP
    PHP技巧汇总:提高PHP性能的53个技巧  用单引号代替双引号来包含字符串,这样做会更快一些。因为PHP会在双引号包围的字符串中搜寻变量,  单引号则不会,注意:只有echo能这么做,它是一种可以把多个字符串当作参数的函数译注:  PHP手册中说echo是语言结构,不是真正的函数,故把函数加上了双引号)。  1、如果能将类的方法定义成static,就尽量定义成static,它的速度会提升将近4倍
  • Yii框架中CGridView的使用方法以及详细示例 dcj3sjt126com yii
    CGridView显示一个数据项的列表中的一个表。 表中的每一行代表一个数据项的数据,和一个列通常代表一个属性的物品(一些列可能对应于复杂的表达式的属性或静态文本)。  CGridView既支持排序和分页的数据项。排序和分页可以在AJAX模式或正常的页面请求。使用CGridView的一个好处是,当用户浏览器禁用JavaScript,排序和分页自动退化普通页面请求和仍然正常运行。 实例代码如下:
  • Maven项目打包成可执行Jar文件 dyy_gusi assembly
    Maven项目打包成可执行Jar文件 在使用Maven完成项目以后,如果是需要打包成可执行的Jar文件,我们通过eclipse的导出很麻烦,还得指定入口文件的位置,还得说明依赖的jar包,既然都使用Maven了,很重要的一个目的就是让这些繁琐的操作简单。我们可以通过插件完成这项工作,使用assembly插件。具体使用方式如下: 1、在项目中加入插件的依赖: <plugin>
  • php常见错误 geeksun PHP
    1.  kevent() reported that connect() failed (61: Connection refused) while connecting to upstream, client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", upstream: "fastc
  • 修改linux的用户名 hongtoushizi linuxchange password
    Change Linux Username 更改Linux用户名,需要修改4个系统的文件: /etc/passwd /etc/shadow /etc/group /etc/gshadow 古老/传统的方法是使用vi去直接修改,但是这有安全隐患(具体可自己搜一下),所以后来改成使用这些命令去代替: vipw vipw -s vigr vigr -s   具体的操作顺
  • 第五章 常用Lua开发库1-redis、mysql、http客户端 jinnianshilongnian nginxlua
    对于开发来说需要有好的生态开发库来辅助我们快速开发,而Lua中也有大多数我们需要的第三方开发库如Redis、Memcached、Mysql、Http客户端、JSON、模板引擎等。 一些常见的Lua库可以在github上搜索,https://github.com/search?utf8=%E2%9C%93&q=lua+resty。   Redis客户端 lua-resty-r
  • zkClient 监控机制实现 liyonghui160com zkClient 监控机制实现
             直接使用zk的api实现业务功能比较繁琐。因为要处理session loss,session expire等异常,在发生这些异常后进行重连。又因为ZK的watcher是一次性的,如果要基于wather实现发布/订阅模式,还要自己包装一下,将一次性订阅包装成持久订阅。另外如果要使用抽象级别更高的功能,比如分布式锁,leader选举
  • 在Mysql 众多表中查找一个表名或者字段名的 SQL 语句 pda158 mysql
    在Mysql 众多表中查找一个表名或者字段名的 SQL 语句:   方法一:SELECT table_name, column_name from information_schema.columns WHERE column_name LIKE 'Name';   方法二:SELECT column_name from information_schema.colum
  • 程序员对英语的依赖 Smile.zeng 英语程序猿
    1、程序员最基本的技能,至少要能写得出代码,当我们还在为建立类的时候思考用什么单词发牢骚的时候,英语与别人的差距就直接表现出来咯。 2、程序员最起码能认识开发工具里的英语单词,不然怎么知道使用这些开发工具。 3、进阶一点,就是能读懂别人的代码,有利于我们学习人家的思路和技术。 4、写的程序至少能有一定的可读性,至少要人别人能懂吧... 以上一些问题,充分说明了英语对程序猿的重要性。骚年
  • Oracle学习笔记(8) 使用PLSQL编写触发器 vipbooks oraclesql编程活动Access
        时间过得真快啊,转眼就到了Oracle学习笔记的最后个章节了,通过前面七章的学习大家应该对Oracle编程有了一定了了解了吧,这东东如果一段时间不用很快就会忘记了,所以我会把自己学习过的东西做好详细的笔记,用到的时候可以随时查找,马上上手!希望这些笔记能对大家有些帮助!     这是第八章的学习笔记,学习完第七章的子程序和包之后
按字母分类: ABCDEFGHIJKLMNOPQRSTUVWXYZ其他