机灵的小小子
机灵的小小子

K8S集群搭建(多master多node节点)

目录

          一 部署环境

关闭防火墙

设置主机名hostname,管理节点设置主机名为 master 

配置hosts主机名解析

配置免密登陆

关闭交换分区

配置内核参数,将桥接的IPv4流量传递到iptables的链

开启ipvs

二 配置软件源

升级centos系统内核

配置时间同步

安装docker服务以及K8S 

查看docker服务和K8S服务是否起来

配置docker加速

三 通过keepalived+nginx 实现k8s apiserver节点高可用

安装nginx和keepalived主备

修改nginx配置文件,主备配置文件是一样的

 keepalived配置 Master1

 keepalived配置 Master2

查看IP地址 出现192.168.100.222/24虚拟VIP地址

ping 虚拟VIP地址 192.168.100.222

四 集群初始化

生成默认kubeadm-config.yaml 文件

传kubeadm-config.yaml 给其他master节点

所有Master节点提前下载镜像(master1和master2都要下载)

初始化集群

初始化成功以后,会产生Token值,用于其他节点加入时使用

配置环境变量

查看节点状态:

所有的系统组件均以容器的方式运行并且在kube-system命名空间内,此时可以查看Pod状态

在要加入集群的节点执行以下命令

添加其他主节点 master2,执行以下命令

如果遇到kubeadm init报错10248不健康

node节点加入集群执行以下命令

解决方式

node节点添加成功

添加完成查看结果

五 安装网络插件

查看节点状态

如果报错显示以下内容:

 六 部署k8s的dashboard

执行yaml文件直接部署    k8s与dashboard 对应版本安装  

查看dashboard运行状态,以deployment方式部署,运行2个pod及2个service

查看暴露的service,已修改为nodeport类型:

 登录dashboard

 创建登录用户 以及查看访问Dashboard的认证令牌

把获取到的Token复制到登录界面的Token输入框中,登陆成功

一 部署环境

多台运行着下列系统的机器:
CentOS 7.9 每台机器 2 GB 或更多的 RAM内存2 CPU 核或更多
集群中的所有机器的网络彼此均能相互连接(公网和内网都可以)节点之中不可以有重复的主机名,

Hostname ip地址      系统
master1    192.168.100.10     CentOS 7.9
master2 192.168.100.11 CentOS 7.9
node1  192.168.100.13 CentOS 7.9
node2   192.168.100.14 CentOS 7.9
虚拟vip 192.168.100.222 CentOS 7.9

docker  版本  v20.10.2 

k8s 版本       v1.23.6

关闭防火墙

setenforce 0
sed -ri '/^[^#]*SELINUX=/s#=.+$#=disabled#' /etc/selinux/config
systemctl stop firewalld
systemctl disable firewalld
reboot  重启系统

设置主机名hostname,管理节点设置主机名为 master 

[root@localhost ~]# hostnamectl  set-hostname  master1  && bash
[root@localhost ~]# hostnamectl  set-hostname  master2  && bash
[root@localhost ~]# hostnamectl  set-hostname  node1     && bash
[root@localhost ~]# hostnamectl  set-hostname  node2     && bash

配置hosts主机名解析

cat <>/etc/hosts
192.168.100.10 master1
192.168.100.11 master2
192.168.100.13 node1
192.168.100.14 node2
192.168.100.222 k8s-vip 
EOF

配置免密登陆

[root@master1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:V5ewxAlLVa3ZTkuMwfZzelE4Dz40l9K7OHMRDlQ+ja8 root@master1
The key's randomart image is:
+---[RSA 2048]----+
|          o+*+++.|
|         . ooOB*=|
|          . +o%%=|
|           . o=@*|
|        S .   o=O|
|         .   +.=o|
|              E. |
|                 |
|                 |
+----[SHA256]-----+
[root@master1 ~]# ls

将本地生成的秘钥文件和私钥文件拷贝到远程主机

[root@master1 ~]# ssh-copy-id master2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'master2 (192.168.100.11)' can't be established.
ECDSA key fingerprint is SHA256:QC+4rc9118CZXii4A+dD7e9IXryxnCFpXC1ZoGLO3QU.
ECDSA key fingerprint is MD5:f1:70:b0:c6:0a:77:d9:00:b1:41:79:c3:3b:1c:88:1d.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@master2's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'master2'"
and check to make sure that only the key(s) you wanted were added.

[root@master1 ~]# 

[root@master1 ~]# ssh-copy-id node1    
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'node1 (192.168.100.13)' can't be established.
ECDSA key fingerprint is SHA256:QC+4rc9118CZXii4A+dD7e9IXryxnCFpXC1ZoGLO3QU.
ECDSA key fingerprint is MD5:f1:70:b0:c6:0a:77:d9:00:b1:41:79:c3:3b:1c:88:1d.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node1's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node1'"
and check to make sure that only the key(s) you wanted were added.

[root@master1 ~]# ssh-copy-id node2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'node2 (192.168.100.14)' can't be established.
ECDSA key fingerprint is SHA256:QC+4rc9118CZXii4A+dD7e9IXryxnCFpXC1ZoGLO3QU.
ECDSA key fingerprint is MD5:f1:70:b0:c6:0a:77:d9:00:b1:41:79:c3:3b:1c:88:1d.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node2'"
and check to make sure that only the key(s) you wanted were added.

[root@master1 ~]# 
[root@master1 ~]# ssh node1     ##验证成功
Last login: Fri Dec 16 11:17:20 2022 from 192.168.100.1
[root@master1 ~]# ssh master2
Last login: Fri Dec 16 11:23:46 2022 from node2
[root@master2 ~]# exit

或者用
for i in master1 master2  node1 node2;do ssh-copy-id -i .ssh/id_rsa.pub $i;done

关闭交换分区

swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab   


swapoff -a  #临时关闭
永久关闭,将/etc/fstab中的如下一行注释掉
#/dev/mapper/centos-swap swap swap defaults 0 0
同样的操作在master2和node1上也分别做一下。
为什么要关掉swap呢?
k8s在设计时就考虑要提升性能,不让使用swap,如果不关的话,初始化时将会提示错误。

配置内核参数,将桥接的IPv4流量传递到iptables的链

cat < /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

使配置生效
[root@master1 ~]# modprobe br_netfilter
[root@master1 ~]# sysctl  --system

开启ipvs

开启ipvs

cat > /etc/sysconfig/modules/ipvs.modules < /dev/null 2>&1
 if [ 0 -eq 0 ]; then
 /sbin/modprobe ${kernel_module}
 fi
done
END


chmod 755 /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules

二 配置软件源

mkdir -p /etc/yum.repos.d/repo.bak
mv /etc/yum.repos.d/*.repo  /etc/yum.repo.d/repo.bak
cd /etc/yum.repos.d/

##安装epel源
rpm --imp ort https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
yum install -y https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo

##配置docker-ce的源
yum install -y yum-utils
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

##安装k8syum源  
cat <

升级centos系统内核

yum update 

查看内核版本并安装最新版本
yum list available --disablerepo=* --enablerepo=elrepo-kernel

安装最新lt内核版本
yum --disablerepo='*' --enablerepo=elrepo-kernel install kernel-lt -y

查看系统grub内核的启动列表,这里编号0的5.4.227的lt版本是我们新安装的
awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg

[root@master1 ~]# awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg
0 : CentOS Linux (5.4.227-1.el7.elrepo.x86_64) 7 (Core)
1 : CentOS Linux (3.10.0-1160.80.1.el7.x86_64) 7 (Core)
2 : CentOS Linux (3.10.0-1160.71.1.el7.x86_64) 7 (Core)
3 : CentOS Linux (0-rescue-46ef9765f6e049aab7416cf2a8a3042e) 7 (Core)
[root@master1 ~]# 

指定以新安装的编号0的内核版本为默认启动内核
[root@master1 ~]# grub2-set-default 0

卸载旧内核版本
yum remove kernel -y

重启机器,以新内核版本加载启动
reboot

查看当前内核版本
[root@master1 ~]# uname -r
5.4.227-1.el7.elrepo.x86_64

配置时间同步

yum -y install chrony

$ vim /etc/chrony.conf
root@master1 ~]# cat  /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).

server ntp.aliyun.com iburst          ##添加
server ntp.tencent.com iburst         ###添加

#server 0.centos.pool.ntp.org iburst    #注销
#server 1.centos.pool.ntp.org iburst    #注销
#server 2.centos.pool.ntp.org iburst    #注销
#server 3.centos.pool.ntp.org iburst    #注销


#启动和配置自启动
systemctl enable chronyd
systemctl start chronyd

安装docker服务以及K8S 

docker安装
yum -y install docker-ce-20.10.2

systemctl start docker && systemctl enable docker && systemctl status docker


kubernetes安装
yum install -y kubelet-1.23.6 kubeadm-1.23.6 kubectl-1.23.6 --disableexcludes=kubernetes

systemctl enable kubelet && systemctl start kubelet && systemctl status kubelet

查看docker服务和K8S服务是否起来

dockers服务起来

[root@master1 ~]#systemctl start docker && systemctl enable docker && systemctl status docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
   Active: active (running) since 五 2022-12-16 14:57:14 CST; 67ms ago
     Docs: https://docs.docker.com
 Main PID: 16544 (dockerd)
   CGroup: /system.slice/docker.service
           └─16544 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.s...

12月 16 14:57:13 master1 dockerd[16544]: time="2022-12-16T14:57:13.867503820+08:00"...pc
12月 16 14:57:13 master1 dockerd[16544]: time="2022-12-16T14:57:13.912388135+08:00"...t"
12月 16 14:57:13 master1 dockerd[16544]: time="2022-12-16T14:57:13.912414989+08:00"...e"
12月 16 14:57:13 master1 dockerd[16544]: time="2022-12-16T14:57:13.912622411+08:00"...."
12月 16 14:57:14 master1 dockerd[16544]: time="2022-12-16T14:57:14.009252102+08:00"...s"
12月 16 14:57:14 master1 dockerd[16544]: time="2022-12-16T14:57:14.067230875+08:00"...."
12月 16 14:57:14 master1 dockerd[16544]: time="2022-12-16T14:57:14.124998469+08:00"....7
12月 16 14:57:14 master1 dockerd[16544]: time="2022-12-16T14:57:14.125084166+08:00"...n"
12月 16 14:57:14 master1 systemd[1]: Started Docker Application Container Engine.
12月 16 14:57:14 master1 dockerd[16544]: time="2022-12-16T14:57:14.142287793+08:00"...k"
Hint: Some lines were ellipsized, use -l to show in full.

 kubelet服务启动成功

[root@master1 ~]# systemctl enable kubelet && systemctl start kubelet && systemctl status kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
● kubelet.service - kubelet: The Kubernetes Node Agent
   Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/kubelet.service.d
           └─10-kubeadm.conf
   Active: active (running) since 五 2022-12-16 15:08:36 CST; 34ms ago
     Docs: https://kubernetes.io/docs/
 Main PID: 21511 (kubelet)
    Tasks: 6
   Memory: 9.9M
   CGroup: /system.slice/kubelet.service
           └─21511 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-k...

12月 16 15:08:36 master1 systemd[1]: Started kubelet: The Kubernetes Node Agent.

配置docker加速

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://82m9ar63.mirror.aliyuncs.com"],
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2"
}
EOF

sudo systemctl daemon-reload
sudo systemctl restart docker

注:以上操作4个节点系统都要做 

三 通过keepalived+nginx 实现k8s apiserver节点高可用

安装nginx和keepalived主备

#在master1和master2上做nginx主备安装

安装nginx  keepalived     nginx-all-modules #这个如果不安装的话,启动nginx服务时会报错  
yum install -y nginx keepalived   nginx-all-modules

修改nginx配置文件,主备配置文件是一样的

 从worker_connections 1024 之后 开始添加   (注:master1 2 都改)

#Master1和Master2上均做
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak

vim /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
    worker_connections 1024;
}

stream {
 log_format main '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
 access_log /var/log/nginx/k8s-access.log main;
 upstream k8s-apiserver {
   server 192.168.100.10:6443;    #Master1 APISERVER IP:PORT
   server 192.168.100.11:6443;    #Master2 APISERVER IP:PORT

 }
 server {
  listen 16443;  #由于nginx与master节点复用,这个监听端口不能是6443,否则会冲突
 proxy_pass k8s-apiserver;
 }
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;
    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;
   #include /etc/nginx/conf.d/*.conf;
    server {
        listen       80 default_server;
        server_name  _;
        location = / {
        }
    }
}



启动nginx服务
systemctl enable nginx --now

 keepalived配置 Master1

#Master1做成主

#vrrp_script:指定检查 nginx 工作状态脚本(根据 nginx 状态判断是否故障转移) #virtual_ipaddress:虚拟 IP(VIP)

cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak

vim  /etc/keepalived/keepalived.conf 
global_defs {
   notification_email {
     [email protected]
     [email protected]
     [email protected]
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1      #修改
   smtp_connect_timeout 30
   router_id NGINX_MASTER     #修改id
   vrrp_skip_check_adv_addr
   #vrrp_strict               ##注销掉否则ping不通虚拟VIP地址   
   vrrp_garp_interval 0
   vrrp_gna_interval 0

}

   vrrp_script check_nginx {
        script "/etc/keepalived/check_nginx.sh"    #添加检查脚本
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33    #修改为实际网卡名
    virtual_router_id 51  #VRRP路由ID实例,每个实例是唯一的
    priority 100   #优先级,备服务器设置90
    advert_int 1    #指定VRRP心跳包通告间隔时间,默认1秒
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    #虚拟IP
    virtual_ipaddress {
        192.168.100.222/24      ##修改虚拟VIP地址
    }
    track_script {
       check_nginx      #添加检查nginx脚本
    }





#脚本
#注:keepalived 根据脚本返回状态码(0 为工作不正常,非 0 正常)判断是否故障转移。

cat <> /etc/keepalived/check_nginx.sh 
#!/bin/bash 
count=$(ps -ef |grep nginx | grep sbin | egrep -cv "grep|$$") 
if [ "$count" -eq 0 ];then 
 systemctl stop keepalived 
fi
EOF

chmod a+x /etc/keepalived/check_nginx.sh

systemctl enable keepalived --now

 keepalived配置 Master2

#Master2做成备
#vrrp_script:指定检查 nginx 工作状态脚本(根据 nginx 状态判断是否故障转移) #virtual_ipaddress:虚拟 IP(VIP)

cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vim  /etc/keepalived/keepalived.conf 
global_defs {
   notification_email {
     [email protected]
     [email protected]
     [email protected]
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1        #修改
   smtp_connect_timeout 30
   router_id NGINX_BACKUP       #修改id
   vrrp_skip_check_adv_addr
   #vrrp_strict               ##注销掉否则ping不通虚拟VIP地址   
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

   vrrp_script check_nginx {
        script "/etc/keepalived/check_nginx.sh"
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33         #修改为实际网卡名
    virtual_router_id 51    #VRRP路由ID实例,每个实例是唯一的
    priority 90             #优先级,主服务器设置100
    advert_int 1            #指定VRRP心跳包通告间隔时间,默认1秒
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    #虚拟IP
    virtual_ipaddress {
        192.168.100.222/24     #修改虚拟VIP地址
    }
    track_script {
       check_nginx
    }
}




#脚本
#注:keepalived 根据脚本返回状态码(0 为工作不正常,非 0 正常)判断是否故障转移。


cat <> /etc/keepalived/check_nginx.sh
#!/bin/bash 
count=$(ps -ef |grep nginx | grep sbin | egrep -cv "grep|$$") 
if [ "$count" -eq 0 ];then 
 systemctl stop keepalived 
fi
EOF

chmod a+x /etc/keepalived/check_nginx.sh
systemctl enable keepalived --now

查看IP地址 出现192.168.100.222/24虚拟VIP地址

[root@master1 ~]# ip addr
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:b1:d6:6e brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.10/24 brd 192.168.100.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.100.222/24 scope global secondary ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::137d:5b9f:cc00:a088/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: docker0:  mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:c9:4d:2b:b7 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever

ping 虚拟VIP地址 192.168.100.222

[root@master1 ~]# ping 192.168.100.222
PING 192.168.100.222 (192.168.100.222) 56(84) bytes of data.
64 bytes from 192.168.100.222: icmp_seq=1 ttl=64 time=0.049 ms
64 bytes from 192.168.100.222: icmp_seq=2 ttl=64 time=0.071 ms

停止master1的keepalived 看是否虚拟VPN IP地址会飘在master2上 (master2显示虚拟IP代表成功)

[root@master1 ~]# systemctl stop keepalived.service 
[root@master2 ~]# ip ad
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:d6:4e:c4 brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.11/24 brd 192.168.100.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.100.222/24 scope global secondary ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::137d:5b9f:cc00:a088/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::b7a5:7adc:7fdc:77af/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: docker0:  mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:62:5f:61:42 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
[root@master2 ~]#

四 集群初始化

生成默认kubeadm-config.yaml 文件

kubeadm config print init-defaults --kubeconfig ClusterConfiguration > kubeadm-config.yaml 
[root@master1 ~]# kubeadm config print init-defaults --kubeconfig ClusterConfiguration > kubeadm-config.yaml 
[root@master1 ~]# ls
anaconda-ks.cfg  kubeadm-config.yaml

也可以自己创建kubeadm-config.yaml 文件,我这里选择自己创建kubeadm-config.yaml 

[root@master1 ~]#cat kubeadm-config.yaml 
apiVersion: kubeadm.k8s.io/v1beta2    
kind: ClusterConfiguration            
kubernetesVersion: v1.23.6                ##更改k8s版本号
imageRepository: registry.aliyuncs.com/google_containers    ##更改国内镜像源    
controlPlaneEndpoint: 192.168.100.222:16443                ##虚拟VIP地址+端口         
apiServer:                         
 certSANs:
 - 192.168.100.222               ###添加虚拟VIP地址
networking:
 podSubnet: 10.244.0.0/16        # pod 的网段
 serviceSubnet: 10.10.0.0/16     #service网段
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind:  KubeProxyConfiguration
mode: ipvs                      ##开启ipvs

传kubeadm-config.yaml 给其他master节点

[root@master1 ~]# scp kubeadm-config.yaml  master2:~
kubeadm-config.yaml                                                    100%  499   366.2KB/s   00:00

所有Master节点提前下载镜像(master1和master2都要下载)

[root@master1 ~]# kubeadm config images pull  --config kubeadm-config.yaml 
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-apiserver:v1.23.6
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-controller-manager:v1.23.6
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-scheduler:v1.23.6
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-proxy:v1.23.6
[config/images] Pulled registry.aliyuncs.com/google_containers/pause:3.6
[config/images] Pulled registry.aliyuncs.com/google_containers/etcd:3.5.1-0
[config/images] Pulled registry.aliyuncs.com/google_containers/coredns:v1.8.6
[root@master1 ~]#

初始化集群

root@master1 ~]# kubeadm init --config  kubeadm-config.yaml 
[init] Using Kubernetes version: v1.23.6
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local master1] and IPs [10.10.0.1 192.168.100.10 192.168.100.222]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [localhost master1] and IPs [192.168.100.10 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [localhost master1] and IPs [192.168.100.10 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[endpoint] WARNING: port specified in controlPlaneEndpoint overrides bindPort in the controlplane address
[kubeconfig] Writing "admin.conf" kubeconfig file
[endpoint] WARNING: port specified in controlPlaneEndpoint overrides bindPort in the controlplane address
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[endpoint] WARNING: port specified in controlPlaneEndpoint overrides bindPort in the controlplane address
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[endpoint] WARNING: port specified in controlPlaneEndpoint overrides bindPort in the controlplane address
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[apiclient] All control plane components are healthy after 24.637002 seconds
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.23" in namespace kube-system with the configuration for the kubelets in the cluster
NOTE: The "kubelet-config-1.23" naming of the kubelet ConfigMap is deprecated. Once the UnversionedKubeletConfigMap feature gate graduates to Beta the default name will become just "kubelet-config". Kubeadm upgrade will handle this transition transparently.
[upload-certs] Skipping phase. Please see --upload-certs
[mark-control-plane] Marking the node master1 as control-plane by adding the labels: [node-role.kubernetes.io/master(deprecated) node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]
[mark-control-plane] Marking the node master1 as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: h2nq1b.g17bz2b8ofyemnxo
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[endpoint] WARNING: port specified in controlPlaneEndpoint overrides bindPort in the controlplane address
[addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of control-plane nodes by copying certificate authorities
and service account keys on each node and then running the following as root:

  kubeadm join 192.168.100.222:16443 --token h2nq1b.g17bz2b8ofyemnxo \
	--discovery-token-ca-cert-hash sha256:8e8791621a3ad873547facdc62c8de731b020dbcf28a8f841d12793979222ad3 \
	--control-plane 

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.100.222:16443 --token h2nq1b.g17bz2b8ofyemnxo \
	--discovery-token-ca-cert-hash sha256:8e8791621a3ad873547facdc62c8de731b020dbcf28a8f841d12793979222ad3

初始化成功以后,会产生Token值,用于其他节点加入时使用

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of control-plane nodes by copying certificate authorities
and service account keys on each node and then running the following as root:

  kubeadm join 192.168.100.222:16443 --token h2nq1b.g17bz2b8ofyemnxo \
	--discovery-token-ca-cert-hash sha256:8e8791621a3ad873547facdc62c8de731b020dbcf28a8f841d12793979222ad3 \
	--control-plane   ##用于加入master2节点

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.100.222:16443 --token h2nq1b.g17bz2b8ofyemnxo \
	--discovery-token-ca-cert-hash sha256:8e8791621a3ad873547facdc62c8de731b020dbcf28a8f841d12793979222ad3  
##用于加入node节点

温馨提示如果出现集群初始化出错可重置再初始化

[root@master1 ~]#  kubeadm reset -f   ##重置k8s初始化

配置环境变量

[root@master1 ~]# mkdir -p $HOME/.kube
[root@master1 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master1 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source  ~/.bash_profile

# 临时生效(退出当前窗口重连环境变量失效)
export KUBECONFIG=/etc/kubernetes/admin.conf
# 永久生效(推荐)
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source  ~/.bash_profile

查看节点状态:

[root@master1 ~]# kubectl get nodes
NAME      STATUS     ROLES                  AGE   VERSION
master1   NotReady   control-plane,master   48m   v1.23.6
[root@master1 ~]#

所有的系统组件均以容器的方式运行并且在kube-system命名空间内,此时可以查看Pod状态

[root@master1 ~]# kubectl get pods -n kube-system -o wide
NAME                              READY   STATUS    RESTARTS   AGE   IP               NODE      NOMINATED NODE   READINESS GATES
coredns-6d8c4cb4d-hbtm5           0/1     Pending   0          49m                             
coredns-6d8c4cb4d-n5dcp           0/1     Pending   0          49m                             
etcd-master1                      1/1     Running   0          49m   192.168.100.10   master1              
kube-apiserver-master1            1/1     Running   0          49m   192.168.100.10   master1              
kube-controller-manager-master1   1/1     Running   0          49m   192.168.100.10   master1              
kube-proxy-9p7cq                  1/1     Running   0          49m   192.168.100.10   master1              
kube-scheduler-master1            1/1     Running   0          49m   192.168.100.10   master1              
[root@master1 ~]#

在要加入集群的节点执行以下命令

在master2节点创建
[root@master2 ~]# mkdir -p /etc/kubernetes/pki/etcd

在master1主节点将证书传给其他主节点
[root@master1 ~]# scp /etc/kubernetes/pki/ca.* master2:/etc/kubernetes/pki/
ca.crt                                                                                          100% 1099   509.4KB/s   00:00    
ca.key                                                                                          100% 1679   456.7KB/s   00:00    
[root@master1 ~]# scp /etc/kubernetes/pki/sa.* master2:/etc/kubernetes/pki/
sa.key                                                                                          100% 1679   728.6KB/s   00:00    
sa.pub                                                                                          100%  451   160.0KB/s   00:00    
[root@master1 ~]# scp /etc/kubernetes/pki/front-proxy-ca.* master2:/etc/kubernetes/pki/
front-proxy-ca.crt                                                                              100% 1115     1.0MB/s   00:00    
front-proxy-ca.key                                                                              100% 1675   685.3KB/s   00:00    
[root@master1 ~]# scp /etc/kubernetes/pki/etcd/ca.* master2:/etc/kubernetes/pki/etcd/
ca.crt                                                                                          100% 1086   804.4KB/s   00:00    
ca.key                                                                                          100% 1679   862.5KB/s   00:00    
[root@master1 ~]# scp /etc/kubernetes/admin.conf master2:/etc/kubernetes/
admin.conf                                                                                      100% 5644     2.1MB/s   00:00    
[root@master1 ~]# scp /etc/kubernetes/admin.conf node1:/etc/kubernetes/
admin.conf                                                                                     100% 5644     2.7MB/s   00:00    
[root@master1 ~]#

添加其他主节点 master2,执行以下命令

[root@master2]# kubeadm join 192.168.100.222:16443 --token h2nq1b.g17bz2b8ofyemnxo --discovery-token-ca-cert-hash sha256:8e8791621a3ad873547facdc62c8de731b020dbcf28a8f841d12793979222ad3 --control-plane 
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[preflight] Running pre-flight checks before initializing the new control plane instance
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local master2] and IPs [10.10.0.1 192.168.100.11 192.168.100.222]
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [localhost master2] and IPs [192.168.100.11 127.0.0.1 ::1]
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [localhost master2] and IPs [192.168.100.11 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Valid certificates and keys now exist in "/etc/kubernetes/pki"
[certs] Using the existing "sa" key
[kubeconfig] Generating kubeconfig files
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[endpoint] WARNING: port specified in controlPlaneEndpoint overrides bindPort in the controlplane address
[kubeconfig] Using existing kubeconfig file: "/etc/kubernetes/admin.conf"
[endpoint] WARNING: port specified in controlPlaneEndpoint overrides bindPort in the controlplane address
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[endpoint] WARNING: port specified in controlPlaneEndpoint overrides bindPort in the controlplane address
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[check-etcd] Checking that the etcd cluster is healthy
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
[etcd] Announced new etcd member joining to the existing etcd cluster
[etcd] Creating static Pod manifest for "etcd"
[etcd] Waiting for the new etcd member to join the cluster. This can take up to 40s
The 'update-status' phase is deprecated and will be removed in a future release. Currently it performs no operation
[mark-control-plane] Marking the node master2 as control-plane by adding the labels: [node-role.kubernetes.io/master(deprecated) node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]
[mark-control-plane] Marking the node master2 as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]

This node has joined the cluster and a new control plane instance was created:

* Certificate signing request was sent to apiserver and approval was received.
* The Kubelet was informed of the new secure connection details.
* Control plane (master) label and taint were applied to the new node.
* The Kubernetes control plane instances scaled up.
* A new etcd member was added to the local/stacked etcd cluster.

To start administering your cluster from this node, you need to run the following as a regular user:

	mkdir -p $HOME/.kube
	sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
	sudo chown $(id -u):$(id -g) $HOME/.kube/config

Run 'kubectl get nodes' to see this node join the cluster.

[root@master2]#

如果遇到kubeadm init报错10248不健康

遇见这样问题
[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp [::1]:10248: connect: connection refused.
[kubelet-check] It seems like the kubelet isn't running or healthy.


Docker是用yum安装的,docker的cgroup驱动程序默认设置为systemd。默认情况下Kubernetes cgroup为system,我们需要更改Docker cgroup驱动



解决方法
# 添加以下内容
vim /etc/docker/daemon.json
{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

# 重启docker
systemctl restart docker
# 重新初始化
kubeadm reset -f  # 先重置

node节点加入集群执行以下命令

kubeadm join 192.168.100.222:16443 --token h2nq1b.g17bz2b8ofyemnxo \
	--discovery-token-ca-cert-hash sha256:8e8791621a3ad873547facdc62c8de731b020dbcf28a8f841d12793979222ad3

但是,执行过程中出现了报错现象,控制台报错,内容如下:

error execution phase preflight: couldn't validate the identity of the API Server: invalid discovery token CA certificate hash: invalid hash "sha256:8e8791621a3ad873547facdc62c8de731b020dbcf28a8f841d22ad3", expected a 32 byte SHA-256 hash, found 27 bytes

通过分析得知,根本原因:Token信息过期

解决方式

在Master节点使用kubeadm生成新的token信息

kubeadm token create --print-join-command

[root@master1 ~]# kubeadm token create --print-join-command
kubeadm join 192.168.100.222:16443 --token rrf6hc.jr2o31u7xu84hctt --discovery-token-ca-cert-hash sha256:8e8791621a3ad873547facdc62c8de731b020dbcf28a8f841d12793979222ad3

node节点添加成功

[root@node1 ~]# kubeadm token create --print-join-command
kubeadm join 192.168.100.222:16443 --token 82121p.6n68y99mgmr8daps --discovery-token-ca-cert-hash sha256:8e8791621a3ad873547facdc62c8de731b020dbcf28a8f841d12793979222ad3 
[root@node1 ~]# kubeadm join 192.168.100.222:16443 --token rrf6hc.jr2o31u7xu84hctt --discovery-token-ca-cert-hash sha256:8e8791621a3ad873547facdc62c8de731b020dbcf28a8f841d12793979222ad3 
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

添加完成查看结果

[root@master1 ~]# kubectl get nodes
NAME      STATUS     ROLES                  AGE     VERSION
master1   NotReady   control-plane,master   109m    v1.23.6
master2   NotReady   control-plane,master   25m     v1.23.6
node1     NotReady                    8m51s   v1.23.6
node2     NotReady                    8m40s   v1.23.6

五 安装网络插件

[root@master1 ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

namespace/kube-flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
[root@master1 ~]#

查看节点状态

[root@master1 ~]# kubectl get nodes 
NAME      STATUS   ROLES                  AGE    VERSION
master1   Ready    control-plane,master   115m   v1.23.6
master2   Ready    control-plane,master   31m    v1.23.6
node1     Ready                     15m    v1.23.6
node2     Ready                     16m    v1.23.6

如果报错显示以下内容:

The connection to the server localhost:8080 was refused - did you specify the right host or port?

问题分析:

环境变量
原因:kubernetes master没有与本机绑定,集群初始化的时候没有绑定,此时设置在本机的环境变量即可解决问题。

问题解决方法

设置环境变量
具体根据情况,linux设置该环境变量
方式一:编辑文件设置
	   vim /etc/profile
	   在底部增加新的环境变量 export KUBECONFIG=/etc/kubernetes/admin.conf
方式二:直接追加文件内容
	echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> /etc/profile

使生效
source /etc/profile


[root@master2 ~]# kubectl get nodes
The connection to the server localhost:8080 was refused - did you specify the right host or port?
[root@master2 ~]# kubectl get pods -n kube-system -o wide
The connection to the server localhost:8080 was refused - did you specify the right host or port?
[root@master2 ~]# 
[root@master2 ~]# echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> /etc/profile
[root@master2 ~]# 
[root@master2 ~]# source /etc/profile
[root@master2 ~]# 
[root@master2 ~]# kubectl get nodes
NAME      STATUS   ROLES                  AGE    VERSION
master1   Ready    control-plane,master   120m   v1.23.6
master2   Ready    control-plane,master   36m    v1.23.6
node1     Ready                     20m    v1.23.6
node2     Ready                     22m    v1.23.6
[root@master2 ~]#

 六 部署k8s的dashboard

执行yaml文件直接部署    k8s与dashboard 对应版本安装  

https://github.com/kubernetes/dashboard/releases?after=v2.0.0

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml

kubectl get pods -n kubernetes-dashboard

[root@master1 ~]# kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

查看dashboard运行状态,以deployment方式部署,运行2个pod及2个service

[root@master1 ~]# kubectl -n kubernetes-dashboard get pods
NAME                                        READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-79459f84f-w8dqt   1/1     Running   0          2m49s
kubernetes-dashboard-5bd89d988-vwjsz        1/1     Running   0          2m49s
[root@master1 ~]# kubectl -n kubernetes-dashboard get svc
NAME                        TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.10.41.17            8000/TCP        117s
kubernetes-dashboard        NodePort    10.10.252.52           443/TCP         118s

使用nodeport方式将dashboard服务暴露在集群外,指定使用30443端口,可自定义:

[root@master1 ~]# kubectl  patch svc kubernetes-dashboard -n kubernetes-dashboard \
> -p '{"spec":{"type":"NodePort","ports":[{"port":443,"targetPort":8443,"nodePort":30443}]}}'
service/kubernetes-dashboard patched

查看暴露的service,已修改为nodeport类型:

[root@master1 ~]# kubectl -n kubernetes-dashboard get svc
NAME                        TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.10.41.17            8000/TCP        14m
kubernetes-dashboard        NodePort    10.10.252.52           443:30443/TCP   14m
[root@master1 ~]#

 登录dashboard

浏览器访问dashboard:https://192.168.100.222:30443/#/login

K8S集群搭建(多master多node节点)_第1张图片

 创建登录用户 以及查看访问Dashboard的认证令牌

[root@master1 ~]#  kubectl create serviceaccount  dashboard-admin -n kubernetes-dashboard
serviceaccount/dashboard-admin created
[root@master1 ~]# 
[root@master1 ~]#  kubectl create clusterrolebinding  dashboard-admin --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:dashboard-admin
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created
[root@master1 ~]# 
[root@master1 ~]# kubectl describe secrets -n kubernetes-dashboard $(kubectl -n kubernetes-dashboard get secret | awk '/dashboard-admin/{print $1}')
Name:         dashboard-admin-token-x6sh8
Namespace:    kubernetes-dashboard
Labels:       
Annotations:  kubernetes.io/service-account.name: dashboard-admin
              kubernetes.io/service-account.uid: 76f21410-6c90-46da-8042-2da110a900cc

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1099 bytes
namespace:  20 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6ImZOZ1FKLWtFS3BHVE1Bc0xJX2Y2LTFBU0ZqNmMyZUotOGRJczFES0lWX00ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4teDZzaDgiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNzZmMjE0MTAtNmM5MC00NmRhLTgwNDItMmRhMTEwYTkwMGNjIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmVybmV0ZXMtZGFzaGJvYXJkOmRhc2hib2FyZC1hZG1pbiJ9.HQ8nnCcMKyIM2XoSAbWiYhPkb9fWYG1bjY_hU8ngW82CuJKkcM36QfI7Z3nApYhkj4DE3BJP_pk97Ad9kG6-XW2B2OqoRBHoFXEeG0OqH6GUSlKORoOgG6ce_PVpjW7CP5tptiTimw1eogjfWtZt5L2SFjB3ZMXwz54iLg8INWT4AzXsaBn040Ms-VFYhJ73TGu_NZPL-jioxnNQv54tRZFjkFBQm3A4u_yFyZto8X64vS8DoA8ROkqf-pklWeQRWJJuTxesZwwERaLZPrYXKcCaJrmrIk7MB4ZRWtsWUL6wOq-k4KbZbQSSp7ydx5rXNHUeWvRa05WgkFIN-zdy0A
[root@master1 ~]#

把获取到的Token复制到登录界面的Token输入框中,登陆成功

K8S集群搭建(多master多node节点)_第2张图片

你可能感兴趣的:(Docker,K8S,kubernetes,大数据,运维,服务器,docker)

  • 爬虫基础(三)Session和Cookie讲解 A.sir啊 网络爬虫必备知识点前端服务器运维网络网络爬虫
    目录一、前备知识点(1)静态网页(2)动态网页(3)无状态HTTP二、Session和Cookie三、Session四、Cookie(1)维持过程(2)结构正式开始说Session和Cookie之前,有些基础知识需要知道,我们先来看一下:一、前备知识点(1)静态网页比如,我们写了一段html代码,然后保存为一个html文件该文件所在主机,具有服务器那么其他人就可以通过访问服务器,来打开这个html
  • 爬虫基础(六)代理简述 A.sir啊 网络爬虫必备知识点网络协议爬虫python
    目录一、什么是代理二、基本原理三、代理分类一、什么是代理爬虫一般是自动化的,当我们自动运行时爬虫自动抓取数据,但一会就出现了错误:如,您的访问频率过高!这是因为网站的反爬措施,如果频繁访问,则会被禁止,即封IP为解决这种情况,我们需要把自己的IP伪装一下,即代理所谓代理,就是代理服务器。二、基本原理正常来说:客户发送请求给服务器然后服务器将响应传给客户而代理的话:相当于在客户和服务器之间加一个代理
  • 数据库--oracle--如何在Ubuntu上安装Oracle cuijr_leaf oracle数据库
    写在前面:下面的内容是国外的一篇教程,我跟着做了一遍,没有什么问题,所以翻译过来供大家参考。环境:oracle12cubuntu18.04(我是在Ubuntu16.04上装的,也没什么问题)正文:欢迎你!这篇教程会教你如何一步步地在Ubuntu18.04服务器上安装Oracle12cR2数据库。这篇教程中包含所有你必须要执行的命令以及部分截图。整个过程可能有点儿难,所以需要你对shell命令有一定
  • DNS原理介绍 不方便,你要方便吗? DNS简单介绍网络服务器
    目录1.DNS简介2.常见的dns记录类型A记录AAAA记录CNAME记录DNAME记录CAA记录CERT记录MX记录NS记录SOA记录PTR记录SPF记录SRV记录别名记录NSEC记录URLFWD记录TXT记录1.DNS简介DNS(domainnamesystem)是一种域名解析协议。dns查询通常有三种·:递归查询,迭代查询,反向查询。1.递归查询:客户端向dns服务器询问答案,服务器返回最佳
  • Spark 任务与 Spark Streaming 任务的差异详解 goTsHgo spark-streaming分布式大数据sparkstreaming大数据分布式
    Spark任务与SparkStreaming任务的主要差异源自于两者的应用场景不同:Spark主要处理静态的大数据集,而SparkStreaming处理的是实时流数据。这些差异体现在任务的调度、执行、容错、数据处理模式等方面。接下来,我们将从底层原理和源代码的角度详细解析Spark任务和SparkStreaming任务的差别。1.任务调度模型差异1.1Spark任务的调度模型Spark的任务调度基
  • https的原理 javascript前端
    HTTPS的原理HTTPS(HyperTextTransferProtocolSecure)是一种通过计算机网络进行安全通信的传输协议。它在HTTP的基础上增加了SSL/TLS协议,以实现数据传输的安全性和完整性。以下是HTTPS的基本原理:基本概念HTTP:超文本传输协议,用于在Web服务器和客户端之间传输数据。SSL/TLS:安全套接层(SSL)和传输层安全(TLS)协议,用于加密数据传输,确
  • Python大数据之PySpark(三)使用Python语言开发Spark程序代码_windows spark python 2401_84181704 程序员大数据pythonspark
    算子:rdd的api的操作,就是算子,flatMap扁平化算子,map转换算子Transformation算子Action算子步骤:1-首先创建SparkContext上下文环境2-从外部文件数据源读取数据3-执行flatmap执行扁平化操作4-执行map转化操作,得到(word,1)5-reduceByKey将相同Key的Value数据累加操作6-将结果输出到文件系统或打印代码:#-*-codi
  • 使用git创建本地的版本库repository Just_Paranoid 技术流Clipgitgithub
    Git介绍Git是分布式版本控制系统,它就没有中央服务器的,每个人的电脑就是一个完整的版本库,这样,工作的时候就不需要联网了,因为版本都是在自己的电脑上。下载地址:https://git-scm.com/downloads工作区(WorkingDirectory):wiki-to-thir文件夹就是一个工作区。版本库(Repository):工作区有个隐藏目录.git,这个不算工作区,而是Git的
  • GIS教程:全国数码商城系统 叁拾舞 Arcgis教程Vue3GIS
    文章目录注册高德地图API普通网页中测试地图加载地图添加标记地图配置点标记Marker添加弹框创建vue项目并添加高德地图创建项目加载高德地图项目首页布局封装axios和配置代理服务器获取城市热门信息获取城市区县信息获取区县商城信息获取指定城市区县的经纬度坐标将地图缩放到指定区县将商城添加到地图中点击标记打开信息框添加地图常用控件添加区县边界切换地图样式完整项目下载注册高德地图API详细流程:ht
  • openeuler 22.03 lts sp4 使用 kubeadm 部署 k8s-v1.28.2 高可用集群 月巴左耳东 openeulerKuberneteskubernetes
    文章目录@[toc]废话篇这篇文章什么时候写的为什么是openeuler为什么是22.03ltssp4高可用架构题外话干活篇环境介绍系统初始化相关关闭防火墙关闭selinux关闭swap开启内核模块开启模块自动加载服务sysctl内核参数调整清空iptables规则安装各种依赖和工具修改.bashrc文件安装kubeadm和kubelet简化kubectl命令启动kubelet安装containe
  • 解决 SSH 自动掉线问题:客户端与服务器端配置优化指南 运维开发王义杰 linux系统运维ssh服务器运维
    在使用SSH登录Linux云主机时,若遇到连接空闲一段时间后自动掉线的情况,通常是因为SSH客户端和服务器端的配置导致的超时机制。为了避免这种掉线现象,我们可以从客户端和服务器端两个方面进行调整。本文将详细讲解如何配置以保持SSH会话的持续连接,确保运维系统的连续性。一、客户端配置在SSH客户端端,常见的超时问题是由于客户端在空闲一段时间后没有活动,导致服务器主动关闭连接。为了解决这一问题,可以在
  • 分布式微服务系统架构第90集:现代化金融核心系统 掘金-我是哪吒 分布式微服务系统架构金融架构
    #1.1深化数字化转型,核心面临新挑战1、架构侧:无法敏捷协同数字金融经营模式转型。2、需求侧:业务需求传导低效始终困扰金融机构。3、开发侧:创新产品上市速度低于期望。4、运维侧:传统面向资源型监控体系难以支撑现代化核心。5、监管侧:对业务连续性导向趋严趋细。6、成本侧:单客核心的运营成本逐渐走高。#1.2重塑现代化核心,科技引领新趋势1、新理念:重构行业差异化竞争力的服务体系。2、新架构:构建面
  • 《大数据时代“快刀”:Flink实时数据处理框架优势全解析》 程序猿阿伟 大数据flink
    在数字化浪潮中,数据呈爆发式增长,实时数据处理的重要性愈发凸显。从金融交易的实时风险监控,到电商平台的用户行为分析,各行业都急需能快速处理海量数据的工具。Flink作为一款开源的分布式流处理框架,在这一领域崭露头角,备受瞩目。一、真正实时,毫秒级响应与部分将流处理模拟为微批处理的框架不同,Flink是专为实时流处理打造的“原生”引擎。它直接处理持续不断的事件流,无需将数据攒成批次再处理,这种设计赋
  • 园区智能化系统实现管理与服务的智能化转型与创新进阶 快鲸智慧楼宇管理系统 其他
    内容概要园区智能化系统的出现,标志着管理与服务向智能化转型的重要一步。这一系统不仅仅是一个技术解决方案,更是一个全面提升园区运营效率与安全性的独特工具。通过集成大数据分析、物联网和人工智能,园区智能化系统能够为各类园区如工业园、产业园、物流园、写字楼与公寓等提供切实可行的解决方案。“智能化管理不仅是未来的发展趋势,更是提升竞争力的必要手段。”在资产管理方面,智能化系统能够实时监控并优化资源的配置,
  • lxc与docker的区别 xihuaodc dockerlinux
    Docker不是lxc的一个替代方案。“lxc”是指linux内核(尤指命名空间以及Cgroup)的一个特性,它允许其他一些沙盒进程运行在一块相对独立的空间,并且能够方便的控制他们的资源调度。而基于底层的内核特性的基础上,Docker在上层构建了一个更高层次的具备多个强大功能的工具集:可移植的跨机器部署。Docker定义了一个将应用打包的规范,而它的所有依赖都被封装到了一个简单对象里,它可以被传输
  • 【转摘】域名服务器配置学习笔记 weixin_30725467 数据库嵌入式运维
    括看相关的rfc文件,一看和dns相关的rfc文件,妈呀,居然有86个之多。能看多少是多少吧。先把DNS的原理研究透彻了。在看rfc文件我想会事半功倍的:)1.ICANN是干什么的?和他的一些相关资讯?ICANN全称是叫:InternetCorporationforAssignedNamesandNumbers(互联网名称与数字地址分配机构),是一个非盈利性的国际组织,负责互联网协议(IP)地址的
  • QTcpSocket 如何统计在线时长 我喜欢就喜欢 C++技术文档QT数据库服务器网络
    基本原理QTcpSocket是Qt库中用于TCP通信的类。要统计在线时长,关键思路是记录连接建立的时间和当前时间,通过计算两者的差值来得到在线时长。实现步骤记录连接建立时间:在连接成功的信号槽函数中记录开始时间。例如,当QTcpSocket成功连接到服务器时,会发出connected()信号。可以在对应的槽函数中使用QDateTime类来记录连接时间。示例代码如下:收起cpp#include#in
  • 实战 | Docker+Jmeter+InfluxDB+Grafana 搭建性能监控平台 测试小迷糊 压力测试
    1.为什么要搭建性能监控平台?本身带有聚合报告如下图所示:这个报告有几个很明显的缺点::中获取数据并以特定的模板进行展示2、性能监控平台部署实践本文的重点并不是介绍Docker,所以不了解的小伙伴需要自己去学习一下基本的安装和操作,可参考之前发送的。1)首先去下载InfluxDB的镜像,下载很简单,直接pull就好,默认为下载最新的镜像:$dockerpullinfluxdb镜像,在访问8083端
  • CDH_6.3.2的搭建 我的K8409 Flinklinux大数据分布式
    一站式搭建大数据的应用1、前提条件和准备工作hostnamectlset-hostnamecdh01hostnamectlset-hostnamecdh02hostnamectlset-hostnamecdh032、修改IP和Host映射关系(所有节点)在window中也配置一下vim/etc/hosts192.168.92.201cdh01192.168.92.202cdh02192.168.9
  • nginx安全配置 凉生ㄨ゛゛记忆﹎ゝ nginx安全chrome
    一、基础安全配置隐藏版本号信息默认情况下,Nginx会在响应头中显示版本号,这可能会给攻击者提供服务器信息。攻击者可以根据版本号查找对应版本的已知漏洞进行定向攻击。http{#关闭在响应头中显示Nginx版本号#默认响应头:Server:nginx/1.18.0#关闭后响应头:Server:nginxserver_tokensoff;}配置安全Headers添加安全相关的HTTP响应头,可以有效防
  • 大数据笔记之 Flink1.17 算子 凡许真 大数据flink1.17算子
    文章目录前言一、Partition分区(物理分区)1.1随机分区shuffle1.2轮询分区rebalance1.3重缩放分区rescale1.4广播分区broadcast1.5全局分区global1.6keyby1.7自定义分区Custom二、transform2.1flatMap2.2filter2.3RichFunction2.4map三、Aggregate聚合3.1keyBy()3.2ma
  • Nginx 日志分析与监控 计算机毕设定制辅导-无忧学长 #Nginxnginx运维
    引言在当今互联网时代,Web服务的稳定运行和高效性能是至关重要的。Nginx作为一款高性能的HTTP和反向代理服务器,以其出色的稳定性、高效性和丰富的功能,被广泛应用于各类Web项目中,成为了Web服务架构中不可或缺的一部分。无论是大型互联网公司的高并发网站,还是小型企业的业务系统,Nginx都能发挥其强大的作用,承担着处理大量并发请求、实现负载均衡、保障服务稳定等重要任务。而Nginx日志,就像
  • Nginx与Web安全:遵循OWASP最佳实践 墨夶 Nginx学习资料1nginxweb安全hibernate
    在当今数字化时代,网络安全已成为企业不可忽视的重要环节。Web应用程序面临着各种威胁,包括SQL注入、跨站脚本攻击(XSS)、跨站请求伪造(CSRF)等。Nginx作为高性能的HTTP和反向代理服务器,提供了丰富的功能来增强Web应用的安全性。结合OpenWebApplicationSecurityProject(OWASP)的最佳实践,可以有效提升Web应用的安全防护水平。本文将详细介绍如何使用
  • vscode用ssh连接服务器后,明明内存还很富足,为什么却很卡顿 炸毛小怪 把bug打倒vscodessh服务器c语言算法硬件架构
    vscode用ssh连接服务器后,明明内存还很富足,为什么却很卡顿前言一、判断是否是服务器上其他用户同时在执行实验1、执行free命令查看内存占用情况2、额外的发现3、解决二、附加:buffer/cache和swap的先后顺序三、个人总结reference前言  这两天由于需要跑实验,数据集比较大,因此我在vscode上通过ssh连接上我们实验室的服务器(两张A100的配置)开启我的实验之路。可是
  • 13.3:.NET的容器化和容器编排工具的使用(课程共5750字,4段代码举例) 小兔子平安 .NET完整学习全解答python
    ①在本示例中,xn--Docker-gn7igl13d91b569eha512r584d.NETCore应用程序容器化。②在本示例中,我们将使用Kubernetes来进行容器编排。③在本示例中,我们将使用DockerCompose进行多容器编排。④在本示例中,我们将使用Azure容器实例来托管容器。以下是一个示例docker-compose.yml文件:version:'3'services:we
  • 如何在本地电脑上安装和使用 DeepSeek R-1 知识大胖 NVIDIAGPU和大语言模型开发教程电脑
    简介似乎每个人都在谈论DeepSeekR-1是中国人工智能公司DeepSeek开发的全新开源人工智能语言模型。一些用户声称,其推理能力与OpenAI的o1相当,甚至更好。目前,DeepSeek是免费使用的,这对用户来说是个好消息,但也带来了一些疑问。随着用户量的激增,他们如何管理服务器成本?硬件运行成本不可能便宜吧?这里最合乎逻辑的一点是——数据。数据是人工智能模型的命脉。他们可能以某种方式收集用
  • Kubernetes 中 LimitRange 与 ResourceQuota 的深度剖析 大大宝的博客 k8skubernetes贪心算法容器
    摘要:Kubernetes(简称k8s)作为容器编排领域的事实标准,提供了丰富的资源管理机制来确保集群的高效、稳定运行。LimitRange和ResourceQuota是其中两个重要的资源管理工具,它们在不同层面发挥着关键作用。本文深入探讨了LimitRange和ResourceQuota的用途、工作原理,并详细分析了它们之间的差异,旨在帮助读者全面理解和有效运用这两个工具,提升Kubernete
  • Gateway API:Kubernetes中的动态基础设施配置与流量路由 大大宝的博客 k8sgatewaykubernetes容器
    摘要:本文详细介绍了Kubernetes中的GatewayAPI,包括其设计原则、资源模型、请求流程、一致性等方面。GatewayAPI提供了动态基础设施配置和高级流量路由功能,通过可扩展、面向角色和协议感知的配置机制使网络服务可用。一、引言GatewayAPI是一系列API类型,用于提供动态基础设施配置和高级流量路由功能。它利用可扩展、面向角色且具有协议感知的配置机制,使网络服务得以应用。Gat
  • SDK级的kubectl,client-go的深度封装:kom使用指南 大大宝的博客 k8sgolang开发语言后端云原生kubernetes
    目录什么是kom特点示例程序安装使用示例1.多集群管理注册多集群显示已注册集群选择默认集群选择指定集群2.内置资源对象的增删改查以及Watch示例创建某个资源Get查询某个资源List查询资源列表通过Label查询资源列表通过多个Label查询资源列表通过Field查询资源列表更新资源内容PATCH更新资源删除资源通用类型资源的获取(适用于k8s内置类型以及CRD)Watch资源变更3.YAML创
  • 智能化Kubernetes管理:AI与ChatGPT提升运维效率的创新实践 大大宝的博客 k8skubernetes人工智能chatgpt
    摘要随着云计算技术的飞速发展,Kubernetes(K8s)已成为企业进行容器化应用管理的标准平台。然而,Kubernetes集群的管理在复杂度、规模和资源优化等方面仍然面临巨大挑战。传统的Kubernetes运维方式往往依赖手动操作,导致效率低下,且容易产生人为错误。随着人工智能(AI)技术的成熟,特别是基于自然语言处理(NLP)的智能体如ChatGPT的出现,AI智能体能够在Kubernete
  • Enum用法 不懂事的小屁孩 enum
    以前的时候知道enum,但是真心不怎么用,在实际开发中,经常会用到以下代码: protected final static String XJ = "XJ"; protected final static String YHK = "YHK"; protected final static String PQ = "PQ";
  • 【Spark九十七】RDD API之aggregateByKey bit1129 spark
    1. aggregateByKey的运行机制   /** * Aggregate the values of each key, using given combine functions and a neutral "zero value". * This function can return a different result type
  • hive创建表是报错: Specified key was too long; max key length is 767 bytes daizj hive
    今天在hive客户端创建表时报错,具体操作如下   hive> create table test2(id string); FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. MetaException(message:javax.jdo.JDODataSto
  • Map 与 JavaBean之间的转换 周凡杨 java自省转换反射
    最近项目里需要一个工具类,它的功能是传入一个Map后可以返回一个JavaBean对象。很喜欢写这样的Java服务,首先我想到的是要通过Java 的反射去实现匿名类的方法调用,这样才可以把Map里的值set 到JavaBean里。其实这里用Java的自省会更方便,下面两个方法就是一个通过反射,一个通过自省来实现本功能。 1:JavaBean类 1 &nb
  • java连接ftp下载 g21121 java
    有的时候需要用到java连接ftp服务器下载,上传一些操作,下面写了一个小例子。 /** ftp服务器地址 */ private String ftpHost; /** ftp服务器用户名 */ private String ftpName; /** ftp服务器密码 */ private String ftpPass; /** ftp根目录 */ private String f
  • web报表工具FineReport使用中遇到的常见报错及解决办法(二) 老A不折腾 finereportweb报表java报表总结
      抛砖引玉,希望大家能把自己整理的问题及解决方法晾出来,Mark一下,利人利己。   出现问题先搜一下文档上有没有,再看看度娘有没有,再看看论坛有没有。有报错要看日志。下面简单罗列下常见的问题,大多文档上都有提到的。   1、没有返回数据集: 在存储过程中的操作语句之前加上set nocount on 或者在数据集exec调用存储过程的前面加上这句。当S
  • linux 系统cpu 内存等信息查看 墙头上一根草 cpu内存liunx
    1 查看CPU   1.1 查看CPU个数   # cat /proc/cpuinfo | grep "physical id" | uniq | wc -l   2   **uniq命令:删除重复行;wc –l命令:统计行数**   1.2 查看CPU核数   # cat /proc/cpuinfo | grep "cpu cores" | u
  • Spring中的AOP aijuans springAOP
      Spring中的AOP Written by Tony Jiang @ 2012-1-18 (转)何为AOP AOP,面向切面编程。 在不改动代码的前提下,灵活的在现有代码的执行顺序前后,添加进新规机能。 来一个简单的Sample: 目标类: [java]  view plain copy print ? package&nb
  • placeholder(HTML 5) IE 兼容插件 alxw4616 JavaScriptjquery jQuery插件
    placeholder 这个属性被越来越频繁的使用. 但为做HTML 5 特性IE没能实现这东西. 以下的jQuery插件就是用来在IE上实现该属性的. /** * [placeholder(HTML 5) IE 实现.IE9以下通过测试.] * v 1.0 by oTwo 2014年7月31日 11:45:29 */ $.fn.placeholder = function
  • Object类,值域,泛型等总结(适合有基础的人看) 百合不是茶 泛型的继承和通配符变量的值域Object类转换
    java的作用域在编程的时候经常会遇到,而我经常会搞不清楚这个 问题,所以在家的这几天回忆一下过去不知道的每个小知识点   变量的值域;   package 基础; /** * 作用域的范围 * * @author Administrator * */ public class zuoyongyu { public static vo
  • JDK1.5 Condition接口 bijian1013 javathreadConditionjava多线程
    Condition 将 Object 监视器方法(wait、notify和 notifyAll)分解成截然不同的对象,以便通过将这些对象与任意 Lock 实现组合使用,为每个对象提供多个等待 set (wait-set)。其中,Lock 替代了 synchronized 方法和语句的使用,Condition 替代了 Object 监视器方法的使用。 条件(也称为条件队列或条件变量)为线程提供了一
  • 开源中国OSC源创会记录 bijian1013 hadoopsparkMemSQL
    一.Strata+Hadoop World(SHW)大会         是全世界最大的大数据大会之一。SHW大会为各种技术提供了深度交流的机会,还会看到最领先的大数据技术、最广泛的应用场景、最有趣的用例教学以及最全面的大数据行业和趋势探讨。          二.Hadoop   &nbs
  • 【Java范型七】范型消除 bit1129 java
    范型是Java1.5引入的语言特性,它是编译时的一个语法现象,也就是说,对于一个类,不管是范型类还是非范型类,编译得到的字节码是一样的,差别仅在于通过范型这种语法来进行编译时的类型检查,在运行时是没有范型或者类型参数这个说法的。 范型跟反射刚好相反,反射是一种运行时行为,所以编译时不能访问的变量或者方法(比如private),在运行时通过反射是可以访问的,也就是说,可见性也是一种编译时的行为,在
  • 【Spark九十四】spark-sql工具的使用 bit1129 spark
    spark-sql是Spark bin目录下的一个可执行脚本,它的目的是通过这个脚本执行Hive的命令,即原来通过 hive>输入的指令可以通过spark-sql>输入的指令来完成。 spark-sql可以使用内置的Hive metadata-store,也可以使用已经独立安装的Hive的metadata store   关于Hive build into Spark
  • js做的各种倒计时 ronin47 js 倒计时
    第一种:精确到秒的javascript倒计时代码      HTML代码:   <form name="form1">   <div align="center" align="middle"
  • java-37.有n 个长为m+1 的字符串,如果某个字符串的最后m 个字符与某个字符串的前m 个字符匹配,则两个字符串可以联接 bylijinnan java
    public class MaxCatenate { /* * Q.37 有n 个长为m+1 的字符串,如果某个字符串的最后m 个字符与某个字符串的前m 个字符匹配,则两个字符串可以联接, * 问这n 个字符串最多可以连成一个多长的字符串,如果出现循环,则返回错误。 */ public static void main(String[] args){
  • mongoDB安装 开窍的石头 mongodb安装 基本操作
    mongoDB的安装          1:mongoDB下载   https://www.mongodb.org/downloads         2:下载mongoDB下载后解压     
  • [开源项目]引擎的关键意义 comsci 开源项目
         一个系统,最核心的东西就是引擎。。。。。       而要设计和制造出引擎,最关键的是要坚持。。。。。。       现在最先进的引擎技术,也是从莱特兄弟那里出现的,但是中间一直没有断过研发的    
  • 软件度量的一些方法 cuiyadll 方法
    软件度量的一些方法http://cuiyingfeng.blog.51cto.com/43841/6775/在前面我们已介绍了组成软件度量的几个方面。在这里我们将先给出关于这几个方面的一个纲要介绍。在后面我们还会作进一步具体的阐述。当我们不从高层次的概念级来看软件度量及其目标的时候,我们很容易把这些活动看成是不同而且毫不相干的。我们现在希望表明他们是怎样恰如其分地嵌入我们的框架的。也就是我们度量的
  • XSD中的targetNameSpace解释 darrenzhu xmlnamespacexsdtargetnamespace
    参考链接: http://blog.csdn.net/colin1014/article/details/357694 xsd文件中定义了一个targetNameSpace后,其内部定义的元素,属性,类型等都属于该targetNameSpace,其自身或外部xsd文件使用这些元素,属性等都必须从定义的targetNameSpace中找: 例如:以下xsd文件,就出现了该错误,即便是在一
  • 什么是RAID0、RAID1、RAID0+1、RAID5,等磁盘阵列模式? dcj3sjt126com raid
    RAID 1又称为Mirror或Mirroring,它的宗旨是最大限度的保证用户数据的可用性和可修复性。 RAID 1的操作方式是把用户写入硬盘的数据百分之百地自动复制到另外一个硬盘上。由于对存储的数据进行百分之百的备份,在所有RAID级别中,RAID 1提供最高的数据安全保障。同样,由于数据的百分之百备份,备份数据占了总存储空间的一半,因而,Mirror的磁盘空间利用率低,存储成本高。 Mir
  • yii2 restful web服务快速入门 dcj3sjt126com PHPyii2
    快速入门 Yii 提供了一整套用来简化实现 RESTful 风格的 Web Service 服务的 API。 特别是,Yii 支持以下关于 RESTful 风格的 API: 支持 Active Record 类的通用API的快速原型 涉及的响应格式(在默认情况下支持 JSON 和 XML) 支持可选输出字段的定制对象序列化 适当的格式的数据采集和验证错误
  • MongoDB查询(3)——内嵌文档查询(七) eksliang MongoDB查询内嵌文档MongoDB查询内嵌数组
    MongoDB查询内嵌文档 转载请出自出处:http://eksliang.iteye.com/blog/2177301 一、概述        有两种方法可以查询内嵌文档:查询整个文档;针对键值对进行查询。这两种方式是不同的,下面我通过例子进行分别说明。   二、查询整个文档 例如:有如下文档 db.emp.insert({ &qu
  • android4.4从系统图库无法加载图片的问题 gundumw100 android
    典型的使用场景就是要设置一个头像,头像需要从系统图库或者拍照获得,在android4.4之前,我用的代码没问题,但是今天使用android4.4的时候突然发现不灵了。baidu了一圈,终于解决了。 下面是解决方案: private String[] items = new String[] { "图库","拍照" }; /* 头像名称 */
  • 网页特效大全 jQuery等 ini JavaScriptjquerycsshtml5ini
    HTML5和CSS3知识和特效 asp.net ajax jquery实例 分享一个下雪的特效 jQuery倾斜的动画导航菜单 选美大赛示例 你会选谁 jQuery实现HTML5时钟 功能强大的滚动播放插件JQ-Slide 万圣节快乐!!! 向上弹出菜单jQuery插件 htm5视差动画 jquery将列表倒转顺序 推荐一个jQuery分页插件 jquery animate
  • swift objc_setAssociatedObject block(version1.2 xcode6.4) 啸笑天 version
      import UIKit class LSObjectWrapper: NSObject { let value: ((barButton: UIButton?) -> Void)? init(value: (barButton: UIButton?) -> Void) { self.value = value
  • Aegis 默认的 Xfire 绑定方式,将 XML 映射为 POJO MagicMa_007 javaPOJOxmlAegisxfire
          Aegis 是一个默认的 Xfire 绑定方式,它将 XML 映射为 POJO, 支持代码先行的开发.你开发服 务类与 POJO,它为你生成 XML schema/wsdl XML 和 注解映射概览       默认情况下,你的 POJO 类被是基于他们的名字与命名空间被序列化。如果
  • js get max value in (json) Array qiaolevip 每天进步一点点学习永无止境max纵观千象
    // Max value in Array var arr = [1,2,3,5,3,2];Math.max.apply(null, arr); // 5 // Max value in Jaon Array var arr = [{"x":"8/11/2009","y":0.026572007},{"x"
  • XMLhttpRequest 请求 XML,JSON ,POJO 数据 Luob. POJOjsonAjaxxmlXMLhttpREquest
    在使用XMlhttpRequest对象发送请求和响应之前,必须首先使用javaScript对象创建一个XMLHttpRquest对象。 var xmlhttp; function getXMLHttpRequest(){ if(window.ActiveXObject){ xmlhttp:new ActiveXObject("Microsoft.XMLHTTP
  • jquery wuai jquery
    以下防止文档在完全加载之前运行Jquery代码,否则会出现试图隐藏一个不存在的元素、获得未完全加载的图像的大小 等等 $(document).ready(function(){ jquery代码; }); <script type="text/javascript" src="c:/scripts/jquery-1.4.2.min.js&quo
按字母分类: ABCDEFGHIJKLMNOPQRSTUVWXYZ其他