本文记录使用kubeadm管理工具安装部署kubernetes集群的过程。本集群包含两台主机,一台master节点,一台node节点。若有多台node节点,依照加入集群的步骤把其余主机依次加入集群即可。
说明:网络限制是本次安装的难点,我们的机器都在公司内网,仅可以使用代理连接到外网。本次部署过程中,一共有4处地方涉及到外网连接:yum install、docker pull、helm install 是配置代理连接;kubectl apply 是把远程网络上的配置文件下载到本地之后,再本地读取。
1. 系统信息本次我们搭建一个只有一个master节点、一个node节点的简单集群。
主机:
master节点:ac3-node06 = 10.129.5.77node节点:ac3-node06= 10.129.5.78
软件版本:
*** 作系统:CentOS7.3kubernetes:v1.23.1kubeadm:v1.23.1 2. 安装部署 2.1 安装前准备
为了减少安装过程中遇到的报错等麻烦,两台主机做好如下的准备工作。
2.1.1 配置hosts[root@ac3-node06 ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 10.129.5.77 ac3-node06 10.129.5.78 ac3-node05 [root@ac3-node06 ~]#2.1.2 禁用防火墙
[root@ac3-node06 ~]# systemctl disable iptables-services firewalld
关闭swap缓存 2.1.3 关闭swap缓存
2.2 安装kubeadm、kubelet、kubectl这个步骤要在两台主机上分别安装kubeadm、kubelet、kubectl。
kubeadm:引导集群的命令行工具。kubelet:在集群中的所有机器上运行并执行诸如启动 pod 和容器之类的 *** 作的组件。kubectl:与您的集群对话的命令行工具。
注意:三者在安装时,要考虑版本兼容问题。
2.2.1 配置内核参数sudo modprobe br_netfilter lsmod | grep br_netfilter cat <2.2.2 安装kubeadmin、kubelet、kubectl # 配置镜像源 cat <2.3 使用kubeadm来创建kubernetes集群(master节点) 如下步骤只需要在master主机上 *** 作,node主机不需要。
2.3.1 启动Docker服务kubeadm初始化之前,需要先启动Docker服务,初始化时,docker pull联网拉取镜像。
启动Docker服务
# 启动docker systemctl enable docker.service systemctl start docker.service给Docker配置代理(若有需要)
# 创建配置文件路径 mkdir -p /etc/systemd/system/docker.service.d # 配置http代理 vi /etc/systemd/system/docker.service.d/http-proxy.conf 写入 [Service] Environment="HTTP_PROXY=http://proxy_user:proxy_password@proxy_hostname:port" "NO_PROXY=localhost,*.samwong.im,192.168.0.0/16,127.0.0.1,10.244.0.0/16" # 配置https代理 vi /etc/systemd/system/docker.service.d/https-proxy.conf 写入 [Service] Environment="HTTPS_PROXY=http://proxy_user:proxy_password@proxy_hostname:port" "NO_PROXY=localhost,*.samwong.im,192.168.0.0/16,127.0.0.1,10.244.0.0/16" # 重启docker systemctl daemon-reload && systemctl restart docker # 查看代理生效 docker info2.3.2 初始化kubeadm
初始化kubeadm
kubeadm init --help # --apiserver-advertise-address:master本机IP # --image-repository:指定阿里云镜像仓库地址 # --service-cidr:为service VIPs使用不同的IP地址(默认10.96.0.0/12) # --pod-network-cidr:POD的网段 # 初始化 kubeadm init --kubernetes-version=1.23.1 --apiserver-advertise-address=10.129.5.77 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 ...... # 初始化成功 Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config Alternatively, if you are the root user, you can run: export KUBEConFIG=/etc/kubernetes/admin.conf You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: kubeadm join 10.129.5.77:6443 --token p6kb2h.ndduahfcvppw71x5 --discovery-token-ca-cert-hash sha256:d02ac1b5a5cb359131d7ff43cd5d88ad58fb7e6412bb66cec28f168be0bf9924 [root@ac3-node06 ~]#根据上面初始化成功的提示,在开始使用集群之前,需要执行命令(生产环境使用非root按上面的提示 *** 作)
[root@ac3-node06 ~]# export KUBEConFIG=/etc/kubernetes/admin.conf现在就可以使用kubectl命令访问集群了
[root@ac3-node06 ~]# echo "export KUBEConFIG=/etc/kubernetes/admin.conf" >> /etc/profile [root@ac3-node06 ~]# source /etc/profile [root@ac3-node06 ~]# kubectl get node NAME STATUS ROLES AGE VERSION ac3-node06 NotReady control-plane,master 46m v1.23.1只不过现在master节点还是NotReady状态,这是因为默认情况下,为了保证master的安全,master是不会被分配工作负载的。在安装了下面的网络插件之后,master状态可以变为Ready。
2.3.3 安装Pod网络插件(一般都是CNI)Pod的网络插件有很多种,参见官方文档。本文选择部署Flannel网络插件,让Pod内部服务之间可以相互通讯。注意,每个节点都要安装。
# 这真是曲折的一步啊,因为我的服务器在内网,连不上flannel.yml服务器,命令执行一直报错 [root@ac3-node06 ~]# kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/documentation/kube-flannel.yml The connection to the server raw.githubusercontent.com was refused - did you specify the right host or port? [root@ac3-node06 ~]# # 最后解决的办法是,先去可以上网的电脑吧yml文件下载下来,放到master服务器上,再本地读取执行 [root@ac3-node06 downloads]# ls -ltr kube-flannel.yml -rw-r--r-- 1 root root 5199 Jan 15 16:54 kube-flannel.yml [root@ac3-node06 downloads]# kubectl apply -f kube-flannel.yml Warning: policy/v1beta1 PodSecurityPolicy is deprecated in v1.21+, unavailable in v1.25+ podsecuritypolicy.policy/psp.flannel.unprivileged created clusterrole.rbac.authorization.k8s.io/flannel created clusterrolebinding.rbac.authorization.k8s.io/flannel created serviceaccount/flannel created configmap/kube-flannel-cfg created daemonset.apps/kube-flannel-ds created [root@ac3-node06 downloads]# # flannel插件安装完成 # 此时,master已经是Ready状态了 [root@ac3-node06 downloads]# kubectl get node NAME STATUS ROLES AGE VERSION ac3-node06 Ready control-plane,master 118m v1.23.12.4 向kubernetes集群添加node节点kubernetes集群master节点状态已经OK,接下来我们把另一台node节点加入到集群中。
2.4.1 kubeadm join 添加节点去node节点上执行kubeadm join命令,将node节点加入kubernetes集群
[root@ac3-node05 ~]# kubeadm join 10.129.5.77:6443 --token p6kb2h.ndduahfcvppw71x5 --discovery-token-ca-cert-hash sha256:d02ac1b5a5cb359131d7ff43cd5d88ad58fb7e6412bb66cec28f168be0bf9924 [preflight] Running pre-flight checks [preflight] Reading configuration from the cluster... [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml' [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Starting the kubelet [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap... This node has joined the cluster: * Certificate signing request was sent to apiserver and a response was received. * The Kubelet was informed of the new secure connection details. Run 'kubectl get nodes' on the control-plane to see this node join the cluster. [root@ac3-node05 ~]#节点加入集群成功,根据上面的成功提示,我们可以回到master节点,使用kubectl get nodes命令查看node节点的加入状况
[root@ac3-node06 ~]# kubectl get node NAME STATUS ROLES AGE VERSION ac3-node05 Ready17m v1.23.1 ac3-node06 Ready control-plane,master 118m v1.23.1 [root@ac3-node06 ~]# Node节点加入集群成功,状态正常。
2.5 安装Dashboard插件上面所有的 *** 作,我们都是在linux主机上,通过命令行来执行的,对整个集群没有一个整体的认识, *** 作起来也不便利。此时,我们需要一个可视化的 *** 作界面,来改善这个问题:Dashboard插件。
Kubernetes Dashboard 是用于 Kubernetes 集群的通用、基于 Web 的 UI。 它允许用户管理集群中运行的应用程序并对其进行故障排除,以及管理集群本身。它需要去master节点上安装。
# 安装插件 [root@ac3-node06 downloads]# kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml The connection to the server raw.githubusercontent.com was refused - did you specify the right host or port? [root@ac3-node06 downloads]# # 看到没,报错了!没错,内网服务器还是连接不了https://raw.githubusercontent.com,仍然使用上面安装flannel插件的办法,把yaml配置文件(https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml)先下载到本地,再本地读取加载 # 下载yaml到本地,本地读取加载 [root@ac3-node06 downloads]# ls -ltr recommended.yaml -rw-r--r-- 1 root root 7543 Jan 15 17:07 recommended.yaml # 这里我们多做一步:由于默认Dashboard只能集群内部访问,使用默认配置安装的dashboard插件,只允许我们通过集群local master主机的浏览器来访问集群的UI,对我们来说太不方便了。因此修改Service为NodePort类型,让UI暴露到集群外部可以访问 [root@ac3-node06 downloads]# vi recommended.yaml # 添加两行配置 kind: Service apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard spec: type: NodePort ---- 添加一行 ports: - port: 443 targetPort: 8443 nodePort: 30001 ---- 添加一行 selector: k8s-app: kubernetes-dashboard # apply本地yaml文件,再次安装 [root@ac3-node06 downloads]# kubectl apply -f recommended.yaml namespace/kubernetes-dashboard unchanged serviceaccount/kubernetes-dashboard unchanged service/kubernetes-dashboard configured secret/kubernetes-dashboard-certs unchanged secret/kubernetes-dashboard-csrf configured Warning: resource secrets/kubernetes-dashboard-key-holder is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically. secret/kubernetes-dashboard-key-holder configured configmap/kubernetes-dashboard-settings unchanged role.rbac.authorization.k8s.io/kubernetes-dashboard unchanged clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard unchanged rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard unchanged clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard unchanged deployment.apps/kubernetes-dashboard unchanged service/dashboard-metrics-scraper unchanged deployment.apps/dashboard-metrics-scraper unchanged [root@ac3-node06 downloads]# # 查看pod中是否有dashboard [root@ac3-node06 downloads]# kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-6d8c4cb4d-bm2sz 1/1 Running 0 163m kube-system coredns-6d8c4cb4d-rtxkk 1/1 Running 0 163m kube-system etcd-ac3-node06 1/1 Running 0 163m kube-system kube-apiserver-ac3-node06 1/1 Running 0 163m kube-system kube-controller-manager-ac3-node06 1/1 Running 0 163m kube-system kube-flannel-ds-sqgsj 1/1 Running 0 50m kube-system kube-flannel-ds-tl5x6 1/1 Running 0 50m kube-system kube-proxy-75fdb 1/1 Running 0 63m kube-system kube-proxy-s56vm 1/1 Running 0 163m kube-system kube-scheduler-ac3-node06 1/1 Running 0 163m kubernetes-dashboard dashboard-metrics-scraper-799d786dbf-n2rch 1/1 Running 0 36m kubernetes-dashboard kubernetes-dashboard-6b6b86c4c5-tm5k4 1/1 Running 0 36m [root@ac3-node06 downloads]# # 最下面两行,dashbaord有了。查看dashboard信息 [root@ac3-node06 downloads]# kubectl describe service kubernetes-dashboard --namespace=kubernetes-dashboard Name: kubernetes-dashboard Namespace: kubernetes-dashboard Labels: k8s-app=kubernetes-dashboard Annotations:Selector: k8s-app=kubernetes-dashboard Type: NodePort IP Family Policy: SingleStack IP Families: IPv4 IP: 10.104.204.178 IPs: 10.104.204.178 Port: 443/TCP TargetPort: 8443/TCP NodePort: 30001/TCP Endpoints: 10.244.1.3:8443 Session Affinity: None External Traffic Policy: Cluster Events: [root@ac3-node06 downloads]# # 查看dashboard部署在哪个节点上 [root@ac3-node06 downloads]# kubectl get pods --namespace=kubernetes-dashboard -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES dashboard-metrics-scraper-799d786dbf-n2rch 1/1 Running 0 38m 10.244.1.4 ac3-node05 kubernetes-dashboard-6b6b86c4c5-tm5k4 1/1 Running 0 38m 10.244.1.3 ac3-node05 [root@ac3-node06 downloads]# 此时,Dashboard插件安装完成,我们就可以通过浏览器去访问了:https://master主机名:30001
然后创建登陆dashboard的token令牌
# 创建serviceaccount账户 [root@ac3-node06 ~]# kubectl create serviceaccount dashboard-admin -n kube-system serviceaccount/dashboard-admin created [root@ac3-node06 downloads]# kubectl get sa -n kubernetes-dashboard NAME SECRETS AGE default 1 48m kubernetes-dashboard 1 48m [root@ac3-node06 ~]# # 把serviceaccount绑定在clusteradmin,授权serviceaccount用户具有整个集群的访问管理权限 [root@ac3-node06 downloads]# kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created [root@ac3-node06 downloads]# # 获取serviceaccount的secret信息,可得到token的信息 [root@ac3-node06 ~]# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}') Name: dashboard-admin-token-7fh58 Namespace: kube-system Labels:Annotations: kubernetes.io/service-account.name: dashboard-admin kubernetes.io/service-account.uid: 57c6a4f7-ad88-4702-aad0-9e2a0215dacc Type: kubernetes.io/service-account-token Data ==== namespace: 11 bytes token: eyJhbGciOiJSUzI1NiIsImtpZCI6ImZYdGFKLTFXRDVGbkFXa3NrWi1MRk95VVJPY2xwQl92RzlsX3VwbXFsR0EifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tN2ZoNTgiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNTdjNmE0ZjctYWQ4OC00NzAyLWFhZDAtOWUyYTAyMTVkYWNjIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.SRvzZxH0gzo8fG1MmRQZGOgi3PnyQ79XKTKx4J8x9nlwolbcBo66dU_LaDEVgrzSx3r9D5M6a9ISBXjhGv9teTZ5MeoAB84y327zRXEOEWeMUG6mnXXAE7X1qmMHTNlbLLpRNC8XF3STW2Swq3PhCrolGIBfwUe46Kh9PbBXxQzbLmdmUOxqxy4eX_b2xqcmVY9bGXuw2Zthr0Ue5XGqFRzVW7FvN678IDsoZszrxA5oo1qKdKPCWuuk2zx6eQqsV5an0Uq_BugGpc_tjhW_DvPuB9n2d6nHBdDokBiustiKNpr9Cm_LL5EYepDmxzq4dguDgU_J3OZpvZCy2xBM3w ca.crt: 1099 bytes [root@ac3-node06 downloads]# # 这里创建的token,就是我们要用来在Dashboard UI上面登陆使用的Token。我们不用记它,使用下面的命令可以快捷查看 # 快捷查看token的命令 kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/admin/{print $1}') 接下来去浏览器的登录页输入token,即可成功登入
至此,DashBoard插件安装完成,以后的集群管理和应用部署,就都可以在这个界面来管理了。
3. 部署容器化应用kubernetes集群搭建完以后,部署容器化应用的方式有几种,可以去master主机上通过命令行的方式来部署,也可以使用helm包管理工具部署,还可以在Dashboard界面通过手动添加的方式来部署。
3.1 使用命令行的方式部署容器化应用用在没有Dashboard时,我们可以去master主机上,用命令行的方式来创建容器化应用。下面我们来部署一个MySQL服务。
3.1.1 创建服务Service创建一个Service,为即将部署的MySQL数据库固定连接的IP,同时提供负载均衡。
新建mysql-service配置文件
[root@ac3-node06 downloads]# vi mysql-service.yaml 写入下面的内容 apiVersion: v1 kind: Service metadata: name: mysql spec: selector: app: mysql ports: - port: 3306 # 创建资源 [root@ac3-node06 downloads]# kubectl create -f mysql-service.yaml service/mysql created [root@ac3-node06 downloads]#上面这个配置创建了一个名称为mysql的Service对象,它会将请求代理到 使用TCP端口3306、并且具有标签app=mysql的Pod上。
3.1.2 创建持久卷PV创建一个MySQL的持久卷mysql-pv.yaml(当Pod不再存在时,Kubernetes也会销毁临时卷,不过持久卷不会被销毁)。
# 新建pv配置文件 [root@ac3-node06 downloads]# vi mysql-pv.yaml 写入下面的内容 apiVersion: v1 kind: PersistentVolume metadata: name: mysql-pv labels: type: local spec: storageClassName: manual capacity: storage: 20Gi accessModes: - ReadWriteonce # 卷可以被一个节点以读写方式挂载 hostPath: path: "/mnt/data" # 创建资源 [root@ac3-node06 downloads]# kubectl create -f mysql-pv.yaml3.1.3 创建持久卷声明PVC持久卷是集群中的资源,而持久卷声明是对这些资源的请求,是被用来执行对资源的声明检查。下面我们将创建名称为mysql-pvc的持久卷声明 mysql-pvc.yaml
# 新建pvc配置文件 [root@ac3-node06 downloads]# vi mysql-pvc.yaml 写入下面的内容 apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql-pvc spec: storageClassName: manual accessModes: - ReadWriteonce resources: requests: storage: 20Gi # 创建资源 [root@ac3-node06 downloads]# kubectl create -f mysql-pvc.yaml3.1.4 部署MySQL在3306端口上使用MySQL5.7的镜像创建Pod,mysql-deployment.yaml
# 新建deployment配置文件 [root@ac3-node06 downloads]#vi mysql-deployment.yaml 写入配置 apiVersion: apps/v1 kind: Deployment metadata: name: mysql spec: selector: matchLabels: app: mysql strategy: type: Recreate template: metadata: labels: app: mysql spec: containers: - image: mysql:5.7 name: mysql env: - name: MYSQL_ROOT_PASSWORD # 生产环境中请使用 secret value: password ports: - containerPort: 3306 name: mysql volumeMounts: - name: mysql-data mountPath: /var/lib/mysql volumes: - name: mysql-data persistentVolumeClaim: claimName: mysql-pvc # 创建资源 [root@ac3-node06 downloads]# kubectl create -f mysql-deployment.yaml这时候MySQL就部署好了,我们可以使用命令行来连接MySQL了。
[root@ac3-node06 downloads]# kubectl run -it --rm --image=mysql:5.7 --restart=Never mysql-client -- mysql -hmysql -ppassword3.2 使用Helm来部署集成好的常规应用Helm又被称为kubernetes界的yum,它是kubernetes的包管理器。常规的基础服务可以通过Helm来部署。
Helm包含两个组件,Helm客户端和Tiller服务器。Helm客户端负责chart和release的创建和管理以及和Tiller的交互。Tiller服务器运行在kubernetes集群中,它会处理Helm客户端的请求,与kubernetes API Server交互。
3.2.1 Helm部署Helm的客户端安装很简单,只要下载helm源码包并解压到master节点的/usr/local/bin/目录下即可
# helm安装文档:https://helm.sh/docs/intro/install/ # 下载helm,从https://github.com/helm/helm/releases选择与kubernetes兼容的版本下载(helm和kubernetes的版本对照关系:https://helm.sh/docs/topics/version_skew/) # 这里因为我们服务器在内网,wget使用了代理 [root@ac3-node06 downloads]# wget https://get.helm.sh/helm-v3.7.2-linux-amd64.tar.gz -e use_proxy=yes -e http_proxy=http://username:[email protected]:port --no-check-certificate # 解压helm [root@ac3-node06 downloads]# tar -zxvf helm-v3.7.2-linux-amd64.tar.gz # 把helm移动到bin目录下 [root@ac3-node06 downloads]# mv linux-amd64/helm /usr/local/bin/helm [root@ac3-node06 downloads]# helm version version.BuildInfo{Version:"v3.7.2", GitCommit:"663a896f4a815053445eec4153677ddc24a0a361", GitTreeState:"clean", GoVersion:"go1.16.10"} [root@ac3-node06 downloads]# # 初始化Helm Chart仓库 # 这里还是因为我们是内网机器,先设置代理,让helm可以通过代理联网 [root@ac3-node06 ~]# export http_proxy=http://proxy_user:proxy_password@proxy_hostname:port [root@ac3-node06 ~]# export https_proxy=http://proxy_user:proxy_password@proxy_hostname:port # 初始化Helm Chart仓库 [root@ac3-node06 ~]# helm repo add bitnami https://charts.bitnami.com/bitnami "bitnami" has been added to your repositories [root@ac3-node06 ~]# # 初始化完成,查看所有chart列表 [root@ac3-node06 ~]# helm search repo bitnami NAME CHART VERSION APP VERSION DEscriptION bitnami/bitnami-common 0.0.9 0.0.9 DEPRECATED Chart with custom templates used in ... bitnami/airflow 11.3.0 2.2.3 Apache Airflow is a platform to programmaticall... bitnami/apache 9.0.0 2.4.52 Chart for Apache HTTP Server ... [root@ac3-node06 ~]# # 取消全局代理 [root@ac3-node06 ~]# unset http_proxy [root@ac3-node06 ~]# unset https_proxyHelm安装完成,这时候我们就可以使用Helm来部署MySQL服务了。
3.2.2 部署MySQL在部署MySQL之前,更新下Helm Chart仓库
[root@ac3-node06 ~]# helm repo update Hang tight while we grab the latest from your chart repositories... ...Successfully got an update from the "bitnami" chart repository Update Complete. ⎈Happy Helming!⎈ [root@ac3-node06 ~]#安装MySQL
# 查看helm源里面MySQL的版本 [root@ac3-node06 ~]# helm search repo bitnami/mysql NAME CHART VERSION APP VERSION DEscriptION bitnami/mysql 8.8.21 8.0.27 Chart to create a Highly available MySQL cluster [root@ac3-node06 ~]# # 安装MySQL [root@ac3-node06 ~]# helm install bitnami/mysql --generate-name Error: INSTALLATION FAILED: failed to download "bitnami/mysql" [root@ac3-node06 ~]#它报错了,下载MySQL失败,原因是helm install是要联网下载的,我们是内网服务器,需要设置代理。
设置全局代理,再试
[root@ac3-node06 ~]# export http_proxy=http://proxy_user:proxy_password@proxy_hostname:port [root@ac3-node06 ~]# export https_proxy=http://proxy_user:proxy_password@proxy_hostname:port [root@ac3-node06 ~]# helm install bitnami/mysql --generate-name Error: INSTALLATION FAILED: Kubernetes cluster unreachable: 6443/version?timeout=32s": Forbidden [root@ac3-node06 ~]#这回报错不一样了:连不上kubernetes集群。
查很多资料,有说是helm要设置k3s的KUBECONFIG的,有说是chart源码bug的,都没有解决我的问题。后来翻到一篇文章,博主讲到是因为设置了全局代理导致连不上内网的kubernetes集群。这时想到,设置全局代理的时候把kubernetes集群master主机的IP地址给过掉。
试试,这回可以了
[root@ac3-node06 ~]# export https_proxy=http://proxy_user:proxy_password@proxy_hostname:port no_proxy=10.129.5.77 [root@ac3-node06 ~]# export http_proxy=http://proxy_user:proxy_password@proxy_hostname:port no_proxy=10.129.5.77 [root@ac3-node06 ~]# helm install bitnami/mysql --generate-name NAME: mysql-1642489096 LAST DEPLOYED: Tue Jan 18 14:58:20 2022 NAMESPACE: default STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: CHART NAME: mysql CHART VERSION: 8.8.21 APP VERSION: 8.0.27 ** Please be patient while the chart is being deployed ** Tip: Watch the deployment status using the command: kubectl get pods -w --namespace default Services: echo Primary: mysql-1642489096.default.svc.cluster.local:3306 Execute the following to get the administrator credentials: echo Username: root MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace default mysql-1642489096 -o jsonpath="{.data.mysql-root-password}" | base64 --decode) To connect to your database: 1. Run a pod that you can use as a client: kubectl run mysql-1642489096-client --rm --tty -i --restart='Never' --image docker.io/bitnami/mysql:8.0.27-debian-10-r78 --namespace default --command -- bash 2. To connect to primary service (read/write): mysql -h mysql-1642489096.default.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD" To upgrade this helm chart: 1. Obtain the password as described on the 'Administrator credentials' section and set the 'root.password' parameter as shown below: ROOT_PASSWORD=$(kubectl get secret --namespace default mysql-1642489096 -o jsonpath="{.data.mysql-root-password}" | base64 --decode) helm upgrade --namespace default mysql-1642489096 bitnami/mysql --set auth.rootPassword=$ROOT_PASSWORD [root@ac3-node06 ~]# # 查看mysql部署的情况 [root@ac3-node06 ~]# kubectl get pods -w --namespace default NAME READY STATUS RESTARTS AGE mysql-1642489096-0 0/1 Pending 0 13m [root@ac3-node06 ~]#这时候回到Dashboard,可以看到MySQL服务了。
这时候根据上面安装成功的提示,连接使用MySQL即可。
3.3 使用Dashboard来部署容器化应用除了使用上面的命令行方式以外,容器化应用的部署过程也可以通过 *** 作Dashboard来完成。
通过Dashboard UI来部署容器化应用有三种方式:手动编辑YAML/JSON配置文件部署、上传本地YAML/JSON配置文件部署、根据向导部署。
这里我们使用第三种,根据向导填入内容,点击部署,来部署一个nginx服务。
部署成功
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)