在 MacOS 中使用 multipass 安装 microk8s 环境
Multipass & MicroK8S 介绍
Kubernetes 是什么?
Kubernetes 集群通过可靠和可扩展的方式对容器化应用进行托管,使得在 DevOps 思维和体系中,让运维服务、系统升级等工作变得超级简单。
Multipass 是什么?
Multipass 是一款可运行于 Linux、Windows 和 MacOS 的轻量级虚拟机管理器,它专为希望使用单个命令即可启动全新 Ubuntu 环境的开发人员而设计。它在 Linux 上使用 KVM、在 Windows 上使用 Hyper-V、在 MacOS 上使用 HyperKit,以便以最小的开销运行虚拟机。它还可以在 Windows 和 MacOS 上使用 VirtualBox。Multipass 将协助你获取最新镜像,并持续保持更新。
MicroK8S 是什么?
MicroK8S 是 CNCF 认证的 Kubernetes 部署环境,可在工作站或边缘设备上运行。作为一个 snap 包,它可以原生的运行所有 Kubernetes 服务,如果需要还可以打包类库和二进制文件。它的安装仅受限于你的下载速度,而删除 MicroK8S 后不会留下任何痕迹。
安装 multipass & microk8s
安装 multipass 服务
brew search multipass
brew cask info multipass
brew cask install multipass
multipass version
通过 multipass 安装和启动 microk8s 环境
multipass launch --name microk8s-vm --mem 4G --disk 40G
multipass list
multipass stop microk8s-vm
multipass delete microk8s-vm
multipass purge
在虚机中安装 microk8s 服务
multipass exec microk8s-vm -- sudo snap install microk8s --classic
multipass exec microk8s-vm -- sudo iptables -P FORWARD ACCEPT
查看 microk8s 的 snap 包信息,比如版本信息
multipass exec microk8s-vm -- sudo snap info microk8s
增加账号访问权限,简化操作
# 默认 ubuntu 账号无权限操作集群,均需要 sudo
# 可将 ubuntu 账号加入 microk8s 用户组以便简化访问
multipass exec microk8s-vm -- sudo usermod -a -G microk8s ubuntu
multipass exec microk8s-vm -- sudo sudo chown -f -R ubuntu ~/.kube
增加访问公钥,简化操作
# 在 ~/.ssh/authorized_keys 增加自己的公钥,则可方便的进行SSH登录
multipass shell microk8s-vm
ssh ubuntu@192.168.64.2
查看磁盘空间
multipass exec microk8s-vm -- df -kh
查看 kubeconfig 配置
multipass exec microk8s-vm -- /snap/bin/microk8s.config
在 kubeconfig 中可以找到集群信息,可登录查看
server: https://192.168.64.2:16443
username: admin
password: xxx
增加 DNS 插件,必须安装,多处依赖使用
multipass exec microk8s-vm -- /snap/bin/microk8s.enable dns
multipass exec microk8s-vm -- /snap/bin/microk8s.enable dashboard
尝试访问 Grafana 地址
https://192.168.64.2:16443/api/v1/namespaces/kube-system/services/monitoring-grafana/proxy
安装 Dashboard UI
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
使用 Bearer Token 进行鉴权访问
# 为安全考虑,Dashboard UI 需要使用 Bearer Token 进行鉴权访问,使用如下命令获取 Token
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl -n kube-system get secret | grep default-token | cut -d " " -f1
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl -n kube-system describe secret default-token-qqt75
访问 Dashboard UI
https://192.168.64.2:16443/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
查看集群组件状态
multipass exec microk8s-vm -- /snap/bin/microk8s.status
可通过指定配置文件进行访问
# 把kubeconfig保存至本地 /Users/xxx/.kube/microk8s-vm.yml,则可通过指定配置文件进行访问
kubectl --insecure-skip-tls-verify --kubeconfig="/Users/xxx/.kube/microk8s-vm.yml" get pods --all-namespaces
# 把kubeconfig保存至本地 ~/.kube/config,则可通过指定配置文件进行访问
kubectl --insecure-skip-tls-verify get pods --all-namespaces
安装 registry 组件
# The MicroK8s registry will not be enabled by default, so needs run the following to enable it.
multipass exec microk8s-vm -- /snap/bin/microk8s.enable registry
查看集群内组件状态
multipass exec microk8s-vm -- /snap/bin/microk8s.status | grep enabled
urban-iptable-management # 简单的IP地址查询服务,服务自治,无外部依赖
urban-district-management # 简单的省市区查询服务,服务自治,无外部依赖
urban-traffic-management # 简单的模拟服务间调用,依赖 district 服务查询城市信息
urban-gateway-management # 模拟API网关,将访问转发至其他服务
-
Github Repo:https://github.com/gaochundong/urbanboot
本地 docker image 构建
cd urbanboot
docker build -t urban-iptable-management-app:latest --file ./urban-iptable-management/docker/Dockerfile .
docker build -t urban-district-management-app:latest --file ./urban-district-management/docker/Dockerfile .
docker build -t urban-traffic-management-app:latest --file ./urban-traffic-management/docker/Dockerfile .
docker build -t urban-gateway-management-app:latest --file ./urban-gateway-management/docker/Dockerfile .
删除无用镜像
docker images
docker rmi --force $(docker images | grep "^<none>" | awk '{print $3}')
docker images
保存本地镜像至文件
# Save one or more images to a tar archive
docker save -o urban-iptable-management-app.tar urban-iptable-management-app:latest
docker save -o urban-district-management-app.tar urban-district-management-app:latest
docker save -o urban-traffic-management-app.tar urban-traffic-management-app:latest
docker save -o urban-gateway-management-app.tar urban-gateway-management-app:latest
拷贝镜像文件至 microk8s 机器
scp ./urban-iptable-management-app.tar ubuntu@192.168.64.2:/tmp
scp ./urban-district-management-app.tar ubuntu@192.168.64.2:/tmp
scp ./urban-traffic-management-app.tar ubuntu@192.168.64.2:/tmp
scp ./urban-gateway-management-app.tar ubuntu@192.168.64.2:/tmp
安装镜像至 registry
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr namespaces list
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images list -q
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images import /tmp/urban-iptable-management-app.tar
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images import /tmp/urban-district-management-app.tar
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images import /tmp/urban-traffic-management-app.tar
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images import /tmp/urban-gateway-management-app.tar
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images list -q | grep urban
删除镜像
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images remove docker.io/library/urban-iptable-management-app:latest
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images remove docker.io/library/urban-district-management-app:latest
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images remove docker.io/library/urban-traffic-management-app:latest
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images remove docker.io/library/urban-gateway-management-app:latest
在部署文件中配置镜像位置
# 替换deployment.yaml文件中的image路径
/Users/xxx/g/github/urbanboot/urban-district-management/kubernetes/deployment.yaml
创建 Namespace
kubectl --insecure-skip-tls-verify create namespace urbanboot
部署应用
kubectl --insecure-skip-tls-verify apply -f /Users/xxx/g/github/urbanboot/urban-iptable-management/kubernetes/deployment.yaml -n urbanboot
kubectl --insecure-skip-tls-verify apply -f /Users/xxx/g/github/urbanboot/urban-district-management/kubernetes/deployment.yaml -n urbanboot
kubectl --insecure-skip-tls-verify apply -f /Users/xxx/g/github/urbanboot/urban-traffic-management/kubernetes/deployment.yaml -n urbanboot
kubectl --insecure-skip-tls-verify apply -f /Users/xxx/g/github/urbanboot/urban-gateway-management/kubernetes/deployment.yaml -n urbanboot
查看部署
kubectl --insecure-skip-tls-verify get deployments -n urbanboot
kubectl --insecure-skip-tls-verify get pods -n urbanboot
删除部署,会自动删除 Pods
kubectl --insecure-skip-tls-verify delete deployment urban-iptable-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete deployment urban-district-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete deployment urban-traffic-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete deployment urban-gateway-management-app -n urbanboot
kubectl --insecure-skip-tls-verify get services -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose -h
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-iptable-management-app --type=ClusterIP --port=7200 --name=urban-iptable-management-app -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-iptable-management-app --type=NodePort --port=7200 --name=urban-iptable-management-nodeport -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-district-management-app --type=ClusterIP --port=7200 --name=urban-district-management-app -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-district-management-app --type=NodePort --port=7200 --name=urban-district-management-nodeport -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-traffic-management-app --type=ClusterIP --port=7200 --name=urban-traffic-management-app -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-traffic-management-app --type=NodePort --port=7200 --name=urban-traffic-management-nodeport -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-gateway-management-app --type=ClusterIP --port=7200 --name=urban-gateway-management-app -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-gateway-management-app --type=NodePort --port=7200 --name=urban-gateway-management-nodeport -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-traffic-management-app --type=LoadBalancer --port=7200 --name=urban-traffic-management-loadbalancer -n urbanboot
- 参考:Kubernetes NodePort vs LoadBalancer vs Ingress? When should I use what?
- The big downside is that each service you expose with a LoadBalancer will get its own IP address, and you have to pay for a LoadBalancer per exposed service, which can get expensive!
使用配置文件创建 Service
kubectl --insecure-skip-tls-verify expose -f /Users/xxx/g/github/urbanboot/urban-traffic-management/kubernetes/service.yaml -n urbanboot
kubectl --insecure-skip-tls-verify expose -f /Users/xxx/g/github/urbanboot/urban-traffic-management/kubernetes/nodeport.yaml -n urbanboot
删除 Service
kubectl --insecure-skip-tls-verify delete service urban-iptable-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-iptable-management-nodeport -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-district-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-district-management-nodeport -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-traffic-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-traffic-management-nodeport -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-gateway-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-gateway-management-nodeport -n urbanboot
查一下 TCP 端口监听
multipass exec microk8s-vm -- netstat -nl -t
查看部署事件,按照时间排序
kubectl --insecure-skip-tls-verify get events -n urbanboot --sort-by=.metadata.creationTimestamp
查看 Pod 日志
kubectl --insecure-skip-tls-verify get pods -n urbanboot
kubectl --insecure-skip-tls-verify describe pod urban-traffic-management-app-58d7578547-p277h -n urbanboot
kubectl --insecure-skip-tls-verify logs urban-traffic-management-app-58d7578547-p277h -n urbanboot
kubectl --insecure-skip-tls-verify logs urban-traffic-management-app-58d7578547-p277h -n urbanboot --tail=20
查看 Endpoint 信息
# Spring Cloud Kubernetes 会通过 API 查询 Endpoints
kubectl --insecure-skip-tls-verify get services -n urbanboot
kubectl --insecure-skip-tls-verify get endpoints -n urbanboot
kubectl --insecure-skip-tls-verify get all --all-namespaces
kubectl --insecure-skip-tls-verify get all -n urbanboot
kubectl --insecure-skip-tls-verify describe services urban-traffic-management-nodeport -n urbanboot
kubectl --insecure-skip-tls-verify describe services urban-traffic-management-app -n urbanboot
访问 NodePort 端口
curl -s http://192.168.64.2:30211
curl -s http://192.168.64.2:30211 -i
curl -s http://192.168.64.2:30211 -v
登录 Pod 环境
kubectl --insecure-skip-tls-verify exec -it urban-traffic-management-app-58d7578547-p277h -n urbanboot -- /bin/bash
查看 Java 进程
java -version
env | grep JAVA
ps -ef|grep java
版权声明:本篇文章《在 MacOS 中使用 multipass 安装 microk8s 环境》由作者 Dennis Gao 发表自博客园个人技术博客,未经作者本人同意禁止以任何的形式转载,任何自动的或人为的爬虫转载行为均为耍流氓。