一、系统初始化操作
1、关闭防火墙
systemctl stop firewalld
2、关闭selinux
setenforce 0
3、关闭swapoff
swapoff -a 临时关闭
4、将桥接的IPV4流量传递到iptables 的链
cat > /etc/sysctl.d/k8s.conf << EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl --system
二、安装docker
1、配置yum源
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
2、安装
yum -y install docker-ce-18.06.1.ce-3.el7
3、配置镜像加速
tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://jnboye7q.mirror.aliyuncs.com"] } EOF
执行docker info查看相关信息
Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 18.06.1-ce Storage Driver: overlay2 Backing Filesystem: xfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 468a545b9edcd5932818eb9de8e72413e616e86e runc version: 69663f0bd4b60df09991c08812a60108003fa340 init version: fec3683 Security Options: seccomp Profile: default Kernel Version: 3.10.0-862.el7.x86_64 Operating System: CentOS Linux 7 (Core) OSType: linux Architecture: x86_64 CPUs: 2 Total Memory: 974.6MiB Name: localhost.localdomain ID: SETU:T4SY:VUJC:PAX6:H7QV:PQNE:IABP:OIWM:MRPK:ZOII:T6M6:CISI Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Registry Mirrors: https://jnboye7q.mirror.aliyuncs.com/ Live Restore Enabled: false
4、启动
systemctl enable docker
systemctl start docker
二、部署
1、配置k8s yum源
cat >/etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
2、安装kubeadm,kubelet和kubectl
直接指定版本安装
yum install -y kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0
3、初始化初始化kubeadm
kubeadm init \ --apiserver-advertise-address=192.168.149.144 \ --image-repository registry.aliyuncs.com/google_containers \ --kubernetes-version v1.18.0 \ --service-cidr=10.96.0.0/12 \ --pod-network-cidr=10.244.0.0/16
—apiserver-advertise-address 集群通告地址 —image-repository 由于默认拉取镜像地址k8s.gcr.io国内无法访问,这里指定阿里云镜像仓库地址。 —kubernetes-version K8s版本,与上面安装的一致 —service-cidr 集群内部虚拟网络,Pod统一访问入口 —pod-network-cidr Pod网络,与下面部署的CNI网络组件yaml中保持一致
error execution phase wait-control-plane: couldn't initialize a Kubernetes cluster To see the stack trace of this error execute with --v=5 or higher 执行中可能会有报错可以通过--v=5看详细错误信息或者通过kubeadm reset重置
kubeadm init --apiserver-advertise-address=192.168.149.144 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.18.0 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 W0818 23:02:36.529316 74075 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io] [init] Using Kubernetes version: v1.18.0 [preflight] Running pre-flight checks [WARNING Service-Docker]: docker service is not enabled, please run 'systemctl enable docker.service' [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/ [preflight] Pulling images required for setting up a Kubernetes cluster [preflight] This might take a minute or two, depending on the speed of your internet connection [preflight] You can also perform this action in beforehand using 'kubeadm config images pull' [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet-start] Starting the kubelet [certs] Using certificateDir folder "/etc/kubernetes/pki" [certs] Generating "ca" certificate and key [certs] Generating "apiserver" certificate and key [certs] apiserver serving cert is signed for DNS names [localhost.localdomain kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 192.168.149.144] [certs] Generating "apiserver-kubelet-client" certificate and key [certs] Generating "front-proxy-ca" certificate and key [certs] Generating "front-proxy-client" certificate and key [certs] Generating "etcd/ca" certificate and key [certs] Generating "etcd/server" certificate and key [certs] etcd/server serving cert is signed for DNS names [localhost.localdomain localhost] and IPs [192.168.149.144 127.0.0.1 ::1] [certs] Generating "etcd/peer" certificate and key [certs] etcd/peer serving cert is signed for DNS names [localhost.localdomain localhost] and IPs [192.168.149.144 127.0.0.1 ::1] [certs] Generating "etcd/healthcheck-client" certificate and key [certs] Generating "apiserver-etcd-client" certificate and key [certs] Generating "sa" key and public key [kubeconfig] Using kubeconfig folder "/etc/kubernetes" [kubeconfig] Writing "admin.conf" kubeconfig file [kubeconfig] Writing "kubelet.conf" kubeconfig file [kubeconfig] Writing "controller-manager.conf" kubeconfig file [kubeconfig] Writing "scheduler.conf" kubeconfig file [control-plane] Using manifest folder "/etc/kubernetes/manifests" [control-plane] Creating static Pod manifest for "kube-apiserver" [control-plane] Creating static Pod manifest for "kube-controller-manager" W0818 23:02:42.488046 74075 manifests.go:225] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC" [control-plane] Creating static Pod manifest for "kube-scheduler" W0818 23:02:42.490800 74075 manifests.go:225] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC" [etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests" [wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s [apiclient] All control plane components are healthy after 23.003466 seconds [upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace [kubelet] Creating a ConfigMap "kubelet-config-1.18" in namespace kube-system with the configuration for the kubelets in the cluster [upload-certs] Skipping phase. Please see --upload-certs [mark-control-plane] Marking the node localhost.localdomain as control-plane by adding the label "node-role.kubernetes.io/master=''" [mark-control-plane] Marking the node localhost.localdomain as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule] [bootstrap-token] Using token: t1mede.eggih8e8e9zitj2g [bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles [bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to get nodes [bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials [bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token [bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster [bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace [kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key [addons] Applied essential addon: CoreDNS [addons] Applied essential addon: kube-proxy Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: kubeadm join 192.168.149.144:6443 --token t1mede.eggih8e8e9zitj2g \ --discovery-token-ca-cert-hash sha256:7da58fded822e1a8710827024979ba3afb7287e781c16728cff0569ba34ada95
记录下node加入集群的命令 kubeadm join 192.168.149.144:6443 --token t1mede.eggih8e8e9zitj2g \ --discovery-token-ca-cert-hash sha256:7da58fded822e1a8710827024979ba3afb7287e781c16728cff0569ba34ada95
拷贝kubectl使用的连接k8s认证文件到默认路径 根据init时的提示执行如下指令 mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
然后可以直接使用kubectl命令了
查看镜像 docker images REPOSITORY TAG IMAGE ID CREATED SIZE registry.aliyuncs.com/google_containers/kube-proxy v1.18.0 43940c34f24f 4 months ago 117MB registry.aliyuncs.com/google_containers/kube-apiserver v1.18.0 74060cea7f70 4 months ago 173MB registry.aliyuncs.com/google_containers/kube-scheduler v1.18.0 a31f78c7c8ce 4 months ago 95.3MB registry.aliyuncs.com/google_containers/kube-controller-manager v1.18.0 d3e55153f52f 4 months ago 162MB registry.aliyuncs.com/google_containers/pause 3.2 80d28bedfe5d 6 months ago 683kB registry.aliyuncs.com/google_containers/coredns 1.6.7 67da37a9a360 6 months ago 43.8MB registry.aliyuncs.com/google_containers/etcd 3.4.3-0 303ce5db0e90 9 months ago 288MB
执行kubectl get nodes查看状态 此时为 NotReady [root@localhost ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION localhost.localdomain NotReady master 33m v1.18.0 后续需要部署容器网络
按照提示, 需要初始化虚拟网络 下载https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml 修改为国内镜像 sed -i -r "s#quay.io/coreos/flannel:.*-amd64#lizhenliang/flannel:v0.11.0-amd64#g" kube-flannel.yml kubectl apply -f kube-flannel.yml 执行过程 podsecuritypolicy.policy/psp.flannel.unprivileged created clusterrole.rbac.authorization.k8s.io/flannel created clusterrolebinding.rbac.authorization.k8s.io/flannel created serviceaccount/flannel created configmap/kube-flannel-cfg created daemonset.apps/kube-flannel-ds-amd64 created daemonset.apps/kube-flannel-ds-arm64 created daemonset.apps/kube-flannel-ds-arm created daemonset.apps/kube-flannel-ds-ppc64le created daemonset.apps/kube-flannel-ds-s390x created
执行kubectl get pods -n kube-system查看
[root@localhost opt]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-7ff77c879f-m2gt9 0/1 Pending 0 33m
coredns-7ff77c879f-xv6mh 0/1 Pending 0 33m
etcd-localhost.localdomain 1/1 Running 0 33m
kube-apiserver-localhost.localdomain 1/1 Running 0 33m
kube-controller-manager-localhost.localdomain 1/1 Running 0 33m
kube-flannel-ds-amd64-wtjcl 1/1 Running 0 38s
kube-proxy-fwsnx 1/1 Running 0 33m
kube-scheduler-localhost.localdomain 1/1 Running 0 33m
执行kubectl get nodes查看maste此时已经为Ready
[root@localhost ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
localhost.localdomain Ready master 33m v1.18.0
安装失败了,清理环境重新安装
kubeadm reset
三、简单使用
名称 简写
componentsstatuses cs
daemonsets ds
deployment deploy
events ev
endpoints ep
horizontalpodautoscalers hpa
ingresses ing
jobs
limitranges limits
nodes no
namspaces ns
pods po
persistentvolumes pv
persistentvolumeclaims pvc
resourcequotas quota
replicationcontrollers rc
secrets
serviceaccounts sa
services svc
默认情况下, master是不能跑业务pod的, 下面的命令可以解除这个限制 kubectl taint node localhost.localdomain node-role.kubernetes.io/master- 其中 localhost.localdomain为主机名
[root@localhost ~]# kubectl -h kubectl controls the Kubernetes cluster manager. Find more information at: https://kubernetes.io/docs/reference/kubectl/overview/ Basic Commands (Beginner): create Create a resource from a file or from stdin. expose Take a replication controller, service, deployment or pod and expose it as a new Kubernetes Service run Run a particular image on the cluster set Set specific features on objects Basic Commands (Intermediate): explain Documentation of resources get Display one or many resources edit Edit a resource on the server delete Delete resources by filenames, stdin, resources and names, or by resources and label selector Deploy Commands: rollout Manage the rollout of a resource scale Set a new size for a Deployment, ReplicaSet or Replication Controller autoscale Auto-scale a Deployment, ReplicaSet, or ReplicationController Cluster Management Commands: certificate Modify certificate resources. cluster-info Display cluster info top Display Resource (CPU/Memory/Storage) usage. cordon Mark node as unschedulable uncordon Mark node as schedulable drain Drain node in preparation for maintenance taint Update the taints on one or more nodes Troubleshooting and Debugging Commands: describe Show details of a specific resource or group of resources logs Print the logs for a container in a pod attach Attach to a running container exec Execute a command in a container port-forward Forward one or more local ports to a pod proxy Run a proxy to the Kubernetes API server cp Copy files and directories to and from containers. auth Inspect authorization Advanced Commands: diff Diff live version against would-be applied version apply Apply a configuration to a resource by filename or stdin patch Update field(s) of a resource using strategic merge patch replace Replace a resource by filename or stdin wait Experimental: Wait for a specific condition on one or many resources. convert Convert config files between different API versions kustomize Build a kustomization target from a directory or a remote url. Settings Commands: label Update the labels on a resource annotate Update the annotations on a resource completion Output shell completion code for the specified shell (bash or zsh) Other Commands: alpha Commands for features in alpha api-resources Print the supported API resources on the server api-versions Print the supported API versions on the server, in the form of "group/version" config Modify kubeconfig files plugin Provides utilities for interacting with plugins. version Print the client and server version information Usage: kubectl [flags] [options] Use "kubectl <command> --help" for more information about a given command. Use "kubectl options" for a list of global command-line options (applies to all commands).
kubectl run使用 kubectl run -h Create and run a particular image in a pod. Examples: # Start a nginx pod. kubectl run nginx --image=nginx # Start a hazelcast pod and let the container expose port 5701. kubectl run hazelcast --image=hazelcast/hazelcast --port=5701 # Start a hazelcast pod and set environment variables "DNS_DOMAIN=cluster" and "POD_NAMESPACE=default" in the container. kubectl run hazelcast --image=hazelcast/hazelcast --env="DNS_DOMAIN=cluster" --env="POD_NAMESPACE=default" # Start a hazelcast pod and set labels "app=hazelcast" and "env=prod" in the container. kubectl run hazelcast --image=hazelcast/hazelcast --labels="app=hazelcast,env=prod" # Dry run. Print the corresponding API objects without creating them. kubectl run nginx --image=nginx --dry-run=client # Start a nginx pod, but overload the spec with a partial set of values parsed from JSON. kubectl run nginx --image=nginx --overrides='{ "apiVersion": "v1", "spec": { ... } }' # Start a busybox pod and keep it in the foreground, don't restart it if it exits. kubectl run -i -t busybox --image=busybox --restart=Never # Start the nginx pod using the default command, but use custom arguments (arg1 .. argN) for that command. kubectl run nginx --image=nginx -- <arg1> <arg2> ... <argN> # Start the nginx pod using a different command and custom arguments. kubectl run nginx --image=nginx --command -- <cmd> <arg1> ... <argN> Options: --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. --attach=false: If true, wait for the Pod to start running, and then attach to the Pod as if 'kubectl attach ...' were called. Default false, unless '-i/--stdin' is set, in which case the default is true. With '--restart=Never' the exit code of the container process is returned. --cascade=true: If true, cascade the deletion of the resources managed by this resource (e.g. Pods created by a ReplicationController). Default true. --command=false: If true and extra arguments are present, use them as the 'command' field in the container, rather than the 'args' field which is the default. --dry-run='none': Must be "none", "server", or "client". If client strategy, only print the object that would be sent, without sending it. If server strategy, submit server-side request without persisting the resource. --env=[]: Environment variables to set in the container. --expose=false: If true, service is created for the container(s) which are run -f, --filename=[]: to use to replace the resource. --force=false: If true, immediately remove resources from API and bypass graceful deletion. Note that immediate deletion of some resources may result in inconsistency or data loss and requires confirmation. --grace-period=-1: Period of time in seconds given to the resource to terminate gracefully. Ignored if negative. Set to 1 for immediate shutdown. Can only be set to 0 when --force is true (force deletion). --hostport=-1: The host port mapping for the container port. To demonstrate a single-machine container. --image='': The image for the container to run. --image-pull-policy='': The image pull policy for the container. If left empty, this value will not be specified by the client and defaulted by the server -k, --kustomize='': Process a kustomization directory. This flag can't be used together with -f or -R. -l, --labels='': Comma separated labels to apply to the pod(s). Will override previous values. --leave-stdin-open=false: If the pod is started in interactive mode or with stdin, leave stdin open after the first attach completes. By default, stdin will be closed after the first attach completes. --limits='': The resource requirement limits for this container. For example, 'cpu=200m,memory=512Mi'. Note that server side components may assign limits depending on the server configuration, such as limit ranges. -o, --output='': Output format. One of: json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-file. --overrides='': An inline JSON override for the generated object. If this is non-empty, it is used to override the generated object. Requires that the object supply a valid apiVersion field. --pod-running-timeout=1m0s: The length of time (like 5s, 2m, or 3h, higher than zero) to wait until at least one pod is running --port='': The port that this container exposes. --quiet=false: If true, suppress prompt messages. --record=false: Record current kubectl command in the resource annotation. If set to false, do not record the command. If set to true, record the command. If not set, default to updating the existing annotation value only if one already exists. -R, --recursive=false: Process the directory used in -f, --filename recursively. Useful when you want to manage related manifests organized within the same directory. --requests='': The resource requirement requests for this container. For example, 'cpu=100m,memory=256Mi'. Note that server side components may assign requests depending on the server configuration, such as limit ranges. --restart='Always': The restart policy for this Pod. Legal values [Always, OnFailure, Never]. If set to 'Always' a deployment is created, if set to 'OnFailure' a job is created, if set to 'Never', a regular pod is created. For the latter two --replicas must be 1. Default 'Always', for CronJobs `Never`. --rm=false: If true, delete resources created in this command for attached containers. --save-config=false: If true, the configuration of current object will be saved in its annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to perform kubectl apply on this object in the future. --serviceaccount='': Service account to set in the pod spec. -i, --stdin=false: Keep stdin open on the container(s) in the pod, even if nothing is attached. --template='': Template string or path to template file to use when -o=go-template, -o=go-template-file. The template format is golang templates [http://golang.org/pkg/text/template/#pkg-overview]. --timeout=0s: The length of time to wait before giving up on a delete, zero means determine a timeout from the size of the object -t, --tty=false: Allocated a TTY for each container in the pod. --wait=false: If true, wait for resources to be gone before returning. This waits for finalizers. Usage: kubectl run NAME --image=image [--env="key=value"] [--port=port] [--dry-run=server|client] [--overrides=inline-json] [--command] -- [COMMAND] [args...] [options] Use "kubectl options" for a list of global command-line options (applies to all commands).
kubectl run --创建并运行一个或多个容器镜像。 --创建一个deployment 或job 来管理容器
启动nginx实例
[root@localhost ~]# kubectl run nginx --image=nginx pod/nginx created
查看 [root@localhost ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx 1/1 Running 0 3m1s
列出Pod以及运行Pod节点信息
kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx 1/1 Running 0 11m 10.244.0.5 localhost.localdomain <none> <none>
通过kubectl describe可以查看一个pod详细信息
kubectl describe pod nginx
[root@localhost ~]# kubectl describe pod nginx Name: nginx Namespace: default Priority: 0 Node: localhost.localdomain/192.168.149.144 Start Time: Wed, 19 Aug 2020 00:07:49 -0700 Labels: run=nginx Annotations: <none> Status: Running IP: 10.244.0.4 IPs: IP: 10.244.0.4 Containers: nginx: Container ID: docker://1275edaeef5fc73ac86c2465b186d25f9b287bee630e6262c16aa266b9867a03 Image: nginx Image ID: docker-pullable://nginx@sha256:b0ad43f7ee5edbc0effbc14645ae7055e21bc1973aee5150745632a24a752661 Port: <none> Host Port: <none> State: Running Started: Wed, 19 Aug 2020 00:09:17 -0700 Ready: True Restart Count: 0 Environment: <none> Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-7w2v9 (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: default-token-7w2v9: Type: Secret (a volume populated by a Secret) SecretName: default-token-7w2v9 Optional: false QoS Class: BestEffort Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 6m43s default-scheduler Successfully assigned default/nginx to localhost.localdomain Normal Pulling 6m39s kubelet, localhost.localdomain Pulling image "nginx" Normal Pulled 5m15s kubelet, localhost.localdomain Successfully pulled image "nginx" Normal Created 5m15s kubelet, localhost.localdomain Created container nginx Normal Started 5m14s kubelet, localhost.localdomain Started container nginx
删除pod [root@localhost opt]# kubectl delete pod nginx pod "nginx" deleted
# 用run命令生成yaml文件 kubectl create deployment nginx --image=nginx -o yaml --dry-run > my.deploy.yaml
apiVersion: apps/v1 kind: Deployment metadata: creationTimestamp: null labels: app: nginx name: nginx spec: replicas: 1 selector: matchLabels: app: nginx strategy: {} template: metadata: creationTimestamp: null labels: app: nginx spec: containers: - image: nginx name: nginx resources: {} status: {}
通过yaml文件创建pod资源 [root@localhost opt]# kubectl create -f my.deploy.yaml deployment.apps/nginx created 其中my.deploy.yaml定义了2个副本 [root@localhost ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-f89759699-d8zg9 1/1 Running 0 56s nginx-f89759699-qt2m9 1/1 Running 0 55s
由于定义了2个副本,此时删除一个pod后k8s会自动再创建一个
[root@localhost ~]# kubectl delete pod nginx-f89759699-d8zg9
pod "nginx-f89759699-d8zg9" deleted
[root@localhost ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-f89759699-qbmnh 0/1 ContainerCreating 0 22s
nginx-f89759699-qt2m9 1/1 Running 0 45m
[root@localhost ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-f89759699-qbmnh 1/1 Running 0 57s
nginx-f89759699-qt2m9 1/1 Running 0 46m
服务并让外部可以访问
kind: Service apiVersion: v1 metadata: name: nginx-service spec: selector: app: nginx ports: - protocol: TCP port: 80 nodePort: 30010 type: NodePort
[root@localhost opt]# kubectl apply -f nginx-service.yaml service/nginx-service created
通过 kubectl get service可以查看服务 [root@localhost opt]# kubectl get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3h1m nginx-service NodePort 10.105.250.182 <none> 80:30010/TCP 3m2s
可以通过 curl 10.105.250.182:80 在内部访问nginx
外部通过curl 192.168.149.144:30010 得到nginx主页的html