K8s集群环境搭建

K8s集群环境搭建

1、环境规划

1.1 集群类型

Kubernetes集群大体上分为两类:一主多从多主多从

  • 一主多从:一台master节点和多台node节点,搭建简单,但是有单机故障风险,适用于测试环境
  • 多主多从:多台master节点和多台node节点,搭建麻烦,安全性高,适用于生产环境

image-20221117141443024

1.2 安装方式

Kubernetes有多种部署方式,目前主流的方式有kubeadmminikube二进制包

说明:现在需要安装kubernetes的集群环境,但是又不想过于麻烦,所有选择使用kubeadm方式

1.3 准备环境

image-20221117141842079

角色 ip地址 组件
master 192.168.111.100 docker,kubectl,kubeadm,kubelet
node1 192.168.111.101 docker,kubectl,kubeadm,kubelet
node2 192.168.111.102 docker,kubectl,kubeadm,kubelet

2、环境搭建

说明:

本次环境搭建需要安装三台Linux系统(一主二从),内置centos7.5系统,然后在每台linux中分别安装docker。kubeadm(1.25),kubelet(1.25.4),kubelet(1.25.4).

2.1 主机安装

  • 安装虚拟机过程中注意下面选项的设置:

  • 操作系统环境:cpu2个 内存2G 硬盘50G centos7+

  • 语言:中文简体/英文

  • 软件选择:基础设施服务器

  • 分区选择:自动分区/手动分区

  • 网络配置:按照下面配置网络地址信息

  • 网络地址:192.168.100.(100、10、20)

  • 子网掩码:255.255.255.0

  • 默认网关:192.168.100.254

  • DNS:8.8.8.8

  • 主机名设置:

  • Master节点:master

  • Node节点:node1

  • Node节点:node2

2.2 环境初始化

  1. 查看操作系统的版本

    # 此方式下安装kubernetes集群要求Centos版本要在7.5或之上
    [root@master ~]#cat /etc/redhat-release
    CentOS Stream release 8
    
  2. 主机名解析 (三个节点都做)

    # 为了方便集群节点间的直接调用,在这个配置一下主机名解析,企业中推荐使用内部DNS服务器
    [root@master ~]#cat >> /etc/hosts << EOF
    > 192.168.111.100 master.example.com master
    > 192.168.111.101 node1.example.com node1
    > 192.168.111.102 node2.example.com node2
    > EOF
    
    [root@master ~]#scp /etc/hosts [email protected]:/etc/hosts
    The authenticity of host '192.168.111.101 (192.168.111.101)' can't be established.
    ECDSA key fingerprint is SHA256:0UQKIYmXwgllRaiKyKIR8RaO8bzS7GGb5180xGHoiMI.
    Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
    Warning: Permanently added '192.168.111.101' (ECDSA) to the list of known hosts.
    [email protected]'s password: 
    hosts                                                                                       100%  280   196.1KB/s   00:00    
    [root@master ~]#scp /etc/hosts [email protected]:/etc/hosts
    The authenticity of host '192.168.111.102 (192.168.111.102)' can't be established.
    ECDSA key fingerprint is SHA256:0UQKIYmXwgllRaiKyKIR8RaO8bzS7GGb5180xGHoiMI.
    Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
    Warning: Permanently added '192.168.111.102' (ECDSA) to the list of known hosts.
    [email protected]'s password: 
    hosts                            
    
  3. 时钟同步

    # kubernetes要求集群中的节点时间必须精确一致,这里使用chronyd服务从网络同步时间,企业中建议配置内部的时间同步服务器
    -master节点
    [root@master ~]#vim /etc/chrony.conf
    local stratum 10
    [root@master ~]#systemctl restart chronyd.service
    [root@master ~]#systemctl enable chronyd.service
    [root@master ~]#hwclock -w
    
    -node1节点
    [root@node1 ~]#vim /etc/chrony.conf
    server master.example.com iburst
    ...
    [root@node1 ~]#systemctl restart chronyd.service 
    [root@node1 ~]#systemctl enable chronyd.service 
    [root@node1 ~]#hwclock -w
    
    -node2节点
    [root@node2 ~]#vim /etc/chrony.conf 
    server master.example.com iburst
    ...
    [root@node2 ~]#systemctl restart chronyd.service 
    [root@node2 ~]#systemctl enable chronyd.service
    [root@node2 ~]#hwclock -w
    
  4. 禁用firewalld、selinux、postfix(三个节点都做)

    # 关闭防火墙、selinux,postfix----3台主机都配置
    -master节点
    [root@master ~]#systemctl disable --now firewalld
    [root@master ~]#sed -i 's/enforcing/disabled/' /etc/selinux/config
    [root@master ~]#setenforce 0
    [root@master ~]#systemctl stop postfix
    [root@master ~]#systemctl disable postfix
    
    -node1节点
    [root@node1 ~]#systemctl disable --now firewalld
    [root@node1 ~]#sed -i 's/enforcing/disabled/' /etc/selinux/config
    [root@node1 ~]#setenforce 0
    [root@node1 ~]#systemctl stop postfix
    [root@node1 ~]#systemctl disable postfix
    
    -node2节点
    [root@node2 ~]#systemctl disable --now firewalld
    [root@node2 ~]#sed -i 's/enforcing/disabled/' /etc/selinux/config
    [root@node2 ~]#setenforce 0
    [root@node2 ~]#systemctl stop postfix
    [root@node2 ~]#systemctl disable postfix
    
  5. 禁用swap分区(三个节点都做)

    -master节点
    [root@master ~]#vim /etc/fstab # 注释掉swap分区那一行
    [root@master ~]#swapoff -a
    
    -node1节点
    [root@node1 ~]#vim /etc/fstab # 注释掉swap分区那一行
    [root@node1 ~]#swapoff -a
    
    -node1节点
    [root@node2 ~]#vim /etc/fstab # 注释掉swap分区那一行
    [root@node2 ~]#swapoff -a
    
  6. 开启IP转发,和修改内核信息—三个节点都需要配置

    -master节点
    [root@master ~]#vim /etc/sysctl.d/k8s.conf
    net.ipv4.ip_forward = 1
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    [root@master ~]#modprobe   br_netfilter
    [root@master ~]#sysctl -p  /etc/sysctl.d/k8s.conf
    net.ipv4.ip_forward = 1
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    
    -node1节点
    [root@node1 ~]#vim /etc/sysctl.d/k8s.conf
    net.ipv4.ip_forward = 1
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    [root@node1 ~]#modprobe   br_netfilter
    [root@node1 ~]#sysctl -p  /etc/sysctl.d/k8s.conf
    net.ipv4.ip_forward = 1
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    
    -node1节点
    [root@node2 ~]#vim /etc/sysctl.d/k8s.conf
    net.ipv4.ip_forward = 1
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    [root@node2 ~]#modprobe   br_netfilter
    [root@node2 ~]#sysctl -p  /etc/sysctl.d/k8s.conf
    net.ipv4.ip_forward = 1
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    
  7. 配置IPVS功能(三个节点都做)

    -master节点
    [root@master ~]#vim /etc/sysconfig/modules/ipvs.modules
    #!/bin/bash
    modprobe -- ip_vs
    modprobe -- ip_vs_rr
    modprobe -- ip_vs_wrr
    modprobe -- ip_vs_sh
    
    [root@master ~]#chmod +x /etc/sysconfig/modules/ipvs.modules
    [root@master ~]#bash /etc/sysconfig/modules/ipvs.modules
    [root@master ~]#lsmod | grep -e ip_vs
    ip_vs_sh               16384  0
    ip_vs_wrr              16384  0
    ip_vs_rr               16384  0
    ip_vs                 172032  6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
    nf_conntrack          172032  1 ip_vs
    nf_defrag_ipv6         20480  2 nf_conntrack,ip_vs
    libcrc32c              16384  3 nf_conntrack,xfs,ip_vs
    [root@master ~]#reboot
    
    -node1节点
    [root@node1 ~]#vim /etc/sysconfig/modules/ipvs.modules
    #!/bin/bash
    modprobe -- ip_vs
    modprobe -- ip_vs_rr
    modprobe -- ip_vs_wrr
    modprobe -- ip_vs_sh
    
    [root@node1 ~]#chmod +x /etc/sysconfig/modules/ipvs.modules
    [root@node1 ~]#bash /etc/sysconfig/modules/ipvs.modules
    [root@node1 ~]#lsmod | grep -e ip_vs
    ip_vs_sh               16384  0
    ip_vs_wrr              16384  0
    ip_vs_rr               16384  0
    ip_vs                 172032  6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
    nf_conntrack          172032  1 ip_vs
    nf_defrag_ipv6         20480  2 nf_conntrack,ip_vs
    libcrc32c              16384  3 nf_conntrack,xfs,ip_vs
    [root@node1 ~]#reboot
    
    -node2节点
    [root@node2 ~]#vim /etc/sysconfig/modules/ipvs.modules
    #!/bin/bash
    modprobe -- ip_vs
    modprobe -- ip_vs_rr
    modprobe -- ip_vs_wrr
    modprobe -- ip_vs_sh
    
    [root@node2 ~]#chmod +x /etc/sysconfig/modules/ipvs.modules
    [root@node2 ~]#bash /etc/sysconfig/modules/ipvs.modules
    [root@node2 ~]#lsmod | grep -e ip_vs
    ip_vs_sh               16384  0
    ip_vs_wrr              16384  0
    ip_vs_rr               16384  0
    ip_vs                 172032  6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
    nf_conntrack          172032  1 ip_vs
    nf_defrag_ipv6         20480  2 nf_conntrack,ip_vs
    libcrc32c              16384  3 nf_conntrack,xfs,ip_vs
    [root@node2 ~]#reboot
    
  8. ssh免密认证

    [root@master ~]#ssh-keygen 
    Generating public/private rsa key pair.
    Enter file in which to save the key (/root/.ssh/id_rsa): 
    Enter passphrase (empty for no passphrase): 
    Enter same passphrase again: 
    Your identification has been saved in /root/.ssh/id_rsa.
    Your public key has been saved in /root/.ssh/id_rsa.pub.
    The key fingerprint is:
    SHA256:VcZ6m+gceBJxwysFWwM08526KiBoSt9qdbDQoMSx3kU root@master
    The key's randomart image is:
    +---[RSA 3072]----+
    |...  E .*+o.o    |
    | o...   .*==..   |
    |... o.  .+o+o    |
    |.....o  o.o..    |
    | o .. o S+.o o   |
    |.o. .o .o +.o    |
    |+ ..o..  =..     |
    |.  o ..  .o      |
    |  ...  ..        |
    +----[SHA256]-----+
    [root@master ~]#ssh-copy-id -i ~/.ssh/id_rsa.pub root@node1
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
    The authenticity of host 'node1 (192.168.111.101)' can't be established.
    ECDSA key fingerprint is SHA256:0UQKIYmXwgllRaiKyKIR8RaO8bzS7GGb5180xGHoiMI.
    Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@node1's password: 
    
    Number of key(s) added: 1
    
    Now try logging into the machine, with:   "ssh 'root@node1'"
    and check to make sure that only the key(s) you wanted were added.
    
    [root@master ~]#ssh-copy-id -i ~/.ssh/id_rsa.pub root@node2
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
    The authenticity of host 'node2 (192.168.111.102)' can't be established.
    ECDSA key fingerprint is SHA256:0UQKIYmXwgllRaiKyKIR8RaO8bzS7GGb5180xGHoiMI.
    Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@node2's password: 
    
    Number of key(s) added: 1
    
    Now try logging into the machine, with:   "ssh 'root@node2'"
    and check to make sure that only the key(s) you wanted were added.
    

2.3、安装docker

  1. 切换镜像源

    -master节点
    [root@master /etc/yum.repos.d]#curl -o /etc/yum.repos.d/CentOS-Base.repo //mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
    [root@master /etc/yum.repos.d]# dnf -y install epel-release
    [root@master /etc/yum.repos.d]#wget //mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    
    -node1节点
    [root@node1 /etc/yum.repos.d]#curl -o /etc/yum.repos.d/CentOS-Base.repo //mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
    [root@node1 /etc/yum.repos.d]# dnf -y install epel-release
    [root@node1 /etc/yum.repos.d]#wget //mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    
    -node2节点
    [root@node2 /etc/yum.repos.d]#curl -o /etc/yum.repos.d/CentOS-Base.repo //mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
    [root@node2 /etc/yum.repos.d]# dnf -y install epel-release
    [root@node2 /etc/yum.repos.d]#wget //mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    
  2. 安装docker-ce

    -master节点
    [root@master ~]# dnf -y install docker-ce --allowerasing
    [root@master ~]# systemctl restart docker
    [root@master ~]# systemctl enable docker
    
    -node1节点
    [root@node1 ~]# dnf -y install docker-ce --allowerasing
    [root@node1 ~]# systemctl restart docker
    [root@node1 ~]# systemctl enable docker
    
    -node2节点
    [root@node2 ~]# dnf -y install docker-ce --allowerasing
    [root@node2 ~]# systemctl restart docker
    [root@node2 ~]# systemctl enable docker
    
  3. 添加一个配置文件,配置docker仓库加速器

    -master节点
    [root@master ~]#cat > /etc/docker/daemon.json << EOF
     {
       "registry-mirrors": ["//6vrrj6n2.mirror.aliyuncs.com"],
       "exec-opts": ["native.cgroupdriver=systemd"],
       "log-driver": "json-file",
       "log-opts": {
         "max-size": "100m"
       },
       "storage-driver": "overlay2"
     }
     EOF
    [root@master ~]#systemctl daemon-reload
    [root@master ~]#systemctl  restart docker
    
    -node1节点
    [root@node1 ~]#cat > /etc/docker/daemon.json << EOF
     {
       "registry-mirrors": ["//6vrrj6n2.mirror.aliyuncs.com"],
       "exec-opts": ["native.cgroupdriver=systemd"],
       "log-driver": "json-file",
       "log-opts": {
         "max-size": "100m"
       },
       "storage-driver": "overlay2"
     }
     EOF
    [root@node1 ~]#systemctl daemon-reload
    [root@node1 ~]#systemctl  restart docker
    
    -node2节点
    [root@node2 ~]#cat > /etc/docker/daemon.json << EOF
     {
       "registry-mirrors": ["//6vrrj6n2.mirror.aliyuncs.com"],
       "exec-opts": ["native.cgroupdriver=systemd"],
       "log-driver": "json-file",
       "log-opts": {
         "max-size": "100m"
       },
       "storage-driver": "overlay2"
     }
     EOF
    [root@node2 ~]#systemctl daemon-reload
    [root@node2 ~]#systemctl  restart docker
    

2.4 安装kubernetes组件

  1. 由于kubernetes的镜像在国外,速度比较慢,这里切换成国内的镜像源

    -master节点
    [root@master ~]#cat > /etc/yum.repos.d/kubernetes.repo << EOF
    [kubernetes]
    name=Kubernetes
    baseurl=//mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
    enabled=1
    gpgcheck=0
    repo_gpgcheck=0
    gpgkey=//mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg //mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
    EOF
    
    -node1节点
    [root@node1 ~]#cat > /etc/yum.repos.d/kubernetes.repo << EOF
    [kubernetes]
    name=Kubernetes
    baseurl=//mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
    enabled=1
    gpgcheck=0
    repo_gpgcheck=0
    gpgkey=//mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg //mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
    EOF
    
    -node2节点
    [root@node2 ~]#cat > /etc/yum.repos.d/kubernetes.repo << EOF
    [kubernetes]
    name=Kubernetes
    baseurl=//mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
    enabled=1
    gpgcheck=0
    repo_gpgcheck=0
    gpgkey=//mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg //mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
    EOF
    
  2. 安装kubeadm kubelet kubectl工具

    -master节点
    [root@master ~]#dnf  -y  install kubeadm  kubelet  kubectl
    [root@master ~]#systemctl  restart  kubelet
    [root@master ~]#systemctl  enable  kubelet
    
    -node1节点
    [root@node1 ~]#dnf  -y  install kubeadm  kubelet  kubectl
    [root@node1 ~]#systemctl  restart  kubelet
    [root@node1 ~]#systemctl  enable  kubelet
    
    -node2节点
    [root@node2 ~]#dnf  -y  install kubeadm  kubelet  kubectl
    [root@node2 ~]#systemctl  restart  kubelet
    [root@node2 ~]#systemctl  enable  kubelet
    
  3. 配置containerd

    # 为确保后面集群初始化及加入集群能够成功执行,需要配置containerd的配置文件/etc/containerd/config.toml,此操作需要在所有节点执行
    -master节点
    [root@master ~]#containerd config default > /etc/containerd/config.toml
    # 将/etc/containerd/config.toml文件中的k8s镜像仓库改为registry.aliyuncs.com/google_containers
    [root@master ~]#vim /etc/containerd/config.toml
    sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.6"
    # 然后重启并设置containerd服务
    [root@master ~]#systemctl   restart  containerd
    [root@master ~]#systemctl   enable  containerd
    
    # 为确保后面集群初始化及加入集群能够成功执行,需要配置containerd的配置文件/etc/containerd/config.toml,此操作需要在所有节点执行
    -node1节点
    [root@node1 ~]#containerd config default > /etc/containerd/config.toml
    # 将/etc/containerd/config.toml文件中的k8s镜像仓库改为registry.aliyuncs.com/google_containers
    [root@node1 ~]#vim /etc/containerd/config.toml
    sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.6"
    # 然后重启并设置containerd服务
    [root@node1 ~]#systemctl   restart  containerd
    [root@node1 ~]#systemctl   enable  containerd
    
    # 为确保后面集群初始化及加入集群能够成功执行,需要配置containerd的配置文件/etc/containerd/config.toml,此操作需要在所有节点执行
    -node2节点
    [root@node2 ~]#containerd config default > /etc/containerd/config.toml
    # 将/etc/containerd/config.toml文件中的k8s镜像仓库改为registry.aliyuncs.com/google_containers
    [root@node2 ~]#vim /etc/containerd/config.toml
    sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.6"
    # 然后重启并设置containerd服务
    [root@node2 ~]#systemctl   restart  containerd
    [root@node2 ~]#systemctl   enable  containerd
    
  4. 部署k8s的master节点

    -master节点
    [root@master ~]#kubeadm init \
      --apiserver-advertise-address=192.168.111.100 \
      --image-repository registry.aliyuncs.com/google_containers \
      --kubernetes-version v1.25.4 \
      --service-cidr=10.96.0.0/12 \
      --pod-network-cidr=10.244.0.0/16
    # 建议将初始化内容保存在某个文件中
    [root@master ~]#vim k8s 
    To start using your cluster, you need to run the following as a regular user:
    
      mkdir -p $HOME/.kube
      sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
      sudo chown $(id -u):$(id -g) $HOME/.kube/config
    
    Alternatively, if you are the root user, you can run:
    
      export KUBECONFIG=/etc/kubernetes/admin.conf
    
    You should now deploy a pod network to the cluster.
    Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
      //kubernetes.io/docs/concepts/cluster-administration/addons/
    
    Then you can join any number of worker nodes by running the following on each as root:
    
    kubeadm join 192.168.111.100:6443 --token eav8jn.zj2muv0thd7e8dad \
    	--discovery-token-ca-cert-hash sha256:b38f8a6a6302e25c0bcba2a67c13b234fd0b9fdd8b0c0645154c79edf6555e09 
    
    [root@master ~]#vim /etc/profile.d/k8s.sh
    export KUBECONFIG=/etc/kubernetes/admin.conf
    [root@master ~]#source /etc/profile.d/k8s.sh
    
  5. 安装pod网络插件

    -master节点
    [root@master ~]#wget //raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
    [root@master ~]#kubectl apply -f kube-flannel.yml 
    namespace/kube-flannel created
    clusterrole.rbac.authorization.k8s.io/flannel created
    clusterrolebinding.rbac.authorization.k8s.io/flannel created
    serviceaccount/flannel created
    configmap/kube-flannel-cfg created
    daemonset.apps/kube-flannel-ds created
    [root@master ~]#kubectl get nodes
    NAME     STATUS     ROLES           AGE     VERSION
    master   NotReady   control-plane   6m41s   v1.25.4
    [root@master ~]#kubectl get nodes
    NAME     STATUS   ROLES           AGE     VERSION
    master   Ready    control-plane   7m10s   v1.25.4
    
  6. 将node节点加入到k8s集群中

    -node1节点
    [root@node1 ~]#kubeadm join 192.168.111.100:6443 --token eav8jn.zj2muv0thd7e8dad \
    > --discovery-token-ca-cert-hash sha256:b38f8a6a6302e25c0bcba2a67c13b234fd0b9fdd8b0c0645154c79edf6555e09 
    
    -node2节点
    [root@node2 ~]#kubeadm join 192.168.111.100:6443 --token eav8jn.zj2muv0thd7e8dad \
    > --discovery-token-ca-cert-hash sha256:b38f8a6a6302e25c0bcba2a67c13b234fd0b9fdd8b0c0645154c79edf6555e09 
    
  7. kubectl get nodes 查看node状态

    -master节点
    [root@master ~]#kubectl get nodes
    NAME     STATUS     ROLES           AGE     VERSION
    master   Ready      control-plane   9m37s   v1.25.4
    node1    NotReady   <none>          51s     v1.25.4
    node2    NotReady   <none>          31s     v1.25.4
    [root@master ~]#kubectl get nodes
    NAME     STATUS   ROLES           AGE     VERSION
    master   Ready    control-plane   9m57s   v1.25.4
    node1    Ready    <none>          71s     v1.25.4
    node2    Ready    <none>          51s     v1.25.4
    
  8. 使用k8s集群创建一个pod,运行nginx容器,然后进行测试

    [root@master ~]#kubectl create  deployment  nginx  --image nginx
    deployment.apps/nginx created
    [root@master ~]#kubectl  get  pods
    NAME                    READY   STATUS    RESTARTS   AGE
    nginx-76d6c9b8c-z7p4l   1/1     Running   0          35s
    [root@master ~]#kubectl  expose  deployment  nginx  --port 80  --type NodePort
    service/nginx exposed
    [root@master ~]#kubectl  get  pods  -o  wide
    NAME                    READY   STATUS    RESTARTS   AGE    IP           NODE    NOMINATED NODE   READINESS GATES
    nginx-76d6c9b8c-z7p4l   1/1     Running   0          119s   10.244.1.2   node1   <none>           <none>
    [root@master ~]#kubectl  get  services
    NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
    kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP        15m
    nginx        NodePort    10.109.37.202   <none>        80:31125/TCP   17s
    
  9. 测试访问

    image-20221117165705706

  10. 修改默认网页

    [root@master ~]# kubectl exec -it pod/nginx-76d6c9b8c-z7p4l -- /bin/bash
    root@nginx-76d6c9b8c-z7p4l:/# cd /usr/share/nginx/html/
    echo "zhaoshulin" > index.html
    

image-20221117170031199