k8s集群安装Kuboard进行管理

简介

上一篇博客中已经将k8s群集搭建完毕了,这一篇中将安装Kuboard 方便管理k8s群集。
如果想了解k8s群集的搭建可以看我的上一篇博客

安装kuboard

使用下面的命令安装kuboard

[root@master ~]# kubectl apply -f https://kuboard.cn/install-script/kuboard.yaml

官网里有这个yaml文件的详细介绍
我这里下载下来了

apiVersion: apps/v1
kind: Deployment
metadata:
  name: kuboard
  namespace: kube-system
  annotations:
    k8s.eip.work/displayName: kuboard
    k8s.eip.work/ingress: "true"
    k8s.eip.work/service: NodePort
    k8s.eip.work/workload: kuboard
  labels:
    k8s.eip.work/layer: monitor
    k8s.eip.work/name: kuboard
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s.eip.work/layer: monitor
      k8s.eip.work/name: kuboard
  template:
    metadata:
      labels:
        k8s.eip.work/layer: monitor
        k8s.eip.work/name: kuboard
    spec:
      containers:
      - name: kuboard
        image: eipwork/kuboard:latest
        imagePullPolicy: Always
      tolerations:
      - key: node-role.kubernetes.io/master
        effect: NoSchedule

---
apiVersion: v1
kind: Service
metadata:
  name: kuboard
  namespace: kube-system
spec:
  type: NodePort
  ports:
  - name: http
    port: 80
    targetPort: 80
    nodePort: 32567
  selector:
    k8s.eip.work/layer: monitor
    k8s.eip.work/name: kuboard

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: kuboard-user
  namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kuboard-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: kuboard-user
  namespace: kube-system

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: kuboard-viewer
  namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kuboard-viewer
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: view
subjects:
- kind: ServiceAccount
  name: kuboard-viewer
  namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kuboard-viewer-node
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:node
subjects:
- kind: ServiceAccount
  name: kuboard-viewer
  namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kuboard-viewer-pvp
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:persistent-volume-provisioner
subjects:
- kind: ServiceAccount
  name: kuboard-viewer
  namespace: kube-system

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: kuboard
  namespace: kube-system
  annotations:
    nginx.org/websocket-services: "kuboard"
    nginx.com/sticky-cookie-services: "serviceName=kuboard srv_id expires=1h path=/"
spec:
  rules:
  - host: kuboard.yourdomain.com
    http:
      paths:
      - path: /
        backend:
          serviceName: kuboard
          servicePort: http

如果想要卸载的话使用下面的命令

[root@master ~]# kubectl delete -f https://kuboard.cn/install-script/kuboard.yaml

获取token

kuboard的登录需要一个token,按照权限的不同可以获取管理员和只读用户的token,分别执行以下命令获取:

# 在第一个 Master 节点上执行此命令
# 管理员token
[root@master ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}')   

# 普通用户token
[root@master ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kuboard-viewer | awk '{print $1}')

执行命令,获取token

[root@master ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}') 
Name:         kuboard-user-token-hbwww
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kuboard-user
              kubernetes.io/service-account.uid: 9897a478-02b8-11eb-871f-000c2911956a

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1359 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJvYXJkLXVzZXItdG9rZW4taGJ3d3ciLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoia3Vib2FyZC11c2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiOTg5N2E0NzgtMDJiOC0xMWViLTg3MWYtMDAwYzI5MTE5NTZhIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmt1Ym9hcmQtdXNlciJ9.j76W4mH9M__TJUv_GQ5o4VzYnrZthr7Uald0Mca_g2NegwxiyN3b6-SbjIgDGKrGjkH-PoNhXH8WT1GEcblClAMtqpdlLP7cvLrNd1MjTgLp1HLlUhW1I-IuA-TZqeZxv28-fzxaemVFylF2TrxqiTx8za80tdl7cDTB61w-6sbtpZ2TOQ4UXa8r2me7HU77NMT2zLRhbiYpkB2PpqQSjfVW4B3-2x6x27RdqyghB_fmapMNkxhw9B0PTP74U-FpNzhbdMeYpu2dTvI1Wsk9U4crVxJGXxQBfeA2XlyXdbKfOcol-J1GvgoEm7Q8yIYmPmNPlUMc4Y7lv0fOuOKpjQ

使用如下命令获取kuboard暴露的端口号:

[root@master ~]# kubectl get svc -n kube-system
NAME      TYPE       CLUSTER-IP   EXTERNAL-IP   PORT(S)        AGE
kuboard   NodePort   10.0.0.174   <none>        80:32567/TCP   39s

访问kuboard服务器

使用其中一台的nodeip地址加端口号进行访问
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
可以在master上创建httpd的pod再次进行验证

[root@master ~]# kubectl run httpd --image=httpd
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/httpd created
[root@master ~]# kubectl get pods -o wide  'httpd的资源创建在了node01节点上'
NAME                    READY   STATUS    RESTARTS   AGE   IP            NODE              NOMINATED NODE
httpd-7db5849b8-cx7rg   1/1     Running   0          43s   172.17.27.5   192.168.179.122   <none>
nginx-dbddb74b8-cnkd6   1/1     Running   0          13h   172.17.71.3   192.168.179.123   <none>

查看node01节点,发现已经创建成功
在这里插入图片描述

进行容器副本的验证

在k8s中,当我们创建一个pod时,会自动创建一个副本
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
模拟node01节点httpd服务出现故障

[root@node01 ~]# docker ps -a
CONTAINER ID        IMAGE                                                                 COMMAND                  CREATED             STATUS              PORTS               NAMES
e41c158f8f54        httpd                                                                 "httpd-foreground"       About an hour ago   Up About an hour                        k8s_httpd_httpd-7db5849b8-cx7rg_default_cf3679bc-02bc-11eb-ab3f-000c295df735_1
[root@node01 ~]# docker stop e41c158f8f54   '停止httpd容器'
e41c158f8f54

此时容器变成橙黄色报错,右上角弹出信息,正在创建httpd的容器
在这里插入图片描述
等待几秒种后,新的httpd容器创建成功
在这里插入图片描述
此时查看node01节点中的容器信息,之前的httpd容器已处于exited状态,新增了一台httpd容器处于up状态

[root@node01 ~]# docker ps -a
CONTAINER ID        IMAGE                                                                 COMMAND                  CREATED             STATUS                          PORTS               NAMES
015499ba0846        httpd                                                                 "httpd-foreground"       58 seconds ago      Up 58 seconds                                       k8s_httpd_httpd-7db5849b8-cx7rg_default_cf3679bc-02bc-11eb-ab3f-000c295df735_2
e41c158f8f54        httpd                                                                 "httpd-foreground"       About an hour ago   Exited (0) About a minute ago                       k8s_httpd_httpd-7db5849b8-cx7rg_default_cf3679bc-02bc-11eb-ab3f-000c295df735_1

弹性伸缩的配置也是可以自定义的,这里默认的副本数量是1,可以通过更改设置,创建更多的副本
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

如何正确的删除pod

有时候会碰到过无法删除pod的问题,使用kubectl delete pod name删除后又会重新创建一个新的pod出来,使用如下命令完成pod的干净删除

[root@master ~]# kubectl get pods
NAME                    READY   STATUS    RESTARTS   AGE
httpd-7db5849b8-cx7rg   1/1     Running   3          172m
httpd-7db5849b8-kknhf   1/1     Running   0          20m
nginx-dbddb74b8-cnkd6   1/1     Running   0          16h
[root@master ~]# kubectl get rs
NAME              DESIRED   CURRENT   READY   AGE
httpd-7db5849b8   2         2         2       172m
nginx-dbddb74b8   1         1         1       16h
[root@master ~]# kubectl get deployment
NAME    DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
httpd   2         2         2            2           172m
nginx   1         1         1            1           16h

进行删除

[root@master ~]# kubectl delete deployment httpd
deployment.extensions "httpd" deleted

在这里插入图片描述

[root@master ~]# kubectl get pods
NAME                    READY   STATUS    RESTARTS   AGE
nginx-dbddb74b8-cnkd6   1/1     Running   0          16h
[root@master ~]# kubectl get rs
NAME              DESIRED   CURRENT   READY   AGE
nginx-dbddb74b8   1         1         1       16h
[root@master ~]# kubectl get deployment
NAME    DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
nginx   1         1         1            1           16h