k8s集群安装Kuboard进行管理
简介
上一篇博客中已经将k8s群集搭建完毕了,这一篇中将安装Kuboard 方便管理k8s群集。
如果想了解k8s群集的搭建可以看我的上一篇博客
安装kuboard
使用下面的命令安装kuboard
[root@master ~]# kubectl apply -f https://kuboard.cn/install-script/kuboard.yaml
官网里有这个yaml文件的详细介绍
我这里下载下来了
apiVersion: apps/v1
kind: Deployment
metadata:
name: kuboard
namespace: kube-system
annotations:
k8s.eip.work/displayName: kuboard
k8s.eip.work/ingress: "true"
k8s.eip.work/service: NodePort
k8s.eip.work/workload: kuboard
labels:
k8s.eip.work/layer: monitor
k8s.eip.work/name: kuboard
spec:
replicas: 1
selector:
matchLabels:
k8s.eip.work/layer: monitor
k8s.eip.work/name: kuboard
template:
metadata:
labels:
k8s.eip.work/layer: monitor
k8s.eip.work/name: kuboard
spec:
containers:
- name: kuboard
image: eipwork/kuboard:latest
imagePullPolicy: Always
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
---
apiVersion: v1
kind: Service
metadata:
name: kuboard
namespace: kube-system
spec:
type: NodePort
ports:
- name: http
port: 80
targetPort: 80
nodePort: 32567
selector:
k8s.eip.work/layer: monitor
k8s.eip.work/name: kuboard
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kuboard-user
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kuboard-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kuboard-user
namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kuboard-viewer
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kuboard-viewer
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: view
subjects:
- kind: ServiceAccount
name: kuboard-viewer
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kuboard-viewer-node
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:node
subjects:
- kind: ServiceAccount
name: kuboard-viewer
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kuboard-viewer-pvp
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:persistent-volume-provisioner
subjects:
- kind: ServiceAccount
name: kuboard-viewer
namespace: kube-system
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: kuboard
namespace: kube-system
annotations:
nginx.org/websocket-services: "kuboard"
nginx.com/sticky-cookie-services: "serviceName=kuboard srv_id expires=1h path=/"
spec:
rules:
- host: kuboard.yourdomain.com
http:
paths:
- path: /
backend:
serviceName: kuboard
servicePort: http
如果想要卸载的话使用下面的命令
[root@master ~]# kubectl delete -f https://kuboard.cn/install-script/kuboard.yaml
获取token
kuboard的登录需要一个token,按照权限的不同可以获取管理员和只读用户的token,分别执行以下命令获取:
# 在第一个 Master 节点上执行此命令
# 管理员token
[root@master ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}')
# 普通用户token
[root@master ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kuboard-viewer | awk '{print $1}')
执行命令,获取token
[root@master ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}')
Name: kuboard-user-token-hbwww
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: kuboard-user
kubernetes.io/service-account.uid: 9897a478-02b8-11eb-871f-000c2911956a
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1359 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJvYXJkLXVzZXItdG9rZW4taGJ3d3ciLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoia3Vib2FyZC11c2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiOTg5N2E0NzgtMDJiOC0xMWViLTg3MWYtMDAwYzI5MTE5NTZhIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmt1Ym9hcmQtdXNlciJ9.j76W4mH9M__TJUv_GQ5o4VzYnrZthr7Uald0Mca_g2NegwxiyN3b6-SbjIgDGKrGjkH-PoNhXH8WT1GEcblClAMtqpdlLP7cvLrNd1MjTgLp1HLlUhW1I-IuA-TZqeZxv28-fzxaemVFylF2TrxqiTx8za80tdl7cDTB61w-6sbtpZ2TOQ4UXa8r2me7HU77NMT2zLRhbiYpkB2PpqQSjfVW4B3-2x6x27RdqyghB_fmapMNkxhw9B0PTP74U-FpNzhbdMeYpu2dTvI1Wsk9U4crVxJGXxQBfeA2XlyXdbKfOcol-J1GvgoEm7Q8yIYmPmNPlUMc4Y7lv0fOuOKpjQ
使用如下命令获取kuboard暴露的端口号:
[root@master ~]# kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kuboard NodePort 10.0.0.174 <none> 80:32567/TCP 39s
访问kuboard服务器
使用其中一台的nodeip地址加端口号进行访问
可以在master上创建httpd的pod再次进行验证
[root@master ~]# kubectl run httpd --image=httpd
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/httpd created
[root@master ~]# kubectl get pods -o wide 'httpd的资源创建在了node01节点上'
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
httpd-7db5849b8-cx7rg 1/1 Running 0 43s 172.17.27.5 192.168.179.122 <none>
nginx-dbddb74b8-cnkd6 1/1 Running 0 13h 172.17.71.3 192.168.179.123 <none>
查看node01节点,发现已经创建成功
进行容器副本的验证
在k8s中,当我们创建一个pod时,会自动创建一个副本
模拟node01节点httpd服务出现故障
[root@node01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e41c158f8f54 httpd "httpd-foreground" About an hour ago Up About an hour k8s_httpd_httpd-7db5849b8-cx7rg_default_cf3679bc-02bc-11eb-ab3f-000c295df735_1
[root@node01 ~]# docker stop e41c158f8f54 '停止httpd容器'
e41c158f8f54
此时容器变成橙黄色报错,右上角弹出信息,正在创建httpd的容器
等待几秒种后,新的httpd容器创建成功
此时查看node01节点中的容器信息,之前的httpd容器已处于exited状态,新增了一台httpd容器处于up状态
[root@node01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
015499ba0846 httpd "httpd-foreground" 58 seconds ago Up 58 seconds k8s_httpd_httpd-7db5849b8-cx7rg_default_cf3679bc-02bc-11eb-ab3f-000c295df735_2
e41c158f8f54 httpd "httpd-foreground" About an hour ago Exited (0) About a minute ago k8s_httpd_httpd-7db5849b8-cx7rg_default_cf3679bc-02bc-11eb-ab3f-000c295df735_1
弹性伸缩的配置也是可以自定义的,这里默认的副本数量是1,可以通过更改设置,创建更多的副本
如何正确的删除pod
有时候会碰到过无法删除pod的问题,使用kubectl delete pod name删除后又会重新创建一个新的pod出来,使用如下命令完成pod的干净删除
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
httpd-7db5849b8-cx7rg 1/1 Running 3 172m
httpd-7db5849b8-kknhf 1/1 Running 0 20m
nginx-dbddb74b8-cnkd6 1/1 Running 0 16h
[root@master ~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
httpd-7db5849b8 2 2 2 172m
nginx-dbddb74b8 1 1 1 16h
[root@master ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
httpd 2 2 2 2 172m
nginx 1 1 1 1 16h
进行删除
[root@master ~]# kubectl delete deployment httpd
deployment.extensions "httpd" deleted
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-dbddb74b8-cnkd6 1/1 Running 0 16h
[root@master ~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
nginx-dbddb74b8 1 1 1 16h
[root@master ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 1 1 1 1 16h