容器云平台No.3~kubernetes使用

今天是是第三篇，接着上一篇继续

首先，通过kubectl可以看到,三个节点都正常运行

[root@k8s-master001 ~]# kubectl  get no
NAME            STATUS   ROLES    AGE   VERSION
k8s-master001   Ready    master   16h   v1.19.0
k8s-master002   Ready    master   16h   v1.19.0
k8s-master003   Ready    master   16h   v1.19.0

现在来部署第一个服务，这里以nginx为例

[root@k8s-master001 ~]# kubectl  run  nginx --image=nginx --port=80
pod/nginx created

可以看到，我们再k8s集群上创建了一个nginx应用，然后我们通过如下命令查看状态，发现现在nginx状态为Pending

[root@k8s-master001 ~]# kubectl  get po
NAME    READY   STATUS    RESTARTS   AGE
nginx   0/1     Pending   0          7s

现在我们使用

kubectl  describe

[root@k8s-master001 ~]# kubectl  describe po nginx
Name:         nginx
Namespace:    default
Priority:     0
Node:         <none>
Labels:       run=nginx
Annotations:  <none>
Status:       Pending
IP:
IPs:          <none>
Containers:
nginx:
Image:        nginx
Port:         <none>
Host Port:    <none>
Environment:  <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-6gd92 (ro)
Conditions:
Type           Status
PodScheduled   False
Volumes:
default-token-6gd92:
Type:        Secret (a volume populated by a Secret)
SecretName:  default-token-6gd92
Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node
71f0
.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type     Reason            Age   From  Message
----     ------            ----  ----  -------
Warning  FailedScheduling  15s         0/3 nodes are available: 3 node(s) had taint {node-role.kubernetes.io/master: }, that the pod didn't tolerate.
Warning  FailedScheduling  14s         0/3 nodes are available: 3 node(s) had taint {node-role.kubernetes.io/master: }, that the pod didn't tolerate.

从输出信息可以看到最后两个事件

3 node(s) had taint {node-role.kubernetes.io/master: }, that the pod didn't tolerate.

什么意思呢？什么意思呢？

这个提示表示，没有节点可以接受调度。

为什么会这样呢？

因为我们现在三个节点都是master节点，还没有添加node节点。默认情况下，master打了污点（taint，后续再介绍），master节点不接收调度。
由于我们这里是测试环境，没有多余的机器来作为node节点，可以手动删除master的污点，让master节点接收调度。
通过如下命令可以查看taint信息：

[root@k8s-master001 ~]# kubectl get no -o yaml | grep taint -A 5
f:taints: {}
manager: kube-controller-manager
operation: Update
time: "2020-09-10T09:10:40Z"
- apiVersion: v1
fieldsType: FieldsV1
--
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
status:
addresses:
- address: 10.26.25.20
--
f:taints: {}
manager: kube-controller-manager
operation: Update
time: "2020-09-10T09:30:25Z"
- apiVersion: v1
fieldsType: FieldsV1
--
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
status:
addresses:
- address: 10.26.25.21
--
f:taints: {}
manager: kube-controller-manager
operation: Update
time: "2020-09-10T09:35:43Z"
- apiVersion: v1
fieldsType: FieldsV1
--
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
status:
addresses:
- address: 10.26.25.22

删除污点

node-role.kubernetes.io/master

，如下所示

[root@k8s-master001 ~]# kubectl taint nodes --all node-role.kubernetes.io/master-
node/k8s-master001 untainted
node/k8s-master002 untainted
node/k8s-master003 untainted

然后现在在看nginx的状态，已经变为ContainerCreating，这表示已经分配到节点，开始创建nginx的pod了

[root@k8s-master001 ~]# kubectl  get po
NAME    READY   STATUS              RESTARTS   AGE
nginx   0/1     ContainerCreating   0          3m11s

使用kubectl get po -o wide查看，现在nginx已经正常运行了，而且可以看到，nginx现在被分配到 k8s-master001节点上，Pod IP是10.244.0.4

[root@k8s-master001 ~]# kubectl  get po -o wide
NAME    READY   STATUS    RESTARTS   AGE   IP           NODE            NOMINATED NODE   READINESS GATES
nginx   1/1     Running   0          56m   10.244.0.4   k8s-master001   <none>           <none>

现在来访问nginx,熟悉的200出现了~~

[root@k8s-master001 ~]# curl -I  10.244.0.4
HTTP/1.1 200 OK
Server: nginx/1.19.2
Date: Fri, 11 Sep 2020 02:22:41 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 11 Aug 2020 14:50:35 GMT
Connection: keep-alive
ETag: "5f32b03b-264"
Accept-Ranges: bytes

但是如果在非集群节点上访问10.244.0.4，比如在自己的电脑上访问

[~/b/] : curl -I 10.244.0.4
curl: (55) getpeername() failed with errno 22: Invalid argument

现在就来解决这个问题，

1、我们删掉原来创建的nginx pod

[root@k8s-master001 ~]# kubectl  delete po nginx
pod "nginx" deleted

2、创建nginx.yaml文件

[root@k8s-master001 ~]# cat nginx.yaml
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: nginx
labels:
app: nginx
spec:
serviceName: nginx
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
terminationGracePeriodSeconds: 180
containers:
- name: nginx
image: nginx
imagePullPolicy: Always
ports:
- containerPort: 80
name: port
---
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
selector:
app: nginx

3、执行kubectl apply -f nginx.yaml部署

[root@k8s-master001 ~]# kubectl  apply -f nginx.yaml
statefulset.apps/nginx created
service/nginx created

[root@k8s-master001 ~]# kubectl  get po,ep,svc
NAME          READY   STATUS    RESTARTS   AGE
pod/nginx-0   1/1     Running   0          24s

NAME                   ENDPOINTS                                            AGE
endpoints/kubernetes   10.26.25.20:6443,10.26.25.21:6443,10.26.25.22:6443   17h
endpoints/nginx        10.244.2.3:80                                        23s

NAME                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
service/kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP        17h
service/nginx        NodePort    10.106.27.213   <none>        80:30774/TCP   23s

现在能看到，创建了一个名为nginx的service，把nginx默认的80端口映射到了30774
访问集群任意节点的IP：32650，这里是10.26.25.20:30774

在集群节点上访问：

[root@k8s-master001 ~]# curl -I   10.26.25.20:30774
HTTP/1.1 200 OK
Server: nginx/1.19.2
Date: Fri, 11 Sep 2020 02:53:55 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 11 Aug 2020 14:50:35 GMT
Connection: keep-alive
ETag: "5f32b03b-264"
Accept-Ranges: bytes

在笔记本电脑上访问：

[~/b/wechatimages] : curl -I   10.26.25.20:30774
HTTP/1.1 200 OK
Server: nginx/1.19.2
Date: Fri, 11 Sep 2020 02:54:24 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 11 Aug 2020 14:50:35 GMT
Connection: keep-alive
ETag: "5f32b03b-264"
Accept-Ranges: bytes

如果还是

可以先行了解kubernetes的pod,endpoint,service等概念。。。后续文章也会陆续讲到。。。

注：文中图片来源于网络，如有侵权，请联系我及时删除。
Tips: 更多好文章，请关注公*号“菜鸟运维杂谈”！！！