Kubernetes基础:集群入门
Kubernetes基础:集群入门
什么是Kubernetes
Kubernetes(简称K8s)是Google开源的容器编排平台,用于自动化容器化应用的部署、扩展和管理。它提供了声明式配置、自动扩缩容、服务发现和负载均衡等核心能力。
核心架构
控制平面(Control Plane)
组件:
- kube-apiserver: API网关,集群入口
- etcd: 分布式键值存储,保存集群状态
- kube-scheduler: 调度Pod到节点
- kube-controller-manager: 控制器管理器
工作节点(Worker Node)
组件:
- kubelet: 节点代理,管理Pod生命周期
- kube-proxy: 网络代理,实现Service负载均衡
- Container Runtime: 容器运行时(containerd/CRI-O)
安装Kubernetes
使用kubeadm搭建集群
# 所有节点执行
# 禁用swap
sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
# 配置内核参数
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system
# 安装containerd
sudo apt-get update
sudo apt-get install -y containerd
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
sudo systemctl restart containerd
# 安装kubeadm、kubelet、kubectl
sudo apt-get install -y apt-transport-https ca-certificates curl
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
初始化主节点
# 主节点执行
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
# 配置kubectl
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
# 安装网络插件(Flannel)
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
添加工作节点
# 在工作节点执行kubeadm init输出的join命令
sudo kubeadm join <master-ip>:6443 --token <token> --discovery-token-ca-cert-hash sha256:<hash>
基本概念
Pod
Pod是K8s最小部署单元,包含一个或多个容器:
# pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:alpine
ports:
- containerPort: 80
resources:
requests:
memory: "64Mi"
cpu: "250m"
limits:
memory: "128Mi"
cpu: "500m"
# Pod操作
kubectl get pods
kubectl describe pod nginx-pod
kubectl logs nginx-pod
kubectl exec -it nginx-pod -- sh
kubectl delete pod nginx-pod
Node
# 查看节点
kubectl get nodes
kubectl describe node <node-name>
常用命令
# 集群信息
kubectl cluster-info
kubectl get componentstatuses
# 资源查看
kubectl get all
kubectl get pods -o wide
kubectl get svc -n kube-system
# 调试
kubectl logs -f <pod-name>
kubectl describe <resource> <name>
kubectl get events --sort-by=.metadata.creationTimestamp
实践:部署第一个应用
# 创建Deployment
kubectl create deployment nginx --image=nginx:alpine --replicas=3
# 暴露服务
kubectl expose deployment nginx --port=80 --type=NodePort
# 查看服务
kubectl get svc nginx
# 访问应用
curl http://<node-ip>:<node-port>
# 扩缩容
kubectl scale deployment nginx --replicas=5
# 滚动更新
kubectl set image deployment nginx nginx=nginx:1.25
# 回滚
kubectl rollout undo deployment nginx
总结
Kubernetes是容器编排的事实标准。掌握核心概念和基本操作,是云原生运维的必备技能。