k8s 的网页管理界面:dashboard
1, ubuntu16 安装microk8s
microk8s 是单机版的k8s集群,安装过程仅需2、3分钟,适合测试使用
wang@wang-GA-MA770T-UD3P:~/Downloads$ sudo snap install microk8s --classic
[sudo] password for wang:
microk8s v1.13.0 from 'canonical' installed
# 如果之前安装了k8s, 需要覆盖之前的安装的 k8s 服务才能使用microk8s命令
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.kubectl config view --raw > $HOME/.kube/config
# apiVersion: v1
# clusters:
# - cluster:
# certificate-authority-data: Ek0TVRJeE9UQTBNelkwTjF
# name: kubernetes
# - cluster:
# certificate-authority: /root/.minikube/ca.crt
# server: https://192.168.99.100:8443
# name: minikube
# contexts:
# - context:
# cluster: kubernetes
# user: kubernetes-admin
# name: kubernetes-admin@kubernetes
# - context:
# cluster: minikube
# user: minikube
# name: minikube
# current-context: minikube
# kind: Config
# preferences: {}
# users:
# - name: kubernetes-admin
# user:
# client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tL
# client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS
# - name: minikube
# user:
# client-certificate: /root/.minikube/client.crt
# client-key: /root/.minikube/client.key
#####################################
# apiVersion: v1
# clusters:
# - cluster:
# server: http://127.0.0.1:8080
# name: microk8s-cluster
# contexts:
# - context:
# cluster: microk8s-cluster
# user: admin
# name: microk8s
# current-context: microk8s
# kind: Config
# preferences: {}
# users:
# - name: admin
# user:
# username: admin
#
2, 查看集群信息
#查看基本信息
wang@wang-GA-MA770T-UD3P:~/Downloads$ snap info microk8s
name: microk8s
summary: Kubernetes for workstations and appliances
publisher: Canonical✓
contact: https://github.com/ubuntu/microk8s
license: unset
description: |
MicroK8s is a small, fast, secure, single node Kubernetes that installs on just about any Linux
box. Use it for offline development, prototyping, testing, or use it on a VM as a small, cheap,
reliable k8s for CI/CD. It's also a great k8s for appliances - develop your IoT apps for k8s and
deploy them to MicroK8s on your boxes.
commands:
- microk8s.config
- microk8s.disable
- microk8s.docker
- microk8s.enable
- microk8s.inspect
- microk8s.istioctl
- microk8s.kubectl
- microk8s.reset
- microk8s.start
- microk8s.status
- microk8s.stop
services:
microk8s.daemon-apiserver: simple, enabled, active
microk8s.daemon-apiserver-kicker: simple, enabled, active
microk8s.daemon-controller-manager: simple, enabled, active
microk8s.daemon-docker: simple, enabled, active
microk8s.daemon-etcd: simple, enabled, active
microk8s.daemon-kubelet: simple, enabled, active
microk8s.daemon-proxy: simple, enabled, active
microk8s.daemon-scheduler: simple, enabled, active
#插件状态
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.status
microk8s is running
addons:
ingress: disabled
dns: disabled
metrics-server: disabled
istio: disabled
gpu: disabled
storage: disabled
dashboard: disabled
registry: disabled
#节点状态
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.kubectl get nodes
NAME STATUS ROLES AGE VERSION
wang-ga-ma770t-ud3p Ready <none> 8m47s v1.13.0
#服务状态
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 8m58s
3,通过webui 管理k8s集群:登录dashboard
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.enable dns
Enabling DNS
Applying manifest
service/kube-dns created
serviceaccount/kube-dns created
configmap/kube-dns created
deployment.extensions/kube-dns created
Restarting kubelet
[sudo] password for wang:
DNS is enabled
# 开启dashboard服务
# create -f https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended/kubernetes-dashboard.yaml
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.enable dashboard
Enabling dashboard
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
service/monitoring-grafana created
service/monitoring-influxdb created
service/heapster created
deployment.extensions/monitoring-influxdb-grafana-v4 created
serviceaccount/heapster created
configmap/heapster-config created
configmap/eventer-config created
deployment.extensions/heapster-v1.5.2 created
dashboard enabled
# 创建用户,获取登录密钥
#创建登录用的账户
cat > dashboard-adminuser.yaml <<eof
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
eof
kubectl apply -f dashboard-adminuser.yaml
#为账户赋予权限
cat > dashboard-adminuser-roleBind.yaml <<eof
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
eof
kubectl apply -f dashboard-adminuser-roleBind.yaml
#获取登录密码
microk8s.kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
## Name: admin-user-token-gtlxc
## Namespace: kube-system
## Labels: <none>
## Annotations: kubernetes.io/service-account.name: admin-user
## kubernetes.io/service-account.uid: b1cb7e10-06bb-11e9-a37b-1c6f65287c2d
##
## Type: kubernetes.io/service-account-token
##
## Data
## ====
## ca.crt: 1094 bytes
## namespace: 11 bytes
## token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZ........
#开启api 代理服务, 监听8001端口, web访问会使用到此端口
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.kubectl proxy
Starting to serve on 127.0.0.1:8001
访问dashboard页面报错503
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "no endpoints available for service \"kubernetes-dashboard\"",
"reason": "ServiceUnavailable",
"code": 503
}
#=====原因
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.kubectl get pods --namespace kube-systemNAME READY STATUS RESTARTS AGE
heapster-v1.5.2-6bc7c4965d-9qbsb 0/4 ContainerCreating 0 32m
kube-dns-6ccd496668-5wdsl 0/3 ContainerCreating 0 33m
kubernetes-dashboard-654cfb4879-rtrw6 0/1 ContainerCreating 0 32m
monitoring-influxdb-grafana-v4-6679c46745-hplwv 0/2 ContainerCreating 0 32m
#======解决
wang@wang-GA-MA770T-UD3P:~/Downloads$ sudo docker pull lhcalibur/pause-amd64
[sudo] password for wang:
Using default tag: latest
latest: Pulling from lhcalibur/pause-amd64
a3ed95caeb02: Pull complete
f11233434377: Pull complete
Digest: sha256:40cd7088fd930f1e8939aaa5d5b8bdf6b214bda7eb22070cf20f5094b6863191
Status: Downloaded newer image for lhcalibur/pause-amd64:latest
wang@wang-GA-MA770T-UD3P:~/Downloads$ sudo docker tag lhcalibur/pause-amd64:latest gcr.io/google_containers/pause-amd64:3.0
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.kubectl get pods --namespace kube-system
NAME READY STATUS RESTARTS AGE
heapster-v1.5.2-64874f6bc6-pbt5k 4/4 Running 0 25m
kube-dns-6ccd496668-5wdsl 3/3 Running 1 78m
kubernetes-dashboard-654cfb4879-rtrw6 1/1 Running 0 78m
monitoring-influxdb-grafana-v4-6679c46745-hplwv 2/2 Running 0 78m
再次访问: http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
登录后即可进入管理界面
4, 部署nginx服务报错:Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout
nginx-deployment.yaml
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 1 # tells deployment to run 2 pods matching the template
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.7.9
ports:
- containerPort: 80
创建deployment后,pod状态异常
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deployment-76bf4969df-sr8m4 0/1 ImagePullBackOff 0 49m
wang@wang-GA-MA770T-UD3P:~/Downloads$ microk8s.kubectl describe pod nginx-deployment-76bf4969df-sr8m4
Name: nginx-deployment-76bf4969df-sr8m4
Namespace: default
Priority: 0
PriorityClassName: <none>
Node: wang-ga-ma770t-ud3p/192.168.1.12
Start Time: Sun, 23 Dec 2018 23:12:37 +0800
Labels: app=nginx
pod-template-hash=76bf4969df
Annotations: <none>
Status: Pending
IP: 10.1.1.25
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 49m default-scheduler Successfully assigned default/nginx-deployment-76bf4969df-sr8m4 to wang-ga-ma770t-ud3p
Normal Pulling 46m (x2 over 49m) kubelet, wang-ga-ma770t-ud3p pulling image "nginx:1.7.9"
Warning Failed 45m (x2 over 46m) kubelet, wang-ga-ma770t-ud3p Error: ErrImagePull
Warning Failed 45m kubelet, wang-ga-ma770t-ud3p Failed to pull image "nginx:1.7.9": rpc error: code = Unknown desc = Error response from daemon: Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
Normal SandboxChanged 45m (x7 over 46m) kubelet, wang-ga-ma770t-ud3p Pod sandbox changed, it will be killed and re-created.
Normal BackOff 45m (x6 over 46m) kubelet, wang-ga-ma770t-ud3p Back-off pulling image "nginx:1.7.9"