More interesting content, please pay attention to WeChat official account : New technology ecosystem

More interesting content, please pay attention to WeChat official account : New technology ecosystem

More interesting content, please pay attention to WeChat official account : New technology ecosystem

Endpoints

Namespace level resources , If endpoints and service It's the same name , Then it is automatically associated .

Function one : And service Load balancing

[root@k8s ~]# kubectl describe svc
Name: kubernetes
Namespace: default
Labels: component=apiserver
provider=kubernetes
Annotations: <none>
Selector: <none>
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.96.0.1
IPs: 10.96.0.1
Port: https 443/TCP
TargetPort: 6443/TCP
Endpoints: 192.168.15.201:6443
Session Affinity: None
Events: <none>

Function 2 : Introduce external services into the cluster

Case study

# First create an external service on this machine mysql
[root@k8s endpoints]# docker run -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=123456 mysql:5.7
c34bab6ad37f46bae59ef2ee712e8430c53142d30a53119e9912407fd540ad61
# port 3306, The password is as above
kind: Endpoints
apiVersion: v1
metadata:
namespace: default
name: test-endpoints
subsets:
- addresses: # agent ip
- ip: 192.168.15.201
ports:
- port: 3306 # Port of service
protocol: TCP
name: http
---
kind: Service
apiVersion: v1
metadata:
name: test-endpoints # The name here must be the same as above to be associated
namespace: default
spec:
ports:
- port: 3306
targetPort: 3306
protocol: TCP
name: http
---
kind: Deployment # Provide a mysql The client of
apiVersion: apps/v1
metadata:
name: mysql
namespace: default
spec:
selector:
matchLabels:
app: mysql-v1
template:
metadata:
labels:
app: mysql-v1
spec:
containers:
- name: mysql
image: mysql:5.7
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
# Deploy endpoints file 
[root@k8s endpoints]# kubectl apply -f endpoints.yaml
endpoints/test-endpoints created
service/test-endpoints created
deployment.apps/mysql created
[root@k8s endpoints]# kubectl get -f endpoints.yaml
NAME ENDPOINTS AGE
endpoints/test-endpoints 192.168.15.201:3306 8s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/test-endpoints ClusterIP 10.106.61.144 <none> 3306/TCP 8s NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/mysql 1/1 1 1 8s

More interesting content, please pay attention to WeChat official account : New technology ecosystem

More interesting content, please pay attention to WeChat official account : New technology ecosystem

More interesting content, please pay attention to WeChat official account : New technology ecosystem


# Enter the deployed project
[root@k8s endpoints]# kubectl exec -it mysql-578666457d-g8856 -- bash
# Link to the inside of the cluster ip
root@mysql-578666457d-g8856:/# mysql -uroot -p123456 -h10.106.61.144
mysql> create database db01;
Query OK, 1 row affected (0.01 sec) mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| db01 |
| mysql |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.00 sec)
# Into the outside docker Of mysql
[root@k8s endpoints]# docker exec -it c34bab6ad37f bash
root@c34bab6ad37f:/# mysql -uroot -p123456
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| db01 |
| mysql |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.00 sec)
# Found the just created db01 ad locum , explain Endpoints A successful agent mysql service

Service health check

Configuration list

---
kind: Deployment
apiVersion: apps/v1
metadata:
name: test-deployment
spec:
selector:
matchLabels:
app: nginx-v1
template:
metadata:
labels:
app: nginx-v1
spec:
containers:
- name: nginx
image: nginx
lifecycle: # Callback HOOK
postStart: # establish Pod Before starting
exec: # The first way , More use
command:
- "/bin/sh"
- "-c"
- "touch /root/1.txt"
httpGet: # The second way ( Use less )
port: 80
path: / # httpGet Your request must return 200 Is considered successful
tcpSocket: # The third way ( Use less )
port: 80
preStop: # Delete Pod Before starting
exec:
command:
- "/bin/sh"
- "-c"
- "echo 123 > /root/1.txt"
livenessProbe:
exec:
command:
- "bin/bash"
- "-c"
- "cat /usr/share/nginx/html/index.php"
initialDelaySeconds: 0 # Execution delay time
periodSeconds: 3 # Detection frequency
timeoutSeconds: 1 # Timeout time
successThreshold: 1 # How many successful probes are successful
failureThreshold: 3 # How many times the probe fails is a failure
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 30 # When the project is relatively large, give it a little bigger
periodSeconds: 1 # The sensitivity setting of readiness is large , Better user experience
timeoutSeconds: 1
successThreshold: 3
failureThreshold: 1

Callback HOOK--lifecycle

The execution function at startup is postStart, There are three ways of execution , Namely exec、httpGet、tcpSocket, however httpGet Need to request to 200 Will return to success , Otherwise failure .

The execution function at the end is preStop, The execution method is similar to the above .

viability --livenessProbe

Storage activity is generally used here exec In the form of , The general settings of the production environment are as follows

 livenessProbe:
exec:
command:
- "bin/bash"
- "-c"
- "cat /usr/share/nginx/html/index.php"
initialDelaySeconds: 0 # Execution delay time , Generally, execute immediately
periodSeconds: 3 # Detection frequency , Once every three seconds
timeoutSeconds: 1 # Timeout time
successThreshold: 1 # How many successful probes are successful
failureThreshold: 3 # How many times the probe fails is a failure

Readiness --readinessProbe

Readiness is generally configured by checking the port

 readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 30 # When the project is relatively large, give it a little bigger
periodSeconds: 1 # The sensitivity setting of readiness is large , Better user experience
timeoutSeconds: 1 # Timeout time
successThreshold: 3 # Three successes are success
failureThreshold: 1 # One failure

Comprehensive case --wordpress Blog project

# Database service deployment 
# Database namespace creation
apiVersion: v1
kind: Namespace
metadata:
name: mysql
---
# Database controller creation
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
namespace: mysql
spec:
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:5.7
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
- name: MYSQL_DATABASE
value: wordpress
livenessProbe: # Viability check
exec:
command:
- "/bin/bash"
- "-c"
- "cat /etc/mysql/my.cnf"
initialDelaySeconds: 0
periodSeconds: 3
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe: # Readiness check
tcpSocket:
port: 3306
initialDelaySeconds: 20
periodSeconds: 1
successThreshold: 3
failureThreshold: 1
timeoutSeconds: 1
---
# Configure the database Service
apiVersion: v1
kind: Service
metadata:
name: mysql
namespace: mysql
spec:
selector:
app: mysql
ports:
- port: 3306
targetPort: 3306
type: NodePort
# Database deployment completed
---
# Create the project namespace
apiVersion: v1
kind: Namespace
metadata:
namespace: wordpress
name: wordpress
---
# Create a controller for the project
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress
namespace: wordpress
spec:
selector:
matchLabels:
app: wordpress
template:
metadata:
labels:
app: wordpress
spec:
containers:
- name: php
image: alvinos/php:wordpress-v2
imagePullPolicy: Always
livenessProbe:
exec:
command:
- "/bin/bash"
- "-c"
- "ps -ef | grep php"
initialDelaySeconds: 0
periodSeconds: 3
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 1
readinessProbe:
tcpSocket:
port: 9000
initialDelaySeconds: 20
periodSeconds: 1
timeoutSeconds: 1
successThreshold: 3
failureThreshold: 1
- name: nginx
image: alvinos/nginx:wordpress-v2
imagePullPolicy: Always
livenessProbe:
exec:
command:
- "/bin/bash"
- "-c"
- "cat /etc/nginx/nginx.conf"
initialDelaySeconds: 0
periodSeconds: 3
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 1
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 10
periodSeconds: 1
timeoutSeconds: 1
successThreshold: 3
failureThreshold: 1
# Controller deployment completed
---
# Deployment controller Service
apiVersion: v1
kind: Service
metadata:
name: wordpress
namespace: wordpress
spec:
selector:
app: wordpress
ports:
- port: 80
targetPort: 80
name: http
nodePort: 30080
- port: 443
targetPort: 443
name: https
type: NodePort

cluster.local If you want to modify it, you can modify it here 
[root@k8s wordpress]# grep -ro "cluster.local" /etc/kubernetes/
/etc/kubernetes/manifests/kube-apiserver.yaml:cluster.local

ADM Of api High availability

Export initialization file , Making a change

[root@localhost ~]# kubeadm config print init-defaults > init-config.yaml
[root@localhost ~]# cat init-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 1.2.3.4
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: node
taints: null
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: k8s.gcr.io
kind: ClusterConfiguration
kubernetesVersion: 1.21.0
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
scheduler: {}

modify

INIT_IP=`hostname -i`
INIT_HOST=`hostname`
cat > init-config.yaml << EOF
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: ${INIT_IP} # Current host ip
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: ${INIT_HOST} # Corresponding host name
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
---
apiServer:
certSANs:
- 192.168.15.59 # Highly available virtual IP
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: 192.168.15.59:8443
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.cn-shanghai.aliyuncs.com/baim0os # Own mirror warehouse
kind: ClusterConfiguration
kubernetesVersion: 1.21.3
networking:
dnsDomain: cluster.local
podSubnet: 10.244.0.0/16
serviceSubnet: 10.96.0.0/12
scheduler: {}
EOF

Install highly available software

 # Three stations master All nodes need to be installed 
# keeplived + haproxy
[root@k8s-m-01 ~]# yum install -y keepalived haproxy
# modify keepalived The configuration file 
# According to different nodes , The modified configuration is also different
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf_bak
cd /etc/keepalived
KUBE_APISERVER_IP=`hostname -i`
cat > /etc/keepalived/keepalived.conf <<EOF
! Configuration File for keepalived
global_defs {
router_id LVS_DEVEL
}
vrrp_script chk_kubernetes {
script "/etc/keepalived/check_kubernetes.sh"
interval 2
weight -5
fall 3
rise 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
mcast_src_ip ${KUBE_APISERVER_IP}
virtual_router_id 51
priority 100
advert_int 2
authentication {
auth_type PASS
auth_pass K8SHA_KA_AUTH
}
virtual_ipaddress {
192.168.15.59
}
}
EOF
[root@k8s-m-01 /etc/keepalived]# systemctl enable --now keepalived
# modify haproxy The configuration file 
# High availability software
cat > /etc/haproxy/haproxy.cfg <<EOF
global
maxconn 2000
ulimit-n 16384
log 127.0.0.1 local0 err
stats timeout 30s
defaults
log global
mode http
option httplog
timeout connect 5000
timeout client 50000
timeout server 50000
timeout http-request 15s
timeout http-keep-alive 15s
frontend monitor-in
bind *:33305
mode http
option httplog
monitor-uri /monitor
listen stats
bind *:8006
mode http
stats enable
stats hide-version
stats uri /stats
stats refresh 30s
stats realm Haproxy\ Statistics
stats auth admin:admin
frontend k8s-master
bind 0.0.0.0:8443
bind 127.0.0.1:8443
mode tcp
option tcplog
tcp-request inspect-delay 5s
default_backend k8s-master
backend k8s-master
mode tcp
option tcplog
option tcp-check
balance roundrobin
default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
server m01 192.168.15.51:6443 check inter 2000 fall 2 rise 2 weight 100
server m02 192.168.15.52:6443 check inter 2000 fall 2 rise 2 weight 100
server m03 192.168.15.53:6443 check inter 2000 fall 2 rise 2 weight 100
EOF
[root@k8s-m-01 /etc/keepalived]# systemctl enable --now haproxy.service
Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service.

Initialize cluster

kubeadm init --config init-config.yaml --upload-certs
# Copy the master node command 
kubeadm join 192.168.15.59:8443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:b22691a3783c7f1a3544006e64907418476b6942393dffa02b3b0f20cb46a083 \
--control-plane --certificate-key 2e222d296099e3c4656dd9aa12d81b5bbbd0a3f2f13d6d3a9252334034785af1
# Copy from node command
kubeadm join 192.168.15.59:8443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:b22691a3783c7f1a3544006e64907418476b6942393dffa02b3b0f20cb46a083 # start-up
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Install network plug-ins calico

# download calico
curl https://docs.projectcalico.org/manifests/calico.yaml -O # Deploy calico
kubectl apply -f calico.yaml

Each node executes the join command

# Set the cluster role 
kubectl label nodes n01 node-role.kubernetes.io/node=n01
kubectl label nodes n02 node-role.kubernetes.io/node=n02 # View the cluster status
[root@m01 ~]# kubectl get nodes
[root@m01 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
m01 Ready control-plane,master 36m v1.21.3
m02 Ready control-plane,master 6m47s v1.21.3
m03 Ready control-plane,master 5m50s v1.21.3
n01 Ready node 5m v1.21.3
n02 Ready node 4m42s v1.21.3

More interesting content, please pay attention to WeChat official account : New technology ecosystem

More interesting content, please pay attention to WeChat official account : New technology ecosystem

More interesting content, please pay attention to WeChat official account : New technology ecosystem

K8S Chapter 8 of the series (Service、EndPoints And high availability kubeadm Deploy ) More articles about

  1. MySQL series ( 5、 ... and ) Multiple instances 、 High availability production environment

    MySQL series ( 5、 ... and ) Multiple instances . High availability production environment   Chapter one :MySQL series ( One ) Production standard line environment installation configuration case and difficult problem solving Second articles :MySQL series ( Two ) The biggest loser in history . You don't know about database operations Third ...

  2. Spring Cloud Chapter 11 | Distributed configuration center is highly available

    ​ This article is about Spring Cloud The eleventh article of the column , Understanding the contents of the first ten articles is helpful to better understand this article : Spring Cloud Chapter one | Spring Cloud Introduction to foreword and its common components Spring Cl ...

  3. Distributed architecture, high availability architecture _04_Keepalived+Nginx High availability Web Load balancing

    Reference resources :  Longguo College http://www.roncoo.com/share.html?hamc=hLPG8QsaaWVOl2Z76wpJHp3JBbZZF%2Bywm5vEfPp9LbLkAjAnB%2B ...

  4. SpringCloud Series IV : Realization Eureka Server And register the application to Eureka Sever On the cluster

    1. review In the last blog post , Single node is realized Eureka Server.Eureka Client Regular connection Eureka Server, Get the information in the registry and cache it locally . Microservices are consuming remote services API Always use local ...

  5. prometheus Learning Series 11 : Prometheus and AlertManager High availability

    In the previous series , prometheus and alertmanager They are all deployed on a single machine , There will be single machine downtime, resulting in system unavailability . This article mainly introduces prometheus and alertmanager High availability solution for . High availability of services ...

  6. Java series -- Chapter eight be based on Maven Of SSME Send by regular mail

    About ssme This is my little sample project , If you want to make sparrow small , Five zang organs , See a lot, some web They all have the function of sending emails regularly , Miss me ssme Add this function as well , After consulting relevant documents , Find out spring It comes with a scheduler quartz, Next ...

  7. javascript Sports series 8 —— Wall movement

    × Catalog [1] Hit the wall at a constant speed [2] Free fall [3] Throw into the wall [4] Drag on the wall In front of the word Collision motion may be a more complex motion in the motion series . Collision can be divided into two forms: wall collision and mutual collision , The motion before and after the collision can also be divided into variable speed and uniform speed ...

  8. Learn more jQuery Selector series 8 —— Filter selector pseudo child element selector

    × Catalog [1] General form [2] The reverse form [3] First and last elements [4] The only element In front of the word This article is a continuation of the sub element selector , It is mainly about nth-of-type() The contents of the selector . This part is not absent from < Incisive ...

  9. 【Windows Programming 】 Chapter 8 of the series : Common dialog box

    Last time we learned the basic programming of menu , This article is about the use of General dialog box .Windows System is the most popular desktop system at present , It is also because Windows There's a set of standards , Unified friendly interface , Like the menu . The toolbar . The status bar and each ...

  10. MongoDB Basic tutorial series -- Chapter eight MongoDB Replica set realizes replication function

    Why copy Why copy ? If our database only exists on one server , If this server goes down , That would be a disaster for our data , Of course, that's just one reason , If the amount of data is very large , Read and write operations will inevitably affect the performance of the database , At this point, the copy is done ...

Random recommendation

  1. C++@sublime GDB debugging

    Text from :http://www.cppblog.com/lucency/archive/2012/08/09/59214.html I searched the Internet for a long time before using sublime debugging C and C++ The article , But in vain ...

  2. android A simple example of connecting to the network

    1.android There are two classes of connecting networks HttpURLConnect and HttpClient, however HttpClient Has gradually been HttpURLConnect Class instead, so I don't mention . 2. example String add ...

  3. dm3730 and dm6437,dm6446,AM335x Different start-up processes

    dm3730 The start-up process is RBL+X-loader+uboot+uImage In the film ROM(fireware), Intraslice SRAM, Off chip DDR, Off chip DDR. The reason for establishing such a complex startup process , My personal reason ...

  4. Talking about JS Inheritance

    JS Inherit Inheritance is OO The most popular concept in language , many OO Both languages support two ways of inheritance : Interface inheritance : Implementation inheritance . Interface inheritance : Inherit method signature only . Implementation inheritance : Inherit the actual method . because ES There is no signature in the function , So in ES No inside ...

  5. The content of elements must consist of well-formed character data or markup

    java Use in dom4j Parse a with special characters xml There is an error in the file At this time, you need to add... Outside the special characters <![CDATA[ /6169220648+20671/1>7+-47390045& ...

  6. perform find / -name *.sh Times wrong find: The path must precede the expression : start-ressvr-release.sh

    Want to find a file that contains 4000 All files in the directory of multiple files .sh Final document Use command      find  ./ -name *.sh     ( It is already in the directory to be searched ) The result is wrong :  Solution 1 :find ./ - ...

  7. redis Summary of common operation methods of various data types in

    stay spring Use in jedisTemplate operation , See https://www.cnblogs.com/EasonJim/p/7803067.html One .Redis Five data types of 1.String( ...

  8. Concurrent Research Java Memory model (Java Memory Model)

    Java Memory model JMM java Memory model definition Last time we talked about CPU Cache consistency and memory barrier issues . that Java As a cross platform language , Its implementation has to face different underlying hardware systems , Design a middle layer model to shield the underlying hard ...

  9. mysql Solutions to garbled code problem

    Recently developed a small project , Encountered the most common garbled code problem . 1. Database usage utf-8  utf-8_generic_ci code , Use csv Upload and import data , There was a problem inserting data , Most of the data has not been imported , So use m ...

  10. mybatis Condition Inquire about

    Condition condition = new Condition(ACurrentTotal.class); condition.createCriteria().andCondition(&q ...