More interesting content, please pay attention to WeChat official account : New technology ecosystem
More interesting content, please pay attention to WeChat official account : New technology ecosystem
More interesting content, please pay attention to WeChat official account : New technology ecosystem
Endpoints
Namespace level resources , If endpoints and service It's the same name , Then it is automatically associated .
Function one : And service Load balancing
[[email protected] ~]# kubectl describe svc
Name: kubernetes
Namespace: default
Labels: component=apiserver
provider=kubernetes
Annotations: <none>
Selector: <none>
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.96.0.1
IPs: 10.96.0.1
Port: https 443/TCP
TargetPort: 6443/TCP
Endpoints: 192.168.15.201:6443
Session Affinity: None
Events: <none>
Function 2 : Introduce external services into the cluster
Case study
# First create an external service on this machine mysql
[[email protected] endpoints]# docker run -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=123456 mysql:5.7
c34bab6ad37f46bae59ef2ee712e8430c53142d30a53119e9912407fd540ad61
# port 3306, The password is as above
kind: Endpoints
apiVersion: v1
metadata:
namespace: default
name: test-endpoints
subsets:
- addresses: # agent ip
- ip: 192.168.15.201
ports:
- port: 3306 # Port of service
protocol: TCP
name: http
---
kind: Service
apiVersion: v1
metadata:
name: test-endpoints # The name here must be the same as above to be associated
namespace: default
spec:
ports:
- port: 3306
targetPort: 3306
protocol: TCP
name: http
---
kind: Deployment # Provide a mysql The client of
apiVersion: apps/v1
metadata:
name: mysql
namespace: default
spec:
selector:
matchLabels:
app: mysql-v1
template:
metadata:
labels:
app: mysql-v1
spec:
containers:
- name: mysql
image: mysql:5.7
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
# Deploy endpoints file
[[email protected] endpoints]# kubectl apply -f endpoints.yaml
endpoints/test-endpoints created
service/test-endpoints created
deployment.apps/mysql created
[[email protected] endpoints]# kubectl get -f endpoints.yaml
NAME ENDPOINTS AGE
endpoints/test-endpoints 192.168.15.201:3306 8s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/test-endpoints ClusterIP 10.106.61.144 <none> 3306/TCP 8s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/mysql 1/1 1 1 8s
More interesting content, please pay attention to WeChat official account : New technology ecosystem
More interesting content, please pay attention to WeChat official account : New technology ecosystem
More interesting content, please pay attention to WeChat official account : New technology ecosystem
# Enter the deployed project
[[email protected] endpoints]# kubectl exec -it mysql-578666457d-g8856 -- bash
# Link to the inside of the cluster ip
[email protected]:/# mysql -uroot -p123456 -h10.106.61.144
mysql> create database db01;
Query OK, 1 row affected (0.01 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| db01 |
| mysql |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.00 sec)
# Into the outside docker Of mysql
[[email protected] endpoints]# docker exec -it c34bab6ad37f bash
[email protected]:/# mysql -uroot -p123456
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| db01 |
| mysql |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.00 sec)
# Found the just created db01 ad locum , explain Endpoints A successful agent mysql service
Service health check
Configuration list
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: test-deployment
spec:
selector:
matchLabels:
app: nginx-v1
template:
metadata:
labels:
app: nginx-v1
spec:
containers:
- name: nginx
image: nginx
lifecycle: # Callback HOOK
postStart: # establish Pod Before starting
exec: # The first way , More use
command:
- "/bin/sh"
- "-c"
- "touch /root/1.txt"
httpGet: # The second way ( Use less )
port: 80
path: / # httpGet Your request must return 200 Is considered successful
tcpSocket: # The third way ( Use less )
port: 80
preStop: # Delete Pod Before starting
exec:
command:
- "/bin/sh"
- "-c"
- "echo 123 > /root/1.txt"
livenessProbe:
exec:
command:
- "bin/bash"
- "-c"
- "cat /usr/share/nginx/html/index.php"
initialDelaySeconds: 0 # Execution delay time
periodSeconds: 3 # Detection frequency
timeoutSeconds: 1 # Timeout time
successThreshold: 1 # How many successful probes are successful
failureThreshold: 3 # How many times the probe fails is a failure
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 30 # When the project is relatively large, give it a little bigger
periodSeconds: 1 # The sensitivity setting of readiness is large , Better user experience
timeoutSeconds: 1
successThreshold: 3
failureThreshold: 1
Callback HOOK--lifecycle
The execution function at startup is postStart, There are three ways of execution , Namely exec、httpGet、tcpSocket, however httpGet Need to request to 200 Will return to success , Otherwise failure .
The execution function at the end is preStop, The execution method is similar to the above .
viability --livenessProbe
Storage activity is generally used here exec In the form of , The general settings of the production environment are as follows
livenessProbe:
exec:
command:
- "bin/bash"
- "-c"
- "cat /usr/share/nginx/html/index.php"
initialDelaySeconds: 0 # Execution delay time , Generally, execute immediately
periodSeconds: 3 # Detection frequency , Once every three seconds
timeoutSeconds: 1 # Timeout time
successThreshold: 1 # How many successful probes are successful
failureThreshold: 3 # How many times the probe fails is a failure
Readiness --readinessProbe
Readiness is generally configured by checking the port
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 30 # When the project is relatively large, give it a little bigger
periodSeconds: 1 # The sensitivity setting of readiness is large , Better user experience
timeoutSeconds: 1 # Timeout time
successThreshold: 3 # Three successes are success
failureThreshold: 1 # One failure
Comprehensive case --wordpress Blog project
# Database service deployment
# Database namespace creation
apiVersion: v1
kind: Namespace
metadata:
name: mysql
---
# Database controller creation
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
namespace: mysql
spec:
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:5.7
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
- name: MYSQL_DATABASE
value: wordpress
livenessProbe: # Viability check
exec:
command:
- "/bin/bash"
- "-c"
- "cat /etc/mysql/my.cnf"
initialDelaySeconds: 0
periodSeconds: 3
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe: # Readiness check
tcpSocket:
port: 3306
initialDelaySeconds: 20
periodSeconds: 1
successThreshold: 3
failureThreshold: 1
timeoutSeconds: 1
---
# Configure the database Service
apiVersion: v1
kind: Service
metadata:
name: mysql
namespace: mysql
spec:
selector:
app: mysql
ports:
- port: 3306
targetPort: 3306
type: NodePort
# Database deployment completed
---
# Create the project namespace
apiVersion: v1
kind: Namespace
metadata:
namespace: wordpress
name: wordpress
---
# Create a controller for the project
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress
namespace: wordpress
spec:
selector:
matchLabels:
app: wordpress
template:
metadata:
labels:
app: wordpress
spec:
containers:
- name: php
image: alvinos/php:wordpress-v2
imagePullPolicy: Always
livenessProbe:
exec:
command:
- "/bin/bash"
- "-c"
- "ps -ef | grep php"
initialDelaySeconds: 0
periodSeconds: 3
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 1
readinessProbe:
tcpSocket:
port: 9000
initialDelaySeconds: 20
periodSeconds: 1
timeoutSeconds: 1
successThreshold: 3
failureThreshold: 1
- name: nginx
image: alvinos/nginx:wordpress-v2
imagePullPolicy: Always
livenessProbe:
exec:
command:
- "/bin/bash"
- "-c"
- "cat /etc/nginx/nginx.conf"
initialDelaySeconds: 0
periodSeconds: 3
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 1
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 10
periodSeconds: 1
timeoutSeconds: 1
successThreshold: 3
failureThreshold: 1
# Controller deployment completed
---
# Deployment controller Service
apiVersion: v1
kind: Service
metadata:
name: wordpress
namespace: wordpress
spec:
selector:
app: wordpress
ports:
- port: 80
targetPort: 80
name: http
nodePort: 30080
- port: 443
targetPort: 443
name: https
type: NodePort
cluster.local If you want to modify it, you can modify it here
[[email protected] wordpress]# grep -ro "cluster.local" /etc/kubernetes/
/etc/kubernetes/manifests/kube-apiserver.yaml:cluster.local
ADM Of api High availability
Export initialization file , Making a change
[[email protected] ~]# kubeadm config print init-defaults > init-config.yaml
[[email protected] ~]# cat init-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 1.2.3.4
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: node
taints: null
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: k8s.gcr.io
kind: ClusterConfiguration
kubernetesVersion: 1.21.0
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
scheduler: {}
modify
INIT_IP=`hostname -i`
INIT_HOST=`hostname`
cat > init-config.yaml << EOF
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: ${INIT_IP} # Current host ip
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: ${INIT_HOST} # Corresponding host name
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
---
apiServer:
certSANs:
- 192.168.15.59 # Highly available virtual IP
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: 192.168.15.59:8443
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.cn-shanghai.aliyuncs.com/baim0os # Own mirror warehouse
kind: ClusterConfiguration
kubernetesVersion: 1.21.3
networking:
dnsDomain: cluster.local
podSubnet: 10.244.0.0/16
serviceSubnet: 10.96.0.0/12
scheduler: {}
EOF
Install highly available software
# Three stations master All nodes need to be installed
# keeplived + haproxy
[[email protected] ~]# yum install -y keepalived haproxy
# modify keepalived The configuration file
# According to different nodes , The modified configuration is also different
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf_bak
cd /etc/keepalived
KUBE_APISERVER_IP=`hostname -i`
cat > /etc/keepalived/keepalived.conf <<EOF
! Configuration File for keepalived
global_defs {
router_id LVS_DEVEL
}
vrrp_script chk_kubernetes {
script "/etc/keepalived/check_kubernetes.sh"
interval 2
weight -5
fall 3
rise 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
mcast_src_ip ${KUBE_APISERVER_IP}
virtual_router_id 51
priority 100
advert_int 2
authentication {
auth_type PASS
auth_pass K8SHA_KA_AUTH
}
virtual_ipaddress {
192.168.15.59
}
}
EOF
[[email protected] /etc/keepalived]# systemctl enable --now keepalived
# modify haproxy The configuration file
# High availability software
cat > /etc/haproxy/haproxy.cfg <<EOF
global
maxconn 2000
ulimit-n 16384
log 127.0.0.1 local0 err
stats timeout 30s
defaults
log global
mode http
option httplog
timeout connect 5000
timeout client 50000
timeout server 50000
timeout http-request 15s
timeout http-keep-alive 15s
frontend monitor-in
bind *:33305
mode http
option httplog
monitor-uri /monitor
listen stats
bind *:8006
mode http
stats enable
stats hide-version
stats uri /stats
stats refresh 30s
stats realm Haproxy\ Statistics
stats auth admin:admin
frontend k8s-master
bind 0.0.0.0:8443
bind 127.0.0.1:8443
mode tcp
option tcplog
tcp-request inspect-delay 5s
default_backend k8s-master
backend k8s-master
mode tcp
option tcplog
option tcp-check
balance roundrobin
default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
server m01 192.168.15.51:6443 check inter 2000 fall 2 rise 2 weight 100
server m02 192.168.15.52:6443 check inter 2000 fall 2 rise 2 weight 100
server m03 192.168.15.53:6443 check inter 2000 fall 2 rise 2 weight 100
EOF
[[email protected] /etc/keepalived]# systemctl enable --now haproxy.service
Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service.
Initialize cluster
kubeadm init --config init-config.yaml --upload-certs
# Copy the master node command
kubeadm join 192.168.15.59:8443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:b22691a3783c7f1a3544006e64907418476b6942393dffa02b3b0f20cb46a083 \
--control-plane --certificate-key 2e222d296099e3c4656dd9aa12d81b5bbbd0a3f2f13d6d3a9252334034785af1
# Copy from node command
kubeadm join 192.168.15.59:8443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:b22691a3783c7f1a3544006e64907418476b6942393dffa02b3b0f20cb46a083
# start-up
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Install network plug-ins calico
# download calico
curl https://docs.projectcalico.org/manifests/calico.yaml -O
# Deploy calico
kubectl apply -f calico.yaml
Each node executes the join command
# Set the cluster role
kubectl label nodes n01 node-role.kubernetes.io/node=n01
kubectl label nodes n02 node-role.kubernetes.io/node=n02
# View the cluster status
[[email protected] ~]# kubectl get nodes
[[email protected] ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
m01 Ready control-plane,master 36m v1.21.3
m02 Ready control-plane,master 6m47s v1.21.3
m03 Ready control-plane,master 5m50s v1.21.3
n01 Ready node 5m v1.21.3
n02 Ready node 4m42s v1.21.3
More interesting content, please pay attention to WeChat official account : New technology ecosystem
More interesting content, please pay attention to WeChat official account : New technology ecosystem
More interesting content, please pay attention to WeChat official account : New technology ecosystem
K8S Chapter 8 of the series (Service、EndPoints And high availability kubeadm Deploy ) More articles about
- MySQL series ( 5、 ... and ) Multiple instances 、 High availability production environment
MySQL series ( 5、 ... and ) Multiple instances . High availability production environment Chapter one :MySQL series ( One ) Production standard line environment installation configuration case and difficult problem solving Second articles :MySQL series ( Two ) The biggest loser in history . You don't know about database operations Third ...
- Spring Cloud Chapter 11 | Distributed configuration center is highly available
This article is about Spring Cloud The eleventh article of the column , Understanding the contents of the first ten articles is helpful to better understand this article : Spring Cloud Chapter one | Spring Cloud Introduction to foreword and its common components Spring Cl ...
- Distributed architecture, high availability architecture _04_Keepalived+Nginx High availability Web Load balancing
Reference resources : Longguo College http://www.roncoo.com/share.html?hamc=hLPG8QsaaWVOl2Z76wpJHp3JBbZZF%2Bywm5vEfPp9LbLkAjAnB%2B ...
- SpringCloud Series IV : Realization Eureka Server And register the application to Eureka Sever On the cluster
1. review In the last blog post , Single node is realized Eureka Server.Eureka Client Regular connection Eureka Server, Get the information in the registry and cache it locally . Microservices are consuming remote services API Always use local ...
- prometheus Learning Series 11 : Prometheus and AlertManager High availability
In the previous series , prometheus and alertmanager They are all deployed on a single machine , There will be single machine downtime, resulting in system unavailability . This article mainly introduces prometheus and alertmanager High availability solution for . High availability of services ...
- Java series -- Chapter eight be based on Maven Of SSME Send by regular mail
About ssme This is my little sample project , If you want to make sparrow small , Five zang organs , See a lot, some web They all have the function of sending emails regularly , Miss me ssme Add this function as well , After consulting relevant documents , Find out spring It comes with a scheduler quartz, Next ...
- javascript Sports series 8 —— Wall movement
× Catalog [1] Hit the wall at a constant speed [2] Free fall [3] Throw into the wall [4] Drag on the wall In front of the word Collision motion may be a more complex motion in the motion series . Collision can be divided into two forms: wall collision and mutual collision , The motion before and after the collision can also be divided into variable speed and uniform speed ...
- Learn more jQuery Selector series 8 —— Filter selector pseudo child element selector
× Catalog [1] General form [2] The reverse form [3] First and last elements [4] The only element In front of the word This article is a continuation of the sub element selector , It is mainly about nth-of-type() The contents of the selector . This part is not absent from < Incisive ...
- 【Windows Programming 】 Chapter 8 of the series : Common dialog box
Last time we learned the basic programming of menu , This article is about the use of General dialog box .Windows System is the most popular desktop system at present , It is also because Windows There's a set of standards , Unified friendly interface , Like the menu . The toolbar . The status bar and each ...
- MongoDB Basic tutorial series -- Chapter eight MongoDB Replica set realizes replication function
Why copy Why copy ? If our database only exists on one server , If this server goes down , That would be a disaster for our data , Of course, that's just one reason , If the amount of data is very large , Read and write operations will inevitably affect the performance of the database , At this point, the copy is done ...
Random recommendation
- [email protected] GDB debugging
Text from :http://www.cppblog.com/lucency/archive/2012/08/09/59214.html I searched the Internet for a long time before using sublime debugging C and C++ The article , But in vain ...
- android A simple example of connecting to the network
1.android There are two classes of connecting networks HttpURLConnect and HttpClient, however HttpClient Has gradually been HttpURLConnect Class instead, so I don't mention . 2. example String add ...
- dm3730 and dm6437,dm6446,AM335x Different start-up processes
dm3730 The start-up process is RBL+X-loader+uboot+uImage In the film ROM(fireware), Intraslice SRAM, Off chip DDR, Off chip DDR. The reason for establishing such a complex startup process , My personal reason ...
- Talking about JS Inheritance
JS Inherit Inheritance is OO The most popular concept in language , many OO Both languages support two ways of inheritance : Interface inheritance : Implementation inheritance . Interface inheritance : Inherit method signature only . Implementation inheritance : Inherit the actual method . because ES There is no signature in the function , So in ES No inside ...
- The content of elements must consist of well-formed character data or markup
java Use in dom4j Parse a with special characters xml There is an error in the file At this time, you need to add... Outside the special characters <![CDATA[ /6169220648+20671/1>7+-47390045& ...
- perform find / -name *.sh Times wrong find: The path must precede the expression : start-ressvr-release.sh
Want to find a file that contains 4000 All files in the directory of multiple files .sh Final document Use command find ./ -name *.sh ( It is already in the directory to be searched ) The result is wrong : Solution 1 :find ./ - ...
- redis Summary of common operation methods of various data types in
stay spring Use in jedisTemplate operation , See https://www.cnblogs.com/EasonJim/p/7803067.html One .Redis Five data types of 1.String( ...
- Concurrent Research Java Memory model (Java Memory Model)
Java Memory model JMM java Memory model definition Last time we talked about CPU Cache consistency and memory barrier issues . that Java As a cross platform language , Its implementation has to face different underlying hardware systems , Design a middle layer model to shield the underlying hard ...
- mysql Solutions to garbled code problem
Recently developed a small project , Encountered the most common garbled code problem . 1. Database usage utf-8 utf-8_generic_ci code , Use csv Upload and import data , There was a problem inserting data , Most of the data has not been imported , So use m ...
- mybatis Condition Inquire about
Condition condition = new Condition(ACurrentTotal.class); condition.createCriteria().andCondition(&q ...