Kubernetes: erinevus redaktsioonide vahel
(Uus lehekülg: '===Sissejuhatus=== TODO ===Tööpõhimõte=== TODO ===Paigaldamine=== TODO Paigaldamiseks on mitmeid võimalusi, aadressil https://kubernetes.io/docs/setup/production-envi...') |
|||
(ei näidata sama kasutaja 8 vahepealset redaktsiooni) | |||
2. rida: | 2. rida: | ||
TODO |
TODO |
||
+ | |||
+ | ===Mõisted=== |
||
+ | |||
+ | * Container Runtime - konteineri image käivitamise keskkond (nt cri-o, docker, containerd) - engine rollis võib olla 'Container engine' või kubernetes ise |
||
+ | * Conteiner Engine - midagi terviklikumat (nt standalone dockerhost), tavaliselt kuulub CE kooseisu muu hulgas CR - näitedeks on Docker, Podman dockerhost pidamisel |
||
+ | * OCI - Open Containers Initiative |
||
+ | * CNCF - Cloud Native Computing Foundation |
||
+ | * CNI - Container Network Interface |
||
+ | * CRI - Container Runtime Interface |
||
+ | * CSI - Container Storage Interface |
||
+ | |||
+ | Oskused |
||
+ | |||
+ | * Kubernetes and Cloud Native Associate |
||
+ | * CKAD - Certified Kubernetes Application Developer |
||
+ | * CKA - Certified Kubernetes Administator |
||
+ | * Certified Kubernetes Security |
||
===Tööpõhimõte=== |
===Tööpõhimõte=== |
||
346. rida: | 363. rida: | ||
* https://ralph.blog.imixs.com/2020/02/01/kubernetes-setup-traefik-2-1/ |
* https://ralph.blog.imixs.com/2020/02/01/kubernetes-setup-traefik-2-1/ |
||
* https://medium.com/dev-genius/quickstart-with-traefik-v2-on-kubernetes-e6dff0d65216 |
* https://medium.com/dev-genius/quickstart-with-traefik-v2-on-kubernetes-e6dff0d65216 |
||
+ | |||
+ | ===Misc=== |
||
+ | |||
+ | # kubectl create deploy myapp --image=nginx --replicas=3 --dry-run=client -o yaml |
||
===Kasulikud lisamaterjalid=== |
===Kasulikud lisamaterjalid=== |
Viimane redaktsioon: 30. juuli 2023, kell 12:46
Sissejuhatus
TODO
Mõisted
- Container Runtime - konteineri image käivitamise keskkond (nt cri-o, docker, containerd) - engine rollis võib olla 'Container engine' või kubernetes ise
- Conteiner Engine - midagi terviklikumat (nt standalone dockerhost), tavaliselt kuulub CE kooseisu muu hulgas CR - näitedeks on Docker, Podman dockerhost pidamisel
- OCI - Open Containers Initiative
- CNCF - Cloud Native Computing Foundation
- CNI - Container Network Interface
- CRI - Container Runtime Interface
- CSI - Container Storage Interface
Oskused
- Kubernetes and Cloud Native Associate
- CKAD - Certified Kubernetes Application Developer
- CKA - Certified Kubernetes Administator
- Certified Kubernetes Security
Tööpõhimõte
TODO
Paigaldamine
TODO
Paigaldamiseks on mitmeid võimalusi, aadressil https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ kirjeldatakse muu hulgas Ubuntu 18.04 operatsioonisüsteemi juhtumit.
root@k8s-master:~# kubectl get pods --all-namespaces
root@k8s-master:~# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-master Ready master 7h36m v1.18.2 k8s-node-1 Ready <none> 7h18m v1.18.2 k8s-node-2 Ready <none> 7h17m v1.18.2
root@k8s-master:~# kubectl get all -o wide
Kasutamine
TODO
root@k8s-master:~# kubectl create deployment hello-minikube --image=k8s.gcr.io/echoserver:1.4 root@k8s-master:~# kubectl create deployment --image httpd httpd-create root@k8s-master:~# kubectl create deployment --image=busybox busy2 --dry-run -o yaml
Pod tekitamine
root@k8s-master:~# cat httpd-pod.yaml apiVersion: v1 kind: Pod metadata: name: httpd-hello namespace: default spec: containers: - image: httpd name: httpd root@k8s-master:~# kubectl create -f httpd-pod.yaml root@k8s-master:~# kubectl exec -it httpd-hello -- /bin/bash root@k8s-master:~# kubectl describe pods httpd-hello
root@k8s-master:~# kubectl get pods httpd-create-2-5c994cf8f5-sfs7s -o yaml
Nodeport abil välja näitamine
root@k8s-master:~# kubectl expose deployment httpd-create-2 --port 80 root@k8s-master:~# kubectl edit svc httpd-create-2
pod arvu muutmine
root@k8s-master:~# kubectl scale deployment --replicas=6 httpd-create-2 root@k8s-master:~# kubectl edit deployments.apps httpd-create-2 -> ja muuta spec -> replicas väärtust
NodePort kaudu eemalt ligipääs http://192.168.110.101:32001/ ja http://192.168.110.102:32001/
Tarkvara uuendamine
TODO
Süsteemi käivitamine ja seiskamine
TODO
ingress - nginx
Tööpõhimõte
TODO
Paigaldamine
nginx ingress paigaldamine toimub nt
# kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.34.1/deploy/static/provider/baremetal/deploy.yaml
mille tulemusena
- TODO
Kasutamine - non-tls
# cat example-ingress.yaml apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: example-ingress annotations: nginx.ingress.kubernetes.io/rewrite-target: /$1 spec: rules: - host: hello-world.info http: paths: - path: /nmt backend: serviceName: nmt servicePort: 80 - path: /nginx backend: serviceName: httpd-create-2 servicePort: 80
kus
- TODO
Kasutamine - tls
our-tls objekti moodustamiseks sobib öelda
# cat tls.yaml apiVersion: v1 kind: Secret metadata: name: our-tls namespace: default type: kubernetes.io/tls data: tls.crt: LS0tLS1CR ... tls.key: LS0tLS1CRUd ...
tls sertifikaatide objekti tekitamiseks sobib öelda
# kubectl create -f tls.yaml
# cat example-ingress-tls.yaml apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: example-ingress-tls annotations: nginx.ingress.kubernetes.io/rewrite-target: /$1 nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" spec: tls: - hosts: - www.moraal.ee secretName: our-tls rules: - host: www.moraal.ee http: paths: - path: /nmt backend: serviceName: nmt servicePort: 443 - path: /nginx backend: serviceName: httpd-create-2 servicePort: 80
ingress tekitamiseks sobib öelda
# kubectl apply -f example-ingress-tls.yaml
Haldamine
# kubectl get ingress NAME CLASS HOSTS ADDRESS PORTS AGE example-ingress <none> hello-world.info 192.168.110.102 80 9h example-ingress-tls <none> www.moraal.ee 192.168.110.102 80, 443 8h
# kubectl describe ingress example-ingress Name: example-ingress Namespace: default Address: 192.168.110.102 Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>) Rules: Host Path Backends ---- ---- -------- hello-world.info /nmt nmt:80 (10.217.1.42:80) /nginx httpd-create-2:80 (10.217.1.149:80,10.217.1.216:80) Annotations: nginx.ingress.kubernetes.io/rewrite-target: /$1 Events: <none>
# kubectl delete -f example-ingress.yaml # kubectl edit ingress example-ingress # kubectl delete -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.34.1/deploy/static/provider/baremetal/deploy.yaml
Kasulikud lisamaterjalid
- https://kubernetes.github.io/ingress-nginx/
- https://matthewpalmer.net/kubernetes-app-developer/articles/kubernetes-ingress-guide-nginx-example.html
- https://kubernetes.github.io/ingress-nginx/deploy/baremetal/
- https://www.net7.be/blog/article/kubernetes_ingress_bare_metal_load_balancing.html
- https://medium.com/devityoself/ingress-tls-bare-metal-kubernetes-9b8fda1917aa
ingress - haproxy
Tööpõhimõte
TODO
Paigaldamine
# kubectl create -f https://haproxy-ingress.github.io/resources/haproxy-ingress.yaml # kubectl label node k8s-node-1 role=ingress-controller
Kasutamine
'proxy protocol' kasutamine
# cat example-ingress-tls-haproxy.yaml apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: example-ingress-tls-haproxy namespace: default annotations: ingress.kubernetes.io/backend-protocol: "HTTP" ingress.kubernetes.io/proxy-protocol: "v1" spec: rules: - host: www.pak-lm.ee http: paths: - path: /nmt backend: serviceName: nmt servicePort: 80 - path: /nginx backend: serviceName: httpd-create-2 servicePort: 80 tls: - hosts: - www.pak-lm.ee secretName: our-tls
Paigaldamine koos tcp-services kasutamise võimalusega
# wget https://haproxy-ingress.github.io/resources/haproxy-ingress.yaml
Lisaada DaemonSet alla üks args rida juurde, kokku saab
.. args: - --configmap=ingress-controller/haproxy-ingress - --tcp-services-configmap=ingress-controller/haproxy-tcp ...
Tekitada haproxy-tcp configmap
# kubectl --namespace=ingress-controller create configmap haproxy-tcp --from-literal=8000="default/nmt:80::PROXY-V1"
ning muuta
# kubectl --namespace=ingress-controller edit cm haproxy-tcp
Tulemuseks on nt
# kubectl --namespace=ingress-controller get cm haproxy-tcp -o yaml apiVersion: v1 data: "8000": default/nmt:80::PROXY-V1 kind: ConfigMap ...
Kasulikud lisamaterjalid
- https://github.com/jcmoraisjr/haproxy-ingress
- https://haproxy-ingress.github.io/docs/getting-started/
- https://github.com/haproxytech/haproxy-ingress
- https://github.com/jcmoraisjr/haproxy-ingress/issues/96
ingress - traefik
TODO
Tööpõhimõte
- CRD - Custom Resource Definition
Paigaldamine
# helm3 install -- set="ports.web.nodePort=32080,ports.websecure.nodePort=32443,service.type=NodePort,ports.traefik.expose=true,additionalArguments={--entrypoints.udpep.address=:9000/udp}" traefik traefik/traefik
kus
- TODO
- haldusliides http://192.168.110.101:30967/dashboard/ port vaadata '# kubectl get all --all-namespaces | grep traefi' väljundist
Kasutamine - kubernetes ingress
Automaatselt avastab tavalised kubernetes ingress resource'id
Kasutamine - kubernetes crd
# cat traefik-ingress-nmt4.yaml apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: nmt4-ingress spec: entryPoints: - web routes: - match: Host(`nmt4.auul.pri.ee`) kind: Rule services: - name: nmt4 port: 80
# kubectl apply -f traefik-ingress-nmt4.yaml
Kasulikud lisamaterjalid
- https://docs.traefik.io/getting-started/concepts/
- https://medium.com/kubernetes-tutorials/deploying-traefik-as-ingress-controller-for-your-kubernetes-cluster-b03a0672ae0c
- https://ralph.blog.imixs.com/2020/02/01/kubernetes-setup-traefik-2-1/
- https://medium.com/dev-genius/quickstart-with-traefik-v2-on-kubernetes-e6dff0d65216
Misc
# kubectl create deploy myapp --image=nginx --replicas=3 --dry-run=client -o yaml