K0s kasutamine: erinevus redaktsioonide vahel
Allikas: Imre kasutab arvutit
Mine navigeerimisribaleMine otsikasti
| 475. rida: | 475. rida: | ||
* märgata external-ip väärtust 192.168.10.120 |
* märgata external-ip väärtust 192.168.10.120 |
||
* pöörduda töökohaarvutist aadressilt https://web.example.com/ kusjuures see dns nimi peab lahenduma ip aadressiks 192.168.10.120. |
* pöörduda töökohaarvutist aadressilt https://web.example.com/ kusjuures see dns nimi peab lahenduma ip aadressiks 192.168.10.120. |
||
| + | |||
| + | Deployment tegemiseks sobib öelda |
||
| + | |||
| + | <pre> |
||
| + | |||
| + | </pre> |
||
====Paigaldamine - nginx ingress kontroller + hostport==== |
====Paigaldamine - nginx ingress kontroller + hostport==== |
||
Redaktsioon: 30. august 2023, kell 17:46
Sissejuhatus
TODO
Tööpõhimõte
TODO
k0s host ettevalmistamine
# apt-get install apparmor iptables curl
Paigaldamine
Järgnevas kirjeldatakse k0s süsteemi paigaldamise variatsioone.
Paigaldamine - vanilla
Väited
- süsteem töötab ilma k0s seadistuseta
- ei ole paigaldatud pv jaoks vajalikku storage class lahendust paigaldamise osana
- ei ole paigaldatud ingress controller'it paigaldamise osana
https://docs.k0sproject.io/v1.27.5+k0s.0/install/, kõige lihtsamal juhtumil paigadamine ja käivitamine
# curl -sSLf https://get.k0s.sh | sudo sh Downloading k0s from URL: https://github.com/k0sproject/k0s/releases/download/v1.27.5+k0s.0/k0s-v1.27.5+k0s.0-amd64 k0s is now executable in /usr/local/bin
# k0s install controller --single # k0s start # k0s status # k0s kubectl get nodes
k0s protsesside lõpetamine ja süsteemist eemaldamine
# k0s stop # k0s reset # reboot
Paigaldamine - vanilla + openebs
Väited
- paigaldust juhitakse k0s seadistusfailiga
- paigaldamise käigus tekib lisaks 'Paigaldamine - vanilla' olukorrale openebs storage lahendus
- https://docs.k0sproject.io/v1.27.5+k0s.0/storage/ (navigeerida 'Usage -> Storage (CSI)')
esmalt moodustatakse k0s seadistusfail
# mkdir /etc/k0s # k0s config create > /etc/k0s/k0s.yaml
ning kasutatakse k0s.yaml failis muu hulgas sektsiooni (need direktiivid ei esine tõenäoliselt litrally järjest, aga on spreitud sobivalt)
spec:
extensions:
storage:
type: openebs_local_storage
k0s süsteemi käivitamine toimub üldiselt samamoodi nagu vanilla juhtumil, kuid install tuleb teha koos -c suvandiga
# k0s install controller --single -c /etc/k0s/k0s.yaml
Oodatav tulemus on, et süsteemis on olemas openebs storage class
# k0s kubectl get storageclass NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE openebs-device openebs.io/local Delete WaitForFirstConsumer false 6d2h openebs-hostpath openebs.io/local Delete WaitForFirstConsumer false 6d2h
Storage class saab kasutada nt sellise nginx yaml abil
apiVersion: v1
kind: Namespace
metadata:
name: web
---
apiVersion: v1
kind: Service
metadata:
name: web-server-service
namespace: web
spec:
selector:
app: web
ports:
- protocol: TCP
port: 5000
targetPort: 80
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nginx-pvc
namespace: web
spec:
accessModes:
- ReadWriteOnce
storageClassName: openebs-hostpath
resources:
requests:
storage: 512Mi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
namespace: web
labels:
app: nginx
spec:
selector:
matchLabels:
app: nginx
strategy:
type: Recreate
template:
metadata:
labels:
app: nginx
spec:
containers:
- image: nginx
name: nginx
volumeMounts:
- name: persistent-storage
mountPath: /var/lib/nginx
volumes:
- name: persistent-storage
persistentVolumeClaim:
claimName: nginx-pvc
Deployimiseks sobib öelda
# kubectl apply -f create-pvc.yaml
Tulemusena tekib deployment, eriti kasutatakse pv/pvc ressursse (pv ei ole namespace põhine ressurss)
# k0s kubectl get pvc -n web NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE nginx-pvc Bound pvc-4bba23d7-eeb6-4485-b1df-b2b4c6657665 512Mi RWO openebs-hostpath 58s # k0s kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE pvc-4bba23d7-eeb6-4485-b1df-b2b4c6657665 512Mi RWO Delete Bound web/nginx-pvc openebs-hostpath 49s
Kustutamiseks sobib öelda
# kubectl delete -f create-pvc.yaml
Paigaldamine - vanilla + metallb
Väited
- https://docs.k0sproject.io/v1.27.5+k0s.0/examples/metallb-loadbalancer/
- iga service on ligipääsetav isikliku ip aadressiga (mis võimaldab service juures kasutada personaalset sertifikaati)
- service saab pakkuda teenust suvalisel pordil (st ei ole nö ingress kontrolleri 80/443/http/tcp vms piirangut)
Paigaldamiseks sobib kasutada custom k0s seadistusfailis lisaks sektsiooni
spec:
extensions:
helm:
repositories:
- name: metallb
url: https://metallb.github.io/metallb
charts:
- name: metallb
chartname: metallb/metallb
namespace: metallb
Edu korral on tekkinud juurde täiendavaid kubernetes custom resources'id
# k0s kubectl api-resources | grep metall addresspools metallb.io/v1beta1 true AddressPool bfdprofiles metallb.io/v1beta1 true BFDProfile bgpadvertisements metallb.io/v1beta1 true BGPAdvertisement bgppeers metallb.io/v1beta2 true BGPPeer communities metallb.io/v1beta1 true Community ipaddresspools metallb.io/v1beta1 true IPAddressPool l2advertisements metallb.io/v1beta1 true L2Advertisement
ning paigaldada k0s nö tavalisel viisil custom seadistust arvestades. Seejärel moodustada IPAddressPool ja L2Advertisement tüüpi ressursid, kasutada sobivat ip vahemikku
# cat metallb-pool.yaml apiVersion: metallb.io/v1beta1 kind: IPAddressPool metadata: name: first-pool namespace: metallb spec: addresses: - 192.168.10.120-192.168.10.124 --- apiVersion: metallb.io/v1beta1 kind: L2Advertisement metadata: name: example namespace: metallb
ning kehtestada
# k0s kubectl apply -f metallb-pool.yaml
Tulemusena on olemas vastavad ressursid
# k0s kubectl get IPAddressPool -n metallb NAME AGE first-pool 9m51s # k0s kubectl get L2Advertisement -n metallb NAME AGE example 9m54s
MetalLB võimalusi kasutava service paigaldamiseks sobib kasutada sellist manifesti
# cat create-metallb-base-service.yaml
apiVersion: v1
kind: Namespace
metadata:
name: web
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: web-server
namespace: web
spec:
selector:
matchLabels:
app: web
template:
metadata:
labels:
app: web
spec:
containers:
- name: httpd
image: httpd:2.4.53-alpine
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: web-server-service
namespace: web
spec:
selector:
app: web
ports:
- protocol: TCP
port: 80
targetPort: 80
type: LoadBalancer
ning öelda
# k0s kubectl apply -f create-metallb-base-service.yaml
Tulemusena saab brauserist pöörduda aadressile http://192.168.10.120/ (konkreetne ip valitakse pool sees nii nagu ta parasjagu valitakse), küsida saab nii
# k0s kubectl get service -n web NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE web-server-service LoadBalancer 10.106.230.54 192.168.10.120 80:32482/TCP 6s
Paigaldamine - nginx ingress kontroller + nodeport
Väited
- https://docs.k0sproject.io/v1.27.5+k0s.0/examples/nginx-ingress/ - 'Install NGINX using NodePort'
Lahenduse paigaldamiseks sobib öelda
# k0s kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.1/deploy/static/provider/baremetal/deploy.yaml # k0s kubectl get pods -n ingress-nginx NAME READY STATUS RESTARTS AGE ingress-nginx-admission-create-pmsdz 0/1 Completed 0 12m ingress-nginx-admission-patch-7g225 0/1 Completed 0 12m ingress-nginx-controller-5d45d7c8c4-rrntc 1/1 Running 0 12m
# k0s kubectl get services -n ingress-nginx NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx-controller NodePort 10.105.213.93 <none> 80:30798/TCP,443:30764/TCP 13m ingress-nginx-controller-admission ClusterIP 10.104.36.218 <none> 443/TCP 13m
# k0s kubectl -n ingress-nginx get ingressclasses NAME CONTROLLER PARAMETERS AGE nginx k8s.io/ingress-nginx <none> 13m
# k0s kubectl -n ingress-nginx annotate ingressclasses nginx ingressclass.kubernetes.io/is-default-class="true"
Deploymiseks sobib kasutada
# cat create-nodeport-based-ingress-service.yaml
apiVersion: v1
kind: Namespace
metadata:
name: web
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: web-server
namespace: web
spec:
selector:
matchLabels:
app: web
template:
metadata:
labels:
app: web
spec:
containers:
- name: httpd
image: httpd:2.4.53-alpine
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: web-server-service
namespace: web
spec:
selector:
app: web
ports:
- protocol: TCP
port: 5000
targetPort: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: web-server-ingress
namespace: web
spec:
ingressClassName: nginx
rules:
- host: web.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: web-server-service
port:
number: 5000
Deploymiseks sobib öelda
# k0s kubectl apply -f create-nodeport-based-ingress-service.yaml
Tulemuse vaatlemiseks tuleb töökohaarvutis tekitada /etc/hosts faili rida '192.168.10.164 web.example.com' ning paistab (vt eelmise väljundi nö dünaamiliselt seadistatud portide väärtusi)
Paigaldamine - nginx ingress kontroller + loadbalancer
Väited
- https://docs.k0sproject.io/v1.27.5+k0s.0/examples/nginx-ingress/ - 'Install NGINX using LoadBalancer'
- peab olema sooritatud eelpool kirjeldatud metallb paigaldus
- peab olema sooritatud eelmises punktis juhendatud nö nginx ingress kontrolleri NodePort paigaldus
# k0s kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.1/deploy/static/provider/baremetal/deploy.yaml namespace/ingress-nginx created serviceaccount/ingress-nginx created serviceaccount/ingress-nginx-admission created role.rbac.authorization.k8s.io/ingress-nginx created role.rbac.authorization.k8s.io/ingress-nginx-admission created clusterrole.rbac.authorization.k8s.io/ingress-nginx created clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission created rolebinding.rbac.authorization.k8s.io/ingress-nginx created rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx created clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created configmap/ingress-nginx-controller created service/ingress-nginx-controller created service/ingress-nginx-controller-admission created deployment.apps/ingress-nginx-controller created job.batch/ingress-nginx-admission-create created job.batch/ingress-nginx-admission-patch created ingressclass.networking.k8s.io/nginx created validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission created
kontrollitakse kas ingress kontrolleri pod'id töötavad
# k0s kubectl get pods -n ingress-nginx NAME READY STATUS RESTARTS AGE ingress-nginx-admission-create-q6xb5 0/1 Completed 0 54s ingress-nginx-admission-patch-48gkt 0/1 Completed 0 54s ingress-nginx-controller-5c778bffff-5qpkh 1/1 Running 0 54s
ning
# k0s kubectl get services -n ingress-nginx NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx-controller NodePort 10.101.36.202 <none> 80:30497/TCP,443:30424/TCP 3m57s ingress-nginx-controller-admission ClusterIP 10.108.143.186 <none> 443/TCP 3m57s
ning
# k0s kubectl -n ingress-nginx get ingressclasses NAME CONTROLLER PARAMETERS AGE nginx k8s.io/ingress-nginx <none> 4m51s
ning
# k0s kubectl -n ingress-nginx annotate ingressclasses nginx ingressclass.kubernetes.io/is-default-class="true" ingressclass.networking.k8s.io/nginx annotate
Lõpuks tuleb nginx controller nodeport paigaldust kohendada - asendada NodePort -> LoadBalancer; ning veenduda, et muudatus kehtestub
# k0s kubectl edit service ingress-nginx-controller -n ingress-nginx service/ingress-nginx-controller edited # k0s kubectl get services -n ingress-nginx NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ingress-nginx-controller LoadBalancer 10.105.213.93 192.168.10.120 80:30798/TCP,443:30764/TCP 20m ingress-nginx-controller-admission ClusterIP 10.104.36.218 <none> 443/TCP 20m
kus
- märgata external-ip väärtust 192.168.10.120
- pöörduda töökohaarvutist aadressilt https://web.example.com/ kusjuures see dns nimi peab lahenduma ip aadressiks 192.168.10.120.
Deployment tegemiseks sobib öelda
Paigaldamine - nginx ingress kontroller + hostport
Väited
- https://docs.k0sproject.io/v1.27.5+k0s.0/examples/nginx-ingress - 'Install NGINX using host network'
Paigaldamiseks lähtepunktiks sobib kasutada vanilla k0s süsteemi, st puudub ingress kontroller ning puudub metallb. Esmalt kopeeritakse nginx ingress kontrolleri deploy.yaml fail
# wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.1/deploy/static/provider/baremetal/deploy.yaml
failist leitakse üles seal juba olev Deployment sektsioon (ainuke), ja selles leitakse sobiv koht parameetrile 'hostNetwork: true' ja lisatakse
spec:
template:
spec:
hostNetwork: true
Seejärel deploitakse custom seadistausega ingress kontroller
# k0s kubectl apply -f deploy.yaml
Tulemusena kuulab host port 80 ja 443 (nt kui 'netstat -lnpt' abil küsida). Ootus on et töökohaarvutist saab brauseriga küsida https://web.example.com/ kusjuures dns nimele vastab ip aadress 192.168.10.164 (st host ip aadress).
TODO
Paigaldamine - traefik
Väited
k0s tarkvara paigaldamiseks sobib öelda
# curl -sSLf https://get.k0s.sh | sudo sh
kus
- TODO
Moodustada vaikimisi seadistusfail
# mkdir /etc/k0s # k0s config create > /etc/k0s/k0s.yaml
Lisada seadistusfaili
- openebs storage
- metallb
- traefik
Kokku on seadistusfail selline, lisatud lõigud on tähistatud
# cat /etc/k0s/k0s.yaml
apiVersion: k0s.k0sproject.io/v1beta1
kind: ClusterConfig
metadata:
creationTimestamp: null
name: k0s
spec:
api:
address: 192.168.10.182
k0sApiPort: 9443
port: 6443
sans:
- 192.168.10.182
- fe80::9867:8bff:fef0:3754
tunneledNetworkingMode: false
controllerManager: {}
# alates siit
extensions:
helm:
repositories:
- name: traefik
url: https://traefik.github.io/charts
- name: bitnami
url: https://charts.bitnami.com/bitnami
charts:
- name: traefik
chartname: traefik/traefik
version: "20.5.3"
namespace: default
- name: metallb
chartname: bitnami/metallb
version: "2.5.4"
namespace: default
values: |2
configInline:
address-pools:
- name: generic-cluster-pool
protocol: layer2
addresses:
- 192.168.10.131-192.168.10.135
storage:
type: openebs_local_storage
# lopetades siin
installConfig:
users:
etcdUser: etcd
kineUser: kube-apiserver
konnectivityUser: konnectivity-server
kubeAPIserverUser: kube-apiserver
kubeSchedulerUser: kube-scheduler
...
Paigaldatakse
# k0s install controller --single
Käivitada, seejuures tekitatakse systemd unit seadistus
# k0s start
systemd unit seadistust saab esitada
# systemctl status k0scontroller
Tulemusena on ootus et kubernetest saab kasutada, nt
# export KUBECONFIG=/var/lib/k0s/pki/admin.conf # k0s kubectl get nodes NAME STATUS ROLES AGE VERSION k0s-traefik Ready control-plane 2m35s v1.27.3+k0s
cert-manager kasutamine
TODO
Monitooringu kasutamine
TODO
Velero varundamise kasutamine
TODO
Kasulikud lisamaterjalid
- TODO
