banner
云野阁

云野阁

闲云野鹤,八方逍遥
HomeArchives关于

Kubernetes Knowledge Organization

#运维#Linux#k8s#总结#知识梳理23
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The document provides a detailed guide on managing Kubernetes clusters, including creating YAML files for deployments, upgrading the cluster and its components, and configuring the Dashboard with ingress-nginx. It outlines commands for generating YAML files using `kubectl`, upgrading the Kubernetes master and node components, and managing Dashboard login tokens. It also addresses handling "NotReady" node issues by rejoining nodes and includes steps for installing the ingress-nginx controller, modifying deployment configurations, and setting up NFS for network storage. The guide emphasizes the importance of version checks and proper configuration for successful operations.

Detailed Explanation of Kubernetes Cluster YAML Files#

Generate YAML files using the kubectl create command

kubectl create deployment web --image=nginx -o yaml --dry-run

Output to a file

kubectl create deployment web --image=nginx -o yaml --dry-run > my.yaml

Export YAML files using the kubectl get command

kubectl get deploy nginx -o=yaml --export > nginx.yaml

Upgrade Kubernetes Cluster#

Master Node

# Check kubeadm release version
yum list --showduplicates kubeadm --disableexcludes=kubernetes
# Download the latest kubeadm
yum install -y kubeadm-1.28.0 --disableexcludes=kubernetes 
# Verify upgrade plan
kubeadm upgrade plan
# Pull domestic images
kubeadm config images pull --image-repository registry.aliyuncs.com/google_containers
# Choose the target version to upgrade to
kubeadm upgrade apply v1.28.0
# Success message
[upgrade/successful] SUCCESS! Your cluster was upgraded to "v1.28.0". Enjoy!
[upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven't already done so.

# Upgrade kubelet and kubectl
# Download the latest kubelet and kubectl
yum install -y kubelet-1.28.0 kubectl-1.28.0 --disableexcludes=kubernetes
# Restart kubelet
sudo systemctl daemon-reload
sudo systemctl restart kubelet

# Check versions
 kubeadm version
 kubelet --version
 kubectl version

Node Node

# Download the latest kubeadm
yum install -y kubeadm-1.28.0 --disableexcludes=kubernetes
# Upgrade local kubelet configuration
kubeadm upgrade node
[upgrade] The configuration for this node was successfully updated!
[upgrade] Now you should go ahead and upgrade the kubelet package using your package manager.

# Upgrade kubelet and kubectl
# Download the latest kubelet and kubectl
yum install -y kubelet-1.28.0 kubectl-1.28.0 --disableexcludes=kubernetes
# Restart kubelet
sudo systemctl daemon-reload
sudo systemctl restart kubelet

# Check versions
 kubeadm version
 kubelet --version
 kubectl version

Scheduled Update of Dashboard Login Token#

#!/bin/bash
############# Description #############
:<<!
Regularly generate Dashboard login token, valid for 24 hours
!
############# Description #############

token=$(/usr/bin/kubectl -n kubernetes-dashboard create token admin-user)
echo "
#######################################################
$(date) generated a new Dashboard login token, the latest token is as follows:
#######################################################
$token" > /root/dashboard/admin-user.token

Dashboard Configuration for ingress-nginx Proxy#

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: k8s-dashboard
  namespace: kubernetes-dashboard
  labels:
    ingress: k8s-dashboard
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /  # Rewrite path
    nginx.ingress.kubernetes.io/ssl-redirect: "true"  # Automatically redirect http to https
    nginx.ingress.kubernetes.io/use-regex: "true"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
  ingressClassName: nginx 
  rules:
    - host: k8s.yjs.51xueweb.cn
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: kubernetes-dashboard
                port:
                  number: 443

Handling Node Node NotReady Issue#

image-20240323232551958-1711207555524-1

Rejoin the node

kubeadm token create --print-join-command > join-command.txt
cat join-command.txt

Installing ingress-nginx Controller#

# Download YAML file
wget https://gitcode.net/mirrors/kubernetes/ingress-nginx/-/blob/master/deploy/static/provider/baremetal/deploy.yaml

# Modify the image pull address in the YAML file
##################### Modification ######################
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v20230407
registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.8.1
##################### Modification ######################
# Install
kubectl apply -f deploy.ymal
# Check status
kubectl get pods -n ingress-nginx
################ Status ##################
NAME                                       READY   STATUS      RESTARTS   AGE
ingress-nginx-admission-create-2lz4v       0/1     Completed   0          5m46s
ingress-nginx-admission-patch-c6896        0/1     Completed   0          5m46s
ingress-nginx-controller-7575fb546-q29qn   1/1     Running     0          5m46s

# Modify YAML file
Add replicas in the Deployment class
#################### Modification ####################
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/part-of: ingress-nginx
    app.kubernetes.io/version: 1.8.1
  name: ingress-nginx-controller
  namespace: ingress-nginx
spec:
  replicas: 2
  minReadySeconds: 0
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: ingress-nginx
      app.kubernetes.io/name: ingress-nginx

Using NFS Network Storage Mount in k8s#

# Install nfs on all nodes in the cluster
yum -y install nfs-utils
# Create nfs directory and modify permissions
mkdir /data
chmod -R 777  /data
echo "/data 10.12.10.32(insecure,rw,sync,no_root_squash) 10.12.10.33(insecure,rw,sync,no_root_squash) 10.12.10.34(insecure,rw,sync,no_root_squash) 10.12.10.35(insecure,rw,sync,no_root_squash)" >> /etc/exports
# Make the configuration effective
exportfs -r
exportfs 
# Start rpcbind and nfs services
systemctl restart rpcbind && systemctl enable rpcbind
systemctl restart nfs-server && systemctl enable nfs-server
# Check the registration status of RPC services
 rpcinfo -p localhost
 # Open firewall ports
  firewall-cmd --add-port=2049/tcp --permanent
   firewall-cmd --add-port=2049/udp --permanent
   firewall-cmd --reload
   firewall-cmd --list-all 
 Test if the nfs directory is provided normally
 showmount -e Create directory host IP
 # Mount the shared directory of 10.12.10.31 to other hosts
  mount -t nfs 10.12.10.31:/data data

Create PV

apiVersion: v1
kind: PersistentVolume
metadata:
  name: nfs-pv
  namespace: nfs-test
  labels:
    pv: nfs-pv
spec:
  capacity:
    storage: 5000Mi
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  storageClassName: nfs
  nfs:
    server: 10.12.10.31  # Create directory host IP
    path: "/data"

Create PVC

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nfs-pvc
  namespace: nfs-test
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 5000Mi  # Capacity
  selector:
    matchLabels:
      pv: nfs-pv   # Associate with pv

k8s Command Auto-Completion#

yum -y install bash-completion
source /usr/share/bash-completion/bash_completion
echo 'source <(kubectl completion bash)' >>  ~/.bashrc
Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.