溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
這篇文章將為大家詳細講解有關kind在本地是如何玩轉kubernetes,文章內容質量較高,因此小編分享給大家做個參考,希望大家閱讀完這篇文章后對相關知識有一定的了解。
kubernetes 現在已經走進了大眾的視野,很多同學都對此比較好奇,從其他渠道或多或少都了解了一些,但是苦于kubernetes環境,不能身臨其境的感受, 畢竟如果完整搭建一套kubernetes環境是需要資源的。 今天介紹一款工具(kind),讓大家可以本地也可以構建起 kubernetes 環境,愉快的在本地玩轉 kubernetes。
kind 全稱 是 kubernetes in docker ,把 kubernetes 控制面的組件全部運行在一個docker 容器中,在本地通過 127.0.0.1 進行通信。這種玩法只能在本地體 驗, 不可用于生成環境,特別適用于新人在本地體驗、開發 kubernetes 相關組件時在本地進行調試等,如開始 operator 時可以在 kind 進行調試 。
如果有 golang 環境,可以通過如下命令安裝 :
GO111MODULE="on" go get sigs.k8s.io/kind@v0.10.0
如果下載的比較慢可以設置代理,增加一個環境變量即可:
GOPROXY="https://goproxy.cn"
Linux :
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.10.0/kind-linux-amd64 chmod +x ./kind mv ./kind /some-dir-in-your-PATH/kind
Mac (homebrew)
brew install kind
或者 :
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.10.0/kind-darwin-amd64
Windows:
curl.exe -Lo kind-windows-amd64.exe https://kind.sigs.k8s.io/dl/v0.10.0/kind-windows-amd64 Move-Item .\kind-windows-amd64.exe c:\some-dir-in-your-PATH\kind.exe
通過 kind --help 看看支持哪些命令
kind --help kind creates and manages local Kubernetes clusters using Docker container 'nodes' Usage: kind [command] Available Commands: build Build one of [node-image] completion Output shell completion code for the specified shell (bash, zsh or fish) create Creates one of [cluster] delete Deletes one of [cluster] export Exports one of [kubeconfig, logs] get Gets one of [clusters, nodes, kubeconfig] help Help about any command load Loads images into nodes version Prints the kind CLI version Flags: -h, --help help for kind --loglevel string DEPRECATED: see -v instead -q, --quiet silence all stderr output -v, --verbosity int32 info log verbosity --version version for kind Use "kind [command] --help" for more information about a command.
可以看出支持3種類型的命令,cluster 相關、image 相關、通用命令 。
cluster 相關的有 create, delete 等,主要用于創建和刪除 kubernetes 集群。
image 相關的有 build, load 等,主要用于本地調試時,本地可以 build鏡像直接load 到集群中,而不需要推送到鏡像倉庫再通過集群去 pull 。
通用命令如 get ,version 等。
kind --version
kind --version kind version 0.9.0
本篇文章以 kind 0.9.0 進行介紹 。下面是比較精彩的部分,仔細看哦 :eyes:
創建一個 kubernetes 集群 :
kind create cluster Creating cluster "kind" ... ? Ensuring node image (kindest/node:v1.19.1) ???? ? Preparing nodes ???? ? Writing configuration ???? ? Starting control-plane ????? ? Installing CNI ???? ? Installing StorageClass ???? Set kubectl context to "kind-kind" You can now use your cluster with: kubectl cluster-info --context kind-kind Thanks for using kind! ????
一條命令就已經啟動好了一個集群 ,可以通過 kind get clusters 查看已經創建的集群。
kind get clusters kind
既然是 kubernetes in docker ,那就看看啟動了哪些容器 :
docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fdb88a476bb0 kindest/node:v1.19.1 "/usr/local/bin/entr…" 3 minutes ago Up 2 minutes 127.0.0.1:43111->6443/tcp kind-control-plane
可以看到有一個控制面的容器啟動了,進到容器中看看都有什么
[root@iZuf685opgs9oyozju9i2bZ ~]# docker exec -it kind-control-plane bash root@kind-control-plane:/# root@kind-control-plane:/# root@kind-control-plane:/# ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 02:49 ? 00:00:00 /sbin/init root 126 1 0 02:49 ? 00:00:00 /lib/systemd/systemd-journald root 145 1 1 02:49 ? 00:00:06 /usr/local/bin/containerd root 257 1 0 02:49 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id c1a5e2c868b9a744f4f78a85a8d660950bb76103a38e7 root 271 1 0 02:49 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 3549ecade28e2dccbad5ed15a4cd2b6e6a886cd3e10ab root 297 1 0 02:49 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 379ed27442f35696d488dd5a63cc61dc474bfa9bd08a9 root 335 1 0 02:49 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id e4eae33bf489c617c7133ada7dbd92129f3f817cb74b7 root 343 271 0 02:49 ? 00:00:00 /pause root 360 257 0 02:49 ? 00:00:00 /pause root 365 297 0 02:49 ? 00:00:00 /pause root 377 335 0 02:49 ? 00:00:00 /pause root 443 335 0 02:49 ? 00:00:01 kube-scheduler --authentication-kubeconfig=/etc/kubernetes/scheduler.conf --authorization-kubeconfig=/etc/ root 468 297 4 02:49 ? 00:00:17 kube-apiserver --advertise-address=172.18.0.2 --allow-privileged=true --authorization-mode=Node,RBAC --cli root 496 271 1 02:49 ? 00:00:05 kube-controller-manager --allocate-node-cidrs=true --authentication-kubeconfig=/etc/kubernetes/controller- root 540 257 1 02:49 ? 00:00:05 etcd --advertise-client-urls=https://172.18.0.2:2379 --cert-file=/etc/kubernetes/pki/etcd/server.crt --cli root 580 1 1 02:49 ? 00:00:06 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernete root 673 1 0 02:50 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id b0965a6f77f58c46cfe7b30dd84ddf4bc37516ba60e6e root 695 673 0 02:50 ? 00:00:00 /pause root 709 1 0 02:50 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id aedf0f1fd02baf1cf2b253ad11e33e396d97cc7c53114 root 738 709 0 02:50 ? 00:00:00 /pause root 789 673 0 02:50 ? 00:00:00 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/config.conf --hostname-override=kind-control-plane root 798 709 0 02:50 ? 00:00:00 /bin/kindnetd root 1011 1 0 02:50 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id aa554aa998c3091a70eacbc3e4a2f275a1e680a585d69 root 1024 1 0 02:50 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 7373488f811fc5d638c2b3f5f79d953573e30a42ff52f root 1048 1 0 02:50 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 5ab6c3ef1715623e2c28fbfdecd5f4e6e2616fc20a387 root 1079 1011 0 02:50 ? 00:00:00 /pause root 1088 1024 0 02:50 ? 00:00:00 /pause root 1095 1048 0 02:50 ? 00:00:00 /pause root 1152 1011 0 02:50 ? 00:00:00 /coredns -conf /etc/coredns/Corefile root 1196 1024 0 02:50 ? 00:00:00 /coredns -conf /etc/coredns/Corefile root 1205 1048 0 02:50 ? 00:00:00 local-path-provisioner --debug start --helper-image k8s.gcr.io/build-image/debian-base:v2.1.0 --config /et root 1961 0 0 02:56 pts/1 00:00:00 bash root 1969 1961 0 02:56 pts/1 00:00:00 ps -ef root@kind-control-plane:/#
可以看到容器中有很多進程,仔細梳理一下看看有什么組件
kube-apiserver ... : api-server 組件,是操作資源的入口并且提供認證、授權、權限控制、API注冊和服務發現的機制
kube-scheduler ... : scheduler 組件,負責資源的調度以及根據預先設定的調度策略將pod調度到合適的節點上
kube-controller-manager ... : controller-manager 組件,負責管理集群的狀態,如異常發現、自動擴容和滾動更新等
etcd ... : etcd 組件,主要用于存儲 kubernetes 的數據
/usr/bin/kubelet ... : kubelet組件, 負責管理容器的生命周期、數據卷以及網絡(CNI)
/usr/local/bin/kube-proxy ... : kube-proxy 組件: 負責服務發現和集群Service的負載均衡
/coredns ... : dns 組件,負責集群內部的域名解析
/usr/local/bin/containerd ... : kubernetes 的 CRI(容器運行時)的具體實現,創建具體 pod 以來這個組件
/pause... : pod 的 根容器,創建 pod 時先創建出這個容器,pod 的網絡配置等就是配置到此容器中,后續其他容器會共享這個容器的網絡
/usr/local/bin/containerd-shim-runc-v2 ... : 真正的容器,后續啟動的pod 都是以這種形式啟動
可以看到這個容器中包含了 kubernetes 中所有控制面的組件和數據面的組件,是一個 all in one 的 集群。
這個容器的詳細配置可以通過 docker inspect kind-control-plane 查看。
關于 kubernetes 的使用已經有很多文章來介紹了,所以這里不作為重點介紹,簡單演示一下。可以通過 api 或者 kubectl 與kuberntes 進行交互, 這里選擇用 kubectl 進行演示。
如果本地沒有 kubectl 需要進行安裝,安裝文檔參見: https://kubernetes.io/docs/tasks/tools/install-kubectl/
kubectl 的基本用法可以參考我之前的文章 :kubectl 常用命令
以 部署 logstash 為例,我們會創建如下資源 :
Namespace
Deployment
Configmap
Hpa
Service
具體的 yaml 文件如下 :
cat logstash.yaml
---
# setting Namespace
apiVersion: v1
kind: Namespace
metadata:
name: logging
---
# setting ConfigMap
kind: ConfigMap
apiVersion: v1
metadata:
name: logstash-conf
namespace: logging
data:
logstash.conf: |
input {
http {
host => "0.0.0.0" # default: 0.0.0.0
port => 8080 # default: 8080
response_headers => {
"Content-Type" => "text/plain"
"Access-Control-Allow-Origin" => "*"
"Access-Control-Allow-Methods" => "GET, POST, DELETE, PUT"
"Access-Control-Allow-Headers" => "authorization, content-type"
"Access-Control-Allow-Credentials" => true
}
}
}
output {
stdout {
codec => rubydebug
}
}
---
# setting Depolyment
apiVersion: apps/v1
kind: Deployment
metadata:
name: logstash
namespace: logging
spec:
replicas: 1
selector:
matchLabels:
app: logstash
template:
metadata:
labels:
app: logstash
spec:
volumes:
- name: config
configMap:
name: logstash-conf
hostname: logstash
containers:
- name: logstash
image: russellgao/logstash:7.2.0
args: [
"-f","/usr/share/logstash/pipeline/logstash.conf",
]
imagePullPolicy: IfNotPresent
volumeMounts:
- name: config
mountPath: "/usr/share/logstash/pipeline/logstash.conf"
readOnly: true
subPath: logstash.conf
resources:
requests:
cpu: 1
memory: 2048Mi
limits:
cpu: 3
memory: 3072Mi
readinessProbe:
tcpSocket:
port: 8080
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 8080
initialDelaySeconds: 15
periodSeconds: 20
timeoutSeconds: 15
imagePullSecrets:
- name: harbor
---
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: logstash-hpa
namespace: logging
spec:
scaleTargetRef:
apiVersion: apps/v1beta2
kind: Deployment
name: logstash
minReplicas: 1
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
targetAverageUtilization: 80
---
apiVersion: v1
kind: Service
metadata:
name: logstash-custerip
namespace: logging
spec:
selector:
app: logstash
type: ClusterIP
ports:
- name: 'port'
protocol: TCP
port: 8080
targetPort: 8080執行 kubectl apply -f logstash.yaml
kubectl apply -f logstash.yaml namespace/logging created configmap/logstash-conf created deployment.apps/logstash created horizontalpodautoscaler.autoscaling/logstash-hpa created service/logstash-custerip created
可以看到具體的資源已經被創建出來,下面來觀察具體的資源 :
查看 ConfigMap :
kubectl -n logging get configmap NAME DATA AGE logstash-conf 1 4m
查看 Deployment :
kubectl -n logging get deployment NAME READY UP-TO-DATE AVAILABLE AGE logstash 1/1 1 1 4m
查看 Pod :
kubectl -n logging get po -owide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES logstash-64d58c4b98-nqk4v 1/1 Running 0 93s 10.244.0.9 kind-control-plane <none> <none>
這里需要注意的是 Pod 所在的 node 是 kind-control-plane ,而非本機,說明 kubernetes node 就是這個容器,在本地 curl 10.244.0.9:8080 這個地址是不通,說明是在集群外, 進到容器內再 curl 就是通的 :
curl 10.244.0.9:8080 -v * About to connect() to 10.244.0.9 port 8080 (#0) * Trying 10.244.0.9... ^C [root@iZuf685opgs9oyozju9i2bZ k8s]# [root@iZuf685opgs9oyozju9i2bZ k8s]# [root@iZuf685opgs9oyozju9i2bZ k8s]# docker exec -it kind-control-plane bash root@kind-control-plane:/# curl 10.244.0.9:8080 -v * Trying 10.244.0.9:8080... * TCP_NODELAY set * Connected to 10.244.0.9 (10.244.0.9) port 8080 (#0) > GET / HTTP/1.1 > Host: 10.244.0.9:8080 > User-Agent: curl/7.68.0 > Accept: */* > * Mark bundle as not supporting multiuse < HTTP/1.1 200 OK < Access-Control-Allow-Origin: * < Access-Control-Allow-Methods: GET, POST, DELETE, PUT < Access-Control-Allow-Headers: authorization, content-type < Access-Control-Allow-Credentials: true < content-length: 2 < content-type: text/plain < * Connection #0 to host 10.244.0.9 left intact okroot@kind-control-plane:/#
查看 service :
kubectl -n logging get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE logstash-custerip ClusterIP 10.96.234.144 <none> 8080/TCP 5m
pod 和 service 的原理是一樣的,通過 CLUSTER-IP 訪問只能在容器內進行訪問。
在 pod 內進行訪問
[root@iZuf685opgs9oyozju9i2bZ k8s]# kubectl -n logging exec -it logstash-64d58c4b98-nqk4v bash bash-4.2$ curl 10.96.234.144:8080 -v * About to connect() to 10.96.234.144 port 8080 (#0) * Trying 10.96.234.144... * Connected to 10.96.234.144 (10.96.234.144) port 8080 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: 10.96.234.144:8080 > Accept: */* > < HTTP/1.1 200 OK < Access-Control-Allow-Origin: * < Access-Control-Allow-Methods: GET, POST, DELETE, PUT < Access-Control-Allow-Headers: authorization, content-type < Access-Control-Allow-Credentials: true < content-length: 2 < content-type: text/plain < * Connection #0 to host 10.96.234.144 left intact okbash-4.2$ bash-4.2$ curl logstash-custerip:8080 -v * About to connect() to logstash-custerip port 8080 (#0) * Trying 10.96.234.144... * Connected to logstash-custerip (10.96.234.144) port 8080 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: logstash-custerip:8080 > Accept: */* > < HTTP/1.1 200 OK < Access-Control-Allow-Origin: * < Access-Control-Allow-Methods: GET, POST, DELETE, PUT < Access-Control-Allow-Headers: authorization, content-type < Access-Control-Allow-Credentials: true < content-length: 2 < content-type: text/plain < * Connection #0 to host logstash-custerip left intact okbash-4.2$
查看 hpa :
kubectl -n logging get hpa NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE logstash-hpa Deployment/logstash <unknown>/80% 1 10 1 5m
演示就到這里,可以看到和真正的 kubernetes 使用并無兩樣。那么這里還有一個問題,啟動的這個 pod 是如何運行的呢 ?
再次進到控制面的容器內看看 :
root@kind-control-plane:/# ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 02:49 ? 00:00:00 /sbin/init root 126 1 0 02:49 ? 00:00:00 /lib/systemd/systemd-journald root 145 1 0 02:49 ? 00:01:12 /usr/local/bin/containerd root 257 1 0 02:49 ? 00:00:03 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id c1a5e2c868b9a744f4f78a85a8d660950bb76103a38e7 root 271 1 0 02:49 ? 00:00:03 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 3549ecade28e2dccbad5ed15a4cd2b6e6a886cd3e10ab root 297 1 0 02:49 ? 00:00:02 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 379ed27442f35696d488dd5a63cc61dc474bfa9bd08a9 root 335 1 0 02:49 ? 00:00:02 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id e4eae33bf489c617c7133ada7dbd92129f3f817cb74b7 root 343 271 0 02:49 ? 00:00:00 /pause root 360 257 0 02:49 ? 00:00:00 /pause root 365 297 0 02:49 ? 00:00:00 /pause root 377 335 0 02:49 ? 00:00:00 /pause root 443 335 0 02:49 ? 00:00:43 kube-scheduler --authentication-kubeconfig=/etc/kubernetes/scheduler.conf --authorization-kubeconfig=/etc/ root 468 297 3 02:49 ? 00:09:25 kube-apiserver --advertise-address=172.18.0.2 --allow-privileged=true --authorization-mode=Node,RBAC --cli root 496 271 0 02:49 ? 00:02:53 kube-controller-manager --allocate-node-cidrs=true --authentication-kubeconfig=/etc/kubernetes/controller- root 540 257 1 02:49 ? 00:03:33 etcd --advertise-client-urls=https://172.18.0.2:2379 --cert-file=/etc/kubernetes/pki/etcd/server.crt --cli root 580 1 1 02:49 ? 00:05:07 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernete root 673 1 0 02:50 ? 00:00:02 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id b0965a6f77f58c46cfe7b30dd84ddf4bc37516ba60e6e root 695 673 0 02:50 ? 00:00:00 /pause root 709 1 0 02:50 ? 00:00:03 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id aedf0f1fd02baf1cf2b253ad11e33e396d97cc7c53114 root 738 709 0 02:50 ? 00:00:00 /pause root 789 673 0 02:50 ? 00:00:01 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/config.conf --hostname-override=kind-control-plane root 798 709 0 02:50 ? 00:00:02 /bin/kindnetd root 1011 1 0 02:50 ? 00:00:02 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id aa554aa998c3091a70eacbc3e4a2f275a1e680a585d69 root 1024 1 0 02:50 ? 00:00:03 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 7373488f811fc5d638c2b3f5f79d953573e30a42ff52f root 1048 1 0 02:50 ? 00:00:03 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 5ab6c3ef1715623e2c28fbfdecd5f4e6e2616fc20a387 root 1079 1011 0 02:50 ? 00:00:00 /pause root 1088 1024 0 02:50 ? 00:00:00 /pause root 1095 1048 0 02:50 ? 00:00:00 /pause root 1152 1011 0 02:50 ? 00:00:35 /coredns -conf /etc/coredns/Corefile root 1196 1024 0 02:50 ? 00:00:35 /coredns -conf /etc/coredns/Corefile root 1205 1048 0 02:50 ? 00:00:13 local-path-provisioner --debug start --helper-image k8s.gcr.io/build-image/debian-base:v2.1.0 --config /et root 1961 0 0 02:56 pts/1 00:00:00 bash root 34093 1 0 07:27 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 438c08255ede5fb7fa93b37bcbe51807d2fa5e507122b root 34115 34093 0 07:27 ? 00:00:00 /pause 1000 34151 34093 6 07:27 ? 00:01:05 /bin/java -Xms2g -Xmx2g -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatin root 36423 0 0 07:43 pts/2 00:00:00 bash root 36540 36423 0 07:44 pts/2 00:00:00 ps -ef
可以看到 STIME 是 07:27 的就是剛剛啟動 logstash 相關的進程,通過 containerd-shim-runc-v2 啟動的 logstash 進程,/pause 為 pod的根容器。
在本地體驗完或者測試完成之后,為了節省資源,可以把剛剛啟動的集群進行刪除,下次需要時再創建即可 。
kind delete cluster Deleting cluster "kind" ... [root@iZuf685opgs9oyozju9i2bZ k8s]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4ec800c3ec10 russellgao/openresty:1.17.8.2-5-alpine "/usr/local/openrest…" 8 weeks ago Up 7 days 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp openresty-app-1 [root@iZuf685opgs9oyozju9i2bZ k8s]# kubectl -n logging get po The connection to the server localhost:8080 was refused - did you specify the right host or port?
通過上面的命令可以看出 :
當執行 kind delete cluster 命令之后會把控制面的容器(kind-control-plane) 刪除
當再次執行 kubectl 命令是已經無法找到對應的 api-server地址,可以查看 .kube/config 文件,發現已經刪除了關于集群的配置信息。
關于kind在本地是如何玩轉kubernetes就分享到這里了,希望以上內容可以對大家有一定的幫助,可以學到更多知識。如果覺得文章不錯,可以把它分享出去讓更多的人看到。
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
