Sunday Blog

人生是一场刻意练习

kube-flannel cni failed to find plugin "bridge" in path [/opt/cni/bin]错误

kube-flannel cni failed to find plugin "bridge" in path [/opt/cni/bin]

安装kube-flannel网络插件后,发现新建pod一直在创建中,一开始还以为是镜像拉不下来, 查看日志才发现是缺少bridge插件 root@k8s-master01:~# kubectl get pod

Posted by BlueFat on Thursday, November 23, 2023

kube-flannel pod 不断重启

kube-flannel always restaring

wget https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml 安装flannel网络插件后发现pod不断在重启 STATUS状态重复这几种变化 Runnging、Complete、CrashLoopBa

Posted by BlueFat on Thursday, November 23, 2023

Kubernetes监控kube-prometheus使用

Kube Prometheus

kube-prometheus github 部署 git clone https://github.com/prometheus-operator/kube-prometheus.git cd kube-prometheus git checkout v0.11.0 # 切换kubernetes兼容版本 首先创建需要的命名空间和 CRDs,等待它们可用后再创建其余资源 kubectl apply --server-side -f manifests/setup kubectl wait \ --for condition=Established

Posted by BlueFat on Friday, November 25, 2022

Kubernetes EFK日志收集

Kubernetes Es Logging

上传镜像(可选) export tag=7.17.3 images=( docker.elastic.co/elasticsearch/elasticsearch:${tag} docker.elastic.co/kibana/kibana:${tag} docker.elastic.co/beats/filebeat:${tag} ) # 上传至harhar export https_proxy="192.168.10.250:7890" # 代理 for image in ${images[@]}; do skopeo copy docker://${image} docker://registry.sundayhk.com/elastic/${image#*/}; done 部署Elasticsearch helm及添加storageC

Posted by BlueFat on Wednesday, November 23, 2022

Kubernetes Note

Kubernetes Note

微服务的容器服务都应该使用 StatefulSet 而不是 Deployment 使用 preStop 和 readinessProbe 保证服务平滑更新不中断 通常对于常规分布式微服务业务系统来说,StatefulSet 的顺序性保证

Posted by BlueFat on Wednesday, November 16, 2022

Kubernetes 常用命令

Kubernetes Command

# 缩容 kubectl scale -n kube-system deployment coredns --replicas=1 # 设置污点 kubectl taint node master node-role.kubernetes.io/master="":NoSchedule # 取消污点 kubectl taint node master1 node-role.kubernetes.io/master- deployment daemonset 回滚 kubectl rollout history daemonset -n kube-system fluentd-elasticsearch kubectl rollout undo --to-revision=1 daemonset -n kube-system fluentd-elasticsearch

Posted by BlueFat on Wednesday, November 16, 2022

Kubernetes 1.24 二进制高可用集群安装

Kubernetes Binary Build High Availability

生产环境中,建议使用版本大于5的Kubernetes版本,如1.24.6 系统:CentOS 7.5 K8S:1.24.6 containerd: v1.6.4 calico: 1.24 集群环境 hostname IP/VIP software k8s-master01 192.168.1.171 e

Posted by BlueFat on Tuesday, May 17, 2022

Kubeadm搭建高可用Kubernetes v1.23.5集群

Kubeadm Builds High Availability Kubernetes

基础环境配置 IP地址 主机名 服务 配置 192.168.1.171 k8s-01 k8s-master、containerd、keepalived、nginx 2c4g 192.168.1.172 k8s-02 k8s-master

Posted by BlueFat on Tuesday, May 17, 2022

Kubernetes使用 OpenEBS 实现 Local PV 动态持久化存储

Openebs

仅限开发测试使用 OpenEBS安装条件 # 安装 iscsi yum install iscsi-initiator-utils -y # 查看 InitiatorName 是否正常配置 cat /etc/iscsi/initiatorname.iscsi # 启动查看状态 systemctl enable --now iscsid systemctl start iscsid.service systemctl status iscsid.service openebs quickstart 安装方式 方式一 helm helm repo add openebs

Posted by BlueFat on Thursday, January 20, 2022

Nodelocaldns 导致 Coredns hosts 失效

Coredns Host Invalid

问题:coredns configmap 添加hosts不起作用 coredns: 10.233.0.3 nodelocaldns: 169.254.25.10 kubectl edit configmap coredns -n kube-system apiVersion: v1 data: Corefile: | .:53 { errors health { lameduck 5s } log ready kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa } ## 添加部分 hosts { 192.168.10.220 rancher.sundayhk.com 192.168.10.220 ha.sundayhk.com fallthrough

Posted by BlueFat on Wednesday, November 17, 2021

安装Kuboard管理Kubernetes集群

Kuboard

https://kuboard.cn/install/v3-upgrade.html#%E5%A6%82%E6%9E%9C%E4%BB%A5-docker-run-%E8%BF%90%E8%A1%8C-kuboard 安装方式 Kuboard 作为多个集群的管理界面应该独立于任何集群之外 建议docker运行 Kuboard, 不建议安装在有业务的Kubernetes集群中 停止已有 kuboard 容器 docker

Posted by BlueFat on Friday, May 21, 2021

Kubespray 离线安装配置

Kubespray Offline

https://github.com/kubernetes-sigs/kubespray/blob/master/docs/offline-environment.md 背景 在国内使用 kubespray 安装 Kubernetes 集群,下载依赖的文件和镜像时,往往会遇到下载失败,这时我们可以利用 kubespray 离线安装配置的能力来部署集群。 准备工作 要想离线安

Posted by BlueFat on Tuesday, May 11, 2021

使用Kubespray 部署Kubernetes集群

Kubespray

介绍 Kubespray是一个安装k8s集群的工具,kuberspray对比kubeadm更加简洁内部集成了kubeadm与ansible,通

Posted by BlueFat on Tuesday, May 11, 2021

Kubernetes 常见面试题汇总

Kubernetes Interview Question Summary

Kubernetes 常见面试题汇总 简述 etcd 及其特点? 答:etcd 是 CoreOS 团队发起的开源项目,是一个管理配置信息和服务发现 (service discovery)的项目,它的目标是构建

Posted by BlueFat on Monday, January 18, 2021

Kube Prometheus 监控 Etcd

Kube Prometheus Etcd

监控外部Etcd 导入etcd证书 kubectl -n monitoring create secret generic etcd-certs \ --from-file=ca.pem=/etc/ssl/etcd/ssl/ca.pem \ --from-file=etcd.pem=/etc/ssl/etcd/ssl/admin-master1.pem \ --from-file=etcd-key.pem=/etc/ssl/etcd/ssl/admin-master1-key.pem prometheus挂载etcd-certs cd /root/kube-prometheus/manifests/ vim prometheus-prometheus.yaml spec: ... secrets: - etcd-certs kubectl apply -f prometheus-prometheus.yaml 验证 [root@master1 manifests]# kubectl exec

Posted by BlueFat on Sunday, November 29, 2020

avatar

开心的蓝胖

QUICK LINKS
FEATURED TAGS
ansible bash calico containerd docker firewalld flannel grpc https iptables keepalived kernel kubernetes linux lvs mysql network nginx prometheus python rabbitmq rocketmq shell sort ssh tcp tcpdump ubuntu ufw 性能 排序 正则表达式 算法 递归 闭包
FRIENDS