网卡1 —对应—eth0—-NAT(网络地址转换)用来与外网通信
网卡2 —对应—eth1—-Host-only用来与主机通信
配置eth0、eth1文件
cd /etc/sysconfig/network-scripts //进入配置目录
vi ifcfg-eth0
cp ifcfg-eth0 ifcfg-eth1 //如果ifcfg-eth1不存在,从ifcfg-eth0拷贝
vi ifcfg-eth1
servic network restart
ifconfig
ping www.baidu.com
使用的软件:
步骤1:点击“新建”按钮,创建一个新虚拟机。
步骤2:给虚拟机命名,选择操作系统及版本。
步骤3:选择内存大小,我这里设置的是512M
步骤4:选择创建新虚拟机。
步骤5:选择虚拟硬盘的类型。
步骤6:选择动态分配磁盘容量。
步骤7:选择文件存储的位置及容量大小。
步骤8:点击create即可。
步骤9:选择安装系统文件的位置
步骤10:选择安装介质,可以选择从光盘启动,也可以使用iso文件作为安装文件。
步骤11:设置网络,默认是NAT的网络连接方式,修改成桥接(Bridged Adapter)方式。
步骤1:选择刚创建的虚拟机,然后点击“开始”按钮。
步骤2:启动机器安装系统
步骤3:跳过媒体检查
步骤4:引导安装,点击next
步骤5:重新引导系统
步骤6:引导重启系统完成,输入用户名密码进入linux系统
没有安装Virtual Box增强功能Guest Additions的虚拟机操作很不方便,比如:
鼠标被虚拟机捕获后要按右Ctrl键才能释放,否则只能再虚拟机里移动;
剪贴板不能共享
安装Guest Additions可以解决上述所有问题。
以CentOS 7.3虚拟机为例,如果安装CentOS时没有选择Development Tools组,需要先安装kernel-devel和gcc
$ sudo yum install -y kernel-devel gcc
通过VirtualBox的 设备 | 安装增强功能… 菜单可以加载VBoxGuestAdditions.iso,可以直接点击Run安装或者执行
$ cd /run/media/centos/VBOXADDITIONS_5.1.22_115126
$ sudo sh ./VBoxLinuxAdditions.run
有时安装会出错
Verifying archive integrity... All good.
Uncompressing VirtualBox 5.1.22 Guest Additions for Linux...........
VirtualBox Guest Additions installer
Copying additional installer modules ...
Installing additional modules ...
vboxadd.sh: Starting the VirtualBox Guest Additions.
Failed to set up service vboxadd, please check the log file
/var/log/VBoxGuestAdditions.log for details.
查询log发现是找不到和Linux内核匹配的源文件
$ cat /var/log/VBoxGuestAdditions.log
vboxadd.sh: failed: Look at /var/log/vboxadd-install.log to find out what went wrong.
vboxadd.sh: failed: Look at /var/log/vboxadd-install.log to find out what went wrong.
vboxadd.sh: failed: modprobe vboxguest failed.
$ cat /var/log/vboxadd-install.log
/tmp/vbox.0/Makefile.include.header:112: * Error: unable to find the sources of your current Linux kernel. Specify KERN_DIR= and run Make again. Stop.
Creating user for the Guest Additions.
Creating udev rule for the Guest Additions kernel module.
查询kernel-devel版本是3.10.0-514.26.2.el7.x86_64,而Linux内核版本是3.10.0-514.el7.x86_64,确实不一致。如果安装CentOS时选择了Development Tools组,kernel-devel版本和Linux内核版本是匹配的,则不会出现这个问题。
$ rpm -qa | grep kernel-devel
kernel-devel-3.10.0-514.26.2.el7.x86_64
$ uname -r
3.10.0-514.el7.x86_64
可以使用下面两个命令中的一个安装和Linux内核版本匹配的kernel-devel
$ sudo yum install -y "kernel-devel-uname-r == $(uname -r)"
$ sudo yum install -y kernel-devel-3.10.0-514.el7
然后再次安装Guest Additions成功
$ cd /run/media/centos/VBOXADDITIONS_5.1.22_115126
$ sudo sh ./VBoxLinuxAdditions.run
Verifying archive integrity... All good.
Uncompressing VirtualBox 5.1.22 Guest Additions for Linux...........
VirtualBox Guest Additions installer
Removing installed version 5.1.22 of VirtualBox Guest Additions...
Copying additional installer modules ...
Installing additional modules ...
vboxadd.sh: Starting the VirtualBox Guest Additions.
grep -E –color ‘vmx|svm’ /proc/cpuinfo
有输出代表cpu支持
yum install qemu-kvm qemu-img libvirt-python python-virtinst libvirt-client virt-viewer bridge-utils
—>少了一些组件也可
yum groupinstall -y Virtualization “Virtualization Client” “Virtualization Platform” “Virtualization Tools”
使用桥接网络安装bridge-utils包
yum -y install bridge-utils
chkconfig ip6tables off
setenforce 0 临时关闭
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config
查看KVM模块:lsmod | grep kvm
service libvirtd restart启动libvirt进程
modprobe kvm
modprobe kvm-intel
modprobe -ls | grep kvm
首先复制原em1和em2网卡为br1和br2,将em1的配置文件修改为:
DEVICE=”em1“
BOOTPROTO=”static”
HWADDR=”30:85:A9:9F:67:74″
NM_CONTROLLED=”no”
ONBOOT=”yes”
TYPE=”Ethernet”
UUID=”34096e10-ff72-4142-b7b3-e290d200b68a”
BRIDGE=”br1″
命令:virsh iface-bridge em3 br3
虚拟安装脚本create_kvm.sh内容:
virt-install
–name Test
–ram 1536
–vcpus=1
–disk path=/data/img/kvm_Test.img,size=50
–network bridge=br0
–cdrom=/opt/iso/CentOS-6.8-x86_64-minimal.iso
–accelerate
–vnclisten=0.0.0.0
–vncport=5911
–vnc
启动虚机:
virsh start Test
查看虚拟状态:
virsh list –all
raw转换为qcow2格式:
qemu-img convert -f raw -0 qcow2 /data/img/kvm-Test.img /data/img/kvm-Test.qcow2
确认:
qemu-img info /data/img/kvm-Test.qcow2
修改虚机配置文件:
virsh edit Test
复制(克隆)一台虚拟服务器:
virt-clone -o Test -n Test -f /data/img/kvm-Test1.qcow2
虚机当前运行产生的相关文件所在目录:
/var/run/libvirt/qemu/
/etc/libvirt/qemu配置文件目录
virsh shutdown Test
如果报错,先暂停该虚机业务
virsh suspend Test
cp -av /data/img/kvm-Test1.qcow2 /data/img/kvm-Test2.qcow2
virsh dumpxml Test1 > /etc/libvirt/qemu/Test2.xml
virsh define /etc/libvirt/qemu/Test2.xml
虽然克隆完毕,但我们还不能启动,需编辑配置文件先修改vnc端口
virsh edit Test2
注意:与其他虚拟服务器vnc端口不一致而且要在可用范围内。
保存配置后尝试启动
virsh start Test2
通过vnc viewer连接
ifconfig命令查看后发现没网卡相关信息
more /etc/udev/rules.d/70-persistent-net.rules >>/etc/sysconfig/network-scripts/ifcfg-eth0
然后修改MAC地址和对应IP并注释无关代码后保存
service network restart
重启服务:
service libvirtd restart
再次尝试启动虚拟机Test2(略)
yum install -y acpid
service acpid start
chkconfig acpid on
实验目的:通过一个基础镜像(node.img),里面把各个虚拟机都需要的环境都搭建好,然后基于这个镜像建立起一个个增量镜像,每个增量镜像对应一个虚拟机,虚拟机对镜像中所有的改变都记录在增量镜像里面,基础镜像始终保持不变。
功能:节省磁盘空间,快速复制虚拟机。
环境:
基本镜像文件:node.img 虚拟机ID:node
增量镜像文件:node4.img 虚拟机ID:node4
要求:以基本镜像文件node.omg为基础,创建一个镜像文件node4.img,以此创建一个虚拟机机node4,虚拟机node4的改变将存储于node4.img中。
[root@target kvm_node]#qemu-img create -b node.img -f qcow2 node4.img
[root@target kvm_node]# qemu-img info node4.img
image: node4.img
file format: qcow2
virtual size: 20G (21495808000 bytes)
disk size: 33M
cluster_size: 65536
backing file: node.img (actual path: node.img)
注:该实验只是针对qcow2格式的镜像文件,未测试raw格式的镜像文件是否可行。
[root@target kvm_node]# cp /etc/libvirt/qemu/node.xml /etc/libvirt/qemu/node4.xml
[root@target kvm_node]# vim /etc/libvirt/qemu/node4.xml
<domain type='kvm'>
<name>node4</name> #node4的虚拟机名,须修改,否则与基本虚拟机冲突
<uuid>4b7e91eb-6521-c2c6-cc64-c1ba72707fe4</uuid> #node4的UUID,必须修改,否则与基本虚拟机冲突
<memory>524288</memory>
<currentMemory>524288</currentMemory>
<vcpu cpuset='0-1'>2</vcpu>
<os>
<type arch='x86_64' machine='rhel5.4.0'>hvm</type>
<boot dev='hd'/>
</os>
<features>
<acpi/>
<apic/>
<pae/>
</features>
<clock offset='localtime'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/virhost/kvm_node/node4.img'/> #将原指向/virhost/kvm_node/node.img改为node4.img
<target dev='vda' bus='virtio'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
</disk>
<interface type='bridge'>
<mac address='54:52:00:69:d5:f4'/> #修改网卡MAC,防止冲突
<source bridge='br0'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>
<interface type='bridge'>
<mac address='54:52:00:69:d5:e4'/> #修改网卡MAC,防止冲突
<source bridge='br0'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
</interface>
<serial type='pty'>
<target port='0'/>
</serial>
<console type='pty'>
<target type='serial' port='0'/>
</console>
<input type='mouse' bus='ps2'/>
<graphics type='vnc' port='5904' autoport='no' listen='0.0.0.0' passwd='xiaobai'>
<listen type='address' address='0.0.0.0'/>
</graphics>
<video>
<model type='cirrus' vram='9216' heads='1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
</video>
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
</memballoon>
</devices>
</domain>
[root@target kvm_node]#virsh define /etc/libvirt/qemu/node4.xml
[root@target kvm_node]#virsh start node4
[root@target kvm_node]# du -h node.img
6.3G node.img
[root@target kvm_node]# du -h node4.img
33M node4.img
[root@node4 ~]# dd if=/dev/zero of=test bs=1M count=200 #在虚拟机node4上增量200M大小文件
200+0 records in
200+0 records out
209715200 bytes (210 MB) copied, 1.00361 seconds, 209 MB/s
[root@target kvm_node]# du -h node.img #基本镜像文件node.img大小未变
6.3G node.img
[root@target kvm_node]# du -h node.img #增量镜像文件node4.img增加200M了
234M node4.img
常用的虚拟机管理命令
1 virsh list --all
1 virsh dominfo kvm-1
1 yum install virt-top -y
2 virt-top
1 virt-df kvm-1
1 virsh shutdown kvm-1
1 virsh start kvm-1
1 virsh autostart kvm-1
1 virsh autostart --disable kvm-1
1 virsh undefine kvm-1
virsh console kvm-1
添加硬盘(lvm卷)或者USB到虚拟机上
1 virsh attach-disk kvm-1 /dev/sdb vbd --driver qemu --mode shareable
1 virsh detach-disk kvm vdb
添加lvm卷,并挂载
[root@sh-kvm-1 ~]# lvcreate -n kvm-1-data -L 50G vg_shkvm1
[root@sh-kvm-1 ~]# virsh attach-disk kvm-1 /dev/vg_shkvm1/kvm-1-data vdb --driver qemu --mode shareable
Disk attached successfully
# 登录到kvm-1上查看lvm是否已经被挂载
[root@sh-kvm-1 ~]# virsh console kvm-1 # 输入kvm-1的用户和密码
[root@sh-kvm-1-1 ~]# fdisk -l # 查看硬盘挂载情况
Disk /dev/vda: 21.5 GB, 21474836480 bytes
16 heads, 63 sectors/track, 41610 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00058197
Device Boot Start End Blocks Id System
/dev/vda1 * 3 1018 512000 83 Linux
Partition 1 does not end on cylinder boundary.
/dev/vda2 1018 41611 20458496 8e Linux LVM
Partition 2 does not end on cylinder boundary.
Disk /dev/mapper/VolGroup-lv_root: 18.8 GB, 18798870528 bytes
255 heads, 63 sectors/track, 2285 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/VolGroup-lv_swap: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Disk /dev/vdb: 53.7 GB, 53687091200 bytes # 新添加的硬盘
16 heads, 63 sectors/track, 104025 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
# 对新添加的硬盘分区
[root@sh-kvm-1-1 ~]# fdisk /dev/vdb
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0xf04b6807.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.
Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
WARNING: DOS-compatible mode is deprecated. It's strongly recommended to
switch off the mode (command 'c') and change display units to
sectors (command 'u').
Command (m for help): m # 查看帮助
Command action
a toggle a bootable flag
b edit bsd disklabel
c toggle the dos compatibility flag
d delete a partition
l list known partition types
m print this menu
n add a new partition
o create a new empty DOS partition table
p print the partition table
q quit without saving changes
s create a new empty Sun disklabel
t change a partition's system id
u change display/entry units
v verify the partition table
w write table to disk and exit
x extra functionality (experts only)
Command (m for help): n #添加一个分区
Command action
e extended
p primary partition (1-4)
p #选择添加一个扩展分区
Partition number (1-4):
Value out of range.
Partition number (1-4): 1
First cylinder (1-104025, default 1):
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-104025, default 104025):
Using default value 104025
Command (m for help): t #改变分区的格式
Selected partition 1
Hex code (type L to list codes): 8e #改成lvm
Changed system type of partition 1 to 8e (Linux LVM)
Command (m for help): w # 保存更改
root@sh-kvm-1-1 ~]# mkfs.ext4 /dev/vdb1 # 格式化分区
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
3276800 inodes, 13107142 blocks
655357 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=4294967296
400 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 28 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
[root@sh-kvm-1-1 ~]# pvc reate /dev/vdb1 # 创建pv
vdb vdb1
[root@sh-kvm-1-1 ~]# vgextend VolGroup /dev/vdb # 扩展lvm vg
vdb vdb1
[root@sh-kvm-1-1 ~]# vgs
VG #PV #LV #SN Attr VSize VFree
VolGroup 2 2 0 wz--n- 69.50g 50.00g
# 从上面能看出,新添加的 已经加到lvm组中
通过命令行更改创建之后虚拟机的内存,cpu等信息
# 1. 查看虚拟机当前内存
[root@sh-kvm-1 ~]# virsh dominfo kvm-1 | grep memory
Max memory: 4194304 KiB
Used memory: 4194304 KiB
# 2、动态设置内存为512MB,内存减少
virsh setmem kvm-1 524288
# 注意单位必须是KB
# 3、查看内存变化
# virsh dominfo kvm-1 | grep memory
Max memory: 14194304 KiB
Used memory: 524288 kiB
# 4、内存增加
virsh shutdown kvm-1
virsh edit kvm-1 # 直接更改memory
virsh create /etc/libvirt/demu/kvm-1/xml
# 之后操作1,2,3步骤增加内存
需要修改配置文件,因此需要停止虚拟机
virsh shutdown kvm-1
virsh edit kvm-1
# 2 # 4 > 2
virsh create /etc/libvirt/demu/kvm-1/xml
1. Create a 10-GB non-sparse file:
# dd if=/dev/zero of=/vm-images/vm1-add.img bs=1M count=10240
2. Shutdown the VM:
# virsh shutdown vm1
3. Add an extra entry for ‘disk’ in the VM's XML file in /etc/libvirt/qemu. You can look copy & paste
the entry for your mail storage device and just change the target and address tags. For example:
# virsh edit vm1
<address />
Add:
<address />
# 这里建议使用上面的添加硬盘的方式添加
1 virsh shutdown kvm-1
1 virsh destroy kvm-1
1 virsh undefine kvm-1
1 rm /dev/vg_shkvm1/kvm-1 # 不建议删除硬盘
时间有限,只是列出了安装k8s的配置步骤,没有写明为什么这样做,以后有空再补上。如果有什么不明白的,欢迎在评论下留下你的问题,有空会回复。
| 服务器名称 | 角色 | IP地址 | 系统 |
|---|---|---|---|
| master | master | 192.168.83.133 | CentOS 7.3 |
| kworker1 | worker | 192.168.83.134 | CentOS 7.3 |
| kworker2 | worker | 192.168.83.135 | CentOS 7.3 |
如配置master的hostname
1. 在/etc/hosts添加127.0.0.1 master记录
2. echo “master” > /etc/hostname
3. hostname master
所有机器执行
chmod +x /etc/rc.d/rc.local
iptables -I INPUT -s 192.168.83.0/24 -j ACCEPT
iptables -I FORWARD -j ACCEPT
echo 'iptables -I INPUT -s 192.168.83.0/24 -j ACCEPT' >> /etc/rc.d/rc.local
echo 'iptables -I FORWARD -j ACCEPT' >> /etc/rc.d/rc.local
其中192.168.83.0/24为k8s节点的所在IP段。
所有机器运行。
更新系统
yum -y update
设置aliyun的源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
EOF
关闭selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0
安装kubelet和docker
yum install -y docker kubelet kubeadm kubectl kubernetes-cni
systemctl enable docker
systemctl start docker
systemctl enable kubelet
配置kubelet的源为aliyun(此aliyun源为本人从google的源搬过来的)
cat > /etc/systemd/system/kubelet.service.d/20-pod-infra-image.conf <<EOF
[Service]
Environment="KUBELET_EXTRA_ARGS=--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/centos-bz/pause-amd64:3.0"
EOF
systemctl daemon-reload
systemctl restart kubelet
reboot
所有机器运行。
cat <<EOF > /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p
由于国内无法访问google源,所以本人把主要的k8s镜像搬到了aliyun。而etcd和dns,pause的版本可以在源码的以下路径找到。可以根据相应的版本创建源。
– etcd版本:cmd/kubeadm/app/images/images.go
– dns版本:cmd/kubeadm/app/phases/addons/manifests.go
– pause-amd64: cmd/kubeadm/app/master/templates.go:
在master运行
初始化k8s并锁定v1.6.2版本。
export KUBE_REPO_PREFIX=registry.cn-hangzhou.aliyuncs.com/centos-bz
kubeadm init --pod-network-cidr 10.244.0.0/16 --kubernetes-version=v1.6.2
拉取镜像需要一定的时间,可以在master执行docker images查看已下载的镜像。
cp -f /etc/kubernetes/admin.conf $HOME/
chown $(id -u):$(id -g) $HOME/admin.conf
export KUBECONFIG=$HOME/admin.conf
echo "export KUBECONFIG=$HOME/admin.conf" >> ~/.bash_profile
如果需要master作为worker运行pod,执行
kubectl taint nodes --all node-role.kubernetes.io/master-
在worker1和worker2执行。
kubeadm join --token a30d18.1600388a52b3b472 192.168.83.133:6443
以上命令为在master初始化成功后在控制台输出的命令。
查看pod运行情况:
kubectl get pods -n kube-system
kubectl create -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel-rbac.yml
curl -sSL "https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel.yml?raw=true" | kubectl create -f -
curl -sSL https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml | sed 's#gcr.io/google_containers#registry.cn-hangzhou.aliyuncs.com/centos-bz#' | kubectl create -f -
执行如下命令来找到dashboard的端口:
[root@master ~]# kubectl get service -n kube-system | grep kubernetes-dashboard
kubernetes-dashboard 10.100.79.47 <nodes> 80:32574/TCP 4h
如上端口为32574,可以在浏览器打开http://worker1:32574访问控制面板。
curl -sSL https://raw.githubusercontent.com/kubernetes/ingress/nginx-0.9.0-beta.5/examples/deployment/nginx/default-backend.yaml | sed 's#gcr.io/google_containers#registry.cn-hangzhou.aliyuncs.com/centos-bz#' | kubectl apply -f -
新建ingress-rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: ingress
namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: ingress
subjects:
- kind: ServiceAccount
name: ingress
namespace: kube-system
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
新建nginx-ingress.yml:
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: nginx-ingress-lb
labels:
name: nginx-ingress-lb
namespace: kube-system
spec:
template:
metadata:
labels:
name: nginx-ingress-lb
annotations:
prometheus.io/port: '10254'
prometheus.io/scrape: 'true'
spec:
terminationGracePeriodSeconds: 60
serviceAccountName: ingress
hostNetwork: true
containers:
- image: registry.cn-hangzhou.aliyuncs.com/centos-bz/nginx-ingress-controller:0.9.0-beta.5
name: nginx-ingress-lb
readinessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 1
ports:
- containerPort: 80
hostPort: 80
- containerPort: 443
hostPort: 443
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-http-backend
创建nginx ingress controller
kubectl create -f ingress-rbac.yaml
kubectl apply -f nginx-ingress.yml
在worker1和worker2使用ss -nlpt命令查看80和443端口是否已经监听。
部署echo server
kubectl run echoheaders --image=registry.cn-hangzhou.aliyuncs.com/centos-bz/echoserver:1.4 --replicas=1 --port=8080
新建service
kubectl expose deployment echoheaders --port=80 --target-port=8080 --name=echoheaders-x
kubectl expose deployment echoheaders --port=80 --target-port=8080 --name=echoheaders-y
新建ingress.yaml:
# An Ingress with 2 hosts and 3 endpoints
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: echomap
spec:
rules:
- host: foo.bar.com
http:
paths:
- path: /foo
backend:
serviceName: echoheaders-x
servicePort: 80
- host: bar.baz.com
http:
paths:
- path: /bar
backend:
serviceName: echoheaders-y
servicePort: 80
- path: /foo
backend:
serviceName: echoheaders-x
servicePort: 80
新建规则
kubectl create -f ingress.yaml
使用curl测试:
curl 192.168.83.135/foo -H 'Host: foo.bar.com'
curl 192.168.83.135/other -H 'Host: foo.bar.com'
todo
todo
todo
todo
创建Dockerfile
首先,创建目录nginx,用于存放后面的相关东西。
runoob@runoob:~$ mkdir -p ~/nginx/www ~/nginx/logs ~/nginx/conf
www目录将映射为nginx容器配置的虚拟目录
logs目录将映射为nginx容器的日志目录
conf目录里的配置文件将映射为nginx容器的配置文件
进入创建的nginx目录,创建Dockerfile
FROM debian:jessie
MAINTAINER NGINX Docker Maintainers "[email protected]"
ENV NGINX_VERSION 1.10.1-1~jessie
RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
&& echo "deb http://nginx.org/packages/debian/ jessie nginx" >> /etc/apt/sources.list
&& apt-get update
&& apt-get install --no-install-recommends --no-install-suggests -y
ca-certificates
nginx=${NGINX_VERSION}
nginx-module-xslt
nginx-module-geoip
nginx-module-image-filter
nginx-module-perl
nginx-module-njs
gettext-base
&& rm -rf /var/lib/apt/lists/*
# forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log
&& ln -sf /dev/stderr /var/log/nginx/error.log
EXPOSE 80 443
CMD ["nginx", "-g", "daemon off;"]
通过Dockerfile创建一个镜像,替换成你自己的名字
docker build -t nginx .
创建完成后,我们可以在本地的镜像列表里查找到刚刚创建的镜像
runoob@runoob:~/nginx$ docker images nginx
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 555bbd91e13c 3 days ago 182.8 MB
查找Docker Hub上的nginx镜像
runoob@runoob:~/nginx$ docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 3260 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker c... 674 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable ... 207 [OK]
million12/nginx-php Nginx + PHP-FPM 5.5, 5.6, 7.0 (NG), CentOS... 67 [OK]
maxexcloo/nginx-php Docker framework container with Nginx and ... 57 [OK]
webdevops/php-nginx Nginx with PHP-FPM 39 [OK]
h3nrik/nginx-ldap NGINX web server with LDAP/AD, SSL and pro... 27 [OK]
bitnami/nginx Bitnami nginx Docker Image 19 [OK]
maxexcloo/nginx Docker framework container with Nginx inst... 7 [OK]
...
这里我们拉取官方的镜像
runoob@runoob:~/nginx$ docker pull nginx
等待下载完成后,我们就可以在本地镜像列表里查到REPOSITORY为nginx的镜像。
使用nginx镜像
运行容器
runoob@runoob:~/nginx$ docker run -p 80:80 --name mynginx -v $PWD/www:/www -v $PWD/conf/nginx.conf:/etc/nginx/nginx.conf -v $PWD/logs:/wwwlogs -d nginx
45c89fab0bf9ad643bc7ab571f3ccd65379b844498f54a7c8a4e7ca1dc3a2c1e
runoob@runoob:~/nginx$
命令说明:
-p 80:80:将容器的80端口映射到主机的80端口
–name mynginx:将容器命名为mynginx
-v $PWD/www:/www:将主机中当前目录下的www挂载到容器的/www
-v $PWD/conf/nginx.conf:/etc/nginx/nginx.conf:将主机中当前目录下的nginx.conf挂载到容器的/etc/nginx/nginx.conf
-v $PWD/logs:/wwwlogs:将主机中当前目录下的logs挂载到容器的/wwwlogs
查看容器启动情况
runoob@runoob:~/nginx$ docker ps
CONTAINER ID IMAGE COMMAND PORTS NAMES
45c89fab0bf9 nginx "nginx -g 'daemon off" ... 0.0.0.0:80->80/tcp, 443/tcp mynginx
f2fa96138d71 tomcat "catalina.sh run" ... 0.0.0.0:81->8080/tcp tomcat
通过浏览器访问
本文介绍在ubuntu 16.04 LTS安装最新版本的docker-ce,docker v17.03。目前docker分为docker-ce(社区版本),docker-ee(企业版本)。这里介绍docker-ce的安装。
要安装docker,需要如下64位ubuntu版本的系统
– Yakkety 16.10
– Xenial 16.04 (LTS)
– Trusty 14.04 (LTS)
旧的docker版本称为docker或docker-engine,如果安装了这些版本,先卸载它们:
$ sudo apt-get remove docker docker-engine
/var/lib/docker目录存储着镜像,容器,数据卷和网络,这些都会保留。
1.配置apt可以使用https安装软件包
$ sudo apt-get install
apt-transport-https
ca-certificates
curl
software-properties-common
2.添加docker官方GPG key:
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
验证key批纹为9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88.
$ sudo apt-key fingerprint 0EBFCD88
pub 4096R/0EBFCD88 2017-02-22
Key fingerprint = 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88
uid Docker Release (CE deb) <[email protected]>
sub 4096R/F273FCD8 2017-02-22
3.使用如下命令配置stable仓库。
$ sudo add-apt-repository
"deb [arch=amd64] https://download.docker.com/linux/ubuntu
$(lsb_release -cs)
stable"
1.更新apt软件包索引
$ sudo apt-get update
2.安装最新版本的docker,或者到下一步安装指定版本的docker
sudo apt-get install docker-ce
3.在生产系统中,应该安装一个指定的docker版本,而不是最新的。执行如下命令列出可用的版本。
$ apt-cache madison docker-ce
docker-ce | 17.03.0~ce-0~ubuntu-xenial | https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages
执行如下命令安装指定的版本:
sudo apt-get install docker-ce=<VERSION>
需要64位的CentOS 7系统
Docker的旧版本称为docker或docker-engine。如果已经安装有,先卸载它及它的依赖
$ sudo yum remove docker
docker-common
container-selinux
docker-selinux
docker-engine
目前Docker CE(社区版本)称为docker-ce,Docker EE(企业版本)称为docker-ee。这里我们安装社区版本。
1.安装yum-utils,提供了yum-config-manager工具:
$ sudo yum install -y yum-utils
2.使用如下命令配置一个稳定的仓库
$ sudo yum-config-manager
--add-repo
https://download.docker.com/linux/centos/docker-ce.repo
1.更新yum软件包索引
$ sudo yum makecache fast
2.安装最新版本的docker
sudo yum install docker-ce
3.在生产系统,你应该安装一个指定版本的docker。列出所有可用版本
$ yum list docker-ce.x86_64 --showduplicates |sort -r
然后安装指定版本
sudo yum install docker-ce-<VERSION>
4.启动docker
$ sudo systemctl start docker
5.通过运行hello-world镜像来检测docker是否安装成功
$ sudo docker run hello-world