ubuntu安装NFS-Server提供NFS服务

如果没有现成的NFS服务,可以利用现有服务器部署一套

安装NFS服务端

    sudo apt-get install nfs-kernel-server

编辑/etc/exports文件,增加你要提供nfs服务的路径

# /etc/exports: the access control list for filesystems which may be exported
#       to NFS clients.  See exports(5).
#
# Example for NFSv2 and NFSv3:
# /srv/homes       hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
#
# Example for NFSv4:
# /srv/nfs4        gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
# /srv/nfs4/homes  gss/krb5i(rw,sync,no_subtree_check)
#

/data/charts *(rw,sync,no_subtree_check,no_root_squash)
/data/mysql *(rw,sync,no_subtree_check,no_root_squash)
/data/redis *(rw,sync,no_subtree_check,no_root_squash)

更改共享目录权限,修改为777 (目前还不清楚最低要求权限是多少)

sudo chown 777  /data/charts

重启NFS服务

sudo /etc/init.d/nfs-kernel-server restart
2019/12/26 posted in  Linux

基础服务组件安装

nginx-ingress

以NodePort的形式负载均衡,每个node上都会绑定80、443端口

helm install nginx-ingress aliyun/nginx-ingress --set controller.service.type=NodePort,controller.service.externalTrafficPolicy=Local,controller.kind=DaemonSet,controller.daemonset.useHostPort=true -n kube-system

chartmuseum

helm install chartmuseum aliyun/chartmuseum  --set persistence.pv.enabled=true,persistence.pv.nfs.server=10.9.122.86,persistence.pv.nfs.path=/data/charts/,persistence.pv.pvname=charts --set ingress.enabled=true   --set ingress.hosts[0].name=charts.youxuetong.com   --set ingress.hosts[0].path=/ --set ingress.hosts[0].tls=true --set ingress.hosts[0].tlsSecret=chart-secret,env.open.DISABLE_API=false,env.open.ALLOW_OVERWRITE=true,env.secret.BASIC_AUTH_USER=yxt,env.secret.BASIC_AUTH_PASS=9cWcXrHPZiDj7jwL

NFS动态存储

helm install nfs-client-provisioner aliyun/nfs-client-provisioner --set nfs.server=192.168.122.9 --set nfs.path=/data -n share

如果需要将nfs-client当做默认storageclass,需要加上storageClass.defaultClass=true参数

helm install nfs-client-provisioner aliyun/nfs-client-provisioner --set nfs.server=192.168.122.9,nfs.path=/data,storageClass.defaultClass=true -n share

需要所有node节点都安装nfs组件,否则挂载不上

sudo apt-get install nfs-common

MySQL

helm install mysql aliyun/mysql --set root.password=4zxsM3XcTgVtydCK,db.user=dev,db.password=QLdTNpi6QQqiMp7B,db.name=passport_dev -n share

Redis

helm install redis aliyun/redis --set password=X2eH6BvahNqAuQkg,master.service.type=NodePort,master.service.nodePort=32765,slave.service.type=NodePort,slave.service.nodePort=32764 -n share
2019/12/20 posted in  Kubernetes

HAProxy

 验证配置文件

    haproxy -c -f /etc/haproxy/haproxy.cfg

负载均衡配置

frontend k8s-api

  bind 0.0.0.0:6443

  log global

  mode tcp

  default_backend k8s-api-server

backend k8s-api-server

  mode tcp

  log global

  balance roundrobin

  server ucloud-bj-k8s-master-01 10.9.142.180:6443 weight 1 maxconn 1000 check inter 2000 rise 2 fall 3

  server ucloud-bj-k8s-master-02 10.9.175.27:6443 weight 1 maxconn 1000 check inter 2000 rise 2 fall 3

  server ucloud-bj-k8s-master-03 10.9.91.143:6443 weight 1 maxconn 1000 check inter 2000 rise 2 fall 3
2019/12/12 posted in  Linux

Kubernets 卸载清理

kubeadm reset -f
modprobe -r ipip
lsmod
rm -rf ~/.kube/
rm -rf /etc/kubernetes/
rm -rf /etc/systemd/system/kubelet.service.d
rm -rf /etc/systemd/system/kubelet.service
rm -rf /usr/bin/kube*
rm -rf /etc/cni
rm -rf /opt/cni
rm -rf /var/lib/etcd
rm -rf /var/etcd


2019/12/12 posted in  Kubernetes

k8s实用指令

创建Docker私有仓库密钥

kubectl create secret docker-registry regsecret --docker-server=registry.cn-hangzhou.aliyuncs.com --docker-username=yin32167@aliyun.com --docker-password=xxxxxx --docker-email=yin32167@aliyun.com

k8s简单端口转发

转发至pod

kubectl port-forward --address 0.0.0.0 pod/mypod 8888:5000

转发至service

kubectl port-forward --address 0.0.0.0 services/myservice 8888:5000

移除node

移除node需要先将node上的pod转移

kubectl drain k8s-node-storage --delete-local-data --force --ignore-daemonsets

然后利用delete命令删除node

kubectl delete node node-01

k8s创建tls secret

kubectl create secret tls dev.youxuetong.com --cert=server.crt --key=server.key -n share
2019/11/29 posted in  Kubernetes