这篇文章将为大家详细讲解有关kind在本地是如何玩转kubernetes,文章内容质量较高,因此小编分享给大家做个参考,希望大家阅读完这篇文章后对相关知识有一定的了解。
kubernetes 现在已经走进了大众的视野,很多同学都对此比较好奇,从其他渠道或多或少都了解了一些,但是苦于kubernetes环境,不能身临其境的感受, 毕竟如果完整搭建一套kubernetes环境是需要资源的。 今天介绍一款工具(kind),让大家可以本地也可以构建起 kubernetes 环境,愉快的在本地玩转 kubernetes。
kind 全称 是 kubernetes in docker ,把 kubernetes 控制面的组件全部运行在一个docker 容器中,在本地通过 127.0.0.1 进行通信。这种玩法只能在本地体 验, 不可用于生成环境,特别适用于新人在本地体验、开发 kubernetes 相关组件时在本地进行调试等,如开始 operator 时可以在 kind 进行调试 。
如果有 golang 环境,可以通过如下命令安装 :
计算
安全
数据库
网络和加速
企业服务
GO111MODULE="on" go get sigs.k8s.io/kind@v0.10.0如果下载的比较慢可以设置代理,增加一个环境变量即可:
GOPROXY="https://goproxy.cn"Linux :
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.10.0/kind-linux-amd64
chmod +x ./kind
mv ./kind /some-dir-in-your-PATH/kindMac (homebrew)
brew install kind
或者 :
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.10.0/kind-darwin-amd64
Windows:
curl.exe -Lo kind-windows-amd64.exe https://kind.sigs.k8s.io/dl/v0.10.0/kind-windows-amd64 Move-Item .\kind-windows-amd64.exe c:\some-dir-in-your-PATH\kind.exe
通过 kind --help 看看支持哪些命令
kind --help
kind creates and manages local Kubernetes clusters using Docker container 'nodes'
Usage:
kind [command]
Available Commands:
build Build one of [node-image]
completion Output shell completion code for the specified shell (bash, zsh or fish)
create Creates one of [cluster]
delete Deletes one of [cluster]
export Exports one of [kubeconfig, logs]
get Gets one of [clusters, nodes, kubeconfig]
help Help about any command
load Loads images into nodes
version Prints the kind CLI version
Flags:
-h, --help help for kind
--loglevel string DEPRECATED: see -v instead
-q, --quiet silence all stderr output
-v, --verbosity int32 info log verbosity
--version version for kind
Use "kind [command] --help" for more information about a command.可以看出支持3种类型的命令,cluster 相关、image 相关、通用命令 。
cluster 相关的有 create, delete 等,主要用于创建和删除 kubernetes 集群。
image 相关的有 build, load 等,主要用于本地调试时,本地可以 build镜像直接load 到集群中,而不需要推送到镜像仓库再通过集群去 pull 。
通用命令如 get ,version 等。
kind --version
kind --version
kind version 0.9.0本篇文章以 kind 0.9.0 进行介绍 。下面是比较精彩的部分,仔细看哦 :eyes:
创建一个 kubernetes 集群 :
kind create cluster
Creating cluster "kind" ...
✓ Ensuring node image (kindest/node:v1.19.1) ????
✓ Preparing nodes ????
✓ Writing configuration ????
✓ Starting control-plane ????️
✓ Installing CNI ????
✓ Installing StorageClass ????
Set kubectl context to "kind-kind"
You can now use your cluster with:
kubectl cluster-info --context kind-kind
Thanks for using kind! ????一条命令就已经启动好了一个集群 ,可以通过 kind get clusters 查看已经创建的集群。
kind get clusters
kind既然是 kubernetes in docker ,那就看看启动了哪些容器 :
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fdb88a476bb0 kindest/node:v1.19.1 "/usr/local/bin/entr…" 3 minutes ago Up 2 minutes 127.0.0.1:43111->6443/tcp kind-control-plane可以看到有一个控制面的容器启动了,进到容器中看看都有什么
[root@iZuf685opgs9oyozju9i2bZ ~]# docker exec -it kind-control-plane bash
root@kind-control-plane:/#
root@kind-control-plane:/#
root@kind-control-plane:/# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 02:49 ? 00:00:00 /sbin/init
root 126 1 0 02:49 ? 00:00:00 /lib/systemd/systemd-journald
root 145 1 1 02:49 ? 00:00:06 /usr/local/bin/containerd
root 257 1 0 02:49 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id c1a5e2c868b9a744f4f78a85a8d660950bb76103a38e7
root 271 1 0 02:49 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 3549ecade28e2dccbad5ed15a4cd2b6e6a886cd3e10ab
root 297 1 0 02:49 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 379ed27442f35696d488dd5a63cc61dc474bfa9bd08a9
root 335 1 0 02:49 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id e4eae33bf489c617c7133ada7dbd92129f3f817cb74b7
root 343 271 0 02:49 ? 00:00:00 /pause
root 360 257 0 02:49 ? 00:00:00 /pause
root 365 297 0 02:49 ? 00:00:00 /pause
root 377 335 0 02:49 ? 00:00:00 /pause
root 443 335 0 02:49 ? 00:00:01 kube-scheduler --authentication-kubeconfig=/etc/kubernetes/scheduler.conf --authorization-kubeconfig=/etc/
root 468 297 4 02:49 ? 00:00:17 kube-apiserver --advertise-address=172.18.0.2 --allow-privileged=true --authorization-mode=Node,RBAC --cli
root 496 271 1 02:49 ? 00:00:05 kube-controller-manager --allocate-node-cidrs=true --authentication-kubeconfig=/etc/kubernetes/controller-
root 540 257 1 02:49 ? 00:00:05 etcd --advertise-client-urls=https://172.18.0.2:2379 --cert-file=/etc/kubernetes/pki/etcd/server.crt --cli
root 580 1 1 02:49 ? 00:00:06 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernete
root 673 1 0 02:50 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id b0965a6f77f58c46cfe7b30dd84ddf4bc37516ba60e6e
root 695 673 0 02:50 ? 00:00:00 /pause
root 709 1 0 02:50 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id aedf0f1fd02baf1cf2b253ad11e33e396d97cc7c53114
root 738 709 0 02:50 ? 00:00:00 /pause
root 789 673 0 02:50 ? 00:00:00 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/config.conf --hostname-override=kind-control-plane
root 798 709 0 02:50 ? 00:00:00 /bin/kindnetd
root 1011 1 0 02:50 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id aa554aa998c3091a70eacbc3e4a2f275a1e680a585d69
root 1024 1 0 02:50 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 7373488f811fc5d638c2b3f5f79d953573e30a42ff52f
root 1048 1 0 02:50 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 5ab6c3ef1715623e2c28fbfdecd5f4e6e2616fc20a387
root 1079 1011 0 02:50 ? 00:00:00 /pause
root 1088 1024 0 02:50 ? 00:00:00 /pause
root 1095 1048 0 02:50 ? 00:00:00 /pause
root 1152 1011 0 02:50 ? 00:00:00 /coredns -conf /etc/coredns/Corefile
root 1196 1024 0 02:50 ? 00:00:00 /coredns -conf /etc/coredns/Corefile
root 1205 1048 0 02:50 ? 00:00:00 local-path-provisioner --debug start --helper-image k8s.gcr.io/build-image/debian-base:v2.1.0 --config /et
root 1961 0 0 02:56 pts/1 00:00:00 bash
root 1969 1961 0 02:56 pts/1 00:00:00 ps -ef
root@kind-control-plane:/#可以看到容器中有很多进程,仔细梳理一下看看有什么组件
kube-apiserver ... : api-server 组件,是操作资源的入口并且提供认证、授权、权限控制、API注册和服务发现的机制
kube-scheduler ... : scheduler 组件,负责资源的调度以及根据预先设定的调度策略将pod调度到合适的节点上
kube-controller-manager ... : controller-manager 组件,负责管理集群的状态,如异常发现、自动扩容和滚动更新等
etcd ... : etcd 组件,主要用于存储 kubernetes 的数据
/usr/bin/kubelet ... : kubelet组件, 负责管理容器的生命周期、数据卷以及网络(CNI)
/usr/local/bin/kube-proxy ... : kube-proxy 组件: 负责服务发现和集群Service的负载均衡
/coredns ... : dns 组件,负责集群内部的域名解析
/usr/local/bin/containerd ... : kubernetes 的 CRI(容器运行时)的具体实现,创建具体 pod 以来这个组件
/pause... : pod 的 根容器,创建 pod 时先创建出这个容器,pod 的网络配置等就是配置到此容器中,后续其他容器会共享这个容器的网络
/usr/local/bin/containerd-shim-runc-v2 ... : 真正的容器,后续启动的pod 都是以这种形式启动
可以看到这个容器中包含了 kubernetes 中所有控制面的组件和数据面的组件,是一个 all in one 的 集群。
这个容器的详细配置可以通过 docker inspect kind-control-plane 查看。
关于 kubernetes 的使用已经有很多文章来介绍了,所以这里不作为重点介绍,简单演示一下。可以通过 api 或者 kubectl 与kuberntes 进行交互, 这里选择用 kubectl 进行演示。
如果本地没有 kubectl 需要进行安装,安装文档参见: https://kubernetes.io/docs/tasks/tools/install-kubectl/
kubectl 的基本用法可以参考我之前的文章 :kubectl 常用命令
以 部署 logstash 为例,我们会创建如下资源 :
Namespace
Deployment
Configmap
Hpa
Service
具体的 yaml 文件如下 :
cat logstash.yaml
---
# setting Namespace
apiVersion: v1
kind: Namespace
metadata:
name: logging
---
# setting ConfigMap
kind: ConfigMap
apiVersion: v1
metadata:
name: logstash-conf
namespace: logging
data:
logstash.conf: |
input {
http {
host => "0.0.0.0" # default: 0.0.0.0
port => 8080 # default: 8080
response_headers => {
"Content-Type" => "text/plain"
"Access-Control-Allow-Origin" => "*"
"Access-Control-Allow-Methods" => "GET, POST, DELETE, PUT"
"Access-Control-Allow-Headers" => "authorization, content-type"
"Access-Control-Allow-Credentials" => true
}
}
}
output {
stdout {
codec => rubydebug
}
}
---
# setting Depolyment
apiVersion: apps/v1
kind: Deployment
metadata:
name: logstash
namespace: logging
spec:
replicas: 1
selector:
matchLabels:
app: logstash
template:
metadata:
labels:
app: logstash
spec:
volumes:
- name: config
configMap:
name: logstash-conf
hostname: logstash
containers:
- name: logstash
image: russellgao/logstash:7.2.0
args: [
"-f","/usr/share/logstash/pipeline/logstash.conf",
]
imagePullPolicy: IfNotPresent
volumeMounts:
- name: config
mountPath: "/usr/share/logstash/pipeline/logstash.conf"
readOnly: true
subPath: logstash.conf
resources:
requests:
cpu: 1
memory: 2048Mi
limits:
cpu: 3
memory: 3072Mi
readinessProbe:
tcpSocket:
port: 8080
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 8080
initialDelaySeconds: 15
periodSeconds: 20
timeoutSeconds: 15
imagePullSecrets:
- name: harbor
---
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: logstash-hpa
namespace: logging
spec:
scaleTargetRef:
apiVersion: apps/v1beta2
kind: Deployment
name: logstash
minReplicas: 1
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
targetAverageUtilization: 80
---
apiVersion: v1
kind: Service
metadata:
name: logstash-custerip
namespace: logging
spec:
selector:
app: logstash
type: ClusterIP
ports:
- name: 'port'
protocol: TCP
port: 8080
targetPort: 8080执行 kubectl apply -f logstash.yaml
kubectl apply -f logstash.yaml namespace/logging created configmap/logstash-conf created deployment.apps/logstash created horizontalpodautoscaler.autoscaling/logstash-hpa created service/logstash-custerip created
可以看到具体的资源已经被创建出来,下面来观察具体的资源 :
查看 ConfigMap :
kubectl -n logging get configmap
NAME DATA AGE
logstash-conf 1 4m查看 Deployment :
kubectl -n logging get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
logstash 1/1 1 1 4m查看 Pod :
kubectl -n logging get po -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
logstash-64d58c4b98-nqk4v 1/1 Running 0 93s 10.244.0.9 kind-control-plane <none> <none>这里需要注意的是 Pod 所在的 node 是 kind-control-plane ,而非本机,说明 kubernetes node 就是这个容器,在本地 curl 10.244.0.9:8080 这个地址是不通,说明是在集群外, 进到容器内再 curl 就是通的 :
curl 10.244.0.9:8080 -v
* About to connect() to 10.244.0.9 port 8080 (#0)
* Trying 10.244.0.9...
^C
[root@iZuf685opgs9oyozju9i2bZ k8s]#
[root@iZuf685opgs9oyozju9i2bZ k8s]#
[root@iZuf685opgs9oyozju9i2bZ k8s]# docker exec -it kind-control-plane bash
root@kind-control-plane:/# curl 10.244.0.9:8080 -v
* Trying 10.244.0.9:8080...
* TCP_NODELAY set
* Connected to 10.244.0.9 (10.244.0.9) port 8080 (#0)
> GET / HTTP/1.1
> Host: 10.244.0.9:8080
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET, POST, DELETE, PUT
< Access-Control-Allow-Headers: authorization, content-type
< Access-Control-Allow-Credentials: true
< content-length: 2
< content-type: text/plain
<
* Connection #0 to host 10.244.0.9 left intact
okroot@kind-control-plane:/#查看 service :
kubectl -n logging get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
logstash-custerip ClusterIP 10.96.234.144 <none> 8080/TCP 5mpod 和 service 的原理是一样的,通过 CLUSTER-IP 访问只能在容器内进行访问。
在 pod 内进行访问
[root@iZuf685opgs9oyozju9i2bZ k8s]# kubectl -n logging exec -it logstash-64d58c4b98-nqk4v bash
bash-4.2$ curl 10.96.234.144:8080 -v
* About to connect() to 10.96.234.144 port 8080 (#0)
* Trying 10.96.234.144...
* Connected to 10.96.234.144 (10.96.234.144) port 8080 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 10.96.234.144:8080
> Accept: */*
>
< HTTP/1.1 200 OK
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET, POST, DELETE, PUT
< Access-Control-Allow-Headers: authorization, content-type
< Access-Control-Allow-Credentials: true
< content-length: 2
< content-type: text/plain
<
* Connection #0 to host 10.96.234.144 left intact
okbash-4.2$
bash-4.2$ curl logstash-custerip:8080 -v
* About to connect() to logstash-custerip port 8080 (#0)
* Trying 10.96.234.144...
* Connected to logstash-custerip (10.96.234.144) port 8080 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: logstash-custerip:8080
> Accept: */*
>
< HTTP/1.1 200 OK
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET, POST, DELETE, PUT
< Access-Control-Allow-Headers: authorization, content-type
< Access-Control-Allow-Credentials: true
< content-length: 2
< content-type: text/plain
<
* Connection #0 to host logstash-custerip left intact
okbash-4.2$查看 hpa :
kubectl -n logging get hpa
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
logstash-hpa Deployment/logstash <unknown>/80% 1 10 1 5m演示就到这里,可以看到和真正的 kubernetes 使用并无两样。那么这里还有一个问题,启动的这个 pod 是如何运行的呢 ?
再次进到控制面的容器内看看 :
root@kind-control-plane:/# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 02:49 ? 00:00:00 /sbin/init
root 126 1 0 02:49 ? 00:00:00 /lib/systemd/systemd-journald
root 145 1 0 02:49 ? 00:01:12 /usr/local/bin/containerd
root 257 1 0 02:49 ? 00:00:03 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id c1a5e2c868b9a744f4f78a85a8d660950bb76103a38e7
root 271 1 0 02:49 ? 00:00:03 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 3549ecade28e2dccbad5ed15a4cd2b6e6a886cd3e10ab
root 297 1 0 02:49 ? 00:00:02 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 379ed27442f35696d488dd5a63cc61dc474bfa9bd08a9
root 335 1 0 02:49 ? 00:00:02 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id e4eae33bf489c617c7133ada7dbd92129f3f817cb74b7
root 343 271 0 02:49 ? 00:00:00 /pause
root 360 257 0 02:49 ? 00:00:00 /pause
root 365 297 0 02:49 ? 00:00:00 /pause
root 377 335 0 02:49 ? 00:00:00 /pause
root 443 335 0 02:49 ? 00:00:43 kube-scheduler --authentication-kubeconfig=/etc/kubernetes/scheduler.conf --authorization-kubeconfig=/etc/
root 468 297 3 02:49 ? 00:09:25 kube-apiserver --advertise-address=172.18.0.2 --allow-privileged=true --authorization-mode=Node,RBAC --cli
root 496 271 0 02:49 ? 00:02:53 kube-controller-manager --allocate-node-cidrs=true --authentication-kubeconfig=/etc/kubernetes/controller-
root 540 257 1 02:49 ? 00:03:33 etcd --advertise-client-urls=https://172.18.0.2:2379 --cert-file=/etc/kubernetes/pki/etcd/server.crt --cli
root 580 1 1 02:49 ? 00:05:07 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernete
root 673 1 0 02:50 ? 00:00:02 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id b0965a6f77f58c46cfe7b30dd84ddf4bc37516ba60e6e
root 695 673 0 02:50 ? 00:00:00 /pause
root 709 1 0 02:50 ? 00:00:03 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id aedf0f1fd02baf1cf2b253ad11e33e396d97cc7c53114
root 738 709 0 02:50 ? 00:00:00 /pause
root 789 673 0 02:50 ? 00:00:01 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/config.conf --hostname-override=kind-control-plane
root 798 709 0 02:50 ? 00:00:02 /bin/kindnetd
root 1011 1 0 02:50 ? 00:00:02 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id aa554aa998c3091a70eacbc3e4a2f275a1e680a585d69
root 1024 1 0 02:50 ? 00:00:03 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 7373488f811fc5d638c2b3f5f79d953573e30a42ff52f
root 1048 1 0 02:50 ? 00:00:03 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 5ab6c3ef1715623e2c28fbfdecd5f4e6e2616fc20a387
root 1079 1011 0 02:50 ? 00:00:00 /pause
root 1088 1024 0 02:50 ? 00:00:00 /pause
root 1095 1048 0 02:50 ? 00:00:00 /pause
root 1152 1011 0 02:50 ? 00:00:35 /coredns -conf /etc/coredns/Corefile
root 1196 1024 0 02:50 ? 00:00:35 /coredns -conf /etc/coredns/Corefile
root 1205 1048 0 02:50 ? 00:00:13 local-path-provisioner --debug start --helper-image k8s.gcr.io/build-image/debian-base:v2.1.0 --config /et
root 1961 0 0 02:56 pts/1 00:00:00 bash
root 34093 1 0 07:27 ? 00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 438c08255ede5fb7fa93b37bcbe51807d2fa5e507122b
root 34115 34093 0 07:27 ? 00:00:00 /pause
1000 34151 34093 6 07:27 ? 00:01:05 /bin/java -Xms2g -Xmx2g -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatin
root 36423 0 0 07:43 pts/2 00:00:00 bash
root 36540 36423 0 07:44 pts/2 00:00:00 ps -ef可以看到 STIME 是 07:27 的就是刚刚启动 logstash 相关的进程,通过 containerd-shim-runc-v2 启动的 logstash 进程,/pause 为 pod的根容器。
在本地体验完或者测试完成之后,为了节省资源,可以把刚刚启动的集群进行删除,下次需要时再创建即可 。
kind delete cluster
Deleting cluster "kind" ...
[root@iZuf685opgs9oyozju9i2bZ k8s]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4ec800c3ec10 russellgao/openresty:1.17.8.2-5-alpine "/usr/local/openrest…" 8 weeks ago Up 7 days 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp openresty-app-1
[root@iZuf685opgs9oyozju9i2bZ k8s]# kubectl -n logging get po
The connection to the server localhost:8080 was refused - did you specify the right host or port?通过上面的命令可以看出 :
当执行 kind delete cluster 命令之后会把控制面的容器(kind-control-plane) 删除
当再次执行 kubectl 命令是已经无法找到对应的 api-server地址,可以查看 .kube/config 文件,发现已经删除了关于集群的配置信息。
关于kind在本地是如何玩转kubernetes就分享到这里了,希望以上内容可以对大家有一定的帮助,可以学到更多知识。如果觉得文章不错,可以把它分享出去让更多的人看到。
亿速云「云服务器」,即开即用、新一代英特尔至强铂金CPU、三副本存储NVMe SSD云盘,价格低至29元/月。点击查看>>
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
原文链接:https://my.oschina.net/russellgao/blog/4949521
