近期的 Kubernetes
Mr.Lee 2024-05-29 18:00:00 LinuxKubernetes
最近接触Kubernetes比较多, 记录一下吧
# 1. 修改 NodePort 端口范围
Kubernetes 默认 node-port-range=30000-32767 端口限制
# 1.1 K3s 的修改方式
systemctl stop k3s
vi /etc/systemd/system/k3s.service # 修改配置,保存并退出
#----- 修改配置
ExecStart=/usr/local/bin/k3s server \
--kube-apiserver-arg service-node-port-range=30000-65535 \ # 添加配置, 修改 NodePort 端口范围
--data-dir /var/lib/rancher/k3s \
--token mytoken
#-----
systemctl daemon-reload
systemctl start k3s
1
2
3
4
5
6
7
8
9
10
2
3
4
5
6
7
8
9
10
# 1.2 K8s 的修改方式
端口范围是由kube-apiserver控制的, 它是一个运行在k8s集群内的pod. kube-apiserver pod 基于 /etc/kubernetes/manifests/kube-apiserver.yaml 创建.
更新文件 /etc/kubernetes/manifests/kube-apiserver.yaml 并添加行 --service-node-port-range=30000-65535
apiVersion: v1
kind: Pod
metadata:
annotations:
kubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint: 192.168.*.*:6443
creationTimestamp: null
labels:
component: kube-apiserver
tier: control-plane
name: kube-apiserver
namespace: kube-system
spec:
containers:
- command:
- kube-apiserver
- --service-node-port-range=30000-65535
- --advertise-address=192.168.*.*
- --allow-privileged=true
- --authorization-mode=Node,RBAC
- --client-ca-file=/etc/kubernetes/pki/ca.crt
- --enable-admission-plugins=NodeRestriction
- --enable-bootstrap-token-auth=true
- --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt
- --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt
- --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key
- --etcd-servers=https://127.0.0.1:2379
- --feature-gates=TTLAfterFinished=true
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# 1.3 校验修改后的NodePort
apiVersion: "v1"
kind: "Service"
metadata:
namespace: "demo"
name: "demo-gateway-service"
labels:
app: "demo-gateway"
spec:
type: "NodePort" # type 改为 NodePort
ports:
- protocol: "TCP"
port: 28080
targetPort: 28080
nodePort: 65534 # 添加对外暴露的端口号
selector:
app: "demo-gateway"
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
然后调用 http://10.40.10.5:65534/api/v1/consumer/hello?name=tom 测试
# 2. 修改 ConfigMap
# 2.1 修改指定的ConfigMap
ApiClient client = Config.defaultClient();
Configuration.setDefaultApiClient(client);
CoreV1Api api = new CoreV1Api();
String namespace = "demo", name = "demo-config";
V1ConfigMap configMap = api.readNamespacedConfigMap(name, namespace).execute();
configMap.getData().put("demo-commons.yaml", """
logging:
level:
root: "info"
spring:
datasource:
driver-class-name: "org.postgresql.Driver"
base-url: "jdbc:postgresql://192.168.10.32:5432/omm2"
username: "postgres"
password: "A123456a"
""");
api.replaceNamespacedConfigMap(name, namespace, configMap).execute();
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# 2.2 修改后配置生效
修改2~3秒后, 挂在到Pod 中的配置文件内容得到更新...但是问题, 程序里没有更新呀....
现在的方案是利用 Deployment 重启 Pod
# 重启 Deployment 中的 Pod
kubectl rollout restart deployment demo-consumer-deployment -n demo
1
2
2
存在问题: 更新
ConfigMap是明确的, 但是重启Deployment是tm模糊的呀....
待探究的方案:
Kubernetes 中 配置规则...Deployment 下面 Pod 中使用的 ConfigMap 发生变化时, 重启其下的所有 Pod.
# 3. Helm 初体验
go template
# 4. 一些命令行工具
brew install fzf
brew install bat
brew install ranger
brew install zoxide
1
2
3
4
2
3
4
# 4.1 fzf 查找文件或资源
检索历史命令: crtl + R
检索当前文件中的文件: crtl + T
# 4.2 bat 查看文件
bat docker/app/namespace.yaml README.md 可以查看多个文件, 逐行查看, 与vim操作逻辑一致.
# 4.3 ran4.3 ranger 查看目录及文件
ger 查看目录及文件
ranger docker
焦点, 始终在中间的这一列...