Kubenetes集群部署及Istio示例项目部署_kubesphere 安装istio

作者：盐析白兔 | 2024-08-01 20:26:48

踩

kubesphere 安装istio

主机名	IP地址	角色
k8s-master	192.168.16.134	主节点
node1	192.168.16.141	工作节点1
node2	192.168.16.140	工作结点2

一、kubenetes集群部署

1、关闭防火墙、selinux和交换分区

[root@k8s-master ~]# systemctl stop firewalld
[root@k8s-master ~]# setenforce 0
[root@k8s-master ~]# sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config

[root@k8s-master ~]# swapoff -a
# 永久关闭，修改/etc/fstab,注释掉swap一行
1
2
3
4
5
6

2、修改hosts文件

[root@k8s-master ~]# vi /etc/hosts
# 添加
192.168.16.134 k8s-master
192.168.16.141 node1
192.168.16.140 node2
1
2
3
4
5

3、时间同步

[root@k8s-master ~]# yum install chrony -y
[root@k8s-master ~]# systemctl start chronyd
[root@k8s-master ~]# systemctl enable chronyd
[root@k8s-master ~]# chronyc sources
1
2
3
4

4、修改内核参数

[root@k8s-master ~]# vi /etc/sysctl.d/k8s.conf
# 添加
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

[root@k8s-master ~]# sysctl --system
1
2
3
4
5
6
7

5、安装docker

# 修改docker的yum源为阿里源
[root@k8s-master ~]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo

[root@k8s-master ~]# yum install -y docker-ce
[root@k8s-master ~]# docker --version
Docker version 20.10.2, build 2291f61
[root@k8s-master ~]# systemctl enable docker
[root@k8s-master ~]# systemctl start docker
1
2
3
4
5
6
7
8

6、配置docker加速并修改驱动

root@k8s-master ~]# vi /etc/docker/daemon.json
# 添加
{
    "exec-opts": ["native.cgroupdriver=systemd"],
    "registry-mirrors": [
        "https://1nj0zren.mirror.aliyuncs.com",
        "https://kfwkfulq.mirror.aliyuncs.com",
        "https://2lqq34jg.mirror.aliyuncs.com",
        "https://pee6w651.mirror.aliyuncs.com",
        "http://hub-mirror.c.163.com",
        "https://docker.mirrors.ustc.edu.cn",
        "http://f1361db2.m.daocloud.io",
        "https://registry.docker-cn.com"
    ]
}

[root@k8s-master ~]# systemctl restart docker
[root@k8s-master ~]# docker info | grep "Cgroup Driver"
 Cgroup Driver: systemd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

7、安装kubenetes

[root@k8s-master ~]# vi /etc/yum.repos.d/kubernetes.repo
# 添加
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

# 安装kubelet kubeadm kubectl组件
[root@k8s-master ~]# yum -y install kubelet kubeadm kubectl
[root@k8s-master ~]# kubelet --version
Kubernetes v1.20.1
[root@k8s-master ~]# systemctl start kubelet
[root@k8s-master ~]# export KUBECONFIG=/etc/kubernetes/admin.conf

# 初始化kubenetes
[root@k8s-master ~]# kubeadm init --image-repository=registry.aliyuncs.com/google_containers

# 配置kubectl与kube-apiserver交互
[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config

# 安装网络组件
[root@k8s-master ~]# wget https://docs.projectcalico.org/v3.14/manifests/calico.yaml
[root@k8s-master ~]# kubectl apply -f calico.yaml
# 查看节点状态
[root@k8s-master ~]# kubectl get nodes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

在这里插入图片描述

# 查看组件状态
[root@k8s-master ~]# kubectl get cs
# 如果显示为unHealthy状态，注释掉/etc/kubernetes/manifests下的kube-controller-manager.yaml和kube-scheduler.yaml的 -- port=0。
1
2
3

在这里插入图片描述
8、工作节点加入集群，工作节点同样需要关闭防火墙、swap分区，安装docker、kubenetes组件，不需要init操作

# 生成token
[root@k8s-master ~]# kubeadm token create
ngq3sd.0qx38uuare9u91zh
# 生成证书
[root@k8s-master ~]# openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
9540ca794ce6b383c7d2202bd64614af5993371b5030b5746eb775a0bbbe662f
# 工作节点加入
[root@node1 ~]# kubeadm join 192.168.16.134:6443 --token ngq3sd.0qx38uuare9u91zh --discovery-token-ca-cert-hash sha256:9540ca794ce6b383c7d2202bd64614af5993371b5030b5746eb775a0bbbe662f
# 查看节点状态，如果是NotReady，请等待几分钟加载
[root@k8s-master ~]# kubectl get nodes
1
2
3
4
5
6
7
8
9
10

在这里插入图片描述

# 查看pod的状态
[root@k8s-master ~]# kubectl get pods -A
1
2

在这里插入图片描述

二、istio示例项目部署

使用master节点部署安装

下载istio安装文件

[root@k8s-master ~]# curl -L https://istio.io/downloadIstio | sh -
1

如果速度太慢可以使用迅雷访问https://github.com/istio/istio/releases/download/1.8.1/istio-1.8.1-linux-amd64.tar.gz 下载下列tar包

istio-1.8.1-linux-amd64.tar.gz
[root@k8s-master ~]# tar -zxvf istio-1.8.1-linux-amd64.tar.gz
1
2

[root@k8s-master ~]# cd istio-1.8.1

[root@k8s-master ~]# export PATH=$PWD/bin:$PATH

[root@k8s-master ~]# istioctl install --set profile=demo -y
✔ Istio core installed
✔ Istiod installed
✔ Egress gateways installed
✔ Ingress gateways installed
✔ Installation complete

[root@k8s-master ~]# kubectl label namespace default istio-injection=enabled
namespace/default labeled

[root@k8s-master ~]# kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml
service/details created
serviceaccount/bookinfo-details created
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created

[root@k8s-master ~]# kubectl get services
NAME          TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
details       ClusterIP   10.0.0.212      <none>        9080/TCP   29s
kubernetes    ClusterIP   10.0.0.1        <none>        443/TCP    25m
productpage   ClusterIP   10.0.0.57       <none>        9080/TCP   28s
ratings       ClusterIP   10.0.0.33       <none>        9080/TCP   29s
reviews       ClusterIP   10.0.0.28       <none>        9080/TCP   29s

[root@k8s-master ~]# kubectl get pods
NAME                              READY   STATUS    RESTARTS   AGE
details-v1-558b8b4b76-2llld       2/2     Running   0          2m41s
productpage-v1-6987489c74-lpkgl   2/2     Running   0          2m40s
ratings-v1-7dc98c7588-vzftc       2/2     Running   0          2m41s
reviews-v1-7f99cc4496-gdxfn       2/2     Running   0          2m41s
reviews-v2-7d79d5bd5d-8zzqd       2/2     Running   0          2m41s
reviews-v3-7dbcdcbc56-m8dph       2/2     Running   0          2m41s

[root@k8s-master ~]# kubectl exec "$(kubectl get pod -l app=ratings -o jsonpath='{.items[0].metadata.name}')" -c ratings -- curl -s productpage:9080/productpage | grep -o "<title>.*</title>"

<title>Simple Bookstore App</title>

[root@k8s-master ~]# kubectl get svc istio-ingressgateway -n istio-system
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

在这里插入图片描述

# 当使用的环境没有外部负载均衡器时使用下列指令，否则查看官方文档 https://istio.io/latest/docs/setup/getting-started/
[root@k8s-master ~]# export INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http2")].nodePort}')

[root@k8s-master ~]# export SECURE_INGRESS_PORT=$(kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="https")].nodePort}')

[root@k8s-master ~]# export INGRESS_HOST=$(kubectl get po -l istio=ingressgateway -n istio-system -o jsonpath='{.items[0].status.hostIP}')

# 设置网关URL
[root@k8s-master ~]# export GATEWAY_URL=$INGRESS_HOST:$INGRESS_PORT

[root@k8s-master ~]# echo "$GATEWAY_URL"
192.168.16.141:31679

# 使用浏览器访问输出的URL
[root@k8s-master ~]# echo "http://$GATEWAY_URL/productpage"
http://192.168.16.141:31679/productpage
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

在这里插入图片描述
$[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-J4bTAVqh-1610623768867)(C:\Users\18567731037\AppData\Roaming\Typora\typora-user-images\image-20210114191136199.png)]$

声明：本文内容由网友自发贡献，不代表【wpsshop博客】立场，版权归原作者所有，本站不承担相应法律责任。如您发现有侵权的内容，请联系我们。转载请注明出处：https://www.wpsshop.cn/w/盐析白兔/article/detail/915787