k8s系列-10-k8s集群验证和图形化界面访问k8s

上一篇我们成功使用kubespary部署了最新版本的k8s，那么这篇我们就查看下到底安装了哪些服务，以及如何图形化界面访问k8s系统。

​​查看集群内容​​

1、查看命名空间

[root@node1 ~]# kubectl get nsNAME STATUS AGEdefault Active 23hingress-nginx Active 23hkube-node-lease Active 23hkube-public Active 23hkube-system Active 23h[root@node1 ~]#

2、查看default有什么内容

[root@node1 ~]# kubectl get all -n defaultNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEservice/kubernetes ClusterIP 10.200.0.1 443/TCP 23h[root@node1 ~]#

3、查看ingress-nginx有什么内容

[root@node1 ~]# kubectl get all -n ingress-nginxNAME READY STATUS RESTARTS AGEpod/ingress-nginx-controller-68hbq 1/1 Running 1 (14m ago) 23hpod/ingress-nginx-controller-clt8p 1/1 Running 1 (14m ago) 23hpod/ingress-nginx-controller-hmcf6 1/1 Running 1 (14m ago) 23hNAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGEdaemonset.apps/ingress-nginx-controller 3 3 3 3 3 kubernetes.io/os=linux 23h[root@node1 ~]#

可以看到有三个pod和一个daemonset，说明每一个节点上都运行了一个ingerss-nginx。

4、查看kube-node-lease和kube-public有什么内容

[root@node1 ~]# kubectl get all -n kube-node-leaseNo resources found in kube-node-lease namespace.[root@node1 ~]# kubectl get all -n kube-publicNo resources found in kube-public namespace.[root@node1 ~]#

这两个命名空间下什么内容都没有，为空。

5、查看kube-system有什么内容

[root@node1 ~]# kubectl get all -n kube-systemNAME READY STATUS RESTARTS AGEpod/calico-kube-controllers-5788f6558-tv62d 1/1 Running 2 (21m ago) 24hpod/calico-node-lv2mq 1/1 Running 1 (21m ago) 24hpod/calico-node-nvlvd 1/1 Running 1 (21m ago) 24hpod/calico-node-r9znq 1/1 Running 1 (21m ago) 24hpod/coredns-8474476ff8-2zmkb 1/1 Running 1 (21m ago) 23hpod/coredns-8474476ff8-bjssc 1/1 Running 1 (21m ago) 23hpod/dns-autoscaler-5ffdc7f89d-pstjw 1/1 Running 1 (21m ago) 23hpod/kube-apiserver-node1 1/1 Running 2 (21m ago) 24hpod/kube-apiserver-node2 1/1 Running 2 (21m ago) 24hpod/kube-controller-manager-node1 1/1 Running 2 (21m ago) 24hpod/kube-controller-manager-node2 1/1 Running 2 (21m ago) 24hpod/kube-proxy-8qfm5 1/1 Running 1 (21m ago) 24hpod/kube-proxy-d8d7d 1/1 Running 1 (21m ago) 24hpod/kube-proxy-vlfb2 1/1 Running 1 (21m ago) 24hpod/kube-scheduler-node1 1/1 Running 3 (21m ago) 24hpod/kube-scheduler-node2 1/1 Running 2 (21m ago) 24hpod/kubernetes-dashboard-548847967d-5fk9w 1/1 Running 1 (21m ago) 23hpod/kubernetes-metrics-scraper-6d49f96c97-thk7v 1/1 Running 1 (21m ago) 23hpod/nginx-proxy-node3 1/1 Running 1 (21m ago) 24hpod/nodelocaldns-5lfw2 0/1 Pending 0 23hpod/nodelocaldns-9pk5m 1/1 Running 1 (21m ago) 23hpod/nodelocaldns-d8m7h 0/1 Pending 0 23hNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEservice/coredns ClusterIP 10.200.0.3 53/UDP,53/TCP,9153/TCP 23hservice/dashboard-metrics-scraper ClusterIP 10.200.177.189 8000/TCP 23hservice/kubernetes-dashboard ClusterIP 10.200.30.147 443/TCP 23hNAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGEdaemonset.apps/calico-node 3 3 3 3 3 kubernetes.io/os=linux 24hdaemonset.apps/kube-proxy 3 3 3 3 3 kubernetes.io/os=linux 24hdaemonset.apps/nodelocaldns 3 3 1 3 1 kubernetes.io/os=linux 23hNAME READY UP-TO-DATE AVAILABLE AGEdeployment.apps/calico-kube-controllers 1/1 1 1 24hdeployment.apps/coredns 2/2 2 2 23hdeployment.apps/dns-autoscaler 1/1 1 1 23hdeployment.apps/kubernetes-dashboard 1/1 1 1 23hdeployment.apps/kubernetes-metrics-scraper 1/1 1 1 23hNAME DESIRED CURRENT READY AGEreplicaset.apps/calico-kube-controllers-5788f6558 1 1 1 24hreplicaset.apps/coredns-8474476ff8 2 2 2 23hreplicaset.apps/dns-autoscaler-5ffdc7f89d 1 1 1 23hreplicaset.apps/kubernetes-dashboard-548847967d 1 1 1 23hreplicaset.apps/kubernetes-metrics-scraper-6d49f96c97 1 1 1 23h[root@node1 ~]#

在这个命名空间下可以看到有很多pod、service、daemonset、deployment、replicaset，除了pod我们前面介绍过之外，剩余的那些东西都分别代表什么内容呢？下面咱们来详细说明下。

6、资源分类

pod：是k8s中最小的单元ReplicaSet：调度器，通过标签控制 pod 的副本数目Deployment：控制器，管理无状态的应用StatefulSet：管理有状态的应用DaemonSet：可以在每个节点运行 pod 主键Job：批处理CronJob：批处理

上面的都是在node1节点，也就是master节点看到的内容，至于别的节点就自行去实践即可。

​​ingress-nginx​​

从上面kube-system这个命名空间中可以看到，ingerss-nginx只有在node3上运行了，所以我们需要切换到node上查看，至于为什么只在node3运行，看完我们就知道了。

[root@node3 ~]# crictl psCONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID570b3da43f846 a9f76bcccfb5f 35 minutes ago Running ingress-nginx-controller 1 a6c5c45508d8ca11842fca1afe 6570786a0fd3b 36 minutes ago Running calico-node 1 641441cd33f53c6b5f26c06708 7801cfc6d5c07 36 minutes ago Running kubernetes-metrics-scraper 1 526b653df8827dae61986d67eb 296a6d5035e2d 36 minutes ago Running coredns 1 a04b5d5cf27a2f3f2e6a0677c1 72f07539ffb58 36 minutes ago Running kubernetes-dashboard 1 6d28d27cd415bce6269e3270f8 fcd3512f2a7c5 36 minutes ago Running calico-kube-controllers 2 5f489f39e9c14fc1f16997de4a 5bae806f8f123 36 minutes ago Running node-cache 1 331eac1c6a9817dd92d5eeeebf 8f8fdd6672d48 36 minutes ago Running kube-proxy 1 69655ac71243d1d5821872d6ac f6987c8d6ed59 36 minutes ago Running nginx-proxy 1 f5e8c2f953ca7[root@node3 ~]# cat /etc/kubernetes/manifests/nginx-proxy.yml apiVersion: v1kind: Podmetadata: name: nginx-proxy namespace: kube-system labels: addonmanager.kubernetes.io/mode: Reconcile k8s-app: kube-nginx annotations: nginx-cfg-checksum: "a9814dd8ff52d61bc33226a61d3159315ba1c9ad"spec: hostNetwork: true dnsPolicy: ClusterFirstWithHostNet nodeSelector: kubernetes.io/os: linux priorityClassName: system-node-critical containers: - name: nginx-proxy image: docker.io/library/nginx:1.21.4 imagePullPolicy: IfNotPresent resources: requests: cpu: 25m memory: 32M livenessProbe: path: /healthz port: 8081 readinessProbe: path: /healthz port: 8081 volumeMounts: - mountPath: /etc/nginx name: etc-nginx readOnly: true volumes: - name: etc-nginx hostPath: path: /etc/nginx[root@node3 ~]#

从上面“volumeMounts”参数可以看到，挂载的目录是/etc/nginx，那么我们去看下那个里面有什么：

[root@node3 ~]# cat /etc/nginx/nginx.conf error_log stderr notice;worker_processes 2;worker_rlimit_nofile 130048;worker_shutdown_timeout 10s;events { multi_accept on; use epoll; worker_connections 16384;}stream { upstream kube_apiserver { least_conn; server 192.168.112.130:6443; server 192.168.112.131:6443; } server { listen 127.0.0.1:6443; proxy_pass kube_apiserver; proxy_timeout 10m; proxy_connect_timeout 1s; }}{ aio threads; aio_write on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 5m; keepalive_requests 100; reset_timedout_connection on; server_tokens off; autoindex off; server { listen 8081; location /healthz { access_log off; return 200; } location /stub_status { stub_status on; access_log off; } } }[root@node3 ~]#

我们重点关注下以下这一段：

stream { upstream kube_apiserver { least_conn; server 192.168.112.130:6443; server 192.168.112.131:6443; } server { listen 127.0.0.1:6443; proxy_pass kube_apiserver; proxy_timeout 10m; proxy_connect_timeout 1s; }}

哦，懂了，原来是将master节点上的kube_apiserver做了负载，由于master是node1和node2，已经占用了6443端口，所以不会在node1和node2上启动ingerss-nginx，故而只有在node3上有该服务。

​​清理代理​​

我们在安装的时候，还记得添加了一个外网代理吧，是不是没有删除，这个时候我们先清空掉，不需要了，这叫什么？

每个节点上都需要操作哈：

[root@node1 ~]# rm -f /etc/systemd/system/containerd.service.d/[root@node1 ~]# systemctl daemon-reload[root@node1 ~]# systemctl restart containerd[root@node1 ~]# grep 8118 -r /etc/yum*/etc/yum.conf:proxy=~]#[root@node1 ~]# vim /etc/yum.conf # 把上面grep出来的那一行，删除掉。 [root@node1 ~]#

​​测试集群​​

1、新建一个nginx的daemonset：

[root@node1 ~]# mkdir k8s[root@node1 ~]# cd k8s/[root@node1 k8s]# touch nginx-ds.yml[root@node1 k8s]# vim nginx-da.ymlapiVersion: v1kind: Servicemetadata: name: nginx-ds labels: app: nginx-dsspec: type: NodePort selector: app: nginx-ds ports: - name: port: 80 targetPort: 80---apiVersion: apps/v1kind: DaemonSetmetadata: name: nginx-dsspec: selector: matchLabels: app: nginx-ds template: metadata: labels: app: nginx-ds spec: containers: - name: my-nginx image: nginx:1.19 ports: - containerPort: 80[root@node1 k8s]# kubectl apply -f nginx-ds.ymlservice/nginx-ds createddaemonset.apps/nginx-ds created[root@node1 k8s]#

2、查看下运行状态：

# 参数 -o wide 表示输出额外信息。对于Pod，将输出Pod所在的Node名[root@node1 k8s]# kubectl get pod -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESnginx-ds-kwdp6 1/1 Running 0 8m11s 10.233.28.9 node3 nginx-ds-tf6mh 1/1 Running 0 8m11s 10.233.44.5 node2 nginx-ds-v5w8c 1/1 Running 0 8m11s 10.233.154.5 node1 [root@node1 k8s]#

可以看到，在三个节点上都运行了一个nginx的pod，如果你发现上面那条命令执行之后，没有看到IP地址，那么稍等一会儿就会有了。

3、ping下IP地址，看下是否可以连通，最好每个节点都执行下，我这里只写一台的操作：

[root@node1 k8s]# ping 10.233.28.9PING 10.233.28.9 (10.233.28.9) 56(84) bytes of data.64 bytes from 10.233.28.9: icmp_seq=1 ttl=63 time=0.662 ms64 bytes from 10.233.28.9: icmp_seq=2 ttl=63 time=0.505 ms^C--- 10.233.28.9 ping statistics ---2 packets transmitted, 2 received, 0% packet loss, time 1000msrtt min/avg/max/mdev = 0.505/0.583/0.662/0.082 ms[root@node1 k8s]# ping 10.233.44.5PING 10.233.44.5 (10.233.44.5) 56(84) bytes of data.64 bytes from 10.233.44.5: icmp_seq=1 ttl=63 time=0.409 ms64 bytes from 10.233.44.5: icmp_seq=2 ttl=63 time=1.40 ms^C--- 10.233.44.5 ping statistics ---2 packets transmitted, 2 received, 0% packet loss, time 1000msrtt min/avg/max/mdev = 0.409/0.908/1.407/0.499 ms[root@node1 k8s]# ping 10.233.154.5PING 10.233.154.5 (10.233.154.5) 56(84) bytes of data.64 bytes from 10.233.154.5: icmp_seq=1 ttl=64 time=0.163 ms64 bytes from 10.233.154.5: icmp_seq=2 ttl=64 time=0.061 ms^C--- 10.233.154.5 ping statistics ---2 packets transmitted, 2 received, 0% packet loss, time 1000msrtt min/avg/max/mdev = 0.061/0.112/0.163/0.051 ms[root@node1 k8s]#

4、检查service可达性：

[root@node1 k8s]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.200.0.1 443/TCP 27hnginx-ds NodePort 10.200.255.83 80:30962/TCP 32m[root@node1 k8s]#

5、访问服务：

[root@node1 k8s]# curl html>

Welcome to nginx!

If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.

For online documentation and support please refer to

For online documentation and support please refer to