如何通过K8s增加子节点、监控metrics资源以及改写ingress实现微服务监控之路?
- 内容介绍
- 文章标签
- 相关推荐
本文共计713个文字,预计阅读时间需要3分钟。
K8s 子节点添加,部署 Metrics 资源监控,Ingress-nginx 资源配置 HTTPS 域名,突破 NodePort 端口限制,设置 Ingress-nginx 控制器端口为 80,公开 IP 直接解析。
k8s子节点添加,metrics资源监控部署,ingress-nginx资源部署及域名get.docker.com | bash -s docker --mirror Aliyun安装完之后设置docker守护进程配置vim /etc/docker/daemon.json,内容为
{
"insecure-registries": ["127.0.0.1:8080"],
"exec-opts": ["native.cgroupdriver=systemd"],
"bip": "172.17.0.1/24",
"registry-mirrors": [
"xxxxx.mirror.aliyuncs.com"
]
}
-
insecure-registries是设置私有镜像仓库地址
-
exec-opts是设置驱动程序,这边为了装k8s的时候驱动程序相同
-
bip是设置内网ip段
-
registry-mirrors是设置国内镜像,这边是使用阿里云加速镜像xxxxx登录阿里云加速站就可以看到对应的内容了。
-
重启docker
systemctl restart docker
根据第2篇1-3点安装k8s环境,第4步骤的时候跳回本文往下看
1.3子节点接入- 查看主节点join命令
kubeadm token list,如果没查到执行重新生成的命令kubeadm token create --print-join-command
- 这里为了更方便管理可以把子节点主机名字改一下,修改方法为:
- 执行
vim /etc/hostname,修改名称 - 执行
vim /etc/hosts,修改对应的主机名,如下图node2可以修改为跟第上一步相同的主机名
- 复制出join链接在子节点执行,执行之后如下图
- 此时可以去主节点服务器查看是否成功,在主节点执行
kubectl get nodes,如下图出现子节点表示接入成功
- 必须有子节点之后才能成功安装资源监控资源监控只有一个主节点的时候安装会报错。
- 下载github上的yaml然后修改镜像为阿里云镜像,修改地址类型只留InternalIP如下图为修改地方
下面为修改后的可以直接使用
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: metrics-server
name: metrics-server
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
k8s-app: metrics-server
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-view: "true"
name: system:aggregated-metrics-reader
rules:
- apiGroups:
- metrics.k8s.io
resources:
- pods
- nodes
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
k8s-app: metrics-server
name: system:metrics-server
rules:
- apiGroups:
- ""
resources:
- nodes/metrics
verbs:
- get
- apiGroups:
- ""
resources:
- pods
- nodes
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
k8s-app: metrics-server
name: metrics-server-auth-reader
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
k8s-app: metrics-server
name: metrics-server:system:auth-delegator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:auth-delegator
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
k8s-app: metrics-server
name: system:metrics-server
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:metrics-server
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
labels:
k8s-app: metrics-server
name: metrics-server
namespace: kube-system
spec:
ports:
- name: www.558idc.com/dibai.html处的文章,转载请说明出处】
本文共计713个文字,预计阅读时间需要3分钟。
K8s 子节点添加,部署 Metrics 资源监控,Ingress-nginx 资源配置 HTTPS 域名,突破 NodePort 端口限制,设置 Ingress-nginx 控制器端口为 80,公开 IP 直接解析。
k8s子节点添加,metrics资源监控部署,ingress-nginx资源部署及域名get.docker.com | bash -s docker --mirror Aliyun安装完之后设置docker守护进程配置vim /etc/docker/daemon.json,内容为
{
"insecure-registries": ["127.0.0.1:8080"],
"exec-opts": ["native.cgroupdriver=systemd"],
"bip": "172.17.0.1/24",
"registry-mirrors": [
"xxxxx.mirror.aliyuncs.com"
]
}
-
insecure-registries是设置私有镜像仓库地址
-
exec-opts是设置驱动程序,这边为了装k8s的时候驱动程序相同
-
bip是设置内网ip段
-
registry-mirrors是设置国内镜像,这边是使用阿里云加速镜像xxxxx登录阿里云加速站就可以看到对应的内容了。
-
重启docker
systemctl restart docker
根据第2篇1-3点安装k8s环境,第4步骤的时候跳回本文往下看
1.3子节点接入- 查看主节点join命令
kubeadm token list,如果没查到执行重新生成的命令kubeadm token create --print-join-command
- 这里为了更方便管理可以把子节点主机名字改一下,修改方法为:
- 执行
vim /etc/hostname,修改名称 - 执行
vim /etc/hosts,修改对应的主机名,如下图node2可以修改为跟第上一步相同的主机名
- 复制出join链接在子节点执行,执行之后如下图
- 此时可以去主节点服务器查看是否成功,在主节点执行
kubectl get nodes,如下图出现子节点表示接入成功
- 必须有子节点之后才能成功安装资源监控资源监控只有一个主节点的时候安装会报错。
- 下载github上的yaml然后修改镜像为阿里云镜像,修改地址类型只留InternalIP如下图为修改地方
下面为修改后的可以直接使用
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: metrics-server
name: metrics-server
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
k8s-app: metrics-server
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-view: "true"
name: system:aggregated-metrics-reader
rules:
- apiGroups:
- metrics.k8s.io
resources:
- pods
- nodes
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
k8s-app: metrics-server
name: system:metrics-server
rules:
- apiGroups:
- ""
resources:
- nodes/metrics
verbs:
- get
- apiGroups:
- ""
resources:
- pods
- nodes
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
k8s-app: metrics-server
name: metrics-server-auth-reader
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
k8s-app: metrics-server
name: metrics-server:system:auth-delegator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:auth-delegator
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
k8s-app: metrics-server
name: system:metrics-server
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:metrics-server
subjects:
- kind: ServiceAccount
name: metrics-server
namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
labels:
k8s-app: metrics-server
name: metrics-server
namespace: kube-system
spec:
ports:
- name: www.558idc.com/dibai.html处的文章,转载请说明出处】