bashyum update curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun systemctl start docker # 启动docker systemctl enable docker # 开机自动启动 docker systemctl restart docker # 重启docker
bashfirewall-cmd --zone=public --add-port=0-65535/udp --permanent firewall-cmd --zone=public --add-port=0-65535/tcp --permanent firewall-cmd --reload firewall-cmd --query-port=6443/tcp
master
bashcurl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" K3S_NODE_NAME="node1" sh -s - k3s kubectl get node cat /var/lib/rancher/k3s/server/node-token systemctl restart k3s systemctl restart k3s-agent
bash#云服务器 curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn K3S_KUBECONFIG_MODE="644" K3S_NODE_NAME="node1" sh -s - --node-external-ip public_ip
cluster
检查是否ping通master curl -vk https://192.168.100.105:6443/cacerts
bashcurl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" K3S_NODE_NAME="k8s-worker-01" K3S_URL=https://192.168.100.124:6443 K3S_TOKEN=mynodetoken sh -
bash
k3s kubectl get node
kubectl get nodes kubectl get nodes -o wide
kubectl cluster-info
bash
/usr/local/bin/k3s-uninstall.sh
bash
https://helm.sh/zh/docs/intro/quickstart/
bash
X-Forwarded-For等头
添加/var/lib/rancher/k3s/server/manifests/traefik-config.yaml文件yaml
#滚动重启方法(推荐)
kubectl rollout restart deployment/bytebase
kubectl rollout restart deployment nginx-deploy
#环境变量方法
kubectl set env deployment nginx-deploy DEPLOY_DATE="$(date)"
#副本扩/缩容
kubectl scale --replicas=0 deployment nginx-deploy
kubectl scale --replicas=N deployment nginx-deploy
kubectl scale --replicas=0 -f https://git/blog.yaml
kubectl describe pods my-pod
kubectl get services # 列出当前命名空间下的所有 services
kubectl get pods --all-namespaces # 列出所有命名空间下的全部的 Pods
kubectl get pods -o wide # 列出当前命名空间下的全部 Pods,并显示更详细的信息
kubectl get deployment my-dep # 列出某个特定的 Deployment
kubectl get pods # 列出当前命名空间下的全部 Pods
kubectl get pod my-pod -o yaml # 获取一个 pod 的 YAML
kubectl delete pods <pod> --grace-period=0 --force
bash
bash
#云服务器
curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn K3S_KUBECONFIG_MODE="644" K3S_NODE_NAME="node2" K3S_URL=https://内网ip:6443 K3S_TOKEN=token sh -
# 部署
kubectl apply -f deployment.yml
kubectl apply -f service.yml
# 查看 pod
kubectl get po -o wide
# 查看 serivce
kubectl get svc
kubectl apply -f ingress.yml
#查看node的使用情况
kubectl top nodes
#查看 pod 的使用情况
kubectl top pod
kubectl top pod -n kube-system
kubectl get pods
kubectl get pods -o wide
kubectl get svc
kubectl get ingress
# 查看目前所有的pod
kubectl get po
# 查看目前所有的replica set
kubectl get rs
# 查看目前所有的deployment
kubectl get deployment
# 查看my-nginx pod的详细状态
kubectl describe po my-nginx
# 查看my-nginx replica set的详细状态
kubectl describe rs my-nginx
# 查看my-nginx deployment的详细状态
kubectl describe deployment my-nginx
#安装
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
#修改配置路径
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
#https://medium.com/@_jonas/traefik-kubernetes-ingress-and-x-forwarded-headers-82194d319b0e
# /var/lib/rancher/k3s/server/manifests/traefik-config.yaml
apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
name: traefik
namespace: kube-system
spec:
valuesContent: |-
additionalArguments:
- "--serversTransport.insecureSkipVerify=true"
dashboard:
enabled: true
ports:
traefik:
expose: true
psql:
port: 5432
expose: true
exposedPort: 5432
protocol: TCP
kafka:
port: 9092
expose: true
exposedPort: 9092
protocol: TCP
redis:
port: 6379
expose: true
exposedPort: 6379
protocol: TCP
elasticsearch:
port: 9200
expose: true
exposedPort: 9200
protocol: TCP
#配置节点不可调度
kubectl cordon <NODE_NAME>
#删除pod
kubectl delete pod -n <NAMESPACE> <POD_NAME>
#删除node
kubectl delete node <NODE_NAME>
//tls.crt
cat fullchain.cer | base64 -w0
//tls.key
cat cert.key | base64 -w0
kubectl get secret ooxo.cc-tls-secret
kubectl get secret ooxo.cc-tls-secret -o jsonpath='{.data.tls\.crt}' | base64 --decode
kubectl get secret ooxo.cc-tls-secret -o jsonpath='{.data.tls\.key}' | base64 --decode