ubuntu 16.04 安裝kubernetes 1.8.1

前置工作
安裝kubectl

sudo rm ./kubectl /usr/local/bin/kubectl
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl

設定kubeadm來源


sudo apt-get install -y apt-transport-https curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - sudo bash -c 'cat <<EOF >/etc/apt/sources.list.d/kubernetes.list deb http://apt.kubernetes.io/ kubernetes-xenial main EOF'

安裝kubeadm

sudo apt-get update && sudo apt-get install -y kubelet kubeadm

關閉swap

sudo swapoff -a 
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
sudo mount -a

安裝步驟:

##############################################################################################
##
## init
##
sudo kubeadm init \
  --kubernetes-version=v1.8.1 \
  --pod-network-cidr=10.244.0.0/16 \
  --skip-preflight-checks

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

kubectl get pods --all-namespaces -o wide

############################################################################################
##
## 安裝網路
##
kubectl apply -f https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')

############################################################################################
##
## 加入節點
##
sudo kubeadm join --token xxxxxxxxxxxxxxxxxxxx \
  10.1.1.1:6443 \
  --discovery-token-ca-cert-hash sha256:yyyyyyyyyyyyyyyyyyyy
mkdir -p $HOME/.kube
scp 10.1.1.1:~/.kube/config $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get nodes


############################################################################################
##
## 加入dashboard, 參考來源: https://github.com/kubernetes/dashboard/wiki/Access-control
##
cat <<EOF > dashboard-admin.yaml
{
"apiVersion": "rbac.authorization.k8s.io/v1beta1",
"kind": "ClusterRoleBinding",
"metadata": {
"name": "kubernetes-dashboard",
"labels": {
"k8s-app": "kubernetes-dashboard"
}
},
"roleRef": {
"apiGroup": "rbac.authorization.k8s.io",
"kind": "ClusterRole",
"name": "cluster-admin"
},
"subjects": [
{
"kind": "ServiceAccount",
"name": "kubernetes-dashboard",
"namespace": "kube-system"
}
]
}
EOF
kubectl apply -f dashboard-admin.yaml
rm dashboard-admin.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml

############################################################################################
##
## 加入proxy
##
nohup kubectl proxy –address 0.0.0.0 –accept-hosts ‘.*’ >/dev/null 2>&1 &

############################################################################################
##
## 取得kubernetes-dashboard-admin登入dashboard的token (暫時用不到)
##
## kubectl describe -n kube-system secret/$(kubectl -n kube-system get secret | grep kubernetes-dashboard-admin | awk {‘print $1’}) | grep token: | awk {‘print $2’}

解決Ubuntu出現[W:mdadm: /etc/mdadm/mdadm.conf defines no arrays]的問題

Ubuntu 16.04 LTS每當出現Kernel update時,
就會出現W:mdadm: /etc/mdadm/mdadm.conf defines no arrays

解決方法:
刪除mdadm.conf文件

sudo rm /etc/mdadm/mdadm.conf

接著用update-initramfs命令,重新產生mdadm.conf

sudo update-initramfs -u

總結:用下列指令解決~

sudo rm /etc/mdadm/mdadm.conf || echo 1 && sudo update-initramfs -u

安裝kubernetes 1.7.5於ubuntu16.04

環境介紹:

hostname os IP note
node-k00 ubuntu16.04 10.1.200.100 kubernetes master
node-k01 ubuntu16.04 10.1.200.101 kubernetes note
node-k02 ubuntu16.04 10.1.200.102 kubernetes note
node-k03 ubuntu16.04 10.1.200.103 kubernetes note

1.首先在master以及node上安裝kubectl

curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.7.5/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl

2.安裝kubeadm (在master)

sudo apt-get install -y apt-transport-https
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
sudo bash -c 'cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF'
sudo apt-get update && sudo apt-get install -y kubelet kubeadm

3.使用kubeadm初始化kubernetes (在master)

sudo kubeadm init --kubernetes-version=v1.8.0 --pod-network-cidr 10.244.0.0/16

4.複製設定檔 (在master)

mkdir -p $HOME/.kube
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

5.等待一段時間後,使用下列指令確認一下pod部署狀態 (在master).

kubectl get pods --all-namespaces -o wide

6.建立網路 (在master)

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

並等待一段時間後,使用下列指令確認一下pod部署狀態 (在master).

kubectl get pods --all-namespaces -o wide

7.加入 dashboard-admin, 參考來源 (在master)

cat <<EOF > dashboard-admin.yaml
{
  "apiVersion": "rbac.authorization.k8s.io/v1beta1", 
  "kind": "ClusterRoleBinding", 
  "metadata": {
    "name": "kubernetes-dashboard",
    "labels": {
      "k8s-app": "kubernetes-dashboard"
    }
  },
  "roleRef": {
    "apiGroup": "rbac.authorization.k8s.io", 
    "kind": "ClusterRole", 
    "name": "cluster-admin"
  }, 
  "subjects": [
    {
      "kind": "ServiceAccount", 
      "name": "kubernetes-dashboard",
      "namespace": "kube-system"
    }
  ]
}
EOF
kubectl create -f dashboard-admin.yaml
rm dashboard-admin.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml

並等待一段時間後,使用下列指令確認一下pod部署狀態 (在master).

kubectl get pods --all-namespaces -o wide

8.建立proxy,讓瀏覽器可以開始dashboard (在master)

nohup kubectl proxy --address 0.0.0.0 --accept-hosts '.*' >/dev/null 2>&1 &

9.開啟kubenetes dashboard (在10.1.0.0/16的網域內)

http://10.1.200.100:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

10.加入Nginx Backend (在master)

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress/master/examples/deployment/nginx/default-backend.yaml

11.加入 Ingress RBAC 認證 (在master)

curl -O https://raw.githubusercontent.com/kubernetes/ingress/master/examples/rbac/nginx/nginx-ingress-controller-rbac.yml
## 修改 namespace
sed -i 's/namespace: nginx-ingress/namespace: kube-system/g' nginx-ingress-controller-rbac.yml
## 匯入yaml檔案
kubectl apply -f nginx-ingress-controller-rbac.yml
rm -r nginx-ingress-controller-rbac.yml

12.加入 Ingress Controller (在master)

curl -O https://raw.githubusercontent.com/kubernetes/ingress/master/examples/daemonset/nginx/nginx-ingress-daemonset.yaml
## 修改 namespace
sed -i 's/terminationGracePeriodSeconds/hostNetwork: true\n      serviceAccountName: nginx-ingress-serviceaccount\n      terminationGracePeriodSeconds/g' nginx-ingress-daemonset.yaml
## 匯入yaml檔案
kubectl apply -f nginx-ingress-daemonset.yaml
rm nginx-ingress-daemonset.yaml
kubectl get daemonset -n kube-system nginx-ingress-lb

13.加入其他的node (在master)

token=$(sudo kubeadm token list | grep authentication,signing | awk '{print $1}')
ssh 10.1.200.101 "sudo kubeadm join --token $token 10.1.200.100:6443"
ssh 10.1.200.102 "sudo kubeadm join --token $token 10.1.200.100:6443"
ssh 10.1.200.103 "sudo kubeadm join --token $token 10.1.200.100:6443"

ubuntu安裝docker ce

首先先安裝一些必要元件

sudo apt-get install \
  apt-transport-https \
  ca-certificates \
  curl \
  software-properties-common

接著把docker官方的GPG key加入

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

並加入安裝來源(適用amd64機器)

sudo add-apt-repository \
  "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

然後用下列指令進行安裝Docker ce

sudo apt-get update && sudo apt-get install docker-ce -y

最後把目前使用者加入docker群組

sudo gpasswd -a $USER docker

用docker架設gitlab server

首先需準備好ssl憑證,這部分可參考Let’s Encrypt
建立conf,data,log,ssl等資料夾於$PWD/files之下.

mkdir -p $PWD/files/conf
mkdir -p $PWD/files/log
mkdir -p $PWD/files/data
mkdir -p $PWD/files/ssl

並把fullchain.pem以及private.pem放在$PWD/files/ssl資料夾下,
接著用下列語法,就可以用docker架設gitlab server了

docker run -d \
  --name=gitlab \
  --hostname git.slanla.com \
  --env GITLAB_OMNIBUS_CONFIG="external_url 'https://git.slanla.com' ; nginx['redirect_http_to_https'] = true" ; gitlab_rails['backup_keep_time'] = 604800 ; \
  --publish 443:443 \
  --publish 80:80 \
  --restart always \
  -v $PWD/files/ssl/fullchain.pem:/etc/gitlab/ssl/git.slanla.com.crt \
  -v $PWD/files/ssl/privkey.pem:/etc/gitlab/ssl/git.slanla.com.key \
  -v $PWD/files/conf:/etc/gitlab \
  -v $PWD/files/log:/var/log/gitlab \
  -v $PWD/files//data:/var/opt/gitlab \
  gitlab/gitlab-ce:10.1.0-ce.0

其中

--hostname git.slanla.com \
--env GITLAB_OMNIBUS_CONFIG="external_url 'https://git.slanla.com';nginx['redirect_http_to_https'] = true" \
--publish 443:443 \
-v $PWD/files/ssl/fullchain.pem:/etc/gitlab/ssl/git.slanla.com.crt \
-v $PWD/files/ssl/privkey.pem:/etc/gitlab/ssl/git.slanla.com.key \

是與https相關,若不需要則可移除.

修改docker空間大小

首先查看一下目前空間大小

/Applications/Docker.app/Contents/MacOS/qemu-img info ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/Docker.qcow2

接著調整大小

/Applications/Docker.app/Contents/MacOS/qemu-img resize ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/Docker.qcow2 +20G

調整後,需重新啟動docker

refer:
https://rui.sh/fix-docker-for-mac-no-space-left-on-device-error.html
http://www.jianshu.com/p/2b756f9c10c1

X11 GUI application on OSX with docker

首先需要安裝socat以及xquartz

brew install socat
brew cask install xquartz

並建議重開機!

另外最好開啟opengl for x11的功能(refer)

defaults write org.macosforge.xquartz.X11 enable_iglx -bool true

接著開啟XQuartz

open -a XQuartz &

然後就可以不理會XQUartz的視窗

然後在Terminal下達執行X11代理程式

socat TCP-LISTEN:6000,reuseaddr,fork UNIX-CLIENT:\"$DISPLAY\" &

最後就可以在Terminal中啟動docker

docker run -ti --rm \
    -e DISPLAY=192.168.1.1:0 \
    --volume="$HOME/.Xauthority:/root/.Xauthority:rw" \
    -v /tmp/.X11-unix:/tmp/.X11-unix \
    firefox firefox

其中192.168.1.1為MacOS的IP

閱讀全文

以cat指令建立新檔案

過去很習慣使用vim建立新檔案
但是最近大量使用docker container的時候,面臨到沒有安裝vim的窘境.
因此找出了使用cat建立新檔案的方法,也順便建立使用script來產生檔案的方法.

使用方式如下:

cat <<EOF > example.txt
Hello World.
This is a test.
EOF

cat <<EOF 為開頭,緊接著檔名,換行後就是要建立的內容,可允許多行輸入.
最後以 EOF\n 作為結束.

如果要透過sudo指令進行,則使用方式如下:

sudo bash -c 'cat <<EOF > example.txt
Hello World.
This is a test.
EOF'

以docker部署wordpress

首先用下列指令建立一個名稱為wordpress_db的mysql container.

docker run -d \
  --restart=always \
  --name wordpress_db \
  -e MYSQL_ROOT_PASSWORD=xxxxxxxxx \
  mysql:latest

其中xxxxxxxxx是資料庫root的密碼.

接著建立一個名稱為wordpress_web的wordpress container,並將剛剛建立的wordpress_db連結成mysql.

docker run -d \
  --rworestart=always \
  --name wordpress_web \
  -e VIRTUAL_HOST=slanla.com \
  --link wordpress_db:mysql \
  -p 23456:80 \
  wordpress

其中23456為對外聯繫的port. 閱讀全文