https://microk8s.io/docs/getting-started
一、安装
建议修改 hostname ,k8s对主机名格式有要求。
ubuntu@VM-201-13-ubuntu:~$ sudo snap install microk8s --classic --channel=1.29
microk8s (1.29/stable) v1.29.2 from Canonical✓ installed
sudo usermod -a -G microk8s ubuntu
sudo mkdir -p ~/.kube
sudo chown -R ubuntu ~/.kube
配置好好,需要 relogin
配置 registry.k8s.io mirror,参考 https://microk8s.io/docs/registry-private,具体操作如下
# create a directory with the registry name
sudo mkdir -p /var/snap/microk8s/current/args/certs.d/registry.k8s.io
# create the hosts.toml file pointing to the mirror
echo '
server = "registry.k8s.io"
[host."https://registry.aliyuncs.com/v2/google_containers"]
capabilities = ["pull", "resolve"]
override_path = true
' | sudo tee -a /var/snap/microk8s/current/args/certs.d/registry.k8s.io/hosts.toml
# A restart of the containerd daemon helps but is not required, since changes should take effect immediately.
sudo snap restart microk8s
二、查看服务状态
ubuntu@VM-201-4-ubuntu:~$ microk8s status --wait-ready
microk8s is running
high-availability: no
datastore master nodes: 127.0.0.1:19001
datastore standby nodes: none
addons:
enabled:
dns # (core) CoreDNS
ha-cluster # (core) Configure high availability on the current node
helm # (core) Helm - the package manager for Kubernetes
helm3 # (core) Helm 3 - the package manager for Kubernetes
disabled:
cert-manager # (core) Cloud native certificate management
cis-hardening # (core) Apply CIS K8s hardening
community # (core) The community addons repository
dashboard # (core) The Kubernetes dashboard
gpu # (core) Alias to nvidia add-on
host-access # (core) Allow Pods connecting to Host services smoothly
hostpath-storage # (core) Storage class; allocates storage from host directory
ingress # (core) Ingress controller for external access
kube-ovn # (core) An advanced network fabric for Kubernetes
mayastor # (core) OpenEBS MayaStor
metallb # (core) Loadbalancer for your Kubernetes cluster
metrics-server # (core) K8s Metrics Server for API access to service metrics
minio # (core) MinIO object storage
nvidia # (core) NVIDIA hardware (GPU and network) support
observability # (core) A lightweight observability stack for logs, traces and metrics
prometheus # (core) Prometheus operator for monitoring and logging
rbac # (core) Role-Based Access Control for authorisation
registry # (core) Private image registry exposed on localhost:32000
rook-ceph # (core) Distributed Ceph storage using Rook
storage # (core) Alias to hostpath-storage add-on, deprecated
国内用户会在这里卡住,因为下载不了registry.k8s.io的镜像。
通过命令 microk8s kubectl describe pod --all-namespaces 可以查看卡住的原因,如下:
Failed to create pod sandbox: rpc error: code = DeadlineExceeded desc = failed to get sandbox image "registry.k8s.io/pause:3.7": failed to pull image "registry.k8s.io/pause:3.7": failed to pull and unpack image "registry.k8s.io/pause:3.7": failed to resolve reference "registry.k8s.io/pause:3.7": failed to do request: Head "https://us-west2-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.7": dial tcp 74.125.203.82:443: i/o timeout
三、常用命令
microk8s kubectl get nodes
microk8s kubectl get services
alias kubectl='microk8s kubectl'
microk8s stop
microk8s start
microk8s enable dns
microk8s enable hostpath-storage
四、使用测试
ubuntu@VM-201-4-ubuntu:~$ microk8s kubectl create deployment nginx --image=nginx
deployment.apps/nginx created
ubuntu@VM-201-4-ubuntu:~$ microk8s kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-7854ff8877-2mcbt 0/1 ContainerCreating 0 5s
ubuntu@VM-201-4-ubuntu:~$ microk8s kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-7854ff8877-2mcbt 0/1 ContainerCreating 0 12s
ubuntu@VM-201-4-ubuntu:~$ microk8s kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-7854ff8877-2mcbt 1/1 Running 0 15s
五、查看 registry.k8s.io 镜像下载了没有
ubuntu@VM-201-4-ubuntu:~$ microk8s ctr images ls |grep registry.k8s.io
registry.k8s.io/pause:3.7 application/vnd.docker.distribution.manifest.list.v2+json sha256:bb6ed397957e9ca7c65ada0db5c5d1c707c9c8afc80a94acbe69f3ae76988f0c 304.0 KiB linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x,windows/amd64 io.cri-containerd.image=managed,io.cri-containerd.pinned=pinned
registry.k8s.io/pause@sha256:bb6ed397957e9ca7c65ada0db5c5d1c707c9c8afc80a94acbe69f3ae76988f0c application/vnd.docker.distribution.manifest.list.v2+json sha256:bb6ed397957e9ca7c65ada0db5c5d1c707c9c8afc80a94acbe69f3ae76988f0c 304.0 KiB linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x,windows/amd64 io.cri-containerd.image=managed,io.cri-containerd.pinned=pinned
六、当前运行的 containerd 配置文件(其他环境可参考)
配置文件路径 /var/snap/microk8s/current/args
containerd.toml
# Use config version 2 to enable new configuration fields.
version = 2
oom_score = 0
[grpc]
uid = 0
gid = 0
max_recv_message_size = 16777216
max_send_message_size = 16777216
[debug]
address = ""
uid = 0
gid = 0
[metrics]
address = "127.0.0.1:1338"
grpc_histogram = false
[cgroup]
path = ""
# The 'plugins."io.containerd.grpc.v1.cri"' table contains all of the server options.
[plugins."io.containerd.grpc.v1.cri"]
stream_server_address = "127.0.0.1"
stream_server_port = "0"
enable_selinux = false
sandbox_image = "registry.k8s.io/pause:3.7"
stats_collect_period = 10
enable_tls_streaming = false
max_container_log_line_size = 16384
# 'plugins."io.containerd.grpc.v1.cri".containerd' contains config related to containerd
[plugins."io.containerd.grpc.v1.cri".containerd]
# snapshotter is the snapshotter used by containerd.
snapshotter = "overlayfs"
# no_pivot disables pivot-root (linux only), required when running a container in a RamDisk with runc.
# This only works for runtime type "io.containerd.runtime.v1.linux".
no_pivot = false
# default_runtime_name is the default runtime name to use.
default_runtime_name = "runc"
# 'plugins."io.containerd.grpc.v1.cri".containerd.runtimes' is a map from CRI RuntimeHandler strings, which specify types
# of runtime configurations, to the matching configurations.
# In this example, 'runc' is the RuntimeHandler string to match.
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
# runtime_type is the runtime type to use in containerd e.g. io.containerd.runtime.v1.linux
runtime_type = "io.containerd.runc.v2"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia-container-runtime]
# runtime_type is the runtime type to use in containerd e.g. io.containerd.runtime.v1.linux
runtime_type = "io.containerd.runc.v2"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia-container-runtime.options]
BinaryName = "nvidia-container-runtime"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.kata]
runtime_type = "io.containerd.kata.v2"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.kata.options]
BinaryName = "kata-runtime"
# 'plugins."io.containerd.grpc.v1.cri".cni' contains config related to cni
[plugins."io.containerd.grpc.v1.cri".cni]
# bin_dir is the directory in which the binaries for the plugin is kept.
bin_dir = "/var/snap/microk8s/6539/opt/cni/bin"
# conf_dir is the directory in which the admin places a CNI conf.
conf_dir = "/var/snap/microk8s/6539/args/cni-network"
# 'plugins."io.containerd.grpc.v1.cri".registry' contains config related to the registry
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/var/snap/microk8s/6539/args/certs.d"
certs.d/registry.k8s.io/hosts.toml
server = "registry.k8s.io"
[host."https://registry.aliyuncs.com/v2/google_containers"]
capabilities = ["pull", "resolve"]
override_path = true
certs.d/docker.io/hosts.toml
server = "https://docker.io"
[host."https://registry-1.docker.io"]
capabilities = ["pull", "resolve"]
certs.d/localhost:32000/hosts.toml
server = "http://localhost:32000"
[host."http://localhost:32000"]
capabilities = ["pull", "resolve"]
网友评论