服务运维与开发
1.创建ingress gateway
[root@master project]# kubectl apply -f istio/istio-1.17.2/services/bookinfo.yaml
service/details created
serviceaccount/bookinfo-details created
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created
[root@master ~]# cat bookinfo-gateway.yaml #root目录下
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: bookinfo-gateway
spec:
selector:
istio: ingressgateway # use istio default controller
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: bookinfo
spec:
hosts:
- "*"
gateways:
- bookinfo-gateway
http:
- match:
- uri:
exact: /productpage
- uri:
prefix: /static
- uri:
exact: /login
- uri:
exact: /logout
- uri:
prefix: /api/v1/products
route:
- destination:
host: productpage
port:
number: 9080
[root@master ~]# kubectl apply -f bookinfo-gateway.yaml
2.流量管理
[root@master ~]# kubectl label ns default istio-injection=enabled
namespace/default labeled
[root@master ~]# kubectl delete po –all
[root@master ~]# cat dy.yaml
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: productpage
spec:
host: productpage
subsets:
- name: v1
labels:
version: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: reviews
spec:
host: reviews
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
- name: v3
labels:
version: v3
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: ratings
spec:
host: ratings
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
- name: v2-mysql
labels:
version: v2-mysql
- name: v2-mysql-vm
labels:
version: v2-mysql-vm
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: details
spec:
host: details
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
[root@master ~]# kubectl apply -f dy.yaml
[root@master ~]# cat vs.yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: productpage
spec:
hosts:
- productpage
http:
- route:
- destination:
host: productpage
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- route:
- destination:
host: reviews
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: ratings
spec:
hosts:
- ratings
http:
- route:
- destination:
host: ratings
subset: v1
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: details
spec:
hosts:
- details
http:
- route:
- destination:
host: details
subset: v1
[root@master ~]# kubectl apply -f vs.yaml
3.基于用户身份的路由
[root@master ~]# cat virtual-service-reviews-v2.yaml
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: reviews
spec:
hosts:
- reviews
http:
- match:
- headers:
end-user:
exact: jason
route:
- destination:
host: reviews
subset: v2
- route:
- destination:
host: reviews
subset: v1
[root@master ~]# kubectl apply -f virtual-service-reviews-v2.yaml
注入延迟故障
[root@master ~]# cat vs-rantings-test.yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: ratings
spec:
hosts:
- ratings
http:
- match:
- headers:
end-user:
exact: jason
fault:
delay:
percentage:
value: 100.0
fixedDelay: 7s
route:
- destination:
host: reviews
subset: v2
- route:
- destination:
host: ratings
subset: v1
[root@master ~]# kubectl apply -f vs-rantings-test.yaml
kubevirt运维
1. 创建vm
编辑配置文件
[root@master ~]# kubectl edit kubevirts.kubevirt.io -n kubevirt kubevirt
spec:
certificateRotateStrategy: {}
configuration:
developerConfiguration:
useEmulation: true
root@master ~]# docker images | grep fe *查看镜像地址
[root@master ~]# cat vm.yaml
apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
name: fedora-vm
spec:
running: true (false)
template:
spec:
domain:
resources:
requests:
memory: 1Gi
devices:
interfaces:
- name: default
masquerade: {}
disks:
- name: containerdisk
disk:
bus: virtio
networks:
- name: default
pod: {}
volumes:
- name: containerdisk
containerDisk:
image: 192.168.100.52/library/fedora-virt:v1.0
imagePullPolicy: IfNotPresent
[root@master ~]# kubectl apply -f vm.yaml
[root@master ~]# kubectl delete -f vm.yaml
[root@master ~]# kubectl delete vm vm.yaml
[root@master ~]# kubectl apply -f vm.yaml
[root@master ~]# virtctl console fedora-vm (虚拟机名字)
实时迁移
[root@master ~]# kubectl edit kubevirt -n kubevirt kubevirt
spec:
certificateRotateStrategy: {}
configuration:
developerConfiguration:
featureGates:
- LiveMigration
[root@master ~]# virtctl migrate fedora-vm
创建secret
[root@master ~]# echo 000000 |base64
[root@master ~]# cat secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: test
data:
password: "MDAwMDAwCg=="
[root@master ~]# cat pod1.yaml
apiVersion: v1
kind: Pod
metadata:
name: test1
spec:
containers:
- name: test1
image: nginx
command: ["/bin/sh","-c","echo $MY_SECRET"]
env:
- name: MY_SECRET
valueFrom:
secretKeyRef:
name: test
key: password
[root@master ~]# cat pod2.yaml
apiVersion: v1
kind: Pod
metadata:
name: test2
spec:
containers:
- name: test2
image: nginx
volumeMounts:
- name: test-pv
mountPath: "/opt/test"
readOnly: true
volumes:
- name: test-pv
secret:
secretName: test
[root@master ~]# kubectl apply -f secret.yaml
[root@master ~]# kubectl apply -f pod1.yaml
[root@master ~]# kubectl apply -f pod2.yaml
创建resourcequota
[root@master ~]# kubectl create ns test
[root@master ~]# cat quota.yaml
apiVersion: v1
kind: ResourceQuota
metadata:
name: storagequota
namespace: test
spec:
hard:
persistentvolumeclaims: 8
requests.storage: 25Gi
[root@master ~]# kubectl apply -f quota.yaml
创建pv卷
[root@master ~]# mkdir /data/pv -p
[root@master ~]# cat pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-test
spec:
persistentVolumeReclaimPolicy: Delete
accessModes:
- ReadWriteOnce
capacity:
storage: "1Gi"
local:
path: "/data/pv"
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- node
[root@master ~]# kubectl apply -f pv.yaml
创建ingress
[root@master ~]# kubectl create ns ing-internal
[root@master ~]# cat ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: pong
namespace: ing-internal
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- http:
paths:
- path: /hello
pathType: Prefix
backend:
service:
name: test
port:
number: 5678
容器开发
1.基础环境配置
[root@master opt]# tar -zxvf k8s_python.tar.gz
[root@master packages]# rpm -ivh *
[root@master k8s_python]# pip3 install --no-index --find-links=packages/ -r requirements.txt
2. 管理pod
[root@master k8s_python]# cat pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: test
namespace: default
spec:
containers:
- name: test
image: 192.168.100.115/library/nginx:latest
ports:
- containerPort: 80
[root@master k8s_python]# cat k8s_sdk_pod.py
import json
import os
import yaml
from kubernetes import config,client
class pod_manager:
def __init__(self,config_file):
config.load_kube_config(config_file)
self.api = client.CoreV1Api()
def create_pod(self,yamlFile):
with open(yamlFile,encoding="utf-8") as f:
result = yaml.safe_load(f)
resp = self.api.create_namespaced_pod(namespace="default",body=result)
return resp
def get_pod(self,pod_name,namespace):
resp = self.api.read_namespaced_pod(name=pod_name,namespace=namespace)
return resp
def delete_pod(self,pod_name,namespace):
resp = self.api.delete_namespaced_pod(name=pod_name,namespace=namespace)
return resp
eg_p = pod_manager(config_file="/root/.kube/config")
eg_p.create_pod(yamlFile="./pod.yaml")
result = eg_p.get_pod(pod_name="test",namespace="default")
print(result)
eg_p.delete_pod(pod_name="test",namespace="default")
[root@master k8s_python]# python3 k8s_sdk_pod.py
- 点赞
- 收藏
- 关注作者
评论(0)