服务运维与开发

举报
winnerwhy 发表于 2024/09/25 21:18:01 2024/09/25
【摘要】 1.创建ingress gateway[root@master project]# kubectl apply -f istio/istio-1.17.2/services/bookinfo.yaml service/details createdserviceaccount/bookinfo-details createddeployment.apps/details-v1 created...

1.创建ingress gateway

[root@master project]# kubectl apply -f istio/istio-1.17.2/services/bookinfo.yaml

service/details created

serviceaccount/bookinfo-details created

deployment.apps/details-v1 created

service/ratings created

serviceaccount/bookinfo-ratings created

deployment.apps/ratings-v1 created

service/reviews created

serviceaccount/bookinfo-reviews created

deployment.apps/reviews-v1 created

deployment.apps/reviews-v2 created

deployment.apps/reviews-v3 created

service/productpage created

serviceaccount/bookinfo-productpage created

deployment.apps/productpage-v1 created


[root@master ~]# cat bookinfo-gateway.yaml #root目录下

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
  name: bookinfo-gateway
spec:
  selector:
    istio: ingressgateway # use istio default controller
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP
    hosts:
    - "*"

---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: bookinfo
spec:
  hosts:
  - "*"
  gateways:
  - bookinfo-gateway
  http:
  - match:
    - uri:
        exact: /productpage
    - uri:
        prefix: /static
    - uri:
        exact: /login
    - uri:
        exact: /logout
    - uri:
        prefix: /api/v1/products
    route:
    - destination:
        host: productpage
        port:
          number: 9080

[root@master ~]# kubectl apply -f bookinfo-gateway.yaml


2.流量管理

[root@master ~]# kubectl label ns default istio-injection=enabled

namespace/default labeled

[root@master ~]# kubectl delete po –all

[root@master ~]# cat dy.yaml

apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: productpage
spec:
  host: productpage
  subsets:
  - name: v1
    labels:
      version: v1

---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: reviews
spec:
  host: reviews
  subsets:
  - name: v1
    labels:
      version: v1
  - name: v2
    labels:
      version: v2
  - name: v3
    labels:
      version: v3
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: ratings
spec:
  host: ratings
  subsets:
  - name: v1
    labels:
      version: v1
  - name: v2
    labels:
      version: v2
  - name: v2-mysql
    labels:
      version: v2-mysql
  - name: v2-mysql-vm
    labels:
      version: v2-mysql-vm

---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: details
spec:
  host: details
  subsets:
  - name: v1
    labels:
      version: v1
  - name: v2
    labels:
      version: v2

[root@master ~]# kubectl apply -f dy.yaml


[root@master ~]# cat vs.yaml

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: productpage
spec:
  hosts:
  - productpage
  http:
  - route:
    - destination:
        host: productpage
        subset: v1

---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: reviews
spec:
  hosts:
  - reviews
  http:
  - route:
    - destination:
        host: reviews
        subset: v1

---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: ratings
spec:
  hosts:
  - ratings
  http:
  - route:
    - destination:
        host: ratings
        subset: v1

---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: details
spec:
  hosts:
  - details
  http:
  - route:
    - destination:
        host: details
        subset: v1

[root@master ~]# kubectl apply -f vs.yaml


3.基于用户身份的路由


[root@master ~]# cat virtual-service-reviews-v2.yaml

apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: reviews
spec:
  hosts:
  - reviews
  http:
  - match:
    - headers:
        end-user:
          exact: jason
    route:
    - destination:
        host: reviews
        subset: v2
  - route:
    - destination:
        host: reviews
        subset: v1

[root@master ~]# kubectl apply -f virtual-service-reviews-v2.yaml


注入延迟故障

[root@master ~]# cat vs-rantings-test.yaml

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: ratings
spec:
  hosts:
  - ratings
  http:
  - match:
    - headers:
        end-user:
          exact: jason
    fault:
      delay:
        percentage:
          value: 100.0
        fixedDelay: 7s
    route:
    - destination:
        host: reviews
        subset: v2
  - route: 
    - destination:
        host: ratings
        subset: v1

[root@master ~]# kubectl apply -f vs-rantings-test.yaml

kubevirt运维

1. 创建vm

编辑配置文件

[root@master ~]# kubectl edit kubevirts.kubevirt.io -n kubevirt kubevirt

spec:
  certificateRotateStrategy: {}
  configuration:
    developerConfiguration:
      useEmulation: true


root@master ~]# docker images | grep fe *查看镜像地址

[root@master ~]# cat vm.yaml

apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
  name: fedora-vm
spec:
  running: true   (false)
  template:
    spec:
      domain:
        resources:
          requests:
            memory: 1Gi
        devices:
          interfaces:
          - name: default
            masquerade: {}
          disks:
          - name: containerdisk
            disk:
              bus: virtio
      networks:
      - name: default
        pod: {}
      volumes:
      - name: containerdisk
        containerDisk:
          image: 192.168.100.52/library/fedora-virt:v1.0
          imagePullPolicy: IfNotPresent


[root@master ~]# kubectl apply -f vm.yaml

[root@master ~]# kubectl delete -f vm.yaml

[root@master ~]# kubectl delete vm vm.yaml

[root@master ~]# kubectl apply -f vm.yaml

[root@master ~]# virtctl console fedora-vm (虚拟机名字)


实时迁移

[root@master ~]# kubectl edit kubevirt -n kubevirt kubevirt

spec:
  certificateRotateStrategy: {}
  configuration:
    developerConfiguration:
      featureGates: 
      - LiveMigration

[root@master ~]# virtctl migrate fedora-vm


创建secret

[root@master ~]# echo 000000 |base64

[root@master ~]# cat secret.yaml

apiVersion: v1
kind: Secret
metadata:
  name: test
data:
  password: "MDAwMDAwCg=="

[root@master ~]# cat pod1.yaml

apiVersion: v1
kind: Pod
metadata:
  name: test1
spec:
  containers:
  - name: test1
    image: nginx
    command: ["/bin/sh","-c","echo $MY_SECRET"] 
    env:
    - name: MY_SECRET
      valueFrom:
        secretKeyRef:
          name: test
          key: password


[root@master ~]# cat pod2.yaml

apiVersion: v1
kind: Pod
metadata:
  name: test2
spec:
  containers:
  - name: test2
    image: nginx
    volumeMounts:
    - name: test-pv
      mountPath: "/opt/test"
      readOnly: true
  volumes:
  - name: test-pv
    secret:
      secretName: test


[root@master ~]# kubectl apply -f secret.yaml

[root@master ~]# kubectl apply -f pod1.yaml

[root@master ~]# kubectl apply -f pod2.yaml


创建resourcequota

[root@master ~]# kubectl create ns test

[root@master ~]# cat quota.yaml

apiVersion: v1
kind: ResourceQuota
metadata:
  name: storagequota
  namespace: test
spec:
  hard:
    persistentvolumeclaims: 8
    requests.storage: 25Gi

[root@master ~]# kubectl apply -f quota.yaml

创建pv卷

[root@master ~]# mkdir /data/pv -p

[root@master ~]# cat pv.yaml

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-test
spec:
  persistentVolumeReclaimPolicy: Delete
  accessModes:
  - ReadWriteOnce
  capacity:
    storage: "1Gi"
  local:
    path: "/data/pv"
  nodeAffinity:
    required:
      nodeSelectorTerms:
      - matchExpressions:
        - key: kubernetes.io/hostname
          operator: In
          values:
          - node


[root@master ~]# kubectl apply -f pv.yaml


创建ingress

[root@master ~]# kubectl create ns ing-internal

[root@master ~]# cat ingress.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: pong
  namespace: ing-internal
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  ingressClassName: nginx
  rules:
  - http:
      paths:
      - path: /hello
        pathType: Prefix
        backend:
          service:
            name: test
            port:
              number: 5678



容器开发

1.基础环境配置

[root@master opt]# tar -zxvf k8s_python.tar.gz

[root@master packages]# rpm -ivh *

[root@master k8s_python]# pip3 install --no-index --find-links=packages/ -r requirements.txt

2. 管理pod

[root@master k8s_python]# cat pod.yaml

apiVersion: v1
kind: Pod
metadata:
  name: test
  namespace: default
spec:
  containers:
  - name: test
    image: 192.168.100.115/library/nginx:latest
    ports:
  - containerPort: 80


[root@master k8s_python]# cat k8s_sdk_pod.py

import json
import os
import yaml
from kubernetes import config,client


class pod_manager:
  def __init__(self,config_file):
    config.load_kube_config(config_file)
    self.api = client.CoreV1Api()
  def create_pod(self,yamlFile):
    with open(yamlFile,encoding="utf-8") as f:
      result = yaml.safe_load(f)
      resp = self.api.create_namespaced_pod(namespace="default",body=result)
      return resp
  def get_pod(self,pod_name,namespace):
    resp = self.api.read_namespaced_pod(name=pod_name,namespace=namespace)
    return resp
  def delete_pod(self,pod_name,namespace):
    resp = self.api.delete_namespaced_pod(name=pod_name,namespace=namespace)
    return resp

eg_p = pod_manager(config_file="/root/.kube/config")
eg_p.create_pod(yamlFile="./pod.yaml")
result = eg_p.get_pod(pod_name="test",namespace="default")
print(result)
eg_p.delete_pod(pod_name="test",namespace="default")




[root@master k8s_python]# python3 k8s_sdk_pod.py

【版权声明】本文为华为云社区用户原创内容,未经允许不得转载,如需转载请自行联系原作者进行授权。如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容,举报邮箱: cloudbbs@huaweicloud.com
  • 点赞
  • 收藏
  • 关注作者

评论(0

0/1000
抱歉,系统识别当前为高风险访问,暂不支持该操作

全部回复

上滑加载中

设置昵称

在此一键设置昵称,即可参与社区互动!

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。