在 MacOS 中使用 multipass 安装 microk8s 环境
在 MacOS 中使用 multipass 安装 microk8s 环境
Multipass & MicroK8s 介绍
What is Kubernetes?
Kubernetes clusters host containerised applications in a reliable and scalable way. Having DevOps in mind, Kubernetes makes maintenance tasks such as upgrades dead simple.
What is Multipass?
Multipass is a lightweight VM manager for Linux, Windows and macOS. It’s designed for developers who want a fresh Ubuntu environment with a single command. It uses KVM on Linux, Hyper-V on Windows and HyperKit on macOS to run the VM with minimal overhead. It can also use VirtualBox on Windows and macOS. Multipass will fetch images for you and keep them up to date.
What is MicroK8s?
MicroK8s is a CNCF certified upstream Kubernetes deployment that runs entirely on your workstation or edge device. Being a snap it runs all Kubernetes services natively (i.e. no virtual machines) while packing the entire set of libraries and binaries needed. Installation is limited by how fast you can download a couple of hundred megabytes and the removal of MicroK8s leaves nothing behind.
安装 multipass & microk8s
安装 multipass 服务
brew search multipass
brew cask info multipass
brew cask install multipass
multipass version
通过 multipass 安装和启动 microk8s 环境
multipass launch --name microk8s-vm --mem 4G --disk 40G
multipass list
multipass stop microk8s-vm
multipass delete microk8s-vm
multipass purge
在虚机中安装 microk8s 服务
multipass exec microk8s-vm -- sudo snap install microk8s --classic
multipass exec microk8s-vm -- sudo iptables -P FORWARD ACCEPT
查看 microk8s 的 snap 包信息,比如版本信息
multipass exec microk8s-vm -- sudo snap info microk8s
增加账号访问权限,简化操作
# 默认 ubuntu 账号无权限操作集群,均需要 sudo
# 可将 ubuntu 账号加入 microk8s 用户组以便简化访问
multipass exec microk8s-vm -- sudo usermod -a -G microk8s ubuntu
multipass exec microk8s-vm -- sudo sudo chown -f -R ubuntu ~/.kube
增加访问公钥,简化操作
# 在 ~/.ssh/authorized_keys 增加自己的公钥,则可方便的进行SSH登录
multipass shell microk8s-vm
ssh
查看磁盘空间
multipass exec microk8s-vm -- df -kh
查看 kubeconfig 配置
multipass exec microk8s-vm -- /snap/bin/microk8s.config
在 kubeconfig 中可以找到集群信息,可登录查看
server: https://192.168.64.2:16443
username: admin
password: xxx
增加 DNS 插件,必须安装,多处依赖使用
multipass exec microk8s-vm -- /snap/bin/microk8s.enable dns
multipass exec microk8s-vm -- /snap/bin/microk8s.enable dashboard
尝试访问 Grafana 地址
https://192.168.64.2:16443/api/v1/namespaces/kube-system/services/monitoring-grafana/proxy
安装 Dashboard UI
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
使用 Bearer Token 进行鉴权访问
# 为安全考虑,Dashboard UI 需要使用 Bearer Token 进行鉴权访问,使用如下命令获取 Token
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl -n kube-system get secret | grep default-token | cut -d " " -f1
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl -n kube-system describe secret default-token-qqt75
访问 Dashboard UI
https://192.168.64.2:16443/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
查看集群组件状态
multipass exec microk8s-vm -- /snap/bin/microk8s.status
可通过指定配置文件进行访问
# 把kubeconfig保存至本地 /Users/xxx/.kube/microk8s-vm.yml,则可通过指定配置文件进行访问
kubectl --insecure-skip-tls-verify --kubeconfig="/Users/xxx/.kube/microk8s-vm.yml" get pods --all-namespaces
# 把kubeconfig保存至本地 ~/.kube/config,则可通过指定配置文件进行访问
kubectl --insecure-skip-tls-verify get pods --all-namespaces
安装 registry 组件
# The MicroK8s registry will not be enabled by default, so needs run the following to enable it.
multipass exec microk8s-vm -- /snap/bin/microk8s.enable registry
查看集群内组件状态
multipass exec microk8s-vm -- /snap/bin/microk8s.status | grep enabled
urban-iptable-management # 简单的IP地址查询服务,服务自治,无外部依赖
urban-district-management # 简单的省市区查询服务,服务自治,无外部依赖
urban-traffic-management # 简单的模拟服务间调用,依赖 district 服务查询城市信息
urban-gateway-management # 模拟API网关,将访问转发至其他服务
Github Repo:https://github.com/gaochundong/urbanboot
本地 docker image 构建
cd urbanboot
docker build -t urban-iptable-management-app:latest --file ./urban-iptable-management/docker/Dockerfile .
docker build -t urban-district-management-app:latest --file ./urban-district-management/docker/Dockerfile .
docker build -t urban-traffic-management-app:latest --file ./urban-traffic-management/docker/Dockerfile .
docker build -t urban-gateway-management-app:latest --file ./urban-gateway-management/docker/Dockerfile .
删除无用镜像
docker images
docker rmi --force $(docker images | grep "^<none>" | awk ‘{print $3}‘)
docker images
保存本地镜像至文件
# Save one or more images to a tar archive
docker save -o urban-iptable-management-app.tar urban-iptable-management-app:latest
docker save -o urban-district-management-app.tar urban-district-management-app:latest
docker save -o urban-traffic-management-app.tar urban-traffic-management-app:latest
docker save -o urban-gateway-management-app.tar urban-gateway-management-app:latest
拷贝镜像文件至 microk8s 机器
scp ./urban-iptable-management-app.tar :/tmp
scp ./urban-district-management-app.tar :/tmp
scp ./urban-traffic-management-app.tar ub:/tmp
scp ./urban-gateway-management-app.tar :/tmp
安装镜像至 registry
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr namespaces list
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images list -q
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images import /tmp/urban-iptable-management-app.tar
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images import /tmp/urban-district-management-app.tar
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images import /tmp/urban-traffic-management-app.tar
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images import /tmp/urban-gateway-management-app.tar
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images list -q | grep urban
删除镜像
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images remove docker.io/library/urban-iptable-management-app:latest
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images remove docker.io/library/urban-district-management-app:latest
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images remove docker.io/library/urban-traffic-management-app:latest
multipass exec microk8s-vm -- /snap/bin/microk8s.ctr images remove docker.io/library/urban-gateway-management-app:latest
在部署文件中配置镜像位置
# 替换deployment.yaml文件中的image路径
/Users/xxx/g/github/urbanboot/urban-district-management/kubernetes/deployment.yaml
创建 Namespace
kubectl --insecure-skip-tls-verify create namespace urbanboot
部署应用
kubectl --insecure-skip-tls-verify apply -f /Users/xxx/g/github/urbanboot/urban-iptable-management/kubernetes/deployment.yaml -n urbanboot
kubectl --insecure-skip-tls-verify apply -f /Users/xxx/g/github/urbanboot/urban-district-management/kubernetes/deployment.yaml -n urbanboot
kubectl --insecure-skip-tls-verify apply -f /Users/xxx/g/github/urbanboot/urban-traffic-management/kubernetes/deployment.yaml -n urbanboot
kubectl --insecure-skip-tls-verify apply -f /Users/xxx/g/github/urbanboot/urban-gateway-management/kubernetes/deployment.yaml -n urbanboot
查看部署
kubectl --insecure-skip-tls-verify get deployments -n urbanboot
kubectl --insecure-skip-tls-verify get pods -n urbanboot
删除部署,会自动删除 Pods
kubectl --insecure-skip-tls-verify delete deployment urban-iptable-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete deployment urban-district-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete deployment urban-traffic-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete deployment urban-gateway-management-app -n urbanboot
创建 Service
kubectl --insecure-skip-tls-verify get services -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose -h
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-iptable-management-app --type=ClusterIP --port=7200 --name=urban-iptable-management-app -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-iptable-management-app --type=NodePort --port=7200 --name=urban-iptable-management-nodeport -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-district-management-app --type=ClusterIP --port=7200 --name=urban-district-management-app -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-district-management-app --type=NodePort --port=7200 --name=urban-district-management-nodeport -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-traffic-management-app --type=ClusterIP --port=7200 --name=urban-traffic-management-app -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-traffic-management-app --type=NodePort --port=7200 --name=urban-traffic-management-nodeport -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-gateway-management-app --type=ClusterIP --port=7200 --name=urban-gateway-management-app -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-gateway-management-app --type=NodePort --port=7200 --name=urban-gateway-management-nodeport -n urbanboot
multipass exec microk8s-vm -- /snap/bin/microk8s.kubectl expose deployment urban-traffic-management-app --type=LoadBalancer --port=7200 --name=urban-traffic-management-loadbalancer -n urbanboot
- 参考:Kubernetes NodePort vs LoadBalancer vs Ingress? When should I use what?
- The big downside is that each service you expose with a LoadBalancer will get its own IP address, and you have to pay for a LoadBalancer per exposed service, which can get expensive!
使用配置文件创建 Service
kubectl --insecure-skip-tls-verify expose -f /Users/xxx/g/github/urbanboot/urban-traffic-management/kubernetes/service.yaml -n urbanboot
kubectl --insecure-skip-tls-verify expose -f /Users/xxx/g/github/urbanboot/urban-traffic-management/kubernetes/nodeport.yaml -n urbanboot
删除 Service
kubectl --insecure-skip-tls-verify delete service urban-iptable-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-iptable-management-nodeport -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-district-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-district-management-nodeport -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-traffic-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-traffic-management-nodeport -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-gateway-management-app -n urbanboot
kubectl --insecure-skip-tls-verify delete service urban-gateway-management-nodeport -n urbanboot
查一下 TCP 端口监听
multipass exec microk8s-vm -- netstat -nl -t
查看部署事件,按照时间排序
kubectl --insecure-skip-tls-verify get events -n urbanboot --sort-by=.metadata.creationTimestamp
查看 Pod 日志
kubectl --insecure-skip-tls-verify get pods -n urbanboot
kubectl --insecure-skip-tls-verify describe pod urban-traffic-management-app-58d7578547-p277h -n urbanboot
kubectl --insecure-skip-tls-verify logs urban-traffic-management-app-58d7578547-p277h -n urbanboot
kubectl --insecure-skip-tls-verify logs urban-traffic-management-app-58d7578547-p277h -n urbanboot --tail=20
查看 Endpoint 信息
# Spring Cloud Kubernetes 会通过 API 查询 Endpoints
kubectl --insecure-skip-tls-verify get services -n urbanboot
kubectl --insecure-skip-tls-verify get endpoints -n urbanboot
kubectl --insecure-skip-tls-verify get all --all-namespaces
kubectl --insecure-skip-tls-verify get all -n urbanboot
kubectl --insecure-skip-tls-verify describe services urban-traffic-management-nodeport -n urbanboot
kubectl --insecure-skip-tls-verify describe services urban-traffic-management-app -n urbanboot
访问 NodePort 端口
curl -s http://192.168.64.2:30211
curl -s http://192.168.64.2:30211 -i
curl -s http://192.168.64.2:30211 -v
登录 Pod 环境
kubectl --insecure-skip-tls-verify exec -it urban-traffic-management-app-58d7578547-p277h -n urbanboot -- /bin/bash
查看 Java 进程
java -version
env | grep JAVA
ps -ef|grep java
版权声明:本篇文章《在 MacOS 中使用 multipass 安装 microk8s 环境》由作者 Dennis Gao 发表自博客园个人技术博客,未经作者本人同意禁止以任何的形式转载,任何自动的或人为的爬虫转载行为均为耍流氓。