"dial tcp 10.0.0.1:443: getsockopt: no route to host"
1
systemctl restart flanneld docker
Ingress 访问 dashboard服务
点击登录,不能实现跳转
Let me have a summary: if you use recommend yaml to deploy dashboard, you should only access your dashboard by https , and you should generete you certs, refer to guide then , you can run kubectl proxy –address=’0.0.0.0’ –accept-hosts=’^*$’ to visit dashboard on “http://localhost:8001/ui" . This page need to login use token, generete refer to this page. Also you can add NodePort to you yaml and access to it use :
if you deploy use http alternative method, you can only access your dashboard by :, remeber to add it to yaml first!! After deploy, you should also generate you token and add header Authorization: Bearer for every request.
The offical wiki is a little bit confused so I reordered it here.
[root@node1 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-test-54789bbd4-tplgz 1/1 Running 0 2m27s [root@node1 ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.254.0.1 <none> 443/TCP 18h nginx-test ClusterIP 10.254.51.46 <none> 80/TCP 3m57s [root@node1 ~]# kubectl get ingress NAME HOSTS ADDRESS PORTS AGE nginx-test nginx.biglittleant.cn 192.168.66.11,192.168.66.12 80 4m2s
kubectl get pod -n kube-system -l app=helm NAME READY STATUS RESTARTS AGE tiller-deploy-55479b584d-4kc4b 1/1 Running 2 21h helm version Client: &version.Version{SemVer:"v2.16.9", GitCommit:"8ad7037828e5a0fca1009dabe290130da6368e39", GitTreeState:"clean"} Server: &version.Version{SemVer:"v2.16.6", GitCommit:"dd2e5695da88625b190e6b22e9542550ab503a47", GitTreeState:"clean"}
Helm 自定义模板
1 2 3
# 创建文件夹 mkdir ./hello-world cd ./hello-world
1 2 3 4 5
# 创建自描述文件 Chart.yaml , 这个文件必须有 name 和 version 定义 cat <<'EOF' > ./Chart.yaml name: hello-world version: 1.0.0 EOF
cd /usr/local/src wget https://www.keepalived.org/software/keepalived-2.1.5.tar.gz tar -zxf keepalived-2.1.5.tar.gz cd keepalived-2.1.5.tar.gz ./configure --prefix=/usr/local/src/keepalived-2.1.5_bin make && make install cd /usr/local/src/keepalived-2.1.5_bin cp sbin/keepalived /usr/sbin/ cp bin/genhash /usr/bin/
实战
添加 keepalived 启动文件
两台机器上都要操作
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
vim /etc/sysconfig/keepalived # Options for keepalived. See `keepalived --help' output and keepalived(8) and # keepalived.conf(5) man pages for a list of all options. Here are the most # common ones : # # --vrrp -P Only run with VRRP subsystem. # --check -C Only run with Health-checker subsystem. # --dont-release-vrrp -V Dont remove VRRP VIPs & VROUTEs on daemon stop. # --dont-release-ipvs -I Dont remove IPVS topology on daemon stop. # --dump-conf -d Dump the configuration data. # --log-detail -D Detailed log messages. # --log-facility -S 0-7 Set local syslog facility (default=LOG_DAEMON) # KEEPALIVED_OPTIONS="-D"
# 添加keepalived 启动文件 vim /usr/lib/systemd/system/keepalived.service [Unit] Description=LVS and VRRP High Availability Monitor After=syslog.target network-online.target
vagrant up Bringing machine 'default' up with 'virtualbox' provider... ==> default: Importing base box 'centos7-2004'... ==> default: Matching MAC address for NAT networking... ...
vagrant ssh 登录机器,验证role的执行结果确认。
机器初始化完成。先关闭虚拟机: vagrant halt , 然后开始执行打包程序: vagrant package 将package的包作为一个模板,在模板只是执行相关命令。
基于模板的(package.tar)box,安装nginx 配置
第一步:先将打包完成的镜像导入。
1
vagrant box add centos7-init package.box
第二步:初始化配置文件
1
vagrant init centos7-init
编辑Vagrantfile,执行nginx 的role来安装nginx。
1 2 3 4 5 6 7
Vagrant.configure("2") do |config| config.vm.box = "centos7-init" config.vm.network "private_network", type:"dhcp" config.vm.provision "ansible_local"do |ansible| ansible.playbook = "playbook.yml" end end
1 2 3 4 5
catplaybook.yml --- -hosts:all# All Vagrant VMs roles: -nginx
vagrant up 启动nginx虚拟机 vagrant ssh 连接上服务器,确认服务器的ip和nginx服务是否正常。
default: SSH address: 127.0.0.1:2222 default: SSH username: vagrant default: SSH auth method: private key Timed out while waiting for the machine to boot. This means that Vagrant was unable to communicate with the guest machine within the configured ("config.vm.boot_timeout" value) time period.
If you look above, you should be able to see the error(s) that Vagrant had when attempting to connect to the machine. These errors are usually good hints as to what may be wrong.
If you're using a custom box, make sure that networking is properly working and you're able to connect to the machine. It is a common problem that networking isn't setup properly in these boxes. Verify that authentication configurations are also setup properly, as well.
If the box appears to be booting properly, you may want to increase the timeout ("config.vm.boot_timeout") value.
You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
错误退出比较不一样的是,你要传递的参数是msg: result = dict(msg=output,rc=code)
报错汇总
1
ERROR! this task 'myinfo_args' has extra params, which is only allowed in the following modules: shell, win_shell, include_vars, add_host, raw, include_role, meta, set_fact, include, import_tasks, script, import_role, include_tasks, group_by, command, win_command
命令执行错了 ansible -i inventory/devlop linux-node1 -m myinfo_args -a 'new word'
正确的命令:ansible -i inventory/devlop linux-node1 -m myinfo_args -a "msg='new word'"
groups 变量是一个全局变量,引用了inventory文件里所有的主机以及主机组信息 它返回的是一个json字符串。
1 2 3 4 5 6 7
{ 'ungrouped':[], u 'judge':[u 'linux-node2_judge1', u 'linux-node2_judge2'], 'all':[u 'linux-node1', u 'linux-node2_judge1', u 'linux-node2_judge2'], u 'open_falcon':[u 'linux-node2_judge1', u 'linux-node2_judge2', u 'linux-node1'], u 'api':[u 'linux-node1'] }
playbook中通过或是的方式来引用
1 2 3
- name: Create a user for all app servers with_items: groups.appservers mysql_user: name=kate password=test host={{ hostvars.[item].ansible_eth0.ipv4.address }} state=present