# Kubernetes ## 外部 service ### 指定 Endpoint ```yaml kind: Endpoints apiVersion: v1 metadata: name: minio subsets: - addresses: - ip: 172.16.1.18 ports: - port: 9000 --- kind: Service apiVersion: v1 metadata: name: minio spec: ports: - port: 80 targetPort: 9000 ``` ### ExternalName ```yaml kind: Service apiVersion: v1 metadata: name: m spec: type: ExternalName externalName: bf-dev-databag.oss-cn-hangzhou-internal.aliyuncs.com ``` ## 安装 ```bash # 1. 设置免密登录 ip="10.4.34.47" && \ ssh root@${ip} 'mkdir -p ~/.ssh' && \ cat ~/.ssh/id_rsa.pub | ssh root@${ip} 'cat >> ~/.ssh/authorized_keys' && \ ssh root@${ip} 'chmod 600 .ssh/authorized_keys' # 2. 设置网络、hostname chkconfig NetworkManager on systemctl start NetworkManager.service nmtui # 3. 安装常用的工具 yum update -y && \ yum install -y tree git wget nfs-utils zsh net-tools ntp vim bind-utils traceroute # 4. 安装 zsh 和插件 sh -c "$(wget https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O -)" git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting git clone https://github.com/zsh-users/zsh-autosuggestions $ZSH_CUSTOM/plugins/zsh-autosuggestions vi ~/.zshrc change theme to af-magic zsh-syntax-highlighting zsh-autosuggestions alias vi="vim" source ~/.zshrc # 5. 关闭防火墙 systemctl stop firewalld systemctl disable firewalld # 6. 关闭内存交换 swapoff -a vi /etc/fstab free -h # 7. 安装 docker yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-selinux \ docker-engine-selinux \ docker-engine rm -rf /var/lib/docker yum install -y yum-utils \ device-mapper-persistent-data \ lvm2 cat < /etc/yum.repos.d/docker-ce.repo [docker-ce-stable] name=Docker CE Stable - \$basearch baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/\$basearch/stable enabled=1 gpgcheck=1 gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg EOF yum makecache fast yum list docker-ce --showduplicates | sort -r yum install -y --setopt=obsoletes=0 docker-ce-17.03.2.ce docker-ce-selinux-17.03.2.ce-1.el7.centos iptables -P FORWARD ACCEPT systemctl enable docker && systemctl start docker yum-config-manager --disable docker-ce-stable # 8. 安装 Kuberntes cat < /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF yum makecache fast yum list kubelet --showduplicates | sort -r yum list kubeadm --showduplicates | sort -r yum list kubectl --showduplicates | sort -r setenforce 0 vi /etc/selinux/config SELINUX=disabled yum install -y kubernetes-cni-0.6.0 kubelet-1.11.0 kubectl-1.11.0 kubeadm-1.11.0 systemctl enable kubelet && systemctl start kubelet yum-config-manager --disable kubernetes cat < /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl net.bridge.bridge-nf-call-iptables=1 sysctl --system # docker info | grep cgroup # cat /etc/systemd/system/kubelet.service.d/10-kubeadm.conf # sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf DOCKER_CGROUPS=$(docker info | grep 'Cgroup' | cut -d' ' -f3) echo $DOCKER_CGROUPS cat >/etc/sysconfig/kubelet</dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' # or kubeadm token create --print-join-command ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://yunzhao.gitbook.io/notes/other/kubernetes.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.