1. <dd id="erndk"></dd>
                1. k8s 圖形化生成yaml,告別手寫

                  互聯網 2021/12/29 23:38:04

                  安裝說明參數解析:serverName: 集群別名serverAddress: Kubernetes APIServer地址serverAdminUser: Kubernetes管理員賬號(需要配置basic auth)serverAdminPassword: Kubernetes管理員密碼serverAdminToken: Kubernetes管理員Token // 暫不支持serverDashboardUrl: Kubern…

                  安裝說明

                  參數解析:
                          serverName: 集群別名
                          serverAddress: Kubernetes APIServer地址
                          serverAdminUser: Kubernetes管理員賬號(需要配置basic auth)
                          serverAdminPassword: Kubernetes管理員密碼
                          serverAdminToken: Kubernetes管理員Token // 暫不支持
                          serverDashboardUrl: Kubernetes官方dashboard地址,1.x版本需要添加/#!,2.x需要添加/#
                          kubeConfigPath: Kubernetes kube.config路徑(絕對路徑,這個路徑不是宿主機的本地路徑,而是1.2小節secret的掛載路徑,一般可以不改/mnt)
                          harborConfig: 對于多集群管理的情況下,可能會存在不同的harbor倉庫,配置此參數可以在拷貝資源的時候自動替換harbor配置
                      kubeConfigPath 通過secret掛載到容器的/mnt目錄或者其他目錄

                   

                  創建secret

                  [root@master01 ratel]# vi servers.yaml
                  - serverName: 'test1'
                    serverAddress: 'https://127.0.0.1:8443'
                    #serverAdminUser: 'xxx'
                    #serverAdminPassword: 'xxx#'
                  #  serverAdminToken: 'null'
                    serverDashboardUrl: "https://172.16.1.11:30001/#"
                    production: 'false'
                    kubeConfigPath: "/mnt/test1.config"
                    harborConfig: "HarborUrl, HarborUsername, HarborPassword, HarborEmail"
                  
                  [root@master01 ratel]# kubectl create secret generic ratel-config  --from-file=test1.config  --from-file=servers.yaml -n kube-system && kubectl create ns kube-users

                   

                  創建RBAC

                  創建權限管理namespace
                  [root@master01 ratel]#  kubectl create ns kube-users
                  
                  然后添加如下的ClusterroleBinding
                  [root@master01 ratel]#  vim ratel-rbac.yaml
                  
                  apiVersion: v1
                  items:
                  - apiVersion: rbac.authorization.k8s.io/v1
                    kind: ClusterRole
                    metadata:
                      annotations:
                        rbac.authorization.kubernetes.io/autoupdate: "true"
                      labels:
                        kubernetes.io/bootstrapping: rbac-defaults
                        rbac.authorization.k8s.io/aggregate-to-edit: "true"
                      name: ratel-namespace-readonly
                    rules:
                    - apiGroups:
                      - ""
                      resources:
                      - namespaces
                      verbs:
                      - get
                      - list
                      - watch
                    - apiGroups:
                      - metrics.k8s.io
                      resources:
                      - pods
                      verbs:
                      - get
                      - list
                      - watch
                  - apiVersion: rbac.authorization.k8s.io/v1
                    kind: ClusterRole
                    metadata:
                      name: ratel-pod-delete
                    rules:
                    - apiGroups:
                      - ""
                      resources:
                      - pods
                      verbs:
                      - get
                      - list
                      - delete
                  - apiVersion: rbac.authorization.k8s.io/v1
                    kind: ClusterRole
                    metadata:
                      name: ratel-pod-exec
                    rules:
                    - apiGroups:
                      - ""
                      resources:
                      - pods
                      - pods/log
                      verbs:
                      - get
                      - list
                    - apiGroups:
                      - ""
                      resources:
                      - pods/exec
                      verbs:
                      - create
                  - apiVersion: rbac.authorization.k8s.io/v1
                    kind: ClusterRole
                    metadata:
                      annotations:
                        rbac.authorization.kubernetes.io/autoupdate: "true"
                      name: ratel-resource-edit
                    rules:
                    - apiGroups:
                      - ""
                      resources:
                      - configmaps
                      - persistentvolumeclaims
                      - services
                      - services/proxy
                      verbs:
                      - patch
                      - update
                    - apiGroups:
                      - apps
                      resources:
                      - daemonsets
                      - deployments
                      - deployments/rollback
                      - deployments/scale
                      - statefulsets
                      - statefulsets/scale
                      verbs:
                      - patch
                      - update
                    - apiGroups:
                      - autoscaling
                      resources:
                      - horizontalpodautoscalers
                      verbs:
                      - patch
                      - update
                    - apiGroups:
                      - batch
                      resources:
                      - cronjobs
                      - jobs
                      verbs:
                      - patch
                      - update
                    - apiGroups:
                      - extensions
                      resources:
                      - daemonsets
                      - deployments
                      - deployments/rollback
                      - deployments/scale
                      - ingresses
                      - networkpolicies
                      verbs:
                      - patch
                      - update
                    - apiGroups:
                      - networking.k8s.io
                      resources:
                      - ingresses
                      - networkpolicies
                      verbs:
                      - patch
                      - update
                  - apiVersion: rbac.authorization.k8s.io/v1
                    kind: ClusterRole
                    metadata:
                      name: ratel-resource-readonly
                    rules:
                    - apiGroups:
                      - ""
                      resources:
                      - configmaps
                      - endpoints
                      - persistentvolumeclaims
                      - pods
                      - replicationcontrollers
                      - replicationcontrollers/scale
                      - serviceaccounts
                      - services
                      verbs:
                      - get
                      - list
                      - watch
                    - apiGroups:
                      - ""
                      resources:
                      - bindings
                      - events
                      - limitranges
                      - namespaces/status
                      - pods/log
                      - pods/status
                      - replicationcontrollers/status
                      - resourcequotas
                      - resourcequotas/status
                      verbs:
                      - get
                      - list
                      - watch
                    - apiGroups:
                      - ""
                      resources:
                      - namespaces
                      verbs:
                      - get
                      - list
                      - watch
                    - apiGroups:
                      - apps
                      resources:
                      - controllerrevisions
                      - daemonsets
                      - deployments
                      - deployments/scale
                      - replicasets
                      - replicasets/scale
                      - statefulsets
                      - statefulsets/scale
                      verbs:
                      - get
                      - list
                      - watch
                    - apiGroups:
                      - autoscaling
                      resources:
                      - horizontalpodautoscalers
                      verbs:
                      - get
                      - list
                      - watch
                    - apiGroups:
                      - batch
                      resources:
                      - cronjobs
                      - jobs
                      verbs:
                      - get
                      - list
                      - watch
                    - apiGroups:
                      - extensions
                      resources:
                      - daemonsets
                      - deployments
                      - deployments/scale
                      - ingresses
                      - networkpolicies
                      - replicasets
                      - replicasets/scale
                      - replicationcontrollers/scale
                      verbs:
                      - get
                      - list
                      - watch
                    - apiGroups:
                      - policy
                      resources:
                      - poddisruptionbudgets
                      verbs:
                      - get
                      - list
                      - watch
                    - apiGroups:
                      - networking.k8s.io
                      resources:
                      - networkpolicies
                      - ingresses
                      verbs:
                      - get
                      - list
                      - watch
                    - apiGroups:
                      - metrics.k8s.io
                      resources:
                      - pods
                      verbs:
                      - get
                      - list
                      - watch
                  kind: List
                  metadata:
                    resourceVersion: ""
                    selfLink: ""
                    
                  [root@master01 ratel]# kubectl create -f ratel-rbac.yaml
                  
                  vim ratel-rbac-binding.yaml
                  apiVersion: rbac.authorization.k8s.io/v1
                  kind: ClusterRoleBinding
                  metadata:
                    name: ratel-namespace-readonly-sa
                  roleRef:
                    apiGroup: rbac.authorization.k8s.io
                    kind: ClusterRole
                    name: ratel-namespace-readonly
                  subjects:
                  - apiGroup: rbac.authorization.k8s.io
                    kind: Group
                    name: system:serviceaccounts:kube-users
                    
                    [root@master01 ratel]#  kubectl create -f ratel-rbac-binding.yaml

                   

                  部署ratel

                  [root@master01 ratel]# vi ratel.yaml
                  apiVersion: apps/v1
                  kind: Deployment
                  metadata:
                    labels:
                      app: ratel
                    name: ratel
                    namespace: kube-system
                  spec:
                    replicas: 1
                    selector:
                      matchLabels:
                        app: ratel
                    strategy:
                      rollingUpdate:
                        maxSurge: 1
                        maxUnavailable: 0
                      type: RollingUpdate
                    template:
                      metadata:
                        creationTimestamp: null
                        labels:
                          app: ratel
                      spec:
                        containers:
                          - command:
                              - sh
                              - -c
                              - ./ratel -c /mnt/servers.yaml
                            env:
                              - name: TZ
                                value: Asia/Shanghai
                              - name: LANG
                                value: C.UTF-8
                              - name: ProRunMode
                                value: prod
                              - name: ADMIN_USERNAME
                                value: admin    # 登錄用戶
                              - name: ADMIN_PASSWORD
                                value: password  #登錄密碼
                            image: registry.cn-beijing.aliyuncs.com/dotbalo/ratel:latest
                            imagePullPolicy: Always
                            livenessProbe:
                              failureThreshold: 2
                              initialDelaySeconds: 10
                              periodSeconds: 60
                              successThreshold: 1
                              tcpSocket:
                                port: 8888
                              timeoutSeconds: 2
                            name: ratel
                            ports:
                              - containerPort: 8888
                                name: web
                                protocol: TCP
                            readinessProbe:
                              failureThreshold: 2
                              initialDelaySeconds: 10
                              periodSeconds: 60
                              successThreshold: 1
                              tcpSocket:
                                port: 8888
                              timeoutSeconds: 2
                            resources:
                              limits:
                                cpu: 500m
                                memory: 512Mi
                              requests:
                                cpu: 500m
                                memory: 512Mi
                            volumeMounts:
                              - mountPath: /mnt
                                name: ratel-config
                        dnsPolicy: ClusterFirst
                        imagePullSecrets:
                          - name: myregistrykey
                        restartPolicy: Always
                        schedulerName: default-scheduler
                        securityContext: {}
                        terminationGracePeriodSeconds: 30
                        volumes:
                          - name: ratel-config
                            secret:
                              defaultMode: 420
                              secretName: ratel-config
                  
                  
                  
                      需要更改的內容如下:
                          ProRunMode: 區別在于dev模式打印的是debug日志, 其他模式是info級別的日志, 實際使用時應該配置為非dev
                          ADMIN_USERNAME: ratel自己的管理員賬號
                          ADMIN_PASSWORD: ratel自己的管理員密碼
                          實際使用時賬號密碼應滿足復雜性要求,因為ratel可以直接操作所有配置的資源。
                          其他無需配置, 端口配置暫不支持。
                  [root@master01 ratel]# kubectl apply -f ratel.yaml

                   

                  創建service

                  [root@master01 ratel]# vi ratel-service.yaml
                      創建ratel Service的文件如下:
                          apiVersion: v1
                          kind: Service
                          metadata:
                            labels:
                              app: ratel
                            name: ratel
                            namespace: kube-system
                          spec:
                            ports:
                              - name: container-1-web-1
                                port: 8888
                                protocol: TCP
                                targetPort: 8888
                            selector:
                              app: ratel
                            type: NodePort
                  [root@master01 ratel]#  kubectl apply -f ratel-service.yaml

                   

                   

                   

                  #參考鏈接:https://www.cnblogs.com/dukuan/p/13524622.html

                   

                  隨時隨地學軟件編程-關注百度小程序和微信小程序
                  關于找一找教程網

                  本站文章僅代表作者觀點,不代表本站立場,所有文章非營利性免費分享。
                  本站提供了軟件編程、網站開發技術、服務器運維、人工智能等等IT技術文章,希望廣大程序員努力學習,讓我們用科技改變世界。
                  [k8s 圖形化生成yaml,告別手寫]http://www.yachtsalesaustralia.com/tech/detail-277482.html

                  贊(0)
                  關注微信小程序
                  程序員編程王-隨時隨地學編程

                  掃描二維碼或查找【程序員編程王】

                  可以隨時隨地學編程啦!

                  技術文章導航 更多>
                  掃一掃關注最新編程教程
                  国产在线拍揄自揄视频菠萝

                        1. <dd id="erndk"></dd>