<?xml version="1.0" encoding="UTF-8" ?>
<rss version="2.0">
<channel>
<title><![CDATA[运维进行时]]></title> 
<link>https://blog.liuts.com/index.php</link> 
<description><![CDATA[互联网运维与架构]]></description> 
<language>zh-cn</language> 
<copyright><![CDATA[运维进行时]]></copyright>
<item>
<link>https://blog.liuts.com/post/247/</link>
<title><![CDATA[基于kubernetes构建Docker集群管理详解]]></title> 
<author>刘天斯 &lt;liutiansi@gmail.com&gt;</author>
<category><![CDATA[Docker]]></category>
<pubDate>Mon, 22 Dec 2014 13:41:54 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/</guid> 
<description>
<![CDATA[ 
	<br/><strong>一、前言</strong><br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Kubernetes 是Google开源的容器集群管理系统，基于Docker构建一个容器的调度服务，提供资源调度、均衡容灾、服务注册、动态扩缩容等功能套件，目前最新版本为0.6.2。本文介绍如何基于Centos7.0构建Kubernetes平台，在正式介绍之前，大家有必要先理解Kubernetes几个核心概念及其承担的功能。以下为Kubernetes的架构设计图：<br/><a href="https://blog.liuts.com/attachment.php?fid=368" target="_blank"><img src="https://blog.liuts.com/attachment.php?fid=368" class="insertimage" alt="点击在新窗口中浏览此图片" title="点击在新窗口中浏览此图片" border="0"/></a><br/>1. Pods<br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;在Kubernetes系统中，调度的最小颗粒不是单纯的容器，而是抽象成一个Pod，Pod是一个可以被创建、销毁、调度、管理的最小的部署单元。比如一个或一组容器。<br/>2. Replication Controllers<br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Replication Controller是Kubernetes系统中最有用的功能，实现复制多个Pod副本，往往一个应用需要多个Pod来支撑，并且可以保证其复制的副本数，即使副本所调度分配的主宿机出现异常，通过Replication Controller可以保证在其它主宿机启用同等数量的Pod。Replication Controller可以通过repcon模板来创建多个Pod副本，同样也可以直接复制已存在Pod，需要通过Label selector来关联。<br/>3、Services<br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Services是Kubernetes最外围的单元，通过虚拟一个访问IP及服务端口，可以访问我们定义好的Pod资源，目前的版本是通过iptables的nat转发来实现，转发的目标端口为Kube_proxy生成的随机端口，目前只提供GOOGLE云上的访问调度，如GCE。如果与我们自建的平台进行整合？请关注下篇《kubernetes与HECD架构的整合》文章。<br/>4、Labels<br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Labels是用于区分Pod、Service、Replication Controller的key/value键值对，仅使用在Pod、Service、 Replication Controller之间的关系识别，但对这些单元本身进行操作时得使用name标签。<br/>5、Proxy<br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Proxy不但解决了同一主宿机相同服务端口冲突的问题，还提供了Service转发服务端口对外提供服务的能力，Proxy后端使用了随机、轮循负载均衡算法。<br/><br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;说说个人一点看法，目前Kubernetes 保持一周一小版本、一个月一大版本的节奏，迭代速度极快，同时也带来了不同版本操作方法的差异，另外官网文档更新速度相对滞后及欠缺，给初学者带来一定挑战。在上游接入层官方侧重点还放在GCE（Google Compute Engine）的对接优化，针对个人私有云还未推出一套可行的接入解决方案。在v0.5版本中才引用service代理转发的机制，且是通过iptables来实现，在高并发下性能令人担忧。但作者依然看好Kubernetes未来的发展，至少目前还未看到另外一个成体系、具备良好生态圈的平台，相信在V1.0时就会具备生产环境的服务支撑能力。<br/><br/><strong>一、环境部署</strong><br/>1、平台版本说明<br/>&nbsp;&nbsp;&nbsp;&nbsp;1）Centos7.0 OS<br/>&nbsp;&nbsp;&nbsp;&nbsp;2）Kubernetes V0.6.2<br/>&nbsp;&nbsp;&nbsp;&nbsp;3）etcd version 0.4.6<br/>&nbsp;&nbsp;&nbsp;&nbsp;4）Docker version 1.3.2<br/><br/>2、平台环境说明<br/><a href="https://blog.liuts.com/attachment.php?fid=369" target="_blank"><img src="https://blog.liuts.com/attachment.php?fid=369" class="insertimage" alt="点击在新窗口中浏览此图片" title="点击在新窗口中浏览此图片" border="0"/></a><br/><br/>3、环境安装<br/>&nbsp;&nbsp;&nbsp;&nbsp;1）系统初始化工作（所有主机）<br/>&nbsp;&nbsp;&nbsp;&nbsp;系统安装-选择[最小化安装]<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;# yum -y install wget ntpdate bind-utils<br/>&nbsp;&nbsp;&nbsp;&nbsp;# wget http://mirror.centos.org/centos/7/extras/x86_64/Packages/epel-release-7-2.noarch.rpm<br/>&nbsp;&nbsp;&nbsp;&nbsp;# yum update<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;CentOS 7.0默认使用的是firewall作为防火墙，这里改为iptables防火墙（熟悉度更高，非必须）。<br/>&nbsp;&nbsp;&nbsp;&nbsp;1.1、关闭firewall：<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;# systemctl stop firewalld.service #停止firewall<br/>&nbsp;&nbsp;&nbsp;&nbsp;# systemctl disable firewalld.service #禁止firewall开机启动<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;1.2、安装iptables防火墙<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;# yum install iptables-services #安装<br/>&nbsp;&nbsp;&nbsp;&nbsp;# systemctl start iptables.service #最后重启防火墙使配置生效<br/>&nbsp;&nbsp;&nbsp;&nbsp;# systemctl enable iptables.service #设置防火墙开机启动<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;2）安装Etcd（192.168.1.10主机）<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;# mkdir -p /home/install && cd /home/install&nbsp;&nbsp;<br/>&nbsp;&nbsp;&nbsp;&nbsp;# wget https://github.com/coreos/etcd/releases/download/v0.4.6/etcd-v0.4.6-linux-amd64.tar.gz&nbsp;&nbsp;<br/>&nbsp;&nbsp;&nbsp;&nbsp;# tar -zxvf etcd-v0.4.6-linux-amd64.tar.gz&nbsp;&nbsp;<br/>&nbsp;&nbsp;&nbsp;&nbsp;# cd etcd-v0.4.6-linux-amd64&nbsp;&nbsp;<br/>&nbsp;&nbsp;&nbsp;&nbsp;# cp etcd* /bin/&nbsp;&nbsp;<br/>&nbsp;&nbsp;&nbsp;&nbsp;# /bin/etcd -version&nbsp;&nbsp;<br/>&nbsp;&nbsp;&nbsp;&nbsp;etcd version 0.4.6&nbsp;&nbsp;<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;启动服务etcd服务，如有提供第三方管理需求，另需在启动参数中添加“-cors='*'”参数。<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;# mkdir /data/etcd&nbsp;&nbsp;<br/>&nbsp;&nbsp;&nbsp;&nbsp;# /bin/etcd -name etcdserver -peer-addr 192.168.1.10:7001 -addr 192.168.1.10:4001 -data-dir /data/etcd -peer-bind-addr 0.0.0.0:7001 -bind-addr 0.0.0.0:4001 &<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;配置etcd服务防火墙，其中4001为服务端口，7001为集群数据交互端口。<br/>&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;# iptables -I INPUT -s 192.168.1.0/24 -p tcp --dport 4001 -j ACCEPT<br/>&nbsp;&nbsp;&nbsp;&nbsp;# iptables -I INPUT -s 192.168.1.0/24 -p tcp --dport 7001 -j ACCEPT<br/>&nbsp;&nbsp; </div></div><br/><br/>&nbsp;&nbsp;&nbsp;&nbsp;3）安装Kubernetes（涉及所有Master、Minion主机）<br/>&nbsp;&nbsp;&nbsp;&nbsp;通过yum源方式安装，默认将安装etcd, docker, and cadvisor相关包。<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;# curl https://copr.fedoraproject.org/coprs/eparis/kubernetes-epel-7/repo/epel-7/eparis-kubernetes-epel-7-epel-7.repo -o /etc/yum.repos.d/eparis-kubernetes-epel-7-epel-7.repo<br/>&nbsp;&nbsp;&nbsp;&nbsp;#yum -y install kubernetes<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;升级至v0.6.2，覆盖bin文件即可，方法如下：<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;# mkdir -p /home/install && cd /home/install<br/>&nbsp;&nbsp;&nbsp;&nbsp;# wget https://github.com/GoogleCloudPlatform/kubernetes/releases/download/v0.6.2/kubernetes.tar.gz<br/>&nbsp;&nbsp;&nbsp;&nbsp;# tar -zxvf kubernetes.tar.gz<br/>&nbsp;&nbsp;&nbsp;&nbsp;# tar -zxvf kubernetes/server/kubernetes-server-linux-amd64.tar.gz<br/>&nbsp;&nbsp;&nbsp;&nbsp;# cp kubernetes/server/bin/kube* /usr/bin<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;校验安装结果，出版以下信息说明安装正常。<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;[root@SN2014-12-200 bin]# /usr/bin/kubectl version<br/>&nbsp;&nbsp;&nbsp;&nbsp;Client Version: version.Info&#123;Major:"0", Minor:"6+", GitVersion:"v0.6.2", GitCommit:"729fde276613eedcd99ecf5b93f095b8deb64eb4", GitTreeState:"clean"&#125;<br/>&nbsp;&nbsp;&nbsp;&nbsp;Server Version: &version.Info&#123;Major:"0", Minor:"6+", GitVersion:"v0.6.2", GitCommit:"729fde276613eedcd99ecf5b93f095b8deb64eb4", GitTreeState:"clean"&#125;<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;4）Kubernetes配置（仅Master主机）<br/>&nbsp;&nbsp;&nbsp;&nbsp;master运行三个组件,包括apiserver、scheduler、controller-manager，相关配置项也只涉及这三块。<br/>4.1、【/etc/kubernetes/config】<br/><textarea name="code" class="c" rows="15" cols="100">
# Comma seperated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd_servers=http://192.168.1.10:4001"

# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"

# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"

# Should this cluster be allowed to run privleged docker containers
KUBE_ALLOW_PRIV="--allow_privileged=false"
</textarea><br/>4.2、【/etc/kubernetes/apiserver】<br/><textarea name="code" class="c" rows="15" cols="100">
# The address on the local server to listen to.
KUBE_API_ADDRESS="--address=0.0.0.0"

# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"

# How the replication controller and scheduler find the kube-apiserver
KUBE_MASTER="--master=192.168.1.200:8080"

# Port minions listen on
KUBELET_PORT="--kubelet_port=10250"

# Address range to use for services
KUBE_SERVICE_ADDRESSES="--portal_net=10.254.0.0/16"

# Add you own!
KUBE_API_ARGS=""
</textarea><br/>4.3、【/etc/kubernetes/controller-manager】<br/><textarea name="code" class="c" rows="15" cols="100">
# Comma seperated list of minions
KUBELET_ADDRESSES="--machines= 192.168.1.201,192.168.1.202"

# Add you own!
KUBE_CONTROLLER_MANAGER_ARGS=""
</textarea><br/>4.4、【/etc/kubernetes/scheduler】<br/><textarea name="code" class="c" rows="15" cols="100">
# Add your own!
KUBE_SCHEDULER_ARGS=""
</textarea><br/>&nbsp;&nbsp;&nbsp;&nbsp;启动master侧相关服务<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;# systemctl daemon-reload<br/>&nbsp;&nbsp;&nbsp;&nbsp;# systemctl start kube-apiserver.service kube-controller-manager.service kube-scheduler.service<br/>&nbsp;&nbsp;&nbsp;&nbsp;# systemctl enable kube-apiserver.service kube-controller-manager.service kube-scheduler.service<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;5）Kubernetes配置（仅minion主机）<br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;minion运行两个组件,包括kubelet、proxy，相关配置项也只涉及这两块。<br/>&nbsp;&nbsp;&nbsp;&nbsp;Docker启动脚本更新<br/>&nbsp;&nbsp;&nbsp;&nbsp;# vi /etc/sysconfig/docker<br/>&nbsp;&nbsp;&nbsp;&nbsp;添加：-H tcp://0.0.0.0:2375，最终配置如下，以便以后提供远程API维护。<br/>&nbsp;&nbsp;&nbsp;&nbsp;OPTIONS=--selinux-enabled -H tcp://0.0.0.0:2375 -H fd://<br/><br/>&nbsp;&nbsp;&nbsp;&nbsp;修改minion防火墙配置，通常master找不到minion主机多半是由于端口没有连通。<br/>&nbsp;&nbsp;&nbsp;&nbsp;iptables -I INPUT -s 192.168.1.200 -p tcp --dport 10250 -j ACCEPT<br/><br/>&nbsp;&nbsp;&nbsp;&nbsp;修改kubernetes minion端配置，以192.168.1.201主机为例，其它minion主机同理。<br/>5.1、【/etc/kubernetes/config】<br/><textarea name="code" class="c" rows="15" cols="100">
# Comma seperated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd_servers=http://192.168.1.10:4001"

# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"

# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"

# Should this cluster be allowed to run privleged docker containers
KUBE_ALLOW_PRIV="--allow_privileged=false"
</textarea><br/>5.2、【/etc/kubernetes/kubelet】<br/><textarea name="code" class="c" rows="15" cols="100">
###
# kubernetes kubelet (minion) config

# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=0.0.0.0"

# The port for the info server to serve on
KUBELET_PORT="--port=10250"

# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname_override=192.168.1.201"

# Add your own!
KUBELET_ARGS=""
</textarea><br/>5.3、【/etc/kubernetes/proxy】<br/><textarea name="code" class="c" rows="15" cols="100">
KUBE_PROXY_ARGS=""
</textarea><br/>启动kubernetes服务<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/># systemctl daemon-reload<br/># systemctl enable docker.service kubelet.service kube-proxy.service<br/># systemctl start docker.service kubelet.service kube-proxy.service<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>3、校验安装(在master主机操作，或可访问master主机8080端口的client api主机)<br/>&nbsp;&nbsp;1) kubernetes常用命令<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/># kubectl get minions&nbsp;&nbsp;&nbsp;&nbsp;#查查看minion主机<br/># kubectl get pods&nbsp;&nbsp;&nbsp;&nbsp;#查看pods清单<br/># kubectl get services 或 kubectl get services -o json&nbsp;&nbsp;&nbsp;&nbsp;#查看service清单<br/># kubectl get replicationControllers&nbsp;&nbsp;&nbsp;&nbsp;#查看replicationControllers清单<br/># for i in `kubectl get pod&#124;tail -n +2&#124;awk '&#123;print $1&#125;'`; do kubectl delete pod $i; done&nbsp;&nbsp;&nbsp;&nbsp;#删除所有pods<br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;或者通过Server api for REST方式（推荐，及时性更高）：<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/># curl -s -L http://192.168.1.200:8080/api/v1beta1/version &#124; python -mjson.tool&nbsp;&nbsp;&nbsp;&nbsp;#查看kubernetes版本<br/># curl -s -L http://192.168.1.200:8080/api/v1beta1/pods &#124; python -mjson.tool&nbsp;&nbsp;&nbsp;&nbsp;#查看pods清单<br/># curl -s -L http://192.168.1.200:8080/api/v1beta1/replicationControllers &#124; python -mjson.tool&nbsp;&nbsp;&nbsp;&nbsp;#查看replicationControllers清单<br/># curl -s -L http://192.168.1.200:8080/api/v1beta1/minions &#124; python -m json.tool&nbsp;&nbsp;&nbsp;&nbsp;#查查看minion主机<br/># curl -s -L http://192.168.1.200:8080/api/v1beta1/services &#124; python -m json.tool&nbsp;&nbsp;&nbsp;&nbsp;#查看service清单<br/>&nbsp;&nbsp;&nbsp;&nbsp; </div></div><br/><span style="color: #DC143C;">注：在新版kubernetes中，所有的操作命令都整合至kubectl，包括kubecfg、kubectl.sh、kubecfg.sh等</span><br/><br/>&nbsp;&nbsp;2）创建测试pod单元<br/>&nbsp;&nbsp; # /home/kubermange/pods && cd /home/kubermange/pods<br/>&nbsp;&nbsp; # vi apache-pod.json<br/><textarea name="code" class="python" rows="15" cols="100">
&#123;
&nbsp;&nbsp;"id": "fedoraapache",
&nbsp;&nbsp;"kind": "Pod",
&nbsp;&nbsp;"apiVersion": "v1beta1",
&nbsp;&nbsp;"desiredState": &#123;
&nbsp;&nbsp;&nbsp;&nbsp;"manifest": &#123;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"version": "v1beta1",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"id": "fedoraapache",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"containers": [&#123;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"name": "fedoraapache",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"image": "fedora/apache",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"ports": [&#123;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"containerPort": 80,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"hostPort": 8080
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&#125;]
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&#125;]
&nbsp;&nbsp;&nbsp;&nbsp;&#125;
&nbsp;&nbsp;&#125;,
&nbsp;&nbsp;"labels": &#123;
&nbsp;&nbsp;&nbsp;&nbsp;"name": "fedoraapache"
&nbsp;&nbsp;&#125;
&#125;
</textarea><br/>&nbsp;&nbsp;&nbsp;&nbsp;# kubectl create -f apache-pod.json<br/>&nbsp;&nbsp;&nbsp;&nbsp;# kubectl get pod<br/><div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;IMAGE(S)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;HOST&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;LABELS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;STATUS<br/>fedoraapache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.202/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/></div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;启动浏览器访问http://192.168.1.202:8080/，对应的服务端口切记在iptables中已添加。效果图如下：<br/><a href="https://blog.liuts.com/attachment.php?fid=370" target="_blank"><img src="https://blog.liuts.com/attachment.php?fid=370" class="insertimage" alt="点击在新窗口中浏览此图片" title="点击在新窗口中浏览此图片" border="0"/></a><br/>&nbsp;&nbsp;&nbsp;&nbsp;观察kubernetes在etcd中的数据存储结构<br/><a href="https://blog.liuts.com/attachment.php?fid=373" target="_blank"><img src="https://blog.liuts.com/attachment.php?fid=373" class="insertimage" alt="点击在新窗口中浏览此图片" title="点击在新窗口中浏览此图片" border="0"/></a><br/><br/>&nbsp;&nbsp;&nbsp;&nbsp;观察单个pods的数据存储结构，以json的格式存储。<br/><a href="https://blog.liuts.com/attachment.php?fid=374" target="_blank"><img src="https://blog.liuts.com/attachment.php?fid=374" class="insertimage" alt="点击在新窗口中浏览此图片" title="点击在新窗口中浏览此图片" border="0"/></a><br/><br/><strong>二、实战操作</strong><br/>&nbsp;&nbsp;&nbsp;&nbsp;任务：通过Kubernetes创建一个LNMP架构的服务集群，以及观察其负载均衡，涉及镜像“yorko/webserver”已经push至registry.hub.docker.com，大家可以通过“docker pull yorko/webserver”下载。<br/>&nbsp;&nbsp;&nbsp;&nbsp;<div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>&nbsp;&nbsp;&nbsp;&nbsp;# mkdir -p /home/kubermange/replication && mkdir -p /home/kubermange/service<br/>&nbsp;&nbsp;&nbsp;&nbsp;# cd /home/kubermange/replication <br/>&nbsp;&nbsp;&nbsp;&nbsp;</div></div><br/>1、 创建一个replication ，本例直接在replication模板中创建pod并复制，也可独立创建pod再通过replication来复制。<br/>【replication/lnmp-replication.json】<br/><textarea name="code" class="python" rows="15" cols="100">
&#123;
&nbsp;&nbsp;"id": "webserverController",
&nbsp;&nbsp;"kind": "ReplicationController",
&nbsp;&nbsp;"apiVersion": "v1beta1",
&nbsp;&nbsp;"labels": &#123;"name": "webserver"&#125;,
&nbsp;&nbsp;"desiredState": &#123;
&nbsp;&nbsp;&nbsp;&nbsp;"replicas": 2,
&nbsp;&nbsp;&nbsp;&nbsp;"replicaSelector": &#123;"name": "webserver_pod"&#125;,
&nbsp;&nbsp;&nbsp;&nbsp;"podTemplate": &#123;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"desiredState": &#123;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "manifest": &#123;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "version": "v1beta1",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "id": "webserver",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "volumes": [
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#123;"name":"httpconf", "source":&#123;"hostDir":&#123;"path":"/etc/httpd/conf"&#125;&#125;&#125;,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#123;"name":"httpconfd", "source":&#123;"hostDir":&#123;"path":"/etc/httpd/conf.d"&#125;&#125;&#125;,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#123;"name":"httproot", "source":&#123;"hostDir":&#123;"path":"/data"&#125;&#125;&#125;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;],
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "containers": [&#123;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "name": "webserver",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "image": "yorko/webserver",
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "command": ["/bin/sh", "-c", "/usr/bin/supervisord -c /etc/supervisord.conf"],
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "volumeMounts": [
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#123;"name":"httpconf", "mountPath":"/etc/httpd/conf"&#125;,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#123;"name":"httpconfd", "mountPath":"/etc/httpd/conf.d"&#125;,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#123;"name":"httproot", "mountPath":"/data"&#125;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;],
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "cpu": 100,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "memory": 50000000,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "ports": [&#123;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "containerPort": 80,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#125;,&#123;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "containerPort": 22,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&#125;]
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#125;]
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#125;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#125;,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; "labels": &#123;"name": "webserver_pod"&#125;,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&#125;,
&nbsp;&nbsp;&#125;
&#125;
</textarea><br/>&nbsp;&nbsp;&nbsp;&nbsp;执行创建命令<br/>&nbsp;&nbsp;&nbsp;&nbsp;#kubectl create -f lnmp-replication.json<br/>&nbsp;&nbsp;&nbsp;&nbsp;观察生成的pod副本清单：<br/>[root@SN2014-12-200 replication]# kubectl get pod<br/><div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IMAGE(S)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;HOST&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;LABELS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; STATUS<br/>84150ab7-89f8-11e4-970d-000c292f1620&nbsp;&nbsp; yorko/webserver&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.202/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=webserver_pod&nbsp;&nbsp; Running<br/>84154ed5-89f8-11e4-970d-000c292f1620&nbsp;&nbsp; yorko/webserver&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.201/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=webserver_pod&nbsp;&nbsp; Running<br/>840beb1b-89f8-11e4-970d-000c292f1620&nbsp;&nbsp; yorko/webserver&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.202/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=webserver_pod&nbsp;&nbsp; Running<br/>84152d93-89f8-11e4-970d-000c292f1620&nbsp;&nbsp; yorko/webserver&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.202/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=webserver_pod&nbsp;&nbsp; Running<br/>840db120-89f8-11e4-970d-000c292f1620&nbsp;&nbsp; yorko/webserver&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.201/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=webserver_pod&nbsp;&nbsp; Running<br/>8413b4f3-89f8-11e4-970d-000c292f1620&nbsp;&nbsp; yorko/webserver&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.201/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=webserver_pod&nbsp;&nbsp; Running<br/></div></div><br/>2、创建一个service，通过selector指定 "name": "webserver_pod"与pods关联。<br/>【service/lnmp-service.json】<br/><textarea name="code" class="python" rows="15" cols="100">
&#123;
&nbsp;&nbsp;"id": "webserver",
&nbsp;&nbsp;"kind": "Service",
&nbsp;&nbsp;"apiVersion": "v1beta1",
&nbsp;&nbsp;"selector": &#123;
&nbsp;&nbsp;&nbsp;&nbsp;"name": "webserver_pod",
&nbsp;&nbsp;&#125;,
&nbsp;&nbsp;"protocol": "TCP",
&nbsp;&nbsp;"containerPort": 80,
&nbsp;&nbsp;"port": 8080
&#125;
</textarea><br/>&nbsp;&nbsp;&nbsp;&nbsp;执行创建命令：<br/>&nbsp;&nbsp;&nbsp;&nbsp;# kubectl create -f lnmp-service.json<br/><br/>&nbsp;&nbsp;&nbsp;&nbsp;登录minion主机（192.168.1.201），查询主宿机生成的iptables转发规则（最后一行）<br/>&nbsp;&nbsp;&nbsp;&nbsp;# iptables -nvL -t nat<br/><div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>Chain KUBE-PROXY (2 references)<br/> pkts bytes target&nbsp;&nbsp;&nbsp;&nbsp; prot opt in&nbsp;&nbsp;&nbsp;&nbsp; out&nbsp;&nbsp;&nbsp;&nbsp; source&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; destination&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <br/>&nbsp;&nbsp;&nbsp;&nbsp;2&nbsp;&nbsp; 120 REDIRECT&nbsp;&nbsp; tcp&nbsp;&nbsp;--&nbsp;&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.254.102.162&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* kubernetes */ tcp dpt:443 redir ports 47700<br/>&nbsp;&nbsp;&nbsp;&nbsp;1&nbsp;&nbsp;&nbsp;&nbsp;60 REDIRECT&nbsp;&nbsp; tcp&nbsp;&nbsp;--&nbsp;&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.254.28.74&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* kubernetes-ro */ tcp dpt:80 redir ports 60099<br/>&nbsp;&nbsp;&nbsp;&nbsp;0&nbsp;&nbsp;&nbsp;&nbsp; 0 REDIRECT&nbsp;&nbsp; tcp&nbsp;&nbsp;--&nbsp;&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;*&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;10.254.216.51&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;/* webserver */ tcp dpt:8080 redir ports 40689<br/></div></div><br/>&nbsp;&nbsp;&nbsp;&nbsp;访问测试，http://192.168.1.201:40689/info.php，刷新浏览器发现proxy后端的变化，默认为随机轮循算法。<br/><a href="https://blog.liuts.com/attachment.php?fid=371" target="_blank"><img src="https://blog.liuts.com/attachment.php?fid=371" class="insertimage" alt="点击在新窗口中浏览此图片" title="点击在新窗口中浏览此图片" border="0"/></a><br/><a href="https://blog.liuts.com/attachment.php?fid=372" target="_blank"><img src="https://blog.liuts.com/attachment.php?fid=372" class="insertimage" alt="点击在新窗口中浏览此图片" title="点击在新窗口中浏览此图片" border="0"/></a><br/><br/><strong>三、测试过程</strong><br/>&nbsp;&nbsp;&nbsp;&nbsp;1、pods自动复制、销毁测试，观察kubernetes自动保持副本数（6份）<br/>删除replicationcontrollers中一个副本fedoraapache<br/>[root@SN2014-12-200 pods]# kubectl delete pods fedoraapache<br/>I1219 23:59:39.305730&nbsp;&nbsp;&nbsp;&nbsp;9516 restclient.go:133] Waiting for completion of operation 142530<br/>fedoraapache<br/><div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>[root@SN2014-12-200 pods]# kubectl get pods<br/>NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IMAGE(S)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;HOST&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;LABELS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;STATUS<br/>5d70892e-8794-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.201/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/>5d715e56-8794-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.202/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/>5d717f8d-8794-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.202/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/>5d71c584-8794-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.201/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/>5d71a494-8794-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.202/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/></div></div><br/>#自动生成出一个副本，保持6份的效果<br/><div class="quote"><div class="quote-title">引用</div><div class="quote-content"><br/>[root@SN2014-12-200 pods]# kubectl get pods<br/>NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IMAGE(S)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;HOST&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;LABELS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;STATUS<br/>5d717f8d-8794-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.202/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/>5d71c584-8794-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.201/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/>5d71a494-8794-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.202/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/>2a8fb993-8798-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.201/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/>5d70892e-8794-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.201/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/>5d715e56-8794-11e4-970d-000c292f1620&nbsp;&nbsp; fedora/apache&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.1.202/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;name=fedoraapache&nbsp;&nbsp; Running<br/></div></div><br/>2、测试不同角色模块中的hostPort<br/>&nbsp;&nbsp;&nbsp;&nbsp;1）pod中hostPort为空，而replicationcontrollers为指定端口，则异常；两侧都指定端口，相同或不同时都异常；pod的hostport为指定，另replicationcon为空，则正常；pod的hostport为空，另replicationcon为空，则正常；结论是在replicationcontrollers场景不能指定hostport，否则异常，待持续测试。<br/>&nbsp;&nbsp;&nbsp;&nbsp;2）结论：在replicationcontronllers.json中，"replicaSelector": &#123;"name": "webserver_pod"&#125;要与"labels": &#123;"name": "webserver_pod"&#125;以及service中的"selector": &#123;"name": "webserver_pod"｝保持一致；<br/><br/>请关注下篇《kubernetes与HECD架构的整合》，近期推出。<br/><br/>参考文献：<br/>https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/getting-started-guides/fedora/fedora_manual_config.md<br/>https://github.com/GoogleCloudPlatform/kubernetes/blob/master/DESIGN.md<br/>http://www.infoq.com/cn/articles/Kubernetes-system-architecture-introduction<br/><br/>转载请注明来源 http://blog.liuts.com/post/247/<br/>Tags - <a href="https://blog.liuts.com/tags/docker/" rel="tag">docker</a> , <a href="https://blog.liuts.com/tags/kubernetes/" rel="tag">kubernetes</a> , <a href="https://blog.liuts.com/tags/%25E5%25AE%25B9%25E5%2599%25A8%25E7%25AE%25A1%25E7%2590%2586/" rel="tag">容器管理</a> , <a href="https://blog.liuts.com/tags/%25E5%2588%2598%25E5%25A4%25A9%25E6%2596%25AF/" rel="tag">刘天斯</a>
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/247/#blogcomment2527</link>
<title><![CDATA[[评论] 基于kubernetes构建Docker集群管理详解]]></title> 
<author>wangcongxiang &lt;user@domain.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Wed, 24 Dec 2014 13:04:58 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/#blogcomment2527</guid> 
<description>
<![CDATA[ 
	我下了最新的0.7.1，运行kubectl create -f apache-pod.json报错
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/247/#blogcomment2528</link>
<title><![CDATA[[评论] 基于kubernetes构建Docker集群管理详解]]></title> 
<author>wangcongxiang &lt;user@domain.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Wed, 24 Dec 2014 13:06:26 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/#blogcomment2528</guid> 
<description>
<![CDATA[ 
	couldn&#039;t get version/kind: error converting YAML to JSON: yaml: line 15: did not find expected &#039;,&#039; or &#039;&#125;&#039;
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/247/#blogcomment2529</link>
<title><![CDATA[[评论] 基于kubernetes构建Docker集群管理详解]]></title> 
<author>wangcongxiang &lt;user@domain.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Thu, 25 Dec 2014 05:23:32 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/#blogcomment2529</guid> 
<description>
<![CDATA[ 
	我执行的就是本文中的命令，也是用的.json文件，报的这个错确实奇怪，不过我后来换了一个0.3时候测试的.json文件就不报错了。
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/247/#blogcomment2549</link>
<title><![CDATA[[评论] 基于kubernetes构建Docker集群管理详解]]></title> 
<author>Tom &lt;user@domain.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Wed, 31 Dec 2014 08:29:32 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/#blogcomment2549</guid> 
<description>
<![CDATA[ 
	天斯哥....想问问你..这个json文件必须得自己写吗？？？里面很多选项我都看不明白啊...还有，如果用json文件的，那怎么样用它来指定我内部的docker仓库呢？？因为直接从外网下镜像感觉很慢，而且有时还下不下来....感谢指导。
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/247/#blogcomment2550</link>
<title><![CDATA[[评论] 基于kubernetes构建Docker集群管理详解]]></title> 
<author>Tom &lt;user@domain.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Wed, 31 Dec 2014 09:48:20 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/#blogcomment2550</guid> 
<description>
<![CDATA[ 
	天斯哥...这个json文件中有哪些属性是可以用的啊？？？有没有一个详细的说明文档啊..我找了半天都没找到...天斯哥..还望指定啊
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/247/#blogcomment2552</link>
<title><![CDATA[[评论] 基于kubernetes构建Docker集群管理详解]]></title> 
<author>Yun &lt;user@domain.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Tue, 06 Jan 2015 03:15:38 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/#blogcomment2552</guid> 
<description>
<![CDATA[ 
	请教下，我用自己的容器测试的。2台机器，master启了kubelet和proxy。分别访问master和minion上的应用都是好的，但通过service访问，内容一直是master上容器返回，master日志/var/log/upstart/kube-proxy.log里有如下信息。 E0105 12:50:21.908164 17848 proxier.go:77] Dial failed: dial tcp 172.17.0.205:8161: no route to host 问题来了，docker0的ip一样，而现在proxy想访问minion容器里的地址，怎么解决。
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/247/#blogcomment2554</link>
<title><![CDATA[[评论] 基于kubernetes构建Docker集群管理详解]]></title> 
<author>YUN &lt;user@domain.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Wed, 07 Jan 2015 07:20:16 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/#blogcomment2554</guid> 
<description>
<![CDATA[ 
	我方向可能找错了。E0107 15:17:53.969562&nbsp;&nbsp; 23004 proxier.go:77] Dial failed: dial tcp 172.17.0.12:8161: no route to hostE0107 15:17:54.969934&nbsp;&nbsp; 23004 proxier.go:77] Dial failed: dial tcp 172.17.0.12:8161: i/o timeout我的意思是，service启了以后，我发现service可能在master上，也可能在minions上。不管在哪，proxy的日志里，显示它不能访问另一台机器的容器地址。也即，当前service永远是拿自己的容器提供的服务，另一台它访问不了。
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/247/#blogcomment2559</link>
<title><![CDATA[[评论] 基于kubernetes构建Docker集群管理详解]]></title> 
<author>汤佳兴 &lt;user@domain.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Mon, 12 Jan 2015 06:19:56 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/#blogcomment2559</guid> 
<description>
<![CDATA[ 
	天斯兄....小弟在测试的过程中，感觉这个service好像只能包含同Minion中的Container才能访问，是这样吗？？？因为我在创建replication的时候指定了数量为2，创建出来刚好分布在不同的Minion上，我创建完service后测试，必须得输入两个Minion端的IP才能访问...这样的话，是不是前端最好弄个代理会好点....
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/247/#blogcomment2560</link>
<title><![CDATA[[评论] 基于kubernetes构建Docker集群管理详解]]></title> 
<author>hiker &lt;hisns@qq.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Fri, 23 Jan 2015 09:01:14 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/#blogcomment2560</guid> 
<description>
<![CDATA[ 
	天斯大人: Python 你用的是什么 IDE。我也想学习。
]]>
</description>
</item><item>
<link>https://blog.liuts.com/post/247/#blogcomment2565</link>
<title><![CDATA[[评论] 基于kubernetes构建Docker集群管理详解]]></title> 
<author>liuyt &lt;liuyt.nuaa@gmail.com&gt;</author>
<category><![CDATA[评论]]></category>
<pubDate>Wed, 25 Feb 2015 08:04:53 +0000</pubDate> 
<guid>https://blog.liuts.com/post/247/#blogcomment2565</guid> 
<description>
<![CDATA[ 
	请教一下。我在ubuntu上单物理机安装Kubernetes。环境是ubuntu 14.04，Kubernetes 0.11.0，etcd&nbsp;&nbsp;2.0.3。安装完成后 查询如 version，pods，replicationControllers ,services, 都正常但是minions异常，显示&quot;reason&quot;: &quot;Node health check failed: kubelet /healthz endpoint returns not ok&quot;,&quot;status&quot;: &quot;None查看服务kubelet和kube-proxy是启动着的。端口10250也是被kubelet打开着的。想知道这个health是怎么检测出来的，以及大概出错的可能原因
]]>
</description>
</item>
</channel>
</rss>