kubeadm方式安装k8s

墨染默笙2024-09-06 11:49

一、集群可用性验证
1. 验证节点

[root@master ~]# kubectl get node # 全部为Ready,
是正常
NAME STATUS ROLES AGE 
VERSION
k8s-node01 Ready <none> 156m 
v1.28.2
k8s-node02 Ready <none> 155m 
v1.28.2
master Ready control-plane 157m 
v1.28.2

2. 验证 Pod

[root@master ~]# kubectl get po -A # 全部为
running,表示正常
NAMESPACE NAME 
 READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-
6d48795585-wj8g5 1/1 Running 0 
156m
kube-system calico-node-bk4p5 
1/1 Running 0 156m
kube-system calico-node-kmsh7 
1/1 Running 0 156m
kube-system calico-node-qthgh 
1/1 Running 0 156m
kube-system coredns-6554b8b87f-jdc2b 
1/1 Running 0 
159m
kube-system coredns-6554b8b87f-thftb 
1/1 Running 0 
159m
kube-system etcd-master 
1/1 Running 0 159m
kube-system kube-apiserver-master 
1/1 Running 0 159m
kube-system kube-controller-managermaster 1/1 Running 0 
159m
kube-system kube-proxy-9sxt9 
1/1 Running 0 
5m6s
kube-system kube-proxy-g79z5 
1/1 Running 0 
5m7s
kube-system kube-proxy-scwgn 
1/1 Running 0 
5m9s
kube-system kube-scheduler-master 
1/1 Running 0 159m
kube-system metrics-server-8df99c47fmkbfd 1/1 Running 0 
154m
kubernetes-dashboard dashboard-metrics-scraper-
7b554c884f-92jwb 1/1 Running 0 
24m
kubernetes-dashboard kubernetes-dashboard-
54b699784c-f7trp 1/1 Running 0
 24m

3. 验证集群⽹段是否冲突
三⽅⽹段均不冲突( service 、 Pod 、宿主机)

[root@master ~]# kubectl get svc # 查看服务的⽹段
NAME TYPE CLUSTER-IP EXTERNAL-IP
 PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 
443/TCP 160m
[root@master ~]# kubectl get po -A -owide # 查看
所有命名空间下的所有⽹段,再与服务的⽹段进⾏⽐较
NAMESPACE NAME 
 READY STATUS RESTARTS AGE
 IP NODE NOMINATED NODE 
READINESS GATES
kube-system calico-kube-controllers-
6d48795585-wj8g5 1/1 Running 0 
158m 172.16.58.194 k8s-node02 <none> 
 <none>
kube-system calico-node-bk4p5 
1/1 Running 0 158m
192.168.15.22 k8s-node01 <none> 
<none>
kube-system calico-node-kmsh7 
1/1 Running 0 158m
192.168.15.33 k8s-node02 <none> 
<none>
kube-system calico-node-qthgh 
1/1 Running 0 158m
192.168.15.11 master <none> 
<none>
kube-system coredns-6554b8b87f-jdc2b 
1/1 Running 0 
160m 172.16.58.195 k8s-node02 <none> 
 <none>
kube-system coredns-6554b8b87f-thftb 
1/1 Running 0 
160m 172.16.58.193 k8s-node02 <none> 
 <none>
kube-system etcd-master 
1/1 Running 0 160m
192.168.15.11 master <none> 
<none>
kube-system kube-apiserver-master 
1/1 Running 0 160m
192.168.15.11 master <none> 
<none>
kube-system kube-controller-managermaster 1/1 Running 0 
160m 192.168.15.11 master <none> 
 <none>
kube-system kube-proxy-9sxt9 
1/1 Running 0 
6m29s 192.168.15.11 master <none> 
 <none>
kube-system kube-proxy-g79z5 
1/1 Running 0 
6m30s 192.168.15.33 k8s-node02 <none> 
 <none>
kube-system kube-proxy-scwgn 
1/1 Running 0 
6m32s 192.168.15.22 k8s-node01 <none> 
 <none>
kube-system kube-scheduler-master 
1/1 Running 0 160m
192.168.15.11 master <none> 
<none>
kube-system metrics-server-8df99c47fmkbfd 1/1 Running 0 
155m 172.16.85.193 k8s-node01 <none> 
 <none>
kubernetes-dashboard dashboard-metrics-scraper-
7b554c884f-92jwb 1/1 Running 0 
25m 172.16.85.195 k8s-node01 <none> 
 <none>
kubernetes-dashboard kubernetes-dashboard-
54b699784c-f7trp 1/1 Running 0
 25m 172.16.85.194 k8s-node01 <none> 
 <none>

4. 验证是否可正常创建参数

[root@master ~]# kubectl create deploy clustertest --image=registry.cnbeijing.aliyuncs.com/dotbalo/debug-tools -- sleep
3600
deployment.apps/cluster-test created # 已创建,表
示正常
[root@master ~]# kubectl get po
NAME READY STATUS 
RESTARTS AGE
cluster-test-66bb44bd88-sq8fx 1/1 Running 
0 41s
[root@master ~]# kubectl get po -owide
NAME READY STATUS 
RESTARTS AGE IP NODE 
NOMINATED NODE READINESS GATES
cluster-test-66bb44bd88-sq8fx 1/1 Running 
0 48s 172.16.58.196 k8s-node02 
<none> <none>

5. Pod 必须能够解析 Service
同 namespace 和跨 namespace
( 1 ) nslookup kubernetes

[root@master ~]# kubectl exec -it cluster-test-
66bb44bd88-sq8fx -- bash # 进⼊pod下的某个容器
(06:36 cluster-test-66bb44bd88-sq8fx:/) nslookup
kubernetes
Server: 10.96.0.10
Address: 10.96.0.10#53
Name: kubernetes.default.svc.cluster.local
Address: 10.96.0.1
# 可以解析到server的IP地址说明同namespace可以解析

( 2 ) nslookup kube-dns.kube-system

(06:36 cluster-test-66bb44bd88-sq8fx:/) nslookup
kube-dns.kube-system
Server: 10.96.0.10
Address: 10.96.0.10#53
Name: kube-dns.kube-system.svc.cluster.local
Address: 10.96.0.10
# 可以解析到server的第⼗个ip,说明可以解析到kube-dns,说
明跨namespace也可解析

6. 确认是否可访问 Kubernetes 443 kube-dns 53
每个节点都必须能访问 Kubernetes 的 kubernetes svc 443 和kube-dns 的 service 53

[root@master ~]# curl https://10.96.0.1:443
curl: (60) SSL certificate problem: unable to get
local issuer certificate
More details here:
https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server
and therefore could not
establish a secure connection to it. To learn more
about this situation and
how to fix it, please visit the web page mentioned
above.
[root@master ~]# curl 10.96.0.10:53
curl: (52) Empty reply from server

7. 确认各 Pod 之间是否可正常通信
同 namespace 和跨 namespace

[root@master ~]# kubectl get po -nkube-system -
owide
NAME READY 
STATUS RESTARTS AGE IP NODE 
 NOMINATED NODE READINESS GATES
calico-kube-controllers-6d48795585-wj8g5 1/1 
Running 0 170m 172.16.58.194 k8snode02 <none> <none>
calico-node-bk4p5 1/1 
Running 0 170m 192.168.15.22 k8snode01 <none> <none>
calico-node-kmsh7 1/1 
Running 0 170m 192.168.15.33 k8snode02 <none> <none>
calico-node-qthgh 1/1 
Running 0 170m 192.168.15.11 master
 <none> <none>
coredns-6554b8b87f-jdc2b 1/1 
Running 0 173m 172.16.58.195 k8snode02 <none> <none>
coredns-6554b8b87f-thftb 1/1 
Running 0 173m 172.16.58.193 k8snode02 <none> <none>
etcd-master 1/1 
Running 0 173m 192.168.15.11 master
 <none> <none>
kube-apiserver-master 1/1 
Running 0 173m 192.168.15.11 master
 <none> <none>
kube-controller-manager-master 1/1 
Running 0 173m 192.168.15.11 master
 <none> <none>
kube-proxy-9sxt9 1/1 
Running 0 19m 192.168.15.11 master
 <none> <none>
kube-proxy-g79z5 1/1 
Running 0 19m 192.168.15.33 k8snode02 <none> <none>
kube-proxy-scwgn 1/1 
Running 0 19m 192.168.15.22 k8snode01 <none> <none>
kube-scheduler-master 1/1 
Running 0 173m 192.168.15.11 master
 <none> <none>
metrics-server-8df99c47f-mkbfd 1/1 
Running 0 168m 172.16.85.193 k8snode01 <none> <none>
[root@master ~]# kubectl get po -owide
NAME READY STATUS 
RESTARTS AGE IP NODE 
NOMINATED NODE READINESS GATES
cluster-test-66bb44bd88-sq8fx 1/1 Running 
0 12m 172.16.58.196 k8s-node02 
<none> <none>
[root@master ~]# kubectl exec -it cluster-test-
66bb44bd88-sq8fx -- bash
(06:46 cluster-test-66bb44bd88-sq8fx:/) ping
172.16.58.195 -c 3
PING 172.16.58.195 (172.16.58.195) 56(84) bytes of
data.
64 bytes from 172.16.58.195: icmp_seq=1 ttl=63
time=0.455 ms
64 bytes from 172.16.58.195: icmp_seq=2 ttl=63
time=0.082 ms
64 bytes from 172.16.58.195: icmp_seq=3 ttl=63
time=0.082 ms
--- 172.16.58.195 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss,
time 2083ms
rtt min/avg/max/mdev = 0.082/0.206/0.455/0.176 ms

同机器和跨机器

[root@master ~]# kubectl get po -owide
NAME READY STATUS 
RESTARTS AGE IP NODE 
NOMINATED NODE READINESS GATES
cluster-test-66bb44bd88-sq8fx 1/1 Running 
0 13m 172.16.58.196 k8s-node02 
<none> <none>
[root@master ~]# ping 172.16.58.196 -c 3
PING 172.16.58.196 (172.16.58.196) 56(84) bytes of
data.
64 bytes from 172.16.58.196: icmp_seq=1 ttl=63
time=0.676 ms
64 bytes from 172.16.58.196: icmp_seq=2 ttl=63
time=0.303 ms
64 bytes from 172.16.58.196: icmp_seq=3 ttl=63
time=0.284 ms
--- 172.16.58.196 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss,
time 2043ms
rtt min/avg/max/mdev = 0.284/0.421/0.676/0.180 ms
相关推荐
南猿北者5 分钟前
Docker Volume
运维·docker·容器
网络研究院2 小时前
Am I Isolated:一款安全态势基准测试工具
容器·工具·基准测试·安全态势
矛取矛求3 小时前
Linux如何更优质调节系统性能
linux
内核程序员kevin4 小时前
在Linux环境下使用Docker打包和发布.NET程序并配合MySQL部署
linux·mysql·docker·.net
kayotin4 小时前
Wordpress博客配置2024
linux·mysql·docker
Ztiddler5 小时前
【Linux Shell命令-不定期更新】
linux·运维·服务器·ssh
小小不董5 小时前
Oracle OCP认证考试考点详解082系列16
linux·运维·服务器·数据库·oracle·dba
a1denzzz5 小时前
Linux系统的网络设置
linux·服务器·网络
颜淡慕潇6 小时前
【K8S问题系列 | 9】如何监控集群CPU使用率并设置告警?
后端·云原生·容器·kubernetes·问题解决
运维&陈同学6 小时前
【模块一】kubernetes容器编排进阶实战之k8s基础概念
运维·docker·云原生·容器·kubernetes·云计算
热门推荐
01聊聊 Python 中的同步原语,为什么有了 GIL 还需要同步原语02【HarmonyOS】HUAWEI DevEco Studio 下载地址汇总03Windows10安装PCL1.14.0及点云配准04C++——超强级病毒代码05全面解析:构建基于深度学习的安全帽检测系统(UI界面+YOLO代码+数据集)06组基轨迹建模 GBTM的介绍与实现(Stata 或 R)07硬件预取之空间预取08Ubuntu 20.04使用Livox mid 360 测试 FAST_LIO09Coze扣子平台完整体验和实践(附国内和国际版对比)10【SCS-CN】SCS-CN模型中CN值的确定