环境依赖
- 需要事先正确安装
Docker Desktop - 笔记本最好不低于16G内存
背景说明
学习Kubernetes的第一步就需要搭建一个可用的Kubernetes环境,这里针对Windows的安装过程做简要记录
解决方案
事先安装Docker Desktop
image.png
日志目录
安装过程中可能会出现错误需要我们及时查看日志来排查问题,日志目录:C:\ProgramData\DockerDesktop
image.png
版本确认
首先确认当前需要安装的版本,从下图中可以看到需要安装的版本为v1.22.4
image.png
镜像配置
确认镜像源配置为阿里云镜像加速
image.png
安装镜像
由于国内的网络问题,直接启用Kubernetes会无法正常启动,如下图所示
image.png
此时在github开源库中提供了镜像的阿里云方案https://github.com/AliyunContainerService/k8s-for-docker-desktop
image.png
进行分支切换
image.png
找到对应需要安装的分支,并下载文件
image.png
文件下载后并解压
image.png
执行镜像下载命令
image.png
查看已有镜像
image.png
网络配置
进入目录C:\Windows\System32\drivers\etc编辑文件hosts添加一行
# Kubernetes
127.0.0.1 kubernetes.docker.internal
image.png
否则执行命令会出现如下错误
PS D:\> kubectl.exe cluster-info
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
Unable to connect to the server: dial tcp: lookup kubernetes.docker.internal: no such host
服务启用
把勾勾上,等待一段时间,就会发现下发那个kubernetes的点变绿了,代表kubernetes启动成功
image.png
由于启动较慢,这里可以通过命令查看容器的启动状态
image.png
命令验证
PS D:\> kubectl.exe cluster-info
Kubernetes control plane is running at https://kubernetes.docker.internal:6443
CoreDNS is running at https://kubernetes.docker.internal:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
此时即可以说明环境安装正常
安装看板
应用配置
PS D:\k8s-for-docker-desktop-1.22.4> kubectl.exe apply -f .\kubernetes-dashboard.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-key-holder created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
deployment.apps/dashboard-metrics-scraper created
安装进度
PS D:\k8s-for-docker-desktop-1.22.4> kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
kubernetes-dashboard-576cb95f94-kx4xb 1/1 Running 0 50s
PS D:\k8s-for-docker-desktop-1.22.4> kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-c45b7869d-m5xvs 0/1 ContainerCreating 0 53s
kubernetes-dashboard-576cb95f94-kx4xb 1/1 Running 0 53s
PS D:\k8s-for-docker-desktop-1.22.4> kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-c45b7869d-m5xvs 0/1 ContainerCreating 0 54s
kubernetes-dashboard-576cb95f94-kx4xb 1/1 Running 0 54s
PS D:\k8s-for-docker-desktop-1.22.4> kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-c45b7869d-m5xvs 1/1 Running 0 2m24s
kubernetes-dashboard-576cb95f94-kx4xb 1/1 Running 0 2m24s
访问Token
PS C:\Users\86183> $TOKEN=((kubectl -n kube-system describe secret default | Select-String "token:") -split " +")[1]
PS C:\Users\86183> kubectl config set-credentials docker-desktop --token="${TOKEN}"
User "docker-desktop" set.
PS C:\Users\86183> echo $TOKEN
eyJhbGciOiJSUzI1NiIsImtpZCI6InJ5WXh2Y0RTUXR0Tm95dDlxdVA0SS1XX01iNWhQbmZqa1pSOTRjZGpRTEEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2VuLXBiNnFiIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJkYzY2YWExYS1jZWIzLTRlNTctYjU5NC0yNWI3OTY2ZjlhOTYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06ZGVmYXVsdCJ9.xUByTlmquRcGd2BQBWyAMtHA0p0PbXfUaSFLhsHNjpJ7fnqmd35H7c_ydKXDnwIoC1L1HP2mNiRvnyOaOz3ivCSkgdcpirHes5C0t3Y4GQF0Avdx2J3ASI3iULh0jBwYtUUrc8YUMqCwEnhvqoiGDfjjiRl-qVlN_FejSWeSWohdleBVMihfZj205YqwQJXMCD5IhC3n8-H5Sb1dcIY6Uo7OS-1wtfFT_sRJuOMCakQH1WjEZQ5ViZeCUBRAd1ZMfwG4ul5X1aVbB0p_wM95uTUOpM7xDsCGUkKOpioQabvsZmQJmYPlxepLt56rdx0x7o6MlM_aWOzQq6klUiydhw
访问看板
使用kubectl proxy命令访问
PS D:\k8s-for-docker-desktop-1.22.4> kubectl proxy
Starting to serve on 127.0.0.1:8001
E0103 21:26:27.189764 18436 proxy_server.go:147] Error while proxying request: context canceled
E0103 21:26:27.189764 18436 proxy_server.go:147] Error while proxying request: context canceled
E0103 21:26:27.190290 18436 proxy_server.go:147] Error while proxying request: context canceled
E0103 21:26:27.190290 18436 proxy_server.go:147] Error while proxying request: context canceled
注意命令行窗口不要关闭
打开浏览器访问网址
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy
image.png
填入Token并信息登录
image.png
进入后可以看到如下页面
image.png
此时可以看到这里只有一个默认的命名空间,且右侧有错误通知消息
image.png
访问权限
清理旧提权
PS C:\Users\86183> kubectl delete clusterrolebinding serviceaccount-cluster-admin
Error from server (NotFound): clusterrolebindings.rbac.authorization.k8s.io "serviceaccount-cluster-admin" not found
创建集群用户
PS C:\Users\86183> kubectl create clusterrolebinding serviceaccount-cluster-admin --clusterrole=cluster-admin --user=system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard
clusterrolebinding.rbac.authorization.k8s.io/serviceaccount-cluster-admin created
查token用于登录
PS C:\Users\86183> kubectl describe secrets -n kubernetes-dashboard
Name: default-token-64tln
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: default
kubernetes.io/service-account.uid: e59829ab-b670-41ef-a336-00576bc0a50c
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1099 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6InJ5WXh2Y0RTUXR0Tm95dDlxdVA0SS1XX01iNWhQbmZqa1pSOTRjZGpRTEEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2VuLTY0dGxuIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJlNTk4MjlhYi1iNjcwLTQxZWYtYTMzNi0wMDU3NmJjMGE1MGMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6ZGVmYXVsdCJ9.uP2MZLTxP9upIM80rkRtGe9WQ447XWKLq3ohc78R_oAwNGMxntSiXjckibkfv8Sez5zBzvWlaP5MwkWRR10gJOnM7fL8_en3vMIjRZ7Mc-xXF7q9cT2K81FuvmPOyUkbDpk4PWGKwihfVo-wWgx1KduRVJAhWxakjbLpVKA91Ntqs3Cy2F-pXC65pkjZqzmq815z0lS62raoZczn_z0fWYenKBEfdEgLaBfoteX6cvQvdo-aYy7qKwD9FBWuy-1xxmT1BFBEqRFKgbSgvmE1yJilTfhuaq_fA1TAzB4LxbaEYtwGGdsawUDIIM7ccz1A4Ue01oJx7N8Jc-PixkOQpA
Name: kubernetes-dashboard-certs
Namespace: kubernetes-dashboard
Labels: k8s-app=kubernetes-dashboard
Annotations: <none>
Type: Opaque
Data
====
Name: kubernetes-dashboard-csrf
Namespace: kubernetes-dashboard
Labels: k8s-app=kubernetes-dashboard
Annotations: <none>
Type: Opaque
Data
====
csrf: 256 bytes
Name: kubernetes-dashboard-key-holder
Namespace: kubernetes-dashboard
Type: Opaque
Data
priv: 1679 bytes
Name: kubernetes-dashboard-token-gk6s8
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard
kubernetes.io/service-account.uid: 6f6c9deb-5638-4827-a9bb-765a93a3364a
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1099 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6InJ5WXh2Y0RTUXR0Tm95dDlxdVA0SS1XX01iNWhQbmZqa1pSOTRjZGpRTEEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1nazZzOCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjZmNmM5ZGViLTU2MzgtNDgyNy1hOWJiLTc2NWE5M2EzMzY0YSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.l54H6keE_5nswbim--I-HM9uSw27XAwHCavXr1D2wiLVEbSUrvfUyrn5RoPCOxSopCIRV8y4jbB76kmoE2ZdGhhoolGy-mSMEXX9SXrN3aiXzdfCF-OJ-C1KLCPXPFFiiMur9xLD9317OfCZZ9S6VJ6tUxJ4OPu2Zve5x-3_ZchlxlJ3fZNh6-r7vFN67W0RyFSfYj4nHTQD2e1CEyNEiapbybJyTi2o0CdnJKXRzMomZVVHW_e7K8mehJimygTBpNGbF1BoO6jdMJ2HE5OIwGs4GY-yo9nwdMgA9gFLYcAOtwjED2I1GCLDIN6VWoafOueZR9-oq6rRxCBRrSlF9g
登录看板
image.png
image.png
此时这里可以看到多有的命令空间,且右侧不会再有报错通知消息
保证kubeproxy处于启动状态
创建应用
image.png
此时查看Pod等待正常运行即可
image.png
image.png
访问应用
打开浏览器访问http://localhost:8080/
image.png
参考文档
https://blog.csdn.net/qq_38836770/article/details/108801300
https://wayneshao.com/posts/10324.html
https://github.com/AliyunContainerService/k8s-for-docker-desktop/issues/180
https://blog.csdn.net/zhangbaoxiang/article/details/106559533
