Offends/Kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit
All checks were successful
continuous-integration/drone Build is passing
Details

Browse Source
This commit is contained in:
offends
2025-12-13 18:06:23 +08:00
commit 8a87b699ba
333 changed files with 27094 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

198
部署文档/Kind/使用Kind安装Kubernetes.md Normal file
View File

@@ -0,0 +1,198 @@
> 本文作者:丁辉
# 使用Kind安装Kubernetes
[官方网站](https://kind.sigs.k8s.io/)
## 基础环境准备
[ 通过脚本安装Docker](https://gitee.com/offends/Kubernetes/blob/main/Docker/Docs/%E5%AE%89%E8%A3%85%E6%96%87%E6%A1%A3/%E9%80%9A%E8%BF%87%E8%84%9A%E6%9C%AC%E5%AE%89%E8%A3%85Docker.md)
## 安装 Kind
二进制文件安装
[Github二进制文件下载](https://github.com/kubernetes-sigs/kind/releases)
下载二进制文件完成后,安装 Kind
```bash
install -o root -g root -m 0755 kind-linux-amd64 /usr/local/bin/kind
```
## 单节点启动
1. 默认创建集群
```bash
kind create cluster
```
指定镜像或名称创建集群
`kind create cluster --name clusterName --image kindest/node:latest`
2. 复制 Kind 容器内 Kubectl 使用
```bash
docker cp kind-control-plane:/usr/bin/kubectl /usr/bin/kubectl
```
3. 验证
```bash
kubectl config get-contexts
```
## 创建多节点集群
1. 配置国内镜像加速(要不然创建完集群拉取镜像总是超时)
```bash
mkdir -p /etc/containerd/certs.d/docker.io
```
内容如下
```toml
cat > /etc/containerd/certs.d/docker.io/hosts.toml <<EOF
server = "https://registry-1.docker.io"
[host."https://docker.m.daocloud.io"]
capabilities = ["pull", "resolve"]
[host."https://docker.1ms.run"]
capabilities = ["pull", "resolve"]
[host."https://docker-0.unsee.tech"]
capabilities = ["pull", "resolve"]
[host."https://registry-1.docker.io"]
capabilities = ["pull", "resolve"]
EOF
```
2. 创建 Yaml 文件
```yaml
cat > kind_cluster.yaml <<EOF
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
name: cluster1
nodes:
- role: control-plane
extraMounts:
- hostPath: /etc/containerd/certs.d/
containerPath: /etc/containerd/certs.d
readOnly: true
extraPortMappings:
- containerPort: 30000
hostPort: 30000
listenAddress: "0.0.0.0"
protocol: TCP
- role: worker
extraMounts:
- hostPath: /etc/containerd/certs.d/
containerPath: /etc/containerd/certs.d
readOnly: true
- role: worker
extraMounts:
- hostPath: /etc/containerd/certs.d/
containerPath: /etc/containerd/certs.d
readOnly: true
- role: worker
extraMounts:
- hostPath: /etc/containerd/certs.d/
containerPath: /etc/containerd/certs.d
readOnly: true
containerdConfigPatches:
- |-
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"
- |-
[plugins."io.containerd.grpc.v1.cri"]
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.10"
EOF
```
> 嫌端口太少来吧循环起来截止2025年12月2日官方并没有给出特别好的解决办法只能一个一个写。循环示例如下
>
> ```bash
> $(for p in $(seq 30000 31000); do echo " - containerPort: $p"; echo " hostPort: $p"; echo " protocol: TCP"; echo " listenAddress: 0.0.0.0"; done)
> ```
3. 创建集群
```bash
kind create cluster --config kind_cluster.yaml
```
4. 验证
```bash
kubectl get node
```
## 卸载集群
- 删除默认集群
```bash
kind delete cluster
```
- 删除指定集群
```bash
kind delete cluster --name clusterName
```
- 删除全部集群
```bash
kind delete clusters --all
```
## 常用基础命令
- 查看集群
```bash
kind get clusters
```
- 获取节点
```bash
kind get nodes
```
- 把本地的 docker 镜像加载到名叫 kind 的 KIND 集群节点里
```bash
kind load docker-image nginx:latest --name kind
```
# 问题记录
当使用 Kind 集群部署 Metrics-Server 时报错证书错误
- Kind 解决方案
1. 让 Kubelet 自动重新申请一份包含 IP SAN 的 serving 证书
```toml
kubeadmConfigPatches:
- |
kind: KubeletConfiguration
serverTLSBootstrap: true
```
2. 一次性批准 Pending CSR
```bash
kubectl get csr -ojson | jq -r '.items[] | select(.spec.signerName=="kubernetes.io/kubelet-serving" and (.status==null or .status=={})) | .metadata.name' | xargs kubectl certificate approve
```
- Metrics-Server 临时解决方案
[Metrics-Server启动报错证书验证失败](https://gitee.com/offends/Kubernetes/blob/main/%E9%97%AE%E9%A2%98%E8%AE%B0%E5%BD%95/Metrics-Server%E5%90%AF%E5%8A%A8%E6%8A%A5%E9%94%99%E8%AF%81%E4%B9%A6%E9%AA%8C%E8%AF%81%E5%A4%B1%E8%B4%A5.md)