1. 编写的 yml 文件部署,报错,识别不了容器参数
1.1 错误信息:
Error from server (BadRequest): error when creating "apollo.yaml": Deployment in version "v1" cannot be handled as a Deployment: v1.Deployment.Spec: v1.DeploymentSpec.Template: v1.PodTemplateSpec.Spec: v1.PodSpec.Containers: []v1.Container: v1.Container.Env: []v1.EnvVar: v1.EnvVar.Value: ReadString: expects " or n, but found 8, error found in #10 byte of ...|,"value":8070},{"nam|..., bigger context ...|ntainers":[{"env":[{"name":"SERVER_PORT","value":8070},{"name":"SPRING_DATASOURCE_URL","value":"jdbc|...Error from server (BadRequest): error when creating "apollo.yaml": Deployment in version "v1" cannot be handled as a Deployment: v1.Deployment.Spec: v1.DeploymentSpec.Template: v1.PodTemplateSpec.Spec: v1.PodSpec.Containers: []v1.Container: v1.Container.Env: []v1.EnvVar: v1.EnvVar.Value: ReadString: expects " or n, but found 8, error found in #10 byte of ...|,"value":8080},{"nam|..., bigger context ...|ntainers":[{"env":[{"name":"SERVER_PORT","value":8080},{"name":"SPRING_DATASOURCE_URL","value":"jdbc|...Error from server (BadRequest): error when creating "apollo.yaml": Deployment in version "v1" cannot be handled as a Deployment: v1.Deployment.Spec: v1.DeploymentSpec.Template: v1.PodTemplateSpec.Spec: v1.PodSpec.Containers: []v1.Container: v1.Container.Env: []v1.EnvVar: v1.EnvVar.Value: ReadString: expects " or n, but found 8, error found in #10 byte of ...|,"value":8090},{"nam|..., bigger context ...|ntainers":[{"env":[{"name":"SERVER_PORT","value":8090},{"name":"SPRING_DATASOURCE_URL","value":"jdbc|...[root@saaspy ~]#
1.2 yml 配置
apiVersion: v1kind: Namespacemetadata:name: apollo---apiVersion: v1data:.dockerconfigjson: eyJhdXRocyI6eyJodHRwOi8vc2NkaGIuZjMzMjIubmV0OjMyMDAwIjp7InVzZXJuYW1lIjoiYWRtaW4iLCJwYXNzd29yZCI6ImhlYmVuIzEyMzQ1IiwiZW1haWwiOiIzNTgxMDk0NjZAcXEuY29tIiwiYXV0aCI6IllXUnRhVzQ2YUdWaVpXNGpNVEl6TkRVPSJ9fX0=kind: Secretmetadata:name: secret-namenamespace: apollotype: kubernetes.io/dockerconfigjson---apiVersion: apps/v1kind: Deploymentmetadata:name: apollo-portalnamespace: apollospec:selector:matchLabels:app: apollo-portaltemplate:metadata:labels:app: apollo-portalspec:imagePullSecrets:- name: secret-namecontainers:- name: apollo-portalimage: scdhb.f3322.net:32000/apollo/apollo-portal:v1.8.2imagePullPolicy: Alwaysports:- containerPort: 8070env:- name: SERVER_PORTvalue: 8070- name: SPRING_DATASOURCE_URLvalue: jdbc:mysql://apollo-mysql:3306/ApolloPortalDB?sslMode=DISABLED&serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false- name: SPRING_DATASOURCE_USERNAMEvalue: root- name: SPRING_DATASOURCE_PASSWORDvalue: root- name: DEV_METAvalue: http://apollo-config:8080/---apiVersion: v1kind: Servicemetadata:name: apollo-portalnamespace: apollospec:type: NodePortselector:app: apollo-portalports:- name: httpport: 8070---apiVersion: apps/v1kind: Deploymentmetadata:name: apollo-confignamespace: apollospec:selector:matchLabels:app: apollo-configtemplate:metadata:labels:app: apollo-configspec:imagePullSecrets:- name: secret-namecontainers:- name: apollo-configimage: scdhb.f3322.net:32000/apollo/apollo-config:v1.8.1imagePullPolicy: Alwaysports:- containerPort: 8080env:- name: SERVER_PORTvalue: 8080- name: SPRING_DATASOURCE_URLvalue: jdbc:mysql://apollo-mysql:3306/ApolloConfigDB?sslMode=DISABLED&serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false- name: SPRING_DATASOURCE_USERNAMEvalue: root- name: SPRING_DATASOURCE_PASSWORDvalue: root---apiVersion: v1kind: Servicemetadata:name: apollo-confignamespace: apollospec:type: NodePortselector:app: apollo-configports:- name: httpport: 8080---apiVersion: apps/v1kind: Deploymentmetadata:name: apollo-adminnamespace: apollospec:selector:matchLabels:app: apollo-admintemplate:metadata:labels:app: apollo-adminspec:imagePullSecrets:- name: secret-namecontainers:- name: apollo-adminimage: scdhb.f3322.net:32000/apollo/apollo-admin:v1.8.1imagePullPolicy: Alwaysports:- containerPort: 8090env:- name: SERVER_PORTvalue: 8090- name: SPRING_DATASOURCE_URLvalue: jdbc:mysql://apollo-mysql:3306/ApolloConfigDB?sslMode=DISABLED&serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false- name: SPRING_DATASOURCE_USERNAMEvalue: root- name: SPRING_DATASOURCE_PASSWORDvalue: root---apiVersion: v1kind: Servicemetadata:name: apollo-adminnamespace: apollospec:type: NodePortselector:app: apollo-adminports:- name: httpport: 8090---apiVersion: apps/v1kind: Deploymentmetadata:name: apollo-mysqlnamespace: apollospec:selector:matchLabels:app: apollo-mysqltemplate:metadata:labels:app: apollo-mysqlspec:imagePullSecrets:- name: secret-namecontainers:- name: apollo-mysqlimage: scdhb.f3322.net:32000/base-soft/mysql:releaseimagePullPolicy: Alwaysports:- containerPort: 3306env:- name: MYSQL_ROOT_PASSWORDvalue: root---apiVersion: v1kind: Servicemetadata:name: apollo-mysqlnamespace: apollospec:type: NodePortselector:app: apollo-mysqlports:- name: httpport: 3306
1.3 部署结果
[root@saaspy ~]# kubectl delete ns apollonamespace "apollo" deleted[root@saaspy ~]#[root@saaspy ~]#[root@saaspy ~]# kubectl apply -f apollo.yamlnamespace/apollo createdsecret/secret-name createdservice/apollo-portal createdservice/apollo-config createdservice/apollo-admin createddeployment.apps/apollo-mysql createdservice/apollo-mysql createdError from server (BadRequest): error when creating "apollo.yaml": Deployment in version "v1" cannot be handled as a Deployment: v1.Deployment.Spec: v1.DeploymentSpec.Template: v1.PodTemplateSpec.Spec: v1.PodSpec.Containers: []v1.Container: v1.Container.Env: []v1.EnvVar: v1.EnvVar.Value: ReadString: expects " or n, but found 8, error found in #10 byte of ...|,"value":8070},{"nam|..., bigger context ...|ntainers":[{"env":[{"name":"SERVER_PORT","value":8070},{"name":"SPRING_DATASOURCE_URL","value":"jdbc|...Error from server (BadRequest): error when creating "apollo.yaml": Deployment in version "v1" cannot be handled as a Deployment: v1.Deployment.Spec: v1.DeploymentSpec.Template: v1.PodTemplateSpec.Spec: v1.PodSpec.Containers: []v1.Container: v1.Container.Env: []v1.EnvVar: v1.EnvVar.Value: ReadString: expects " or n, but found 8, error found in #10 byte of ...|,"value":8080},{"nam|..., bigger context ...|ntainers":[{"env":[{"name":"SERVER_PORT","value":8080},{"name":"SPRING_DATASOURCE_URL","value":"jdbc|...Error from server (BadRequest): error when creating "apollo.yaml": Deployment in version "v1" cannot be handled as a Deployment: v1.Deployment.Spec: v1.DeploymentSpec.Template: v1.PodTemplateSpec.Spec: v1.PodSpec.Containers: []v1.Container: v1.Container.Env: []v1.EnvVar: v1.EnvVar.Value: ReadString: expects " or n, but found 8, error found in #10 byte of ...|,"value":8090},{"nam|..., bigger context ...|ntainers":[{"env":[{"name":"SERVER_PORT","value":8090},{"name":"SPRING_DATASOURCE_URL","value":"jdbc|...[root@saaspy ~]#
1.4 原因,及解决办法
1.4.1 原因
如果 Deployment 中使用了 env,并且 env 中有一些值是数字,就会抛出这个错误,解决办法就是将数字添加引号,类似下面截图中内容。
所以,在 deployment 中将数字类型的参数使用 “” 英文引号包裹起来。
1.4.2 解决
修改 yaml 文件
apiVersion: v1kind: Namespacemetadata:name: apollo---apiVersion: v1data:.dockerconfigjson: eyJhdXRocyI6eyJodHRwOi8vc2NkaGIuZjMzMjIubmV0OjMyMDAwIjp7InVzZXJuYW1lIjoiYWRtaW4iLCJwYXNzd29yZCI6ImhlYmVuIzEyMzQ1IiwiZW1haWwiOiIzNTgxMDk0NjZAcXEuY29tIiwiYXV0aCI6IllXUnRhVzQ2YUdWaVpXNGpNVEl6TkRVPSJ9fX0=kind: Secretmetadata:name: secret-namenamespace: apollotype: kubernetes.io/dockerconfigjson---apiVersion: apps/v1kind: Deploymentmetadata:name: apollo-portalnamespace: apollospec:selector:matchLabels:app: apollo-portaltemplate:metadata:labels:app: apollo-portalspec:imagePullSecrets:- name: secret-namecontainers:- name: apollo-portalimage: scdhb.f3322.net:32000/apollo/apollo-portal:v1.8.2imagePullPolicy: Alwaysports:- containerPort: 8070env:- name: SERVER_PORTvalue: "8070"- name: SPRING_DATASOURCE_URLvalue: "jdbc:mysql://apollo-mysql:3306/ApolloPortalDB?sslMode=DISABLED&serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false"- name: SPRING_DATASOURCE_USERNAMEvalue: root- name: SPRING_DATASOURCE_PASSWORDvalue: root- name: DEV_METAvalue: http://apollo-config:8080/---apiVersion: v1kind: Servicemetadata:name: apollo-portalnamespace: apollospec:type: NodePortselector:app: apollo-portalports:- name: httpport: 8070---apiVersion: apps/v1kind: Deploymentmetadata:name: apollo-confignamespace: apollospec:selector:matchLabels:app: apollo-configtemplate:metadata:labels:app: apollo-configspec:imagePullSecrets:- name: secret-namecontainers:- name: apollo-configimage: scdhb.f3322.net:32000/apollo/apollo-config:v1.8.1imagePullPolicy: Alwaysports:- containerPort: 8080env:- name: SERVER_PORTvalue: "8080"- name: SPRING_DATASOURCE_URLvalue: "jdbc:mysql://apollo-mysql:3306/ApolloConfigDB?sslMode=DISABLED&serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false"- name: SPRING_DATASOURCE_USERNAMEvalue: root- name: SPRING_DATASOURCE_PASSWORDvalue: root---apiVersion: v1kind: Servicemetadata:name: apollo-confignamespace: apollospec:type: NodePortselector:app: apollo-configports:- name: httpport: 8080---apiVersion: apps/v1kind: Deploymentmetadata:name: apollo-adminnamespace: apollospec:selector:matchLabels:app: apollo-admintemplate:metadata:labels:app: apollo-adminspec:imagePullSecrets:- name: secret-namecontainers:- name: apollo-adminimage: scdhb.f3322.net:32000/apollo/apollo-admin:v1.8.1imagePullPolicy: Alwaysports:- containerPort: 8090env:- name: SERVER_PORTvalue: "8090"- name: SPRING_DATASOURCE_URLvalue: "jdbc:mysql://apollo-mysql:3306/ApolloConfigDB?sslMode=DISABLED&serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false"- name: SPRING_DATASOURCE_USERNAMEvalue: root- name: SPRING_DATASOURCE_PASSWORDvalue: root---apiVersion: v1kind: Servicemetadata:name: apollo-adminnamespace: apollospec:type: NodePortselector:app: apollo-adminports:- name: httpport: 8090---apiVersion: apps/v1kind: Deploymentmetadata:name: apollo-mysqlnamespace: apollospec:selector:matchLabels:app: apollo-mysqltemplate:metadata:labels:app: apollo-mysqlspec:imagePullSecrets:- name: secret-namecontainers:- name: apollo-mysqlimage: scdhb.f3322.net:32000/base-soft/mysql:releaseimagePullPolicy: Alwaysports:- containerPort: 3306env:- name: MYSQL_ROOT_PASSWORDvalue: root---apiVersion: v1kind: Servicemetadata:name: apollo-mysqlnamespace: apollospec:type: NodePortselector:app: apollo-mysqlports:- name: httpport: 3306
运行结果:
[root@saaspy ~]# kubectl apply -f apollo.ymlnamespace/apollo createdsecret/secret-name createddeployment.apps/apollo-portal createdservice/apollo-portal createddeployment.apps/apollo-config createdservice/apollo-config createddeployment.apps/apollo-admin createdservice/apollo-admin createddeployment.apps/apollo-mysql createdservice/apollo-mysql created[root@saaspy ~]#[root@saaspy ~]#[root@saaspy ~]# kubectl get pod,svc -n apolloNAME READY STATUS RESTARTS AGEpod/apollo-admin-67b5487986-4n66r 0/1 CrashLoopBackOff 4 4m6spod/apollo-config-585c468c59-s6ls8 0/1 CrashLoopBackOff 4 4m7spod/apollo-mysql-d579db4f8-mbzgs 1/1 Running 0 4m6spod/apollo-portal-b8697d789-x8tth 1/1 Running 5 4m7sNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEservice/apollo-admin NodePort 172.31.229.214 <none> 8090:31442/TCP 4m6sservice/apollo-config NodePort 172.31.207.54 <none> 8080:30478/TCP 4m6sservice/apollo-mysql NodePort 172.31.248.214 <none> 3306:31093/TCP 4m6sservice/apollo-portal NodePort 172.31.61.50 <none> 8070:31194/TCP 4m7s[root@saaspy ~]#
说明,不要关注 pod 的状态失败,因为还未建立数据库。
2. k8s 建立的 mysql 远程访问问题
我的k8s是个远程环境,不知道同事怎么设置的,只可以运行部分 kubectl 的命令,有的直接报错 timeout,尤其是在 kubectl exec 命令时(后面会提到)。
2.1 mysql yaml 配置,不可远程访问数据库
apiVersion: apps/v1kind: Deploymentmetadata:name: apollo-mysqlnamespace: apollospec:selector:matchLabels:app: apollo-mysqltemplate:metadata:labels:app: apollo-mysqlspec:imagePullSecrets:- name: secret-namecontainers:- name: apollo-mysqlimage: scdhb.f3322.net:32000/base-soft/mysql:releaseimagePullPolicy: Alwaysports:- containerPort: 3306env:- name: MYSQL_ROOT_PASSWORDvalue: root---apiVersion: v1kind: Servicemetadata:name: apollo-mysqlnamespace: apollospec:type: NodePortselector:app: apollo-mysqlports:- name: httpport: 3306
mysql 能够正常运行,可是远程连接时候报错 mysql 10060 错误,知道没有权限访问,毕竟 root 是默认在 localhost 主机访问的。那么就需要修改 root@localhost(或者新建用户),然而本次不能够通过 kubectl exec 进入容器内部,于是乎想到 kubectl exec 远程执行命令(或者容器启动部署时,执行命令)。
2.2 mysql 部署时指定 command,修改 root@localhost(不行)
命令,command: [“mysql -uroot -p$(MYSQL_ROOT_PASSWORD)”, “RENAME USER root@localhost TO root@%“]
mysql yaml 配置
apiVersion: apps/v1kind: Deploymentmetadata:name: apollo-mysqlnamespace: apollospec:selector:matchLabels:app: apollo-mysqltemplate:metadata:labels:app: apollo-mysqlspec:imagePullSecrets:- name: secret-namecontainers:- name: apollo-mysqlimage: scdhb.f3322.net:32000/base-soft/mysql:releaseimagePullPolicy: Alwaysports:- containerPort: 3306env:- name: MYSQL_ROOT_PASSWORDvalue: rootcommand: ["mysql -uroot -p$(MYSQL_ROOT_PASSWORD)", "RENAME USER `root`@`localhost` TO `root`@`%`"]---apiVersion: v1kind: Servicemetadata:name: apollo-mysqlnamespace: apollospec:type: NodePortselector:app: apollo-mysqlports:- name: httpport: 3306
结果让人很失望,没有找到 mysql 命令(尚未分析是不是自己的 command 没有写对)
结果:
[root@saaspy ~]# kubectl describe pod/apollo-mysql-547d7cdf56-qszn5 -n apolloName: apollo-mysql-547d7cdf56-qszn5Namespace: apolloPriority: 0Node: cn-shanghai.192.168.0.91/192.168.0.91Start Time: Sat, 07 Aug 2021 10:47:52 +0800Labels: app=apollo-mysqlpod-template-hash=547d7cdf56Annotations: kubernetes.io/psp: ack.privilegedStatus: RunningIP: 192.168.0.228Controlled By: ReplicaSet/apollo-mysql-547d7cdf56Containers:apollo-mysql:Container ID: docker://98cb6f79000a7d0c39a7b6aafbcd0e7ad1dffa9c4fd20b7dbfd7a23bd3f1a048Image: scdhb.f3322.net:32000/base-soft/mysql:releaseImage ID: docker-pullable://scdhb.f3322.net:32000/base-soft/mysql@sha256:4476fa792a8cd534386c23ebe70b4d931f72ad7bb60db888d3a188a6287202f2Port: 3306/TCPHost Port: 0/TCPCommand:mysql -uroot -p$(MYSQL_ROOT_PASSWORD)RENAME USER `root`@`localhost` TO `root`@`%`State: WaitingReason: CrashLoopBackOffLast State: TerminatedReason: ContainerCannotRunMessage: OCI runtime create failed: container_linux.go:346: starting container process caused "exec: \"mysql -uroot -proot\": executable file not found in $PATH": unknownExit Code: 127Started: Sat, 07 Aug 2021 10:48:10 +0800Finished: Sat, 07 Aug 2021 10:48:10 +0800Ready: FalseRestart Count: 2Environment:MYSQL_ROOT_PASSWORD: rootMounts:/var/run/secrets/kubernetes.io/serviceaccount from default-token-tvpvz (ro)Conditions:Type StatusInitialized TrueReady FalseContainersReady FalsePodScheduled TrueVolumes:default-token-tvpvz:Type: Secret (a volume populated by a Secret)SecretName: default-token-tvpvzOptional: falseQoS Class: BestEffortNode-Selectors: <none>Tolerations: node.kubernetes.io/not-ready:NoExecute for 300snode.kubernetes.io/unreachable:NoExecute for 300sEvents:Type Reason Age From Message---- ------ ---- ---- -------Normal Scheduled 45s default-scheduler Successfully assigned apollo/apollo-mysql-547d7cdf56-qszn5 to cn-shanghai.192.168.0.91Normal AllocIPSucceed 43s terway-daemon Alloc IP 192.168.0.228/24 for PodWarning BackOff 16s kubelet, cn-shanghai.192.168.0.91 Back-off restarting failed containerNormal Pulling 3s (x4 over 43s) kubelet, cn-shanghai.192.168.0.91 Pulling image "scdhb.f3322.net:32000/base-soft/mysql:release"Normal Pulled 2s (x4 over 42s) kubelet, cn-shanghai.192.168.0.91 Successfully pulled image "scdhb.f3322.net:32000/base-soft/mysql:release"Normal Created 2s (x4 over 42s) kubelet, cn-shanghai.192.168.0.91 Created container apollo-mysqlWarning Failed 2s (x4 over 42s) kubelet, cn-shanghai.192.168.0.91 Error: failed to start container "apollo-mysql": Error response from daemon: OCI runtime create failed: container_linux.go:346: starting container process caused "exec: \"mysql -uroot -proot\": executable file not found in $PATH": unknown[root@saaspy ~]#
Warning Failed 2s (x4 over 42s) kubelet, cn-shanghai.192.168.0.91 Error: failed to start container “apollo-mysql”: Error response from daemon: OCI runtime create failed: container_linux.go:346: starting container process caused “exec: \”mysql -uroot -proot\”: executable file not found in $PATH”: unknown
这个修改 root 的命令需要在容器部署启动后(运行后)才能执行,初步怀疑是命令先于容器执行。
2.3 mysql 部署完成后,kubectl exec 直接执行命令(不进入容器)
2.3.1 kubectl exec 命令小例
[root@k3s-m1 ~]# kubectl exec -hExecute a command in a container.Examples:# Get output from running 'date' command from pod mypod, using the first container by defaultkubectl exec mypod -- date# Get output from running 'date' command in ruby-container from pod mypodkubectl exec mypod -c ruby-container -- date# Switch to raw terminal mode, sends stdin to 'bash' in ruby-container from pod mypod# and sends stdout/stderr from 'bash' back to the clientkubectl exec mypod -c ruby-container -i -t -- bash -il# List contents of /usr from the first container of pod mypod and sort by modification time.# If the command you want to execute in the pod has any flags in common (e.g. -i),# you must use two dashes (--) to separate your command's flags/arguments.# Also note, do not surround your command and its flags/arguments with quotes# unless that is how you would execute it normally (i.e., do ls -t /usr, not "ls -t /usr").kubectl exec mypod -i -t -- ls -t /usr# Get output from running 'date' command from the first pod of the deployment mydeployment, using the first containerby defaultkubectl exec deploy/mydeployment -- date# Get output from running 'date' command from the first pod of the service myservice, using the first container bydefaultkubectl exec svc/myservice -- dateOptions:-c, --container='': Container name. If omitted, the first container in the pod will be chosen-f, --filename=[]: to use to exec into the resource--pod-running-timeout=1m0s: The length of time (like 5s, 2m, or 3h, higher than zero) to wait until at least onepod is running-i, --stdin=false: Pass stdin to the container-t, --tty=false: Stdin is a TTYUsage:kubectl exec (POD | TYPE/NAME) [-c CONTAINER] [flags] -- COMMAND [args...] [options]Use "kubectl options" for a list of global command-line options (applies to all commands).[root@k3s-m1 ~]#[root@k3s-m1 ~]# kubectl exec huawei004-mysql-base-77f6856d66-l5jw4 -n huawei004 datekubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.Sat Aug 7 03:12:51 UTC 2021[root@k3s-m1 ~]#[root@k3s-m1 ~]# kubectl exec huawei004-mysql-base-77f6856d66-l5jw4 -n huawei004 -- dateSat Aug 7 03:13:00 UTC 2021[root@k3s-m1 ~]#
在自己的上执行,报错 timeout
[root@saaspy ~]# kubectl exec apollo-mysql-d579db4f8-vhpwv -n apollo dateError from server: error dialing backend: dial tcp 192.168.0.91:10250: i/o timeout[root@saaspy ~]#
唉,还是只有采取部署时的 command,返回去分析错误原因。
2.4 解决
2.4.1 首先说明无法访问,不是 root 账号权限问题
kubectl 部署运行时的 command 属于启动前运行,故而 command 方式是不行的。
后来改变策略,重新部署成功,可以远程访问了,查看 mysql 的 user 表,远程访问是有权限的:
mysql> select Host,User from user;+-----------+---------------+| Host | User |+-----------+---------------+| % | root || localhost | mysql.session || localhost | mysql.sys || localhost | root |+-----------+---------------+4 rows in set (0.10 sec)mysql>
2.4.2 改变 service type 为 LoadBalancer,使用 EXTERNAL-IP 访问
主要是改变了 service 的网络type类型 LoadBalancer
mysql yaml 配置(不带 cm(configMap))
apiVersion: apps/v1kind: Deploymentmetadata:name: xh-apollo-mysql2namespace: xh-apollospec:selector:matchLabels:app: xh-apollo-mysql2template:metadata:labels:app: xh-apollo-mysql2spec:imagePullSecrets:- name: secret-namecontainers:- name: xh-apollo-mysql2image: scdhb.f3322.net:32000/base-soft/mysql:releaseimagePullPolicy: Alwaysports:- containerPort: 3306env:- name: MYSQL_ROOT_PASSWORDvalue: root# command: ["RENAME USER `root`@`localhost` TO `root`@`%`"]---apiVersion: v1kind: Servicemetadata:name: xh-apollo-mysql2namespace: xh-apollospec:type: LoadBalancerselector:app: xh-apollo-mysql2ports:- name: mysql-svc-portport: 30084targetPort: 3306
mysql yaml 配置(带 cm(configMap))
---apiVersion: v1kind: Servicemetadata:name: xh-apollo-adminnamespace: xh-apollospec:type: NodePortselector:app: xh-apollo-adminports:- name: httpport: 8090---apiVersion: v1kind: ConfigMapmetadata:name: xh-apollo-mysql-cmnamespace: xh-apollolabels:app: xh-apollo-mysql-cmdata:my.cnf: |-[client]default-character-set=utf8mb4[mysql]default-character-set=utf8mb4[mysqld]character-set-server = utf8mb4collation-server = utf8mb4_unicode_ciinit_connect='SET NAMES utf8mb4'skip-character-set-client-handshake = truemax_connections=2000secure_file_priv=/var/lib/mysqlbind-address=0.0.0.0symbolic-links=0sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION'---apiVersion: apps/v1kind: Deploymentmetadata:name: xh-apollo-mysqlnamespace: xh-apollospec:selector:matchLabels:app: xh-apollo-mysqltemplate:metadata:labels:app: xh-apollo-mysqlspec:imagePullSecrets:- name: secret-namecontainers:- name: xh-apollo-mysqlimage: scdhb.f3322.net:32000/base-soft/mysql:releaseimagePullPolicy: Alwaysports:- containerPort: 3306env:- name: MYSQL_ROOT_PASSWORDvalue: rootargs:- --datadir- /var/lib/mysqlvolumeMounts:- name: configmountPath: /etc/mysql/conf.d/my.cnfsubPath: my.cnfvolumes:- name: configconfigMap:name: xh-apollo-mysql-cm# command: ["RENAME USER `root`@`localhost` TO `root`@`%`"]---apiVersion: v1kind: Servicemetadata:name: xh-apollo-mysqlnamespace: xh-apollospec:type: LoadBalancerselector:app: xh-apollo-mysqlports:- name: mysql-svc-portport: 30083targetPort: 3306# nodePort: 30083
查看部署结果:
[root@saaspy ~]# kubectl get svc,pod,cm -n xh-apolloNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEservice/xh-apollo-admin NodePort 172.31.106.174 <none> 8090:30757/TCP 4m4sservice/xh-apollo-config NodePort 172.31.36.142 <none> 8080:31979/TCP 4m4sservice/xh-apollo-mysql LoadBalancer 172.31.52.61 xx.xx.xx.xx 30083:30281/TCP 4m3sservice/xh-apollo-mysql2 LoadBalancer 172.31.135.127 xx.xx.xx.xx 30084:30247/TCP 9sservice/xh-apollo-portal NodePort 172.31.0.146 <none> 8070:30439/TCP 4m4sNAME READY STATUS RESTARTS AGEpod/xh-apollo-admin-b6d9d48cf-snzwz 0/1 CrashLoopBackOff 4 4m4spod/xh-apollo-config-599bdb7b9b-cz656 0/1 Error 5 4m4spod/xh-apollo-mysql-7c6856978f-2rp6n 1/1 Running 0 4m3spod/xh-apollo-mysql2-65f7f7956b-6kg6n 1/1 Running 0 9spod/xh-apollo-portal-d85bffdc-qbq4p 0/1 Error 5 4m5sNAME DATA AGEconfigmap/xh-apollo-mysql-cm 1 4m4s[root@saaspy ~]#
访问的时候就可以通过 EXTERNAL-IP 加 port 访问啦。
3 容器内部使用 curl、ping 命令
3.1 先要查看系统 cat release 或者 cat /etc/release
bash-4.4# pwd/optbash-4.4# cat /etc/*release3.8.2NAME="Alpine Linux"ID=alpineVERSION_ID=3.8.2PRETTY_NAME="Alpine Linux v3.8"HOME_URL="http://alpinelinux.org"BUG_REPORT_URL="http://bugs.alpinelinux.org"bash-4.4#bash-4.4# cd /etcbash-4.4# pwd/etcbash-4.4# cat *release3.8.2NAME="Alpine Linux"ID=alpineVERSION_ID=3.8.2PRETTY_NAME="Alpine Linux v3.8"HOME_URL="http://alpinelinux.org"BUG_REPORT_URL="http://bugs.alpinelinux.org"bash-4.4#
3.2 是否存在命令 curl 、ping
bash-4.4# curl loclahost:8080bash: curl: command not foundbash-4.4#bash-4.4# ping localhostPING localhost (127.0.0.1): 56 data bytes64 bytes from 127.0.0.1: seq=0 ttl=64 time=0.037 ms64 bytes from 127.0.0.1: seq=1 ttl=64 time=0.094 ms64 bytes from 127.0.0.1: seq=2 ttl=64 time=0.040 ms^C--- localhost ping statistics ---3 packets transmitted, 3 packets received, 0% packet lossround-trip min/avg/max = 0.037/0.057/0.094 msbash-4.4#
3.3 Alpine Linux v3.8 安装 curl
1.设置国内镜像源sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories2.安装curlapk add curl
3.4 其它系统
root@xh-pandora-register01-678cf8bb8d-c8bb7:/opt# ping 47.101.139.203bash: ping: command not foundroot@xh-pandora-register01-678cf8bb8d-c8bb7:/opt# cat /etc/*releasePRETTY_NAME="Debian GNU/Linux 10 (buster)"NAME="Debian GNU/Linux"VERSION_ID="10"VERSION="10 (buster)"VERSION_CODENAME=busterID=debianHOME_URL="https://www.debian.org/"SUPPORT_URL="https://www.debian.org/support"BUG_REPORT_URL="https://bugs.debian.org/"root@xh-pandora-register01-678cf8bb8d-c8bb7:/opt#root@xh-pandora-register01-678cf8bb8d-c8bb7:/opt# apt updateGet:1 http://security.debian.org/debian-security buster/updates InRelease [65.4 kB]Get:2 http://security.debian.org/debian-security buster/updates/main amd64 Packages [299 kB]Get:3 http://deb.debian.org/debian buster InRelease [122 kB]Get:4 http://deb.debian.org/debian buster-updates InRelease [51.9 kB]Get:5 http://deb.debian.org/debian buster/main amd64 Packages [7907 kB]Get:6 http://deb.debian.org/debian buster-updates/main amd64 Packages [15.2 kB]Fetched 8460 kB in 6s (1321 kB/s)Reading package lists... DoneBuilding dependency treeReading state information... Done8 packages can be upgraded. Run 'apt list --upgradable' to see them.root@xh-pandora-register01-678cf8bb8d-c8bb7:/opt#root@xh-pandora-register01-678cf8bb8d-c8bb7:/opt# apt-get curlE: Invalid operation curlroot@xh-pandora-register01-678cf8bb8d-c8bb7:/opt# apt-get curl -yE: Invalid operation curlroot@xh-pandora-register01-678cf8bb8d-c8bb7:/opt# apt-get install curl -yReading package lists... DoneBuilding dependency treeReading state information... DoneThe following package was automatically installed and is no longer required:lsb-base......Setting up curl (7.64.0-4+deb10u2) ...Processing triggers for libc-bin (2.28-10) ...root@xh-pandora-register01-678cf8bb8d-c8bb7:/opt## ping 命令root@xh-pandora-register01-8477d49589-p4qxl:/opt#root@xh-pandora-register01-8477d49589-p4qxl:/opt# apt-get install inetutils-ping -yReading package lists... DoneBuilding dependency treeReading state information... DoneThe following package was automatically installed and is no longer required:lsb-baseUse 'apt autoremove' to remove it.The following additional packages will be installed:libidn11 netbaseThe following NEW packages will be installed:inetutils-ping libidn11 netbase0 upgraded, 3 newly installed, 0 to remove and 8 not upgraded.Need to get 362 kB of archives.After this operation, 718 kB of additional disk space will be used.0% [Connecting to deb.debian.org]Get:1 http://deb.debian.org/debian buster/main amd64 netbase all 5.6 [19.4 kB]Get:2 http://deb.debian.org/debian buster/main amd64 libidn11 amd64 1.33-2.2 [116 kB]Get:3 http://deb.debian.org/debian buster/main amd64 inetutils-ping amd64 2:1.9.4-7+deb10u1 [226 kB]Fetched 362 kB in 42s (8578 B/s)debconf: delaying package configuration, since apt-utils is not installedSelecting previously unselected package netbase.(Reading database ... 7067 files and directories currently installed.)Preparing to unpack .../archives/netbase_5.6_all.deb ...Unpacking netbase (5.6) ...Selecting previously unselected package libidn11:amd64.Preparing to unpack .../libidn11_1.33-2.2_amd64.deb ...Unpacking libidn11:amd64 (1.33-2.2) ...Selecting previously unselected package inetutils-ping.Preparing to unpack .../inetutils-ping_2%3a1.9.4-7+deb10u1_amd64.deb ...Unpacking inetutils-ping (2:1.9.4-7+deb10u1) ...Setting up libidn11:amd64 (1.33-2.2) ...Setting up netbase (5.6) ...Setting up inetutils-ping (2:1.9.4-7+deb10u1) ...Processing triggers for libc-bin (2.28-10) ...root@xh-pandora-register01-8477d49589-p4qxl:/opt#
4 ack 的 pod 数量限制
4.1 选择了 terway 网络,每个节点 pod 数量有限制
k8s 在建立 pod ,需要规划分配网络,有了限制,导致不能创建 pod,大量 pod 状态为 pending。
部署服务,不能按照pod 限制的最大数量来卡死 pod 实际部署数量,要预留数量,便于容器的滚动升级(ack 在计算 pod 个数时,Terminating 也算一个,在 k8s 中,针对单一个 pod 来升级,会被计算为两个,一个创建中 containerCreating,一个终止中 terminating)。至于保留多少pod,应该根据最大的并行升级数量来算,比如,需要升级3个pod,那么就要预留 3 个pod。
若是不规划好pod预留量,有可能会导致 k8s 崩溃(删除不掉,新建不了,二者相互等待)
若有收获,就点个赞吧
0 人点赞
