# k8s # Minikube 本地 Registry 管理 Laravel 和 Vue 镜像 使用 Minikube 内置的 registry 可以方便地在本地管理 Laravel 和 Vue 镜像,无需依赖外部 registry(如 Docker Hub)。以下是完整的配置方案: ## 1. 启用 Minikube 的本地 Registry ```bash # 启动 Minikube 并启用 registry 插件 minikube start --driver=docker --insecure-registry="10.0.0.0/24" minikube addons enable registry # 查看 registry 服务 kubectl get svc -n kube-system | grep registry # 设置端口转发,使本地可以访问 registry kubectl port-forward --namespace kube-system service/registry 5000:80 & ``` ## 2. 配置 Docker 使用 Minikube 的 Registry ```bash # 设置环境变量指向 Minikube 的 Docker daemon eval $(minikube docker-env) # 验证是否连接到 Minikube 的 Docker docker info | grep "Name: minikube" ``` ## 3. 构建和推送 Laravel 镜像 ### Laravel Dockerfile 示例 ```dockerfile # Dockerfile.laravel FROM php:8.1-fpm # 安装依赖 RUN apt-get update && apt-get install -y \ git \ curl \ libpng-dev \ libonig-dev \ libxml2-dev \ zip \ unzip \ libzip-dev # 安装 PHP 扩展 RUN docker-php-ext-install pdo_mysql mbstring exif pcntl bcmath gd zip # 安装 Composer COPY --from=composer:latest /usr/bin/composer /usr/bin/composer # 设置工作目录 WORKDIR /var/www # 复制项目文件 COPY . . # 安装依赖 RUN composer install --optimize-autoloader --no-dev # 优化配置 RUN php artisan config:cache && \ php artisan route:cache && \ php artisan view:cache # 暴露端口 EXPOSE 9000 # 启动命令 CMD ["php-fpm"] ``` ### 构建和推送 Laravel 镜像 ```bash # 构建镜像 docker build -t localhost:5000/laravel-app:latest -f Dockerfile.laravel . # 推送镜像到本地 registry docker push localhost:5000/laravel-app:latest # 验证镜像是否在 registry 中 curl http://localhost:5000/v2/_catalog ``` ## 4. 构建和推送 Vue 镜像 ### Vue Dockerfile 示例 ```dockerfile # Dockerfile.vue FROM node:16 as builder WORKDIR /app COPY package*.json ./ RUN npm install COPY . . RUN npm run build FROM nginx:alpine COPY --from=builder /app/dist /usr/share/nginx/html COPY nginx.conf /etc/nginx/conf.d/default.conf EXPOSE 80 CMD ["nginx", "-g", "daemon off;"] ``` ### 相关 Nginx 配置 ```nginx # nginx.conf server { listen 80; server_name localhost; location / { root /usr/share/nginx/html; index index.html; try_files $uri $uri/ /index.html; } location /api { proxy_pass http://laravel-backend:9000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } } ``` ### 构建和推送 Vue 镜像 ```bash # 构建镜像 docker build -t localhost:5000/vue-app:latest -f Dockerfile.vue . # 推送镜像到本地 registry docker push localhost:5000/vue-app:latest # 验证镜像 curl http://localhost:5000/v2/_catalog ``` ## 5. 部署 Kubernetes 资源 ### Laravel 部署配置 ```yaml # laravel-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: laravel-backend namespace: laravel-vue-app spec: replicas: 2 selector: matchLabels: app: laravel-backend template: metadata: labels: app: laravel-backend spec: containers: - name: laravel-app image: localhost:5000/laravel-app:latest imagePullPolicy: Always env: - name: DB_HOST value: "mysql" - name: DB_DATABASE value: "laravel" - name: DB_USERNAME value: "root" - name: DB_PASSWORD valueFrom: secretKeyRef: name: laravel-secrets key: db-password ports: - containerPort: 9000 resources: requests: cpu: "100m" memory: "256Mi" limits: cpu: "500m" memory: "512Mi" ``` ### Vue 部署配置 ```yaml # vue-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: vue-frontend namespace: laravel-vue-app spec: replicas: 2 selector: matchLabels: app: vue-frontend template: metadata: labels: app: vue-frontend spec: containers: - name: vue-app image: localhost:5000/vue-app:latest imagePullPolicy: Always ports: - containerPort: 80 resources: requests: cpu: "50m" memory: "128Mi" limits: cpu: "200m" memory: "256Mi" ``` ## 6. 验证部署 ```bash # 应用所有配置 kubectl apply -f namespace.yaml kubectl apply -f mysql-pvc.yaml kubectl apply -f mysql-deployment.yaml kubectl apply -f mysql-service.yaml kubectl apply -f redis-deployment.yaml kubectl apply -f redis-service.yaml kubectl apply -f laravel-deployment.yaml kubectl apply -f laravel-service.yaml kubectl apply -f vue-deployment.yaml kubectl apply -f vue-service.yaml kubectl apply -f ingress.yaml # 查看 pod 状态 kubectl get pods -n laravel-vue-app -w # 获取应用 URL minikube service list ``` ## 7. 自动化构建和部署脚本 创建 `build-and-deploy.sh` 脚本: ```bash #!/bin/bash # 构建 Laravel 镜像 echo "Building Laravel image..." docker build -t localhost:5000/laravel-app:latest -f Dockerfile.laravel . docker push localhost:5000/laravel-app:latest # 构建 Vue 镜像 echo "Building Vue image..." docker build -t localhost:5000/vue-app:latest -f Dockerfile.vue . docker push localhost:5000/vue-app:latest # 重新部署 Kubernetes 资源 echo "Redeploying applications..." kubectl rollout restart deployment/laravel-backend -n laravel-vue-app kubectl rollout restart deployment/vue-frontend -n laravel-vue-app echo "Deployment complete!" ``` ## 8. 常见问题解决 ### 镜像拉取问题 如果遇到镜像拉取问题,可以尝试: ```bash # 确保 Minikube 使用本地 Docker daemon eval $(minikube docker-env) # 检查 registry 是否运行 kubectl get pods -n kube-system | grep registry # 如果 registry 有问题,重新启用 minikube addons disable registry minikube addons enable registry ``` ### 性能优化 对于开发环境,可以配置资源限制: ```yaml # 在 deployment 中添加 resources: requests: cpu: "100m" memory: "128Mi" limits: cpu: "500m" memory: "512Mi" ``` ## 9. 清理资源 ```bash # 删除部署 kubectl delete -f . # 禁用 registry minikube addons disable registry # 删除本地镜像 docker rmi localhost:5000/laravel-app:latest docker rmi localhost:5000/vue-app:latest ``` 通过这种方式,您可以在 Minikube 环境中完全本地化管理 Laravel 和 Vue 镜像,无需依赖外部 registry,适合开发和测试环境使用。 # Minikube 部署 Laravel + Vue 微服务集群与持续集成方案 ## 项目架构概述 这个方案将使用 Minikube 在本地 Kubernetes 环境中部署一个包含 Laravel 后端和 Vue 前端的微服务架构,并实现持续集成流程。 ### 主要组件 1. **前端服务**: Vue.js 应用 2. **后端服务**: Laravel API 3. **数据库服务**: MySQL 4. **缓存服务**: Redis 5. **消息队列**: RabbitMQ (可选) 6. **CI/CD 流水线**: GitHub Actions/Jenkins ## 环境准备 ### 1. 安装必要工具 ```bash # 安装 Minikube curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 sudo install minikube-linux-amd64 /usr/local/bin/minikube # 安装 kubectl curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl # 启动 Minikube minikube start --driver=docker --cpus=4 --memory=8192 ``` ### 2. 启用必要插件 ```bash minikube addons enable ingress minikube addons enable metrics-server ``` ## 微服务部署 ### 1. 创建命名空间 ```yaml # namespace.yaml apiVersion: v1 kind: Namespace metadata: name: laravel-vue-app ``` ### 2. MySQL 部署 ```yaml # mysql-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: mysql namespace: laravel-vue-app spec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql image: mysql:5.7 env: - name: MYSQL_ROOT_PASSWORD value: yourpassword - name: MYSQL_DATABASE value: laravel ports: - containerPort: 3306 volumeMounts: - name: mysql-persistent-storage mountPath: /var/lib/mysql volumes: - name: mysql-persistent-storage persistentVolumeClaim: claimName: mysql-pv-claim --- # mysql-service.yaml apiVersion: v1 kind: Service metadata: name: mysql namespace: laravel-vue-app spec: ports: - port: 3306 selector: app: mysql --- # mysql-pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql-pv-claim namespace: laravel-vue-app spec: accessModes: - ReadWriteOnce resources: requests: storage: 5Gi ``` ### 3. Redis 部署 ```yaml # redis-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: redis namespace: laravel-vue-app spec: replicas: 1 selector: matchLabels: app: redis template: metadata: labels: app: redis spec: containers: - name: redis image: redis:alpine ports: - containerPort: 6379 --- # redis-service.yaml apiVersion: v1 kind: Service metadata: name: redis namespace: laravel-vue-app spec: ports: - port: 6379 selector: app: redis ``` ### 4. Laravel 后端部署 ```yaml # laravel-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: laravel-backend namespace: laravel-vue-app spec: replicas: 3 selector: matchLabels: app: laravel-backend template: metadata: labels: app: laravel-backend spec: containers: - name: laravel-app image: your-registry/laravel-app:latest env: - name: DB_HOST value: mysql - name: DB_PASSWORD valueFrom: secretKeyRef: name: laravel-secrets key: db-password - name: REDIS_HOST value: redis ports: - containerPort: 9000 livenessProbe: httpGet: path: /api/health port: 9000 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: /api/health port: 9000 initialDelaySeconds: 5 periodSeconds: 5 --- # laravel-service.yaml apiVersion: v1 kind: Service metadata: name: laravel-backend namespace: laravel-vue-app spec: ports: - port: 9000 selector: app: laravel-backend ``` ### 5. Vue 前端部署 ```yaml # vue-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: vue-frontend namespace: laravel-vue-app spec: replicas: 3 selector: matchLabels: app: vue-frontend template: metadata: labels: app: vue-frontend spec: containers: - name: vue-app image: your-registry/vue-app:latest env: - name: VUE_APP_API_URL value: http://laravel-backend:9000 ports: - containerPort: 8080 livenessProbe: httpGet: path: / port: 8080 initialDelaySeconds: 30 periodSeconds: 10 --- # vue-service.yaml apiVersion: v1 kind: Service metadata: name: vue-frontend namespace: laravel-vue-app spec: ports: - port: 80 targetPort: 8080 selector: app: vue-frontend --- # ingress.yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: laravel-vue-ingress namespace: laravel-vue-app annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - host: laravel-vue.local http: paths: - path: / pathType: Prefix backend: service: name: vue-frontend port: number: 80 - path: /api pathType: Prefix backend: service: name: laravel-backend port: number: 9000 ``` ## 持续集成流程 ### GitHub Actions 示例 ```yaml # .github/workflows/ci-cd.yaml name: CI/CD Pipeline on: push: branches: [ main ] pull_request: branches: [ main ] jobs: build-test-backend: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Set up PHP uses: shivammathur/setup-php@v2 with: php-version: '8.1' extensions: mbstring, ctype, fileinfo, tokenizer, mysql, pdo, xml, gd coverage: pcov - name: Install dependencies run: composer install --prefer-dist --no-progress - name: Copy .env run: cp .env.example .env - name: Generate key run: php artisan key:generate - name: Run tests run: php artisan test - name: Build Docker image run: docker build -t your-registry/laravel-app:${{ github.sha }} -f Dockerfile.backend . - name: Login to Docker Hub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Push Docker image run: docker push your-registry/laravel-app:${{ github.sha }} build-test-frontend: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Set up Node.js uses: actions/setup-node@v2 with: node-version: '16' - name: Install dependencies run: npm install - name: Run tests run: npm run test:unit - name: Build production run: npm run build - name: Build Docker image run: docker build -t your-registry/vue-app:${{ github.sha }} -f Dockerfile.frontend . - name: Login to Docker Hub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Push Docker image run: docker push your-registry/vue-app:${{ github.sha }} deploy: needs: [build-test-backend, build-test-frontend] runs-on: ubuntu-latest steps: - name: Install kubectl uses: azure/setup-kubectl@v1 - name: Configure kubectl run: | mkdir -p ~/.kube echo "${{ secrets.KUBE_CONFIG }}" > ~/.kube/config - name: Deploy to Kubernetes run: | kubectl set image deployment/laravel-backend laravel-app=your-registry/laravel-app:${{ github.sha }} -n laravel-vue-app kubectl set image deployment/vue-frontend vue-app=your-registry/vue-app:${{ github.sha }} -n laravel-vue-app ``` ## Dockerfile 示例 ### Laravel Dockerfile ```dockerfile # Dockerfile.backend FROM php:8.1-fpm # Install dependencies RUN apt-get update && apt-get install -y \ build-essential \ libpng-dev \ libjpeg62-turbo-dev \ libfreetype6-dev \ locales \ zip \ jpegoptim optipng pngquant gifsicle \ vim \ unzip \ git \ curl \ libzip-dev \ libonig-dev \ libpq-dev # Clear cache RUN apt-get clean && rm -rf /var/lib/apt/lists/* # Install extensions RUN docker-php-ext-install pdo_mysql mbstring zip exif pcntl RUN docker-php-ext-configure gd --with-freetype --with-jpeg RUN docker-php-ext-install gd # Install composer RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer # Set working directory WORKDIR /var/www # Copy existing application directory contents COPY . /var/www # Install dependencies RUN composer install # Expose port 9000 and start php-fpm server EXPOSE 9000 CMD ["php-fpm"] ``` ### Vue Dockerfile ```dockerfile # Dockerfile.frontend FROM node:16 as build-stage WORKDIR /app COPY package*.json ./ RUN npm install COPY . . RUN npm run build FROM nginx:stable-alpine as production-stage COPY --from=build-stage /app/dist /usr/share/nginx/html COPY nginx.conf /etc/nginx/conf.d/default.conf EXPOSE 80 CMD ["nginx", "-g", "daemon off;"] ``` ## 部署与应用访问 1. 应用所有 Kubernetes 配置: ```bash kubectl apply -f namespace.yaml kubectl apply -f mysql-pvc.yaml kubectl apply -f mysql-deployment.yaml kubectl apply -f mysql-service.yaml kubectl apply -f redis-deployment.yaml kubectl apply -f redis-service.yaml kubectl apply -f laravel-deployment.yaml kubectl apply -f laravel-service.yaml kubectl apply -f vue-deployment.yaml kubectl apply -f vue-service.yaml kubectl apply -f ingress.yaml ``` 2. 获取 Minikube IP 并配置 hosts: ```bash minikube ip # 将返回的IP添加到你的hosts文件 # 例如: 192.168.49.2 laravel-vue.local ``` 3. 访问应用: - 前端: http://laravel-vue.local - API: http://laravel-vue.local/api ## 扩展建议 1. **Horizontal Pod Autoscaler (HPA)**: 为 Laravel 和 Vue 服务添加自动扩展 2. **监控**: 集成 Prometheus 和 Grafana 3. **日志**: 使用 ELK 或 Loki 进行日志收集 4. **服务网格**: 考虑使用 Istio 或 Linkerd 进行服务网格管理 5. **数据库高可用**: 考虑使用 MySQL 集群或云数据库服务 这个方案提供了一个完整的本地开发环境,可以轻松扩展到生产环境。 # 使用 Minikube 内置 Registry 管理容器镜像 Minikube 提供了内置的 Docker registry 插件,可以方便地在本地 Kubernetes 开发环境中管理容器镜像。以下是完整使用指南: ## 一、启用 Minikube Registry ### 1.1 启动 Registry 插件 ```bash # 启用 registry 插件 minikube addons enable registry # 查看插件状态 minikube addons list | grep registry ``` ### 1.2 验证 Registry 运行 ```bash kubectl get pods -n kube-system -l kubernetes.io/minikube-addons=registry # 预期输出类似: # registry-5b4c6d9d5d-2w8xk 1/1 Running 0 2m ``` ## 二、配置 Docker 客户端 ### 2.1 设置本地 Docker 环境 ```bash # 指向 Minikube 的 Docker 守护进程 eval $(minikube docker-env) # 验证 docker ps ``` ### 2.2 直接访问 Registry Minikube registry 默认暴露在 `localhost:5000` 和集群内 `registry.kube-system.svc.cluster.local:5000` ```bash # 获取 registry 服务详情 kubectl get svc -n kube-system registry # 测试连接 curl http://$(minikube ip):5000/v2/_catalog ``` ## 三、推送和拉取镜像 ### 3.1 构建并标记镜像 ```bash # 构建镜像 (示例使用前面提到的 Vue 应用) docker build -t vue-app -f Dockerfile.frontend . # 标记镜像推送到 registry docker tag vue-app localhost:5000/vue-app:1.0.0 ``` ### 3.2 推送镜像到 registry ```bash docker push localhost:5000/vue-app:1.0.0 # 验证推送 curl http://$(minikube ip):5000/v2/vue-app/tags/list ``` ### 3.3 在 Kubernetes 中使用镜像 ```yaml # deployment.yaml 示例 apiVersion: apps/v1 kind: Deployment metadata: name: vue-frontend spec: containers: - name: vue-app image: localhost:5000/vue-app:1.0.0 imagePullPolicy: Always # 必须设置为 Always 或 IfNotPresent ``` ## 四、高级配置 ### 4.1 持久化存储配置 默认 registry 使用 emptyDir,重启会丢失数据。配置持久化存储: ```bash # 创建 PVC kubectl apply -n kube-system -f - <:5000"] } # 然后重启 Docker 服务 ``` 解决方法 2:使用 HTTP 直接访问 ```bash docker tag vue-app $(minikube ip):5000/vue-app:1.0.0 docker push $(minikube ip):5000/vue-app:1.0.0 ``` ### 5.2 Pod 无法拉取镜像 确保 deployment 中配置了正确的 `imagePullPolicy`: ```yaml imagePullPolicy: IfNotPresent # 对于本地 registry # 或 imagePullPolicy: Always ``` ## 六、清理资源 ```bash # 列出 registry 中的镜像 curl http://$(minikube ip):5000/v2/_catalog # 删除特定镜像 kubectl exec -n kube-system $(kubectl get pods -n kube-system -l kubernetes.io/minikube-addons=registry -o name) \ -- bin/registry garbage-collect /etc/docker/registry/config.yml # 禁用 registry minikube addons disable registry # 完全删除 kubectl delete -n kube-system all -l kubernetes.io/minikube-addons=registry ``` ## 七、实际应用示例 ### 7.1 CI/CD 流水线集成 ```bash # 在 Jenkins 或其他 CI 系统中使用 docker build -t vue-app . docker tag vue-app localhost:5000/vue-app:${BUILD_NUMBER} docker push localhost:5000/vue-app:${BUILD_NUMBER} # 更新 deployment kubectl set image deployment/vue-frontend vue-app=localhost:5000/vue-app:${BUILD_NUMBER} ``` ### 7.2 多项目共享 registry ```bash # 项目A docker tag project-a localhost:5000/team-a/project-a:1.0 # 项目B docker tag project-b localhost:5000/team-b/project-b:2.1 ``` 通过 Minikube registry,您可以轻松管理本地开发环境中的容器镜像,无需依赖外部 registry 服务,特别适合离线开发或快速原型设计场景。 # 使用 Minikube Metrics Server 实现集群监控 ## 一、Metrics Server 概述 Metrics Server 是 Kubernetes 集群的核心组件,用于收集资源指标数据(如 CPU 和内存使用情况),这些数据被用于: - Horizontal Pod Autoscaler (HPA) 自动扩缩容 - kubectl top 命令 - Kubernetes Dashboard 资源展示 ## 二、在 Minikube 中启用 Metrics Server ### 2.1 启用 Metrics Server 插件 ```bash # 启用 metrics-server 插件(Minikube 内置) minikube addons enable metrics-server ``` ### 2.2 验证安装 ```bash # 检查 metrics-server pod 状态 kubectl get pods -n kube-system | grep metrics-server # 预期输出类似: # metrics-server-5f4f6d5b5d-2w8xk 1/1 Running 0 2m ``` ## 三、验证 Metrics Server 功能 ### 3.1 查看节点指标 ```bash kubectl top nodes # 预期输出: # NAME CPU(cores) CPU% MEMORY(bytes) MEMORY% # minikube 150m 7% 1200Mi 31% ``` ### 3.2 查看 Pod 指标 ```bash kubectl top pods -A # 预期输出类似: # NAMESPACE NAME CPU(cores) MEMORY(bytes) # kube-system coredns-6d4b75cb6d-zw7bv 3m 12Mi # kube-system etcd-minikube 25m 42Mi ``` ## 四、常见问题排查 ### 4.1 Metrics Server 未正常运行 ```bash # 查看日志 kubectl logs -n kube-system deployment/metrics-server # 检查 API 可用性 kubectl get --raw "/apis/metrics.k8s.io/v1beta1/nodes" | jq . ``` ### 4.2 证书问题修复 如果出现证书错误,可以修改 Metrics Server 配置: ```bash kubectl edit deployment -n kube-system metrics-server ``` 添加以下参数: ```yaml spec: template: spec: containers: - args: - --kubelet-insecure-tls - --kubelet-preferred-address-types=InternalIP ``` ## 五、结合 HPA 使用 ### 5.1 创建 HPA 示例 ```yaml apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: php-backend-hpa namespace: php-vue-prod spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: php-backend minReplicas: 2 maxReplicas: 10 metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 50 - type: Resource resource: name: memory target: type: Utilization averageUtilization: 70 ``` ### 5.2 查看 HPA 状态 ```bash kubectl get hpa -n php-vue-prod # 预期输出: # NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE # php-backend-hpa Deployment/php-backend 50%/50%, 60%/70% 2 10 3 5m ``` ## 六、高级配置 ### 6.1 自定义 Metrics Server 配置 ```bash # 获取当前配置 kubectl get configmap -n kube-system metrics-server-config -o yaml # 自定义配置示例 apiVersion: v1 kind: ConfigMap metadata: name: metrics-server-config namespace: kube-system data: NODE_RESOLUTION_TIMEOUT: "30s" KUBELET_PREFERRED_ADDRESS_TYPES: "InternalIP,ExternalIP,Hostname" ``` ### 6.2 资源限制设置 ```bash kubectl edit deployment -n kube-system metrics-server ``` 添加资源限制: ```yaml resources: requests: cpu: 100m memory: 200Mi limits: cpu: 200m memory: 400Mi ``` ## 七、与 Kubernetes Dashboard 集成 ### 7.1 启用 Dashboard ```bash minikube addons enable dashboard minikube dashboard ``` ### 7.2 查看资源指标 在 Dashboard 中: 1. 导航到 "集群" → "节点" 2. 可以看到 CPU/内存使用率图表 3. 在 Pod 详情页查看单个 Pod 的资源使用情况 ## 八、性能优化建议 1. **调整指标采集间隔**(默认60秒): ```yaml # 在 metrics-server 部署中添加 - --metric-resolution=30s ``` 2. **限制采集的指标数量**: ```yaml - --requestheader-allowed-names="aggregator" - --requestheader-extra-headers-prefix="X-Remote-Extra-" ``` 3. **使用节点选择器**(在大集群中): ```yaml nodeSelector: kubernetes.io/os: linux ``` ## 九、清理资源 ```bash # 禁用 metrics-server minikube addons disable metrics-server # 完全删除 kubectl delete -n kube-system deployment metrics-server ``` 通过以上配置,您可以在 Minikube 中充分利用 Metrics Server 监控集群资源使用情况,为自动扩缩容和性能优化提供数据支持。 # 使用 Minikube 实现 PHP+Vue 项目持续化发布方案 ## 一、整体架构设计 ### 1.1 技术栈组成 - **前端**:Vue.js 应用 - **后端**:PHP 服务(如 Laravel/Symfony) - **数据库**:MySQL/PostgreSQL - **缓存**:Redis - **CI/CD**:Jenkins/GitLab CI - **容器编排**:Minikube (Kubernetes) - **监控**:Prometheus + Grafana ### 1.2 部署流程 ``` 代码提交 → CI构建 → 容器镜像打包 → 推送镜像仓库 → CD部署 → K8S滚动更新 → 健康检查 → 监控反馈 ``` ## 二、环境准备 ### 2.1 启动 Minikube 集群 ```bash # 启动带Ingress的Minikube集群 minikube start --driver=docker --cpus=4 --memory=8g --disk-size=50g \ --addons=ingress,metrics-server # 启用必要插件 minikube addons enable dashboard minikube addons enable registry ``` ### 2.2 准备命名空间 ```bash kubectl create namespace php-vue-prod kubectl create namespace monitoring ``` ## 三、项目容器化 ### 3.1 Vue 前端 Dockerfile ```dockerfile # 构建阶段 FROM node:16 as builder WORKDIR /app COPY package*.json ./ RUN npm install COPY . . RUN npm run build # 生产阶段 FROM nginx:alpine COPY --from=builder /app/dist /usr/share/nginx/html COPY nginx.conf /etc/nginx/conf.d/default.conf EXPOSE 80 ``` ### 3.2 PHP 后端 Dockerfile (Laravel示例) ```dockerfile FROM php:8.1-fpm # 安装依赖 RUN apt-get update && apt-get install -y \ libzip-dev \ unzip \ && docker-php-ext-install zip pdo_mysql # 安装Composer COPY --from=composer:latest /usr/bin/composer /usr/bin/composer WORKDIR /var/www COPY . . # 安装PHP依赖 RUN composer install --no-dev --optimize-autoloader # 设置权限 RUN chown -R www-data:www-data /var/www/storage EXPOSE 9000 CMD ["php-fpm"] ``` ### 3.3 Nginx 配置 (前端+PHP后端) ```nginx server { listen 80; server_name localhost; root /usr/share/nginx/html; index index.html; location / { try_files $uri $uri/ /index.html; } location /api { try_files $uri $uri/ /index.php?$query_string; } location ~ \.php$ { fastcgi_pass php-backend:9000; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/public$fastcgi_script_name; } } ``` ## 四、Kubernetes 部署文件 ### 4.1 前端部署 (frontend-deployment.yaml) ```yaml apiVersion: apps/v1 kind: Deployment metadata: name: vue-frontend namespace: php-vue-prod spec: replicas: 2 selector: matchLabels: app: vue-frontend template: metadata: labels: app: vue-frontend spec: containers: - name: vue-app image: your-registry/vue-app:${IMAGE_TAG} imagePullPolicy: IfNotPresent ports: - containerPort: 80 resources: requests: cpu: "100m" memory: "128Mi" limits: cpu: "500m" memory: "512Mi" livenessProbe: httpGet: path: / port: 80 initialDelaySeconds: 30 periodSeconds: 10 --- apiVersion: v1 kind: Service metadata: name: vue-frontend namespace: php-vue-prod spec: selector: app: vue-frontend ports: - protocol: TCP port: 80 targetPort: 80 ``` ### 4.2 PHP后端部署 (backend-deployment.yaml) ```yaml apiVersion: apps/v1 kind: Deployment metadata: name: php-backend namespace: php-vue-prod spec: replicas: 3 selector: matchLabels: app: php-backend strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 template: metadata: labels: app: php-backend spec: containers: - name: php-app image: your-registry/php-app:${IMAGE_TAG} imagePullPolicy: IfNotPresent ports: - containerPort: 9000 envFrom: - configMapRef: name: php-config - secretRef: name: php-secrets volumeMounts: - name: storage mountPath: /var/www/storage resources: requests: cpu: "200m" memory: "256Mi" limits: cpu: "1000m" memory: "1Gi" livenessProbe: exec: command: - sh - -c - "php /var/www/artisan health:check" initialDelaySeconds: 60 periodSeconds: 30 volumes: - name: storage emptyDir: {} --- apiVersion: v1 kind: Service metadata: name: php-backend namespace: php-vue-prod spec: selector: app: php-backend ports: - protocol: TCP port: 9000 targetPort: 9000 ``` ### 4.3 MySQL数据库部署 (mysql-statefulset.yaml) ```yaml apiVersion: apps/v1 kind: StatefulSet metadata: name: mysql namespace: php-vue-prod spec: serviceName: mysql replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql image: mysql:8.0 envFrom: - secretRef: name: mysql-secrets ports: - containerPort: 3306 volumeMounts: - name: mysql-data mountPath: /var/lib/mysql resources: requests: cpu: "500m" memory: "1Gi" limits: cpu: "2000m" memory: "2Gi" volumeClaimTemplates: - metadata: name: mysql-data spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 10Gi ``` ### 4.4 Ingress路由配置 (ingress.yaml) ```yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: php-vue-ingress namespace: php-vue-prod annotations: nginx.ingress.kubernetes.io/rewrite-target: /$1 spec: rules: - host: php-vue.local http: paths: - path: /(.*) pathType: Prefix backend: service: name: vue-frontend port: number: 80 - path: /api/(.*) pathType: Prefix backend: service: name: php-backend port: number: 9000 ``` ## 五、CI/CD 流水线实现 ### 5.1 Jenkinsfile 示例 ```groovy pipeline { agent { kubernetes { yaml """ apiVersion: v1 kind: Pod spec: containers: - name: node image: node:16 command: ["cat"] tty: true - name: php image: composer:2 command: ["cat"] tty: true - name: docker image: docker:20.10 command: ["cat"] tty: true volumeMounts: - name: docker-sock mountPath: /var/run/docker.sock - name: kubectl image: bitnami/kubectl:latest command: ["cat"] tty: true volumes: - name: docker-sock hostPath: path: /var/run/docker.sock """ } } environment { DOCKER_REGISTRY = "your-registry" FRONTEND_IMAGE = "${DOCKER_REGISTRY}/vue-app" BACKEND_IMAGE = "${DOCKER_REGISTRY}/php-app" K8S_NAMESPACE = "php-vue-prod" // 从Jenkins凭据获取 DOCKER_CREDS = credentials('docker-hub-creds') KUBE_CONFIG = credentials('kube-config') } stages { stage('Checkout') { steps { git branch: 'main', url: 'https://your-repo.git' } } stage('Build Frontend') { steps { container('node') { sh 'npm install' sh 'npm run build' } } } stage('Build Backend') { steps { container('php') { sh 'composer install --no-dev --optimize-autoloader' } } } stage('Build Docker Images') { steps { container('docker') { script { // 构建前端镜像 sh "docker build -t ${FRONTEND_IMAGE}:${GIT_COMMIT} -f Dockerfile.frontend ." // 构建后端镜像 sh "docker build -t ${BACKEND_IMAGE}:${GIT_COMMIT} -f Dockerfile.backend ." // 登录镜像仓库 sh "echo ${DOCKER_CREDS_PSW} | docker login -u ${DOCKER_CREDS_USR} --password-stdin ${DOCKER_REGISTRY}" // 推送镜像 sh "docker push ${FRONTEND_IMAGE}:${GIT_COMMIT}" sh "docker push ${BACKEND_IMAGE}:${GIT_COMMIT}" } } } } stage('Deploy to Minikube') { steps { container('kubectl') { script { // 配置kubectl sh "mkdir -p ~/.kube" writeFile file: '~/.kube/config', text: "${KUBE_CONFIG}" // 更新部署文件中的镜像标签 sh "sed -i 's|\\${IMAGE_TAG}|${GIT_COMMIT}|g' k8s/frontend-deployment.yaml" sh "sed -i 's|\\${IMAGE_TAG}|${GIT_COMMIT}|g' k8s/backend-deployment.yaml" // 应用K8S配置 sh "kubectl apply -f k8s/ -n ${K8S_NAMESPACE}" // 等待部署完成 sh "kubectl rollout status deployment/vue-frontend -n ${K8S_NAMESPACE}" sh "kubectl rollout status deployment/php-backend -n ${K8S_NAMESPACE}" } } } } } post { always { cleanWs() } failure { slackSend channel: '#ci-alerts', message: "Build Failed: ${env.JOB_NAME} ${env.BUILD_NUMBER}" } success { slackSend channel: '#ci-alerts', message: "Build Succeeded: ${env.JOB_NAME} ${env.BUILD_NUMBER}" } } } ``` ## 六、高级配置 ### 6.1 数据库迁移处理 ```yaml # 在backend-deployment.yaml中添加initContainer initContainers: - name: migrate image: your-registry/php-app:${IMAGE_TAG} command: ["sh", "-c", "php artisan migrate --force"] envFrom: - configMapRef: name: php-config - secretRef: name: php-secrets ``` ### 6.2 配置热更新 ```bash # 使用ConfigMap存储配置 kubectl create configmap php-config --from-env-file=.env -n php-vue-prod # 添加ConfigMap自动更新注解 annotations: configmap.reloader.stakater.com/reload: "php-config" ``` ### 6.3 监控配置 ```yaml # 添加Prometheus监控注解 metadata: annotations: prometheus.io/scrape: "true" prometheus.io/port: "80" ``` ## 七、本地开发与调试 ### 7.1 使用 Skaffold 实现本地开发循环 ```yaml # skaffold.yaml apiVersion: skaffold/v2beta16 kind: Config profiles: - name: dev activation: - kubeContext: minikube deploy: kubectl: manifests: enabled: false portForward: - resourceType: service resourceName: vue-frontend port: 80 localPort: 8080 - resourceType: service resourceName: php-backend port: 9000 localPort: 9000 ``` ### 7.2 访问应用 ```bash # 获取Ingress地址 minikube tunnel # 添加hosts记录 echo "$(minikube ip) php-vue.local" | sudo tee -a /etc/hosts # 访问应用 open http://php-vue.local ``` ## 八、维护与优化 ### 8.1 常用维护命令 ```bash # 查看Pod状态 kubectl get pods -n php-vue-prod -w # 查看日志 kubectl logs -f deployment/php-backend -n php-vue-prod # 进入容器 kubectl exec -it php-backend-xxxxx -n php-vue-prod -- bash # 删除命名空间 kubectl delete namespace php-vue-prod ``` ### 8.2 性能优化建议 1. 为PHP-FPM配置OPcache 2. 使用Redis缓存 3. 前端启用HTTP/2和Gzip压缩 4. 配置PHP和Nginx的合理资源限制 通过以上方案,您可以在Minikube上实现PHP+Vue项目的完整持续化部署流程,从代码提交到生产部署全自动化,同时保证开发、测试和生产环境的一致性。 # 在 Minikube 中部署 Ingress 在 Minikube 中部署 Ingress 控制器需要以下步骤,我将为您提供完整指南: ### 1. 启动 Minikube 并启用 Ingress 插件 ```bash minikube start --driver=docker --cpus=2 --memory=4g # 推荐至少2核4G内存 minikube addons enable ingress ``` ### 2. 验证 Ingress 控制器是否运行 ```bash kubectl get pods -n ingress-nginx ``` 正常应该看到3个Pod,类似: ``` NAME READY STATUS RESTARTS AGE ingress-nginx-admission-create--1-x2n5g 0/1 Completed 0 1m ingress-nginx-admission-patch--1-x8p7k 0/1 Completed 0 1m ingress-nginx-controller-5d88495688-d7v6r 1/1 Running 0 1m ``` ### 3. 部署测试应用 ```bash # 创建部署 kubectl create deployment web --image=nginx # 暴露服务 kubectl expose deployment web --port=80 ``` ### 4. 创建 Ingress 资源 创建 `ingress.yaml` 文件: ```yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: example-ingress spec: rules: - host: web.minikube.test http: paths: - path: / pathType: Prefix backend: service: name: web port: number: 80 ``` 应用配置: ```bash kubectl apply -f ingress.yaml ``` ### 5. 访问应用 #### 方法1:修改本地hosts文件 ```bash echo "$(minikube ip) web.minikube.test" | sudo tee -a /etc/hosts ``` 然后在浏览器访问:http://web.minikube.test #### 方法2:使用curl测试 ```bash curl -H "Host: web.minikube.test" $(minikube ip) ``` ### 常见问题解决 1. **Ingress 插件无法启用** ```bash minikube delete minikube start --driver=docker --cpus=2 --memory=4g minikube addons enable ingress ``` 2. **Pod 卡在 ContainerCreating** ```bash minikube ssh -- docker pull registry.k8s.io/ingress-nginx/controller:v1.8.1 minikube ssh -- docker pull registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20230407 ``` 3. **查看详细日志** ```bash kubectl describe ingress example-ingress kubectl logs -n ingress-nginx ingress-nginx-controller-xxxx ``` 4. **其他部署失败** ```bash # 下载安装yaml文件到服务器 wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.11.2/deploy/static/provider/cloud/deploy.yaml # 调整"deploy.yaml"源文件 sed -i 's#registry.k8s.io/ingress-nginx/controller:v1.11.2@sha256:d5f8217feeac4887cb1ed21f27c2674e58be06bd8f5184cacea2a69abaf78dce#registry.aliyuncs.com/google_containers/nginx-ingress-controller:v1.11.2#g' deploy.yaml sed -i 's#registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.3@sha256:a320a50cc91bd15fd2d6fa6de58bd98c1bd64b9a6f926ce23a600d87043455a3#registry.aliyuncs.com/google_containers/kube-webhook-certgen:v1.4.3#g' deploy.yaml # 执行安装命令 kubectl apply -f deploy.yaml # 删除安装 kubectl delete -f deploy.yaml [参考文档](https://blog.csdn.net/z1299236067/article/details/142502502) ``` ### 高级配置 1. **启用HTTPS** ```bash # 生成自签名证书 openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ -keyout tls.key -out tls.crt -subj "/CN=web.minikube.test" # 创建TLS secret kubectl create secret tls web-tls --cert=tls.crt --key=tls.key # 更新ingress.yaml添加tls配置 spec: tls: - hosts: - web.minikube.test secretName: web-tls ``` 2. **查看Ingress控制器日志** ```bash kubectl logs -n ingress-nginx deployment/ingress-nginx-controller -f ``` ### 清理资源 ```bash kubectl delete ingress example-ingress kubectl delete service web kubectl delete deployment web minikube addons disable ingress ``` 通过以上步骤,您可以在Minikube中完整部署和使用Ingress功能。如果遇到问题,建议检查Pod日志和Ingress控制器的状态。 # 使用 Minikube 部署网站集群的完整指南 Minikube 是一个本地 Kubernetes 开发环境,非常适合在本地开发和测试网站集群。下面我将详细介绍如何使用 Minikube 部署一个完整的网站集群。 ## 1. 准备工作 ### 安装 Minikube 和 kubectl ```bash # 安装 kubectl curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl # 安装 Minikube curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 sudo install minikube-linux-amd64 /usr/local/bin/minikube ``` ### 启动 Minikube ```bash minikube start --driver=docker --cpus=4 --memory=8g --disk-size=20g ``` ## 2. 部署网站集群架构 一个典型的网站集群包含以下组件: - 前端 Web 服务 - 后端 API 服务 - 数据库服务 - 缓存服务 - 入口控制器 ## 3. 部署示例网站集群 ### 3.1 创建命名空间 ```bash kubectl create namespace website-cluster ``` ### 3.2 部署数据库 (MySQL) ```yaml # mysql-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: mysql namespace: website-cluster spec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql image: mysql:5.7 env: - name: MYSQL_ROOT_PASSWORD value: "password" ports: - containerPort: 3306 volumeMounts: - name: mysql-persistent-storage mountPath: /var/lib/mysql volumes: - name: mysql-persistent-storage persistentVolumeClaim: claimName: mysql-pv-claim --- # mysql-service.yaml apiVersion: v1 kind: Service metadata: name: mysql namespace: website-cluster spec: ports: - port: 3306 selector: app: mysql --- # mysql-pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql-pv-claim namespace: website-cluster spec: accessModes: - ReadWriteOnce resources: requests: storage: 5Gi ``` 应用配置: ```bash kubectl apply -f mysql-deployment.yaml -f mysql-service.yaml -f mysql-pvc.yaml ``` ### 3.3 部署缓存 (Redis) ```yaml # redis-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: redis namespace: website-cluster spec: replicas: 1 selector: matchLabels: app: redis template: metadata: labels: app: redis spec: containers: - name: redis image: redis:alpine ports: - containerPort: 6379 resources: requests: memory: "100Mi" cpu: "100m" limits: memory: "200Mi" cpu: "200m" --- # redis-service.yaml apiVersion: v1 kind: Service metadata: name: redis namespace: website-cluster spec: ports: - port: 6379 selector: app: redis ``` 应用配置: ```bash kubectl apply -f redis-deployment.yaml -f redis-service.yaml ``` ### 3.4 部署后端 API 服务 ```yaml # backend-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: backend namespace: website-cluster spec: replicas: 3 selector: matchLabels: app: backend strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate template: metadata: labels: app: backend spec: containers: - name: backend image: your-backend-image:latest ports: - containerPort: 8080 env: - name: DB_HOST value: "mysql" - name: DB_PASSWORD valueFrom: secretKeyRef: name: db-secret key: password - name: REDIS_HOST value: "redis" resources: requests: memory: "256Mi" cpu: "250m" limits: memory: "512Mi" cpu: "500m" livenessProbe: httpGet: path: /health port: 8080 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: /ready port: 8080 initialDelaySeconds: 5 periodSeconds: 5 --- # backend-service.yaml apiVersion: v1 kind: Service metadata: name: backend namespace: website-cluster spec: ports: - port: 80 targetPort: 8080 selector: app: backend ``` 应用配置: ```bash kubectl apply -f backend-deployment.yaml -f backend-service.yaml ``` ### 3.5 部署前端 Web 服务 ```yaml # frontend-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: frontend namespace: website-cluster spec: replicas: 3 selector: matchLabels: app: frontend strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate template: metadata: labels: app: frontend spec: containers: - name: frontend image: your-frontend-image:latest ports: - containerPort: 80 env: - name: API_URL value: "http://backend" resources: requests: memory: "128Mi" cpu: "100m" limits: memory: "256Mi" cpu: "200m" livenessProbe: httpGet: path: / port: 80 initialDelaySeconds: 30 periodSeconds: 10 --- # frontend-service.yaml apiVersion: v1 kind: Service metadata: name: frontend namespace: website-cluster spec: type: NodePort ports: - port: 80 targetPort: 80 nodePort: 30080 selector: app: frontend ``` 应用配置: ```bash kubectl apply -f frontend-deployment.yaml -f frontend-service.yaml ``` ### 3.6 部署 Ingress 控制器 ```bash # 启用 ingress 插件 minikube addons enable ingress # 创建 ingress 资源 # frontend-ingress.yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: frontend-ingress namespace: website-cluster annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - host: yourwebsite.local http: paths: - path: / pathType: Prefix backend: service: name: frontend port: number: 80 ``` 应用配置: ```bash kubectl apply -f frontend-ingress.yaml ``` ## 4. 访问网站集群 ### 修改本地 hosts 文件 ```bash echo "$(minikube ip) yourwebsite.local" | sudo tee -a /etc/hosts ``` ### 访问网站 打开浏览器访问: http://yourwebsite.local ## 5. 集群监控和管理 ### 启用 Dashboard ```bash minikube dashboard ``` ### 监控集群状态 ```bash # 查看所有资源状态 kubectl get all -n website-cluster # 查看 Pod 详情 kubectl describe pods -n website-cluster # 查看日志 kubectl logs -f -n website-cluster ``` ## 6. 扩展集群 ### 水平扩展后端服务 ```bash kubectl scale deployment backend --replicas=5 -n website-cluster ``` ### 自动扩缩容 (HPA) ```bash # 安装 metrics-server minikube addons enable metrics-server # 创建 HPA kubectl autoscale deployment backend -n website-cluster --cpu-percent=50 --min=2 --max=10 ``` ## 7. CI/CD 集成 (可选) 可以使用 Tekton 或 ArgoCD 在 Minikube 中设置 CI/CD 流水线: ```bash # 安装 Tekton kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml # 安装 ArgoCD kubectl create namespace argocd kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml ``` ## 总结 通过以上步骤,你已经在 Minikube 中成功部署了一个完整的网站集群,包括: - 前端 Web 服务 - 后端 API 服务 - MySQL 数据库 - Redis 缓存 - Ingress 控制器 - 监控和扩展能力 这个集群架构可以满足大多数中小型网站的需求,并且可以在本地进行开发和测试。当需要迁移到生产环境时,可以轻松地将相同的配置应用到云 Kubernetes 服务上。 # 安装部署 Kubernetes Dashboard 以下是安装部署 Kubernetes Dashboard 的详细步骤: --- ### **1. 部署 Kubernetes Dashboard** ```bash # 部署最新版 Dashboard (兼容 Kubernetes v1.22+) kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml ``` --- ### **2. 创建管理员服务账户** 创建文件 `dashboard-adminuser.yaml`: ```yaml apiVersion: v1 kind: ServiceAccount metadata: name: admin-user namespace: kubernetes-dashboard --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: admin-user namespace: kubernetes-dashboard ``` 应用配置: ```bash kubectl apply -f dashboard-adminuser.yaml ``` 手动创建管理员账号 ```bash # 创建管理员账号 cat <:` #### **方式三:获取访问 URL** ```bash minikube service kubernetes-dashboard -n kubernetes-dashboard --url ``` --- ### **5. 登录 Dashboard** 1. 选择 **Token** 登录方式 2. 粘贴步骤3获取的令牌 3. 点击登录 --- ### **6. 安全建议(生产环境必做)** #### **启用 HTTPS Ingress** 示例 Ingress 配置: ```yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: dashboard-ingress namespace: kubernetes-dashboard annotations: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" nginx.ingress.kubernetes.io/ssl-passthrough: "true" spec: ingressClassName: nginx tls: - hosts: - dashboard.example.com secretName: dashboard-tls rules: - host: dashboard.example.com http: paths: - path: / pathType: Prefix backend: service: name: kubernetes-dashboard port: number: 443 ``` #### **限制访问IP** ```bash kubectl -n kubernetes-dashboard edit svc kubernetes-dashboard ``` 添加 `spec.loadBalancerSourceRanges` 字段指定允许的IP。 --- ### **7. 卸载 Dashboard** ```bash kubectl delete -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml kubectl delete sa admin-user -n kubernetes-dashboard kubectl delete clusterrolebinding admin-user kubectl delete -f dashboard-adminuser.yaml ``` 其他方式 1:使用 Minikube 插件卸载\*\* ```bash minikube addons disable dashboard ``` 这会删除 Dashboard 相关资源。 --- ### **常见问题解决** #### **问题1:Token 无效** 检查令牌是否过期(默认有效期2小时),重新生成: ```bash kubectl -n kubernetes-dashboard create token admin-user --duration=24h # 延长有效期 ``` 确保 ServiceAccount 和 ClusterRoleBinding 已正确创建: ```bash kubectl get sa -n kubernetes-dashboard kubectl get clusterrolebinding admin-user ``` #### **问题2:无法访问** 检查防火墙规则: ```bash sudo ufw allow 6443/tcp # 如果使用NodePort,替换为实际端口 ``` 确保 `kubectl proxy` 正在运行(如果手动部署)。 检查 Minikube 是否正常运行: ```bash minikube status ``` #### **问题3:证书错误** 浏览器添加例外,或使用自签名证书: ```bash openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ -keyout dashboard.key -out dashboard.crt -subj "/CN=dashboard.example.com" kubectl -n kubernetes-dashboard create secret tls dashboard-tls --key=dashboard.key --cert=dashboard.crt ``` #### **问题3:其他问题** 尝试重启 Minikube: ```bash minikube stop minikube start ``` #### **Dashboard 拉取镜像失败** ```bash # 检查服务状态 kubectl describe pod dashboard-metrics-scraper -n kubernetes-dashboard # 手动下载镜像 minikube ssh docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-scraper:v1.0.8 docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard:v2.7.0 # 由于是从阿里云下载的镜像,所以需要给镜像打标签 -> docker.io/ docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-scraper:v1.0.8 docker.io/kubernetesui/metrics-scraper:v1.0.8 docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard:v2.7.0 kubernetesui/dashboard:v2.7.0 # 进一步排查问题 镜像名称中的 @sha256 摘要替换为纯标签格式 # 删掉@sha字符 kubectl edit deployment kubernetes-dashboard -n kubernetes-dashboard kubectl edit deployment dashboard-metrics-scraper -n kubernetes-dashboard ``` #### **Dashboard 无法访问** ```bash # 检查服务状态 kubectl -n kubernetes-dashboard get pods # 重新生成令牌 kubectl -n kubernetes-dashboard create token admin-user ``` #### **HTTP协议** 编辑 Dashboard 部署: ```bash kubectl -n kubernetes-dashboard edit deployment kubernetes-dashboard ``` 在 `args` 部分添加 `--enable-insecure-login` 参数: ```yaml args: - --auto-generate-certificates - --enable-insecure-login # 添加这一行 ``` 修改 Service 为 HTTP: ```bash kubectl -n kubernetes-dashboard edit service kubernetes-dashboard ``` 将 `targetPort: 8443` 改为 `targetPort: 9090` --- # minikube内置docker配置信息设置 根据你提供的 Docker 配置和报错情况,以下是详细分析和解决方案: ### 错误分析(配置问题) ```json { "exec-opts": ["native.cgroupdriver=systemd"], "log-driver": "json-file", "log-opts": {"max-size": "100m"}, "storage-driver": "overlay2", "registry-mirrors": ["https://swr.cn-east-3.myhuaweicloud.com"] } ``` 常见报错原因: 1. **cgroupdriver 冲突**(与 Kubernetes 不兼容) 2. **华为云镜像证书问题** 3. **storage-driver 不兼容** 4. **JSON 格式错误** --- ### 解决方案 #### 1. 修复 cgroupdriver 冲突(关键步骤) ```bash minikube ssh sudo tee /etc/docker/daemon.json <功能命令暂停集群`minikube pause`恢复集群`minikube unpause`停止集群`minikube stop`删除集群`minikube delete`查看插件`minikube addons list`启用 Ingress`minikube addons enable ingress` ### 10. 常见问题解决 #### **Nginx 服务不可用** ```bash # 检查 Pod 日志 kubectl logs -l app=nginx # 重新部署 kubectl rollout restart deployment nginx ``` #### **Minikube 启动失败** ```bash # 查看详细日志 minikube logs # 重置集群 minikube delete minikube start --driver=docker ``` ### 总结 通过以上步骤,您已经完成了: 1. Minikube 单节点 Kubernetes 集群部署 2. Kubernetes Dashboard 可视化控制台安装 3. Nginx 示例应用部署 整个部署过程约需 5-10 分钟(取决于网络速度)。如需进一步扩展,可以考虑: - 使用 `minikube addons enable metrics-server` 启用资源监控 - 通过 Helm 部署更复杂的应用 - 配置持久化存储卷(PV/PVC) # Kubernetes 图形管理工具推荐 以下是几种流行的 Kubernetes 图形化管理工具,适合不同使用场景和用户群体: ## 1. 官方工具 ### Kubernetes Dashboard (官方) - **类型**:Web UI - **特点**: - 官方提供的管理界面 - 基本的集群管理功能 - 支持多集群(通过不同配置切换) - **安装**: ```bash kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml ``` - **访问**:需要创建ServiceAccount和绑定权限 ## 2. 开源管理平台 ### Rancher - **类型**:企业级管理平台 - **特点**: - 多集群管理 - 应用商店 - 用户权限管理 - 监控和告警 - **安装**: ```bash docker run -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/rancher ``` ### Lens - **类型**:桌面客户端 - **特点**: - 漂亮的用户界面 - 内置终端 - 实时监控 - 支持多集群 - **下载**:[https://k8slens.dev/](https://k8slens.dev/) ### Octant - **类型**:本地Web UI - **特点**: - 由VMware开发 - 插件系统 - 资源可视化 - **安装**: ```bash # Linux wget https://github.com/vmware-tanzu/octant/releases/download/v0.25.1/octant_0.25.1_Linux-64bit.deb sudo dpkg -i octant_0.25.1_Linux-64bit.deb ``` ## 3. 商业解决方案 ### Red Hat OpenShift Console - **类型**:企业级Web UI - **特点**: - 开发者友好 - 内置CI/CD - 应用商店 - 监控和日志 ### VMware Tanzu Mission Control - **类型**:云管理平台 - **特点**: - 多云管理 - 策略管理 - 安全合规 ## 4. 轻量级工具 ### K9s - **类型**:终端UI - **特点**: - 键盘驱动 - 快速导航 - 实时监控 - **安装**: ```bash brew install k9s # macOS snap install k9s # Linux ``` ### Kuboard - **类型**:Web UI - **特点**: - 中文友好 - 多集群管理 - 权限控制 - **安装**: ```bash kubectl apply -f https://addons.kuboard.cn/kuboard/kuboard-v3.yaml ``` ## 5. 云服务商提供的工具 ### AWS EKS Console - **特点**:与AWS服务深度集成 ### Google Cloud Console (GKE) - **特点**:内置Google Cloud服务集成 ### Azure Kubernetes Service (AKS) Portal - **特点**:Azure服务集成 ## 选择建议 1. **初学者**:Kubernetes Dashboard 或 Lens 2. **终端用户**:K9s 3. **多集群管理**:Rancher 或 Kuboard 4. **企业用户**:OpenShift 或 Tanzu Mission Control 5. **中文用户**:Kuboard 大多数工具都需要配置正确的RBAC权限才能完全发挥作用,使用前请确保已配置适当的访问权限。 # 使用 Docker 和 Kubernetes 部署 Nginx 集群 下面我将介绍如何使用 Docker 和 Kubernetes (k8s) 部署高可用的 Nginx 集群。 ## 1. 准备工作 ### 1.1 环境要求 - 已安装 Docker - 已安装 Kubernetes 集群 (Minikube 或生产环境 k8s) - kubectl 命令行工具 ## 2. 创建 Nginx Docker 镜像 ### 2.1 自定义 Nginx Dockerfile ```dockerfile # Dockerfile FROM nginx:latest # 复制自定义配置 COPY nginx.conf /etc/nginx/nginx.conf COPY conf.d/ /etc/nginx/conf.d/ # 暴露端口 EXPOSE 80 443 # 启动命令 CMD ["nginx", "-g", "daemon off;"] ``` 构建镜像: ```bash docker build -t my-nginx:1.0 . ``` ## 3. Kubernetes 部署 Nginx 集群 ### 3.1 创建 Deployment ```yaml # nginx-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: my-nginx:1.0 ports: - containerPort: 80 resources: requests: cpu: "100m" memory: "128Mi" limits: cpu: "500m" memory: "512Mi" livenessProbe: httpGet: path: / port: 80 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: / port: 80 initialDelaySeconds: 5 periodSeconds: 5 ``` 应用部署: ```bash kubectl apply -f nginx-deployment.yaml ``` ### 3.2 创建 Service ```yaml # nginx-service.yaml apiVersion: v1 kind: Service metadata: name: nginx-service spec: selector: app: nginx ports: - protocol: TCP port: 80 targetPort: 80 type: LoadBalancer ``` 应用 Service: ```bash kubectl apply -f nginx-service.yaml ``` ## 4. 高级配置 ### 4.1 水平自动扩展 (HPA) ```bash # 创建 HPA kubectl autoscale deployment nginx-deployment --cpu-percent=50 --min=2 --max=10 ``` ### 4.2 配置 ConfigMap ```yaml # nginx-configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: nginx-config data: nginx.conf: | user nginx; worker_processes auto; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; server { listen 80; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.htm; } } } ``` 更新 Deployment 使用 ConfigMap: ```yaml # 在 deployment 的 containers 部分添加 volumeMounts: - name: nginx-config mountPath: /etc/nginx/nginx.conf subPath: nginx.conf volumes: - name: nginx-config configMap: name: nginx-config ``` ### 4.3 使用 Ingress 控制器 ```yaml # nginx-ingress.yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: nginx-ingress annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - host: example.com http: paths: - path: / pathType: Prefix backend: service: name: nginx-service port: number: 80 ``` ## 5. 监控和维护 ### 5.1 查看 Pod 状态 ```bash kubectl get pods -l app=nginx ``` ### 5.2 查看日志 ```bash kubectl logs -f ``` ### 5.3 监控资源使用 ```bash kubectl top pods -l app=nginx ``` ## 6. 生产环境建议 1. **使用私有镜像仓库**:避免从 Docker Hub 拉取镜像的限制 2. **配置资源限制**:防止单个 Pod 占用过多资源 3. **启用滚动更新策略**: ```yaml strategy: type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 0 ``` 4. **使用持久化存储**:对于需要持久化的日志或数据 5. **配置网络策略**:限制 Pod 间的网络通信 6. **启用 TLS**:为 Ingress 配置 HTTPS ## 7. 清理资源 ```bash kubectl delete deployment nginx-deployment kubectl delete service nginx-service kubectl delete ingress nginx-ingress kubectl delete configmap nginx-config ``` 通过以上步骤,您可以在 Kubernetes 集群上部署一个高可用的 Nginx 服务,并根据需要进行扩展和配置。 # Rocky Linux 彻底删除 Kubernetes 和 Containerd 的完整指南 ## 1. 删除 Kubernetes 集群 ### 1.1 首先重置 kubeadm ```bash sudo kubeadm reset -f ``` ### 1.2 删除所有 Kubernetes 相关文件和目录 ```bash sudo rm -rf /etc/kubernetes/ sudo rm -rf /var/lib/kubelet/ sudo rm -rf /var/lib/etcd/ sudo rm -rf /var/lib/cni/ sudo rm -rf /etc/cni/ sudo rm -rf $HOME/.kube ``` ## 2. 卸载 Kubernetes 软件包 ### 2.1 卸载 kubeadm、kubelet 和 kubectl ```bash sudo dnf remove -y kubeadm kubelet kubectl ``` ### 2.2 删除残留配置文件 ```bash sudo rm -f /etc/yum.repos.d/kubernetes.repo ``` ## 3. 删除 Containerd 容器运行时 ### 3.1 停止并卸载 Containerd ```bash sudo systemctl stop containerd sudo dnf remove -y containerd.io ``` ### 3.2 清理 Containerd 数据 ```bash sudo rm -rf /var/lib/containerd sudo rm -rf /etc/containerd ``` ## 4. 清理网络配置 ### 4.1 删除 CNI 插件 ```bash sudo rm -rf /opt/cni/bin/ ``` ### 4.2 清理 iptables 规则 ```bash sudo iptables -F sudo iptables -t nat -F sudo iptables -t mangle -F sudo iptables -X ``` ### 4.3 清理 IPVS 规则 ```bash sudo ipvsadm --clear ``` ## 5. 删除 Docker(如果安装) ```bash sudo dnf remove -y docker-ce docker-ce-cli sudo rm -rf /var/lib/docker sudo rm -rf /etc/docker ``` ## 6. 清理系统残留 ### 6.1 删除相关日志 ```bash sudo rm -rf /var/log/containers/ sudo rm -rf /var/log/pods/ ``` ### 6.2 清理临时文件 ```bash sudo rm -rf /var/run/kubernetes sudo rm -rf /var/run/containerd ``` ## 7. 重启系统(可选) ```bash sudo reboot ``` ## 8. 验证卸载是否彻底 ### 8.1 检查进程 ```bash ps aux | grep -E 'kube|containerd|docker' ``` ### 8.2 检查安装的软件包 ```bash dnf list installed | grep -E 'kube|containerd|docker' ``` ### 8.3 检查剩余文件 ```bash sudo find / -name "*kube*" 2>/dev/null sudo find / -name "*containerd*" 2>/dev/null sudo find / -name "*docker*" 2>/dev/null ``` ## 9. 额外清理(如果需要完全干净的系统) ### 9.1 删除所有容器镜像 ```bash sudo crictl rmi --all ``` ### 9.2 清理 dnf 缓存 ```bash sudo dnf clean all ``` ## 注意事项 1. 执行这些命令将永久删除所有 Kubernetes 集群数据和容器 2. 确保已备份重要数据 3. 某些目录可能需要 root 权限才能删除 4. 如果计划重新安装,可以跳过某些清理步骤 完成上述步骤后,您的 Rocky Linux 系统将完全清除 Kubernetes 和 Containerd 的所有组件和配置。 # Kubernetes (k8s) 安装与基本应用指南 - Rocky Linux 本指南将介绍在 Rocky Linux 上安装 Kubernetes 集群并部署基本应用的完整流程。 ## 前提条件 - 至少两台 Rocky Linux 9 服务器(1 个控制平面节点,1 个工作节点) - 每台服务器至少 2GB RAM 和 2 个 CPU 核心 - 所有节点之间的网络连接 - sudo 或 root 权限 ## 第一部分:安装准备 ### 1. 在所有节点上执行以下操作 #### 设置主机名和 hosts 文件 ```bash # 控制平面节点 sudo hostnamectl set-hostname k8s-master # 工作节点 sudo hostnamectl set-hostname k8s-worker1 # 编辑 /etc/hosts 文件(在所有节点上) sudo vi /etc/hosts ``` 添加如下内容(根据实际 IP 修改): ``` 192.168.1.100 k8s-master 192.168.1.101 k8s-worker1 ``` #### 禁用 SELinux 和防火墙 ```bash sudo setenforce 0 sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config sudo systemctl disable --now firewalld ``` #### 禁用交换空间 ```bash sudo swapoff -a sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab ``` #### 加载内核模块 ```bash sudo modprobe overlay sudo modprobe br_netfilter cat < --discovery-token-ca-cert-hash ``` ### 5. 配置 kubectl ```bash mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config ``` ### 6. 安装网络插件(Flannel) ```bash kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml ``` ### 7. 将工作节点加入集群 在工作节点上运行控制平面初始化时提供的 `kubeadm join` 命令。 ## 第四部分:验证集群 ### 8. 检查节点状态 ```bash kubectl get nodes ``` ### 9. 检查所有 pod 状态 ```bash kubectl get pods --all-namespaces ``` ## 第五部分:部署基本应用 ### 10. 部署 Nginx 示例应用 ```bash # 创建 deployment kubectl create deployment nginx --image=nginx # 暴露服务 kubectl expose deployment nginx --port=80 --type=NodePort # 获取服务信息 kubectl get svc nginx ``` ### 11. 访问应用 使用 `kubectl get svc nginx` 输出的 NodePort 端口访问 Nginx 服务。 ## 常见问题解决 1. **节点 NotReady 状态**: - 检查网络插件是否安装正确 - 查看 kubelet 日志:`journalctl -u kubelet -f` 2. **Pod 一直处于 Pending 状态**: - 检查资源是否足够:`kubectl describe pod ` - 检查节点是否有污点:`kubectl describe node | grep Taint` 3. **kubeadm init 失败**: - 重置集群:`sudo kubeadm reset` - 检查容器运行时是否正常运行 ## 后续步骤 1. 安装 Kubernetes 仪表板 2. 配置持久化存储 3. 设置 Ingress 控制器 4. 配置监控和日志系统 通过以上步骤,您已经在 Rocky Linux 上成功部署了一个基本的 Kubernetes 集群并运行了第一个应用。 # kubectl 常用操作指南 `kubectl` 是 Kubernetes 的命令行工具,用于与 Kubernetes 集群交互。以下是一些常用操作,涵盖集群管理、资源操作、调试和日志查看等场景。 --- ## **1. 集群信息查看**
命令说明
`kubectl cluster-info`查看集群信息
`kubectl get nodes`查看所有节点状态
`kubectl describe node `查看节点详细信息
`kubectl version`查看 kubectl 和集群版本
--- ## **2. 命名空间(Namespace)操作**
命令说明
`kubectl get ns`查看所有命名空间
`kubectl create ns `创建命名空间
`kubectl delete ns `删除命名空间
`kubectl config set-context --current --namespace=`切换当前命名空间
--- ## **3. Pod 操作**
命令说明
`kubectl get pods`查看当前命名空间的 Pod
`kubectl get pods -A`查看所有命名空间的 Pod
`kubectl describe pod `查看 Pod 详细信息
`kubectl logs `查看 Pod 日志
`kubectl logs -f `实时查看 Pod 日志(类似 `tail -f`)
`kubectl exec -it -- /bin/sh`进入 Pod 的 Shell
`kubectl delete pod `删除 Pod
`kubectl port-forward :`端口转发(访问 Pod 服务)
--- ## **4. Deployment 操作**
命令说明
`kubectl get deployments`查看所有 Deployments
`kubectl describe deployment `查看 Deployment 详情
`kubectl apply -f deployment.yaml`应用 Deployment YAML 文件
`kubectl delete deployment `删除 Deployment
`kubectl scale deployment --replicas=3`调整 Pod 副本数量
`kubectl rollout status deployment `查看 Deployment 更新状态
`kubectl rollout undo deployment `回滚 Deployment
--- ## **5. Service 操作**
命令说明
`kubectl get svc`查看所有 Service
`kubectl describe svc `查看 Service 详情
`kubectl expose deployment --type=NodePort --port=80`创建 Service 暴露 Deployment
`kubectl delete svc `删除 Service
--- ## **6. ConfigMap & Secret 操作**
命令说明
`kubectl get configmaps`查看 ConfigMap
`kubectl create configmap --from-file=`从文件创建 ConfigMap
`kubectl get secrets`查看 Secrets
`kubectl create secret generic --from-literal=key=value`创建 Secret
--- ## **7. 调试与故障排查**
命令说明
`kubectl top pod`查看 Pod 资源使用情况
`kubectl top node`查看 Node 资源使用情况
`kubectl get events --sort-by=.metadata.creationTimestamp`查看集群事件
`kubectl cp : `从 Pod 复制文件到本地
`kubectl run debug-pod --image=busybox --restart=Never --rm -it -- sh`启动临时调试 Pod
--- ## **8. 其他实用命令**
命令说明
`kubectl api-resources`查看所有 Kubernetes 资源类型
`kubectl explain `查看资源的 YAML 字段说明
`kubectl edit `直接编辑资源(如 `kubectl edit deployment nginx`)
`kubectl apply -f `应用目录下的所有 YAML 文件
`kubectl wait --for=condition=Ready pod/`等待 Pod 就绪
--- # kubectl logs 子命令使用指南 `kubectl logs` 是 Kubernetes 中查看容器日志的主要命令,下面详细介绍其使用方法。 ## 基本用法 ### 1. 查看 Pod 日志 ```bash kubectl logs ``` ### 2. 查看特定容器的日志(Pod 中有多个容器时) ```bash kubectl logs -c ``` ## 常用选项 ### 流式日志(实时跟踪) ```bash kubectl logs -f ``` ### 显示时间戳 ```bash kubectl logs --timestamps ``` ### 查看最近 N 行的日志 ```bash kubectl logs --tail=20 # 查看最后20行 ``` ### 查看某时间段内的日志 ```bash kubectl logs --since=1h # 过去1小时的日志 kubectl logs --since-time="2023-01-02T15:04:05Z" ``` ### 查看之前容器的日志(容器崩溃后) ```bash kubectl logs -p ``` ## 高级用法 ### 1. 查看 Deployment 的 Pod 日志 ```bash kubectl logs deploy/ ``` ### 2. 查看多个 Pod 的日志(使用标签选择器) ```bash kubectl logs -l app=nginx ``` ### 3. 将日志输出到文件 ```bash kubectl logs > pod.log ``` ### 4. 在交互式 Shell 中查看日志 ```bash kubectl exec -it -- cat /var/log/myapp.log ``` ## 实用技巧 1. **日志颜色高亮**: ```bash kubectl logs | highlight ``` 2. **日志过滤**: ```bash kubectl logs | grep "ERROR" ``` 3. **查看多个容器的日志**: ```bash kubectl logs --all-containers=true ``` 4. **JSON 格式日志**: ```bash kubectl logs -f --tail=10 | jq ``` ## 注意事项 1. 默认情况下只能查看运行中 Pod 的日志 2. 已删除 Pod 的日志无法查看(除非使用日志收集系统) 3. 日志大小受 Kubernetes 配置限制 4. 在多节点集群中,日志可能分散在不同节点 ## 故障排查 如果无法查看日志,可以尝试: ```bash # 检查 Pod 状态 kubectl describe pod # 检查容器是否正常运行 kubectl get pod -o jsonpath='{.status.containerStatuses[0].ready}' ``` 通过以上命令组合,您可以高效地查看和分析 Kubernetes 容器日志。 ### **总结** - **`kubectl get`**:查询资源 - **`kubectl describe`**:查看详细信息 - **`kubectl logs`**:查看日志 - **`kubectl exec`**:进入 Pod - **`kubectl apply/delete`**:创建/删除资源 - **`kubectl rollout`**:管理 Deployment 更新 这些命令覆盖了大部分 Kubernetes 日常操作,适合开发、运维和调试使用。