Kubernetes: Porovnání verzí
Z Poznámkový blok
(→Helm) |
|||
Řádka 52: | Řádka 52: | ||
== Helm == | == Helm == | ||
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash | curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash | ||
+ | export KUBECONFIG=/etc/rancher/k3s/k3s.yaml | ||
== Kubernetes proxy == | == Kubernetes proxy == |
Verze z 30. 7. 2023, 19:25
Instalace
K3S Server
sudo su - curl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" INSTALL_K3S_EXEC="--tls-san DOMAIN_NAME_SERVERU" sh -
K3S Server token:
cat /var/lib/rancher/k3s/server/node-token
K3S Agent
sudo su - curl -sfL https://get.k3s.io | K3S_URL=https://IP_K3S_SERVERU:6443 K3S_TOKEN=K3S_SERVER_TOKEN sh -
IP_K3S_SERVERU odkazuje na k3s serveru kde se musí taky vzít K3S_SERVER_TOKEN
Chyba s k3s.yaml
Pokud se vyskytne tahle chyba, znamená to že nexistuje potřebný config pro připojení na K3S Server API
E0729 12:28:41.362749 136411 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp [::1]:8080: connect: connection refused E0729 12:28:41.363353 136411 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp [::1]:8080: connect: connection refused E0729 12:28:41.364959 136411 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp [::1]:8080: connect: connection refused E0729 12:28:41.366636 136411 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp [::1]:8080: connect: connection refused E0729 12:28:41.368364 136411 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp [::1]:8080: connect: connection refused The connection to the server localhost:8080 was refused - did you specify the right host or port?
Tento problém se vyřeší zkopírování configu z k3s serveru na daný k3s agenta
sudo cat /etc/rancher/k3s/k3s.yaml
Zde se přepíše jenom řádek se "server: http://localhost:6443" na IP_ADDRESSU/DOMAIN K3S_serveru a poté se to opět uloží na stejný místo
sudo mkdir /etc/rancher/k3s sudo nano /etc/rancher/k3s/k3s.yaml
Takhle vypadá konfig bez údaju k3s.yaml
apiVersion: v1 clusters: - cluster: certificate-authority-data: BASE64_SERVER-CA.CRT server: https://IP_ADDRESSA:6443 name: default contexts: - context: cluster: default user: default name: default current-context: default kind: Config preferences: {} users: - name: default user: client-certificate-data: BASE64_SERVER-CA.CRT client-key-data: BASE64_CLIENT-CA.CRT
Helm
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
Kubernetes proxy
Dobré pro testování, nikoliv pro produkci
kubectl proxy --disable-filter=true --address 0.0.0.0
Dashboards
Kubernetes dashboard
Instalace
sudo k3s kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
Konfigurace service účtu
Dashboard RBAC Configuration
dashboard.admin-user.yml
apiVersion: v1 kind: ServiceAccount metadata: name: admin-user namespace: kubernetes-dashboard
dashboard.admin-user-role.yml
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: admin-user namespace: kubernetes-dashboard
Uplatnění
sudo k3s kubectl create -f dashboard.admin-user.yml -f dashboard.admin-user-role.yml
Získání Beart tokenu
sudo k3s kubectl -n kubernetes-dashboard create token admin-user
Smazání
sudo k3s kubectl delete ns kubernetes-dashboard
Upgrade
sudo k3s kubectl delete ns kubernetes-dashboard sudo k3s kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/VERZE/aio/deploy/recommended.yaml
VERZE viz: https://github.com/kubernetes/dashboard
URL API přes proxy
http://IP_ADDRESS:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/.
Portainer
Instalace
sudo k3s kubectl apply -n portainer -f https://raw.githubusercontent.com/portainer/k8s/master/deploy/manifests/portainer/portainer.yaml
Smazání
sudo k3s kubectl delete ns portainer
Upgrade
sudo k3s kubectl delete ns portainer sudo k3s kubectl apply -n portainer -f https://raw.githubusercontent.com/portainer/k8s/master/deploy/manifests/portainer/portainer.yaml