确保在Debian上安装的Kubernetes(K8s)稳定运行,可以遵循以下步骤和建议:
更新系统:
sudo apt-get update && sudo apt-get upgrade -y
安装必要的依赖:
sudo apt-get install -y curl apt-transport-https software-properties-common
添加Kubernetes官方GPG密钥:
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
添加Kubernetes APT仓库:
sudo add-apt-repository "deb https://apt.kubernetes.io/ kubernetes-xenial main"
更新APT包索引并安装Kubernetes组件:
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
初始化Master节点:
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
设置kubectl:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
部署网络插件(例如Flannel):
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
sudo kubeadm join <MASTER_NODE_IP>:<MASTER_PORT> --token <TOKEN> --discovery-token-ca-cert-hash sha256:<HASH>
安装监控工具(如Prometheus和Grafana):
kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/master/bundle.yaml
查看集群状态:
kubectl get nodes
kubectl get pods --all-namespaces
定期更新Kubernetes组件:
sudo apt-get update && sudo apt-get upgrade kubelet kubeadm kubectl -y
检查系统资源:
top
free -h
df -h
备份配置和数据:
kubectl get all -o yaml > all-resources.yaml
启用RBAC:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/cloud/deploy.yaml
配置网络策略:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: default-deny-all
spec:
podSelector: {}
policyTypes:
- Ingress
- Egress
运行示例应用:
kubectl create deployment hello-minikube --image=k8s.gcr.io/echoserver:1.4
kubectl expose deployment hello-minikube --type=NodePort --port=8080
访问应用:
curl http://<NODE_IP>:<NODE_PORT>
通过以上步骤,你可以确保在Debian上安装的Kubernetes集群稳定运行,并且具备良好的监控、日志记录和安全性。定期维护和更新是保持集群稳定的关键。
