常见服务安装

发表于 | 分类于

默认用当前 master 分支版本,需要指定版本 请参考官方

promethous

1
2
3
4
5
6
7
8
9
10
11
12
git clone  https://github.com/prometheus-operator/kube-prometheus.git
cd kube-prometheus
git checkout release-0.6  # v1.18 支持版本
kubectl create -f manifests/setup
until kubectl get servicemonitors --all-namespaces ; do date; sleep 1; echo ""; done
kubectl create -f manifests/

## 默认账号密码 admin/admin


# 卸载
kubectl delete --ignore-not-found=true -f manifests/ -f manifests/setup

helm 安装 promethous

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# helm repo add 添加一个 Helm repo
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts

helm repo list
NAME                    URL
prometheus-community    https://prometheus-community.github.io/helm-charts

helm repo update

# 创建一个名为monitor的 namespace
kubectl create ns monitor

helm install prometheus-stack prometheus-community/kube-prometheus-stack -n monitor 

kubectl --namespace monitor get pods -l "release=prometheus-stack"

kubectl get all -n monitor


kubectl port-forward -n monitor prometheus-prometheus-stack-kube-prom-prometheus-0 9090

kubectl port-forward -n monitor prometheus-stack-grafana-5b6dd6b5fb-rtp6z 3000


kubectl get deploy -n monitor prometheus-stack-grafana -o yaml

kubectl get secret prometheus-stack-grafana -n monitor -o jsonpath='{.data}'


$ kubectl get secret prometheus-stack-grafana -n monitor -o jsonpath='{.data.admin-user}' | base64 --decode
admin
$ kubectl get secret prometheus-stack-grafana -n monitor -o jsonpath='{.data.admin-password}' | base64 --decode
prom-operator

kubectl port-forward -n monitor prometheus-stack-kube-state-metrics-c7c69c8c9-bhgjv 8080

dashboard

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
https://github.com/kubernetes/dashboard 

wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml
#wget https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended.yaml

kubectl apply -f recommended.yaml

## 赋予 cluster-admin 权限

kubectl apply -f  - <<EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kubernetes-dashboard-admin
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
EOF

或者

1
2
3
kubectl create sa dashboard-admin -n kube-system

kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin

获取令牌

1
2
3
ADMIN_SECRET=$(kubectl get secrets -n kubernetes-dashboard | grep dashboard-token | awk '{print $1}')
DASHBOARD_LOGIN_TOKEN=$(kubectl describe secret -n kubernetes-dashboard ${ADMIN_SECRET} | grep -E  '^token' | awk '{print $2}')
echo ${DASHBOARD_LOGIN_TOKEN}

EFK

https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/fluentd-elasticsearch

主要是下载这几个文件

1
github : https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/fluentd-elasticsearch

示例

1
2
3
4
5
6
7
8
9
wget https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/addons/fluentd-elasticsearch/create-logging-namespace.yaml
wget https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/addons/fluentd-elasticsearch/es-service.yaml
wget https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/addons/fluentd-elasticsearch/es-statefulset.yaml
wget https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/addons/fluentd-elasticsearch/fluentd-es-configmap.yaml 
wget https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml
wget https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/addons/fluentd-elasticsearch/kibana-deployment.yaml
wget https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/addons/fluentd-elasticsearch/kibana-service.yaml

create-logging-namespace.yaml  es-service.yaml es-statefulset.yaml fluentd-es-configmap.yaml fluentd-es-ds.yaml kibana-deployment.yaml kibana-service.yaml

fluentd-es-ds.yaml 需要给部署的节点打上标签 2021/04/15 默认配置不需要

1
2
kubectl label node k8s01 beta.kubernetes.io/fluentd-ds-ready=true
kubectl label node k8s02 beta.kubernetes.io/fluentd-ds-ready=true

kibana-deployment.yaml

1
2
3
4
5
# 文件下面两行,否则会因为无效的证书颁发机构无法访问 tls: unknown certificate authorit

     #- name: SERVER_BASEPATH

     #  value: /api/v1/namespaces/kube-system/services/kibana-logging/proxy

es-statefulset.yaml

默认使用 emptyDir 可以改为 pv/pvc

1
2
3
4
5
6
7
8
9
10
11
  volumeMounts:
  - name: elasticsearch-logging
    mountPath: /data
  env:
  - name: "NAMESPACE"
    valueFrom:
      fieldRef:
        fieldPath: metadata.namespace
volumes:
- name: elasticsearch-logging
  emptyDir: {}

简单的 mysql 示例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: mysql-config
  namespace: common-infra-prod
data:
  my.cnf: |
    [mysqld]
    wait_timeout = 4294967295
    interactive_timeout = 4294967295
    max_allowed_packet = 128M
    slow_query_log = 1
    slow_query_log_file = /var/log/mysql-slow.log
    long_query_time = 2
---
# mysql-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: mysql-pvc
  namespace: common-infra-prod
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi
  storageClassName: alibabacloud-cnfs-nas
---
# mysql-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mysql
  namespace: common-infra-prod
spec:
  selector:
    matchLabels:
      app: mysql
  replicas: 1
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
        - name: mysql
          image: mysql:8.0
          ports:
            - containerPort: 3306
          env:
            - name: MYSQL_ROOT_PASSWORD
              value: Ns2025Sz  
          volumeMounts:
            - name: mysql-storage
              mountPath: /var/lib/mysql
            - name: mysql-config
              mountPath: /etc/mysql/conf.d
            - name: mysql-log
              mountPath: /var/log
      volumes:
        - name: mysql-storage
          persistentVolumeClaim:
            claimName: mysql-pvc
        - name: mysql-config
          configMap:
            name: mysql-config
        - name: mysql-log
          emptyDir: {}
---
# mysql-service.yaml
apiVersion: v1
kind: Service
metadata:
  name: mysql
  namespace: common-infra-prod
spec:
  selector:
    app: mysql
  ports:
    - protocol: TCP
      port: 3306
      targetPort: 3306
  type: ClusterIP