Kubernetes集群实战（微课版）-项目实训参考 项目1--9 从 Docker 转向Kubernetes---持续集成和持续部署.docx

<Kubernetes集群实战(微课版)项目实训参考指导项目1从DoCker转向Kubernetes实训1安装DockerEngine并进行镜像和容器的基本操作实训目的(1)了解Docker版本和安装方式.(2)掌握DockcrEngine的安装方法“(3)掌握镜像和容器的基本怫作方法，实训内容建议参照任务1.1.1通过Dovker的软件仓库安装Docker；参照任务1.2.1操作镜像和容(1)准备Docker安装环境。操作系统选择CcntOSStream8或CcniOSStream9：更改主机名：修改网络连接配置；禁用防火瘠和S1.1.InUx：更改时区.(2)设置Docker软件仓库。yuminsta1.-yym-ti1.syum-config-manager-addeohttp7mirrors.a1.tyun.mMocker-ce.,1.inuxcentoa,docker-c.repo(3)安装DockcrEngine软件包.如果运行的足CcntOSStream8,则第要先卸教状认的容器引筌Podman：yumerasepodmanbukia如果运行的是CentOSStream9,则无需此操作.建议安装指定版本的DockcrEnginc:yuminsta三docker-C920.10.21dockwcc1.i20,1021co11ta<wdk>16,10也可以尝试安装拼新版本：yuminstaaCiOckerced(er-cec*containerdiodocker-tx>A1.x-1.g<dockercomosep1.ugin11前最新版本涉及DockerCompOSe的安装，(4)启动Dockcr并运行he1.1.>-wrid模像进行测试。SystemcUstartdockerdockerrunhe1.1.o-wor1.d因国内网络环境限制.实际应用中我们会遇到无法扣取IXKkB镜像的情况.最筒通的解决方案是使用镜像加速器.推荐使用以下梯像加速器： Da<1.oud俄像加速潺：httpsdockcr.m.da<1.oud.io 阿里云镜像11速器：hupsrXXXXX.11irr.a! 华为云镜像加速器：XXXXX阿里云和华为云需要登业账号.获取特定的镜像加速器地址. 需整注您的足,之前一些常用的模像加建器已变得不好用.列举如卜： DoCker官方铺像中国区镜像加速5K：htsregisry.docker三 将讯云镜像加速器：hnps:/ 中国科学技术大学：httpsr'dc 网易公镣像加速器：hup:。T)Ubmirror.c.I63,com 南京大学镜,但加速器：h1.(ps,dockcr.nju.cduxn(5)执行拉取像、显示憧像列表和查行械像构建历史信息的操作.dockerPUf1.ubuntu:1804dockerimagesdockerht<xyubuntu18.04(6>夔于hpd镜像以后台方式运行Apache容器并对外开放80端口。dockerrn-d>p80:80-nametestwebhttpd(7)使用dockercxcc命令进入Apachc亦器查看当前目录Cdockerexec-ittestwebbin*tsh(8)停止并删除Apachc容湍.dockerstoptestwebdockerrmtestweb实训2对NodejsWeb应用程序进行容器化实训目的(1) 了解应用程序容器化的基本步骤，(2)学会应用程序容器化的基本方法。实训内容直接从微码托管平价克隆一个公告板应用程序项目node-bu1.1.ctin-board使用.(I)创建琰目目录.Ekdirb1.tin&&cdbu1.1.etin(2)使用Git工具将iHk-bu1.1.etin-board库克降到本地。若实脸环境中没有安装Git客户端.先执行进行安装：yuminsta-ygit从Gi1.HUb网站获取该项目。(rootdocker_devbu1.1.etinsgitdonehttps7docer-trainingnode.bu1.1.etin.board正克隆到nodbu1.Qtinboar<r.remote.Enumerabngobjects:213.done.remoteCountingobjects:100%(23/23).done.remote.Compf3S<goects:100%done.remoteTota1.213(ddta8),reused17(de11a4).pack-reused190瘦收对象中：100%(2ia213),197.64KiB1602.00KR电完成.处理def1.a中100X«9390,完成(3)杳看克隆到本地的应用程序和Docker1.i1.e.(rootdocicer_devbu1.1.etin)?Isnode-bu1.1.etin-board(rootd(x*er_devbu1.1.etin/cdnode4xrt1.ebn4Ward(rootdo<Aerdevode-betin-bard)<rIsbuie<intx>ardapp1.ICENSE(rootdockerdevnode-biAetin-board#tree1- bu1.1.tinboar(appII-app.jsII-backendIIHapi-jsII|ve11ts.jsII1inde×.jsI1DockertaeII-fontsII,geomant,hintd-GomanistBook.woff2II-1.dx-htm1.I|1.ICENSEII-paciage.JsonIJreadmemdII-S6rr.jsI1.-SitaCSS,-1.ICENSE(rootdo<Aerdevnode-biAetin-txxard#cdbu1.1.eUn-board-app(rootdo<*cr_devbu1.teti11boardapp*catDockerfi1.eFROMnode6.11.5WORKDIRjsrsrcappCOPYacage.json.RUNnpminsta1.COPY.CMD(XPm”,FtarT该项目从现有的nodc61.1.5镜像开始构建但是网络环境限制，直接拉取官方node镜像比较困难，注意使用镜像加速芯解诀镜像无法拉取的问题，(4)基于Dockcrfi1.c构建愤像.(rootdocker_devbu1.1.etin-board-app#dockerbWtbu1.1.etinboard1.0.SendingM*icontexttoDockerdaemon45.57kBStep1,6:FROMnode6.11.56.11.5:Pu1.1.ingfromIibraryznode85O1f47fba49:PuMOOmPieteba6W283713a:PUicompto817c8cd48a09:PUIcomp1.ete47cc0ed96dc3:Pu1.1.mp1.ete8888adcbdO8b.Pu1.1.mp1.ete6f2de60W6b9Pp1.ete1666693bf996Pp1.ete2te41Od942:PUicomp1.eteDigest:Sha256fe19b92dafd9821fbc1cfd7587a1b4e1.ff76fc3af675869235bbf45bStatus:Down1.oadednewerimagefornode611.5->52391892b9fStep2Z6:WORKDIRusr3fcapp>Runningin01963b7cf7f0Removingintermediatecontainer01963b7cf7f0>72cf46a04400Step3/6:COPYPaCkage庐On.->a6d3d413859Step4/6:RUNp<ninsta1.1.>Runningin3350ea014611p<nWARNdeprecatedq15.1：Youors<xnooneyoudependonisusingQ.thoJavaScriptPo11sg1.ibrarythatgaveJavaSchptdevetopersstrongfee1.ingsaboutpromises.Theycana1.mostcertain1.ymigratetothenativeJavaScriptpromisenow.Tankyou1.itera1.1.yeveryoneforjoiningmeintrussbetagainsttheodds.Beexce1.1.enttoeachother.(XXnWARNdeprecated11pmWARNdeprecated(ForaCapTPwith11atrvepromises.see©endo'eventua1.-sendandendOi'captp)pmWARNdeprecatedg*ob50.15:GM>versionsPriOrtOv9arenoJongersupportednpmWARNdeprecated1.0.6:TNsmodu1.eisnotsupported,and½aksmemory.DonotuseitCheckoutku-caceifyouwantagoodandtestedwaytocoa1.esceasyncrequestsbyakeyva1.ue,whic&mcmor©oompreesivandpowerfu1.> ejs27.4psb11sta1.1.usrsrcapp,11od-mocMejs> node.巾OStmstaHJSvue-event-bd1.e&n1.0.0usrsrfap> body-parie<1.20.2|+-bytes3.1.2I-contenttyeg1.0.5I ÷-debug26.9-ms2.0.0+-depg20.0I÷-destroy1.2.0Jh1.tp-«rror52.0.0II *-inhefts2.0.4I1.:IOgeMfa1.0.1I+-»conv-41e0.4.24I-satef-bufter2.1.2Jon-fini$1.)ed24.1ir-ee-first1.1.111qs611.0-s»de-channe1.1.0.611-ca1.1.-bind1.0.711*es-<Jfine«property1.0.011IJfunction心nd1.1N11,-Se14unction-tength1.2211+-define-data-property1.1.411I*-gopd1.0.111*-has-property-<iescnptors1.0.211-es-efrors1.3.011get-intrinsic1.2.411>-has-pfo<o1.0.311has-$ymboto®1.O311'-hB6w逾2.0.211,-object-inspect1.132I÷-raw-body2.5.2IyPe«<s1.6.1811*-mediatyperg3.0-mime-types2.1.35Hrnme-db1.52.0,-UnPiPe1.0.0 boot$trap3.4.1÷-Bjs27.4 一e”OfhafXttef151I+-accepts13.-negoUatof0.6.3I*-escape-htfn1.1.0.3+-express4.19.2Iarray-Hatten®1.1.1I*-content-dispos*tion0.5.411Cook1.e0.6.0I÷-cootoe-s»gnature1.06一encodeur1.1.0.2*-etag1.8.1I÷-fina1.handter1.2.0-freshO,5.2I÷-merge-descnptors101-methode®1.12I÷-parseur1.1.33I÷-path-t<xegexpO.1.74-proxy-addr20.711-forwarded0.2.0-ipaddr.；s1.9.1I*-range-parser12.1*-safe-txjffer5.2.1÷-send0.18011*mim1.6.0ms21.3I÷-serve-stat»c1.15.0I*-setprototypeof1.2.0I÷-statuse52.01-uti1.s-merge1.0.1I*-vary11.2methodx>vernde2.3.10 m<xgan110.0I÷-basic-auth2.0.1I|*-safe-buffer5.1.2I÷-on-finish«d230,-on-eadefs1.0.2÷-veg1.0.28envify3.4.1I-js1.ransfonn11.0.3I|*-bas©621.2.8*-commoef0.10.8I11*-OXnmandGr2.20311>-detecveg4.7.1÷-3com5.7.4-defined1.0.1*-g1.ob5.O.1511÷-i11f1.ightgt,6I-wrappy1.02I111÷-mi11imatcQ31.2HU'-bracexpansion1.1.11IHUbatencednatcbg1.0.2IHU,-conc8t-map0.0.1111÷-once1.4.0I-path-is-ab5oMe1.0.111*-graceuM&g4.2.11I11÷-mkdirp0.5,6-m1.n1.met1.811*pciya1.e0.1.8IIIIq151-reca$tO.11.23I11÷-ast-types09611÷-espdma3.1.3I11:source-map)5.7I÷-esprima-fb15001.1.0-<fevharmoy4bIofcject-a$ign2.1.1,-sourc-map(g0.4.4,-amdefine1.0.1I'-througbg2.3,8 一vue-resource0.1.1711p<nWARNvue-event-bu»«in1.0.0Norepo6rtoryfie1.d.Removingintermedeatecontainer3350ea014600->73d897307a01Step56:COPY.>f8f8611a51dStep61*6:CMD!08f11->Runningin499596b83106Removingintermediatecontainer4995961.3106->8a25ef93958aScssfuybui1.t8a25f93958aSuccessfueytaggedbu1.1.etinboafd:1.0（5）基于构建的横像启动容器.（rootdocker_devbu1.1.etin-board-app#dockerrun-pub1.ish8（X×>O8O-detac-namebu1.1.ebnboardbu1.1.eUnboard:1.04M7Gfdd73bba82aft）df5756a4a9d114c41.5te9c2625176cfadb17540bb2b4（6）在浏览器中访问bcu1.hg1.:8000实际梃试公告板应用程序。（7）测试完毕后，停止并删除该容器。rootdodcer_devbu1.1.etin-board-appdockerrm-forcebu1.1.etinboardbuCnt×>ard项目2部署KUberneteS集群实训1使用kubeadm工具部罟三节点Kubernetes集群实训目的(1)了解Kubernetes集群的蛆成。(2)了*Kubernetes集群的部署方式。(3)学会使用kubeadm工具快速部詈Kubemetes集群。实训内容建议弁照任务2.1.1至任务2.1.6克成本实现任务，(1)简单规划要部署的Kubernetes集群。(2)准番Kubernetes集群安装环境(3个节点主机卜安装容器运行时COntainerd时Jt注意修改配以解决镇像下我问我。在KUbemeteS中.默认情况下，Pod会从官方DockerHub拉取Docker.BPdockerk>镜像仓库。歌认情况下Containerd配31文件e1.c8ntainerW8nf¾.tom1中相关设!1如下：p1.uginsMk),ccxi1.aiwdgrpcV1.Crr.registryp1.g<s.,o.contaMfd.grc,v1.crr.regstry.m1.rrorsjp*ugi11s*io.contai11Grd,grpcv1cn*'registry.mirrors.*docker.io1.#没有任何设,11tainerd端(B接从DockerHub技取侵像考虑到国内网络限制,通常设厦假像加速器来解决拉取OoCker梗像的同定。本教材阐写时给出的一些镣像加速器自从2024年6月开始不可用.(p1.uginsMio.contain©rd.grpc.v1.cr.registry.miors)p¼jgins.,reg<stry.mirrofs,do<er.io1.BndPOM=pttpsusydjf4(11wwaS*https7mi11orccstonc11tyun.m.Wps7/registry.dockef-M.ehttp:/ub-M其中后面3个当前皆不可用：https7mi11or.ccs.tenc11tyB1.讯云https:/registry.docker-中国区我像http:hubmirrorc163com"网易而Daodoud镜(#加速SSht1.psdocker.m.daodoud.io目前可用,建议科其加入横像K1.ji器到«,该设J1.改为：(p1.ugns.-io.oontanerd.gfpc.v1.cfr.fegistry.mifrorsAjgins.io.containerd.grpc.v1.cri-registry.mirrors.-docker.io1.endowt=p)ttpsdockr.m.dBc1.oudjo,.https7jsydiMtmirror.a1.iywcs.mT(3)部Kubernetes节点.(4)安装Pod网络插件.(5)通过部管Nginx来利试Kubemetes集群的使用。(6)练习cnct1.命令的使用。实训2安装和使用KubernetesDashboard实训目的(1)了第KubernetesDashboard的基本功能(2)学会使用KubemetesDashboard并集群进行可视化管理徵作，实训内容建汉号躺任务2.2.1和任务222完成本实现任务.(1)准备Kubernetes实物环境.(2)安55KubernetesDashboard9(3)获取dashboardadm服务账户的令牌并登录Dashboarde(4)熟悉DaShbOard的耳本爆作。(5)娄试使用DaShbOard部誓Nginx,(6)加除所部詈的痛用程序。项目3熟悉Kubernetes基本操作实训1操作指定名称空间中对象的标签实训目的(1)7MKubemetes名称空间和对承的标签。(2)学会Kubemetes名称空阁的基本用法。(3)学会Kubemetes对歙的基本操作。实训内容注意不实训的对象MI作都要指定名称空间,在控制平面主机上执行操作.(1)准备Kubemetes集群实验环境，(2)创球一个实的用的名称空间.(rootmaste<01切IaJbecX1.createnamespacemyns11amespacemynscreated(3)在该名称空间中创建一个Pod对象并为其添加标签app=testofootmaste<01以kubect1.runmynginximage三nginx-Iap三tes1.nmynspodJmyngccreatedIrOOtJgmas1.eEI游kubect1.getpod-SAow-Iabets-nmynsNAMEREADYSTATUSRESTARTSAG1.ABE1.Smynginx1/1Rurwwig02m34sapp=test(4)将该对象的标妾app=test修改为app=dev(rootmastef01-J#kubect1.1.abe1.podmynginxapp=dovvBNTitBErrorfromserver(NotFound):podsHmyngInx”notfound(rootmasteK)1济kubect1.1.abe1.podmynginxap三dev-overwritenmynspod?myngmx1.abe1.ed(rootmaste*01*Mkubect1.getpods-IabetonmynsNAMEREADYSTATUSRESTARTSAGE1.ABE1.Smynginx1/1RUnnang04m19sapp三dev(5)为该对象增加标釜Ver=I.5。(rootmastef01一声kubect1.1.abe1.podmynginxyc=1.5-nmynsPodjmynginX1.abe1.ed(rootmastef01争kuboct1.getpod-shcw.abe*s11EynSNAMEREADYSTATUSRESTARTSAGE1.ABE1.SmynginxV1.RumngO6<n50sapp=dev.vec=1.5(6)删除该对甄名为app的标签。(rootmastefO1争kubect1.1.abe1.podmynginxapp*nmymPOdJmyngmXun1.abe1.ed(rootma3te<01,kubect1.getpod-s-1.abets-nmy11sNAMEREADYSTATUSRESTARTSAG1.ABE1.Smynginx1/1RuivwigO7m52sver三1.5(7)H1.除该对象(rootmaste<01-舞kubect1.de1.etepodmynginx-nmy11spodwmynginde1.eted(rootmasteK)1争kuboct1.getpod11EynSNoresourcesfoundmrnynsnamespace.(8)删除该名称空间.(rootmastef01一/kuboct1.de1.etenamespaceEynSnamespace*mys-de1.eted实训2创建一个多容器Pod并进行测试实训目的(1)了解多容器Pod。(2)增加对多容器Pod的认识。实训内容(1)参既任务3.3.1进行操作.(2)给写定义Pod的配值文忤.其中涉及的两个容器分别运行Ngmx和BusyBox.两个容SS共享卷,(3)基于该配Jt文件创JtPod3(4)S#Pod及其容器的信息，以YAM1.格式憧出.(5)进入NginX容器的ShM,使用cur1.命令向Nginx服务8S发起i三求,以船证错果.(6)使用cur1.命令向Pod的IP地址发起请求,遂一步蛆证结果。(7)删除该Podo项目4部署和运行应用程序实训1使用Dep1.oyment运行Apache服务实训目的(1)了解Dep1.oyment的基本用法。(2)学会使用Dep1.oyment运行和管理无状态应用程序.实训内容(1)准备Kubmetes集群实验环境，(2)使用Dep1.oyment例Jt有3个K本的ht1.pd服务使用httpd镜像卜第写Dep1.oyment配!文件(文件名httpd-dep1.oy.yam1.):a<Versk>n:asM#版本号kind:Dep1.oyment叁奏堂内Dep1.oymentmetadata:0元数据name:httpddep1.oy1.abe1.s:#标签app：httdspec#评细信息rep1.icas:3«和本数strategy:#策略type:RcIIingUpdate#深动更新第郎ro三ngUpdat:#滚动更新设厦maxSurge25%n更行过程中允许超出期9Pod副本数的Pod数,用百分比或整故表示maxUnavab1.e25%”更新过程中不可用的Pod数上限用百分比套腔敷表示se1.ector:#送择招.指定该控物器管理学度Podmatch1.abe1.s：四配规则app:httpdtemp1.ate:“定义横板.当价本数不足的会根据横板定义出法PodM本metadata1.abe1.s:app：httpd#POd的标釜spec:containers：«容i列表（本例仅定义一个容繇）name:httpd#容器的ImagehttPd:22n容器所用的峭像ports:-OontainerPat80存容器需要*密的口基于该文件创建创建Dep1.oyment:(rootma5teK)1-沸kbect1.app1.yfhttpd-dep1.oyya11Mdeptoymet.apps'httpd-de1.oycreated看看和测试：(rootmaste01-Wkubect1.getdep1.oyhttpddp1.oy-owideNAMEREADYUP-TOOATEAVAI1.AB1.EAGECONTAINERSIhtAGESSE1.ECTORhttpddep1.oy0/33040shttpdhttpd2.2app=httpdroo1.mastefO1Wkubect1.ge1.dep1.oyhttdde1.oyowideNAMEREADYUP-TO-DATEAVAI1.AB1.EAGECONTAINERSIMAGESSE1.ECTORhttpddep1.oy3/333116shttpdhttpd:22app三httpdrootmaste101切kubect1.getpods-oWgeNAMEREADYSTATUSRESTARTSAGEIPNODENOMINATEDNODEREADINESSGATEShttpddep1.oy-7Hdc45d4-2)tf>2c1/1Running067510.244.140.6611ode02<none><none>httpd-de1.oy-7Hdc45d45zx521/1Running067$10244140.122node02<no11e><11o11e>httpd-de1.oy-7ffdc45d4-v)k441/1Running067s10244.196.178node01<none><none>(rootmastef01-拼CUr1.10.244.140.66<htm1.><body><h1>1.two(ks!<h1><××1.y><ht11H>(3)测试Dep1.oyment更新Q(rootmastef01-Wkubect1.settmagedeptoymentv1.appshttpd-<fep1.oyhttpd=httd:2.4.46deptoymet.apps'httpdde1.oyimageupdated(4)测试Dep1.oyment58。(rootmastef01-游kubect1.ro1.1.outhistorydep1.oyment/httpd-dep1.oydetoyment.as'httdde1.oyREVISIONCHANGE-CAUSE1<none>2<11o11>(rootmaste*01游kubect1.ro1.1.outundodetoymenthttpd-dep6oydep1.oyment,apps*httpddp1.oyroedback(5)将Dep1.oyment犷容到5个副本”(rootmaste*01力kubect1.sca1.edep1.oymentMttpd-dep1.oy-repbcas三5dep1.oyment.appsttpddep1.oyseated(rootmaste101一声kubct1.getdep1.oyhttpd-dep1.oy-o*deNAMEREADYUP-TO-DATEAVAI1.AB1.EAGECONTAINERSIMAGESSE1.ECTORMtPd-dep1.oy5/5559m15shttpdhttpd2.2ap=httpd(6)将Dep1.oyment缔容到2个副本,(rootmaste<01一片kubect1.sca1.edep1.oymentihttpd-dep1.oytpC8S=2dep1.oymentahttpdde1.oysca1.ed(rootmaste<01-Wkubct1.getdep1.oyhttpd-dep1.oy-oWdeNAMEREADYUP-TO-DATEAVAI1.AB1.EAGECONTAINERSIMAGESSE1.ECTORhttpd-dep1.oy212229m4shttpdhttpd:2.2app=httpd(7)H1.除Depioymento(rootmast©<01-外kubct1.de1.ete-fhttpd-dep1.oy.yam1.Sptoymen1.appg1ttpdde1.ode1.eted详班掇作谓参考任务4.1中的任务实现部分。实训2使用DaemonSet在所有工作节点上部署NginX实训目的(1)7*DaemonSet的基本用法。(2)学会使用DaemonSei部署和管理集群守护进程集.实训内容(1)使用DaHmOnSet在每个工作节点上运行Nginxt,配置文件nginxdaemonset.yarn1.内容如下：ap<Vers:apps,v1kind:DaemcnSet#资源类型为DaemonSetmetadata:name:ginx-ds1.abe1.s:ks-app:BnX#DaemonSet海3R的标SKspecse1.ector:matc1.abe1.s:。必须甫定与SPeC.temp1.ate的标签匹配的Pod选拜运算符name：nginxtemp1.ate:#出建Pod副本所依据的模板metadata1.abe1.s-#Pod模板必须羯定标签name：ng1.×spec:totefat>rs:R容忍度设SI.此处议让该守妒年旅残在控制平面V点或主V点上运行key：node-ro1.e.kubemetes.toi'contro1.-p1.aneoperatorExistseffect:NoScheduIekey:11odoro1.e.kubemtesJoZmastGroperator:Existseffect:NoScheduIecontainers:name:ginximage:nginx:1.16.1#镇像基于该文件创建DaemonSei:(rootmaste«O1kubect1.createfnginxdaem<xetyam1.daecnonset.apps/nnx-dscreated(rootmaste«O1kubect1.getdaemonsetnginxdsowideNAMEDESIREDCURRENTREADYUP-TO-DATEAVAI1.AB1.ENooESE1.ECTORAGENTAINERSIMAGESSE1.ECTORnginx-ds33333<no11>3e43snginxn9nx:1.16.1name三nginx(2)验证该DaemonSet的Pod的节点部*,(rootmaste01-沸kubect1.getpods-owideNAMEREADYSTATUSRESTARTSAGEIPNODENOMINATEDNODEREADINESSGATES