https://blog.treesir.pub/categories/kubernetes/Recent content in Kubernetes on Zayn's BlogHugo -- gohugo.iozh-cnyangzun@treesir.pub (Zayn)yangzun@treesir.pub (Zayn)2021-2026 ZaynSun, 15 Mar 2026 21:24:00 +0800https://blog.treesir.pub/posts/kubernetes-deploy-gitlab/Tue, 01 Jun 2021 10:13:29 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/kubernetes-deploy-gitlab/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li>Kubernetes Version: <code>v1.20.4</code></li> <li>Postgres Version: <code>12.7</code></li> <li>Redis Version: <code>5.0.9</code></li> </ul> <blockquote> <p>因在官方提供的 <code>gitlab-ce</code> 镜像中，内置了 Postgres &amp; Redis 的安装，在实际生产使用过程中，想让其连接使用外部统一的服务进行使用，来合理统一的管理，并有效降低对应资源使用率，这里使用 dokcer 非官方镜像: <code>sameersbn/gitlab:13.12.1</code> 进行使用</p>https://blog.treesir.pub/posts/first-kind/Sun, 15 Nov 2020 14:24:42 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/first-kind/<h2 class="relative group">参考资料 <div id="参考资料" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%8f%82%e8%80%83%e8%b5%84%e6%96%99" aria-label="锚点">#</a> </span> </h2> <ul> <li><a href="https://github.com/kubernetes-sigs/kind" target="_blank" >Github 地址</a></li> <li><a href="https://blog.tianfeiyu.com/2019/09/06/kind_deploy/" target="_blank" >参考博客</a></li> </ul> <h2 class="relative group">安装 <div id="安装" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%ae%89%e8%a3%85" aria-label="锚点">#</a> </span> </h2> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">curl -Lo ./kind <span class="s2">&#34;https://kind.sigs.k8s.io/dl/v0.9.0/kind-</span><span class="k">$(</span>uname<span class="k">)</span><span class="s2">-amd64&#34;</span> </span></span><span class="line"><span class="cl">chmod +x ./kind </span></span><span class="line"><span class="cl">mv ./kind /some-dir-in-your-PATH/kind </span></span></code></pre></div> <h2 class="relative group">启动集群 <div id="启动集群" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%90%af%e5%8a%a8%e9%9b%86%e7%be%a4" aria-label="锚点">#</a> </span> </h2> <blockquote> <p>注意启动集群前 请确认 docker 服务是否启动</p>https://blog.treesir.pub/posts/helm-k8s-deploy-mariadb/Tue, 25 May 2021 11:33:17 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/helm-k8s-deploy-mariadb/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li>helm version: <code>v3.3.1</code></li> <li>kubernetes: <code>v1.17.9</code></li> <li>使用 helm chart: <code>bitnami/mariadb</code></li> <li>操作系统: <code>CentOS 7.8.2003</code></li> </ul> <h2 class="relative group">helm 部署 <code>mariadb</code> 前的准备 <div id="helm-部署-mariadb-前的准备" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#helm-%e9%83%a8%e7%bd%b2-mariadb-%e5%89%8d%e7%9a%84%e5%87%86%e5%a4%87" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">添加 helm 私服 <div id="添加-helm-私服" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e6%b7%bb%e5%8a%a0-helm-%e7%a7%81%e6%9c%8d" aria-label="锚点">#</a> </span> </h2> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">helm repo add bitnami https://charts.bitnami.com/bitnami </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">helm repo update <span class="c1"># 更新仓库索引</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">helm search repo mariadb </span></span><span class="line"><span class="cl">bitnami/mariadb 9.3.12 10.5.10 Fast, reliable, scalable, and easy to use open-... </span></span></code></pre></div> <h2 class="relative group">对 chart 进行 定制更改优化 <div id="对-chart-进行-定制更改优化" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%af%b9-chart-%e8%bf%9b%e8%a1%8c-%e5%ae%9a%e5%88%b6%e6%9b%b4%e6%94%b9%e4%bc%98%e5%8c%96" aria-label="锚点">#</a> </span> </h2> <p><strong>下载对应 chart 文件</strong></p>https://blog.treesir.pub/posts/helm-k8s-deploy-nexus/Sun, 23 May 2021 15:50:31 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/helm-k8s-deploy-nexus/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li>helm version: <code>v3.3.1</code></li> <li>kubernetes: <code>v1.17.9</code></li> <li>nexus: <code>3.29.0</code></li> </ul> <h2 class="relative group">部署 <div id="部署" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e9%83%a8%e7%bd%b2" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">准备 storageClass <div id="准备-storageclass" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%87%86%e5%a4%87-storageclass" aria-label="锚点">#</a> </span> </h2> <blockquote> <p>非 <code>必要</code> 操作，可以选择手动创建 pvc &amp; pv，如果想部署 <code>nfsStorageClass</code> 的话，请参考早期整理的 <a href="https://www.treesir.pub/post/k8s-nfs-strage-class/" target="_blank" >文档</a>。此篇文档实战部署步骤中基于 <code>nfsStorageClass </code> 进行实现。如果是用于 <code>生产环境</code> 的话，还是建议使用 ssd 或 iops 较高的 <code>磁盘</code> 作为数据盘使用，数据盘管理方式可以使用 localPv or hostPath 绑定到对应节点进行运行。</p>https://blog.treesir.pub/posts/ingress-to-dashboard/Tue, 22 Dec 2020 09:24:55 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/ingress-to-dashboard/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <blockquote> <p><a href="https://www.treesir.pub/post/kubeadm-deploy-k8s1.9/" target="_blank" >链接文档</a></p></blockquote> <h2 class="relative group">软件版本说明 <div id="软件版本说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e8%bd%af%e4%bb%b6%e7%89%88%e6%9c%ac%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li>helm: <a href="https://github.com/helm/helm/tags" target="_blank" >v3.4.2</a></li> <li>ingress: <a href="https://github.com/kubernetes/ingress-nginx/tags" target="_blank" >v3.16.1</a></li> </ul> <h2 class="relative group">Nginx Ingress <div id="nginx-ingress" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#nginx-ingress" aria-label="锚点">#</a> </span> </h2> <blockquote> <p><a href="https://kubernetes.github.io/ingress-nginx/" target="_blank" >参考文档</a></p>https://blog.treesir.pub/posts/cronjob-clean-es-index/Tue, 13 Jul 2021 11:45:00 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/cronjob-clean-es-index/<h2 class="relative group">背景 <div id="背景" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e8%83%8c%e6%99%af" aria-label="锚点">#</a> </span> </h2> <blockquote> <p>在日常使用 <code>efk</code> 日志系统的过程中，每天造成的日志索引量是巨大的，需要进行对相关的索引进行定期清理，来缓解后端储存的占用。如何实现在 kubernetes 中进行优雅的定期清理？本文将介绍使用 kubernetes 中的 <code>Cronjob</code> 资源对象进行其需求的实现。</p></blockquote> <p><strong>常规情况下清理 <code>n</code> day 以前的数据</strong></p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">curl -XDELETE http://elasticsearch-logging.kube-system:9200/logstash-<span class="sb">`</span>date -d<span class="s2">&#34;n days ago&#34;</span> +<span class="s2">&#34;%Y.%m.%d&#34;</span><span class="sb">`</span> </span></span></code></pre></div><blockquote> <p>这种方法，是网上比较常规的方式，如某一天忘记执行了，就会出现数据未清理干净的情况，有点不优雅，如何解决？</p>https://blog.treesir.pub/posts/rancher-upgrade-docker/Sat, 16 Jan 2021 14:39:59 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/rancher-upgrade-docker/<h2 class="relative group">环境配置 <div id="环境配置" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e9%85%8d%e7%bd%ae" aria-label="锚点">#</a> </span> </h2> <ul> <li><strong>操作系统</strong>：CentOS 7.9.2009</li> <li><strong>Docker 版本</strong>：18.09.9</li> </ul> <h2 class="relative group">问题复现 <div id="问题复现" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e9%97%ae%e9%a2%98%e5%a4%8d%e7%8e%b0" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">安装 Rancher <div id="安装-rancher" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%ae%89%e8%a3%85-rancher" aria-label="锚点">#</a> </span> </h2> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">docker pull rancher/rancher:v2.3.5 </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">docker run -d <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>--restart<span class="o">=</span>unless-stopped <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>--name rancher <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>-p 80:80 -p 443:443 <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>--privileged <span class="se">\ </span></span></span><span class="line"><span class="cl"><span class="se"></span>rancher/rancher:v2.3.5 </span></span></code></pre></div><p> <figure> <img class="my-0 rounded-md" loading="lazy" alt="image-20210116134244336" src="https://cdn.treesir.pub/img/image-20210116134244336.png"> </figure> </p>https://blog.treesir.pub/posts/flannel-exclusion-records/Fri, 18 Dec 2020 16:24:43 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/flannel-exclusion-records/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li><strong>Kubernetes 版本</strong>：v1.19.6</li> <li><strong>操作系统</strong>：CentOS 7.9.2009</li> </ul> <h2 class="relative group">问题现象 <div id="问题现象" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e9%97%ae%e9%a2%98%e7%8e%b0%e8%b1%a1" aria-label="锚点">#</a> </span> </h2> <p>最近在使用 Kubernetes 集群时，发现集群响应变慢。排查发现 Master 节点中 <code>controller-manager</code> 及 <code>scheduler</code> 组件频繁重启。</p>https://blog.treesir.pub/posts/istio-in-action-study/Sun, 15 Mar 2026 21:24:00 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/istio-in-action-study/<h2 class="relative group">Istio in Action 学习笔记 <div id="istio-in-action-学习笔记" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#istio-in-action-%e5%ad%a6%e4%b9%a0%e7%ac%94%e8%ae%b0" aria-label="锚点">#</a> </span> </h2> <blockquote> <p>Istio 是当下最流行的 Service Mesh（服务网格）方案之一，本文是学习《Istio in Action》书籍的详细笔记，涵盖从入门到进阶的核心知识点。</p></blockquote> <h2 class="relative group">1. Istio 解决的问题 <div id="1-istio-解决的问题" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#1-istio-%e8%a7%a3%e5%86%b3%e7%9a%84%e9%97%ae%e9%a2%98" aria-label="锚点">#</a> </span> </h2> <p>在微服务架构中，网络问题往往是最大的挑战之一：</p>https://blog.treesir.pub/posts/k8s-cronjob-backup-mysql/Mon, 24 Jul 2023 16:14:42 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/k8s-cronjob-backup-mysql/<p>随着 Kubernetes 在生产环境中的广泛应用，越来越多的有状态应用（如 MySQL 数据库）也开始部署在 K8s 集群中。数据安全是生产环境的重中之重，本文将详细介绍如何使用 Kubernetes CronJob 实现 MySQL 数据库的自动化备份，并将备份文件安全地存储到 MinIO 对象存储中。</p> <h2 class="relative group">方案概述 <div id="方案概述" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e6%96%b9%e6%a1%88%e6%a6%82%e8%bf%b0" aria-label="锚点">#</a> </span> </h2> <h3 class="relative group">备份架构 <div id="备份架构" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%a4%87%e4%bb%bd%e6%9e%b6%e6%9e%84" aria-label="锚点">#</a> </span> </h3> <div class="mermaid" align="center"> <pre> flowchart LR MySQL[MySQL Pod<br/>Database] -->|导出数据| CronJob[CronJob Pod<br/>mysqldump] CronJob -->|上传备份| MinIO[MinIO Server<br/>Bucket] </pre> </div> <h3 class="relative group">方案优势 <div id="方案优势" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e6%96%b9%e6%a1%88%e4%bc%98%e5%8a%bf" aria-label="锚点">#</a> </span> </h3> <ul> <li><strong>自动化</strong>: 使用 CronJob 实现定时自动备份，无需人工干预</li> <li><strong>可靠性</strong>: 备份文件存储在独立的对象存储中，提高数据安全性</li> <li><strong>可扩展</strong>: 支持多数据库实例的备份，易于扩展</li> <li><strong>监控友好</strong>: 可以通过 Kubernetes 原生监控查看备份任务状态</li> <li><strong>成本效益</strong>: 使用开源的 MinIO 作为存储后端，降低成本</li> </ul> <h2 class="relative group">环境准备 <div id="环境准备" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e5%87%86%e5%a4%87" aria-label="锚点">#</a> </span> </h2> <h3 class="relative group">前置条件 <div id="前置条件" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%89%8d%e7%bd%ae%e6%9d%a1%e4%bb%b6" aria-label="锚点">#</a> </span> </h3> <table> <thead> <tr> <th>组件</th> <th>版本要求</th> <th>说明</th> </tr> </thead> <tbody> <tr> <td>Kubernetes</td> <td>v1.18+</td> <td>支持 CronJob v1 API</td> </tr> <tr> <td>MySQL</td> <td>5.7+ / 8.0+</td> <td>运行在 K8s 集群中</td> </tr> <tr> <td>MinIO</td> <td>任意版本</td> <td>对象存储服务</td> </tr> <tr> <td>网络连通性</td> <td>-</td> <td>CronJob Pod 能访问 MySQL 和 MinIO</td> </tr> </tbody> </table> <h3 class="relative group">自定义镜像 <div id="自定义镜像" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e8%87%aa%e5%ae%9a%e4%b9%89%e9%95%9c%e5%83%8f" aria-label="锚点">#</a> </span> </h3> <p>本方案使用了专门构建的备份镜像，包含了 mysqldump 和 MinIO 客户端工具。</p>https://blog.treesir.pub/posts/rke-kubevip-loadbalance/Tue, 12 Oct 2021 13:44:45 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/rke-kubevip-loadbalance/<h2 class="relative group">背景 <div id="背景" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e8%83%8c%e6%99%af" aria-label="锚点">#</a> </span> </h2> <blockquote> <p><code>Kube-Vip</code> 最初是为 Kubernetes 控制平面提供 HA 解决方案而创建的，随着时间的推移，它已经发展为将相同的功能合并到 Kubernetes 的 LoadBalancer 类型的 Service 中。Kube-Vip <code>特点</code> 如下：</p> <ul> <li>VIP 地址可以是 IPv4 或 IPv6</li> <li>带有 ARP（第2层）或 BGP（第3层）的控制平面</li> <li>使用领导选举或 <code>raft</code> 控制平面</li> <li>带有 kubeadm（静态 Pod）的控制平面 HA</li> <li>带有 K3s/和其他（DaemonSets）的控制平面 HA</li> <li>使用 ARP 领导者选举的 Service LoadBalancer（第 2 层）</li> <li>通过 BGP 使用多个节点的 Service LoadBalancer</li> <li>每个命名空间或全局的 Service LoadBalancer 地址池</li> <li>Service LoadBalancer 地址通过 UPNP 暴露给网关</li> </ul></blockquote> <p>集群 master 节点一般不会很多，kube-vip 只需在 k8s 中的控制平面部署。这里使用方法采用 <code>静态 pod</code> + <code>ARP </code>来简单实现。在大规模的场景下可以尝试使用 BGP ，这需要相应的 BGP 服务来做支撑。</p>https://blog.treesir.pub/posts/pipeline-jupyter-labextension-build-fix/Tue, 20 Jul 2021 17:04:26 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/pipeline-jupyter-labextension-build-fix/<h2 class="relative group">背景 <div id="背景" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e8%83%8c%e6%99%af" aria-label="锚点">#</a> </span> </h2> <blockquote> <p>在所关联项目 的 jenkins pipeline ci 流水线中，开发告诉我 生成的 pip 包中未有生成相关的 <code>labextension</code> 依赖文件夹，导致 pip 包虽然是安装成功了，但仍是一个不可用的状态。开发人员告诉我在 <code>linux</code> &amp; <code>windows</code> 环境下 均是可以正常生成相关依赖文件夹的，问我是不是哪里配置有点问题，思索了一下 和他说会不会是 jenkins slave 使用的 是 <code>容器</code> 的原因？给了他一个启动命令，测试在容器里面生成一下包看看，启动命令如下所示:</p>https://blog.treesir.pub/posts/k8s-vpa/Thu, 08 Jul 2021 14:41:34 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/k8s-vpa/<h2 class="relative group">VPA 简介 <div id="vpa-简介" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#vpa-%e7%ae%80%e4%bb%8b" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">什么是 VPA？ <div id="什么是-vpa" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e4%bb%80%e4%b9%88%e6%98%af-vpa" aria-label="锚点">#</a> </span> </h2> <p>Vertical Pod Autoscaler（VPA，垂直 Pod 自动伸缩器）是 Kubernetes 的一个组件，它可以根据 Pod 的实际资源使用情况，自动调整 Pod 的 CPU 和内存请求值（requests）。</p>https://blog.treesir.pub/posts/kube-vip-deploy-ha-k8s-cluster/Thu, 24 Jun 2021 11:01:10 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/kube-vip-deploy-ha-k8s-cluster/<h2 class="relative group">方案介绍 <div id="方案介绍" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e6%96%b9%e6%a1%88%e4%bb%8b%e7%bb%8d" aria-label="锚点">#</a> </span> </h2> <p>在私有环境中部署 Kubernetes 高可用集群时，传统方案需要准备硬件或软件负载均衡器来创建多控制平面集群。通常我们会选择使用 HAProxy + Keepalived 来实现这个功能：创建 2 个负载均衡器虚拟机，分配一个 VIP（虚拟 IP），通过 VIP 将流量重定向到后端的 Kubernetes 控制平面节点。架构如下图所示：</p> <p> <figure> <img class="my-0 rounded-md" loading="lazy" alt="20210616142006" src="https://cdn.treesir.pub/img/20210616142006.png"> </figure> </p>https://blog.treesir.pub/posts/kaniko-image-build/Tue, 15 Jun 2021 10:02:48 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/kaniko-image-build/<p>在 Kubernetes 环境中构建 Docker 镜像一直是一个挑战，传统的 Docker-in-Docker 方案存在安全风险和复杂性问题。Kaniko 作为 Google 开源的容器镜像构建工具，提供了一个安全、高效的解决方案。</p> <h2 class="relative group">什么是 Kaniko <div id="什么是-kaniko" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e4%bb%80%e4%b9%88%e6%98%af-kaniko" aria-label="锚点">#</a> </span> </h2> <p>Kaniko 是由 Google 开发的开源工具，专门用于在容器或 Kubernetes 集群内构建容器镜像。它的核心优势包括：</p>https://blog.treesir.pub/posts/rancher-import-cluster-fix/Tue, 08 Jun 2021 08:45:22 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/rancher-import-cluster-fix/<h2 class="relative group">环境配置 <div id="环境配置" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e9%85%8d%e7%bd%ae" aria-label="锚点">#</a> </span> </h2> <ul> <li><strong>Kubernetes 版本</strong>：v1.20.4 (KubeKey 部署)</li> <li><strong>操作系统</strong>：CentOS 7.9.2009</li> <li><strong>Rancher 版本</strong>：v2.4.15</li> </ul> <h2 class="relative group">准备 Kubernetes 测试环境 <div id="准备-kubernetes-测试环境" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%87%86%e5%a4%87-kubernetes-%e6%b5%8b%e8%af%95%e7%8e%af%e5%a2%83" aria-label="锚点">#</a> </span> </h2> <blockquote> <p>本次使用 KubeKey 进行一键部署。KubeKey 底层集群部署基于 kubeadm，详细信息可参考 <a href="https://github.com/kubesphere/kubekey.git" target="_blank" >GitHub 地址</a>。</p>https://blog.treesir.pub/posts/quick-delete-rancher-failed-pod/Thu, 27 May 2021 08:59:56 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/quick-delete-rancher-failed-pod/<h2 class="relative group">问题描述 <div id="问题描述" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e9%97%ae%e9%a2%98%e6%8f%8f%e8%bf%b0" aria-label="锚点">#</a> </span> </h2> <p>在 Rancher 管理的 Kubernetes 集群中，有时会出现副本集中的 Pod 部署失败的情况。如下图所示，失败的 Pod 数量可能达到上千个，手动逐一删除非常耗时。</p> <p> <figure> <img class="my-0 rounded-md" loading="lazy" alt="image-20210527085545254" src="https://cdn.treesir.pub/img/image-20210527085545254.png"> </figure> </p> <h2 class="relative group">解决方案 <div id="解决方案" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e8%a7%a3%e5%86%b3%e6%96%b9%e6%a1%88" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">批量删除失败的 Pod <div id="批量删除失败的-pod" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e6%89%b9%e9%87%8f%e5%88%a0%e9%99%a4%e5%a4%b1%e8%b4%a5%e7%9a%84-pod" aria-label="锚点">#</a> </span> </h2> <p>使用 kubectl 命令批量删除状态为 <code>MatchNodeSelector</code> 的失败 Pod：</p>https://blog.treesir.pub/posts/spinnaker-helm-installd/Mon, 24 May 2021 16:33:49 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/spinnaker-helm-installd/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li> <p>Kubernetes Version: <code>v1.17.9</code></p> </li> <li> <p>操作系统: <code>CentOS 7.8.2003 </code></p> </li> <li> <p>Helm Version: <code>v3.2.1</code></p> </li> <li> <p>Spinnaker Version: <code>1.26.3</code></p> <blockquote> <p><a href="https://spinnaker.io/community/releases/versions/" target="_blank" >spinnaker 版本说明</a></p></blockquote> </li> </ul> <h2 class="relative group">spinnaker 组件说明 <div id="spinnaker-组件说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#spinnaker-%e7%bb%84%e4%bb%b6%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li> <p>Deck：前端web页面 端口9000</p>https://blog.treesir.pub/posts/rancher-monitor-config-third/Wed, 19 May 2021 08:41:26 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/rancher-monitor-config-third/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <blockquote> <p>此文档为 rancher <code>monitor</code> 使用系列的 <code>第三篇</code> ，主要介绍与 <code>dingtalk</code> 关联配置告警通知、prometheus 告警阈值的配置使用</p></blockquote> <h2 class="relative group">配置安装 dingtalk webhook <div id="配置安装-dingtalk-webhook" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e9%85%8d%e7%bd%ae%e5%ae%89%e8%a3%85-dingtalk-webhook" aria-label="锚点">#</a> </span> </h2> <blockquote> <p><a href="https://github.com/timonwong/prometheus-webhook-dingtalk" target="_blank" >webhook github 地址</a></p>https://blog.treesir.pub/posts/rancher-monitor-config-first/Mon, 17 May 2021 10:41:26 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/rancher-monitor-config-first/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li>kubernetes version: <code>v1.17.9</code></li> <li>rancher dashboard: <code>v2.3.5</code></li> <li>操作系统: <code>centos 7.8.2003 </code></li> </ul> <h2 class="relative group">基础环境配置 <div id="基础环境配置" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%9f%ba%e7%a1%80%e7%8e%af%e5%a2%83%e9%85%8d%e7%bd%ae" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">使用 kubekey 部署 kubernetes 集群 <div id="使用-kubekey-部署-kubernetes-集群" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e4%bd%bf%e7%94%a8-kubekey-%e9%83%a8%e7%bd%b2-kubernetes-%e9%9b%86%e7%be%a4" aria-label="锚点">#</a> </span> </h2> <blockquote> <p>由于篇幅原因，此处省略部署说明，请参考较早期的 <a href="http://hugo.blog:1313/post/kubekey-install-k8s/" target="_blank" >文档说明</a></p>https://blog.treesir.pub/posts/rancher-monitor-config-second/Mon, 17 May 2021 10:41:26 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/rancher-monitor-config-second/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <blockquote> <p><a href="https://www.treesir.pub/post/rancher-monitor-config-first/" target="_blank" ><code>上期</code></a> 介绍了 <code>rancher prometheus operator</code> 的安装和基础 targets 的修复工作。有的时候我们抓取的 exporter metrics 并不在同集群且与集群没有任何关联时，应该怎么和 rancher <code>monitor</code> 进行关联配置呢？下面文档将配置展示部署外部 <code>exporter </code>, 的安装说明、指标抓取、 和监控系统的关联。</p>https://blog.treesir.pub/posts/velero-install/Sun, 16 May 2021 18:00:36 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/velero-install/<h2 class="relative group">环境准备 <div id="环境准备" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e5%87%86%e5%a4%87" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">安装基础依赖 <div id="安装基础依赖" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%ae%89%e8%a3%85%e5%9f%ba%e7%a1%80%e4%be%9d%e8%b5%96" aria-label="锚点">#</a> </span> </h2> <p>安装 Docker Compose：</p>https://blog.treesir.pub/posts/k8s-lxcfs-admissionhook/Fri, 30 Apr 2021 14:10:31 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/k8s-lxcfs-admissionhook/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li>kubernetes version: v1.17.9 (<code>kubeadm</code>)</li> <li>os: 7.8.2003 (Core)</li> <li>kubernetes dashboard: rancher <code>v2.4.15</code></li> </ul> <h2 class="relative group">概述 <div id="概述" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e6%a6%82%e8%bf%b0" aria-label="锚点">#</a> </span> </h2> <blockquote> <p>docker 使用 linux 内核中的 <code>cgroup</code> 实现了对 容器使用资源的限制，默认容器启动后依旧挂载了宿主机的 <code>/proc</code> 目录，其中包涵了，<code>meminfo</code>、<code>cpuinfo</code>、<code>stat</code>、<code>uptime</code> 等资源信息。一些监控工具如 <code>free</code>、<code>top</code>、<code>htop</code> 或 <code>业务应用</code> 还依赖 <code>/proc</code> 下文件内容获取资源配置和使用情况。当它们在容器中运行时，实际还是查看到的是宿主机的资源使用，导致资源使用展示源不对，目前社区主流的解决方法是使用 <code>lxcfs</code> 的方法进行解决。</p>https://blog.treesir.pub/posts/kubekey-install-k8s/Mon, 26 Apr 2021 14:59:36 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/kubekey-install-k8s/<h2 class="relative group">环境说明 <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">概述 <div id="概述" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e6%a6%82%e8%bf%b0" aria-label="锚点">#</a> </span> </h2> <blockquote> <p><a href="https://kubesphere.io/" target="_blank" >KubeSphere</a> 是在 <a href="https://kubernetes.io/" target="_blank" >Kubernetes</a> 之上构建的面向云原生应用的<strong>分布式操作系统</strong>，完全开源，支持多云与多集群管理，提供全栈的 IT 自动化运维能力，简化企业的 DevOps 工作流。它的架构可以非常方便地使第三方应用与云原生生态组件进行即插即用 (plug-and-play) 的集成。</p>https://blog.treesir.pub/posts/k8s-nfs-strage-class/Tue, 19 Jan 2021 14:54:30 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/k8s-nfs-strage-class/<p>在 Kubernetes 集群中，持久化存储是有状态应用的重要基础设施。NFS（Network File System）作为一种成熟的网络文件系统，可以为 Kubernetes 提供简单可靠的共享存储解决方案。本文将详细介绍如何部署 NFS StorageClass 实现动态存储供应。</p> <h2 class="relative group">什么是 StorageClass <div id="什么是-storageclass" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e4%bb%80%e4%b9%88%e6%98%af-storageclass" aria-label="锚点">#</a> </span> </h2> <p>StorageClass 是 Kubernetes 中的一种资源对象，用于描述存储的&quot;类别&quot;。它的主要作用包括：</p> <ul> <li><strong>动态供应</strong>: 自动创建 PersistentVolume（PV）</li> <li><strong>存储抽象</strong>: 为不同类型的存储提供统一接口</li> <li><strong>参数化配置</strong>: 支持不同的存储参数和策略</li> <li><strong>自动化管理</strong>: 减少手动创建 PV 的工作量</li> </ul> <h2 class="relative group">方案架构 <div id="方案架构" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e6%96%b9%e6%a1%88%e6%9e%b6%e6%9e%84" aria-label="锚点">#</a> </span> </h2> <p>本方案采用以下架构：</p>https://blog.treesir.pub/posts/k8s-deploy-kafka-cluster/Tue, 19 Jan 2021 13:44:03 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/k8s-deploy-kafka-cluster/<h2 class="relative group">Apache Kafka 简介 <div id="apache-kafka-简介" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#apache-kafka-%e7%ae%80%e4%bb%8b" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">什么是 Apache Kafka <div id="什么是-apache-kafka" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e4%bb%80%e4%b9%88%e6%98%af-apache-kafka" aria-label="锚点">#</a> </span> </h2> <p>Apache Kafka 是一个开源的分布式事件流处理平台，由 LinkedIn 开发并贡献给 Apache 软件基金会。它被数千家公司用于高性能数据管道、流分析、数据集成和关键任务应用程序。</p>https://blog.treesir.pub/posts/ingress-traefik/Sun, 17 Jan 2021 16:15:32 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/ingress-traefik/<h2 class="relative group">Traefik 简介 <div id="traefik-简介" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#traefik-%e7%ae%80%e4%bb%8b" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">什么是 Traefik？ <div id="什么是-traefik" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e4%bb%80%e4%b9%88%e6%98%af-traefik" aria-label="锚点">#</a> </span> </h2> <p>Traefik 是一个现代化的云原生反向代理和负载均衡器，专为微服务架构设计。它就像一个智能的&quot;交通指挥员&quot;，能够自动发现您的服务并为它们配置路由规则。</p>https://blog.treesir.pub/posts/intermittent-coredns-hosts/Thu, 07 Jan 2021 14:34:16 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/intermittent-coredns-hosts/<h2 class="relative group">问题描述: <div id="问题描述" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e9%97%ae%e9%a2%98%e6%8f%8f%e8%bf%b0" aria-label="锚点">#</a> </span> </h2> <p>Kubernetes 节点中，有<code>一台节点</code>使用 coredns 进行解析<code>某个域名</code>时，出现间断性无法正常解析问题，而解析另外一个域名时不会出现解析问题。</p> <blockquote> <p>再次重复一下问题重点: <code>且在集群中的某台节点中出现，且使用某个域名时出现</code></p></blockquote> <h2 class="relative group">环境说明： <div id="环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li>操作系统: CentOS Linux release 7.9.2009</li> <li>Kubernetes 集群: v1.17.4 （集群使用 rancher <code>自定义添加集群</code> 一键部署）</li> <li>Dashboard: Rancher-v2.3.5</li> <li>Linux Kernel: 5.10.3-1.el7.elrepo.x86_64</li> <li>Coredns : Coredns:1.6.5 + Node-local-dns</li> </ul> <h2 class="relative group">工具说明 <div id="工具说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%b7%a5%e5%85%b7%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li> <p>测试时使用的容器: praqma/network-multitool:latest</p>https://blog.treesir.pub/posts/kubeadm-deploy-k8s1.9/Mon, 21 Dec 2020 13:19:31 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/kubeadm-deploy-k8s1.9/<h2 class="relative group">系统环境说明 <div id="系统环境说明" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%b3%bb%e7%bb%9f%e7%8e%af%e5%a2%83%e8%af%b4%e6%98%8e" aria-label="锚点">#</a> </span> </h2> <ul> <li>使用操作系统: Centos-7.9.2009</li> <li>操作系统内核版本: 4.4.248 (<code>lt</code>)</li> <li>Docker容器版本: 18.09.9</li> <li>Kubeadm 版本: 1.19.6</li> <li>节点说明: <ul> <li>master01: 192.168.8.70 ,192.168.88.70</li> <li>node01: 192.168.8.71 ,192.168.88.71</li> <li>(备注: 为每个节点配置了两个ip，对外服务网段为: <code>192.168.8.0/24</code>, 集群内部通讯: <code>192.168.88.0/24</code>)</li> </ul> </li> </ul> <h2 class="relative group">OS 准备 <div id="os-准备" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#os-%e5%87%86%e5%a4%87" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">系统初始化 <div id="系统初始化" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%b3%bb%e7%bb%9f%e5%88%9d%e5%a7%8b%e5%8c%96" aria-label="锚点">#</a> </span> </h2> <p><code>确保已将selinux关闭</code></p>