服務架構
部署環境
系統環境
這裡使用centOS7進行的測試,生産環境計劃使用Ubuntu18.04。
# cat /etc/redhat-release
# 7.7也可以
CentOS Linux release 7.4.1708 (Core)
docker版本
# docker -v
Docker version 20.10.8, build 3967b7d
k8s版本
# kubectl version
Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.10", GitCommit:"eae22ba6238096f5dec1ceb62766e97783f0ba2f", GitTreeState:"clean", BuildDate:"2022-05-24T12:56:35Z", GoVersion:"go1.16.15", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.10", GitCommit:"eae22ba6238096f5dec1ceb62766e97783f0ba2f", GitTreeState:"clean", BuildDate:"2022-05-24T12:50:52Z", GoVersion:"go1.16.15", Compiler:"gc", Platform:"linux/amd64"}
安裝 govc 工具
該工具可以安裝在k8s叢集其中一台master主機上,也可以單獨部署在叢集之外的一台主機上。
源碼安裝
# 選擇版本,直接安裝binaries
curl -L https://github.com/vmware/govmomi/releases/download/v0.19.0/govc_linux_amd64.gz | gunzip > /usr/local/bin/govc
chmod +x /usr/local/bin/govc
設定govc環境變量
這裡我們将環境變量寫到 /etc/profile 檔案中
# 設定環境變量
export GOVC_URL='vcenter.test.com' # vCenter ip位址或FQDN
export GOVC_USERNAME='[email protected]' # vCenter administrator賬号
export GOVC_PASSWORD='123456' # vCenter administrator賬号密碼
export GOVC_INSECURE=1 # 如果使用了自簽名證書,設定為"1"
# 加載配置
source !$
檢視 govc 版本資訊
# govc env
# govc about
Name: VMware vCenter Server
Vendor: VMware, Inc.
Version: 7.0.1
Build: 17005016
OS type: linux-x64
API type: VirtualCenter
API version: 7.0.1.1
Product ID: vpx
UUID: 5af25bfe-40a0-4b12-8721-e0c8dad7f398
部署虛拟機設定UUID
這裡認為已經部署好組建k8s所需虛拟機資源。
需要注意的是,建立的虛拟機存放的位置即檔案目錄,設定方法如下:
點選vcenter菜單-->虛拟機和模闆-->建立檔案夾-->建立虛拟機和檔案夾,這裡我建立的檔案夾名稱是
kubernetes-cluster
,将建立好的虛拟機放置該檔案夾下即可。
設定disk UUID
設定 disk UUID 有兩種方式,一種是通過govc指令行,另一種使用vsphere client web界面設定。
通過指令行
# 格式:/<datacenter>/vm/<vsphere vm folder>
# <datacenter>:vsphere中datacenter名,根據實際環境填寫,這裡取值"Mcloud";
# vm:固定參數,如:vm,network,host,datastore;
# <vsphere vm folder>:自定義名字的"vsphere vm folder",這裡取值"kubernetes-cluster"
govc ls /Datacenter/vm/kubernetes-cluster
# 輸出該檔案下的虛拟機
/Datacenter/vm/kubernetes-cluster/k8s-test
設定kubernetes叢集vm節點的disk UUID為true:
# "disk.enableUUID=1"即為"true";
# 将已設定"disk.enableUUID=1"的vm打成模闆,通過模闆克隆出新的vm可繼承此屬性
govc vm.change -e="disk.enableUUID=1" -vm='/Datacenter/vm/kubernetes-cluster/k8s-test'
使用vsphere client web界面
控制台上找到待配置的虛拟機,點選操作-->編輯設定-->虛拟機選項-->進階-->配置參數-->添加"disk.enableUUID=1"即為"true"。
部署k8s
本節不是本文重點,這裡暫且略過~
安裝 vSphere Cloud Provider Interface
在所有kubernetes master節點建立檔案(自定義路徑&名字):/etc/kubernetes/vsphere.conf,這裡定義一個全局的
vsphere.conf
檔案。
kubectl create configmap cloud-config --from-file=vsphere.conf --namespace=kube-system
驗證 configmap 是否已在 kube-system 命名空間中成功建立。
# kubectl get configmap cloud-config --namespace=kube-system
NAME DATA AGE
cloud-config 1 82s
檢查所有節點是否被污染
在安裝 vSphere Cloud Controller Manager 之前,請確定所有work節點都被
node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
污染。
如下例子:
# 擷取節點
kubectl get node
# 添加污點
kubectl taint node <node name> node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
# kubectl describe nodes | egrep "Taints:|Name:"
Name: k8s-master
Taints: node-role.kubernetes.io/master:NoSchedule
Name: k8s-node1
Taints: node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
Name: k8s-node2
Taints: node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
Name: k8s-node3
Taints: node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
Name: k8s-node4
Taints: node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
安裝 vSphere Cloud Controller Manager
檔案存放目錄:
~/CPI
,部署如下:
# kubectl apply -f cloud-controller-manager-roles.yaml
clusterrole.rbac.authorization.k8s.io/system:cloud-controller-manager created
# kubectl apply -f cloud-controller-manager-role-bindings.yaml
clusterrolebinding.rbac.authorization.k8s.io/system:cloud-controller-manager created
# kubectl apply -f vsphere-cloud-controller-manager-ds.yaml
serviceaccount/cloud-controller-manager created
daemonset.extensions/vsphere-cloud-controller-manager created
service/vsphere-cloud-controller-manager created
确認 vSphere Cloud Controller Manager 已成功安裝:
# kubectl get pods --namespace=kube-system
NAME READY STATUS RESTARTS AGE
vsphere-cloud-controller-manager-549hb 1/1 Running 0 25s
确認 vSphere Provider ID:
kubectl describe nodes | grep ProviderID
ProviderID: vsphere://37dc2542-21a2-6d5e-2915-7064adc2b57e
ProviderID: vsphere://4225e3e2-464f-aade-0a2c-af15ec8bf3bd
ProviderID: vsphere://4225ff74-3717-1e4e-66f5-440310c89356
ProviderID: vsphere://4225a419-790d-fec3-da17-d6c54a31ba4f
檢查所有節點是否未受污染:
當 vSphere Cloud Controller Manager 安裝完成,将會從所有 worker node 中移除
node.cloudprovider.kubernetes.io/uninitialized
參數,如下:
# kubectl describe nodes | egrep "Taints:|Name:"
Name: k8s-master
Taints: node-role.kubernetes.io/master:NoSchedule
Name: k8s-node1
Taints: <none>
Name: k8s-node2
Taints: <none>
Name: k8s-node3
Taints: <none>
Name: k8s-node4
Taints: <none>
說明:如果沒有自動移除,手動移除下:
kubectl taint node <node name> node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule-
安裝 vSphere Container Storage Interface Driver
vSphere對接容器存儲插件架構如下:
所在檔案目錄:
~/drive
,部署如下:
# 建立驅動命名空間
kubectl create ns vmware-system-csi
# 建立vSphere配置檔案
cat /etc/kubernetes/csi-vsphere.conf
kubectl create secret generic vsphere-config-secret --from-file=csi-vsphere.conf --namespace=vmware-system-csi
kubectl apply -f vsphere-csi-driver.yaml
建立存儲政策
建立StorageClass
kubectl apply -f vsphere-storageclass.yaml
# kubectl get sc
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
mongodb-sc (default) csi.vsphere.vmware.com Delete Immediate false 24h
實戰--mongodb使用vsan卷
kubectl apply -f mongo-server.yaml
# 檢視服務狀态
# kubectl get statefulset
NAME READY AGE
mongod 3/3 24h
# kubectl get pod
NAME READY STATUS RESTARTS AGE
mongod-0 1/1 Running 0 24h
mongod-1 1/1 Running 0 24h
mongod-2 1/1 Running 0 24h
# 檢視使用的卷和sc即vsan
# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
mongodb-persistent-storage-claim-mongod-0 Bound pvc-65f515f7-7fd0-4c83-8757-ab6623a709ae 1Gi RWO mongodb-sc 24h
mongodb-persistent-storage-claim-mongod-1 Bound pvc-0cd9ce26-6b60-4c10-baeb-56576ef86207 1Gi RWO mongodb-sc 24h
mongodb-persistent-storage-claim-mongod-2 Bound pvc-33a3095f-0a40-49b4-bdcc-60fef043ad28 1Gi RWO mongodb-sc 24h
容器存儲卷管理可視化
參考文檔
- Deploying a Kubernetes Cluster on vSphere with CSI and CPI
- 如何在 vSAN 6.7u3 部署 Kubernetes CSI 套件
- Kubernetes調用vSphere vSAN做持久化存儲
- vsphere-csi-driver version