以下默认使用ClusterIP会存在问题如下https://blog.51cto.com/kusorz/2495252PDOException:SQLSTATE[HY000][2002]OperationtimedoutinapiVersion: v1kind: Servicemetadata:  name: mysql-serverspec:  ports:  - port: 3306    targetPort: 3306    protocol: TCP---apiVersion: v1kind: En...

# kubectl get ingress -n xxx-prod  xxx-app -o yamlapiVersion: extensions/v1beta1kind: Ingressmetadata:  annotations:    meta.helm.sh/release-name: xxx-prod    meta.helm.sh/release-namespace: xxx-prod    nginx.ingress.kubernetes.io/affinity: cooki...

k create -f kubia-ingress.yamlerror when creating "kubia-ingress.yaml": Internal error occurred: failed calling webhook "validate.nginx.ingress.kubernetes.io": Post "https://ingress-nginx-controller-admission.kube-system.svc:443/networking/v1beta1/ingresses?timeout=10s": x509: certi...

kubectltaintnodenode1key1=value1:NoSchedulekubectltaintnodenode-role.kubernetes.io/master:NoSchedulekubectltaintnodesmaster-116node-role.kubernetes.io/master=:NoSchedule安全组sg-bp1cwrlyepk7ogjcnzdw 正常APIServer公网访问EIPeip-bp1fxk80smyjr56ot5iby 正常 sed-i'/^PermitRootLogin/s/no/yes/'/etc/ssh/sshd_config rm-rf/var/lib/rabbitmq/mnesia echo"me...

1、设置为不可调度kubectlcordonkubernetes-work-412、设置为不可调度kubectluncordonkubernetes-work-413、驱逐已经运行的业务容器kubectldrain--ignore-daemonsetskubernetes-work-41--force4、如果想删除node节点，则进行这个步骤kubectldeletenodek8s-node-1...

创建拉取镜像的secrets，使用场景为pods创建的过程中，kaniko在私有仓库中，需要设置kubectl create secret docker-registry harbor-regsecret-pull \  --docker-server=harbor.h.idx.ee \  --docker-username=user-pull \  --docker-password=a123456创建推送镜像的secrets，使用场景是将此权限通过挂载到kaniko容器内，当构建完进项之后，用此权限推送至目标仓库kubectl create secret docker-registry harbor-reg...

https://www.cnblogs.com/zisefeizhu/p/13262239.html...

curl http://nginx-test.yyyy.xxxx.com/hostname.html curl https://nginx-test.yyyy.xxxx.com/hostname.htmlapiVersion: networking.k8s.io/v1kind: Ingressmetadata:  name: ingressspec:  rules:  - host: nginx-test.yyyy.xxxx.com    http:      paths:   &nb...

安装containerd容器组件yum install -y yum-utils device-mapper-persistent-data lvm2yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo查看containerd.io可用版本yum search containerd.io --showduplicates安装最新版containerd.ioyum install -y containerd.io创建containerd配置文件mkdir -p /e...

nginx.ingress.kubernetes.io/proxy-buffering:"on"nginx.ingress.kubernetes.io/proxy-buffers-number:"32"nginx.ingress.kubernetes.io/proxy-buffer-size:"128k"nginx.ingress.kubernetes.io/proxy-body-size:20mnginx.ingress.kubernetes.io/proxy-connect-timeout:30nginx.ingress.kubernetes.io/proxy-send-timeout:30nginx.ingress.kubernetes.io/proxy-read-timeout:30nginx.ingress...

背景  ：可能是节点内核崩了，重启节点机器，kubelet无法启动查看日志 tail-f /var/log/message关键字  but --cgroup-rootwasnotspecified .  defaultingto/查看docker的cgroupcat/etc/docker/daemon.json..."exec-opts": ["native.cgroupdriver=systemd"]...查找kublet配置文件，找cgroupdriver/usr/lib/systemd/system/kubelet.service.d更改重启kubelet   sys...

修改service-node-port-range监听端口vim /etc/kubernetes/manifests/kube-apiserver.yamlspec:  containers:  - command:    - --service-node-port-range=1-65535    #添加重启apiserver，dockerrestartC_API_xxx部署MetalLBMetalLB是开源的LoadBalancer。它处理ServiceType:Loadbalancer。helm repo add bitnami https://charts.bitnami...

1、安装helmhelm和kubernetes版本对应关系可以查看https://helm.sh/docs/topics/version_skew/wget https://get.helm.sh/helm-v3.4.0-linux-amd64.tar.gztar-zxf helm-v3.4.0-linux-amd64.tar.gzmvlinux-amd64/helm /usr/local/bin/helmhelmversionecho 'source <(helm completion bash)' >> ~/.bashrcsource ~/.bashrchelmv3对比v2已经不需要安装tiller，默认也是使用 ~/.ku...

1、安装metrics-server.yaml文件内容如下，可以拿官方配置文件和以下内容对比cat metrics-server.yaml---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata:  name: system:aggregated-metrics-reader  labels:    rbac.authorization.k8s.io/aggregate-to-view: "true"    rbac.authorization.k8s.io/aggregate-to-edit...

#准备正式开始安装#修改主机名称(多台主机依次修改)hostnamectl --static set-hostname master01hostnamectl --static set-hostname master02hostnamectl --static set-hostname master03hostnamectl --static set-hostname worker01hostnamectl --static set-hostname worker02hostnamectl --static set-hostname worker03hostnamectl -...