typora-root
模块三 公有云(40)
任务1 公有云服务搭建(5分)
3.1.1 私有网络管理
在公有云中完成虚拟私有云网络的创建。
3.1.2 云实例管理
登录公有云平台,创建两台云实例虚拟机。
3.1.3 管理数据库
使用intnetX-mysql网络创建两台chinaskill-sql-1和chinaskill-sql-2云服务器,并完成MongoDB安装。
##创建云服务器与上一步一样
##node1与node2进行一样的操作
[root@node1 ~]# vi /etc/yum.repos.d/
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo epel.repo.rpmnew
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo epel.repo epel-testing.repo
[root@node1 ~]# vi /etc/yum.repos.d/mongodb-org-4.0.repo
[root@node1 ~]# cat /etc/yum.repos.d/mongodb-org-4.0.repo
[mngodb-org]
name=MongoDB Repository
baseurl=http://mirrors.aliyun.com/mongodb/yum/redhat/7Server/mongodb-org/4.0/x86_64/
gpgcheck=0
enabled=1
[root@node1 ~]# yum install mongodb-org -y
[root@node1 ~]# systemctl start mongod
[root@node1 ~]# systemctl enable mongod
[root@node1 ~]# systemctl status mongod
● mongod.service - MongoDB Database Server
Loaded: loaded (/usr/lib/systemd/system/mongod.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2023-04-27 10:26:16 CST; 12s ago
Docs: https://docs.mongodb.org/manual
Main PID: 8365 (mongod)
CGroup: /system.slice/mongod.service
└─8365 /usr/bin/mongod -f /etc/mongod.conf
Apr 27 10:26:15 node1 systemd[1]: Starting MongoDB Database Server...
Apr 27 10:26:15 node1 mongod[8362]: about to fork child process, waiting until server is ready for connections.
Apr 27 10:26:15 node1 mongod[8362]: forked process: 8365
Apr 27 10:26:16 node1 mongod[8362]: child process started successfully, parent exiting
Apr 27 10:26:16 node1 systemd[1]: Started MongoDB Database Server.
3.1.4 主从数据库
在chinaskill-sql-1和chinaskill-sql-2云服务器中配置MongoDB主从数据库。
#修改配置文件
[root@node1 ~]# vi /etc/mongod.conf
bindIp: 0.0.0.0
replication:
replSetName: test
#重启服务
[root@node1 ~]# systemctl restart mongod.service
#查看集群状态
[root@node1 ~]# mongo
> rs.status()
{
"ok" : 0,
"errmsg" : "no replset config has been received",
"code" : 94,
"codeName" : "NotYetInitialized"
}
>
两个节点都和上图一样说明复制集正常启动了
#定义一个有关于主从同步的变量
> var config={_id:"test",members:
... [{_id:0,host:"172.16.2.197:27017"},
... {_id:1,host:"172.16.2.145:27017"}]}
> rs.initiate(config)
#初始化MongoDB的主从配置
> rs.initiate(config)
{ "ok" : 1 }
#查看状态
> rs.status()
{
"set" : "test",
"date" : ISODate("2023-04-27T02:38:55.312Z"),
"myState" : 2,
"term" : NumberLong(1),
"syncingTo" : "172.16.2.197:27017",
"syncSourceHost" : "172.16.2.197:27017",
"syncSourceId" : 0,
"heartbeatIntervalMillis" : NumberLong(2000),
"optimes" : {
"lastCommittedOpTime" : {
"ts" : Timestamp(1682563127, 1),
"t" : NumberLong(1)
},
"readConcernMajorityOpTime" : {
"ts" : Timestamp(1682563127, 1),
"t" : NumberLong(1)
},
"appliedOpTime" : {
"ts" : Timestamp(1682563127, 1),
"t" : NumberLong(1)
},
"durableOpTime" : {
"ts" : Timestamp(1682563127, 1),
"t" : NumberLong(1)
}
},
"lastStableCheckpointTimestamp" : Timestamp(1682563087, 6),
"electionParticipantMetrics" : {
"votedForCandidate" : true,
"electionTerm" : NumberLong(1),
"lastVoteDate" : ISODate("2023-04-27T02:38:07.656Z"),
"electionCandidateMemberId" : 0,
"voteReason" : "",
"lastAppliedOpTimeAtElection" : {
"ts" : Timestamp(1682563077, 1),
"t" : NumberLong(-1)
},
"maxAppliedOpTimeInSet" : {
"ts" : Timestamp(1682563077, 1),
"t" : NumberLong(-1)
},
"priorityAtElection" : 1,
"newTermStartDate" : ISODate("2023-04-27T02:38:07.657Z"),
"newTermAppliedDate" : ISODate("2023-04-27T02:38:08.145Z")
},
"members" : [
{
"_id" : 0,
"name" : "172.16.2.197:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 56,
"optime" : {
"ts" : Timestamp(1682563127, 1),
"t" : NumberLong(1)
},
"optimeDurable" : {
"ts" : Timestamp(1682563127, 1),
"t" : NumberLong(1)
},
"optimeDate" : ISODate("2023-04-27T02:38:47Z"),
"optimeDurableDate" : ISODate("2023-04-27T02:38:47Z"),
"lastHeartbeat" : ISODate("2023-04-27T02:38:54.642Z"),
"lastHeartbeatRecv" : ISODate("2023-04-27T02:38:53.657Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"electionTime" : Timestamp(1682563087, 1),
"electionDate" : ISODate("2023-04-27T02:38:07Z"),
"configVersion" : 1
},
{
"_id" : 1,
"name" : "172.16.2.145:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 323,
"optime" : {
"ts" : Timestamp(1682563127, 1),
"t" : NumberLong(1)
},
"optimeDate" : ISODate("2023-04-27T02:38:47Z"),
"syncingTo" : "172.16.2.197:27017",
"syncSourceHost" : "172.16.2.197:27017",
"syncSourceId" : 0,
"infoMessage" : "",
"configVersion" : 1,
"self" : true,
"lastHeartbeatMessage" : ""
}
],
"ok" : 1,
"operationTime" : Timestamp(1682563127, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1682563127, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}
test:SECONDARY>
#从节点查看
[root@node2]# mongo
> rs.status()
{
"set" : "test",
"date" : ISODate("2022-09-25T07:55:18.477Z"),
"myState" : 2,
"term" : NumberLong(1),
"syncingTo" : "192.168.200.11:27017",
"syncSourceHost" : "192.168.200.11:27017",
"syncSourceId" : 0,
"heartbeatIntervalMillis" : NumberLong(2000),
"optimes" : {
"lastCommittedOpTime" : {
"ts" : Timestamp(1664092517, 1),
"t" : NumberLong(1)
},
"readConcernMajorityOpTime" : {
"ts" : Timestamp(1664092517, 1),
"t" : NumberLong(1)
},
"appliedOpTime" : {
"ts" : Timestamp(1664092517, 1),
"t" : NumberLong(1)
},
"durableOpTime" : {
"ts" : Timestamp(1664092517, 1),
"t" : NumberLong(1)
}
},
"lastStableCheckpointTimestamp" : Timestamp(1664092457, 7),
"electionParticipantMetrics" : {
"votedForCandidate" : true,
"electionTerm" : NumberLong(1),
"lastVoteDate" : ISODate("2022-09-25T07:54:17.523Z"),
"electionCandidateMemberId" : 0,
"voteReason" : "",
"lastAppliedOpTimeAtElection" : {
"ts" : Timestamp(1664092447, 1),
"t" : NumberLong(-1)
},
"maxAppliedOpTimeInSet" : {
"ts" : Timestamp(1664092447, 1),
"t" : NumberLong(-1)
},
"priorityAtElection" : 1,
"newTermStartDate" : ISODate("2022-09-25T07:54:17.525Z"),
"newTermAppliedDate" : ISODate("2022-09-25T07:54:18.396Z")
},
"members" : [
{
"_id" : 0,
"name" : "192.168.200.11:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 69,
"optime" : {
"ts" : Timestamp(1664092507, 1),
"t" : NumberLong(1)
},
"optimeDurable" : {
"ts" : Timestamp(1664092507, 1),
"t" : NumberLong(1)
},
"optimeDate" : ISODate("2022-09-25T07:55:07Z"),
"optimeDurableDate" : ISODate("2022-09-25T07:55:07Z"),
"lastHeartbeat" : ISODate("2022-09-25T07:55:16.508Z"),
"lastHeartbeatRecv" : ISODate("2022-09-25T07:55:17.618Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"electionTime" : Timestamp(1664092457, 1),
"electionDate" : ISODate("2022-09-25T07:54:17Z"),
"configVersion" : 1
},
{
"_id" : 1,
"name" : "192.168.200.12:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 669,
"optime" : {
"ts" : Timestamp(1664092517, 1),
"t" : NumberLong(1)
},
"optimeDate" : ISODate("2022-09-25T07:55:17Z"),
"syncingTo" : "192.168.200.11:27017",
"syncSourceHost" : "192.168.200.11:27017",
"syncSourceId" : 0,
"infoMessage" : "",
"configVersion" : 1,
"self" : true,
"lastHeartbeatMessage" : ""
}
],
"ok" : 1,
"operationTime" : Timestamp(1664092517, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1664092517, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}
test:SECONDARY>
#验证主从
##在主库上,我们来创建数据
test:PRIMARY> use test
switched to db test
test:PRIMARY> db.createCollection("test")
{
"ok" : 1,
"operationTime" : Timestamp(1664092674, 1),
"$clusterTime" : {
"clusterTime" : Timestamp(1664092674, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
}
test:PRIMARY> show databases
admin 0.000GB
config 0.000GB
local 0.000GB
test 0.000GB
#接下来,我们来到从库上,来查看我们在主库上创建的结果是否出现在了从库上。
test:SECONDARY> show dbs
2022-09-25T15:58:54.336+0800 E QUERY [js] Error: listDatabases failed:{
"operationTime" : Timestamp(1664092727, 1),
"ok" : 0,
"errmsg" : "not master and slaveOk=false",
"code" : 13435,
"codeName" : "NotMasterNoSlaveOk",
"$clusterTime" : {
"clusterTime" : Timestamp(1664092727, 1),
"signature" : {
"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
"keyId" : NumberLong(0)
}
}
} :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
Mongo.prototype.getDBs@src/mongo/shell/mongo.js:151:1
shellHelper.show@src/mongo/shell/utils.js:882:13
shellHelper@src/mongo/shell/utils.js:766:15
@(shellhelp2):1:1
#从上图可以看出,我们在从库上查询的操作失败,这是因为在配置了MongoDB的主从同步后,在MongoDB的从库上,没有读和写的权限,因此我们无法查看数据。
#设置从节点可读
test:SECONDARY> db.getMongo().setSlaveOk()
#同步成功
test:SECONDARY> show dbs
admin 0.000GB
config 0.000GB
local 0.000GB
test 0.000
3.1.5 node环境管理
使用提供的压缩文件,安装Node.js环境。
[root@chinaskill-node-1-0002 ~]# wget https://nodejs.org/dist/v13.11.0/node-v13.11.0-linux-x64.tar.xz
--2023-05-04 08:41:12-- https://nodejs.org/dist/v13.11.0/node-v13.11.0-linux-x64.tar.xz
Resolving nodejs.org (nodejs.org)... 104.20.22.46, 104.20.23.46, 2606:4700:10::6814:172e, ...
Connecting to nodejs.org (nodejs.org)|104.20.22.46|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 21225324 (20M) [application/x-xz]
Saving to: ‘node-v13.11.0-linux-x64.tar.xz’
100%[==================================================================>] 21,225,324 1.36MB/s in 16s
2023-05-04 08:41:29 (1.30 MB/s) - ‘node-v13.11.0-linux-x64.tar.xz’ saved [21225324/21225324]
[root@chinaskill-node-1-0002 ~]# ll
total 20728
-rw-r--r-- 1 root root 21225324 Mar 12 2020 node-v13.11.0-linux-x64.tar.xz
[root@chinaskill-node-1-0002 ~]# tar -xvf node-v13.11.0-linux-x64.tar.xz
[root@chinaskill-node-1-0002 ~]# ll
total 20732
drwxr-xr-x 6 1001 1001 4096 Mar 12 2020 node-v13.11.0-linux-x64
-rw-r--r-- 1 root root 21225324 Mar 12 2020 node-v13.11.0-linux-x64.tar.xz
[root@chinaskill-node-1-0002 ~]# cd node-v13.11.0-linux-x64
[root@chinaskill-node-1-0002 node-v13.11.0-linux-x64]# ll
total 176
drwxr-xr-x 2 1001 1001 4096 Mar 12 2020 bin
-rw-r--r-- 1 1001 1001 54110 Mar 12 2020 CHANGELOG.md
drwxr-xr-x 3 1001 1001 4096 Mar 12 2020 include
drwxr-xr-x 3 1001 1001 4096 Mar 12 2020 lib
-rw-r--r-- 1 1001 1001 77130 Mar 12 2020 LICENSE
-rw-r--r-- 1 1001 1001 26524 Mar 12 2020 README.md
drwxr-xr-x 5 1001 1001 4096 Mar 12 2020 share
[root@chinaskill-node-1-0002 node-v13.11.0-linux-x64]# cd bin/
[root@chinaskill-node-1-0002 bin]# ./node -v
v13.11.0
[root@chinaskill-node-1-0002 ~]# ln -s /root/node-v13.11.0-linux-x64/bin/node /usr/local/bin/node
[root@chinaskill-node-1-0002 ~]# ln -s /root/node-v13.11.0-linux-x64/bin/npm /usr/local/bin/npm
[root@chinaskill-node-1-0002 ~]# node -v
v13.11.0
3.1.6 安全组管理
3.1.7 RocketChat上云
使用http服务器提供文件,将Rocket.Chat应用部署上云。
##上传rocketchat-cloud.tar.gz,进行解压
[root@chinaskill-node-1-0002 ~]# tar -xvf rocketchat-cloud.tar.gz
[root@chinaskill-node-1-0002 ~]# cd rocketchat
[root@chinaskill-node-1-0002 rocketchat]# ll
total 304780
drwxr-xr-x 2 root root 4096 Sep 28 2022 mongodb
drwxr-xr-x 2 root root 4096 Sep 28 2022 node
-rw-r--r-- 1 root root 167869971 Sep 28 2022 rocket.chat.tgz
-rw-r--r-- 1 root root 144210495 Sep 28 2022 yum.tar.gz
[root@chinaskill-node-1-0002 rocketchat]# cd node/
[root@chinaskill-node-1-0002 node]# ll
total 22592
-rw-r--r-- 1 root root 23131523 Apr 5 2022 node-v12.22.12-linux-x64.tar.gz
[root@chinaskill-node-1-0002 node]#
[root@chinaskill-node-1-0002 node]# tar -zxvf node-v12.22.12-linux-x64.tar.gz -C /root/node
##修改环境变量S
[root@chinaskill-node-1-0002 node]# tail -1 /etc/profile
export PATH=/root/node/node-v12.22.12-linux-x64/bin:$PATH
[root@chinaskill-node-1-0002 node]# node -v
v12.22.12
[root@chinaskill-node-1-0002 node]#
#安装依赖
[root@chinaskill-node-1-0002 ~]# yum install -y gcc-c++ make
[root@chinaskill-node-1-0002 ~]# yum install -y epel-release GraphicsMagick
##解压rocket.chat.tgz软件包
[root@chinaskill-node-1-0002 rocketchat]# npm config set registry https://registry.npmmirror.com/
[root@chinaskill-node-1-0002 rocketchat]# npm config set ELECTRON_MIRROR https://cdn.npmmirror.com/dist/electron/
#打包
cd /tmp/bundle/programs/server/
npm install
#移到/opt并命名Rocket.Chat
mv /tmp/bundle /opt/Rocket.Chat
#添加用户
useradd -M rocketchat && usermod -L rocketchat
#赋予权限
chown -R rocketchat:rocketchat /opt/Rocket.Chat
#
[root@rocket Rocket.Chat]# vi /lib/systemd/system/rocketchat.service
[Unit]
Description=The Rocket.Chat server
After=network.target remote-fs.target nss-lookup.target nginx.service mongod.service
[Service]
ExecStart=/usr/local/node/bin/node /opt/Rocket.Chat/main.js
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=rocketchat
User=rocketchat
Environment=MONGO_URL=mongodb://192.168.1.182:27017/rocketchat?replicaSet=rs01 MONGO_OPLOG_URL=mongodb://192.168.1.182:27017/local?replicaSet=rs01 ROOT_URL=http://localhost:3000/ PORT=3000
[Install]
WantedBy=multi-user.target
#启动
[root@rocket Rocket.Chat]# systemctl start rocketchat
[root@rocket Rocket.Chat]# systemctl status rocketchat
● rocketchat.service - The Rocket.Chat server
Loaded: loaded (/usr/lib/systemd/system/rocketchat.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2022-10-03 14:43:40 CST; 1min 54s ago
Main PID: 8973 (node)
CGroup: /system.slice/rocketchat.service
└─8973 /usr/local/node/bin/node /opt/Rocket.Chat/main.js
Oct 03 14:44:00 rocket rocketchat[8973]: | MongoDB Engine: wiredTiger |
Oct 03 14:44:00 rocket rocketchat[8973]: | Platform: linux |
Oct 03 14:44:00 rocket rocketchat[8973]: | Process Port: 3000 |
Oct 03 14:44:00 rocket rocketchat[8973]: | Site URL: http://localhost:3000/ |
Oct 03 14:44:00 rocket rocketchat[8973]: | ReplicaSet OpLog: Enabled |
Oct 03 14:44:00 rocket rocketchat[8973]: | Commit Hash: 9b685693fb |
Oct 03 14:44:00 rocket rocketchat[8973]: | Commit Branch: HEAD |
Oct 03 14:44:00 rocket rocketchat[8973]: | |
Oct 03 14:44:00 rocket rocketchat[8973]: +-----------------------------------------------+
Oct 03 14:44:26 rocket rocketchat[8973]: (node:8973) [DEP0005] DeprecationWarning: Buffer() is deprecated due to sec...stead.
Hint: Some lines were ellipsized, use -l to show in full.
3.1.8 NAT网关
根据要求创建一个公网NAT网关。
3.1.9云服务器备份
创建一个云服务器备份存储库名为server_backup,容量为100G。将ChinaSkill-node-1云服务器制作镜像文件chinaskill-image。
3.1.10 负载均衡器
根据要求创建一个负载均衡器chinaskill-elb。
3.1.11 弹性伸缩管理
根据要求新建一个弹性伸缩启动配置。
任务2 公有云服务运维(10分)
3.2.1 云容器引擎
在公有云上,按照要求创建一个x86架构的容器云集群。
3.2.2 云容器管理
使用插件管理在kcloud容器集群中安装Dashboard可视化监控界面。
3.2.3 使用kubectl操作集群
在kcloud集群中安装kubectl命令,使用kubectl命令管理kcloud集群。
#1 安装kubectl
其实node上是已经安装了kubectl的,但是会报这个错:
[root@kcloud-server ~]# kubectl get node
The connection to the server localhost:8080 was refused - did you specify the right host or port?
#这个其实是因为没有配置文件和环境变量的原因,为了记录整个过程,我把node节点上原有的kubectl卸载了。
然后重新安装:
先配置yum源(建议使用阿里的源,华为的不好用,期待完善)
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
然后开始安装,注意,版本一定要和集群的版本对应
[root@kcloud-server ~]# yum install -y kubectl-1.25.1
2 下载配置文件
这个在官网的页面按照操作进行就行(链接:https://console.huaweicloud.com/cce2.0/?agencyId=07fb10cb020026b81f90c00e0ba587f6®ion=cn-east-3&locale=zh-cn#/app/resource/cluster/detail/accessAPI?clusterName=test&clusterId=7631fcee-894f-11ec-b434-0255ac1002c7&type=api)
点这里:
3 安装和配置kubectl
mkdir -p $HOME/.kube
mv -f kubeconfig.json $HOME/.kube/config
4 切换kubectl的访问模式
[root@kcloud-server home]# kubectl get node
NAME STATUS ROLES AGE VERSION
172.16.1.25 Ready <none> 14m v1.25.3-r0-25.1.23
[root@kcloud-server home]#
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-E0IY6a7l-1686127383485)(/k8s1.png)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-ZJQFQg5W-1686127383486)(/k8s2.png)]
3.2.4 安装Helm
使用提供的Helm软件包,在kcloud集群中安装Helm服务。
[root@kcloud-21836 ~]# tar -zxvf helm-v3.10.1-linux-amd64.tar.gz
linux-amd64/
linux-amd64/helm
linux-amd64/LICENSE
linux-amd64/README.md
[root@kcloud-21836 ~]# helm version
version.BuildInfo{Version:"v3.10.1", GitCommit:"9f88ccb6aee40b9a0535fcc7efea6055e1ef72c9", GitTreeState:"clean", GoVersion:"go1.18.7"}
3.2.5 根据提供的chart包mariadb-7.3.14.tgz部署mariadb服务,修改mariadb使用NodePort模式对其进行访问。
[root@kcloud-21836 ~]# helm install mariadb mariadb/
NAME: mariadb
LAST DEPLOYED: Wed May 31 14:53:45 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
[root@kcloud-21836 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mariadb-848b94c775-d8np4 1/1 Running 0 29s
mysql-5c6c7986f5-4kr5b 1/1 Running 0 16m
nginx-d5f959df4-4lm2s 1/1 Running 0 6m26s
wordpress-7f9587fb4f-rrncz 1/1 Running 0 16m
[root@kcloud-21836 ~]# kubectl get svc |grep mariadb
mariadb NodePort 10.247.206.107 <none> 3306:32334/TCP 11m
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-EXoqGGhZ-1686127383486)(/mariadb1.png)]
3.2.6 在k8s集群中创建mariadb命名空间,根据提供的chart包mariadb-7.3.14.tgz修改其配置,使用NodePort模式对其进行访问。
[root@kcloud-21836 ~]# cat mariadbnamespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: mariadb
[root@kcloud-21836 ~]# kubectl create -f mariadbnamespace.yaml
namespace/mariadb created
[root@kcloud-21836 ~]# helm install mariadb mariadb/ -n mariadb
NAME: mariadb
LAST DEPLOYED: Wed May 31 15:09:27 2023
NAMESPACE: mariadb
STATUS: deployed
REVISION: 1
TEST SUITE: None
[root@kcloud-21836 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.247.0.1 <none> 443/TCP 46m
mariadb NodePort 10.247.206.107 <none> 3306:32334/TCP 15m
mysql ClusterIP 10.247.202.181 <none> 3306/TCP 31m
nginx NodePort 10.247.77.152 <none> 80:30880/TCP 21m
wordpress NodePort 10.247.202.57 <none> 80:30417/TCP 31m
[root@kcloud-21836 ~]# kubectl get namespace
NAME STATUS AGE
default Active 46m
kube-node-lease Active 46m
kube-public Active 46m
kube-system Active 46m
mariadb Active 6m4s
[root@kcloud-21836 ~]# kubectl get svc -n mariadb
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
mariadb NodePort 10.247.14.17 <none> 3306:32304/TCP 37s
3.2.7 云硬盘存储卷
按照要求购买云硬盘存储卷。
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-IYSsUO5j-1686127383487)(/云硬盘1.png)]
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-qknboSop-1686127383487)(/云硬盘2.png)]
3.2.8 多容器Pod管理
在kcloud集群节点/root目录下编写YAML文件mu-pod.yaml,要求一个pod中包含两个容器。
[root@kcloud-server ~]# vi mu-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: mu-pod
namespace: default
spec:
containers:
- name: containers01
image: nginx
ports:
- name: http
containerPort: 80
- name: containers02
image: tomcat
ports:
- name: tomcat
containerPort: 80
3.2.9 Namespace管理
在kcloud集群节点/root目录下编写YAML文件my-namespace.yaml并创建namespace。
[root@kcloud-server ~]# vi my-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: test
3.2.10 Secrets管理–Opaque
在master节点/root目录下编写YAML文件secret.yaml,要求执行文件创建密钥。
[root@kcloud-server ~]# vi secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: mysecret
namespace: default
data:
username: YWRtaW4=
password: MWYyZDFlMmU2N2Rm
type: Opaque
3.2.11 私有仓库管理
在master节点添加搭建的本地私有chart仓库源,并上传wordpress-13.0.23.tgz包至chartmuseum私有仓库中。可以使用本地仓库chart源部署应用。
#为/data/charts授予777权限
chmod 777 /data/charts/
#查看svc
[root@kcloud-server ~]# kubectl get svc -n chartmuseum
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
chartmuseum ClusterIP 10.247.199.133 <none> 8080/TCP 24m
#添加本地仓库源,name 为 chartmuseum
[root@kcloud-server ~]# helm repo add chartmuseum http://10.247.199.133:8080
"chartmuseum" has been added to your repositories
[root@kcloud-server ~]# helm repo list
NAME URL
chartmuseum http://10.247.199.133:8080
#上传wordpress-13.0.23.tgz 包至 chartmuseum 私有仓库中
[root@kcloud-server ~]# curl --data-binary "@wordpress-13.0.23.tgz" http://10.247.199.133:8080/api/charts
{"saved":true}[root@kcloud-server ~]#
#更新仓库
[root@kcloud-server ~]# helm repo update
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "chartmuseum" chart repository
Update Complete. ⎈ Happy Helming!⎈
#列出
[root@kcloud-server ~]# helm search repo wordpress
NAME CHART VERSION APP VERSION DESCRIPTION
chartmuseum/wordpress 13.0.23 5.9.2 WordPress is the world's most popular blogging ...
#/data/charts/目录查看
[root@kcloud-server charts]# ls
index-cache.yaml wordpress-13.0.23.tgz
3.2.12 公有云安全:入侵检测系统
使用提供的makechk.tar.gz包安装chkrootkit入侵检测工具,安装完毕后使用chkrootkit工具扫描系。
#购买centos7.9云主机
#上传makechk.tar.gz,chkrootkit.tar.gz软件包
#解压makechk.tar.gz软件
#配置yum源
[root@ecs-cecc ~]# cat /etc/yum.repos.d/local.repo
[local]
name=local
baseurl=file:///root/makechk
gpgcheck=0
enabled=1
[root@ecs-cecc ~]# yum makecache
#安装编译安装依赖包
[root@ecs-cecc packages]# cd /root/ && yum install -y gcc gcc-c++ make glibc*
#解压chkrootkit.tar.gz
#查看目录文件
[root@ecs-cecc ~]# cd chkrootkit-0.55/
[root@ecs-cecc chkrootkit-0.55]# ls
ACKNOWLEDGMENTS chkdirs.c chkproc.c chkrootkit.lsm chkwtmp.c ifpromisc.c patch README.chklastlog strings.c
check_wtmpx.c chklastlog.c chkrootkit chkutmp.c COPYRIGHT Makefile README README.chkwtmp
#编译安装
[root@ecs-cecc chkrootkit-0.55]# make sense
cc -DHAVE_LASTLOG_H -o chklastlog chklastlog.c
cc -DHAVE_LASTLOG_H -o chkwtmp chkwtmp.c
cc -DHAVE_LASTLOG_H -D_FILE_OFFSET_BITS=64 -o ifpromisc ifpromisc.c
cc -o chkproc chkproc.c
cc -o chkdirs chkdirs.c
cc -o check_wtmpx check_wtmpx.c
cc -static -o strings-static strings.c
cc -o chkutmp chkutmp.c
#添加环境变量
[root@ecs-cecc ~]# cp -r chkrootkit-0.55/ /usr/local/chkrootkit
[root@ecs-cecc ~]# cd /usr/local/chkrootkit/
[root@ecs-cecc chkrootkit]# ls
ACKNOWLEDGMENTS chkdirs chklastlog.c chkrootkit chkutmp.c COPYRIGHT Makefile README.chklastlog strings-static
check_wtmpx chkdirs.c chkproc chkrootkit.lsm chkwtmp ifpromisc patch README.chkwtmp
check_wtmpx.c chklastlog chkproc.c chkutmp chkwtmp.c ifpromisc.c README strings.c
[root@ecs-cecc chkrootkit]# cp chkrootkit /usr/bin/
#查看版本
[root@ecs-cecc chkrootkit]# chkrootkit -V
chkrootkit version 0.55
#创建/var/log/chkrootkit/chkrootkit.log文件
[root@ecs-cecc ~]# mkdir /var/log/chkrootkit/
[root@ecs-cecc ~]# touch /var/log/chkrootkit/chkrootkit.log
#扫描系统保存至/var/log/chkrootkit/chkrootkit.log
[root@ecs-cecc ~]# chkrootkit > /var/log/chkrootkit/chkrootkit.log
#查看扫描结果
[root@ecs-cecc ~]# cat /var/log/chkrootkit/chkrootkit.log
ROOTDIR is `/'
Checking `amd'... not found
Checking `basename'... not infected
Checking `biff'... not found
Checking `chfn'... not infected
Checking `chsh'... not infected
Checking `cron'... not infected
Checking `crontab'... not infected
Checking `date'... not infected
Checking `du'... not infected
Checking `dirname'... not infected
Checking `echo'... not infected
Checking `egrep'... not infected
Checking `env'... not infected
Checking `find'... not infected
Checking `fingerd'... not found
Checking `gpm'... not found
Checking `grep'... not infected
Checking `hdparm'... not found
Checking `su'... not infected
Checking `ifconfig'... not infected
Checking `inetd'... not tested
Checking `inetdconf'... not found
Checking `identd'... not found
Checking `init'... not infected
Checking `killall'... not infected
Checking `ldsopreload'... can't exec ./strings-static, not tested
Checking `login'... not infected
Checking `ls'... not infected
Checking `lsof'... not infected
Checking `mail'... not infected
Checking `mingetty'... not found
Checking `netstat'... not infected
Checking `named'... not found
Checking `passwd'... not infected
Checking `pidof'... not infected
Checking `pop2'... not found
Checking `pop3'... not found
Checking `ps'... not infected
Checking `pstree'... not infected
Checking `rpcinfo'... not found
Checking `rlogind'... not found
Checking `rshd'... not found
Checking `slogin'... not infected
Checking `sendmail'... not infected
Checking `sshd'... not found
Checking `syslogd'... not tested
Checking `tar'... not infected
Checking `tcpd'... not found
Checking `tcpdump'... not infected
Checking `top'... not infected
Checking `telnetd'... not found
Checking `timed'... not found
Checking `traceroute'... not found
Checking `vdir'... not infected
Checking `w'... not infected
Checking `write'... not infected
Checking `aliens'... no suspect files
Searching for sniffer's logs, it may take a while... nothing found
Searching for HiDrootkit's default dir... nothing found
Searching for t0rn's default files and dirs... nothing found
Searching for t0rn's v8 defaults... nothing found
Searching for Lion Worm default files and dirs... nothing found
Searching for RSHA's default files and dir... nothing found
Searching for RH-Sharpe's default files... nothing found
Searching for Ambient's rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while...
/usr/lib/debug/usr/.dwz
Searching for LPD Worm files and dirs... nothing found
Searching for Ramen Worm files and dirs... nothing found
Searching for Maniac files and dirs... nothing found
Searching for RK17 files and dirs... nothing found
Searching for Ducoci rootkit... nothing found
Searching for Adore Worm... nothing found
Searching for ShitC Worm... nothing found
Searching for Omega Worm... nothing found
Searching for Sadmind/IIS Worm... nothing found
Searching for MonKit... nothing found
Searching for Showtee... nothing found
Searching for OpticKit... nothing found
Searching for T.R.K... nothing found
Searching for Mithra... nothing found
Searching for LOC rootkit... nothing found
Searching for Romanian rootkit... nothing found
Searching for HKRK rootkit... nothing found
Searching for Suckit rootkit... nothing found
Searching for Volc rootkit... nothing found
Searching for Gold2 rootkit... nothing found
Searching for TC2 Worm default files and dirs... nothing found
Searching for Anonoying rootkit default files and dirs... nothing found
Searching for ZK rootkit default files and dirs... nothing found
Searching for ShKit rootkit default files and dirs... nothing found
Searching for AjaKit rootkit default files and dirs... nothing found
Searching for zaRwT rootkit default files and dirs... nothing found
Searching for Madalin rootkit default files... nothing found
Searching for Fu rootkit default files... nothing found
Searching for ESRK rootkit default files... nothing found
Searching for rootedoor... nothing found
Searching for ENYELKM rootkit default files... nothing found
Searching for common ssh-scanners default files... nothing found
Searching for Linux/Ebury - Operation Windigo ssh... not tested
Searching for 64-bit Linux Rootkit ... nothing found
Searching for 64-bit Linux Rootkit modules... nothing found
Searching for Mumblehard Linux ... nothing found
Searching for Backdoor.Linux.Mokes.a ... nothing found
Searching for Malicious TinyDNS ... nothing found
Searching for Linux.Xor.DDoS ... nothing found
Searching for Linux.Proxy.1.0 ... nothing found
Searching for CrossRAT ... nothing found
Searching for Hidden Cobra ... nothing found
Searching for Rocke Miner ... nothing found
Searching for PWNLNX4 lkm... nothing found
Searching for PWNLNX6 lkm... nothing found
Searching for Umbreon lrk... nothing found
Searching for Kinsing.a backdoor... nothing found
Searching for RotaJakiro backdoor... nothing found
Searching for suspect PHP files... nothing found
Searching for anomalies in shell history files... Warning: `//root/.bash_history
//root/.history' file size is zero
Checking `asp'... not infected
Checking `bindshell'... not infected
Checking `lkm'... not tested: can't exec
Checking `rexedcs'... not found
Checking `sniffer'... not tested: can't exec ./ifpromisc
Checking `w55808'... not infected
Checking `wted'... not tested: can't exec ./chkwtmp
Checking `scalper'... not infected
Checking `slapper'... not infected
Checking `z2'... not tested: can't exec ./chklastlog
Checking `chkutmp'... not tested: can't exec ./chkutmp
Checking `OSX_RSPLUG'... not tested
3.2.13 公有云安全:日志分析服务
然后使用提供的sepb_elk_latest.tar镜像安装ELK服务。
#上传docker-repo.tar.gz,sepb_elk_latest.tar
#解压docker-repo.tar.gz
#配置yum源安装docker
[root@ecs-cecc ~]# cat /etc/yum.repos.d/local.repo
[local]
name=local
baseurl=file:///opt/docker-repo
gpgcheck=0
enabled=1
[root@ecs-cecc ~]# yum clean all
[root@ecs-cecc ~]# yum makecache
#安装docker
[root@ecs-cecc ~]# yum install -y docker-ce
#启动docker,设置为开机自启
[root@ecs-cecc ~]# systemctl start docker && systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
#查看状态
[root@ecs-cecc ~]# systemctl status docker
#导入镜像
[root@ecs-cecc ~]# docker load -i sepb_elk_latest.tar
#启动elk容器(由于Elasticsearch启动需要最大虚拟内存区域数量,修改sysctl.conf文件追加vm.max_map_count=262144)
[root@ecs-cecc ~]# docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 -e ES_MIN_MEM=128m -e ES_MAX_MEM=1024m -it --name elk sebp/elk:latest
[root@ecs-cecc ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1bf5111a8a0c sebp/elk:latest "/usr/local/bin/star…" About a minute ago Up About a minute 0.0.0.0:5044->5044/tcp, 0.0.0.0:5601->5601/tcp, 9300/tcp, 0.0.0.0:9200->9200/tcp, 9600/tcp elk
[root@ecs-cecc ~]#
#上传filebeat-7.13.2-x86_64.rpm
#安装filebeat
[root@ecs-cecc ~]# yum install -y filebeat-7.13.2-x86_64.rpm
#启动
[root@ecs-cecc ~]# systemctl start filebeat
#查看状态
[root@ecs-cecc ~]# systemctl status filebeat
#应用filebeat
方式一:(收集yum数据到本地文件)
[root@ecs-cecc ~]# vi /etc/filebeat/filebeat.yml
filebeat.inputs:
- type: log
enabled: True
paths:
- /var/log/yum.log
output.file:
path: "/tmp"
filename: "filebeat-test.txt"
#重启filebeat服务
[root@ecs-cecc ~]# systemctl restart filebeat
#安装httpd服务
[root@ecs-cecc ~]# yum install -y httpd
#验证
[root@ecs-cecc tmp]# cat /tmp/filebeat-test.txt
{"@timestamp":"2022-10-16T09:20:03.410Z","@metadata":{"beat":"filebeat","type":"_doc","version":"7.13.2"},"log":{"offset":2213,"file":{"path":"/var/log/yum.log"}},"message":"Oct 16 17:20:02 Installed: httpd-2.4.6-97.el7.centos.5.x86_64","input":{"type":"log"},"host":{"hostname":"ecs-cecc","architecture":"x86_64","name":"ecs-cecc","os":{"family":"redhat","name":"CentOS Linux","kernel":"3.10.0-1160.53.1.el7.x86_64","codename":"Core","type":"linux","platform":"centos","version":"7 (Core)"},"id":"acca19161ce94d449c58923b12797030","containerized":false,"ip":["192.168.1.151","fe80::f816:3eff:fe79:d168","172.17.0.1","fe80::42:40ff:fef4:5e7","fe80::14fb:49ff:feec:ffad"],"mac":["fa:16:3e:79:d1:68","02:42:40:f4:05:e7","16:fb:49:ec:ff:ad"]},"agent":{"version":"7.13.2","hostname":"ecs-cecc","ephemeral_id":"a522699e-3e6b-44a7-b833-d14b43d2edba","id":"67d653cb-908e-418f-9356-5b7f2461dbe8","name":"ecs-cecc","type":"filebeat"},"ecs":{"version":"1.8.0"},"cloud":{"machine":{"type":"c6s.xlarge.2"},"service":{"name":"Nova"},"provider":"openstack","instance":{"name":"ecs-cecc.novalocal","id":"i-0129dc00"},"availability_zone":"cn-east-2c"}}
方式二:(收集yum数据到Elasticsearch中)
#修改配置文件
[root@ecs-cecc ~]# cat /etc/filebeat/filebeat.yml
filebeat.inputs:
- type: log
enabled: True
paths:
- /var/log/yum.log
output.elasticsearch:
hosts: ["localhost:9200"]
#重启
[root@ecs-cecc ~]# systemctl restart filebeat
3.2.14 WordPress应用部署
根据提供的chart包wordpress-13.0.23.tgz部署WordPress服务。
[root@kcloud-21836 ~]# ll
total 17768
-rw-r----- 1 root root 1532 May 31 14:25 check_env.sh
-rw-r----- 1 root root 1935 May 31 14:25 disk_filter.sh
-rw------- 1 root root 14565908 May 31 14:30 helm-v3.10.1-linux-amd64.tar.gz
drwxr-xr-x 2 3434 3434 4096 May 31 14:33 linux-amd64
drwx------ 4 root root 4096 May 31 14:36 mariadb
drwx------ 4 root root 4096 May 31 14:34 nginx
-rw-r----- 1 root root 722 May 31 14:25 print_log.sh
-rw-r----- 1 root root 3595678 Nov 29 2022 socat.tgz
drwx------ 4 root root 4096 May 31 14:34 wordpress
[root@kcloud-21836 ~]# helm install wordpress wordpress/
NAME: wordpress
LAST DEPLOYED: Wed May 31 14:37:44 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
[root@kcloud-21836 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
mysql-5c6c7986f5-4kr5b 1/1 Running 0 84s
wordpress-7f9587fb4f-rrncz 1/1 Running 0 84s
[root@kcloud-21836 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.247.0.1 <none> 443/TCP 46m
mariadb NodePort 10.247.206.107 <none> 3306:32334/TCP 15m
mysql ClusterIP 10.247.202.181 <none> 3306/TCP 31m
nginx NodePort 10.247.77.152 <none> 80:30880/TCP 21m
wordpress NodePort 10.247.202.57 <none> 80:30417/TCP 31m
3.2.15 ChartMuseum仓库部署
在k8s集群中创建chartmuseum命名空间,编写yaml文件在chartmuseum命名空间中使用chartmuseum:latest镜像创建本地私有chart仓库。
apiVersion: v1
kind: Namespace
metadata:
name: chartmuseum
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: chartmuseum
name: chartmuseum
namespace: chartmuseum
spec:
replicas: 1
selector:
matchLabels:
app: chartmuseum
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app: chartmuseum
spec:
containers:
- image: chartmuseum/chartmuseum:latest
imagePullPolicy: IfNotPresent
name: chartmuseum
ports:
- containerPort: 8080
protocol: TCP
env:
- name: DEBUG
value: "1"
- name: STORAGE
value: local
- name: STORAGE_LOCAL_ROOTDIR
value: /charts
resources:
limits:
cpu: 500m
memory: 256Mi
requests:
cpu: 100m
memory: 64Mi
volumeMounts:
- mountPath: /charts
name: charts-volume
volumes:
- name: charts-volume
nfs:
path: /data/charts
server: 192.168.200.10
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: chartmuseum
namespace: chartmuseum
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
app: chartmuseum
3.2.16 生命周期管理-配置Pod生命周期
登录kcloud集群节点,在default命名空间下创建一个名Pod,并进行Pod生命周期管理。
##nginx为例
apiVersion: v1
kind: Pod
metadata:
name: pod-hook-exec
namespace: dev
spec:
containers:
- name: main-container
image: nginx:1.17.1
ports:
- name: nginx-port
containerPort: 80
lifecycle:
postStart:
exec: #在容器启动的时候执行一个命令,修改掉nginx的默认首页内容
command: ["/bin/sh","-c","echo postStart... > /usr/share/nginx/html/index.html"]
preStop: #在容器停止之前停止nginx服务
exec:
command: ["/usr/sbin/nginx","-s","quit"]
3.2.17 定时任务管理—创建定时任务
在kcloud集群节点/root目录下编写yaml文件date.yaml完成定时管理任务。
apiversion: batch/vl beta
kind: CronJob
metadata:
name: hello
spec:
schedule: "*/1 * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name:hello
image:busybox
args:
- /bin/sh
- -C
- date;echo Hello from the Kubernetes cluster restartPolicy:OnFailure
3.2.18 HPA管理—创建HPA规则
在kcloud集群节点/root目录下编写YAML文件hpa.yaml,完成HPA管理。
[root@k8s-master-node1 ~]# cat web.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: web
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: web
template:
metadata:
labels:
app: web
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
[root@k8s-master-node1 ~]# cat deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: web
spec:
replicas: 1
selector:
matchLabels:
app: web
template:
metadata:
labels:
app: web
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 500m # 指定所需的 CPU 资源 request
[root@k8s-master-node1 ~]# cat hpa.yaml
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: web
namespace: default
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: web
minReplicas: 1
maxReplicas: 1000 #指定伸缩范围为 1–1000
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80
behavior:
scaleUp:
stabilizationWindowSeconds: 5
policies:
- type: Pods
value: 9 #9倍数量的副本数
periodSeconds: 1
scaleDown:
stabilizationWindowSeconds: 5 #时间窗口为 5s
policies:
- type: Pods
value: 1
periodSeconds: 1
[root@k8s-master-node1 ~]# kubectl apply -f web.yaml
[root@k8s-master-node1 ~]# kubectl apply -f deployment.yaml
[root@k8s-master-node1 ~]# kubectl apply -f hpa.yaml
3.2.19 使用Helm模板文章来源:https://www.toymoban.com/news/detail-557353.html
使用赛项提供的mychart-0.1.0.tgz模板包,在kcloud集群中安装名为nginx的模板实例。文章来源地址https://www.toymoban.com/news/detail-557353.html
[root@kcloud-21836 ~]# helm install nginx nginx/
NAME: nginx
LAST DEPLOYED: Wed May 31 14:47:47 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
[root@kcloud-21836 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
mysql-5c6c7986f5-4kr5b 1/1 Running 0 10m
nginx-d5f959df4-4lm2s 1/1 Running 0 9s
wordpress-7f9587fb4f-rrncz 1/1 Running 0 10m
[root@kcloud-21836 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.247.0.1 <none> 443/TCP 46m
mariadb NodePort 10.247.206.107 <none> 3306:32334/TCP 15m
mysql ClusterIP 10.247.202.181 <none> 3306/TCP 31m
nginx NodePort 10.247.77.152 <none> 80:30880/TCP 21m
wordpress NodePort 10.247.202.57 <none> 80:30417/TCP 31m
到了这里,关于2023云计算国赛样题梳理的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!