如何在Ubuntu上管理Kubernetes集群
在开始管理Kubernetes前,需确保Ubuntu节点(Master/Worker)满足以下基础要求:
/etc/hosts文件添加节点IP与主机名映射);sudo swapoff -a,并注释/etc/fstab中的swap行;cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf,添加net.bridge.bridge-nf-call-iptables = 1、net.bridge.bridge-nf-call-ip6tables = 1、net.ipv4.ip_forward = 1,然后运行sudo sysctl --system生效;ntpdate并同步时间:sudo apt install -y ntpdate && sudo ntpdate ntp.aliyun.com。Kubernetes依赖容器运行时管理容器,Ubuntu上常用Docker:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg;echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null;sudo apt update && sudo apt install -y docker-ce docker-ce-cli containerd.io;sudo systemctl start docker && sudo systemctl enable docker。在所有节点上安装kubelet、kubeadm、kubectl(用于集群管理和命令行操作):
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -,然后执行echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list;sudo apt update && sudo apt install -y kubelet kubeadm kubectl;sudo apt-mark hold kubelet kubeadm kubectl。Master节点是集群的控制平面,负责调度、管理集群状态:
sudo kubeadm init --pod-network-cidr=10.244.0.0/16;kubeadm join命令(用于Worker节点加入集群);kubectl(用于与集群交互):mkdir -p $HOME/.kube && sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config && sudo chown $(id -u):$(id -g) $HOME/.kube/config。Kubernetes需要网络插件实现Pod间通信,常用插件及部署方式:
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml;kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml。kubectl get pods -n kube-system(所有Pod应为Running)。Worker节点负责运行应用程序容器,通过kubeadm join命令加入集群(需使用Master初始化时输出的命令):
sudo kubeadm join 192.168.1.100:6443 --token <token> --discovery-token-ca-cert-hash sha256:<hash>(替换为实际的IP、Token和哈希值)。kubectl get nodes查看节点状态(需等待Ready)。kubectl get nodes;kubectl get pods -A(-A表示所有命名空间);kubectl create deployment nginx --image=nginx;kubectl expose deployment nginx --port=80 --type=NodePort;kubectl logs <pod-name>。K9s(TUI工具):sudo snap install k9s,提供可视化界面管理集群;Lens(GUI工具):下载.deb包安装,支持集群监控、日志分析、资源编辑等功能。kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml;kubectl proxy启动代理,然后在浏览器访问http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/(需配置Token认证)。kubectl apply -f https://raw.githubusercontent.com/portainer/portainer-kubernetes/master/deploy/portainer.yaml;kubectl port-forward或Ingress暴露服务,然后在浏览器访问http://<node-ip>:9000。Prometheus+Grafana:部署Prometheus Operator(kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/master/bundle.yaml),然后导入Grafana Dashboard(如Kubernetes Cluster Monitoring);Metrics Server(轻量级监控):kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml,支持kubectl top命令。Fluentd+Elasticsearch+Kibana(EFK栈):部署Fluentd作为日志收集器,将日志发送到Elasticsearch,通过Kibana可视化;Loki(轻量级日志):helm repo add grafana https://grafana.github.io/helm-charts && helm install loki grafana/loki-stack,配合Grafana查看日志。Kubewatch(事件通知):kubectl apply -f https://github.com/bitnami-labs/kubewatch/releases/latest/download/kubewatch.yaml,配置通知(如Slack、Email);Sonobuoy(集群测试):curl -LO https://github.com/vmware-tanzu/sonobuoy/releases/latest/download/sonobuoy_0.56.10_linux_amd64.tar.gz && tar -xzf sonobuoy_*.tar.gz && ./sonobuoy run,生成集群状态报告。通过以上步骤,可在Ubuntu上完成Kubernetes集群的部署、配置及管理,满足日常运维需求。