tips(k8s): update

AkiraXue · Mar 12, 2023 · ab977a4 · ab977a4
1 parent 4d045c9
commit ab977a4
Show file tree

Hide file tree

Showing 7 changed files with 715 additions and 5 deletions.
diff --git a/go/go-learn/README.md b/go/go-learn/README.md
@@ -534,4 +534,6 @@ v
 
 机器码 -> 算数运算编写复杂，比如开根号等 -> 诞生了「库」概念
 
-机器码 -> 二进制0或1编写复杂 -> 汇编代码
+机器码 -> 二进制0或1编写复杂 -> 汇编代码
+
+# Goroutine调度
diff --git a/go/grpc-demo/main.go b/go/grpc-demo/main.go
@@ -7,6 +7,7 @@ import (
 	"grpc-demo/demo"
 	"net"
 	"net/http"
+	"time"
 
 	"github.com/grpc-ecosystem/grpc-gateway/runtime"
 
@@ -48,6 +49,7 @@ type demoServer struct {
 
 func (s *demoServer) SayHello(context.Context, *demo.HelloRequest) (reply *demo.HelloReply, err error) {
 	fmt.Println("SayHello")
+	time.Sleep(5 * time.Second)
 	reply = &demo.HelloReply{
 		Message: "hello",
 	}

diff --git a/go/grpc-demo/test/api_test.go b/go/grpc-demo/test/api_test.go
@@ -2,25 +2,42 @@ package test
 
 import (
 	"context"
+	"fmt"
 	"grpc-demo/demo"
 	"testing"
 	"time"
 
 	"google.golang.org/grpc"
 )
 
+func ClientTimeoutInterceptor(
+	ctx context.Context,
+	method string,
+	req,
+	reply interface{},
+	cc *grpc.ClientConn,
+	invoker grpc.UnaryInvoker,
+	opts ...grpc.CallOption,
+) error {
+	ctxWithTimeout, cancel := context.WithTimeout(ctx, 1*time.Second)
+	defer cancel()
+	err := invoker(ctxWithTimeout, method, req, reply, cc, opts...)
+	fmt.Println("ClientTimeoutInterceptor")
+	return err
+}
+
 func TestHello(t *testing.T) {
 
-	connection, err := grpc.Dial(":8888", grpc.WithInsecure(), grpc.WithBlock())
+	connection, err := grpc.Dial(":8888", grpc.WithInsecure(), grpc.WithBlock(), grpc.WithUnaryInterceptor(ClientTimeoutInterceptor))
 	if err != nil {
 		t.Error(err)
 		return
 	}
 	defer connection.Close()
 	client := demo.NewGreeterClient(connection)
-	ctx, cancel := context.WithTimeout(context.Background(), time.Second)
-	defer cancel()
-	resp, err := client.SayHello(ctx, &demo.HelloRequest{
+	// ctx, cancel := context.WithTimeout(context.Background(), time.Second)
+	// defer cancel()
+	resp, err := client.SayHello(context.Background(), &demo.HelloRequest{
 		Name: "aaa",
 	})
 	if err != nil {

diff --git a/k8s/README.md b/k8s/README.md
@@ -0,0 +1,151 @@
+```
+这可能会出现一个问题 Get http://localhost:10248/healthz: dial tcp 127.0.0.1:10248: connect: connection refused.
+解决方式
+
+解决方法
+
+[root@k8s-node2 ~]# vim /etc/docker/daemon.json
+
+{
+"exec-opts": ["native.cgroupdriver=systemd"],
+}
+```
+
+```md
+kubeadm join 10.206.0.15:6443 --token nzk9iq.kplkpfr497mfrszy \
+        --discovery-token-ca-cert-hash sha256:4cc3d99a8d5345f3a62ada878df287d14daa6d11a2b93744776e449ed9832e04
+```
+
+```md
+[root@k8s-01 ~]# containerd config default > /etc/containerd/config.toml
+
+--config,-c可以在启动守护程序时更改此路径
+配置文件的默认路径位于/etc/containerd/config.toml
+默认情况下k8s.gcr.io无法访问，所以使用我提供的阿里云镜像仓库地址即可
+sed -i 's/k8s.gcr.io/registry.cn-hangzhou.aliyuncs.com\/google_containers/' /etc/containerd/config.toml
+（此处应该改为手动vim修改配置文件，搜索k8s.gcr.io，修改为registry.cn-hangzhou.aliyuncs.com/google_containers）
+```
+
+
+```md
+获取：<your node name>：kubectl get node
+
+获取<taint name> ：kubectl describe node <your node name> | grep Taints
+
+移除taint：kubectl taint node <your node name> <taint name>
+```
+
+获取dashborad token:
+```
+<!-- 查看所有角色 -->
+kubectl get role -n kube-system
+
+kubectl get secret -n kubernetes-dashboard
+
+创建示例用户: https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
+
+生成token: 
+kubectl -n kubernetes-dashboard create token admin-user
+```
+
+
+获取token 方式3:
+
+kubectl get secret -n kubernetes-dashboard
+
+kubectl describe secrets -n kubernetes-dashboard kubernetes-dashboard-token-wvr8b  | grep token | awk 'NR==3{print $2}'
+
+
+重启集群
+```
+systemctl restart docker
+```
+
+118.195.228.232（公）
+10.206.0.4（内）
+
+kubeadm reset -f
+
+journalctl -u kubelet 
+systemctl status kubelet
+
+安装ingress
+```
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.1/deploy/static/provider/cloud/deploy.yaml
+
+https://kubernetes.github.io/ingress-nginx/deploy/#quick-start
+```
+
+```
+当Pod状态是 ImagePullBackOff 表示和镜像下载有关错误，可以通过 kubectl describe pod <pod-id> 来查看原因
+
+kubectl describe pod <pod id> -n <namespace>
+```
+
+docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.3.0
+
+
+- 删除pod `kubectl delete -n <namespace name> deployment <pod name>`
+
+kubectl get all -n ingress-nginx
+
+kubectl logs ingress-nginx-admission-patch-drzpw -n ingress-nginx
+
+source<(kubectl completion bash)
+
+kubectl create ingress demo --class=nginx \
+  --rule="k8s.tigerb.cn/*=demo:80"
+
+
+kubectl get -A ValidatingWebhookConfiguration
+
+kubectl create ingress demo --class=nginx   --rule="k8s.tigerb.cn/*=demo:80"
+
+
+https://github.com/danderson/metallb
+
+
+---
+
+`dashboard-adminuser.yaml`配置文件示例：
+
+```
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: admin-user
+  namespace: kubernetes-dashboard
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: admin-user
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+- kind: ServiceAccount
+  name: admin-user
+  namespace: kubernetes-dashboard
+```
+
+官方教程创建示例用户: https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
+
+创建用户：
+kubectl apply -f dashboard-adminuser.yaml
+
+创建成功之后提示：
+```
+serviceaccount/admin-user created
+clusterrolebinding.rbac.authorization.k8s.io/admin-user created
+```
+
+chrome浏览器访问 `https://外网IP:30000`
+
+浏览器 thisisunsafe 回车
+
+生成token: 
+kubectl -n kubernetes-dashboard create token admin-user
+
+kubectl create token admin-user -n kubernetes-dashboard