Kubernetes CKS 2021【7】---Cluster Setup - Verify Platform

简介: Kubernetes CKS 2021【7】---Cluster Setup - Verify Platform

文章目录

1. Practice - Download and verify K8s release

root@master:~# k get nodes
NAME     STATUS   ROLES                  AGE   VERSION
master   Ready    control-plane,master   95d   v1.20.1
node1    Ready    <none>                 95d   v1.20.1
node2    Ready    <none>                 95d   v1.20.1

下载kubernets库

https://github.com/kubernetes/kubernetes/releases/tag/v1.20.1

https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#v1201

下载:kubernetes-server-linux-arm64.tar.gz

root@master:~/k8slib# sha512sum kubernetes-server-linux-arm64.tar.gz 
b93857e8c38e433f3edd1ea5727c64b79e1898bcfb8b31a823024c06c2dc66b047482f28d8e89db5c1aae99532a7820dc0212b2aa5a51de3b9c94aa88514b372  kubernetes-server-linux-arm64.tar.gz
root@master:~/k8slib# sha512sum kubernetes-server-linux-arm64.tar.gz  > compare
root@master:~/k8slib# vim compare
root@master:~/k8slib# cat compare
b93857e8c38e433f3edd1ea5727c64b79e1898bcfb8b31a823024c06c2dc66b047482f28d8e89db5c1aae99532a7820dc0212b2aa5a51de3b9c94aa88514b372

复制此sha512 hash至compare

1035234-20181020215539574-213176954.png

root@master:~/k8slib# cat compare
b93857e8c38e433f3edd1ea5727c64b79e1898bcfb8b31a823024c06c2dc66b047482f28d8e89db5c1aae99532a7820dc0212b2aa5a51de3b9c94aa88514b372
b93857e8c38e433f3edd1ea5727c64b79e1898bcfb8b31a823024c06c2dc66b047482f28d8e89db5c1aae99532a7820dc0212b2aa5a51de3b9c94aa88514b372
root@master:~/k8slib# cat compare | uniq   #确认二者相同
b93857e8c38e433f3edd1ea5727c64b79e1898bcfb8b31a823024c06c2dc66b047482f28d8e89db5c1aae99532a7820dc0212b2aa5a51de3b9c94aa88514b372

2. Practice - Verify apiserver binary running in our cluster

root@master:~/k8slib# ls
compare  kubernetes-server-linux-arm64.tar.gz
root@master:~/k8slib# tar zxf kubernetes-server-linux-arm64.tar.gz 
root@master:~/k8slib# ls
compare  kubernetes  kubernetes-server-linux-arm64.tar.gz
root@master:~/k8slib# ls kubernetes/server/bin/kube-apiserver
kubernetes/server/bin/kube-apiserver
root@master:~/k8slib# sha512sum kubernetes/server/bin/kube-apiserver
4d7b3752148a56e457621b1e163f7ef28732c7748f188ca282aed4d540f6e1ec1d48a510ef6d31467d8756ba3f827e5637eb793b89e14eafd9127d6d5ab8424e  kubernetes/server/bin/kube-apiserver
root@master:~/k8slib# sha512sum kubernetes/server/bin/kube-apiserver > compare
root@master:~/k8slib# k -n kube-system get pod | grep api
kube-apiserver-master                      1/1     Running   2          96d
root@master:~/k8slib# k -n kube-system get pod kube-apiserver-master -o yaml | grep image
            f:image: {}
            f:imagePullPolicy: {}
    image: k8s.gcr.io/kube-apiserver:v1.20.1
    imagePullPolicy: IfNotPresent
    image: k8s.gcr.io/kube-apiserver:v1.20.1
    imageID: docker://sha256:ca9843d3b545457f24b012d6d579ba85f132f2406aa171ad84d53caa55e5de99
root@master:~/k8slib# k -n kube-system exec kube-apiserver-master -- sh
OCI runtime exec failed: exec failed: container_linux.go:346: starting container process caused "exec: \"sh\": executable file not found in $PATH": unknown
command terminated with exit code 126
root@master:~/k8slib# k -n kube-system exec kube-apiserver-master -- bash
OCI runtime exec failed: exec failed: container_linux.go:346: starting container process caused "exec: \"bash\": executable file not found in $PATH": unknown
command terminated with exit code 126
root@master:~/k8slib# docker ps |grep apiserver
0fb5321dfd57        ca9843d3b545           "kube-apiserver --ad…"   2 months ago        Up 2 months                             k8s_kube-apiserver_kube-apiserver-master_kube-system_ee31a01764366141f7c85e23f94828f8_2
82760b2dffdc        k8s.gcr.io/pause:3.2   "/pause"                 2 months ago        Up 2 months                             k8s_POD_kube-apiserver-master_kube-system_ee31a01764366141f7c85e23f94828f8_2
root@master:~/k8slib# docker cp 0fb5321dfd57:/ container-fs
root@master:~/k8slib# ls container-fs/
bin  boot  dev  etc  go-runner  home  lib  proc  root  run  sbin  sys  tmp  usr  var
root@master:~/k8slib# find container-fs/ | grep kube-apiserver
container-fs/usr/local/bin/kube-apiserver
root@master:~/k8slib# sha512sum container-fs/usr/local/bin/kube-apiserver
4d7b3752148a56e457621b1e163f7ef28732c7748f188ca282aed4d540f6e1ec1d48a510ef6d31467d8756ba3f827e5637eb793b89e14eafd9127d6d5ab8424e  container-fs/usr/local/bin/kube-apiserver
root@master:~/k8slib# sha512sum container-fs/usr/local/bin/kube-apiserver > compare
root@master:~/k8slib#  vim compare
root@master:~/k8slib# cat compare 
4d7b3752148a56e457621b1e163f7ef28732c7748f188ca282aed4d540f6e1ec1d48a510ef6d31467d8756ba3f827e5637eb793b89e14eafd9127d6d5ab8424e
4d7b3752148a56e457621b1e163f7ef28732c7748f188ca282aed4d540f6e1ec1d48a510ef6d31467d8756ba3f827e5637eb793b89e14eafd9127d6d5ab8424e
root@master:~/k8slib# cat compare | uniq  #确认版本一致
4d7b3752148a56e457621b1e163f7ef28732c7748f188ca282aed4d540f6e1ec1d48a510ef6d31467d8756ba3f827e5637eb793b89e14eafd9127d6d5ab8424e

3. 官方验证

kubectl version --short --client
#download checksum for kubectl for linux - (change version)
curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256"
#download old version
curl -LO "https://dl.k8s.io/v1.22.1/bin/linux/amd64/kubectl.sha256"
#download checksum for kubectl for mac - (change version)
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/darwin/amd64/kubectl.sha256"
#insall coreutils (for mac)
brew install coreutils
#verify kubectl binary (for linux)
echo "$(<kubectl.sha256) /usr/bin/kubectl" | sha256sum --check
#verify kubectl binary (for mac)
echo "$(<kubectl.sha256) /usr/local/bin/kubectl" | sha256sum -c

Ref: https://github.com/kubernetes/kubernetes/releases

Ref:https://github.com/kubernetes/kubernetes/tree/master/CHANGELOG#changelogs

Ref: https://kubernetes.io/docs/tasks/tools/


相关实践学习
通过Ingress进行灰度发布
本场景您将运行一个简单的应用,部署一个新的应用用于新的发布,并通过Ingress能力实现灰度发布。
容器应用与集群管理
欢迎来到《容器应用与集群管理》课程,本课程是“云原生容器Clouder认证“系列中的第二阶段。课程将向您介绍与容器集群相关的概念和技术,这些概念和技术可以帮助您了解阿里云容器服务ACK/ACK Serverless的使用。同时,本课程也会向您介绍可以采取的工具、方法和可操作步骤,以帮助您了解如何基于容器服务ACK Serverless构建和管理企业级应用。 学习完本课程后,您将能够: 掌握容器集群、容器编排的基本概念 掌握Kubernetes的基础概念及核心思想 掌握阿里云容器服务ACK/ACK Serverless概念及使用方法 基于容器服务ACK Serverless搭建和管理企业级网站应用
相关文章
|
7月前
|
Kubernetes 容器
k8s学习-CKS真题-日志审计 log audit
k8s学习-CKS真题-日志审计 log audit
174 0
|
7月前
|
Kubernetes 安全 Ubuntu
k8s学习-CKS真题-Dockerfile和deployment优化
k8s学习-CKS真题-Dockerfile和deployment优化
137 0
|
7月前
|
Kubernetes 容器
k8s学习-CKS真题-ImagePolicyWebhook容器镜像扫描
k8s学习-CKS真题-ImagePolicyWebhook容器镜像扫描
212 0
|
7月前
|
Kubernetes Cloud Native 安全
云原生|kubernetes|2022年底cks真题解析(11-16)
云原生|kubernetes|2022年底cks真题解析(11-16)
156 0
|
7月前
|
Kubernetes Cloud Native 安全
云原生|kubernetes|2022年底cks真题解析(1-10)
云原生|kubernetes|2022年底cks真题解析(1-10)
81 0
|
7月前
|
Kubernetes 供应链 安全
k8s学习-CKS考试必过宝典
k8s学习-CKS考试必过宝典
199 0
|
7月前
|
Kubernetes 安全 容器
k8s学习-CKS真题-TLS安全配置
k8s学习-CKS真题-TLS安全配置
158 0
|
7月前
|
Kubernetes Ubuntu Linux
k8s学习-CKS真题-利用AppArmor进行应用行为限制
k8s学习-CKS真题-利用AppArmor进行应用行为限制
103 0
|
7月前
|
Kubernetes 安全 容器
k8s学习-CKS真题-Context安全上下文
k8s学习-CKS真题-Context安全上下文
133 0
|
7月前
|
Kubernetes API 网络架构
k8s学习-CKS真题-启用API Server认证,禁止匿名访问
k8s学习-CKS真题-启用API Server认证,禁止匿名访问
187 0