使用eksctl启动Amazon-EKS
假设
-
- Windows10
-
- eksctl
EKSチュートリアルをなぞる
去吧,平凡的寻找
安装Chocolately
@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"
安装eksctl
chocolatey install -y eksctl aws-iam-authenticator
确认安装
eksctl version
部署Cluster
eksctl create cluster --name prod --version 1.13 --nodegroup-name standard-workers --node-type t3.medium --nodes 3 --nodes-min 1 --nodes-max 4 --node-ami auto
看起来kubectl没有安装。
kubectl的安装
你可以直接在C:\WINDOWS\system32中创建,而不必经过Path。
C:\WINDOWS\system32>curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.15.0/bin/windows/amd64/kubectl.exe
看到这个服务时,发现了一个名为Kubernetes的服务。
C:\WINDOWS\system32>kubectl.exe get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.100.0.1 <none> 443/TCP 10m
部署Dashboard所需的yaml文件
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
据说要部署能够负责监测容器资源的heapster。
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/heapster.yaml
serviceaccount/heapster created
deployment.extensions/heapster created
service/heapster created
部署Heapster的后端数据库InfluxDB。
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/influxdb.yaml
deployment.extensions/monitoring-influxdb created
service/monitoring-influxdb created
仪表板的heapster集群角色绑定
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/rbac/heapster-rbac.yaml
clusterrolebinding.rbac.authorization.k8s.io/heapster created
创建一个服务账户以便能够访问仪表板。
apiVersion: v1
kind: ServiceAccount
metadata:
name: eks-admin
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: eks-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: eks-admin
namespace: kube-system
部署我们在上面创建的yaml文件。
C:\WINDOWS\system32>kubectl apply -f c:\Users\yuta\Downloads\eks-admin-service-account.yaml
serviceaccount/eks-admin created
clusterrolebinding.rbac.authorization.k8s.io/eks-admin created
获取令牌
C:\WINDOWS\system32>kubectl -n kube-system describe secret eks-admin-token-62ksw
Name: eks-admin-token-62ksw
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: eks-admin
kubernetes.io/service-account.uid: cb651adb-cd4b-11e9-b3a3-06c60c4db86a
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJla3MtYWRtaW4tdG9rZW4tNjJrc3ciLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZWtzLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiY2I2NTFhZGItY2Q0Yi0xMWU5LWIzYTMtMDZjNjBjNGRiODZhIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmVrcy1hZG1pbiJ9.knete3qk-RkMIOVeYBtCD1fFxO1uNN2-42CGpRoapeTOBZM3zHmHF6Q1D_NovuALCeRFKaJJpHIiGsoq16iwNfGToUvKfoQPMHcqeMTQ33YUh4iScmbq7XjBIh5wN-Vf6jUzJ9bJhUZ2hNxCVcvjUcRu2JU02phwddusg_nrd3CsPFu3mhuD7HuaYo8ZC66kKBalhe3q4ceWOURjp59ak2b81NR6fjazatv_Y-VQkh57LRouqEbdlb7lWN2tgLpiSzXZYBJkcH3t2qzfsiOGlg4lcuh2_JyJO2byGezzGStfz2ZS7GbJWGgg9VPQ9zM_adMI78kIqiyjV63vakck-Q
将控制台保持连接,以便可以连接到Dashboard容器。
C:\WINDOWS\system32>kubectl proxy
Starting to serve on 127.0.0.1:8001
访问仪表板
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login
本地:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/登录
我成功登录了。
当我查看EC2时
