Kubernetes容器编排实战:从零搭建生产级K8s集群完全指南📅 发布日期:2026-05-21 | 🏷️ 标签:Kubernetes、容器编排、云原生、DevOps、微服务、Docker📖 阅读时间:约35分钟 | 💡 难度:中级到高级前言:为什么Kubernetes是云原生时代的必备技能?在当今的云原生时代,Kubernetes(简称K8s)已经成为容器编排的事实标准。无论是初创公司还是大型企业,都在使用Kubernetes来管理他们的容器化应用。Kubernetes的核心价值:自动化部署:一键部署和更新应用弹性伸缩:根据负载自动扩缩容服务发现:自动发现和负载均衡服务自我修复:自动重启失败的容器配置管理:统一管理配置和密钥今天,我将带你从零开始,一步步搭建一个生产级的Kubernetes集群,并部署一个完整的微服务应用。第一章:Kubernetes基础概念1.1 Kubernetes架构概述Kubernetes采用主从架构,包含以下核心组件:控制平面(Control Plane):API Server:集群的入口,所有操作都通过API Serveretcd:分布式键值存储,保存集群状态Scheduler:将Pod调度到合适的节点Controller Manager:维护集群状态的控制器工作节点(Worker Node):kubelet:节点上的代理,管理Pod生命周期kube-proxy:网络代理,实现Service的负载均衡容器运行时:运行容器的引擎(如containerd、Docker)1.2 核心资源对象# Pod:最小的部署单元apiVersion:v1kind:Podmetadata:name:my-podlabels:app:my-appspec:containers:-name:my-containerimage:nginx:latestports:-containerPort:80resources:requests:memory:"64Mi"cpu:"250m"limits:memory:"128Mi"cpu:"500m"Pod的特点:一个Pod可以包含多个容器Pod内容器共享网络和存储Pod是调度的最小单位Pod是短暂的,可以被随时替换1.3 Deployment:声明式管理Pod# Deployment:管理Pod的副本数apiVersion:apps/v1kind:Deploymentmetadata:name:my-appnamespace:defaultspec:replicas:3# 3个副本selector:matchLabels:app:my-apptemplate:metadata:labels:app:my-appspec:containers:-name:my-appimage:my-app:1.0.0ports:-containerPort:8080env:-name:DATABASE_URLvalueFrom:secretKeyRef:name:db-secretkey:urlresources:requests:memory:"256Mi"cpu:"250m"limits:memory:"512Mi"cpu:"500m"livenessProbe:httpGet:path:/healthport:8080initialDelaySeconds:30periodSeconds:10readinessProbe:httpGet:path:/readyport:8080initialDelaySeconds:5periodSeconds:5Deployment的优势:声明式管理,描述期望状态自动维护副本数支持滚动更新和回滚可以设置资源限制和探针1.4 Service:服务发现和负载均衡# Service:暴露应用apiVersion:v1kind:Servicemetadata:name:my-app-servicespec:selector:app:my-appports:-protocol:TCPport:80# Service端口targetPort:8080# Pod端口type:ClusterIP# 集群内部访问---# Ingress:外部访问入口apiVersion:networking.k8s.io/v1kind:Ingressmetadata:name:my-app-ingressannotations:nginx.ingress.kubernetes.io/rewrite-target:/spec:rules:-host:myapp.example.comhttp:paths:-path:/pathType:Prefixbackend:service:name:my-app-serviceport:number:80Service类型:ClusterIP:集群内部访问(默认)NodePort:通过节点端口访问LoadBalancer:使用云负载均衡器ExternalName:映射到外部域名第二章:搭建Kubernetes集群2.1 使用kubeadm搭建集群环境准备:# 所有节点执行# 1. 关闭swapsudoswapoff-asudosed-i'/ swap / s/^\(.*\)$/#\1/g'/etc/fstab# 2. 配置内核参数catEOF|sudotee/etc/modules-load.d/k8s.confoverlay br_netfilter EOFsudomodprobe overlaysudomodprobe br_netfiltercatEOF|sudotee/etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 EOFsudosysctl--system# 3. 安装containerdsudoapt-getupdatesudoapt-getinstall-ycontainerd# 4. 配置containerdsudomkdir-p/etc/containerd containerd config default|sudotee/etc/containerd/config.tomlsudosed-i's/SystemdCgroup = false/SystemdCgroup = true/'/etc/containerd/config.tomlsudosystemctl restart containerd# 5. 安装kubeadm、kubelet、kubectlsudoapt-getupdatesudoapt-getinstall-yapt-transport-https ca-certificatescurlgpgcurl-fsSLhttps://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key|sudogpg--dearmor-o/etc/apt/keyrings/kubernetes-apt-keyring.gpgecho'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /'|sudotee/etc/apt/sources.list.d/kubernetes.listsudoapt-getupdatesudoapt-getinstall-ykubelet kubeadm kubectlsudoapt-mark hold kubelet kubeadm kubectl初始化主节点:# 主节点执行sudokubeadm init\--pod-network-cidr=10.244.0.0/16\--service-cidr=10.96.0.0/12\--apiserver-advertise-address=主节点IP# 配置kubectlmkdir-p$HOME/.kubesudocp-i/etc/kubernetes/admin.conf$HOME/.kube/configsudochown$(id-u):$(id-g)$HOME/.kube/config# 安装网络插件(Calico)kubectl apply-fhttps://docs.projectcalico.org/manifests/calico.yaml加入工作节点:# 工作节点执行sudokubeadmjoin主节点IP:6443--tokentoken--discovery-token-ca-cert-hash sha256:hash2.2 使用Minikube搭建本地集群# 安装Minikubecurl-LOhttps://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64sudoinstallminikube-linux-amd64 /usr/local/bin/minikube# 启动集群minikube start\--driv
Kubernetes容器编排实战从零搭建生产级K8s集群完全指南
发布时间:2026/5/21 14:49:34
Kubernetes容器编排实战:从零搭建生产级K8s集群完全指南📅 发布日期:2026-05-21 | 🏷️ 标签:Kubernetes、容器编排、云原生、DevOps、微服务、Docker📖 阅读时间:约35分钟 | 💡 难度:中级到高级前言:为什么Kubernetes是云原生时代的必备技能?在当今的云原生时代,Kubernetes(简称K8s)已经成为容器编排的事实标准。无论是初创公司还是大型企业,都在使用Kubernetes来管理他们的容器化应用。Kubernetes的核心价值:自动化部署:一键部署和更新应用弹性伸缩:根据负载自动扩缩容服务发现:自动发现和负载均衡服务自我修复:自动重启失败的容器配置管理:统一管理配置和密钥今天,我将带你从零开始,一步步搭建一个生产级的Kubernetes集群,并部署一个完整的微服务应用。第一章:Kubernetes基础概念1.1 Kubernetes架构概述Kubernetes采用主从架构,包含以下核心组件:控制平面(Control Plane):API Server:集群的入口,所有操作都通过API Serveretcd:分布式键值存储,保存集群状态Scheduler:将Pod调度到合适的节点Controller Manager:维护集群状态的控制器工作节点(Worker Node):kubelet:节点上的代理,管理Pod生命周期kube-proxy:网络代理,实现Service的负载均衡容器运行时:运行容器的引擎(如containerd、Docker)1.2 核心资源对象# Pod:最小的部署单元apiVersion:v1kind:Podmetadata:name:my-podlabels:app:my-appspec:containers:-name:my-containerimage:nginx:latestports:-containerPort:80resources:requests:memory:"64Mi"cpu:"250m"limits:memory:"128Mi"cpu:"500m"Pod的特点:一个Pod可以包含多个容器Pod内容器共享网络和存储Pod是调度的最小单位Pod是短暂的,可以被随时替换1.3 Deployment:声明式管理Pod# Deployment:管理Pod的副本数apiVersion:apps/v1kind:Deploymentmetadata:name:my-appnamespace:defaultspec:replicas:3# 3个副本selector:matchLabels:app:my-apptemplate:metadata:labels:app:my-appspec:containers:-name:my-appimage:my-app:1.0.0ports:-containerPort:8080env:-name:DATABASE_URLvalueFrom:secretKeyRef:name:db-secretkey:urlresources:requests:memory:"256Mi"cpu:"250m"limits:memory:"512Mi"cpu:"500m"livenessProbe:httpGet:path:/healthport:8080initialDelaySeconds:30periodSeconds:10readinessProbe:httpGet:path:/readyport:8080initialDelaySeconds:5periodSeconds:5Deployment的优势:声明式管理,描述期望状态自动维护副本数支持滚动更新和回滚可以设置资源限制和探针1.4 Service:服务发现和负载均衡# Service:暴露应用apiVersion:v1kind:Servicemetadata:name:my-app-servicespec:selector:app:my-appports:-protocol:TCPport:80# Service端口targetPort:8080# Pod端口type:ClusterIP# 集群内部访问---# Ingress:外部访问入口apiVersion:networking.k8s.io/v1kind:Ingressmetadata:name:my-app-ingressannotations:nginx.ingress.kubernetes.io/rewrite-target:/spec:rules:-host:myapp.example.comhttp:paths:-path:/pathType:Prefixbackend:service:name:my-app-serviceport:number:80Service类型:ClusterIP:集群内部访问(默认)NodePort:通过节点端口访问LoadBalancer:使用云负载均衡器ExternalName:映射到外部域名第二章:搭建Kubernetes集群2.1 使用kubeadm搭建集群环境准备:# 所有节点执行# 1. 关闭swapsudoswapoff-asudosed-i'/ swap / s/^\(.*\)$/#\1/g'/etc/fstab# 2. 配置内核参数catEOF|sudotee/etc/modules-load.d/k8s.confoverlay br_netfilter EOFsudomodprobe overlaysudomodprobe br_netfiltercatEOF|sudotee/etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 EOFsudosysctl--system# 3. 安装containerdsudoapt-getupdatesudoapt-getinstall-ycontainerd# 4. 配置containerdsudomkdir-p/etc/containerd containerd config default|sudotee/etc/containerd/config.tomlsudosed-i's/SystemdCgroup = false/SystemdCgroup = true/'/etc/containerd/config.tomlsudosystemctl restart containerd# 5. 安装kubeadm、kubelet、kubectlsudoapt-getupdatesudoapt-getinstall-yapt-transport-https ca-certificatescurlgpgcurl-fsSLhttps://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key|sudogpg--dearmor-o/etc/apt/keyrings/kubernetes-apt-keyring.gpgecho'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /'|sudotee/etc/apt/sources.list.d/kubernetes.listsudoapt-getupdatesudoapt-getinstall-ykubelet kubeadm kubectlsudoapt-mark hold kubelet kubeadm kubectl初始化主节点:# 主节点执行sudokubeadm init\--pod-network-cidr=10.244.0.0/16\--service-cidr=10.96.0.0/12\--apiserver-advertise-address=主节点IP# 配置kubectlmkdir-p$HOME/.kubesudocp-i/etc/kubernetes/admin.conf$HOME/.kube/configsudochown$(id-u):$(id-g)$HOME/.kube/config# 安装网络插件(Calico)kubectl apply-fhttps://docs.projectcalico.org/manifests/calico.yaml加入工作节点:# 工作节点执行sudokubeadmjoin主节点IP:6443--tokentoken--discovery-token-ca-cert-hash sha256:hash2.2 使用Minikube搭建本地集群# 安装Minikubecurl-LOhttps://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64sudoinstallminikube-linux-amd64 /usr/local/bin/minikube# 启动集群minikube start\--driv
)
,限24小时开放下载)
)
)
)
