SuKai

Kubernetes成本计量监控

SuKai in Kubernetes

January 19, 2025

OpenCost用于Kubernetes云基础设施和容器成本的计量,提供实时成本监控。本文介绍如何通过OpenCost计量和监控On-Premises平台成本。 OpenCost运行组件: Prometheus: OpenCost获取Prometheus抓取的CPU、RAM、Storage资源指标。 OpenCost: 成本计量组件,提供API数据查询和数据导出。 UI: 简单的WEB展示数据。 部署Prometheus git clone https://github.com/prometheus-operator/kube-prometheus.git kubectl apply --server-side -f manifests/setup kubectl wait \ --for condition=Established \ --all CustomResourceDefinition \ --namespace=monitoring // 删除NetworkPolicy YAML文件 -rw-r--r-- 1 root123 root123 977 Jan 17 02:15 alertmanager-networkPolicy.yaml -rw-r--r-- 1 root123 root123 722 Jan 17 02:15 blackboxExporter-networkPolicy.yaml -rw-r--r-- 1 root123 root123 652 Jan 17 02:15 grafana-networkPolicy.yaml -rw-r--r-- 1 root123 root123 724 Jan 17 02:15 kubeStateMetrics-networkPolicy.yaml -rw-r--r-- 1 root123 root123 671 Jan 17 02:15 nodeExporter-networkPolicy.

继续阅读

MySQL Router代理MySQL MGR集群

SuKai in Mysql

December 7, 2024

创建MySQL InnoDB Cluster 初始化mysql router配置 启动mysql router 安装MySQL Shell和MySQL Router sudo yum install percona-mysql-router percona-mysql-shell [rocky@sukai-db04 ~]$ sudo yum install percona-mysql-router percona-mysql-shell Last metadata expiration check: 1:56:56 ago on Thu 05 Dec 2024 06:21:11 AM UTC. Dependencies resolved. ======================================================================================================================================================================================================= Package Architecture Version Repository ======================================================================================================================================================================================================= Installing: percona-mysql-router x86_64 8.0.39-30.1.el8 ps-80-release-x86_64 percona-mysql-shell x86_64 8.0.37-1.el8 ps-80-release-x86_64 Installing dependencies: libicu x86_64 60.3-2.el8_1 baseos Transaction Summary ======================================================================================================================================================================================================= Install 3 Packages Total download size: 95 M Installed size: 551 M Is this ok [y/N]: y Downloading Packages: (1/3): libicu-60.

继续阅读

Percona MySQL MGR集群

SuKai in MySQL

December 6, 2024

安装MySQL 安装插件配置组复制 启动组复制 安装MySQL sudo yum install http://10.10.102.88:8090/percona-release-latest.noarch.rpm -y sudo percona-release setup ps80 sudo dnf -y module disable mysql sudo yum install -y percona-server-server percona-toolkit percona-xtrabackup-80 pmm2-client sudo systemctl start mysql sudo mysql_secure_installation 三台节点安装插件配置组复制 set sql_log_bin = 0; create user 'dbreplica'@'%' identified by '8888888888'; grant replication slave on *.* to 'dbreplica'@'%'; flush privileges; set sql_log_bin = 1; mysql> INSTALL PLUGIN group_replication SONAME 'group_replication.so'; Query OK, 0 rows affected (0.04 sec) mysql> show master status; +----------------+----------+--------------+------------------+------------------------------------------+ | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set | +----------------+----------+--------------+------------------+------------------------------------------+ | bin-log.

继续阅读

部署Mysql监控Percona Monitoring and Management

SuKai in Mysql

December 6, 2024

安装Docker ping download.docker.com openssl s_client -CApath /etc/ssl/certs/ -connect 65.9.66.72:443 sudo yum -y install docker-ce docker-ce-cli containerd.io wget tmux sudo vi /etc/docker/daemon.json { "insecure-registries" : [ "reg.sukai.com:7443" ] } 启动PMM server sudo docker run --detach --restart always --publish 443:443 -v /data/pmm-server:/srv --name pmm-server reg.sukai.com:7443/percona/pmm-server:2 sudo docker exec -t pmm-server change-admin-password '555555555555555' MySQL节点启动PMM client sudo yum -y install pmm2-client // Mysql 创建用户 CREATE USER 'pmm'@'127.0.0.1' IDENTIFIED BY 'EEEEEEEEEEEEEEEEEE' WITH MAX_USER_CONNECTIONS 10; GRANT SELECT, PROCESS, REPLICATION CLIENT, RELOAD, BACKUP_ADMIN ON *.

继续阅读

Rocky Linux 8部署基于GTID主从复制的Percona Server for MySQL 8

SuKai in MySQL

December 2, 2024

安装Percona Server Mysql 配置基于GTID的主从复制 安装Percona Server Mysql [rocky@sukai01 ~]$ sudo yum install https://repo.percona.com/yum/percona-release-latest.noarch.rpm For example, to enable the Percona Distribution for MySQL 8.0 repository use: percona-release setup pdps8.0 Complete! [rocky@sukai01 ~]$ [rocky@sukai01 ~]$ sudo percona-release setup ps80 * Disabling all Percona Repositories * Enabling the Percona Server for MySQL 8.0 repository * Enabling the Percona Tools repository <*> All done! [rocky@sukai01 ~]$ [rocky@sukai01 yum.repos.d]$ sudo dnf -y module disable mysql Last metadata expiration check: 0:07:09 ago on Fri 29 Nov 2024 01:13:18 PM UTC.

继续阅读

Kube-OVN网络VM无法访问外网问题

SuKai in Kubernetes

November 29, 2024

现象 Kubernetes集群新添加了一批物理机,成功添加集群后发现新建的虚拟机在新节点上无法访问Internet和集群主机节点,能够Ping通相同子网的虚拟机,能够Ping通Underlay逻辑网关。 排查 a. 新建一个Pod,现象一样 b. 将Underlay子网IP直接配置在主机节点上,网络一切正常 c. 排除了虚拟机网络环境问题和主机节点外网络问题,问题锁定在Kube-OVN网络内部。 比对虚拟机IP和MAC地址都正确 // 路由器列表 sukai@r1-m34:~$ kubectl ko nbctl lr-list 77b2eff6-ce75-4ab4-8476-df34d347a531 (ovn-cluster) // 交换机列表 sukai@r1-m34:~$ kubectl ko nbctl ls-list 4585d35c-3a3d-4dc1-bdb2-9544bf15bbd7 (join) 63abfd74-3513-4edb-83a3-bde609fe3585 (ovn-default) 88910c8a-08b3-49f0-98a0-b21eb21620f2 (vmnet) // 查看我的虚拟机交换机端口 sukai@r1-m34:~$ kubectl ko nbctl lsp-list vmnet f731988d-7cff-44f6-9835-eb8ccdb32216 (localnet.vmnet) 4ff718cb-c3bf-40f4-9fce-a3c141f4639f (sukai-db01.nanjing) 0a02f7b7-caa3-421c-b700-0ea41fd12990 (vmnet-ovn-cluster) sukai@r1-m34:~$ // 查看我的虚拟机交换机端口信息 sukai@r1-m34:~$ kubectl ko nbctl show vmnet switch 88910c8a-08b3-49f0-98a0-b21eb21620f2 (vmnet) port vmnet-ovn-cluster type: router router-port: ovn-cluster-vmnet port sukai-db01.nanjing addresses: ["d2:b9:8d:e6:61:4b 192.168.10.133"] port localnet.

继续阅读

Kubespray添加worker节点并部署OpenEBS lvm-localpv

SuKai in Kubernetes

November 29, 2024

inventory.ini添加新的主机节点 执行ansible playbook 新节点设置污点仅调度期望的资源 配置Rook Ceph在新节点上安装Ceph RBD CSI插件 部署OpenEBS lvm-localpv分配本地的存储 inventory.ini添加新的主机节点 sukai@r1-m54:~/kubespray-2.26.0/inventory/cluster$ more inventory.ini [all] r4-w58 ansible_host=19.18.136.68 ip=19.18.136.68 [kube_node] r4-w58 执行ansible playbook sukai@r1-m54:~/kubespray-2.26.0$ ansible-playbook -i inventory/cluster/inventory.ini --become playbooks/facts.yml PLAY RECAP ******************************************************************************************************************************************************************************************** r1-m54 : ok=12 changed=0 unreachable=0 failed=0 skipped=14 rescued=0 ignored=0 r4-w58 : ok=12 changed=2 unreachable=0 failed=0 skipped=11 rescued=0 ignored=0 sukai@r1-m54:~/kubespray-2.26.0$ ansible-playbook -i inventory/cluster/inventory.ini --become scale.yml --limit=r4-w58 PLAY RECAP ******************************************************************************************************************************************************************************************** r4-w58 : ok=372 changed=38 unreachable=0 failed=0 skipped=635 rescued=0 ignored=1 sukai@r1-m54:~$ kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME r1-m54 Ready control-plane 74d v1.

继续阅读

Kubernetes集群添加主机名解析

SuKai in Kubernetes

November 22, 2024

单个Pod添加主机别名 CoreDNS添加主机名解析 单个Pod添加主机名别名 dnsPolicy: ClusterFirst hostAliases: - hostnames: - jingxiang.oss-cn-lasa-xzns-d01-a.ops.ningsuan.com.cn - oss-cn-lasa-xzns-d01-a.ops.ningsuan.com.cn ip: 10.65.10.91 initContainers: NodeLocalDNS 169.254.25.10将DNS解析转发到CoreDNS 10.233.0.3 apiVersion: v1 kind: ConfigMap metadata: creationTimestamp: "2024-09-15T01:02:02Z" labels: addonmanager.kubernetes.io/mode: EnsureExists name: nodelocaldns namespace: kube-system resourceVersion: "55695455" uid: 8b2c7245-6563-4a5f-bb11-cbdc5bb9e17c data: Corefile: | cluster.local:53 { errors cache { success 9984 30 denial 9984 5 } reload loop bind 169.254.25.10 forward . 10.233.0.3 { force_tcp } prometheus :9253 health 169.254.25.10:9254 } in-addr.arpa:53 { errors cache 30 reload loop bind 169.

继续阅读

Velero备份Kubernetes资源到阿里云OSS

SuKai in Kubernetes

November 21, 2024

Velero阿里云OSS插件不再维护,并且只支持阿里云官方平台,不支持私有阿里云平台。Velero AWS插件能够备份Kubernetes资源,但由于阿里云OSS不兼容S3协议,不支持aws-chunked encoding,存储卷快照数据不能上传。本文记录使用AWS插件备份Kubernetes资源。 创建OSS访问密钥和Bucket Helm安装Velero 创建备份 安装ossutil工具,查看Bucket文件 sukai@rack1-master34:~/ossutil$ curl -O curl https://gosspublic.alicdn.com/ossutil/install.sh sukai@rack1-master34:~/ossutil$ sudo bash install.sh sukai@rack1-master34:~/ossutil$ more /home/sukai/.ossutilconfig [Credentials] language=CH accessKeyID=HoOY11111oVQd2 accessKeySecret=etwTS11111111111fUI endpoint=http://oss-cn-lasa-xzns-d01-a.ops.sukai.com.cn skipVerifyCert sukai@rack1-master34:~$ ossutil ls oss://jingxiang LastModifiedTime Size(B) StorageClass ETAG ObjectName 2024-11-20 11:36:31 +0000 UTC 3500 Standard 48CA775C38F20878964AA5088324F21C oss://jingxiang/backups/vms-202411201932/velero-backup.json 2024-11-20 11:35:52 +0000 UTC 471 Standard 7B61AF0F32290A5B39D5881F986D0957 oss://jingxiang/backups/vms-202411201932/vms-202411201932-csi-volumesnapshotclasses.json.gz 2024-11-20 11:35:52 +0000 UTC 6238 Standard 6ACC5E93B590EE6422D38F4A674FC18F oss://jingxiang/backups/vms-202411201932/vms-202411201932-csi-volumesnapshotcontents.json.gz 2024-11-20 11:35:52 +0000 UTC 5033 Standard 997FE590407EFA5E3C286E68066B1D87 oss://jingxiang/backups/vms-202411201932/vms-202411201932-csi-volumesnapshots.json.gz 2024-11-20 11:35:52 +0000 UTC 2373 Standard 6E0C20DB395F60DB5F45403E5B30A026 oss://jingxiang/backups/vms-202411201932/vms-202411201932-itemoperations.

继续阅读

Centos 7升级OpenSSH

SuKai in Centos

November 19, 2024

下载包 wget --no-check-certificate https://www.openssl.org/source/old/1.1.1/openssl-1.1.1w.tar.gz wget https://mirrors.aliyun.com/pub/OpenBSD/OpenSSH/portable/openssh-9.9p1.tar.gz 安装编译环境 sudo yum groupinstall -y "Development Tools" sudo yum install -y rpmdevtools imake libXt-devel gtk2-devel sudo yum install -y zlib-devel pam-devel krb5-devel 编译安装 tar xf openssl-1.1.1w.tar.gz cd openssl-1.1.1w ./config shared zlib -fPIC --prefix=/usr/local/openssl make -j 4 sudo make install cd /opt/software/openssh-9.9p1 ./configure --prefix=/usr/local/openssh --with-ssl-dir=/usr/local/openssl --with-zlib make -j 4 sudo make install sudo cp contrib/redhat/sshd.init /etc/init.d/sshd vi /usr/local/openssh/etc/sshd_config PermitRootLogin yes PubkeyAuthentication yes 安装前和安装后操作 sudo mv /usr/bin/openssl /usr/bin/openssl.

继续阅读

搜索

分类

标签