ubuntu基于sealos搭建k8s集群，helm3安装配置自动化扩容Prometheus，grafana出图展示，以及动态web搭建

1.项目简介

大方向：k8s云原生方向，运维技术，配置问题解决

解决技术:ubuntu模板机安装，配置远程xshell连接ubuntu，设置静态ip，换ubuntu阿里云源，配置集群间域名解析，解决双IP冲突网络配置文件冲突问题，sealos安装与自动化配置k8s集群，sealos加入节点操作，nerdctl安装与配置以及优缺点，Dashboard安装pod，Prometheus监控安装pod，解决node镜像丢失问题，配置nfs网络文件系统实现自动化扩容（Prometheus与Grafana），服务外发操作，k8s动态网站部署以及遇到的问题。

2.模板机安装

2.1 安装ubuntu模板机

选用ubuntu24.04镜像制作模板机，配置里面面板选择最小化安装命令行页面，打开SSH连接，其余一概直接continue即可。等待最后一步安装完成，直到出现reboot now，进行重启。

2.2 查看ip add使用xshell连接

打开xshell，进行连接

然后点击连接

接收并保存

2.3 配置远程使用root用户登录ubuntu与静态IP

2.3.1 给root用户设置密码并切换到root用户

sudo passwd root
[输入你的密码]
[再次输入你的密码]
su 
# 切换到root用户

2.3.2 配置远程root用户连接

apt install vim -y
# 下载vim编辑器
vim /etc/ssh/sshd_config
# 编辑sshd连接配置文件

在第33行找到配置项将配置项更改为


PermitRootLogin yes

进入末行模式保存退出 ---> :wq

重启ssh服务

sudo systemctl restart ssh

再次使用xshell使用root用户进行远程连接

然后点击连接，连接上了

2.3.3 配置静态IP

vim /etc/netplan/00-installer-config.yaml# This is the network config written by 'subiquity'
network:ethernets:ens33:addresses: [192.168.236.132/24]routes: - to: 0.0.0.0/0via: 192.168.236.2metric: 100dhcp4: falsenameservers:addresses: [114.114.114.114, 192.168.1.1]version: 2renderer: networkd

进行如上配置后保存退出

netplan apply
# 应用静态ip配置服务

2.4 配置阿里云国内源

cd /etc/apt/
# 切换到/etc/apt目录下
cp sources.list sources.list.bak
# 对源配置进行备份
vim  sources.list
# 编辑源文件

# 将以下源全部添加到sources.list里去
# 阿里云Debian稳定版源
deb http://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse# 更新和安全更新
deb http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse# 额外的软件包
deb http://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse# 安全更新
deb http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse

更新索引并验证

apt update
# 如果没有任何错误提示且更新过程顺利完成，则说明已经成功切换到了阿里云的软件源。后续安装或升级软件时会从阿里云的服务器下载所需的软件包。这个过程可能需要3-5分钟左右

2.5 设置hostname

hostnamectl set-hostname [主机名字]
su

2.6 添加Hosts信息

vim /ect/hosts192.168.236.133 master1
192.168.236.134 master2
192.168.236.135 node1
192.168.236.136 node2
# 添加解析记录sudo apt install systemd iputils-ping net-tools -y
sudo apt update
# 下载一些网络检测工具# hosts配置完成之后会立马生效不需要刷新

2.7 解决克隆双IP冲突的问题

暂时配置两台master两台node，后续加机器

# 注意:我们需要对克隆的每台机器一台一台开机配置，因为克隆之后所有机器的ip地址和模板机一样，会导致ip冲突

遇到的问题: 双IP导致IP冲突
不知道什么原因导致每台机器会分配两个ip有一个动态获取的ip始终关不掉，尝试解决(1)查看/etc/netplan/文件夹下的配置文件并备份
root@tools:/etc/netplan# ls
00-installer-config.yaml  01-netcfg.yaml  01-netcfg.yaml.save  50-cloud-init.yaml
(2)将现有的Netplan配置文件移动到备份文件夹中
sudo mkdir /etc/netplan/backup
sudo mv /etc/netplan/00-installer-config.yaml /etc/netplan/backup/
sudo mv /etc/netplan/01-netcfg.yaml /etc/netplan/backup/
sudo mv /etc/netplan/50-cloud-init.yaml /etc/netplan/backup/
(3)创建新的Netplan配置文件
sudo vim /etc/netplan/01-netcfg.yamlnetwork:version: 2renderer: networkdethernets:ens33:dhcp4: noaddresses:- 192.168.236.135/24routes:- to: 0.0.0.0/0via: 192.168.236.2metric: 100nameservers:addresses:- 114.114.114.114- 192.168.1.1
(4)应用新的Netplan配置
sudo netplan apply

以上彻底解决静态ip配置问题

配置操作：具体操作如下

master1:sudo mkdir /etc/netplan/backup
sudo mv /etc/netplan/00-installer-config.yaml /etc/netplan/backup/
sudo mv /etc/netplan/01-netcfg.yaml /etc/netplan/backup/
sudo mv /etc/netplan/50-cloud-init.yaml /etc/netplan/backup/sudo vim /etc/netplan/01-netcfg.yamlnetwork:version: 2renderer: networkdethernets:ens33:dhcp4: noaddresses:- 192.168.236.133/24routes:- to: 0.0.0.0/0via: 192.168.236.2metric: 100nameservers:addresses:- 114.114.114.114- 192.168.1.1sudo netplan apply

master2:sudo mkdir /etc/netplan/backup
sudo mv /etc/netplan/00-installer-config.yaml /etc/netplan/backup/
sudo mv /etc/netplan/01-netcfg.yaml /etc/netplan/backup/
sudo mv /etc/netplan/50-cloud-init.yaml /etc/netplan/backup/sudo vim /etc/netplan/01-netcfg.yamlnetwork:version: 2renderer: networkdethernets:ens33:dhcp4: noaddresses:- 192.168.236.134/24routes:- to: 0.0.0.0/0via: 192.168.236.2metric: 100nameservers:addresses:- 114.114.114.114- 192.168.1.1sudo netplan apply

node1:sudo mkdir /etc/netplan/backup
sudo mv /etc/netplan/00-installer-config.yaml /etc/netplan/backup/
sudo mv /etc/netplan/01-netcfg.yaml /etc/netplan/backup/
sudo mv /etc/netplan/50-cloud-init.yaml /etc/netplan/backup/sudo vim /etc/netplan/01-netcfg.yamlnetwork:version: 2renderer: networkdethernets:ens33:dhcp4: noaddresses:- 192.168.236.135/24routes:- to: 0.0.0.0/0via: 192.168.236.2metric: 100nameservers:addresses:- 114.114.114.114- 192.168.1.1sudo netplan apply

node2:sudo mkdir /etc/netplan/backup
sudo mv /etc/netplan/00-installer-config.yaml /etc/netplan/backup/
sudo mv /etc/netplan/01-netcfg.yaml /etc/netplan/backup/
sudo mv /etc/netplan/50-cloud-init.yaml /etc/netplan/backup/sudo vim /etc/netplan/01-netcfg.yamlnetwork:version: 2renderer: networkdethernets:ens33:dhcp4: noaddresses:- 192.168.236.136/24routes:- to: 0.0.0.0/0via: 192.168.236.2metric: 100nameservers:addresses:- 114.114.114.114- 192.168.1.1sudo netplan apply

3.sealos配置kubelet集群

3.1 安装sealos命令行

sudo apt install wget -y
# 安装wget工具curl -s https://api.github.com/repos/labring/sealos/releases | grep "tag_name" | head -n 10
# 查看网上有的sealos版本wget https://github.com/labring/sealos/releases/download/v5.0.0/sealos_5.0.0_linux_amd64.tar.gz
# 拉取sealos链接：https://pan.baidu.com/s/1t6PS9PWjppU3cQxU-JIpOA?pwd=jyp3 
提取码：jyp3 
--来自百度网盘超级会员V4的分享
# 因为拉取确实太慢了，我提供网盘链接可以直接下载，然后FTP传上去tar xf sealos_5.0.0_linux_amd64.tar.gz 
# 对压缩文件进行解压sudo cp sealos /usr/local/bin/sealos
# 将可执行二进制文件复制到/usr/local/bin下面去sealos version
# 查看sealos版本 ， 验证是否安装好sealos

3.2 安装部署k8s集群

# 先安装所必须的工具,一定要先装完再用下面的一键部署，我直接给所有节点装了，怕出问题
sudo apt install iptables ebtables ethtool socat
sudo apt update# 一条命令一键部署k8s集群
sudo sealos run registry.cn-shanghai.aliyuncs.com/labring/kubernetes:v1.27.10 registry.cn-shanghai.aliyuncs.com/labring/helm:v3.9.4 registry.cn-shanghai.aliyuncs.com/labring/cilium:v1.13.4 \--masters 192.168.236.133 \--nodes 192.168.236.135,192.168.236.136 -p '123456'

3.3 添加master2节点进入k8s集群

sealos add --masters 192.168.236.134
# 注意添加的前提是在每一台机器上都进行hosts解析了

3.4 添加node节点进入k8s集群

sealos add --nodes 192.168.236.137
# 注意添加的前提是在每一台机器上都进行hosts解析了

3.5 删除master节点

 sealos delete --masters 192.168.236.134

3.6 删除node节点

 sealos delete --nodes 192.168.236.137

3.7 给node分配角色

kubectl label node node1 node-role.kubernetes.io/worker=worker
kubectl label node node2 node-role.kubernetes.io/worker=worker

4.安装nerdctl

4.1 安装nerdctl

# 下载图示版本
wget https://github.com/containerd/nerdctl/releases/download/v1.7.6/nerdctl-1.7.6-linux-amd64.tar.gz# 当然也可以用我的百度网盘链接
链接：https://pan.baidu.com/s/1PdR1Y69XAQE_KXKU7azHGQ?pwd=jyp3 
提取码：jyp3 
--来自百度网盘超级会员V4的分享# 解压安装包到 /usr/local/bin 目录
sudo tar xzvf nerdctl-1.7.6-linux-amd64.tar.gz -C /usr/local/bin# 确保 nerdctl 二进制文件具有执行权限
sudo chmod +x /usr/local/bin/nerdctl# 验证安装
nerdctl --version

基本用法:


（1）容器管理
nerdctl ps -a
# 查看正在运行的容器(包括停止的)nerdctl run -it --rm alpine
# 启动一个新容器nerdctl run --rm alpine echo "Hello, World!"
# --rm 确保 alpine 容器在执行完 echo "Hello, World!" 命令后会被自动删除，而不需要手动执行 docker rm 或 nerdctl rm# -d 后台运行nerdctl stop <container_id>
# 停止一个正在运行的容器nerdctl rm <container_id>
# 删除一个容器（2）镜像管理
nerdctl images
# 查看所有镜像nerdctl pull nginx
# 拉取镜像nerdctl rmi nginx
# 删除镜像（3）数据卷管理
nerdctl volume create my-volume
# 创建数据卷
nerdctl volume ls
# 列出数据卷
nerdctl volume rm my-volume
# 删除数据卷（4）网络管理
nerdctl network create my-network
# 创建网络
nerdctl network ls
# 列出网络
nerdctl network rm my-network
# 删除网络

4.2对containerd配置文件进行换源

（1）编辑 containerd 配置文件
vim /etc/containerd/config.tomlversion = 2
root = "/var/lib/containerd"
state = "/run/containerd"
oom_score = 0[grpc]address = "/run/containerd/containerd.sock"uid = 0gid = 0max_recv_message_size = 16777216max_send_message_size = 16777216[debug]address = "/run/containerd/containerd-debug.sock"uid = 0gid = 0level = "warn"[timeouts]"io.containerd.timeout.shim.cleanup" = "5s""io.containerd.timeout.shim.load" = "5s""io.containerd.timeout.shim.shutdown" = "3s""io.containerd.timeout.task.state" = "2s"[plugins][plugins."io.containerd.grpc.v1.cri"]sandbox_image = "sealos.hub:5000/pause:3.9"max_container_log_line_size = -1max_concurrent_downloads = 20disable_apparmor = false[plugins."io.containerd.grpc.v1.cri".containerd]snapshotter = "overlayfs"default_runtime_name = "runc"[plugins."io.containerd.grpc.v1.cri".containerd.runtimes][plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]runtime_type = "io.containerd.runc.v2"runtime_engine = ""runtime_root = ""[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]SystemdCgroup = true[plugins."io.containerd.grpc.v1.cri".registry]config_path = "/etc/containerd/certs.d"mkdir /etc/containerd/certs.d/xdocker.io/ 
vim /etc/containerd/certs.d/xdocker.io/hosts.tomlserver = "https://registry-1.docker.io"[host."https://docker.m.daocloud.io"]capabilities = ["pull", "resolve", "push"]（2）刷新服务
sudo systemctl restart containerd（3）至此可以拉取镜像了
一键换位操作：
cd /etc/containerd/certs.d/
mv xdocker.io docker.iocd /etc/containerd/certs.d/
mv docker.io xdocker.io注意:这里有一个很离谱的问题，如下图所示，sealos.hub:5000文件夹一定要在xdocker.io前面，因为在这个文件夹里的文件nerdctl都会认为是本地文件，并且从前往后读取，而我们的scweb是本地文件如果不调试的话就拉不上去，当然当我们拉取网络镜像的时候也是同理的

所以如果要拉取本地镜像和源里的镜像每次都要进行换顺序的操作，这一点我觉得很麻烦，如果有师傅能解决，多多斧正，感谢

5.安装Dashboard

wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml\
# 修改Service部分，改为NodePort对外暴露端口

修改完图示两处后进行下面操作

kubectl apply -f recommended.yaml
# 应用yaml文件kubectl get pods,svc -n kubernetes-dashboard
# 查看dashboard状态

# 在node上
nerdctl pull kubernetesui/dashboard:v2.7.0
nerdctl pull kubernetesui/metrics-scraper:v1.0.8

创建dashboard-access-token.yaml文件

vim dashboard-access-token.yaml# Creating a Service Account
apiVersion: v1
kind: ServiceAccount
metadata:name: admin-usernamespace: kubernetes-dashboard
---
# Creating a ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:name: admin-user
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: cluster-admin
subjects:
- kind: ServiceAccountname: admin-usernamespace: kubernetes-dashboard
---
# Getting a long-lived Bearer Token for ServiceAccount
apiVersion: v1
kind: Secret
metadata:name: admin-usernamespace: kubernetes-dashboardannotations:kubernetes.io/service-account.name: "admin-user"
type: kubernetes.io/service-account-token
# Clean up and next steps
# kubectl -n kubernetes-dashboard delete serviceaccount admin-user
# kubectl -n kubernetes-dashboard delete clusterrolebinding admin-user

执行

kubectl apply -f dashboard-access-token.yaml
# 获取token
kubectl get secret admin-user -n kubernetes-dashboard -o jsonpath={".data.token"} | base64 -d

eyJhbGciOiJSUzI1NiIsImtpZCI6Iko5SWR6QWF3SmZ4ZTh2dm5MdDhmWHJ3eFNnZnBsRTN2MjBQRTRGenc2RzQifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIwZDU3NjkyOS02NmZlLTRhYTQtYTY5MS0zZWFjZTg3ODY0NjgiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.lIaqkCXSsmZn21uTxnHP4G_BjncitKxd7j6r7yAdB6xh8r4-XWohuC8P2EDGg23poxuq_tT6pRQwaWs2ry9xXwqWp-RwNhp0f3w-oayPYyDCWL80cTzRQZ1gHNBR4ot6GrMYrQRozjd6zfBBTON6jWXTQCxK-n5kgcMG7Y0NWw_X0VJciCccI-ffI1T0Y7J6h6u1WcJ-OGf0KD77esYjp8oXYz9IyXn8HW9M4i5B2OL2nqZP5HW_j8Fxm8pgZgG6915DXONX1HXHxfkbpTcxAG0wsbTbgMhRNCrNbJSSqoYvemWfNsz_Lp0epFvXBVmwjNJUTZNBD2JecVJ352MpHA

访问dashboard

URL: https://192.168.236.133:30088/

# 获取端口
kubectl get svc -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.109.73.125    <none>        8000/TCP        3d23h
kubernetes-dashboard        NodePort    10.101.254.225   <none>        443:30088/TCP   3d23h  # 端口为30088

6.安装Prometheus监控k8s集群

我们使用helm工具安装Prometheus

6.1 安装helm

从官方拉取下来，建议用我的百度网盘

链接：https://pan.baidu.com/s/1Qh32VN2PAxYM5OQ1SJ2agQ?pwd=jyp3 
提取码：jyp3 
--来自百度网盘超级会员V4的分享

# 使用ftp将文件传入xshll
mkdir helm
mv helm-v3.15.4-linux-amd64.tar.gz  helm
cd helm/
tar -xf helm-v3.15.4-linux-amd64.tar.gz
cd linux-amd64/# 将二进制文件加入可执行文件路径
cp helm /usr/local/bin# 验证helm是否成功加入路径
helm version# 添加官方源
helm repo add bitnami https://charts.bitnami.com/bitnami# 阿里云源
helm repo add aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts # 添加微软源
helm repo add stable http://mirror.azure.cn/kubernetes/charts/ # 查看有哪些源
helm repo list

6.2 安装Prometheus

参考:使用Helm 3在Kubernetes集群部署Prometheus和Grafana — Cloud Atlas beta 文档

# 添加Prometheus源
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts# 更新源
helm repo update# 查看Prometheus版本
helm search repo prometheus-community/kube-prometheus-stackoutput:
NAME                                      	CHART VERSION	APP VERSION	DESCRIPTION                                       
prometheus-community/kube-prometheus-stack	61.9.0       	v0.75.2    	kube-prometheus-stack collects Kubernetes manif...# 创建一个prometheus专用文件夹
mkdir prometheus
cd prometheus# 安装Prometheus
helm install prometheus prometheus-community/prometheus

6.3 node1镜像丢失问题

查看状态时发现没镜像

kubectl describe pod prometheus-kube-state-metrics-7f979f5c55-w7jv9
# 查看容器详情

发现没有镜像

我们缺少这个镜像

registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.13.0

从docker上拉取镜像保存下来

docker pull registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.13.0docker save -o kube-state-metrics.tar  registry.k8s.io/kube-state-metrics/kube-state-metrics # 使用ftp拉下来再传入node1上去nerdctl load -i kube-state-metrics.tar

上传上去后等一会发现已经运行了

可以发现我们还有两个服务处于pending状态，原因是我们有pvc但是没有pv所以不能实现持久化挂载

6.4 实现自动扩容

sudo mkdir -p /root/prometheus/prometheus-server
sudo mkdir -p /root/prometheus/alertmanager
sudo chown -R nobody:nogroup /root/prometheus/prometheus-server
sudo chown -R nobody:nogroup /root/prometheus/alertmanager
# 上面我们在家目录下创建了文件夹现在派上用场了

6.4.1 配置nfs环境

# 为每一台主机操作,安装nfs 客户端服务工具
sudo apt update
sudo apt install nfs-kernel-server nfs-common# 设置nfs启动自运行
sudo systemctl enable nfs-kernel-server# 创建文件夹并授予一定权限
sudo mkdir -p /web/data
sudo chown nobody:nogroup /web/data
sudo chmod 777 /web/data# 修改/etc/exports文件，允许所有主机访问master1的/web/data
vim /etc/exports/web/data  *(rw,sync,all_squash)# 刷新nfs服务
sudo exportfs -rav
sudo systemctl restart nfs-kernel-server# 在另外一台机器上测试是否能够挂载nfs服务文件夹
sudo mount -t nfs 192.168.236.133:/web/data /mnt/webdata
# 创建文件夹后，再在挂载目录上创建一个文件
sudo touch /mnt/webdata/testfile
# 在nfs服务器上查看是否有testfile，有的话就是创建成功了
sudo ls -l /web/data
# 测试完成后取消挂载
sudo umount /mnt/webdata

6.4.2 查看集群环境

kubectl cluster-info

ubernetes control plane is running at https://apiserver.cluster.local:6443
CoreDNS is running at https://apiserver.cluster.local:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxyTo further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

6.4.3 创建SA账号

cd /root/prometheus
vim nfs.rbac.yamlapiVersion: v1
kind: Namespace
metadata:name: dev
---
apiVersion: v1
kind: ServiceAccount
metadata:name: nfs-client-provisionernamespace: dev
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: nfs-client-provisioner-runner
rules:- apiGroups: [""]resources: ["persistentvolumes"]verbs: ["get", "list", "watch", "create", "delete"]- apiGroups: [""]resources: ["persistentvolumeclaims"]verbs: ["get", "list", "watch", "update"]- apiGroups: ["storage.k8s.io"]resources: ["storageclasses"]verbs: ["get", "list", "watch"]- apiGroups: [""]resources: ["events"]verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: run-nfs-client-provisioner
subjects:- kind: ServiceAccountname: nfs-client-provisionernamespace: dev
roleRef:kind: ClusterRolename: nfs-client-provisioner-runnerapiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: leader-locking-nfs-client-provisionernamespace: dev
rules:- apiGroups: [""]resources: ["endpoints"]verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: leader-locking-nfs-client-provisionernamespace: dev
subjects:- kind: ServiceAccountname: nfs-client-provisionernamespace: dev
roleRef:kind: Rolename: leader-locking-nfs-client-provisionerapiGroup: rbac.authorization.k8s.iokubectl apply -f nfs.rbac.yaml

6.4.4 部署NFS-Subdir-External-Provisioner （启动一个nfs供应商）

vim nfs-provisioner-deploy.yamlkind: Deployment
apiVersion: apps/v1
metadata:name: nfs-client-provisionernamespace: dev
spec:replicas: 1selector:matchLabels:app: nfs-client-provisionerstrategy:type: Recreate        #设置升级策略为删除再创建(默认为滚动更新)template:metadata:labels:app: nfs-client-provisionerspec:serviceAccountName: nfs-client-provisioner  #上一步创建的ServiceAccount名称containers:- name: nfs-client-provisionerimage: registry.cn-beijing.aliyuncs.com/mydlq/nfs-subdir-external-provisioner:v4.0.0volumeMounts:- name: nfs-client-rootmountPath: /persistentvolumesenv:- name: PROVISIONER_NAME  # Provisioner的名称,以后设置的storageclass要和这个保持一致value: storage-nfs- name: NFS_SERVER        # NFS服务器地址,需和valumes参数中配置的保持一致value: 192.168.236.133- name: NFS_PATH          # NFS服务器数据存储目录,需和valumes参数中配置的保持一致value: /web/data- name: ENABLE_LEADER_ELECTIONvalue: "true"volumes:- name: nfs-client-rootnfs:server: 192.168.236.133      # NFS服务器地址path:   /web/data    # NFS共享目录kubectl apply -f nfs-provisioner-deploy.yaml

6.4.5 创建NFS StorageClass（搭建存储类）

vim nfs-storageclass.yamlapiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:namespace: devname: nfs-storageannotations:storageclass.kubernetes.io/is-default-class: "false"  ## 是否设置为默认的storageclass
provisioner: storage-nfs                                   ## 动态卷分配者名称，必须和上面创建的deploy中环境变量“PROVISIONER_NAME”变量值一致
parameters:archiveOnDelete: "true"                                 ## 设置为"false"时删除PVC不会保留数据,"true"则保留数据
mountOptions: - hard                                                  ## 指定为硬挂载方式- nfsvers=4                                             ## 指定NFS版本,这个需要根据NFS Server版本号设置kubectl apply -f nfs-storageclass.yaml

6.4.6 将PVC配置挂载到storageclass

（1）备份原来的pvc配置

kubectl get pvc -o yaml
# 查看pvc的配置文件vim pvc.backup.yamlapiVersion: v1
items:
- apiVersion: v1kind: PersistentVolumeClaimmetadata:annotations:meta.helm.sh/release-name: prometheusmeta.helm.sh/release-namespace: prometheuscreationTimestamp: "2024-08-17T01:52:26Z"finalizers:- kubernetes.io/pvc-protectionlabels:app.kubernetes.io/component: serverapp.kubernetes.io/instance: prometheusapp.kubernetes.io/managed-by: Helmapp.kubernetes.io/name: prometheusapp.kubernetes.io/part-of: prometheusapp.kubernetes.io/version: v2.54.0helm.sh/chart: prometheus-25.26.0name: prometheus-servernamespace: prometheusresourceVersion: "71611"uid: ec9285c8-a54c-49b5-ba3a-9de9c1767fdespec:accessModes:- ReadWriteOnceresources:requests:storage: 8GivolumeMode: Filesystemstatus:phase: Pending
- apiVersion: v1kind: PersistentVolumeClaimmetadata:creationTimestamp: "2024-08-17T01:52:28Z"finalizers:- kubernetes.io/pvc-protectionlabels:app.kubernetes.io/instance: prometheusapp.kubernetes.io/name: alertmanagername: storage-prometheus-alertmanager-0namespace: prometheusresourceVersion: "71705"uid: dfb75c21-da24-4a88-8394-999bb16a8a8cspec:accessModes:- ReadWriteOnceresources:requests:storage: 2GivolumeMode: Filesystemstatus:phase: Pending
kind: List
metadata:resourceVersion: ""

（2）删除原先的pvc配置

# 删除原来的pvc
kubectl delete pvc prometheus-server -n prometheus
kubectl delete pvc storage-prometheus-alertmanager-0 -n prometheus# 确保已经删除看一下
kubectl get pvc -n prometheus

（3）配置新的pvc配置

vim pvc.new.yamlapiVersion: v1
items:
- apiVersion: v1kind: PersistentVolumeClaimmetadata:annotations:meta.helm.sh/release-name: prometheusmeta.helm.sh/release-namespace: prometheusname: prometheus-servernamespace: prometheusspec:storageClassName: nfs-storage    # 指定使用的 StorageClassaccessModes:- ReadWriteOnceresources:requests:storage: 8GivolumeMode: Filesystem
- apiVersion: v1kind: PersistentVolumeClaimmetadata:name: storage-prometheus-alertmanager-0namespace: prometheusspec:storageClassName: nfs-storage    # 指定使用的 StorageClassaccessModes:- ReadWriteOnceresources:requests:storage: 2GivolumeMode: Filesystem
kind: List
metadata:resourceVersion: ""
# 这个时候会报警告但是无伤大雅kubectl apply -f pvc.new.yaml

6.5 服务外发

我们于集群内部搭建了Prometheus，但是想要访问就需要服务外发

kubectl expose deployment prometheus-server --type=NodePort --name=prometheus-service --port=9090 --target-port=9090
# 对server服务进行外发kubectl get svc prometheus-service
# 查看服务状态root@master1:~# kubectl get nodes -o wide
NAME      STATUS   ROLES           AGE   VERSION    INTERNAL-IP       EXTERNAL-IP   OS-IMAGE           KERNEL-VERSION     CONTAINER-RUNTIME
master1   Ready    control-plane   20h   v1.27.10   192.168.236.133   <none>        Ubuntu 24.04 LTS   6.8.0-40-generic   containerd://1.7.15
master2   Ready    control-plane   20h   v1.27.10   192.168.236.134   <none>        Ubuntu 24.04 LTS   6.8.0-40-generic   containerd://1.7.15
node1     Ready    worker          20h   v1.27.10   192.168.236.135   <none>        Ubuntu 24.04 LTS   6.8.0-40-generic   containerd://1.7.15
node2     Ready    worker          20h   v1.27.10   192.168.236.136   <none>        Ubuntu 24.04 LTS   6.8.0-40-generic   containerd://1.7.15
root@master1:~# 
# 查看nodes# 选择一个ip访问
http://<Node_IP>:32499

于此实现服务外发

7.安装Grafana

7.1 helm安装grafana

# 创建grafana命名空间
kubectl create namespace grafana# 切换到grafana命名空间
kubens grafana# 查找grafana版本
helm search repo grafana# 选一个适配的版本安装
helm install grafana bitnami/grafana # 查看helm list确保grafana已经安装
helm list# 查看k8s服务确保grafana正常启动
kubectl get svc,pod -A |grep grafanagrafana       service/grafana                               ClusterIP   10.96.1.13    <none>        3000/TCP                 101s
grafana       pod/grafana-678f4cfbf-gjjss                             0/1     Pending            0              100s
root@master1:~# kubectl get svc,pod -A |grep grafana
grafana       service/grafana                               ClusterIP   10.96.1.13    <none>        3000/TCP                 102s
grafana       pod/grafana-678f4cfbf-gjjss                             0/1     Pending            0              101s
# 我也很无奈，又出现了和prometheus一样的问题kubectl describe pod grafana-678f4cfbf-gjjssWarning  FailedScheduling  3m57s  default-scheduler  0/4 nodes are available: pod has unbound immediate PersistentVolumeClaims. preemption: 0/4 nodes are available: 4 Preemption is not helpful for scheduling..# 又是没有pv

我们直接拿着配置Prometheus的流程再走一遍

7.2 实现自动扩容

sudo mkdir -p /root/grafana
sudo chown -R nobody:nogroup /root/prometheus/alertmanager# 上面我们在家目录下创建了文件夹现在派上用场了

7.2.1 查看集群环境

kubectl cluster-info

ubernetes control plane is running at https://apiserver.cluster.local:6443
CoreDNS is running at https://apiserver.cluster.local:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxyTo further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

7.2.2 创建SA账号

cd /root/grafana
vim nfs.rbac.yamlapiVersion: v1
kind: Namespace
metadata:name: dev
---
apiVersion: v1
kind: ServiceAccount
metadata:name: nfs-client-provisionernamespace: dev
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: nfs-client-provisioner-runner
rules:- apiGroups: [""]resources: ["persistentvolumes"]verbs: ["get", "list", "watch", "create", "delete"]- apiGroups: [""]resources: ["persistentvolumeclaims"]verbs: ["get", "list", "watch", "update"]- apiGroups: ["storage.k8s.io"]resources: ["storageclasses"]verbs: ["get", "list", "watch"]- apiGroups: [""]resources: ["events"]verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: run-nfs-client-provisioner
subjects:- kind: ServiceAccountname: nfs-client-provisionernamespace: dev
roleRef:kind: ClusterRolename: nfs-client-provisioner-runnerapiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: leader-locking-nfs-client-provisionernamespace: dev
rules:- apiGroups: [""]resources: ["endpoints"]verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: leader-locking-nfs-client-provisionernamespace: dev
subjects:- kind: ServiceAccountname: nfs-client-provisionernamespace: dev
roleRef:kind: Rolename: leader-locking-nfs-client-provisionerapiGroup: rbac.authorization.k8s.iokubectl apply -f nfs.rbac.yaml

7.2.3 部署NFS-Subdir-External-Provisioner （启动一个nfs供应商）

vim nfs-provisioner-deploy.yamlkind: Deployment
apiVersion: apps/v1
metadata:name: nfs-client-provisionernamespace: dev
spec:replicas: 1selector:matchLabels:app: nfs-client-provisionerstrategy:type: Recreate        #设置升级策略为删除再创建(默认为滚动更新)template:metadata:labels:app: nfs-client-provisionerspec:serviceAccountName: nfs-client-provisioner  #上一步创建的ServiceAccount名称containers:- name: nfs-client-provisionerimage: registry.cn-beijing.aliyuncs.com/mydlq/nfs-subdir-external-provisioner:v4.0.0volumeMounts:- name: nfs-client-rootmountPath: /persistentvolumesenv:- name: PROVISIONER_NAME  # Provisioner的名称,以后设置的storageclass要和这个保持一致value: storage-nfs- name: NFS_SERVER        # NFS服务器地址,需和valumes参数中配置的保持一致value: 192.168.236.133- name: NFS_PATH          # NFS服务器数据存储目录,需和valumes参数中配置的保持一致value: /web/data- name: ENABLE_LEADER_ELECTIONvalue: "true"volumes:- name: nfs-client-rootnfs:server: 192.168.236.133      # NFS服务器地址path:   /web/data    # NFS共享目录kubectl apply -f nfs-provisioner-deploy.yaml

7.2.4 创建NFS StorageClass（搭建存储类）

vim nfs-storageclass.yamlapiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:namespace: devname: nfs-storageannotations:storageclass.kubernetes.io/is-default-class: "false"  ## 是否设置为默认的storageclass
provisioner: storage-nfs                                   ## 动态卷分配者名称，必须和上面创建的deploy中环境变量“PROVISIONER_NAME”变量值一致
parameters:archiveOnDelete: "true"                                 ## 设置为"false"时删除PVC不会保留数据,"true"则保留数据
mountOptions: - hard                                                  ## 指定为硬挂载方式- nfsvers=4                                             ## 指定NFS版本,这个需要根据NFS Server版本号设置kubectl apply -f nfs-storageclass.yaml

7.2.5 将PVC配置挂载到storageclass

(1)备份

kubectl get pvc -o yaml
# 查看原来的配置文件vim pvc.backup.yamlapiVersion: v1
items:
- apiVersion: v1kind: PersistentVolumeClaimmetadata:annotations:meta.helm.sh/release-name: grafanameta.helm.sh/release-namespace: grafanacreationTimestamp: "2024-08-17T03:38:01Z"finalizers:- kubernetes.io/pvc-protectionlabels:app.kubernetes.io/component: grafanaapp.kubernetes.io/instance: grafanaapp.kubernetes.io/managed-by: Helmapp.kubernetes.io/name: grafanaapp.kubernetes.io/version: 11.1.4helm.sh/chart: grafana-11.3.15name: grafananamespace: grafanaresourceVersion: "90425"uid: e8f1e399-1cdd-48c5-82aa-974f03c941easpec:accessModes:- ReadWriteOnceresources:requests:storage: 10GivolumeMode: Filesystemstatus:phase: Pending
kind: List
metadata:resourceVersion: ""

（2）删除pvc

kubectl delete pvc grafana
# 删除原来的配置

（3）创建新的pvc

vim pvc.new.yamlapiVersion: v1
kind: PersistentVolumeClaim
metadata:name: grafana-pvc  # 替换为适当的名称namespace: grafanalabels:app.kubernetes.io/component: grafanaapp.kubernetes.io/instance: grafanaapp.kubernetes.io/managed-by: Helmapp.kubernetes.io/name: grafanaapp.kubernetes.io/version: 11.1.4helm.sh/chart: grafana-11.3.15
spec:accessModes:- ReadWriteOnceresources:requests:storage: 10GistorageClassName: nfs-storagevolumeMode: Filesystemkubectl apply -f pvc.new.yaml# kubectl get pvc 发现pvc 处于bonud状态
# kubectl get svc,pod -o wide 查看容器状态
# 发现pod处于pending状态

7.3 重新配置deploy

一次成功了我这里就不备份了，但是平常生活中记得备份

（1）删除原先的deploy
kubectl delete deploy grafana
（2）写grafana的yaml文件
vim grafana.deploy.yamlapiVersion: apps/v1
kind: Deployment
metadata:name: grafananamespace: grafana
spec:replicas: 1selector:matchLabels:app: grafanatemplate:metadata:labels:app: grafanaspec:containers:- name: grafanaimage: grafana/grafana:latestvolumeMounts:- name: grafana-storagemountPath: /var/lib/grafanavolumes:- name: grafana-storagepersistentVolumeClaim:claimName: grafana-pvckubectl get deploy,pod -o wide
# 查看pod状态

集群内部已经部署好grafana了，并且是一个自动化扩容的grafana

7.4 服务外发

kubectl expose deployment grafana --type=NodePort --name=grafana-service --port=3000 --target-port=3000 --namespace=grafana

kubectl gte svc 
# 如上图所示 ，查看开放端口，这里发现30178端口开放
# 直接访问http://<Node_IP>:30178

7.5 Grafana 初始化配置

grafana默认用户名和密码是

账号:admin
密码:admin

进入之后会要求修改一个新密码我们改为123456

这是我们进去之后的基本页面

我们将要将我们的k8s集群加入上去

点击data source 添加数据源

点击最下方保存并测试

回到data source页面

在侧边栏找到dashboard点击

点击import直接

导入模板

输入8919点击load

选择Prometheus后点击import

至此grafana搭建完成

8.k8s部署web页面

8.1 镜像制作

# 因为我们之前是使用sealos安装的所以k8s集群是基于containerd的，我们并没有docker环境，但是并不妨碍我们制作镜像
# 当然也会提供我的百度网盘拉取mysql镜像和制作镜像所需的文件
# 我这里使用VPS制作镜像主要原因是机器开不了第五台虚拟机了
链接：https://pan.baidu.com/s/1caRuss6FLELd7mEfxAz03A?pwd=jyp3 
提取码：jyp3 
--来自百度网盘超级会员V4的分享
# 使用ftp将我们的go文件传入vpsmkdir scweb
mv go+html+mysql+redis.zip scweb
cd scweb
unzip go+html+mysql+redis.zip 
# 解压完成后会出现如下文件

解析:
- **`server.go`**: Go 语言的核心程序代码文件，负责启动和管理 Web 服务器。- **`Readme.md`**: 项目的说明文件，包含安装和使用指南。- **`info.sql`**: 数据库的表结构和基础数据文件。- **`static`**: 存放网站的 JavaScript 和 CSS 文件的目录。- **`templates`**: 存放网站静态页面模板的目录。- **`go.mod`**: Go 项目的模块依赖配置文件。- **`go.sum`**: Go 项目中模块依赖的校验和文件，用于验证依赖的完整性。# mod是包管理，sum是依赖关系管理

(1)部署golang环境
sudo apt update
sudo apt upgrade
sudo apt install golang -y
(2)初始化编译# 我们这个包里面已经编译过了但是这里还是说一下mv go.mod go.sum  /root
# 把编译过的文件先弄走，直接删了也行go mod init web  
# 产生go.mod 生成网站所需要的依赖的库，写到go.mod文件里 
go env -w GOPROXY=https://goproxy.cn,direct
# 配置一个国内的go语言下载库的代理网站
go mod tidy
# 获取依赖，生成go.sum（3）修改源码并编译网站成二进制程序
const (DB_USER     = "root"DB_PASSWORD = "123456"DB_NAME     = "root"DB_HOST         = "tcp(192.168.236.135:31377)/"REDIS_HOST      = "192.168.236.135:6379"
)# 将server.go中的这一段配置根据自身情况进行修改
# 然后再build成可执行文件
go build -o server  server.go（4）部署docker环境sudo apt install apt-transport-https ca-certificates curl software-properties-common -y
# 安装必要依赖包curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
# 添加docker官方GPG密钥sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
# 添加 Docker 的官方 APT 源sudo apt update
# 更新 APT 包索引sudo apt install docker-ce
# 安装docker enginesudo systemctl start docker
sudo systemctl enable docker
# 启动docker服务docker --version
# 验证docker安装# 注意我是在香港的vps上做的，如果是国内服务器的话请参考文章
https://blog.csdn.net/qq_39500197/article/details/134754930?ops_request_misc=%257B%2522request%255Fid%2522%253A%2522172387806016800180660345%2522%252C%2522scm%2522%253A%252220140713.130102334..%2522%257D&request_id=172387806016800180660345&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2~all~sobaiduend~default-3-134754930-null-null.142^v100^control&utm_term=ubuntu%20docker%E5%AE%89%E8%A3%85%E6%8D%A2%E6%BA%90&spm=1018.2226.3001.4187
# 换镜像源的那一步请把镜像源换成https://docker.m.daocloud.io（5）制作镜像
mkdir  docker
cd docker/
cp ../server .
cp ../static/ . -r
cp ../templates/  .  -r最后我们的的docker文件夹下应该有这些文件

docker load -i ubbuntu22.04
# 将我们centos7的镜像上传到images里rm -rf ubuntu22.04
# 删除原先镜像vim Dockerfile
# 编写镜像制作文件FROM ubuntu:22.04WORKDIR /goCOPY . /goRUN chmod +x /go/serverENTRYPOINT ["/go/server"]docker build -t scweb:1.0 .
# 构建scweb镜像
docker save -o scweb.tar scweb:1.0
# 保存镜像并使用ftp从vps上拉取下来

于此，镜像制作完成

8.2 网站搭建

8.2.1 mysql配置

nerdctl load -i mysql:5.7.41
# 将我们的数据库镜像传入nerdctl images里面去mkdir ~/web/mysql
cd  ~/web/mysqlvim configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:name: mysql-confignamespace: default
data:my.cnf: |[mysqld]default_authentication_plugin=mysql_native_passwordbind-address = 0.0.0.0vim mysql.yamlapiVersion: apps/v1
kind: Deployment
metadata:name: mysql-deploymentnamespace: prometheus
spec:replicas: 1selector:matchLabels:app: mysqltemplate:metadata:labels:app: mysqlspec:affinity:nodeAffinity:requiredDuringSchedulingIgnoredDuringExecution:nodeSelectorTerms:- matchExpressions:- key: kubernetes.io/hostnameoperator: Invalues:- node1  # 确保 MySQL 部署在名为 node1 的节点上containers:- name: mysqlimage: mysql:5.7.41env:- name: MYSQL_ROOT_PASSWORDvalue: '123456'ports:- containerPort: 3306volumeMounts:- name: mysql-config-volumemountPath: /etc/mysql/my.cnfsubPath: my.cnfvolumes:- name: mysql-config-volumeconfigMap:name: mysql-config
---
apiVersion: v1
kind: Service
metadata:name: mysql-servicenamespace: default
spec:ports:- port: 3306targetPort: 3306selector:app: mysqltype: NodePortkubectl apply -f mysql.yaml

8.2.2 scweb配置

使用ftp将我们刚做好的scweb传到master1节点上去

nerdctl load -i scweb.tar
# 将文件上传到nerdctl images里面去mkdir ~/web/scweb
cd  ~/web/scwebvim scweb-Deployment.yamlapiVersion: apps/v1
kind: Deployment
metadata:name: scweb-deploymentnamespace: default
spec:replicas: 1selector:matchLabels:app: scwebtemplate:metadata:labels:app: scwebspec:containers:- name: scwebimage: scweb:2.0env:- name: DB_USERvalue: "root"- name: DB_PASSWORDvalue: "123456"- name: DB_NAMEvalue: "root"- name: DB_HOSTvalue: "192.168.236.133:31377"  # 使用外部 IP 和 NodePort 端口ports:- containerPort: 8080kubectl apply -f scweb-Deployment.yamlvim scweb-service.yaml apiVersion: v1
kind: Service
metadata:name: scweb-servicenamespace: default
spec:type: NodePortports:- port: 8080targetPort: 8080nodePort: 30288  # 曝露的 NodePortselector:app: scwebkubectl apply -f scweb-service.yaml

kubectl get svc,pod -o wide
# 看我们开放的端口
访问网页http://<NODEIP>:30288

至此web页面不知完成，测试数据库是否能够使用，发现不能使用因为我们没有导入root表和数据

8.3 导入sql数据

info.sql文件内容:
-- MySQL dump 10.14  Distrib 5.5.68-MariaDB, for Linux (x86_64)
--
-- Host: localhost    Database: users
-- ------------------------------------------------------
-- Server version	5.5.68-MariaDB/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;--
-- Table structure for table `students`
--DROP TABLE IF EXISTS `students`;
/*!40101 SET @saved_cs_client     = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `students` (`id` int(11) NOT NULL AUTO_INCREMENT,`name` varchar(100) NOT NULL,`grade` char(10) DEFAULT NULL,PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=17 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;--
-- Dumping data for table `students`
--LOCK TABLES `students` WRITE;
/*!40000 ALTER TABLE `students` DISABLE KEYS */;
INSERT INTO `students` VALUES (1,'cali','2020级'),(2,'feng','2021级'),(3,'test4','2024级'),(4,'test5','2025级');
/*!40000 ALTER TABLE `students` ENABLE KEYS */;
UNLOCK TABLES;--
-- Table structure for table `users`
--DROP TABLE IF EXISTS `users`;
/*!40101 SET @saved_cs_client     = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `users` (`id` int(11) NOT NULL AUTO_INCREMENT,`username` varchar(50) NOT NULL,`password` varchar(255) NOT NULL,PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;--
-- Dumping data for table `users`
--LOCK TABLES `users` WRITE;
/*!40000 ALTER TABLE `users` DISABLE KEYS */;
INSERT INTO `users` VALUES (1,'cali','2022');
/*!40000 ALTER TABLE `users` ENABLE KEYS */;
UNLOCK TABLES;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;-- Dump completed on 2024-06-10  0:37:41


(1)使用以下命令登录到 MySQL Pod
kubectl exec -it mysql-deployment-64fc9ddfcf-txbj7 -- mysql -uroot -p'123456'
(2)创建root数据库并使用
mysql> CREATE DATABASE IF NOT EXISTS root;
mysql> USE root;
(3)导入info.sql
exit 
kubectl exec -it mysql-deployment-64fc9ddfcf-txbj7 -- mysql -uroot -p'123456' root < info.sql
(4)授予root用户权限
kubectl exec -it mysql-deployment-64fc9ddfcf-txbj7 -- mysql -uroot -p'123456'-- 检查root用户权限
SHOW GRANTS FOR 'root'@'%';
-- 为 root 用户授予所有权限
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '123456' WITH GRANT OPTION;-- 刷新权限，以使更改生效
FLUSH PRIVILEGES;-- 查看用户与权限
SELECT user, host FROM mysql.user;

至此，以上步骤做完之后就可以使用了

最终测试可以查询到即为成功。

9.心得体会

笔者也可以再次布置ansible自动化运维工具到上面去，但是目前正在研究怎么将scweb与mysql加入Prometheus使得其能进行监控，yaml文件写了很多但是最终测试还是无果，后续如有进展可能会将k8s中pod里的Prometheus监控pod里的动态web网页，与pod里的ansible自动化运维工具发出来。

人生从不是一帆风顺，正如这篇文章一样，当我做到使用helm拉取镜像却无一完全成功时，问题已经很难解决了，但是最终还是通过自己配置自动化扩容的方式解决了问题，运维最可怕的不是学了多少，而是解决了多少问题，积累了多少经验，于此，诸君共勉。