CentOS7开机后无IP4地址

发表于 2019-12-07 更新于 2022-02-19 分类于 OS ， CentOS 阅读次数：评论数：

我们在VMware或VirtualBox中启动CentOS7的虚拟机，登录后，查看网卡的IP4地址，发现ens33的IP地址并未显示出来。

ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:d5:43:ca brd ff:ff:ff:ff:ff:ff

这时，需要执行ifup ens33命令，让网卡连接起来。

连接好以后，再次查看IP地址。

ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:d5:43:ca brd ff:ff:ff:ff:ff:ff
    inet 172.16.64.233/24 brd 172.16.64.255 scope global noprefixroute dynamic ens33
       valid_lft 1778sec preferred_lft 1778sec
    inet6 fe80::e8ec:c304:253f:44b7/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

发现已经有IP地址了。

如果想让重启后配置也能生效，还需要修改/etc/sysconfig/network-scripts/ifcfg-ens33网卡配置。

把ONBOOT=no改为ONBOOT=yes

1	sed -i s/ONBOOT=no/ONBOOT=yes/g /etc/sysconfig/network-scripts/ifcfg-ens33

解决Google Chrome浏览器无法打开Kubernetes(K8S) Dashboard页面

发表于 2019-12-01 更新于 2022-02-19 分类于 Kubernetes ， Dashboard 阅读次数：评论数：

环境

k8s version: v.1.16.3

dashboard: dashboard:v2.0.0-beta6

问题描述

K8S Dashboard安装好以后，通过Firefox浏览器是可以打开的，但通过Google Chrome浏览器，无法成功浏览页面。如图：

解决方案

kubeadm自动生成的证书，很多浏览器不支持。所以我们需要自己创建证书。

创建一个目录

存放证书等文件

1 2	mkdir key cd key

生成证书

openssl genrsa -out dashboard.key 2048
Generating RSA private key, 2048 bit long modulus
.................+++
......+++
e is 65537 (0x10001)

# 172.16.64.229为master节点的IP地址
openssl req -new -out dashboard.csr -key dashboard.key -subj '/CN=172.16.64.229'
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
Signature ok
subject=/CN=172.16.64.229
Getting Private key

删除原有证书

注意新版的Dashboard的namespace已经变为kubernetes-dashboard了

1 2	kubectl delete secret kubernetes-dashboard-certs -n kubernetes-dashboard secret "kubernetes-dashboard-certs" deleted

创建新证书的secret

1 2	kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard secret/kubernetes-dashboard-certs created

查找正在运行的pod

kubectl get pod -n kubernetes-dashboard
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-76585494d8-dzgt9   1/1     Running   0          8m20s
kubernetes-dashboard-b65488c4-rcdjh          1/1     Running   0          8m20s

删除pod

kubectl delete po kubernetes-dashboard-b65488c4-rcdjh -n kubernetes-dashboard
pod "kubernetes-dashboard-b65488c4-rcdjh" deleted
kubectl delete po dashboard-metrics-scraper-76585494d8-dzgt9 -n kubernetes-dashboard
pod "dashboard-metrics-scraper-76585494d8-dzgt9" deleted

如果pod比较多的时候，可以使用以下这条命令批量删除。

1	kubectl get pod -n kubernetes-dashboard \| grep -v NAME \| awk '{print "kubectl delete po " $1 " -n kubernetes-dashboard"}' \| sh

删除后，新的pod会自动启动起来。

这时，再次刷新Chrome浏览器的Dashboard页面，如图：

点击继续前往，页面就可以正常显示了。

CentOS环境安装Docker

发表于 2019-11-28 更新于 2022-02-19 分类于 Docker 阅读次数：评论数：

在CentOS7.6环境下通过yum安装Docker

通过二进制方式安装请参考在CentOS上以二进制方式安装Docker

下载repo

1 2	cd /etc/yum.repos.d/ wget http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

安装docker

1	yum install -y docker-ce

启动docker

1	systemctl start docker

systemd下的docker服务

安装并启动docker后，我们可以看到有两个service unit被生成了。

docker.service服务

/usr/lib/systemd/system/docker.service

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always

# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3

# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s

# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity

# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity

# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes

# kill only the docker process, not all processes in the cgroup
KillMode=process

[Install]
WantedBy=multi-user.target

docker.socket服务

/usr/lib/systemd/system/docker.socket

[Unit]
Description=Docker Socket for the API
PartOf=docker.service

[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker

[Install]
WantedBy=sockets.target

启动docker的进程

1 2	root 1660 1 0 23:02 ? 00:00:03 /usr/bin/containerd root 1820 1 0 23:13 ? 00:00:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock