Google cloud: различия между версиями

Материал из noname.com.ua
Перейти к навигацииПерейти к поиску
 
(не показано 10 промежуточных версий этого же участника)
Строка 1: Строка 1:
  +
[[Категория:Linux]]
  +
[[Категория:gcloud]]
 
=Заметки=
 
=Заметки=
   
Строка 59: Строка 61:
   
   
  +
  +
==Allocate IP Address==
   
 
gcloud compute addresses create mmazur-test-address --region us-central1
 
gcloud compute addresses create mmazur-test-address --region us-central1
Строка 66: Строка 70:
 
NAME REGION ADDRESS STATUS
 
NAME REGION ADDRESS STATUS
 
mmazur-test-address us-central1 104.154.132.207 RESERVED
 
mmazur-test-address us-central1 104.154.132.207 RESERVED
  +
</PRE>
  +
  +
  +
<PRE>
  +
gcloud compute addresses create mmazur-test-address-global --global
  +
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/addresses/mmazur-test-address-global].
  +
---
  +
address: 35.186.225.111
  +
creationTimestamp: '2017-02-07T03:45:39.484-08:00'
  +
description: ''
  +
id: '7982691905826983308'
  +
kind: compute#address
  +
name: mmazur-test-address-global
  +
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/addresses/mmazur-test-address-global
  +
status: RESERVED
  +
  +
  +
</PRE>
  +
  +
<PRE>
  +
gcloud compute addresses list
  +
NAME REGION ADDRESS STATUS
  +
mmazur-test-address-global 35.186.225.111 RESERVED
  +
mmazur-test-address us-central1 104.154.132.207 RESERVED
  +
snb-services us-central1 104.154.134.194 RESERVED
  +
snb-ui us-central1 104.155.177.127 RESERVED
  +
vpn-to-xpn01 us-central1 104.197.52.139 IN_USE
 
</PRE>
 
</PRE>
   
Строка 78: Строка 109:
   
 
===Health Check===
 
===Health Check===
  +
<PRE>
  +
gcloud compute http-health-checks create mmazur-test-health-check --check-interval="5s" --port=31824
  +
</PRE>
  +
<PRE>
  +
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/httpHealthChecks/mmazur-test-health-check].
  +
NAME HOST PORT REQUEST_PATH
  +
mmazur-test-health-check 31824 /
  +
</PRE>
  +
  +
<PRE>
  +
  +
gcloud compute http-health-checks describe mmazur-test-health-check
  +
checkIntervalSec: 5
  +
creationTimestamp: '2017-02-07T02:33:30.454-08:00'
  +
description: ''
  +
healthyThreshold: 2
  +
host: ''
  +
id: '2338322503345380501'
  +
kind: compute#httpHealthCheck
  +
name: mmazur-test-health-check
  +
port: 31824
  +
requestPath: /
  +
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/httpHealthChecks/mmazur-test-health-check
  +
timeoutSec: 5
  +
unhealthyThreshold: 2
  +
  +
  +
</PRE>
  +
  +
===backend-services===
  +
<PRE>
  +
gcloud compute backend-services \
  +
create mmazur-test-backend-service \
  +
--http-health-checks mmazur-test-health-check
  +
--port 31824 \
  +
  +
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/backendServices/mmazur-test-backend-service].
  +
NAME BACKENDS PROTOCOL
  +
mmazur-test-backend-service HTTP
  +
</PRE>
  +
  +
<PRE>
  +
gcloud compute backend-services describe mmazur-test-backend-service
  +
affinityCookieTtlSec: 0
  +
connectionDraining:
  +
drainingTimeoutSec: 0
  +
creationTimestamp: '2017-02-07T02:40:16.526-08:00'
  +
description: ''
  +
enableCDN: false
  +
fingerprint: y_d4_k-DcCA=
  +
healthChecks:
  +
- https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/httpHealthChecks/mmazur-test-health-check
  +
id: '7566473235126295295'
  +
kind: compute#backendService
  +
loadBalancingScheme: EXTERNAL
  +
name: mmazur-test-backend-service
  +
port: 80
  +
portName: http
  +
protocol: HTTP
  +
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/backendServices/mmazur-test-backend-service
  +
sessionAffinity: NONE
  +
timeoutSec: 30
  +
  +
  +
</PRE>
  +
  +
<PRE>
  +
gcloud compute backend-services get-health mmazur-test-backend-service
  +
Listed 0 items.
  +
  +
  +
</PRE>
  +
  +
<PRE>
  +
gcloud compute instance-groups list
  +
NAME LOCATION SCOPE NETWORK MANAGED INSTANCES
  +
<SKIP>
  +
gke-mmazur-test-2-default-pool-36fd4440-grp us-central1-b zone default Yes 3
  +
<SKIP>
  +
</PRE>
  +
  +
  +
<PRE>
  +
  +
  +
gcloud compute backend-services add-backend mmazur-test-backend-service --instance-group=gke-mmazur-test-2-default-pool-36fd4440-grp --balancing-mode=UTILIZATION --max-utilization="1.0"
  +
WARNING: This backend service is assumed to be global. To access a regional backend service, provide the --region flag.
  +
In the future, backend services will be regional by default unless the --global flag is specified.
  +
Updated [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/backendServices/mmazur-test-backend-service].
  +
</PRE>
  +
  +
  +
<PRE>
  +
gcloud compute backend-services get-health mmazur-test-backend-service
  +
WARNING: This backend service is assumed to be global. To access a regional backend service, provide the --region flag.
  +
In the future, backend services will be regional by default unless the --global flag is specified.
  +
---
  +
backend: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/zones/us-central1-b/instanceGroups/gke-mmazur-test-2-default-pool-36fd4440-grp
  +
status:
  +
kind: compute#backendServiceGroupHealth
  +
</PRE>
  +
  +
>>>Backend services that do not have a valid global forwarding rule referencing it will not be health checked and so will have no health status.
  +
  +
===URL MAPS===
  +
  +
https://cloud.google.com/compute/docs/load-balancing/http/url-map
  +
  +
<PRE>
  +
gcloud compute url-maps create mmazur-test-url-map --default-service mmazur-test-backend-service
  +
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/urlMaps/mmazur-test-url-map].
  +
NAME DEFAULT_SERVICE
  +
mmazur-test-url-map mmazur-test-backend-service
  +
</PRE>
  +
  +
  +
<PRE>
  +
gcloud compute url-maps describe mmazur-test-url-map
  +
creationTimestamp: '2017-02-07T03:12:16.708-08:00'
  +
defaultService: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/backendServices/mmazur-test-backend-service
  +
description: ''
  +
fingerprint: VIXzHlhGDb8=
  +
id: '8910554993819653503'
  +
kind: compute#urlMap
  +
name: mmazur-test-url-map
  +
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/urlMaps/mmazur-test-url-map
  +
</PRE>
  +
  +
  +
===Target Proxy===
  +
<PRE>
  +
bash-3.2$ gcloud compute target-http-proxies create mmazur-test-target-http-proxy --url-map mmazur-test-url-map
  +
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/targetHttpProxies/mmazur-test-target-http-proxy].
  +
NAME URL_MAP
  +
mmazur-test-target-http-proxy mmazur-test-url-map
  +
</PRE>
  +
  +
<PRE>
  +
bash-3.2$ gcloud compute target-http-proxies list
  +
NAME URL_MAP
  +
<SKIP>
  +
mmazur-test-target-http-proxy mmazur-test-url-map
  +
</PRE>
  +
  +
<PRE>
  +
gcloud compute target-http-proxies describe mmazur-test-target-http-proxy
  +
creationTimestamp: '2017-02-07T03:26:05.094-08:00'
  +
id: '5013050211978973218'
  +
kind: compute#targetHttpProxy
  +
name: mmazur-test-target-http-proxy
  +
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/targetHttpProxies/mmazur-test-target-http-proxy
  +
urlMap: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/urlMaps/mmazur-test-url-map
  +
</PRE>
  +
  +
===forwarding-rules===
  +
<PRE>
  +
gcloud compute forwarding-rules create mmazur-test-forwarding-rule --address=mmazur-test-address-global --target-http-proxy=mmazur-test-target-http-proxy --ports="80" --global
  +
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/forwardingRules/mmazur-test-forwarding-rule].
  +
---
  +
IPAddress: 35.186.225.111
  +
IPProtocol: TCP
  +
creationTimestamp: '2017-02-07T03:48:57.279-08:00'
  +
description: ''
  +
id: '6713749577774926534'
  +
kind: compute#forwardingRule
  +
loadBalancingScheme: EXTERNAL
  +
name: mmazur-test-forwarding-rule
  +
portRange: 80-80
  +
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/forwardingRules/mmazur-test-forwarding-rule
  +
target: mmazur-test-target-http-proxy
  +
</PRE>
  +
   
==Ссылки===
+
==Ссылки==
 
* http://containertutorials.com/get_started_kubernetes/k8s_example.html
 
* http://containertutorials.com/get_started_kubernetes/k8s_example.html

Текущая версия на 09:17, 30 октября 2023

Заметки

  • gcloud init --console-only
  • gcloud container clusters list
 gcloud container clusters list
NAME                    ZONE           MASTER_VERSION  MASTER_IP       MACHINE_TYPE   NODE_VERSION  NUM_NODES  STATUS
amp-kubernetes-cluster  us-central1-b  1.4.8           104.198.73.45   n1-standard-2  1.4.7 *       5          RUNNING
k-poc-search-1          us-central1-b  1.4.8           104.198.72.131  n1-standard-4  1.4.7 *       4          RUNNING
k-poc-search-2          us-central1-b  1.5.2           104.154.220.59  n1-highmem-4   1.5.2         2          RUNNING
mmazur-sandbox-1        us-central1-b  1.5.2           104.198.34.251  n1-standard-1  1.5.2         3          RUNNING

Получить креденции (kubectl будет настроен автоматически)

  • gcloud container clusters get-credentials mmazur-sandbox-1
Fetching cluster endpoint and auth data.
kubeconfig entry generated for mmazur-sandbox-1.
kubectl get pods
No resources found.

Создать тестовый деплоймент

kubectl run hello-node --image=gcr.io/google-samples/node-hello:1.0 --port=8080
 kubectl expose deployment hello-node --type="NodePort"

Таким образом сервис будет доступен на всех нодах кластера на случайно выбранном порту

kubectl get service
NAME         CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
hello-node   10.3.246.117   <nodes>       8080:31824/TCP   1m
kubernetes   10.3.240.1     <none>        443/TCP          13m


kubectl  describe service hello-node
Name:			hello-node
Namespace:		default
Labels:			run=hello-node
Selector:		run=hello-node
Type:			NodePort
IP:			10.3.246.117
Port:			<unset>	8080/TCP
NodePort:		<unset>	31824/TCP
Endpoints:		10.0.0.4:8080
Session Affinity:	None


Внешний Port --> 31824


Allocate IP Address

gcloud compute addresses create mmazur-test-address --region us-central1

gcloud compute addresses list
NAME                 REGION       ADDRESS          STATUS
mmazur-test-address  us-central1  104.154.132.207  RESERVED


gcloud compute addresses create mmazur-test-address-global --global
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/addresses/mmazur-test-address-global].
---
address: 35.186.225.111
creationTimestamp: '2017-02-07T03:45:39.484-08:00'
description: ''
id: '7982691905826983308'
kind: compute#address
name: mmazur-test-address-global
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/addresses/mmazur-test-address-global
status: RESERVED


gcloud compute addresses list
NAME                        REGION       ADDRESS          STATUS
mmazur-test-address-global               35.186.225.111   RESERVED
mmazur-test-address         us-central1  104.154.132.207  RESERVED
snb-services                us-central1  104.154.134.194  RESERVED
snb-ui                      us-central1  104.155.177.127  RESERVED
vpn-to-xpn01                us-central1  104.197.52.139   IN_USE

Создание Load Balancer

Файрволл

Для того тото бы хелс чек работал нужно разрешить траффик от сети 130.211.0.0/22 (о чем написано в инструкции https://cloud.google.com/compute/docs/load-balancing/health-checks)
Создать правило с именем mmazur-lb

 gcloud compute firewall-rules  create mmazur-lb  --allow=tcp,udp,icmp  --source-ranges 130.211.0.0/22

Health Check

gcloud compute http-health-checks  create mmazur-test-health-check --check-interval="5s" --port=31824
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/httpHealthChecks/mmazur-test-health-check].
NAME                      HOST  PORT   REQUEST_PATH
mmazur-test-health-check        31824  /

gcloud compute http-health-checks  describe mmazur-test-health-check
checkIntervalSec: 5
creationTimestamp: '2017-02-07T02:33:30.454-08:00'
description: ''
healthyThreshold: 2
host: ''
id: '2338322503345380501'
kind: compute#httpHealthCheck
name: mmazur-test-health-check
port: 31824
requestPath: /
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/httpHealthChecks/mmazur-test-health-check
timeoutSec: 5
unhealthyThreshold: 2


backend-services

gcloud compute backend-services \
create mmazur-test-backend-service  \
--http-health-checks  mmazur-test-health-check  
--port 31824 \

Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/backendServices/mmazur-test-backend-service].
NAME                         BACKENDS  PROTOCOL
mmazur-test-backend-service            HTTP
gcloud compute backend-services describe  mmazur-test-backend-service
affinityCookieTtlSec: 0
connectionDraining:
  drainingTimeoutSec: 0
creationTimestamp: '2017-02-07T02:40:16.526-08:00'
description: ''
enableCDN: false
fingerprint: y_d4_k-DcCA=
healthChecks:
- https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/httpHealthChecks/mmazur-test-health-check 
id: '7566473235126295295'
kind: compute#backendService
loadBalancingScheme: EXTERNAL
name: mmazur-test-backend-service
port: 80
portName: http
protocol: HTTP
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/backendServices/mmazur-test-backend-service
sessionAffinity: NONE
timeoutSec: 30


gcloud compute backend-services get-health mmazur-test-backend-service
Listed 0 items.


gcloud compute instance-groups list
NAME                                                LOCATION       SCOPE  NETWORK       MANAGED  INSTANCES
<SKIP>
gke-mmazur-test-2-default-pool-36fd4440-grp         us-central1-b  zone   default       Yes      3
<SKIP>




 gcloud compute backend-services add-backend mmazur-test-backend-service  --instance-group=gke-mmazur-test-2-default-pool-36fd4440-grp  --balancing-mode=UTILIZATION --max-utilization="1.0"
WARNING: This backend service is assumed to be global. To access a regional backend service, provide the --region flag.
In the future, backend services will be regional by default unless the --global flag is specified.
Updated [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/backendServices/mmazur-test-backend-service].


 gcloud compute backend-services get-health mmazur-test-backend-service
WARNING: This backend service is assumed to be global. To access a regional backend service, provide the --region flag.
In the future, backend services will be regional by default unless the --global flag is specified.
---
backend: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/zones/us-central1-b/instanceGroups/gke-mmazur-test-2-default-pool-36fd4440-grp
status:
  kind: compute#backendServiceGroupHealth

>>>Backend services that do not have a valid global forwarding rule referencing it will not be health checked and so will have no health status.

URL MAPS

https://cloud.google.com/compute/docs/load-balancing/http/url-map

gcloud compute url-maps  create mmazur-test-url-map --default-service mmazur-test-backend-service
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/urlMaps/mmazur-test-url-map].
NAME                 DEFAULT_SERVICE
mmazur-test-url-map  mmazur-test-backend-service


gcloud compute url-maps  describe mmazur-test-url-map
creationTimestamp: '2017-02-07T03:12:16.708-08:00'
defaultService: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/backendServices/mmazur-test-backend-service
description: ''
fingerprint: VIXzHlhGDb8=
id: '8910554993819653503'
kind: compute#urlMap
name: mmazur-test-url-map
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/urlMaps/mmazur-test-url-map


Target Proxy

bash-3.2$ gcloud compute target-http-proxies  create mmazur-test-target-http-proxy   --url-map  mmazur-test-url-map
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/targetHttpProxies/mmazur-test-target-http-proxy].
NAME                           URL_MAP
mmazur-test-target-http-proxy  mmazur-test-url-map
bash-3.2$ gcloud compute target-http-proxies  list
NAME                                           URL_MAP
<SKIP>
mmazur-test-target-http-proxy                  mmazur-test-url-map
gcloud compute target-http-proxies  describe mmazur-test-target-http-proxy
creationTimestamp: '2017-02-07T03:26:05.094-08:00'
id: '5013050211978973218'
kind: compute#targetHttpProxy
name: mmazur-test-target-http-proxy
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/targetHttpProxies/mmazur-test-target-http-proxy
urlMap: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/urlMaps/mmazur-test-url-map

forwarding-rules

gcloud compute forwarding-rules create mmazur-test-forwarding-rule --address=mmazur-test-address-global  --target-http-proxy=mmazur-test-target-http-proxy --ports="80" --global
Created [https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/forwardingRules/mmazur-test-forwarding-rule].
---
IPAddress: 35.186.225.111
IPProtocol: TCP
creationTimestamp: '2017-02-07T03:48:57.279-08:00'
description: ''
id: '6713749577774926534'
kind: compute#forwardingRule
loadBalancingScheme: EXTERNAL
name: mmazur-test-forwarding-rule
portRange: 80-80
selfLink: https://www.googleapis.com/compute/v1/projects/kohls-ecom-sandbox/global/forwardingRules/mmazur-test-forwarding-rule
target: mmazur-test-target-http-proxy


Ссылки

* http://containertutorials.com/get_started_kubernetes/k8s_example.html