做了个新Banner

好像自从离开东北之后就没有做过Banner,之前做banner都是给社团做个设计,毕竟之前也算是社团核心圈的成员。

在做banner的时候,女朋友问我,为什么一定要自己做,为什么不让她这个找她这个Professional 数媒专业毕业的做,我只是笑笑,没说什么太多的。

其实,虽然我的专业是运维,但是简单的使用Photoshop这类工具进行简单绘图、做个banner、做个logo还是一项基本的必备技能。不能因为我所学的不是这个专业,而主动放弃或推脱,也不应该以其为借口成为不去学习的理由。

我承认,这个新banner看起来很low,但是这是我亲手所做,希望某一天,我能抽出更多时间,再多研究研究最新版的Photoshop,能够对其做进一步的改善。

发表在 Life | 标签为 , | 留下评论

为K8S增加swap support

正如前文所说,k8s 的node节点配置太垃圾,故在之前的测试方案中增加了swap的support,实际生产环境不推荐这么跑,这么做的目的无非是一种穷屌丝的做法。

首先,开启kubelet的swap support,在/etc/sysconfig/kubelet中追加如下字段:

--fail-swap-on=false

比如我的配置文件内容为:

KUBELET_EXTRA_ARGS="--node-ip=11.22.33.44 --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice --fail-swap-on=false"
重启kubelet服务:
# systemctl restart kubelet

然后dd一块“盘”出来:

dd if=/dev/zero of=/swap bs=2M count=1024

接着修改/etc/sysctl.d/k8s.conf中关于swapiness部分,将其有0改为20,即:内存不足20%的情况下才允许使用swap

cat /etc/sysctl.d/k8s.conf
...
vm.swappiness=20
...

接下来就是最基本的挂载swap分区的过程了:

# grep swap /etc/fstab
/swap        swap        swap        defaults    0 0

# mount -a && swapon -a

最后查看一下成果吧!

#free -m
      total        used        free      shared  buff/cache   available
Mem:  1990       1359     92          22     538         540
Swap: 2047           0        2047
  

发表在 Kubernetes, Linux, OS, Platform | 标签为 , , , | 留下评论

将pod强制schedule到master节点上

线上机器性能比较差,为满足kubeadm的initial检查,故只有master的配置比较高,毕竟囊中羞涩嘛!

事情的开端始于想跑一个Jenkins用于实验和学习,结果JVM直接把垃圾的Node 干趴下了,load最高跑到了29,一脸懵逼……

经过几次调整,甚至还给Node上添加了swap,结果还是无法满足需求,因而只能用别的方案……

由于master上除了一些基础调度服务,没有跑过其他的Pod,故决定将Jenkins跑在master上,死马当活马医,实在不行再“学李白,重来……”

先给master加一个label:

[[email protected] yyyy]# kubectl label nodes xxxxxx.plus7s.com    node-zzzz=master
 node/xxxxxx.plus7s.com labeled
[[email protected] yyyy]#

然后查看一下master的描述信息:

[[email protected] yyyy]# kubectl describe node xxxxxx.plus7s.com

Name:               xxxxxx.plus7s.com

Roles:              master

Labels:             beta.kubernetes.io/arch=amd64

                    beta.kubernetes.io/os=linux

                    kubernetes.io/arch=amd64

                    kubernetes.io/hostname=xxxxxx.plus7s.com

                    kubernetes.io/os=linux

                    node-business=master

                    node-role.kubernetes.io/master=

Annotations:        flannel.alpha.coreos.com/backend-data: {"VtepMAC":"ba:00:04:8b:3b:2b"}

                    flannel.alpha.coreos.com/backend-type: vxlan

                    flannel.alpha.coreos.com/kube-subnet-manager: true

                    flannel.alpha.coreos.com/public-ip: w.x.y.z

                    kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock

                    node.alpha.kubernetes.io/ttl: 0

                    volumes.kubernetes.io/controller-managed-attach-detach: true

CreationTimestamp:  Mon, 06 Jan 2020 04:52:59 +0000

Taints:             node-role.kubernetes.io/master:NoSchedule

在deployment.yaml文件中增加如下字段:

  nodeSelector:     node-business: master   tolerations:   - key: "node-role.kubernetes.io/master"     operator: "Exists"     effect: "NoSchedule"

重新查看load,发现load已经降下来了:

参考资料:https://www.qikqiak.com/post/kubernetes-affinity-scheduler/

发表在 Kubernetes, Platform | 标签为 , , , , , , | 留下评论

Esxi 下收集 vmsupport 日志

收集方法:

收集好的日志会生成在/var/tmp 目录下

拷贝文件到目标存储上导出或直接使用scp拷贝出来即可。

发表在 OS, vSphere | 标签为 , , | 留下评论

ESXi 虚拟机无法重启

原因1:ESXi在为虚拟机安装vmTools的时候出现错误,导致失败。
解决方案:http://xjsunjie.blog.51cto.com/999372/1734698
执行进程查看,可查看到每个虚机对应的进程# esxcli vm process list|more
执行语句通过下面一条命令,可以对该id的虚拟机所对应的进程进行杀死

# esxcli vm process kill --type=hard --world-id=40008824

杀死类型有三种:有三种类型,SOFT是杀死虚机进程。HARD是强制杀死,类似KILL -9. FORCE是杀死整个虚机。

# esxcli vm process kill --type=Error: Missing required parameter -w|--world-id
Usage: esxcli vm process kill [cmd options]
Description:   kill                  
Used to forcibly kill Virtual Machines that are stuck                        
and not responding to normal stop operations.
Cmd options:  -t|--type=<str>      
The type of kill operation to attempt. There are three                        
types of VM kills that can be attempted:   [soft,                        hard, force]. Users should always attempt 'soft' kills                        
first, which will give the VMX process a chance to                        shutdown cleanly (like kill or kill -SIGTERM). If that                        
does not work move to 'hard' kills which will shutdown                        
the process immediately (like kill -9 or kill                        -SIGKILL). 'force' should be used as a last resort                        attempt to kill the VM. If all three fail then a                        reboot is required. (required)  -w|--world-id=<long>  The World ID of the Virtual Machine to kill. This can                        be obtained from the 'vm process list' command
                        (required)
发表在 OS, vSphere | 标签为 , , | 留下评论

ESXi 网络设置

  • esxcli network nic list 查看网卡信息
  • esxcli network ip route ipv4 list 查看路由(ipv4)
  • esxcli network ip dns server list 查看 dns
  • esxcli network ip interface ipv4 get 查看ip配置(ipv4)
esxcfg-route:
  • esxcfg-route 查看默认路由
esxcfg-nics:
  • esxcfg-nics 等价 esxcli network nic list
tcpdump-uw:类似于Linux下的 tcpdump, 是 ESX 的抓包工具
vsish
发表在 OS, vSphere | 标签为 , | 留下评论

ESXi shell控制虚拟机开关机

To power on a virtual machine from the command line:List the inventory ID of the virtual machine with the command:

vim-cmd vmsvc/getallvms |grep <vm name>

Note: The first column of the output shows the vmid.Check the power state of the virtual machine with the command:

vim-cmd vmsvc/power.getstate <vmid>

Power-on the virtual machine with the command:

vim-cmd vmsvc/power.on <vmid>

关机就是把 power.on 改为 power.off 就可以了.参考: Powering on a virtual machine from the command line when the host cannot be managed using vSphere Client另外还有一种方法, 只能控制关机:Get a list of running virtual machines, identified by World ID, UUID, Display Name, and path to the .vmx configuration file, using this command:

esxcli vm process list # 只显示开机的虚拟机列表

Power off one of the virtual machines from the list using this command:

esxcli vm process kill --type=[soft,hard,force]--world-id=WorldNumber

Notes: Three power-off methods are available. Soft is the most graceful, hard performs an immediate shutdown, and force should be used as a last resort.Alternate power off command syntax is:esxcli vm process kill -[soft,hard,force]-w WorldNumber
发表在 OS, vSphere | 标签为 , | 留下评论

ESXi使用ssh-key登陆

通过 ssh 登录到 ESXi 系统后, 可以通过 passwd root 来修改密码参考 Changing ESXi Root Password , 里面还说明了如何开启 ESXi ssh 登录.For ESXi 5.0, the location of authorized_keys is: /etc/ssh/keys-<username>/authorized_keys
发表在 AutomaticOPS, OS, SSH/PSSH, vSphere | 标签为 , | 留下评论

Glusterfs 排错

  1. 出现 注入如下rpc服务不可用导致glusterfs不可使用 报错的情况
Dec  9 10:36:32 node3 systemd: Cannot add dependency job for unit loopback_gluster.service, ignoring: Unit not found.
Dec  9 10:36:32 node3 systemd: rpcbind.socket failed to listen on sockets: Address family not supported by protocol
Dec  9 10:36:32 node3 systemd: Failed to listen on RPCbind Server Activation Socket.
Dec  9 10:36:32 node3 systemd: Dependency failed for RPC bind service.
Dec  9 10:36:32 node3 systemd: Dependency failed for GlusterFS, a clustered file-system server.
Dec  9 10:36:32 node3 systemd: Job glusterd.service/start failed with result 'dependency'.
Dec  9 10:36:32 node3 systemd: Job rpcbind.service/start failed with result 'dependency'.
Dec  9 10:38:01 node3 systemd: Cannot add dependency job for unit loopback_gluster.service, ignoring: Unit not found.
Dec  9 10:38:01 node3 systemd: rpcbind.socket failed to listen on sockets: Address family not supported by protocol
Dec  9 10:38:01 node3 systemd: Failed to listen on RPCbind Server Activation Socket.
Dec  9 10:38:01 node3 systemd: Dependency failed for RPC bind service.
Dec  9 10:38:01 node3 systemd: Job rpcbind.service/start failed with result 'dependency'.
解决方案
修改:vim   /etc/systemd/system/sockets.target.wants/rpcbind.socket
注释掉【Socket】字段中关于ipv6的相关支持:[Unit]
Description=RPCbind Server Activation Socket

[Socket] ListenStream=/var/run/rpcbind.sock

# RPC netconfig can't handle ipv6/ipv4 dual sockets
BindIPv6Only=ipv6-only
ListenStream=0.0.0.0:111
ListenDatagram=0.0.0.0:111
#ListenStream=[::]:111
#ListenDatagram=[::]:111

[Install] WantedBy=sockets.target

发表在 Glusterfs, Servuce | 标签为 , , | 留下评论

GlusterFS与Kubernetes的适配

  1. 安装epel源
pssh -l auto -h /opt/node.list -i 'sudo yum install -y epel-release*'
  1. 安装heketi
pssh -l auto -h /opt/node.list -i 'sudo yum -y --enablerepo=epel install heketi heketi-client'
  1. 创建块设备文件
pssh -l auto -h /opt/node.list -h 'dd if=/dev/zero of=/opt/gfs_data/common bs=11MB count=1024'
  1. 将块设备文件注册为块设备:
losetup /dev/loop0 /opt/gfs_data/common
如果有报错,则可能需要加载相应的内核模块:
sudo modprobe dm_thin_pool
然后删除刚刚注册了一半的块设备:
sudo losetup -d /dev/loop0
最后再重新注册一遍:
sudo losetup /dev/loop0 /opt/gfs_data/common

  1. 生成相关的服务,保证每次启动的时候都可以自动注册:
[Unit]
Description=Create the loopback device for GlusterFS
DefaultDependencies=false
Before=local-fs.target
After=systemd-udev-settle.service
Requires=systemd-udev-settle.service

[Service] Type=oneshot ExecStart=/usr/bin/bash -c "modprobe dm_thin_pool && [ -b /dev/loop0 ] || losetup /dev/loop0 /home/core/glusterimage"
[Install] WantedBy=local-fs.target
  1. enable服务:
systemctl enable /etc/systemd/system/loopback_gluster.service.
发表在 Glusterfs, Kubernetes | 标签为 , , , | 留下评论