Kubernetes1.22.0 部署 metricis-service

news2024/12/25 0:54:59

概述

Install

cfssl

cat > proxy-client-csr.json<<EOF
{
  "CN": "aggregator",
  "hosts": [],
  "key": {
    "algo": "rsa",
    "size": 2048
  },
  "names": [
    {
      "C": "CN",
      "ST": "BeiJing",
      "L": "BeiJing",
      "O": "system:masters",
      "OU": "System"
    }
  ]
}
EOF

cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes  proxy-client-csr.json | cfssljson -bare proxy-client

 scp -r

scp -r proxy-client*.pem master01:/etc/kubernetes/ssl/
scp -r proxy-client*.pem master02:/etc/kubernetes/ssl/
scp -r proxy-client*.pem master03:/etc/kubernetes/ssl/
scp -r proxy-client*.pem node04:/etc/kubernetes/ssl/
scp -r proxy-client*.pem node05:/etc/kubernetes/ssl/
scp -r proxy-client*.pem node07:/etc/kubernetes/ssl/

/etc/kubernetes/kube-apiserver.conf

更新配置

需要手动添加到kube-apiservice的配置文件中

  --proxy-client-cert-file=/etc/kubernetes/ssl/proxy-client.pem \
  --proxy-client-key-file=/etc/kubernetes/ssl/proxy-client-key.pem \
  --runtime-config=api/all=true \
  --requestheader-client-ca-file=/etc/kubernetes/ssl/ca.pem \
  --requestheader-allowed-names=aggregator \
  --requestheader-extra-headers-prefix=X-Remote-Extra- \
  --requestheader-group-headers=X-Remote-Group \
  --requestheader-username-headers=X-Remote-User \

重启服务

systemctl daemon-reload && systemctl restart kube-apiserver && systemctl status kube-apiserver

scp -r error

# 不能通过scp -r进行覆盖性分发,因为每台主机信息不一样
scp -r /etc/kubernetes/kube-apiserver.conf master02:/etc/kubernetes/kube-apiserver.conf
scp -r /etc/kubernetes/kube-apiserver.conf master03:/etc/kubernetes/kube-apiserver.conf

# 需要手动添加到kube-apiservice的配置文件中
  --proxy-client-cert-file=/etc/kubernetes/ssl/proxy-client.pem \
  --proxy-client-key-file=/etc/kubernetes/ssl/proxy-client-key.pem \
  --runtime-config=api/all=true \
  --requestheader-client-ca-file=/etc/kubernetes/ssl/ca.pem \
  --requestheader-allowed-names=aggregator \
  --requestheader-extra-headers-prefix=X-Remote-Extra- \
  --requestheader-group-headers=X-Remote-Group \
  --requestheader-username-headers=X-Remote-User \

bakup

[root@master03 ~]# cat /etc/kubernetes/kube-apiserver.conf
KUBE_APISERVER_OPTS="--enable-admission-plugins=NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota \
  --anonymous-auth=false \
  --bind-address=192.168.164.13 \
  --secure-port=6443 \
  --advertise-address=192.168.164.13 \
  --insecure-port=0 \
  --authorization-mode=Node,RBAC \
  --runtime-config=api/all=true \
  --enable-bootstrap-token-auth \
  --service-cluster-ip-range=10.96.0.0/16 \
  --token-auth-file=/etc/kubernetes/token.csv \
  --service-node-port-range=30000-32767 \
  --tls-cert-file=/etc/kubernetes/ssl/kube-apiserver.pem  \
  --tls-private-key-file=/etc/kubernetes/ssl/kube-apiserver-key.pem \
  --client-ca-file=/etc/kubernetes/ssl/ca.pem \
  --kubelet-client-certificate=/etc/kubernetes/ssl/kube-apiserver.pem \
  --kubelet-client-key=/etc/kubernetes/ssl/kube-apiserver-key.pem \
  --service-account-key-file=/etc/kubernetes/ssl/ca-key.pem \
  --service-account-signing-key-file=/etc/kubernetes/ssl/ca-key.pem  \
  --service-account-issuer=https://kubernetes.default.svc.cluster.local \
  --service-account-issuer=api \
  --etcd-cafile=/etc/etcd/ssl/ca.pem \
  --etcd-certfile=/etc/etcd/ssl/etcd.pem \
  --etcd-keyfile=/etc/etcd/ssl/etcd-key.pem \
  --etcd-servers=https://192.168.164.11:2379,https://192.168.164.12:2379,https://192.168.164.13:2379 \
  --enable-swagger-ui=true \
  --allow-privileged=true \
  --apiserver-count=3 \
  --audit-log-maxage=30 \
  --audit-log-maxbackup=3 \
  --audit-log-maxsize=100 \
  --audit-log-path=/var/log/kube-apiserver-audit.log \
  --event-ttl=1h \
  --alsologtostderr=true \
  --logtostderr=false \
  --log-dir=/var/log/kubernetes \
  --v=4 \
  --proxy-client-cert-file=/etc/kubernetes/ssl/proxy-client.pem \
  --proxy-client-key-file=/etc/kubernetes/ssl/proxy-client-key.pem \
  --runtime-config=api/all=true \
  --requestheader-client-ca-file=/etc/kubernetes/ssl/ca.pem \
  --requestheader-allowed-names=aggregator \
  --requestheader-extra-headers-prefix=X-Remote-Extra- \
  --requestheader-group-headers=X-Remote-Group \
  --requestheader-username-headers=X-Remote-User"
[root@master03 ~]#




[root@master02 ~]# cat /etc/kubernetes/kube-apiserver.conf
KUBE_APISERVER_OPTS="--enable-admission-plugins=NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota \
  --anonymous-auth=false \
  --bind-address=192.168.164.12 \
  --secure-port=6443 \
  --advertise-address=192.168.164.12 \
  --insecure-port=0 \
  --authorization-mode=Node,RBAC \
  --runtime-config=api/all=true \
  --enable-bootstrap-token-auth \
  --service-cluster-ip-range=10.96.0.0/16 \
  --token-auth-file=/etc/kubernetes/token.csv \
  --service-node-port-range=30000-32767 \
  --tls-cert-file=/etc/kubernetes/ssl/kube-apiserver.pem  \
  --tls-private-key-file=/etc/kubernetes/ssl/kube-apiserver-key.pem \
  --client-ca-file=/etc/kubernetes/ssl/ca.pem \
  --kubelet-client-certificate=/etc/kubernetes/ssl/kube-apiserver.pem \
  --kubelet-client-key=/etc/kubernetes/ssl/kube-apiserver-key.pem \
  --service-account-key-file=/etc/kubernetes/ssl/ca-key.pem \
  --service-account-signing-key-file=/etc/kubernetes/ssl/ca-key.pem  \
  --service-account-issuer=https://kubernetes.default.svc.cluster.local \
  --service-account-issuer=api \
  --etcd-cafile=/etc/etcd/ssl/ca.pem \
  --etcd-certfile=/etc/etcd/ssl/etcd.pem \
  --etcd-keyfile=/etc/etcd/ssl/etcd-key.pem \
  --etcd-servers=https://192.168.164.11:2379,https://192.168.164.12:2379,https://192.168.164.13:2379 \
  --enable-swagger-ui=true \
  --allow-privileged=true \
  --apiserver-count=3 \
  --audit-log-maxage=30 \
  --audit-log-maxbackup=3 \
  --audit-log-maxsize=100 \
  --audit-log-path=/var/log/kube-apiserver-audit.log \
  --event-ttl=1h \
  --alsologtostderr=true \
  --logtostderr=false \
  --log-dir=/var/log/kubernetes \
  --v=4 \
  --proxy-client-cert-file=/etc/kubernetes/ssl/proxy-client.pem \
  --proxy-client-key-file=/etc/kubernetes/ssl/proxy-client-key.pem \
  --runtime-config=api/all=true \
  --requestheader-client-ca-file=/etc/kubernetes/ssl/ca.pem \
  --requestheader-allowed-names=aggregator \
  --requestheader-extra-headers-prefix=X-Remote-Extra- \
  --requestheader-group-headers=X-Remote-Group \
  --requestheader-username-headers=X-Remote-User"
[root@master02 ~]#


[root@master01 metricis]# cat /etc/kubernetes/kube-apiserver.conf
KUBE_APISERVER_OPTS="--enable-admission-plugins=NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota \
  --anonymous-auth=false \
  --bind-address=192.168.164.11 \
  --secure-port=6443 \
  --advertise-address=192.168.164.11 \
  --insecure-port=0 \
  --authorization-mode=Node,RBAC \
  --runtime-config=api/all=true \
  --enable-bootstrap-token-auth \
  --service-cluster-ip-range=10.96.0.0/16 \
  --token-auth-file=/etc/kubernetes/token.csv \
  --service-node-port-range=30000-32767 \
  --tls-cert-file=/etc/kubernetes/ssl/kube-apiserver.pem  \
  --tls-private-key-file=/etc/kubernetes/ssl/kube-apiserver-key.pem \
  --client-ca-file=/etc/kubernetes/ssl/ca.pem \
  --kubelet-client-certificate=/etc/kubernetes/ssl/kube-apiserver.pem \
  --kubelet-client-key=/etc/kubernetes/ssl/kube-apiserver-key.pem \
  --service-account-key-file=/etc/kubernetes/ssl/ca-key.pem \
  --service-account-signing-key-file=/etc/kubernetes/ssl/ca-key.pem  \
  --service-account-issuer=https://kubernetes.default.svc.cluster.local \
  --service-account-issuer=api \
  --etcd-cafile=/etc/etcd/ssl/ca.pem \
  --etcd-certfile=/etc/etcd/ssl/etcd.pem \
  --etcd-keyfile=/etc/etcd/ssl/etcd-key.pem \
  --etcd-servers=https://192.168.164.11:2379,https://192.168.164.12:2379,https://192.168.164.13:2379 \
  --enable-swagger-ui=true \
  --allow-privileged=true \
  --apiserver-count=3 \
  --audit-log-maxage=30 \
  --audit-log-maxbackup=3 \
  --audit-log-maxsize=100 \
  --audit-log-path=/var/log/kube-apiserver-audit.log \
  --event-ttl=1h \
  --alsologtostderr=true \
  --logtostderr=false \
  --log-dir=/var/log/kubernetes \
  --v=4 \
  --proxy-client-cert-file=/etc/kubernetes/ssl/proxy-client.pem \
  --proxy-client-key-file=/etc/kubernetes/ssl/proxy-client-key.pem \
  --runtime-config=api/all=true \
  --requestheader-client-ca-file=/etc/kubernetes/ssl/ca.pem \
  --requestheader-allowed-names=aggregator \
  --requestheader-extra-headers-prefix=X-Remote-Extra- \
  --requestheader-group-headers=X-Remote-Group \
  --requestheader-username-headers=X-Remote-User"
[root@master01 metricis]#

yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
    rbac.authorization.k8s.io/aggregate-to-admin: "true"
    rbac.authorization.k8s.io/aggregate-to-edit: "true"
    rbac.authorization.k8s.io/aggregate-to-view: "true"
  name: system:aggregated-metrics-reader
rules:
  - apiGroups:
      - metrics.k8s.io
    resources:
      - pods
      - nodes
    verbs:
      - get
      - list
      - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
rules:
  - apiGroups:
      - ""
    resources:
      - nodes/metrics
    verbs:
      - get
  - apiGroups:
      - ""
    resources:
      - pods
      - nodes
    verbs:
      - get
      - list
      - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server-auth-reader
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: extension-apiserver-authentication-reader
subjects:
  - kind: ServiceAccount
    name: metrics-server
    namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server:system:auth-delegator
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:auth-delegator
subjects:
  - kind: ServiceAccount
    name: metrics-server
    namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  labels:
    k8s-app: metrics-server
  name: system:metrics-server
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:metrics-server
subjects:
  - kind: ServiceAccount
    name: metrics-server
    namespace: kube-system
---
apiVersion: v1
kind: Service
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  ports:
    - name: https
      port: 443
      protocol: TCP
      targetPort: https
  selector:
    k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    k8s-app: metrics-server
  name: metrics-server
  namespace: kube-system
spec:
  selector:
    matchLabels:
      k8s-app: metrics-server
  strategy:
    rollingUpdate:
      maxUnavailable: 0
  template:
    metadata:
      labels:
        k8s-app: metrics-server
    spec:
      containers:
        - args:
            - --cert-dir=/tmp
            - --secure-port=4443
            - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
            - --kubelet-use-node-status-port
            - --metric-resolution=15s
            - --kubelet-insecure-tls # 加上该启动参数
          image: registry.cn-hangzhou.aliyuncs.com/chenby/metrics-server:v0.6.2
          imagePullPolicy: IfNotPresent
          livenessProbe:
            failureThreshold: 3
            httpGet:
              path: /livez
              port: https
              scheme: HTTPS
            periodSeconds: 10
          name: metrics-server
          ports:
            - containerPort: 4443
              name: https
              protocol: TCP
          readinessProbe:
            failureThreshold: 3
            httpGet:
              path: /readyz
              port: https
              scheme: HTTPS
            initialDelaySeconds: 20
            periodSeconds: 10
          resources:
            requests:
              cpu: 100m
              memory: 200Mi
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true
            runAsNonRoot: true
            runAsUser: 1000
          volumeMounts:
            - mountPath: /tmp
              name: tmp-dir
      nodeSelector:
        kubernetes.io/os: linux
      priorityClassName: system-cluster-critical
      serviceAccountName: metrics-server
      volumes:
        - emptyDir: {}
          name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
  labels:
    k8s-app: metrics-server
  name: v1beta1.metrics.k8s.io
spec:
  group: metrics.k8s.io
  groupPriorityMinimum: 100
  insecureSkipTLSVerify: true
  service:
    name: metrics-server
    namespace: kube-system
  version: v1beta1
  versionPriority: 100

success output

kubectl get pod -n kube-system

kubectl get pod metrics-server-7ff8cbcd54-qrgr4 -n kube-system --watch

kubectl top nodes

访问自生dashboard

Kubernetes Dashboardhttps://192.168.164.11:30443/#/pod?namespace=default

重要参考

二进制方式搭建Kubernetes 1.19.3高可用集群(五)——部署dashboard (lingjie.tech)

https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
https://github.com/kubernetes-sigs/metrics-server/releases/
https://github.com/kubernetes-sigs/metrics-server/releases/
https://www.lingjie.tech/article/2020-11-07/20
https://zhuanlan.zhihu.com/p/605947837
https://blog.csdn.net/alex_yangchuansheng/article/details/112551373
https://www.lingjie.tech/article/2020-11-07/20
https://github.com/kubernetes-sigs/metrics-server/releases/
https://blog.csdn.net/alex_yangchuansheng/article/details/112551373
 

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.coloradmin.cn/o/567053.html

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈,一经查实,立即删除!

相关文章

SVD求解两组多维点之间的欧式变换矩阵,及halcon代码实现

之前研究了二维点的仿射变换&#xff0c;用解矩阵的方式求解了两组二维点之间的变换矩阵。 学习了下SVD&#xff0c;看到可以用SVD求解两组多维点之间的欧式变换矩阵&#xff0c;当然也是个最优化问题。 这里的变换只有平移和旋转&#xff0c;没有缩放。 一、先说结论&#…

【DNDC模型】农田生态、陆地生态系统的动态模拟模型

DNDC模型 DNDC模型是一个用于模拟和追踪农业生态系统中碳氮生物地球化学循环的过程模型&#xff0c;可以用来模拟农业生态系统碳氮排放、农作物产量、土壤固碳作用以及硝酸盐淋失等过程。 模型由两部分组成&#xff1a;第一部分包括土壤气候、植物生长和有机质分解等3个子模型…

整理6个超好用的在线编辑器!

随着 Web 开发对图像可扩展性、响应性、交互性和可编程性的需求增加&#xff0c;SVG 图形成为最适合 Web 开发的图像格式之一。它因文件小、可压缩性强并且无论如何放大或缩小&#xff0c;图像都不会失真而受到欢迎。然而&#xff0c;为了编辑 SVG 图像&#xff0c;需要使用 SV…

【共享内存】

1 共享内存示意图 共享内存区是最快的 IPC 形式。一旦这样的内存映射到共享它的进程的地址空间&#xff0c;这些进程间数据传递不再涉及到 内核&#xff0c;换句话说是进程不再通过执行进入内核的系统调用来传递彼此的数据。 2 共享内存数据结构 struct shmid_ds {struct ipc_…

Mysql 学习(十 三)InnoDB的BufferPool

为什么要有缓存&#xff1f; 我们知道每次获取数据我们都需要从磁盘获取&#xff0c;磁盘的运行速度又慢的不行&#xff0c;对于这一个问题我们要怎么解决呢&#xff1f;我们把查询结果存储起来不就行了&#xff0c;因为当需要访问某个页的数据时&#xff0c;就会把完整的页的…

再见SpringSecurity,比Shiro更简单优雅的轻量级Sa-Token框架我粉了

1. 技术选型 最近在做登录、授权的功能&#xff0c;一开始考虑到的是spring boot spring security&#xff0c;但spring security太重&#xff0c;而我们是轻量级的项目&#xff0c;所以&#xff0c;spring security不适合我们。 而后考虑spring boot shiro&#xff0c;但s…

SSD202 Linux开发日志记录

一、挂载U盘 SDK默认自动加载USB存储模块&#xff0c;但没有自动挂载&#xff0c;插上U盘后识别sda mount /dev/sda /mnt/即可在/mnt查看U盘文件 二、make & make menuconfig提示失败 打开新终端后输入 declare -x ARCH"arm" declare -x CROSS_COMPILE"…

记一次php 导出word文档

导出试卷 先看效果 $paper Exam::where(id, $data[examid])->field(paper_id,title)->find();$bankIds PaperStorehouse::where(id, $paper[paper_id])->value(banks);$field type,rate,name,options,parsing,value,question_id,parsing_id;$bankInfo Banks::whe…

北邮22信通:二叉树显示路径的两种方法 递归函数保存现场返回现场的实例

北邮22信通一枚~ 跟随课程进度每周更新数据结构与算法的代码和文章 持续关注作者 解锁更多邮苑信通专属代码~ 获取更多文章 请访问专栏~ 北邮22信通_青山如墨雨如画的博客-CSDN博客 一.讲解 要想实现二叉树的路径显示&#xff0c;我们要按照…

gitbook在centos上安装

1&#xff09;官网下载Node.js的Linux64位的二进制包:Download | Node.js 或者在线下载&#xff1a; wget https://nodejs.org/dist/v12.16.1/node-v12.16.1-linux-x64.tar.xz ​​2)到指定目录​解压 cd /opt/gitbook tar -xJf node-v12.16.1-linux-x64.tar.xz mv node-…

记录--按钮级别权限怎么控制

这里给大家分享我在网上总结出来的一些知识&#xff0c;希望对大家有所帮助 最近的面试中有一个面试官问我按钮级别的权限怎么控制&#xff0c;我说直接v-if啊&#xff0c;他说不够好&#xff0c;我说我们项目中按钮级别的权限控制情况不多&#xff0c;所以v-if就够了&#xff…

wifiWG233移植

驱动的移植 交叉编译WIFI原厂固件驱动 根据网上资料&#xff0c;和官方文档编译成功。 修改Makefile 修改交叉编译环境 执行 make 编译成功&#xff0c;生成88x2bu.ko 加载原厂驱动 Insmod 88x2bu.ko 生成wlan0 Hostapd工具移植生成可连接热点AP 安装libnl库 使用命令tar …

ApiKit 接口调用、自动化测试工具

作为一位后端开发&#xff0c;我们平时经常需要维护API文档、对API接口进行调试、有时候还得Mock数据。Postman虽然作为接口调试工具非常好用&#xff0c;但是对于维护API文档这类工作却不太合适。今天给大家推荐一款功能更强大的工具ApiKit&#xff0c;足以满足我们对API的各种…

如何清除电脑缓存?分享3个有效的方法!

案例&#xff1a;我发现我的电脑运行速度越来越慢&#xff0c;影响使用体验。朋友说可能是我没有及时清理电脑缓存文件所致&#xff0c;那如何清理缓存的文件&#xff1f; 【我想通过清理电脑缓存文件的方法&#xff0c;提高我电脑运行的速度&#xff0c;但是我不知道具体的操…

如何利用Citespace和vosviewer既快又好地写出高质量的论文及快速锁定热点和重点文献进行可视化分析?

基于Citespace和vosviewer文献计量学可视化SCI论文高效写作方法 CiteSpace是什么&#xff1f; 简单来说&#xff0c;它一款通过将国内外文献进行可视化分析来帮助你了解一门学科前世今生的软件。 面对成千上万篇的文献&#xff0c;怎样才能快速锁定自己最感兴趣的主题及科学…

取代 Docker Desktop?Podman Desktop 发布 GA 版本 1.0

Podman&#xff08;POD MANager&#xff09;是一个跨平台的容器管理工具&#xff0c;可用于管理容器、镜像、卷以及以容器组形式存在的 Pod。Podman 可以在 Linux 上直接运行容器&#xff0c;但在像 macOS 和 Windows 这样的平台&#xff0c;是通过虚拟机间接运行容器。 Podma…

「实在RPA·电商数字员工」契合电商数智转型需求

一、为什么说电商数智化转型很重要&#xff1f; 如今&#xff0c;电商发展速度惊人&#xff0c;并且已经取代了实体店购物的时代。在众多新型的消费方式下&#xff0c;各式的电商行业如何运作&#xff0c;并且在短时间内完成各项任务&#xff0c;提升人们的生活质量。人们生活…

django admin后台列表页、修改/详情页图片预览功能

目录 一、admin后台列表页的图片预览功能 二、admin后台修改/详情页图片预览功能 1&#xff0c;添加html前端代码 2、在admin.py文件中添加以下代码&#xff1a; 1.列表页图片问题&#xff1a;在admin列表页中&#xff0c;直接在list_display中填写图片字段时在列表页展示的…

YOLOv5从训练到移植

一、图像采集和标注 图像采集 覆盖所有的数据目标&#xff0c;不同场景&#xff08;视角、光照、可能的干扰&#xff09;、距离、运动、背景等&#xff0c;用深度和广度摄像头都行。 若兼顾效率和准确率&#xff0c;可以用迁移学习思路训练&#xff0c;则不同场景下采集的图…

系统方面对文件的打开,读写,关闭

系统方面对文件的操作 1. 系统方面打开文件的函数2. 系统方面对文件的写入3. 系统方面对文件的读取4. 关闭文件close 1. 系统方面打开文件的函数 open函数得到一个指定文件的文件描述符&#xff0c;如果出现错误则返回-1。open函数需要传入一个文件路径和操作模式&#xff0c;…