2020-11-02

kubernetes集群环境搭建

kubernetes集群环境搭建

1.1 版本统一

Docker  18.09.0---kubeadm-1.14.0-0 kubelet-1.14.0-0 kubectl-1.14.0-0---k8s.gcr.io/kube-apiserver:v1.14.0k8s.gcr.io/kube-controller-manager:v1.14.0k8s.gcr.io/kube-scheduler:v1.14.0k8s.gcr.io/kube-proxy:v1.14.0k8s.gcr.io/pause:3.1k8s.gcr.io/etcd:3.3.10k8s.gcr.io/coredns:1.3.1---v0.11.0-amd64

1.2 k8s安装步骤

1.2.1 更新并安装依赖
yum -y updateyum install -y conntrack ipvsadm ipset jq sysstat curl iptables libseccomp
1.2.2 安装Docker

安装好Docker,版本为18.09.0

01 安装必要的依赖	sudo yum install -y yum-utils \ device-mapper-persistent-data \ lvm2  02 设置docker仓库	sudo yum-config-manager --add-repo	【设置要设置一下阿里云镜像加速器】sudo mkdir -p /etc/dockersudo tee /etc/docker/daemon.json <<-'EOF'{ "registry-mirrors": ["http://2595fda0.m.daocloud.io"]}EOFsudo systemctl daemon-reload03 安装docker yum install -y docker-ce-18.09.0 docker-ce-cli-18.09.0 containerd.io04 启动docker	sudo systemctl start docker && sudo systemctl enable docker
1.2.3 修改hosts文件

(1)master

# 设置master的hostname,并且修改hosts文件sudo hostnamectl set-hostname mvi /etc/hosts192.168.1.157 master192.168.1.158 node1192.168.1.159 node2

(2)分别在两个node节点执行

# 设置node1/node2的hostname,并且修改hosts文件sudo hostnamectl set-hostname node1sudo hostnamectl set-hostname node2vi /etc/hosts192.168.1.157 master192.168.1.158 node1192.168.1.159 node2

(3)使用ping测试一下

1.2.4 系统基础前提配置
# (1)关闭防火墙systemctl stop firewalld && systemctl disable firewalld# (2)关闭selinuxsetenforce 0sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config# (3)关闭swapswapoff -ased -i '/swap/s/^\(.*\)$/#\1/g' /etc/fstab# (4)配置iptables的ACCEPT规则iptables -F && iptables -X && iptables -F -t nat && iptables -X -t nat && iptables -P FORWARD ACCEPT# (5)设置系统参数cat <<EOF > /etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1EOFsysctl --system
1.2.5 安装 kubeadm, kubelet and kubectl

(1)配置yum源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=0repo_gpgcheck=0gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg  >yum install -y kubeadm-1.14.0-0 kubelet-1.14.0-0 kubectl-1.14.0-0

(3)docker和k8s设置同一个cgroup

# dockervi /etc/docker/daemon.json "exec-opts": ["native.cgroupdriver=systemd"], systemctl restart docker # kubelet,这边如果发现输出directory not exist,也说明是没问题的,大家继续往下进行即可sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g"/etc/systemd/system/kubelet.service.d/10-kubeadm.conf	systemctl enable kubelet && systemctl start kubelet
1.2.6 下载国内镜像
  • 查看kubeadm使用的镜像
kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.14.0k8s.gcr.io/kube-controller-manager:v1.14.0k8s.gcr.io/kube-scheduler:v1.14.0k8s.gcr.io/kube-proxy:v1.14.0k8s.gcr.io/pause:3.1k8s.gcr.io/etcd:3.3.10k8s.gcr.io/coredns:1.3.1
  • 创建kubeadm.sh脚本,用于拉取镜像/打tag/删除原有镜像
#!/bin/bashset -eKUBE_VERSION=v1.14.0KUBE_PAUSE_VERSION=3.1ETCD_VERSION=3.3.10CORE_DNS_VERSION=1.3.1GCR_URL=k8s.gcr.ioALIYUN_URL=registry.cn-hangzhou.aliyuncs.com/google_containersimages=(kube-proxy:${KUBE_VERSION}kube-scheduler:${KUBE_VERSION}kube-controller-manager:${KUBE_VERSION}kube-apiserver:${KUBE_VERSION}pause:${KUBE_PAUSE_VERSION}etcd:${ETCD_VERSION}coredns:${CORE_DNS_VERSION})for imageName in ${images[@]} ; do docker pull $ALIYUN_URL/$imageName docker tag $ALIYUN_URL/$imageName $GCR_URL/$imageName docker rmi $ALIYUN_URL/$imageNamedone
  • 运行脚本和查看镜像
# 运行脚本sh ./kubeadm.sh# 查看镜像docker images
1.2.7 kube init初始化master

(1) 初始化master节点

官网:https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm/

注意此操作是在主节点上进行

# 本地有镜像kubeadm init --kubernetes-version=1.14.0 --apiserver-advertise-address=192.168.1.157 --pod-network-cidr=10.244.0.0/16【若要重新初始化集群状态:kubeadm reset,然后再进行上述操作】
init] Using Kubernetes version: v1.14.0Your Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/configYou should now deploy a pod network to the cluster.Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/Then you can join any number of worker nodes by running the following on each as root:kubeadm join 192.168.1.157:6443 --token 40kelq.09xe7ldc86xp6sqm \ --discovery-token-ca-cert-hash sha256:b958ca9b91fba40dfd1246132d741c9d8a8ca8f63f4826457c9bbfde413733d9  kubeadm join 192.168.100.201:6443 --token dtki8i.g6v5omd7uu7gbijr \ --discovery-token-ca-cert-hash sha256:439a6015bfeea33e100c8e633d4e0ef0e9a69aa19bd5db4ce7f5b40c61164a07   //生成不过期token kubeadm token create --ttl 0 --print-join-command

记得保存好最后kubeadm join的信息

(3)根据日志提示

mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/config

此时kubectl cluster-info查看一下是否成功

(4)查看pod验证一下

等待一会儿,同时可以发现像etc,controller,scheduler等组件都以pod的方式安装成功了

注意:coredns没有启动,需要安装网络插件

kubectl get pods -n kube-system

(5)健康检查

curl -k https://localhost:6443/healthz

1.2.8 安装网络插件flannel

执行完上述操作是coredns 仍未启动成功,需要安装网络插件

docker pull quay-mirror.qiniu.com/coreos/flannel:v0.11.0-amd64docker tag quay-mirror.qiniu.com/coreos/flannel:v0.11.0-amd64 quay.io/coreos/flannel:v0.11.0-amd64docker rmi quay-mirror.qiniu.com/coreos/flannel:v0.11.0-amd64

kube-flannel.yml

https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel.yml

注意:文件中 Network 和 kubeadmin init 设置的pod-network-cidr=10.244.0.0/16 一致

net-conf.json: | {  "Network": "10.244.0.0/16",  "Backend": {  "Type": "vxlan"  } }

然后查看

kubectl get pods -n kube-system

发现coredns仍然没有启动,是因为master 默认不支持调度,执行下面操作即可:

kubectl taint nodes --all node-role.kubernetes.io/master-

本文由博客群发一文多发等运营工具平台 OpenWrite 发布

原文转载:http://www.shaoqun.com/a/485958.html

asiabill:https://www.ikjzd.com/w/1014

dmm.adult:https://www.ikjzd.com/w/2026

mymall:https://www.ikjzd.com/w/1050


kubernetes集群环境搭建1.1版本统一Docker18.09.0---kubeadm-1.14.0-0kubelet-1.14.0-0kubectl-1.14.0-0---k8s.gcr.io/kube-apiserver:v1.14.0k8s.gcr.io/kube-controller-manager:v1.14.0k8s.gcr.io/kube-scheduler:v1.14.0k8
斑马物联网:https://www.ikjzd.com/w/1316
汇通达:https://www.ikjzd.com/w/1758
中国多地公布今年前三季度多项外贸"成绩单":https://www.ikjzd.com/home/132074
在泰国的私家海滩宽衣解 - :http://tour.shaoqun.com/a/49019.html
2020六一儿童节深圳小众旅游去哪?推荐深圳观澜亲子乡村游:http://tour.shaoqun.com/a/24441.html

No comments:

Post a Comment