kubeadm安装k8s1.13
环境介绍:
centos 7.4.1708 关闭selinux和iptable,环境很重要!
|
主机 |
ip地址 |
cpu核数 |
内存 |
swap |
host解析 |
|
k8s-master |
10.0.0.11 |
2+ |
1G+ |
关闭 |
需要 |
|
k8s-node1 |
10.0.0.12 |
1+ |
1G+ |
关闭 |
需要 |
温馨提示:本文中以有......为底色的命令,都需要执行
k8s-master节点安装
第一步:安装docker
yum install -y yum-utils device-mapper-persistent-data lvm2
wget -O /etc/yum.repos.d/docker-ce.repo https://download.docker.com/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.tuna.tsinghua.edu.cn/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum install docker-ce -y
systemctl enable docker.service
systemctl start docker.service
第二步:安装kubeadm和kubelet
a:添加k8s的yum源(目前仅发现阿里云有yum源)
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
b:安装kubeadm和kubelet
yum install -y kubelet kubeadm kubectl ipvsadm
#ipvsadm是lvs的管理工具,新版k8s支持使用lvs做内部的负载均衡
c:内核优化
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness=0
EOF
sysctl --system
systemctl enable kubelet.service
第三步:使用kubeadm初始化k8s的master节点
kubeadm init --apiserver-advertise-address=10.0.0.11 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.254.0.0/16 --pod-network-cidr=172.16.0.0/16
#这一步很容易失败
成功会有如下类似的输出:
Your Kubernetes master has initializedsuccessfully!
To start using your cluster, you need to run thefollowing as a regular user:
mkdir -p$HOME/.kube
sudo cp -i/etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown$(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml"with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by runningthe following on each node
as root:
kubeadm join 10.0.0.11:6443 --token 53h5el.u4oy0hxukuks9n3d --discovery-token-ca-cert-hash sha256:f0514233ef67c5a1da08661cf61ea78c95b0e72da72a8c80f452904ce581c9ce
首先按照提示拷贝下k8s的config文件
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
其次把kubeadm join 10.0.0.11:6443 --token 53h5el.u4oy0hxukuks9n3d --discovery-token-ca-cert-hash sha256:f0514233ef67c5a1da08661cf61ea78c95b0e72da72a8c80f452904ce581c9ce的信息保存好,后期利用kubeadm添加node节点需要用到
检查k8s集群的状态:
kubectl get cs
第四步:为k8s配置网络
查看k8s的节点
kubectl get nodes
发现它的状态为NotReady,这是因为我们还没有为k8s按照网络插件,网络插件有多种方案,这里我们使用flannel.
wget https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml
vim kube-flannel.yml
76行修改为:"Network": "172.16.0.0/16", #kubeadm初始化的时候,我们用的--pod-network-cidr=172.16.0.0/16,网段需要修改为一致。
103行下面增加如下3行:
- key: node.kubernetes.io/not-ready
operator: Exists
effect: NoSchedule
110行和124行:registry.cn-shanghai.aliyuncs.com/gcr-k8s/flannel:v0.10.0-amd64 #网络原因,修改为国内地址,下载更快
130行增加一行:
- --iface=eth0 #根据自己的物理网卡名称来
kubectl apply -f kube-flannel.yml
kubectl get pods --namespace kube-system
#主要是看看kube-flannel-ds开头的pod是否已经Running,完成了,在往下走
kubectl get nodes
#这时NotReady状态已变为Ready,至此k8s master节点完成
k8s-node1节点安装
第一步:安装docker
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum install -y yum-utils device-mapper-persistent-data lvm2
wget -O /etc/yum.repos.d/docker-ce.repo https://download.docker.com/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.tuna.tsinghua.edu.cn/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum install docker-ce -y
systemctl enable docker.service
systemctl start docker.service
第二步:安装kubelet kubeadm
a:添加k8s的yum源(目前仅发现阿里云有yum源)
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
b:安装kubeadm和kubelet
yum install -y kubelet kubeadm kubectl ipvsadm
c:内核优化
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness=0
EOF
sysctl --system
systemctl enable kubelet.service
第三步:使用kubeadm加入集群
kubeadm join 10.0.0.11:6443 --token 53h5el.u4oy0hxukuks9n3d --discovery-token-ca-cert-hash sha256:f0514233ef67c5a1da08661cf61ea78c95b0e72da72a8c80f452904ce581c9ce
#这个命令如果当时没保存,可以在master节点上执行下面的命令查看
kubeadm token create --print-join-command
等待一段时间以后,docker把kube-proxy、flannel和pause的镜像都pull下来以后,回到master节点继续
k8s集群使用之前:
a:为新增的node节点添加角色
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 4h21m v1.13.3
k8s-node1 Ready <none> 77m v1.13.3
#这时我们发现新增的k8s-node1没有角色
给k8s-node1添加角色
kubectl label nodes k8s-node1 node-role.kubernetes.io/node=
再次查看
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 4h21m v1.13.3
k8s-node1 Ready node 77m v1.13.3
b:kubectl命令行自动补全
默认情况下kubectl命令不能补全,操作很不方便
添加kubectl自动补全方法:
source <(kubectl completion bash)
效果:
[root@k8s-master ~]# kubectl
annotate certificate create explain plugin set
api-resources cluster-info delete expose port-forward taint
api-versions completion describe get proxy top
apply config diff label replace uncordon
attach convert drain logs rollout version
auth cordon edit options run wait
autoscale cp exec patch scale
k8s集群运行一个nginx容器并被外界访问
kubectl create deployment nginx --image=nginx:1.14
kubectl expose deployment nginx --port=80 --type=NodePort
查看nginx的方法端口,从下图可以看出我的端口是30875
浏览器测试访问http://10.0.0.11:30875
评论已关闭