一、 系统环境
操作系统:centos7 VM
kubernetes版本:v1.13.4
二、 安装步骤
官方文档:
https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/
由于翻墙问题,按照教程搭建会有一点问题。外国人文档编写的习惯,写步骤前总会扯动扯西,而不是直接列出步骤。
下面一步步搭建Kubernetes集群。
1. 安装Docker
https://kubernetes.io/docs/setup/cri/
把yum源换成阿里云,直接将所有命令copy终端运行,则docker安装成功。
# Install Docker CE
## Set up the repository
### Install required packages.
yum install yum-utils device-mapper-persistent-data lvm2
### Add docker repository.改成阿里云的镜像仓库
yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
## Install docker ce.
yum update && yum install docker-ce-18.06.2.ce
## Create /etc/docker directory.
mkdir /etc/docker
# Setup daemon.
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
mkdir -p /etc/systemd/system/docker.service.d
# Restart docker.
systemctl daemon-reload
systemctl restart docker
2. 安装kubeadm
https://kubernetes.io/docs/setup/independent/install-kubeadm/
kubeadm是Kubernetes提供的创建集群的工具。
集群中每个节点都需要同样的环境,此时可保存虚拟机状态并克隆一个节点备用。
#换成阿里云仓库
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl= https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
exclude=kube*
EOF
# Set SELinux in permissive mode (effectively disabling it)
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable --now kubelet
modprobe br_netfilter
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
systemctl daemon-reload
systemctl restart kubelet
3. 配置master节点
https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/
- 配置hostname
# Master 节点
$ echo "master.localdomain" > /etc/hostname
# ip根据自己的节点ip填写
$ echo "192.168.142.20 master.localdomain" >> /etc/hosts
$ sysctl kernel.hostname=master.localdomain # 不重启情况下使内核修改生效
2. kubeadm配置master
#关闭防火墙
systemctl stop firewalld
#enable docker,使docker服务开机启动
systemctl enable docker
systemctl start docker
#关闭swap
swapoff -a
#kubeadm要求每个节点的cpu核数至少2个,需要在虚拟机配置
此时跑kubeadm init --pod-network-cidr=10.244.0.0/16,翻墙问题拉镜像失败。
解决方法是从docker官方仓库拉镜像,然后通过docker tag的方式先下载好镜像到本地。
docker pull mirrorgooglecontainers/kube-apiserver-amd64:v1.13.4
docker pull mirrorgooglecontainers/kube-controller-manager-amd64:v1.13.4
docker pull mirrorgooglecontainers/kube-scheduler-amd64:v1.13.4
docker pull mirrorgooglecontainers/kube-proxy-amd64:v1.13.4
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd-amd64:3.2.24
docker pull coredns/coredns:1.2.6
docker tag docker.io/mirrorgooglecontainers/kube-proxy-amd64:v1.13.4 k8s.gcr.io/kube-proxy:v1.13.4
docker tag docker.io/mirrorgooglecontainers/kube-scheduler-amd64:v1.13.4 k8s.gcr.io/kube-scheduler:v1.13.4
docker tag docker.io/mirrorgooglecontainers/kube-apiserver-amd64:v1.13.4 k8s.gcr.io/kube-apiserver:v1.13.4
docker tag docker.io/mirrorgooglecontainers/kube-controller-manager-amd64:v1.13.4 k8s.gcr.io/kube-controller-manager:v1.13.4
docker tag docker.io/mirrorgooglecontainers/etcd-amd64:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag docker.io/mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag docker.io/coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
docker镜像的版本根据kubeadm提示的选择。
#kubeadm初始化master,没有意外这里成功
kubeadm init --pod-network-cidr=10.244.0.0/16
#把这串命令记录下来,后面节点加入集群需要用到
(kubeadm join 192.168.142.20:6443 --token 2tad5v.li76trlx9z490hbb --discovery-token-ca-cert-hash sha256:e393098f37f92bb2b3ec0c4bf88191e013a3a71891393ea0b1775e5652e02aee)
#配置kubernetes主目录
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
#必须有这个环境变量
export KUBECONFIG=/etc/kubernetes/admin.conf
接下来安装kubernetes的network插件,用于容器间通信。这里我选择的是Flannel,理由是不需要翻墙。
sysctl net.bridge.bridge-nf-call-iptables=1
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml
至此,master节点配置成功了!
如果重启了master,怎么重新获取join命令呢?
#命令格式
kubeadm join --token <token> <master-ip>:<master-port> --discovery-token-ca-cert-hash sha256:<hash>
#获取token
kubeadm token create
#获取hash
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \
openssl dgst -sha256 -hex | sed 's/^.* //'
4.配置node节点
https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/
在开始之前,你需要的环境:
- 装好docker
- 装好kubeadm
- 下载好kubernetes需要的docker镜像
- 同样的步骤,设置node1的hostname
下面的命令敲一遍,防止环境出问题:
systemctl enable docker
systemctl start docker
systemctl disable firewalld
systemctl stop firewalld
swapoff -a
sysctl net.bridge.bridge-nf-call-iptables=1
最后,join加入集群:
kubeadm join --token <token> <master-ip>:<master-port> --discovery-token-ca-cert-hash sha256:<hash>
若出现如下提示,则加入集群成功:
最后,在moster节点敲如下命令:
kubectl get nodes
kubectl get pod --all-namespaces
至此,集群搭建成功,可以和kubernetes愉快玩耍了。
最后,建个nginx服务,测试集群有效性:
kubectl describe deployment nginx
kubectl create service nodeport nginx --tcp=80:80
kubectl get pods
kubectl get svc
kubectl get svc获取对外开放的端口:
浏览器输入 http://<集群中任意一个虚拟机ip>:<该服务对外开放的端口>,出现如下页面,则集群搭建成功!
