目录
参考地址
详细:https://juejin.im/post/5cb7dde9f265da034d2a0dba
安装Kubernetes节点: https://www.cnblogs.com/xieyifeng/p/9383236.html
helm dashboard: https://mp.weixin.qq.com/s/S9OvZa7oW7qo_9m4OznVtA
k8s基础知识: https://www.jianshu.com/p/95c2bc74e2b2?utm_source=oschina-app
官网:https://yeasy.gitbooks.io/docker_practice/content/opensource/
安装docker
更换为阿里云的yum源(非必要)
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum makecache fast
卸载原来的docker
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
安装依赖
sudo yum update -y && sudo yum install -y yum-utils device-mapper-persistent-data lvm2
添加官方yum库
sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
安装docker
sudo yum install docker-ce docker-ce-cli containerd.io
查看docker版本
docker --version
也可以用脚本安装
(不推荐):
curl -fsSL "https://get.docker.com/" | sh
systemctl enable --now docker
开机启动
systemctl enable --now docker
修改docker cgroup驱动,与k8s一致,使用systemd
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
}
}
EOF
重启使配置生效
systemctl restart docker
安装 kubelet kubeadm kubectl
master、node节点都需要安装kubelet kubeadm kubectl。
安装kubernetes的时候,需要安装kubelet, kubeadm等包,但k8s官网给的yum源是packages.cloud.google.com,国内访问不了,此时我们可以使用阿里云的yum仓库镜像。
添加kubernets源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
环境准备
#关闭SElinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
#关闭防火墙
systemctl stop firewalld
systemctl disable --now firewalld
#设置iptables(略)
#安装kubelet kubeadm kubectl
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
#开机启动kubelet
systemctl enable --now kubelet
centos7用户还需要设置路由:
yum install -y bridge-utils.x86_64
modprobe br_netfilter # 加载br_netfilter模块,使用lsmod查看开启的模块
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
# 重新加载所有配置文件
sysctl --system
# k8s要求关闭swap (qxl)
swapoff -a && sysctl -w vm.swappiness=0 # 关闭swap
sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab # 取消开机挂载swap
准备工作
列出需要的镜像
[root@localhost home]# kubeadm config images list
W0809 11:32:51.518614 18214 version.go:98] could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable-1.txt": Get https://dl.k8s.io/release/stable-1.txt: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
W0809 11:32:51.519080 18214 version.go:99] falling back to the local client version: v1.15.2
k8s.gcr.io/kube-apiserver:v1.15.2
k8s.gcr.io/kube-controller-manager:v1.15.2
k8s.gcr.io/kube-scheduler:v1.15.2
k8s.gcr.io/kube-proxy:v1.15.2
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.10
k8s.gcr.io/coredns:1.3.1
说明:上段中提示连不上dl.k8s.io/:
我们fq访问一下:https://storage.googleapis.com/kubernetes-release/release/stable-1.txt发现也是:v1.15.2
### 从亚马逊获取镜像(国内可以访问,而且速度不慢)
docker pull gcr.azk8s.cn/google_containers/kube-apiserver:v1.15.2
docker pull gcr.azk8s.cn/google_containers/kube-controller-manager:v1.15.2
docker pull gcr.azk8s.cn/google_containers/kube-scheduler:v1.15.2
docker pull gcr.azk8s.cn/google_containers/kube-proxy:v1.15.2
docker pull gcr.azk8s.cn/google_containers/pause:3.1
docker pull gcr.azk8s.cn/google_containers/etcd:3.3.10
docker pull gcr.azk8s.cn/google_containers/coredns:1.3.1
# 将镜像打Tag成目标镜像
docker tag gcr.azk8s.cn/google_containers/kube-proxy:v1.15.2 k8s.gcr.io/kube-proxy:v1.15.2
docker tag gcr.azk8s.cn/google_containers/kube-controller-manager:v1.15.2 k8s.gcr.io/kube-controller-manager:v1.15.2
docker tag gcr.azk8s.cn/google_containers/kube-scheduler:v1.15.2 k8s.gcr.io/kube-scheduler:v1.15.2
docker tag gcr.azk8s.cn/google_containers/kube-apiserver:v1.15.2 k8s.gcr.io/kube-apiserver:v1.15.2
docker tag gcr.azk8s.cn/google_containers/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
docker tag gcr.azk8s.cn/google_containers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10
docker tag gcr.azk8s.cn/google_containers/pause:3.1 k8s.gcr.io/pause:3.1
# 删除下载的镜像
docker rmi gcr.azk8s.cn/google_containers/kube-apiserver:v1.15.2
docker rmi gcr.azk8s.cn/google_containers/kube-controller-manager:v1.15.2
docker rmi gcr.azk8s.cn/google_containers/kube-scheduler:v1.15.2
docker rmi gcr.azk8s.cn/google_containers/kube-proxy:v1.15.2
docker rmi gcr.azk8s.cn/google_containers/pause:3.1
docker rmi gcr.azk8s.cn/google_containers/etcd:3.3.10
docker rmi gcr.azk8s.cn/google_containers/coredns:1.3.1
初始化
[root@localhost home]# kubeadm init --apiserver-advertise-address 192.168.15.174 --pod-network-cidr 192.168.0.0/16 --kubernetes-version 1.15.2
。。。。。。
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.15.174:6443 --token a04776.b0jwrvh0b7se4w0p \
--discovery-token-ca-cert-hash sha256:1ccc89d634fb2957c186dd00899b5b9d6421492986457b168523957913910a9a
打印中的提示设置
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
应用flannel网络
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
查看
# 查看pod
kubectl get pods --all-namespaces
# 查看节点:
kubectl get nodes
问题和解决办法
kubelet启动的时提示masked
systemctl unmask kubelet.servicetoken忘了或者过期
解决办法如下:
https://blog.csdn.net/weixin_44208042/article/details/90676155