【Kubernetes】在CentOS7上通过kubeadm工具快速安装Kubernetes集群（二）

此文作为学习《Kubernetes权威指南》的相关笔记，可以参考，不适合直接使用

参考文章：

https://www.jianshu.com/p/cd4d1fde08bc

https://blog.51cto.com/536410/2347614

https://blog.51cto.com/lullaby/2402255

https://blog.csdn.net/wchbest/article/details/88873965

在（一）中部署了一个Master结点，继续部署一个Node结点组成一个简单的Cluster

8、新启动一个虚拟机，以相同的方式安装kubelet、kubeadm

跟Master节点相比，不需要kubectl

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
> [kubernetes]
> name=Kubernetes
> baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
> enabled=1
> gpgcheck=1
> repo_gpgcheck=1
> gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
> EOF

#  yum install -y kubelet kubeadm

 安装成功：

Dependency Installed:
  conntrack-tools.x86_64 0:1.4.4-5.el7_7.2                                      
  cri-tools.x86_64 0:1.13.0-0                                                   
  kubectl.x86_64 0:1.16.3-0                                                     
  kubernetes-cni.x86_64 0:0.7.5-0                                               
  libnetfilter_cthelper.x86_64 0:1.0.0-10.el7_7.1                               
  libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7_7.1                               
  libnetfilter_queue.x86_64 0:1.0.2-2.el7_2                                     
  socat.x86_64 0:1.7.3.2-2.el7                                                  

Complete!

启动并设置自动启动:docker、kubelet

# systemctl enable docker && systemctl start docker

# systemctl enable kubelet && systemctl start kubelet

9、配置Node启动配置文件

# vim join-config.yaml

apiVersion: kubeadm.k8s.io/v1beta1
kind: JoinConfiguration
discovery:
 bootstrapToken:
  apiServerEndpoint: 192.168.79.132:6443
  token: mc8ng5.pi0094m1p8c90r9z
  unsafeSkipCAVerification: true
 tlsBootstrapToken: mc8ng5.pi0094m1p8c90r9z

其中  apiServerEndpoint、token、tlsBootstrapToken均为Master配置完成后给出的信息

10、启动Node结点，加入Master结点

# kubeadm join --config=join-config.yaml

[kubelet-start] Activating the kubelet service
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

11、为主结点安装CNI网络插件，按书上的推荐安装weave:

kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

另附flannel安装方式：

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

12、查看结点状态：

# kubectl get nodes

NAME              STATUS   ROLES    AGE     VERSION

miwifi-r4cm-srv   Ready    master   8h      v1.16.3

xu.node1          Ready    <none>   7h56m   v1.16.3

查看pod部署情况：

# kubectl get pods --all-namespaces
NAMESPACE     NAME                                      READY   STATUS    RESTARTS   AGE
kube-system   coredns-5644d7b6d9-49v79                  1/1     Running   1          8h
kube-system   coredns-5644d7b6d9-w7fd5                  1/1     Running   1          8h
kube-system   etcd-miwifi-r4cm-srv                      1/1     Running   1          8h
kube-system   kube-apiserver-miwifi-r4cm-srv            1/1     Running   4          8h
kube-system   kube-controller-manager-miwifi-r4cm-srv   1/1     Running   4          8h
kube-system   kube-proxy-gk5bw                          1/1     Running   2          8h
kube-system   kube-proxy-lpbbl                          1/1     Running   1          7h56m
kube-system   kube-scheduler-miwifi-r4cm-srv            1/1     Running   4          8h
kube-system   weave-net-c8hs6                           2/2     Running   5          8h
kube-system   weave-net-xwm7d                           2/2     Running   17         7h56m

>>坑 ：从节点Node根据需求自动下载镜像并部署，需要一定的时间。

在本次部署过程中，存在Node结点中有pod处在运行失败的状态，主要是：

kube-proxy-lpbbl、weave-net-xwm7d

使用kubectl查看pod具体信息：

kubectl --namespace=kube-system describe pod kube-proxy-lpbbl

Events:
  Type     Reason                  Age                    From               Message
  ----     ------                  ----                   ----               -------
  Warning  FailedCreatePodSandBox  46m (x504 over 7h31m)  kubelet, xu.node1  Failed create pod sandbox: rpc error: code = Unknown desc = failed pulling image "k8s.gcr.io/pause:3.1": Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
  Warning  Failed                  41m (x3 over 44m)      kubelet, xu.node1  Error: ErrImagePull
  Normal   BackOff                 11m (x126 over 44m)    kubelet, xu.node1  Back-off pulling image "k8s.gcr.io/kube-proxy:v1.16.0"
  Warning  Failed                  84s (x168 over 44m)    kubelet, xu.node1  Error: ImagePullBackOff

从Events中可以明显看出，Node结点缺失镜像：pause:3.1、kube-proxy:v1.16.0

用docker pull命令拉去所需镜像并修改tag，repository设置为k8s.grc.io

另：安装pause后，出现：

kube-system   weave-net-xwm7d                           1/2     CrashLoopBackOff   10         7h28m

查看事件为：

  Warning  Unhealthy               89m (x13 over 94m)   kubelet, xu.node1  Readiness probe failed: Get http://127.0.0.1:6784/status: dial tcp 127.0.0.1:6784: connect: connection refused
  Normal   Pulled                  69m (x9 over 94m)    kubelet, xu.node1  Container image "docker.io/weaveworks/weave-kube:2.6.0" already present on machine
  Warning  BackOff                 34m (x241 over 94m)  kubelet, xu.node1  Back-off restarting failed container

 百度类似报错，用了不少不对问题的解决方法

实际上只要继续安装kube-proxy，重启Node结点的docker、kubelet，就不再出现这种情况。

部署完毕

继续学习

山高人为峰