文章目录
系统配置
- 2CPU 2G Centos7.4
- master结点要求2C2G
安装步骤
1. 系统配置
# 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
# 修改hostname
hostnamectl set-hostname 'k8s-master'
exec bash
# 关闭selinux
setenforce 0
sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
# 关闭swap分区
swapoff --all
# 修改 /etc/fstab 文件,注释掉 SWAP 的自动挂载
# 编写k8s配置
vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness=0
sysctl --system
# 配置kubernetes和docker的yum源
vim /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=0
enable=1
wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum clean all
yum makecache fast
2. 安装docker,kubernetes
kubernetes v1.11.1,最高支持docker17
# --setopt=obsoletes=0 是为了安装非最新版本的docker
yum install --setopt=obsoletes=0 install docker-ce-selinux-17.03.0.ce-1.el7.centos.noarch
yum install docker-ce-17.03.0.ce-1.el7.centos
systemctl enable docker
systemctl start docker
# 安装kubeadm 1.11.1
yum install kubelet-1.11.1 kubeadm-1.11.1 kubectl-1.11.1 kubernetes-cni
# 启动kubelet
systemctl enable kubelet
systemctl start kubelet
# 由于 k8s.gcr.io 访问不了原因,国人在 github 上同步一份镜像,可以通过如下 shell 脚本拉取(不同的 kubernetes 版本对应镜像组件版本也不相同)
vim pullimages.sh
#!/bin/bash
images=(kube-proxy-amd64:v1.11.1 kube-scheduler-amd64:v1.11.1 kube-controller-manager-amd64:v1.11.1
kube-apiserver-amd64:v1.11.1 etcd-amd64:3.2.18 coredns:1.1.3 pause:3.1 )
for imageName in ${images[@]} ; do
docker pull anjia0532/google-containers.$imageName
docker tag anjia0532/google-containers.$imageName k8s.gcr.io/$imageName
docker rmi anjia0532/google-containers.$imageName
done
sh pullimages.sh
# 编写kubeadm.yaml
vim kubeadm.yaml
apiVersion: kubeadm.k8s.io/v1alpha1
kind: MasterConfiguration
controllerManagerExtraArgs:
horizontal-pod-autoscaler-use-rest-clients: "true"
horizontal-pod-autoscaler-sync-period: "10s"
node-monitor-grace-period: "10s"
apiServerExtraArgs:
runtime-config: "api/all=true"
kubernetesVersion: "v1.11.1"
3. 初始化master结点
建议此时做个镜像,然后执行kubeadm
kubeadm init --config kubeadm.yaml
成功,显示如下信息:
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown (id -g) $HOME/.kube/configYou should now deploy a pod network to the cluster.
Run “kubectl apply -f [podnetwork].yaml” with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/You can now join any number of machines by running the following on each node
as root:kubeadm join 192.168.220.101:6443 --token itipjl.kk50mbu42wcltjdf --discovery-token-ca-cert-hash sha256:9efa6cac89d03e07bde91109eea6273dfa62612e5603b49bd9f5411361b3c668
扫描二维码关注公众号,回复: 9412728 查看本文章
查看节点状态,为NotReady
kubectl get nodes -n kube1
NAME STATUS ROLES AGE VERSION
kube1 NotReady master 21m v1.11.1
查看kube-system pod的信息,DNS服务为Pending
kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-78fcdf6894-8fzjw 0/1 Pending 0 23m
coredns-78fcdf6894-tdghb 0/1 Pending 0 23m
etcd-kube1 1/1 Running 0 22m
kube-apiserver-kube1 1/1 Running 0 22m
kube-controller-manager-kube1 1/1 Running 0 21m
kube-proxy-lpfmd 1/1 Running 0 23m
kube-scheduler-kube1 1/1 Running 0 22m
查看结点的状态描述,网络查件未具备
kubectl describe node kube1
network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized
4. 部署网络插件Weave
kubectl apply -f https://git.io/weave-kube-1.6
serviceaccount/weave-net created
clusterrole.rbac.authorization.k8s.io/weave-net created
clusterrolebinding.rbac.authorization.k8s.io/weave-net created
role.rbac.authorization.k8s.io/weave-net created
rolebinding.rbac.authorization.k8s.io/weave-net created
daemonset.extensions/weave-net created
然后马上查看kebe-syetem pod的信息 weave的状态是ErrImagePull,但是查看node已经Ready了,稍等一会就全部ready了,kube-system pod下出现weave-net-c9xmr容器,后面几位应该是随机的。
删除master结点的taint
$ kubectl taint nodes --all node-role.kubernetes.io/master-
node/kube1 untainted
5. 部署dashboard
下载dashboard的镜像
docker pull anjia0532/google-containers.kubernetes-dashboard-amd64:v1.10.0
docker tag anjia0532/google-containers.kubernetes-dashboard-amd64:v1.10.0 k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0
docker rmi anjia0532/google-containers.kubernetes-dashboard-amd64:v1.10.0
执行dashboard的yaml
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.0/src/deploy/recommended/kubernetes-dashboard.yaml
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
dashboard起来了
kubectl get pods -n kube-system
kubernetes-dashboard-767dc7d4d-vq9xq 1/1 Running 0 1m
开启代理
kubectl proxy --address='0.0.0.0' --accept-hosts='^*$' --disable-filter=true
获取token
kubectl -n kube-system describe $(kubectl -n kube-system get secret -n kube-system -o name | grep namespace) | grep token
使用firefox访问https://kube1:30001,输入token就可以看到dashboard了。
6. 部署存储插件
下载rook/ceph镜像
docker pull rook/ceph:master
docker pull ceph/ceph:v13
部署
kubectl apply -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/operator.yaml
kubectl apply -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/cluster.yaml
查看状态
[root@kube1 ~]# kubectl get pods -n rook-ceph-system
NAME READY STATUS RESTARTS AGE
rook-ceph-agent-gbggd 1/1 Running 0 18s
rook-ceph-operator-5bfbf654db-h67gz 1/1 Running 0 20s
rook-discover-hw57v 1/1 Running 0 18s[root@kube1 ~]# kubectl get pods -n rook-ceph
NAME READY STATUS RESTARTS AGE
rook-ceph-mon-a-69866f95d9-c2wkc 1/1 Running 0 15s
rook-ceph-mon-b-84b8db98d5-zh7mz 1/1 Running 0 9s
参考:
