Host List:
ip | CPU name | node | cpu | RAM |
192.168.23.100 | k8smaster | master | 2 nuclear | 2G |
192.168.23.101 | k8snode01 | node | 2 nuclear | 2G |
192.168.23.102 | k8snode02 | node | 2 nuclear | 2G |
1, to configure the local source yum
yum source packet:
Link: https: //pan.baidu.com/s/1KAYWlw5Ky2ESUEZVsphQ0Q
Yum local source configuration, will be copied to the yum.repo /etc/yum.repos.d/ directory.
[root @ k8smaster yum.repos.d] # More yum.repo
[Soft]
name = Base
baseurl = HTTP: //192.168.23.100/yum
gpgcheck = 0
[root@k8smaster yum.repos.d]# scp yum.repo 192.168.23.102:/etc/yum.repos.d/
[email protected]'s password:
yum.repo 100% 63 0.1KB/s 00:00
[root@k8smaster yum.repos.d]# scp yum.repo 192.168.23.101:/etc/yum.repos.d/
[email protected]'s password:
yum.repo
2、修改/etc/hosts
[root@k8smaster yum.repos.d]# cat >> /etc/hosts << EOF
> 192.168.23.100 k8smaster
> 192.168.23.101 k8snode01
> 192.168.23.102 k8snode02
> EOF
[root@k8smaster yum.repos.d]#
3、安装依赖
yum install -y conntrack ntpdate ntp ipvsadm ipset iptables curl sysstat libseccomp wget vim net-tools git iproute lrzsz bash-completion tree bridge-utils unzip bind-utils gcc
4、关闭selinux
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
5, turn off the firewall, firewall settings to iptables and set the empty Rule
# close firewalld and canceled since the start
systemctl STOP firewalld && systemctl disable firewalld
# install iptables, start iptables, set the boot from Kai, empty iptables rules, save the current rules to the default rules
yum -y install iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save
6, close the swap partition
# turn off virtual memory swap partition [permanent] and turn off virtual memory.
swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
7, the kernel configuration parameters, for K8S
CAT> kubernetes.conf the EOF <<
# open bridge mode Important]
net.bridge.bridge-NF-Call-iptables. 1 =
# open bridge mode Important]
net.bridge.bridge = the ip6tables-Call--nf. 1
is named net.ipv4.ip_forward and =. 1
net.ipv4.tcp_tw_recycle = 0
# prohibit the use of swap space, the system only when it is allowed to use only OOM
vm.swappiness = 0
# does not check the adequacy of the physical memory
=. 1 vm.overcommit_memory
# open the OOM
vm.panic_on_oom = 0
fs.inotify.max_user_instances = 8192
fs.inotify.max_user_watches = 1048576
fs.file-max = 52,706,963
fs.nr_open = 52,706,963
# ipv6 [Close] important
net.ipv6.conf =. 1 .all.disable_ipv6
net.netfilter.nf_conntrack_max = 2.31072 million
the EOF
# Will be optimized kernel files are copied to /etc/sysctl.d/ folder, so files optimized boot time can be called
cp kubernetes.conf /etc/sysctl.d/kubernetes.conf
# Manual refresh, so the optimized file with immediate effect
sysctl -p /etc/sysctl.d/kubernetes.conf
8, adjust the system time zone
# Set the system area to China / Shanghai
timedatectl the SET-TimeZone Asia / on Shanghai
# The current UTC time into the hardware clock
timedatectl the SET-local-the RTC 0
# restart depends on the system time of service
systemctl restart rsyslog
systemctl restart crond
9, the system shut down unnecessary services
# shut down and disable the mail service
systemctl stop postfix && systemctl disable postfix
10, save the log provided
after Centos7, because the boot mode to the system.d, so there are two log system while at work, the default is rsyslogd, and systemd journald
use systemd journald better, so we change the default systemd journald, retaining only way to save a log.
1) Create a directory to save the log
mkdir / var / log /. TECHNOLOGY INFORMATION
2) Create the configuration file storage directory
mkdir /etc/systemd/journald.conf.d
3) Create the configuration file
cat> /etc/systemd/journald.conf .d / 99-prophet.conf << EOF
[Journal]
# persistently saved to disk
Storage persistent =
# compression history log
compress = yes
SyncIntervalSec = 5m
RateLimitInterval = 30s
RateLimitBurst = 1000
# maximum space 10G
SystemMaxUse = 10G
# single log the maximum file size 200M
SystemMaxFileSize = 200M
# log save time two weeks
MaxRetentionSec = 2week
# will not be forwarded to the syslog log
= NO ForwardToSyslog
the EOF
. 4). Systemd journald Restart configuration of
systemctl restart systemd-journald
11, to adjust the number of open files
echo "* Soft nofile 65536" >> /etc/security/limits.conf
echo "* Hard nofile 65536" >> /etc/security/limits.conf
12、升级Linux内核为4.44版本
[root@k8smaster yum.repos.d]# yum install kernel-lt.x86_64 -y (4.4.213-1.el7.elrepo)
[root@k8smaster yum.repos.d]# awk -F\' '$1=="menuentry " {print $2}' /etc/grub2.cfg
CentOS Linux (4.4.213-1.el7.elrepo.x86_64) 7 (Core)
CentOS Linux, with Linux 3.10.0-123.el7.x86_64
CentOS Linux, with Linux 0-rescue-b7478dd50b1d41a5836a6a670b5cd8c1
[root@k8smaster yum.repos.d]#grub2-set-default 'CentOS Linux (4.4.213-1.el7.elrepo.x86_64) 7 (Core)'
[root@k8snode01 ~]# uname -a
Linux k8snode01 4.4.213-1.el7.elrepo.x86_64 #1 SMP Wed Feb 5 10:44:50 EST 2020 x86_64 x86_64 x86_64 GNU/Linux
12, the pre-opened condition kube-proxy ipvs of
modprobe br_netfilter # netfilter loading module
CAT> /etc/sysconfig/modules/ipvs.modules the EOF <<
# / bin / the bash!
Modprobe - ip_vs
modprobe - ip_vs_rr
modprobe - ip_vs_wrr
modprobe - ip_vs_sh
modprobe - nf_conntrack
EOF
755 /etc/sysconfig/modules/ipvs.modules chmod
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep -e -e nf_conntrack_ipv4 ip_vs # using the lsmod command to see whether these files are directed.
13, mounting docker
dependent yum the install yum-utils Device-Mapper Data LVM2 -Y-persistent-
yum the install docker -Y-CE # mounting docker
Creating / etc / docker directory
[! -D / etc / docker] && mkdir / etc / docker
配置daemon
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
}
}
修改docker.service文件
/usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry 0.0.0.0/0 -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375 --containerd=/run/containerd/containerd.sock
# 重启docker服务
systemctl daemon-reload && systemctl restart docker && systemctl enable docker
14, image storage and installation initialization
docker run -d -p 5000: 5000 --restart = always --name private-docker-registry --privileged = true -v / data / registry: / var / lib / registry 192.168.23.100 : 5000 / registry: v1
flannel network mirror package
links: https: //pan.baidu.com/s/1-DYxDoU2X85aobaGFclKfA
extraction code: nson
k8s base image packet
link: https: //pan.baidu.com/s/17uV90VPXqoaezwccpTj2GQ
extraction code: 13t3
导入镜像
[root@k8smaster k8s_image]# more load_image.sh
#!/bin/bash
ls /home/zhaiky/k8s_image|grep -v load > /tmp/image-list.txt
cd /home/zhaiky/k8s_image
for i in $( cat /tmp/image-list.txt )
do
docker load -i $i
done
rm -rf /tmp/image-list.txt
上传镜像到私有仓库
docker push 192.168.23.100:5000/kube-apiserver:v1.15.1
docker push 192.168.23.100:5000/kube-proxy:v1.15.1
docker push 192.168.23.100:5000/kube-controller-manager:v1.15.1
docker push 192.168.23.100:5000/kube-scheduler:v1.15.1
docker push 192.168.23.100:5000/registry:v1
docker push 192.168.23.100:5000/coreos/flannel:v0.11.0-s390x
docker push 192.168.23.100:5000/coreos/flannel:v0.11.0-ppc64le
docker push 192.168.23.100:5000/coreos/flannel:v0.11.0-arm64
docker push 192.168.23.100:5000/coreos/flannel:v0.11.0-arm
docker push 192.168.23.100:5000/coreos/flannel:v0.11.0-amd64
docker push 192.168.23.100:5000/coredns:1.3.1
docker push 192.168.23.100:5000/etcd:3.3.10
docker push 192.168.23.100:5000/pause:3.1
15,安装kubeadm, omelets, kubectl
yum -y install kubeadm-1.15.1-omelet-kubectl 1.15.1 1.15.1
systemctl enable omelet omelet start && systemctl
16, kubectl enable auto-completion command
#-Completion install and configure the bash
yum the install the bash -Y-Completion
echo 'Source / usr / Share / the bash-Completion / bash_completion' >> / etc / Profile
Source / etc / Profile
echo "Source <(kubectl Completion the bash)" >> ~ / .bashrc
Source ~ / .bashrc
17, Master initialization
configuration package, and comprising kubeadm-config.yaml kube-flannel.yml are inside
link: https: //pan.baidu.com/s/1g0G7Ion0n6lERpluNjh_9A
extraction code: 6pxt
[root@k8smaster ~]# cp /home/zhaiky/kubeadm-config.yaml .
kubeadm init --config=kubeadm-config.yaml --upload-certs | tee kubeadm-init.log
Key Logging
Your Kubernetes control-plane has initialized successfully !
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.23.100:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:78c3f1e110ed1f954665ba55a689397c2dc4d35243dc4516dd00b0bac97172f6
18, plug mounting flannel network
[k8smaster the root @ ~] # CP /home/zhaiky/kube-flannel.yml.
[K8smaster the root @ ~] # kubectl Create -f Kube-flannel.yml
19、将k8s子节点加入到k8s主节点
kubeadm join 192.168.23.100:6443 --token abcdef.0123456789abcdef --discovery-token-ca-cert-hash sha256:78c3f1e110ed1f954665ba55a689397c2dc4d35243dc4516dd00b0bac97172f6
[root@k8smaster zhaiky]# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health":"true"}
[root@k8smaster ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
k8smaster Ready master 4m58s v1.15.1
k8snode01 NotReady <none> 21s v1.15.1
k8snode02 NotReady <none> 16s v1.15.1
[root@k8smaster ~]#
20、简单操作
使用k8s运行一个nginx实例
[root@k8smaster ~]# kubectl run nginx --image=192.168.23.100:5000/nginx:v1 --port=80 --replicas=1
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
deployment.apps/nginx created
[root@k8smaster ~]#
[root@k8smaster ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-5bbb49fb76-xzj6x 1/1 Running 0 59s 10.244.1.2 k8snode01 <none> <none>
[root@k8smaster ~]#
[root@k8smaster ~]# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 1/1 1 1 2m15s
[root@k8smaster ~]#
[root@k8smaster ~]# curl "http://10.244.1.2"
<title>Welcome to nginx!</title>
[root@k8smaster ~]# kubectl expose deployment nginx --port=80 --type=LoadBalancer
service/nginx exposed
[root@k8smaster ~]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 14h
nginx LoadBalancer 10.99.225.215 <pending> 80:32461/TCP 13s
[root@k8smaster ~]#
[root@k8smaster ~]# curl "http://192.168.23.101:32461"
<title>Welcome to nginx!</title>
[root@k8smaster ~]# curl "http://10.99.225.215"
<title>Welcome to nginx!</title>