The most comprehensive installation notes for Kubernetes

How to install K8S on centos&Ubuntu

1 The first step is to install docker

1. Update system source
   If the system has its own mirror address and the server is in a foreign country, the download speed will be very slow. You can open /etc/apt/sources.lis and replace it with a domestic mirror source.
   apt upgrade
2. Update software package Update
   the software components of the system to the latest stable version.
   apt update
3. Install Docker
   3.1 ubuntu installation process
   apt-get install docker.io
   3.2 If you need to configure to boot, execute the following command
   systemcd enable docker
   systemcd start docker

If it is centos, you can use:
yum install -y docker.ce
or
wget -P /etc/yum.repos.d/ https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce

If you want to configure Docker image acceleration, open the /etc/docker/daemon.json file, add or modify registry-mirrors, and add the address https://registry.docker-cn.com, or you can fill in image acceleration such as Alibaba Cloud and Tencent Cloud address.
Example
{ "registry-mirrors": [

    "https://kzflb.mirror.aliyuncs.com"

]

}

Restart Docker for the configuration to take effect
sudo systemctl daemon-reload
sudo systemctl restart docker

Of course, you can also choose to install the specified version (after all, the service in the production environment cannot be too radical)

Use the following command to view the version that can be installed

yum list docker-ce --showduplicates | sort -r

For example: install docker ce version 18.03.0
yum install -y docker-ce-18.03.0.ce-1.el7.centos

2 The second step is to install K8S (Kubernetes)

1. Execute the following command to install the https tool and k8s.
   apt-get update && apt-get install -y apt-transport-https curl
   apt-get install -y kubelet kubeadm kubectl --allow-unauthenticated
   execute the following command to test whether it is normal
   kubeadm init

If the following situation occurs during installation, it means that the k8s package cannot be found in the mirror source of the system.
No apt package “kubeadm”, but there is a snap with that name.
Try “snap install kubeadm”
No apt package “kubectl”, but there is a snap with that name.
Try “snap install kubectl”
No apt package “kubelet” , but there is a snap with that name.
Try “snap install kubelet”

2.1 ubuntu changes

You can open the /etc/apt/sources.list file and add a line of
deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main

Execute the command to install K8s again.
If the
following signatures couldn't be verified because the public key is not available

Then execute the following command to add the key for a period of time.
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add

In the above command, kubelet, kubeadm, and kubectl are installed. Kubelet is a k8s related service, kubectl is a k8s management client, and kubeadm is a deployment tool.
Centos change
cat >> /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
EOF

2.2 Initialization

If it is centos, turn off the firewall and selinux
systemctl disable firewalld
systemctl stop firewalld
setenforce 0

Execute the following command to initialize, it will automatically download the required Docker image from the network.
This command is used to deploy the master node (Master).
Execute kubeadm version to check the version, GitVersion: "v1.17.2" is the version number.

2.2.1 Execute the following command to initialize

First close swap and
enter the command: swapoff -a
kubernetes Close swap is mainly for performance considerations. Of course, if you don’t want to close swap, you need:

1. 编辑/etc/sysconfig/kubelet ,添加KUBELET_EXTRA_ARGS="–fail-swap-on=false"
   #cat /etc/sysconfig/kubelet
   KUBELET_EXTRA_ARGS="–fail-swap-on=false"

2. Initialization:
   #kubeadm init --kubernetes-version=Version-pod-network-cidr=pod network--service-cidr=Network address where the service is generated--ignore-preflight-errors=Swap
   is initialized by kubeadm

	kubeadm init --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=NumCPU

--Ignore-preflight-errors=NumCPU is used when there is only one CPU, such as a 1G1M student server.

Possible problems:

1. [preflight] Some fatal errors occurred:
   /proc/sys/net/bridge/bridge-nf-call-iptables contents are not set to 1
   #解决方案：
   echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables
   echo 1 > /proc/sys/net/bridge/bridge-nf-call-ip6tables

2.2.2 You may need to download the mirror (because of being walled)

But because you need to connect to Google, you may not be able to download content.
We can list the images that need to be pulled by using the kubeadm config images list command. Let's pull it manually through Docker. This process is more troublesome, and you need to manually modify the image name.
Pull method docker pull {mirror name}.
Google can't access it, but DockerHub has backed up the required image.
mirrorgooglecontainers This repository backs up the corresponding mirror. Unfortunately, images are not always the latest backup. The google_containers warehouse on Alibaba Cloud should be backed up and up-to-date.
For example, the following mirror is required:
k8s.gcr.io/kube-apiserver:v1.17.2
k8s.gcr.io/kube-controller-manager:v1.17.2
k8s.gcr.io/kube-scheduler:v1.17.2
k8s.gcr.io /kube-proxy:v1.17.2
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.5

Then pull the corresponding image, save the following code to code down.sh, and then chomd 777 ./down.sh to grant permissions.

The version of the downloaded image needs to be downloaded according to your needs. The kubernetes v1.17.2 used in this example is actually good for me to test the version above v1.17+.

#!/bin/bash
images=(
    kube-apiserver:v1.17.2
    kube-controller-manager:v1.17.2
    kube-scheduler:v1.17.2
    kube-proxy:v1.17.2
    pause:3.1
    etcd:3.4.3-0
    coredns:1.6.5
)
for imageName in ${images[@]} ; do
        docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName}
        docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName} k8s.gcr.io/${imageName}
        docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName}
done

Finally execute the initial initialization command.
If it doesn't work, you can try the installation tutorial in https://learnku.com/articles/29209.

2.2.3 Make the master node effective

Add the environment variable
export KUBECONFIG=/etc/kubernetes/admin.conf
or follow the prompts after the installation is successful:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/ config
sudo chown $(id-u):$(id -g) $HOME/.kube/config

3 The third step is to add a network plug-in

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

Run the yaml configuration file
kubectl apply -f prepared by others https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

You can also write yaml yourself in this step.
After execution,
odsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset appears .apps/kube-flannel-ds-amd64 created
daemonset.apps/kube-flannel-ds-arm64 created
daemonset.apps/kube-flannel-ds-arm created
daemonset.apps/kube-flannel-ds-ppc64le created
daemonset.apps /kube-flannel-ds-s390x created
Here, if you install flannel, the image may not be downloaded, you can download it manually:

Manually pull the docker image of flannel

docker pull easzlab/flannel:v0.11.0-amd64

Modify the image name

docker tag easzlab/flannel:v0.11.0-amd64 quay.io/coreos/flannel:v0.11.0-amd64

Delete the original mirror label

docker rmi easzlab/flannel:v0.11.0-amd64

Save and use configuration
kubeadm join

7. Check Node and
execute the following command to check Node
kubectl get nodes

Example result

root@instance-wxxixh4k:~# kubectl get nodes
NAME                STATUS   ROLES    AGE     VERSION
instance-wxxixh4k   Ready    master   9m23s   v1.17.2

It shows that it has succeeded, and can add and remove Node.

4 The fourth step is to install the panel (can be installed without pressing)

4.1 Download yaml configuration file

wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/alternative/kubernetes-dashboard.yaml

Use the cat kubernetes-dashboard.yaml command to view the contents of the yaml file and record the version number.
There are statements with the following content in the file, and the number after it is the version number.
image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1

Pull the kubernetes-dashboard mirror image (note the revision number afterwards).
docker pull registry.aliyuncs.com/google_containers/kubernetes-dashboard-amd64:v1.10.1
docker tag registry.aliyuncs.com/google_containers/kubernetes-dashboard-amd64:v1.10.1 k8s.gcr.io/kubernetes-dashboard-amd64: v1.10.1
docker rmi registry.aliyuncs.com/google_containers/kubernetes-dashboard-amd64:v1.10.1

安装 kubernetes-dashboard
kubectl create -f kubernetes-dashboard.yaml

View the installation result
kubectl get pod --namespace=kube-system

Configure the panel, add Admin account and permissions
Copy and paste the following content to the terminal, and press Enter.
cat <dashboard-admin.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
labels:
k8s-app: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:

• kind: ServiceAccount
  name: kubernetes-dashboard
  namespace: kube-system
  EOF

The above code will create a dashboard-admin.yaml file.
Execute installation
kubectl create -f dashboard-admin.yaml

View node port
kubectl get svc --namespace=kube-system

Find the node named kubernetes-dashboard and record the port.
View pod name
kubectl get pod --namespace=kube-system

One of them starts with kubernetes-dashboard, such as kubernetes-dashboard-6bf999dbcc-nc4hq, the record name.

4.2 Access panel (dashboard)

If the following methods are not available, please refer to
https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
Method 1: kubectl proxy
execute
kubectl proxy

Intranet, you can use the following address to access
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
Method 2: API Server
access method
https://{master -ip}:{apiserver-port}/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
This will not be repeated here, please refer to the network information for details.
Method 3: Direct exposure port (NodePort) is
not recommended.
Execute
kubectl -n kube-system edit service kubernetes-dashboard

Find type: ClusterIP and change it to type: NodePort.
In addition, the port can also be changed.
Tip: When
entering, first use the arrow keyboard to move to the appropriate position; to delete characters, use the Delete key;
then press the Esc key and press the i key to enter editing;
press the Esc key, press Shift + q, and you will be prompted to enter the content. Enter wq! to save and exit.
Execute kubectl -n kube-system get service kubernetes-dashboard to view the port mapping.
For example
80:31901/TCP

The access method is https://{ip}:31901
Method three
kubectl port-forward kubernetes-dashboard-6bf999dbcc-nc4hq 8080:80 --namespace=kube-system &

10. Add Node for testing
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=8090 --type=NodePort

You can access Nginx by accessing 8090 from the external network.