1 Introduction
Kubeadm is a tool for rapid deployment of kubernetes clusters launched by the official community.
This tool can complete the deployment of a kubernetes cluster through two instructions:
1.1 Create a Master node
$ kubeadm init
1.2 Add a Node node to the current cluster
$ kubeadm join <Master节点的IP和端口 >
2. Installation requirements
- One or more machines, operating system CentOS7.x-86_x64
- Hardware configuration: 2GB or more RAM, 2 CPU or more CPU, hard disk 30GB or more
- Network communication between all machines in the cluster
- Can access the external network, need to pull the mirror
- Prohibit swap partition
3. Experimental arrangement
Roles | IP |
---|---|
k8s-master | 192.168.153.151 |
k8s-node1 | 192.168.153.152 |
k8s-node2 | 192.168.153.153 |
4. Configure the environment of three servers
4.1 Turn off the firewall:
systemctl stop firewalld
systemctl disable firewalld
4.2 Close selinux:
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
4.3 Close swap
swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab
4.4 Set the host name
hostnamectl set-hostname k8s-master
hostnamectl set-hostname k8s-node1
hostnamectl set-hostname k8s-node2
4.5 Add hosts to all hosts
cat >> /etc/hosts << EOF
192.168.153.151 k8s-master
192.168.153.152 k8s-node1
192.168.153.153 k8s-node2
EOF
4.6 Pass the bridged IPv4 traffic to the chain of iptables:
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
Effective order
sysctl --system
4.5 Restart the server for time synchronization
Restart server
reboot
Install command
yum install ntpdate -y
synchronised time
ntpdate ntp.aliyun.com
5. Install Docker/kubeadm/kubelet on all nodes
Kubernetes default CRI (container runtime) is Docker, so install Docker first.
5.1 Install docker
Get the Aliyun source of docker
Install wget command
yum -y install wget
Get the source of Alibaba Cloud
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
Install docker
yum -y install docker-ce-18.06.1.ce-3.el7
Start docker and set it to start at boot
systemctl enable docker && systemctl start docker
View docker version
docker --version
Configure mirror acceleration
cat > /etc/docker/daemon.json << EOF
{
"registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]
}
EOF
Restart the docker service
systemctl restart docker
5.2 Add Alibaba Cloud YUM Software Source
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
5.3 Install kubeadm, kubelet and kubectl
Due to frequent version updates, the version number is specified here for deployment:
yum install -y kubelet-1.17.0 kubeadm-1.17.0 kubectl-1.17.0
Set kubelet to self-start after booting, do not start first
systemctl enable kubelet
6. Deploy Kubernetes Master
Execute at 192.168.153.151 (Master)
kubeadm init \
--apiserver-advertise-address=192.168.153.151 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.17.0 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16
The following interface appears after successful initialization
Excuting an order:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
7. Install Pod Network Plug-in (CNI)
Execute on master
Install the plug-in of the official website
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
When the installation fails, you can download the kube-flannel.yml file I uploaded, and the mirror address has been modified.
Download link >> https://download.csdn.net/download/m0_46674735/14930704
Execute the command: kubectl apply -f kube-flannel.yaml
install it
[root@host-151 ~]# kubectl apply -f kube-flannel.yaml
podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds-amd64 created
daemonset.apps/kube-flannel-ds-arm64 created
daemonset.apps/kube-flannel-ds-arm created
daemonset.apps/kube-flannel-ds-ppc64le created
daemonset.apps/kube-flannel-ds-s390x created
View pods status has all been running
[root@host-151 ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-9d85f5447-gc8rh 1/1 Running 0 4m39s
coredns-9d85f5447-lr8d9 1/1 Running 0 4m39s
etcd-k8s-master 1/1 Running 0 4m53s
kube-apiserver-k8s-master 1/1 Running 0 4m53s
kube-controller-manager-k8s-master 1/1 Running 0 4m53s
kube-flannel-ds-amd64-sjrbq 1/1 Running 0 104s
kube-proxy-rf842 1/1 Running 0 4m39s
kube-scheduler-k8s-master 1/1 Running 0 4m53s
8. Join Kubernetes Node
8.1 Join the cluster
Execute on 192.168.153.152/153 The
command is generated after initializing the master, just copy it directly
kubeadm join 192.168.153.151:6443 --token 4ewer2.chl3n0wtfi36xc6c \
--discovery-token-ca-cert-hash sha256:78512851a2e78e14ea454f0a65e9853f9085ec8348a2e0f781347fa5c882f53a
8.2 Check that the node is successfully added
[root@host-151 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 5m9s v1.17.0
k8s-node1 Ready <none> 2m58s v1.17.0
k8s-node2 Ready <none> 2m54s v1.17.0
9. Deploy Dashboard
9.1 Execute commands on the master node
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml
When the execution fails, you can use the uploaded file to execute the following command:
download link >> https://download.csdn.net/download/m0_46674735/14930771
kubectl apply -f kubernetes-dashboard.yaml
By default, Dashboard can only be accessed inside the cluster. Modify Service to be of NodePort type and expose it to the outside. The document has been modified, just run it directly
9.2 Execute the following commands on the master node:
Create a service account and bind the default cluster-admin administrator cluster role:
kubectl create serviceaccount dashboard-admin -n kube-system
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
Token will be generated after the command is executed successfully
9.3 Access address: https://nodeip:30001
(Note: it is used https
)
Take the Firefox browser as an example:
click on the advanced option,
click on accept the risk and continue,
click on the token, paste the token generated above, and
successfully access the management page
10. Test the kubernetes cluster
Create a pod in the Kubernetes cluster and verify that it is running normally:
kubectl create deployment nginx --image=nginx
Check that the pod runs successfully
[root@host-151 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-86c57db685-vvmkp 1/1 Running 0 27s