This article has participated in the "Newcomer Creation Ceremony" activity, and started the road of Nuggets creation together
kubernetes, or K8s for short, is an abbreviation that replaces the 8-character "ubernete" with 8. It is an open source, used to manage containerized applications on multiple hosts in the cloud platform. The goal of Kubernetes is to make the deployment of containerized applications simple and efficient (powerful). Kubernetes provides application deployment, planning, update, and maintenance. a mechanism.
1. Machine preparation
The node diagram is as follows:
Target
- kubernetes version: 1.23.0
- Service can be deployed
Need to prepare 3 hosts, I am using 3 virtual machines, the configuration is as follows:
IP | Role | configure |
---|---|---|
192.168.67.101 | k8s-master | 2 core CPU, 2G memory |
192.168.67.102 | k8s-node1 | 1G memory |
192.168.67.103 | k8s-node2 | 1G memory |
2. Environmental preparation
- Modify hostname
# 方案1:
hostnamectl set-hostname <hostname>
# 例如
hostnamectl set-hostname k8s-master
hostnamectl set-hostname k8s-node1
hostnamectl set-hostname k8s-node2
复制代码
All machines below can be operated in batches
- turn off firewall
# 临时关闭防火墙
systemctl stop firewalld
# 关闭开机自启动
systemctl disable firewalld
复制代码
- close selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 临时
复制代码
- close swap
swapoff -a # 临时
sed -ri 's/.*swap.*/#&/' /etc/fstab #这样永久关闭
复制代码
- add hosts
cat >> /etc/hosts << EOF
192.168.67.101 k8smaster
192.168.67.102 k8snode1
192.168.67.103 k8snode2
EOF
复制代码
- Chain to pass bridged IPv4 traffic to iptables:
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
复制代码
- Change to Alibaba Cloud Mirror Source
#备份原来的镜像源
cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
#下载
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
# 重新建立缓存
yum makecache
# 查看仓库
yum repolist
# 安装必备软件(可选)
yum -y install lrzsz
yum -y install vim
yum install -y wget
复制代码
- time synchronization
yum install ntpdate -y
ntpdate time.windows.com
# 上面是windows的服务器,下方是中国服务器
ntpdate cn.ntp.org.cn
复制代码
3. Install Docker/kubeadm/kubelet on all nodes
Kubernetes default CRI (container runtime) is Docker, so install Docker first.
Batch operation for all machines
- Install Docker
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O
/etc/yum.repos.d/docker-ce.repo
yum -y install docker-ce-18.06.1.ce-3.el7
复制代码
- Add Alibaba Cloud YUM software source, pay attention to the need to modify the cgroup of the docker container, kubelet recommends systemd
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://u4dk6b2s.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
systemctl daemon-reload && systemctl restart docker
systemctl enable docker
复制代码
- Add yum source for K8S
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
复制代码
- Install kubeadm, kubelet and kubectl
yum install -y kubelet-1.23.0 kubeadm-1.23.0 kubectl-1.23.0
# 设置开机自启动
systemctl enable kubelet
#查看版本
kubelet --version
复制代码
4. Deploy the Master node
Execute at 192.168.67.101 ( Master ), note --apiserver-advertise-address
that it needs to be the IP address of the master, the version number is 1.23.0
, and other fields are ignored
kubeadm init \
--apiserver-advertise-address=192.168.67.101 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.23.0 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16
复制代码
After the installation is complete, you are prompted to execute the following statement, and you can execute it
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
复制代码
After the installation is complete, there are also the following command outputs that need to be executed, which are executed on the k8s-node1 node and k8s-node2 node respectively
kubeadm join 192.168.67.101:6443 --token qb4uwe.imwr6pkqy19vnjs1 \
--discovery-token-ca-cert-hash sha256:caf1193372e07c2df962843cb8a87a62be7c3ee8cc2aa1fe5fbbc03bee8130c5
复制代码
If the time is too long, the key may expire, or the log has not been flushed, you can use the following command to get the key
kubeadm token create --print-join-command
复制代码
Get node on master
[root@k8smaster ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8smaster NotReady control-plane,master 34m v1.23.0
k8snode1 NotReady <none> 25s v1.23.0
k8snode2 NotReady <none> 13s v1.23.0
复制代码
Five, install the Pod network plug-in
Execute the following statement on the master node to download the network plug-in
# 不能访问github可以使用这个
kubectl apply -f https://rs.amoqi.cn/kube-flannel.yml
# github能访问使用这个
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
复制代码
You can use the following statement to monitor the mirror operation
kubectl get pods -w
复制代码
You can view the status of the node, it may take a while
[root@k8smaster ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8smaster Ready control-plane,master 55m v1.23.0
k8snode1 Ready <none> 21m v1.23.0
k8snode2 Ready <none> 21m v1.23.0
复制代码
6. Service Test
Create a pod in the Kubernetes cluster and verify that it is running:
# 创建nginx容器
kubectl create deployment nginx --image=nginx
# 暴露nginx端口
kubectl expose deployment nginx --port=80 --type=NodePort
# 查看pod以及服务
[root@k8smaster ~]# kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/nginx-85b98978db-lq8tn 1/1 Running 0 66s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 68m
service/nginx NodePort 10.111.144.73 <none> 80:32076/TCP 5s
复制代码