kubernetes installation manual

1. Introduction

Kubernetes is an open source system for automating the deployment, scaling and management of containerized applications.

Learn the basics of kubernetes technology:

Must know Docker, write Dockerfile and use Linux daily. If you are not familiar with these two skills, you can learn these two skills first.

2. Installation

a. Configure the kubernetes yum source:

vim /etc/yum.repos.d/kubernetes.repo 

[governor]
name = Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

b. Configure the docker-engine source:

vim /etc/yum.repos.d/mritd.repo

[mritdrepo]
name=Mritd Repository
baseurl=https://yum.mritd.me/centos/7/x86_64
enabled=1
gpgcheck=0
gpgkey=https://cdn.mritd.me/keys/rpm.public.key

 

c. Install Docker

 

yum install -y docker-engine

d. Start Docker

 

 

systemctl enable docker
systemctl start docker

 e. View docker info

 

 

docker info

 Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
 Library Version: 1.02.107-RHEL7 (2016-06-09)
Logging Driver: journald
#Pay special attention to this line, if it is cgroupfs, it is normal, if not, restart the computer
Cgroup Driver: cgroupfs

 f. Install kubernetes

 

 

yum install -y beadm kubectl kubelet kubernetes-cni

g. Close selinx

 

 

setenforce 0

 permanently closed

 

 

vi /etc/selinux/config

 

 

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#     enforcing - SELinux security policy is enforced.

#     permissive - SELinux prints warnings instead of enforcing.

#     disabled - No SELinux policy is loaded.

SELINUX=disabled

# SELINUXTYPE= can take one of three two values:

#     targeted - Targeted processes are protected,

#     minimum - Modification of targeted policy. Only selected processes are protected.

#     mls - Multi Level Security protection.

SELINUXTYPE=targeted

h. Turn off the firewall

 

systemctl disable firewalld
systemctl stop firewalld

i. Modify the .bathrc file in the root directory

 

# .bashrc

# User specific aliases and functions

 

alias rm = 'rm -i'

alias cp='cp -i'

alias mv='mv -i'

 

# Source global definitions

if [ -f /etc/bashrc ]; then

. /etc/bashrc

be

export KUBECONFIG=/etc/kubernetes/admin.conf

 

j. Add two boot commands
vi /etc/rc.d/rc.local

touch /var/lock/subsys/local

echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables

echo 1 > /proc/sys/net/bridge/bridge-nf-call-ip6tables

 

settings file boot

 chmod +x /etc/rc.d/rc.local

 

k. Restart the computer

 

reboot

3. Initialize kubernater

 

a. Modify the startup parameters:

vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

[Service]

Environment="KUBELET_KUBECONFIG_ARGS=--kubeconfig=/etc/kubernetes/kubelet.conf --require-kubeconfig=true"

Environment="KUBELET_SYSTEM_PODS_ARGS=--pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true"

Environment="KUBELET_NETWORK_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin"

Environment="KUBELET_DNS_ARGS=--cluster-dns=10.96.0.10 --cluster-domain=cluster.local"

Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.crt"

Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs"

# 1.9 后加下面这行

Environment="KUBELET_EXTRA_ARGS=--v=2 --fail-swap-on=false --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0"

 

ExecStart=

ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_CADVISOR_ARGS $KUBELET_CGROUP_ARGS $KUBELET_EXTRA_ARGS

 

b、初始化kubernetes

  1.9 以上需要关闭swap，使用命令  swapoff -a

/**k8s 下载国内镜像*/

export KUBE_REPO_PREFIX=registry.cn-hangzhou.aliyuncs.com/google-containers
 export KUBE_HYPERKUBE_IMAGE=registry.cn-hangzhou.aliyuncs.com/google-containers/hyperkube-amd64
 export  KUBE_DISCOVERY_IMAGE=registry.cn-hangzhou.aliyuncs.com/google-containers/kube-discovery-amd64
export KUBE_ETCD_IMAGE=registry.cn-hangzhou.aliyuncs.com/google-containers/etcd-amd64

 

 

kubeadm init --kubernetes-version = v1.7.5

 c. Start kubernetes

 

systemctl start kubelet
systemctl enable kubelet

 

d. Make the Master node also a worker node

kubectl taint nodes --all node-role.kubernetes.io/master-

e. Install the kubernets network

kubectl apply -f https://git.io/weave-kube-1.6

f. Then wait for the initialization of step b to complete, you can use the command to view the kuberlet status

kubectl get pods --all-namespaces
kubectl get nodes
kubectl get all

 

 Four, helloword program

Prepare the file hello.yaml

```apiVersion: v1

kind: Pod

metadata:

  name: nginx

  labels:

     app: nginx    

spec:

     containers:

        - name: nginx

          image: nginx

          imagePullPolicy: IfNotPresent

          ports:

          - containerPort: 80

     restartPolicy: Always

---

apiVersion: v1

kind: Service

metadata:

  name: nginx-service

spec:

  type: NodePort

  sessionAffinity: ClientIP

  selector:

    app: nginx

  ports:

    - port: 80

      nodePort: 30080

```

启动helloword.yaml

kubelet create -f hello.yaml

 

启动完成后，可访问http://linuxip:30080/  访问

kubernetes 常用命令：

kubectl get pods --all-namespaces
kubectl get nodes
kubectl get all
kubectl get pod

kubectl create -f hello.yaml