1. Preparing the Environment
# Unified hosts
CAT / etc / hosts
10.0.0.10 K8S-Master
10.0.0.20 K8S-node1
10.0.0.30 K8S-node2
# synchronization time
ntpdate ntp1.aliyun.com
# disable SELINUX, close firewalld and iptables.service, k8s will set up their own iptables network policy
systemctl STOP iptables.service
systemctl disable iptables.service
systemctl STOP firewalld.service
systemctl disable firewalld.service
# close the swap, modify / etc / fstab file, comment out the SWAP automatically mount, using the free -m confirm the swap has been closed
-a swapoff
# swappiness adjustment parameter
# create /etc/sysctl.d/k8s.conf file, add the following
net.bridge.bridge-of NF-Call-ip6tables = 1
net.bridge.bridge of NF-Call-iptables-1 =
= 1 net.ipv4.ip_forward
vm.swappiness = 0
# take effect
modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf
# 开启ipvs
yum -y install ipvsadm
vim /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
ipvs_mods_dir="/usr/lib/modules/$(uname -r)/kernel/net/netfilter/ipvs"
for i in $(ls $ipvs_mods_dir | grep -o "^[^.]*");do
/sbin/modinfo -F filename $i &> /dev/null
if [ $? -eq 0 ];then
/sbin/modprobe $i
fi
done
chmod +x /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep ip_vs
2. Install
# 安装 Docker
yum install -y yum-utils device-mapper-persistent-data lvm2
curl -o /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install docker-ce-18.06.1.ce-3.el7 -y
# FQ代理不管用了,注释掉
vim /usr/lib/systemd/system/docker.service
#Environment="HTTPS_PROXY=http://www.ik8s.io:10080"
Environment="NO_PROXY=127.0.0.1/8,127.0.0.1/16"
systemctl daemon-reload
systemctl start docker
systemctl enable docker
cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
= 1 repo_gpgcheck
gpgkey = HTTPS: //mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
# document distribution node to two
SSH-keygen -t DSA
SSH-Copy-ID -i ~ / .ssh / id_dsa.pub 10.0.0.20
SSH-Copy-ID -i ~ / .ssh / id_dsa.pub 10.0.0.30
for I 20 is 30 in; 10.0.0 do SCP /etc/yum.repos.d/{docker-ce.repo,kubernetes.repo} $ I:. /etc/yum.repos.d/; DONE
# If following this command will download the latest version, here we use 1.13
# yum install -y kubelet kubeadm kubectl
yum -y install kubelet-1.13.0 1.13.0 Kubernetes-kubeadm-CNI-0.6.0 kubectl-1.13.0
# set to boot from the start, before you start the service. and other initialization completed the restart
systemctl enable kubelet
# mirrored first downloaded to the local
CAT pull-images.sh
#! / bin / bash
images=(kube-apiserver:v1.13.0 kube-controller-manager:v1.13.0 kube-scheduler:v1.13.0 kube-proxy:v1.13.0 pause:3.1 etcd:3.2.24 coredns:1.2.6)
for ima in ${images[@]}
do
docker pull registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima
docker tag registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima k8s.gcr.io/$ima
docker rmi -f registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima
done
chmod +x pull-images.sh && ./pull-images.sh
# 集群初始化
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
kubeadm init --kubernetes-version=v1.13.0 --pod-network-cidr=10.244.0.0/16 \
--service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
...
join 10.0.0.10:6443 --token 05blrg.37hx6cwa85giuj5c --discovery kubeadm-token-CA-CERT-hash \
sha256: 0a1635e9f31e78317524545faa3dd5957665f8b871b168a605ef523dacbea7bb
kubeadm # initialization output join 10.0.0.10:6443 words, keep it, to be used later this command node joins the cluster, and the command can not be reproduced
mkdir -p $ the HOME / .kube
cp -i $ /etc/kubernetes/admin.conf the HOME / .kube / config
# installation flannel network components (executed on the Master)
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
Cluster initialization k8s
3. Review the information
# View status information kubectl GET cs # to view node information, the state is NotReady, because leaving a shortfall of flannel components, without this component can not set up a network kubectl GET Nodes # to view the current status of all pod kube-system name space on the master node in the running kubectl Kube-System PODS -n GET # pod must ensure that all are running the state, which if not, you can see why a similar following command kubectl dscrible PODS coredns-86c58d9df4-qz9xc -n Kube-System # to view the current node namespace kubectl get ns # View pod detailed status kubectl GET PODS -n -o Kube System-Wide kubectl GET PODS --all Namespaces -o-Wide
4.node on execution
Nodes may not be mounted on kubectl #
yum the install kubelet -Y-1.13.0 1.13.0 Kubernetes kubeadm-CNI-0.6.0-
systemctl enable kubelet
CAT pull-images.sh
# / bin / the bash!
Images = (PAUSE: 3.1 Kube -proxy: v1.13.0)
for IMA Images in $ {[@]}
do
Docker pull registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima
Docker Tag registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima k8s.gcr.io/$ima
Docker RMI -f registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima
DONE
the chmod + X pull-images.sh && ./pull-images.sh
Docker pull quay.io/coreos /flannel:v0.11.0-amd64
# implementation of the Join kubeadm
vim / etc / sysconfig / kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
kubeadm join 10.0.0.10:6443 --token 05blrg.37hx6cwa85giuj5c --discovery-token-ca-cert-hash \
sha256:0a1635e9f31e78317524545faa3dd5957665f8b871b168a605ef523dacbea7bb \
--ignore-preflight-errors=Swap
You can also download mirror registry.cn-hangzhou.aliyuncs.com/google_containers from here
Mirroring requires a three node Node
Two nodes join master
Reference blog: https://www.jianshu.com/p/427162394424
Reference blog: http://blog.itpub.net/28916011/viewspace-2213536/