significance
kubernetes (k8s) is a tool layout container, it is actually managing the full life cycle of the application of a tool, providing services from creating applications, application deployment, application, expansion volume reduction applications, application updates, are very convenient, but also failure to achieve self-healing, such as a server being down, service scheduling on the server automatically to run on another host, without the need for human intervention, is very powerful, very fast hardware. Niubi we have to learn, not only to learn we have to apply. Today we start with the study of an important part of 8s, from installation to use and then to master. Ado, today we use k8s, we must first build a good k8s cluster. Here begin the installation configuration.
planning
| IP addresses | CPU name | Roles | Software and hardware restrictions |
| 192.168.220.128 | master | deploy ,master1 ,lb1 ,etcd | (1) the CPU core at least one memory of at least 2G |
| 192.168.220.129 | node1 | node | |
| 192.168.220.130 | node2 | node |
#CPU at least 1 core, or will be error.
First, the necessary configuration and preparation (on all nodes perform)
1.1 modify the host name / configuration of hosts
vim /etc/hosts
在文件末尾添加上
192.168.220.128 master
192.168.220.129 node1
192.168.220.130 node2Click on set-hostname input nmtui set the host name and k8s-master, as FIG.
1.2 Close selinux firewalld swap
1.2.1 Close selinux:
[root@k8s-master ~]# vim /etc/sysconfig/selinux
vim /etc/selinux/config
SELINUX=enforcing 改为 SELINUX=disabledsetenforce 0
getenforce
//输入getenforce检验
[root@localhost ~]# getenforce
Permissive //临时关闭
重启后输入getenforce变为disable则代表永久关闭or:
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux && setenforce 0
getenforce 1.2.2, turn off the firewall:
systemctl stop firewalld
systemctl disable firewalld1.2.3, closed swap:
#查看swap分区 若swap为0则代表关闭
free -g
#临时关闭swap分区, 重启失效;
swapoff -a
#永久关闭swap分区
sed -ri 's/.*swap.*/#&/' /etc/fstabWhen the swap-total to 0 to close successfully.
1.2.4, and the installation archive weget:
yum install unzip lrzsz wget vim -y1.2.5, open ipv4 forwarding
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
sysctl -p#sysctl -p meaning of this statement is to allow the configuration to take effect
1.2.3, forwarding configuration parameters, or it may be wrong
cat <<EOF > /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness=0
EOFsysctl --systemSecond, the installation and docker-ce mirrored accelerator :( perform on all nodes)
A, Centos:
. 1, the tool mounting system relies docker
yum install -y yum-utils device- mapper-persistent-data lvm2
2, added Ali cloud source
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
3, mounting docker-ce
yum makecache fast
yum list docker-ce --showduplicates | sort -r
yum install docker-ce-18.06.1.ce-3.el7 -y
systemctl enable docker && systemctl start docker && systemctl status dockerCopy and paste the above can be directly executed
#以下为说明 请不要复制、如果不指定就会安装最新docker版本
yum list docker-ce --showduplicates | sort -r #查看远程仓库的docker版本
yum install docker-ce -y #安装最新docker版本
yum install docker-ce-18.06.1.ce-3.el7 -y #安装指定docker版本4, so that no docker iptables operation, the accelerator is arranged mirror aliyun docker. (Skippable, please copy line by line execution, not all copy and paste)
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'{
"registry-mirrors": ["https://26ujpd31.mirror.aliyuncs.com"],
"iptables":false
}
EOFsystemctl daemon-reload && systemctl restart docker && systemctl status dockerTwo, ubunbtu:
1.apt installation: https://blog.csdn.net/liqi_q/article/details/83030737
2. Offline installation: https://blog.csdn.net/javalee5156/article/details/83583489
Third, the installation kubeadm (on all nodes perform)
1, the configuration Ali cloud kubernetes domestic yum source :( Please copy line by line)
cat <<EOF > /etc/yum.repos.d/kubernetes.repo 1、配置阿里云的kubernetes国内yum源:
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
EOF 2, reconstruction yum cache
yum clean all
yum makecache fast3, 安装 kubeadm, omelets, kubectl
yum list kubelet --showduplicates # View available software version
# specified version to install:
yum -y install kubelet-1.12.1-0
yum -y install kubeadm-1.12.1-0
yum -y install kubectl-1.12.1-0
After the installation is complete, start kubelet #
systemctl enable kubelet && systemctl start kubelet && systemctl status kubelet 4, look at the mirror which deploy kubernetes v1.12.0 need, then download in advance:
kubeadm List --kubernetes-config ImagesRF Royalty Free Version = v1.12.1
# script implemented by (due k8s.gcr.io address is mirrored walls, so here by keveon address to download the desired image, and then re-tag back k8s.gcr.io):
after vim ./docker.sh copy the following save
#!/bin/bash
images=`kubeadm config images list --kubernetes-version=v1.12.1|awk -F '/' '{print $2}'`
for image in $images
do
docker pull keveon/$image
if [ $? -eq 0 ];then
docker tag keveon/$image k8s.gcr.io/$image
docker rmi keveon/$image
else
echo "ERROR: 下载镜像报错,$image"
fi
done # Give the script execute permissions:
chmod + the X-./docker.sh
# script started pulling Mirror:
SH ./docker.sh
Fourth, the initialization kubernetes (runs only on Master)
4.1 Initialization Mirror
Version = --kubernetes the init-kubeadm v1.12.1 --pod-Network-CIDR = 10.10.0.0 / 16
kubeadm --kubernetes the init-Version = v1.12.1 (Note: This is the version number of the previously installed K8S) - pod-network-cidr = 10.10.0.0 / 16 ( Note: fill in here where the gateway cluster, if the network is not being used, you can not modify)
# Note: you need to copy the last line of command down after initialization is complete save for later each node in the cluster.
Command formats such as: kubeadm join .......
4.2 Error Handling (can be omitted)
# If you encounter an error during initialization, such as:
[the FileContent ERROR - SYS-proc-NET-Bridge-Bridge-NF-Call-iptables]: / proc / SYS / NET / Bridge / Bridge-NF-Call-iptables Contents not to the SET 1 are
# approach:
echo "1"> / proc / SYS / NET / Bridge / Bridge-of NF-Call-iptables
[ERROR FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables does not exist
#处理办法:
modprobe br_netfilter
# Then re-initialized.
RESET kubeadm
kubeadm the init ....... (e.g.: kubeadm init --kubernetes-version = v1.12.1 --pod-network-cidr = 10.10.0.0 / 16)
4.3 configuration necessary
After completion of the initialization # required to complete the operation as a regular user prompted
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config 2, the configuration kubetl authentication information
#export KUBECONFIG = / etc / kubernetes / admin.conf ( one-time authentication, restart failure)
# If you want to persist, then directly execute the following command [Recommended]
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile4.4 Installation flanel network (please copy line by line execution)
mkdir -p /etc/cni/net.d/
cat <<EOF> /etc/cni/net.d/10-flannel.conf
{
“name”: “cbr0”,
“type”: “flannel”,
“delegate”: {
“isDefaultGateway”: true
}
}
EOF
mkdir /usr/share/oci-umount/oci-umount.d -p
mkdir /run/flannel/
cat <<EOF> /run/flannel/subnet.envFLANNEL_NETWORK=10.0.0.0/16
FLANNEL_SUBNET=10.0.53.1/24
FLANNEL_MTU=1450
FLANNEL_IPMASQ=true
EOF4.5 Finally, it should create a new file flannel.yml:
the process of creating flannel
sysctl net.bridge.bridge-of NF-Call-iptables = 1
# flannel.yml download file
wget https://raw.githubusercontent.com/coreos/flannel/master/ Documentation / Kube-flannel.yml
# docker mirror address modification
Sed 'S / quay.io \ /coreos/registry.cn-beijing.aliyuncs.com \ / imcto / G'
# mounted flannel
the sudo kubectl Apply -f Kube-flannel. yml
5, by default, master node does not participate in the work load, but if you want to install an all-in-one of k8s environment, you can execute the following command, let master node becomes a node node:
kubectl taint Nodes --all node- role.kubernetes.io/master-
# After the execution, run the following command to view node information:
kubectl GET Nodes
#'Ll see the following output:
NAME AGE the STATUS the ROLES VERSION
K8S-Ready Master Master 18 h v1.12.1
So far, our kubernetes_master node set up is completed on node node only need to enter kubeadm return value kubeadm join init when .... K8S to join a cluster, see the following joins the cluster:
(Ps: after kubeadm init and join Please wait a few minutes, content to wait kubectl get pods --all-namespaces all into RUNNING state, which might take your 1-10 minutes)
NAME STATUS ROLES AGE VERSION
master Ready master 21m v1.12.1
node1 Ready <none> 9m23s v1.12.1
This, construction work is completed! !
4.6 Error handling can be a little :()
If k8s create a container has been in a state ContainerCreating
Then copy the following two lines
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpmrpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem# rpm2cpio command is used to convert rpm packages for cpio file format
cpio command is mainly used to establish or restore utilities to back up the files, cpio command to copy files to the archive package, or copy files from the archive package.
Restoring a backup -i
-v detailed display process execution instruction
K8S of construction work was quite tedious if you frequently need to build, it can be packaged into a script, and improve efficiency. The next section, we will learn to set up the configuration k8s dashboard dashboard and learn some basic commands, interested friends can continue to enter more in this small series I wish you all a happy life. There are technical exchanges friend please add micro letter: laughing_jk.
~~ green around you like a friend
Kyrgyzstan handsome guy (Spring)
