1.etcdとkubernetesをインストールします
この手順では、デフォルトでdockerがインストールされます。したがって、Dockerを元のマシンにインストールしないことをお勧めします。そうしないと、競合が発生してインストールが失敗する可能性があります。
yum install -y etcd kubernetes
2.構成
(1)構成ファイルを変更します:/ etc / sysconfig / docker(後で使用されるウェアハウスはdaocloudeミラーアドレスであるため、操作する必要はありません:https://dashboard.daocloud.io/packages)
次の行を追加して、イントラネットウェアハウス:
ADD_REGISTRY='--add-registry reg.docker.lc'
(2)構成ファイルを変更します:/ etc / kubernetes / apiserver
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" #这里把127.0.0.1改成0.0.0.0
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,Security ContextDeny,ResourceQuota"
#这里把ServiceAccount去掉
3.Dockerのバージョンを確認します
上記のコマンドはdockerを追加しませんでしたが、自動的にインストールされました
docker version
4.サービスを開始します
スタートアップ項目にサービスを追加し、サービスを開始します。
for SERVICE in docker etcd kube-apiserver kube-controller-manager kube-scheduler kube-proxy kubelet; do
systemctl start $SERVICE
systemctl enable $SERVICE
# systemctl stop $SERVICE #关闭服务
done
5.関連する状況を確認します
ps -ef | grep kube
上記の結果が表示された場合、インストールは成功しています
6.kubernetes-ダッシュボードをインストールします
(1)kubernetes-dashboard.yamlファイルの構成
ソースファイルアドレス:https://github.com/kubernetes/dashboard/releases?after = v1.7.0
cat >kubernetes-dashboard.yaml<<-EOF
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: kubernetes-dashboard
template:
metadata:
labels:
app: kubernetes-dashboard
# Comment the following annotation if Dashboard must not be deployed on master
annotations:
scheduler.alpha.kubernetes.io/tolerations: |
[
{
"key": "dedicated",
"operator": "Equal",
"value": "master",
"effect": "NoSchedule"
}
]
spec:
containers:
- name: kubernetes-dashboard
image: reg.docker.lc/share/kubernetes-dashboard-amd64:v1.5.1 #默认的镜像是使用google的,这里改成内网
imagePullPolicy: Always
ports:
- containerPort: 9090
protocol: TCP
args:
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
- --apiserver-host=http://10.0.10.10:8080 #注意这里是api的地址
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
---
kind: Service
apiVersion: v1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:
- port: 80
targetPort: 9090
selector:
app: kubernetes-dashboard
EOF
(2)インストール
kubectl create -f kubernetes-dashboard.yaml
(3)表示
kubectl get pods --all-namespaces
7.使用する
(1)ネットワークポートの使用状況を確認します
netstat -nultup
(2)ブラウザアクセス
①API訪問
http:// ip:8080
②界面访问
http:// ip:8080 / api / v1 / namespaces / kube-system / services / http:kubernetes-dashboard:/ proxy /#/ workingload?namespace = default
8.問題解決
(1)コンテナ作成
FailedSynError syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)" 13m 11s 56 {
kubelet 127.0.0.1} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
①ポッドを見る
kubectl describe pod kubernetes-dashboard-3603079361-b2x00 --namespace=kube-system
②ポッドを削除する
kubectl get pod -n nameSpaceName
kubectl delete pod podName -n nameSpaceName
kubectl get deployment -n nameSpaceName
kubectl delete deployment deploymentName -n nameSpaceName
③証明書を追加
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem
(2)ImagePullBackOff
①問題の説明:
②ミラーを追加すると、
daocloudeミラーアドレスを正常にプルできます:https://dashboard.daocloud.io/packages
# Copyright 2015 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Configuration to deploy release version of the Dashboard UI.
#
# Example usage: kubectl create -f <this_file>
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: kubernetes-dashboard
template:
metadata:
labels:
app: kubernetes-dashboard
# Comment the following annotation if Dashboard must not be deployed on master
annotations:
scheduler.alpha.kubernetes.io/tolerations: |
[
{
"key": "dedicated",
"operator": "Equal",
"value": "master",
"effect": "NoSchedule"
}
]
spec:
containers:
- name: kubernetes-dashboard
image: daocloud.io/gfkchinanetquest/kubernetes-dashboard-amd64:v1.5.1
imagePullPolicy: Always
ports:
- containerPort: 9090
protocol: TCP
args:
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
# - --apiserver-host=http://my-address:port
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
---
kind: Service
apiVersion: v1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:
- port: 80
targetPort: 9090
selector:
app: kubernetes-dashboard
(3)CrashLoopBackOff
サービスを開始できず、継続的に再起動中ですが、正常に開始できません
ビュー・ログ
kubectl logs kubernetes-dashboard-3933968709-9f7qn -n kube-system
ネットワークポート使用の
理由分析:apiserverポートが正しく使用されていません。構成で「#--- apiserver-host」の部分がコメント化されている場合、システムはデフォルトで証明書なしの6443を使用するため、に接続できません。 apiserverサービス。コメントを削除し、次のように変更します。
- --apiserver-host=http://140.143.159.146:8080
140.143.159.146はクラウドサーバーのIPアドレス、8080は証明書付きのダッシュボードのhttpアクセスポート、6443はhttpsアクセスポートです。
最終的なyamlファイルを添付します
# Copyright 2015 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Configuration to deploy release version of the Dashboard UI.
#
# Example usage: kubectl create -f <this_file>
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: kubernetes-dashboard
template:
metadata:
labels:
app: kubernetes-dashboard
# Comment the following annotation if Dashboard must not be deployed on master
annotations:
scheduler.alpha.kubernetes.io/tolerations: |
[
{
"key": "dedicated",
"operator": "Equal",
"value": "master",
"effect": "NoSchedule"
}
]
spec:
containers:
- name: kubernetes-dashboard
image: daocloud.io/gfkchinanetquest/kubernetes-dashboard-amd64:v1.5.1
imagePullPolicy: Always
ports:
- containerPort: 9090
protocol: TCP
args:
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
- --apiserver-host=http://140.111.123.252:8080 #将140.111.123.252更改为你的ip地址
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
---
kind: Service
apiVersion: v1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:
- port: 80
targetPort: 9090
selector:
app: kubernetes-dashboard