kubernetes安装配置(centos7)
一.虚拟机安装详情
二.安装环境准备
1.系统配置说明
名称 Ip地址 系统名称 docker版本
master 192.168.18.116 CentOS-7.0-1406-x86_64-Minimal Docker 18.09.6
node01 192.168.18.118 CentOS-7.0-1406-x86_64-Minimal Docker 18.09.6
node02 192.168.18.119 CentOS-7.0-1406-x86_64-Minimal Docker 18.09.62.防火墙设置
查看防火墙状态: service iptables status
关闭防火墙: service iptables stop
systemctl disable firewalld
systemctl stop firewalld
提示:四个命令必须都执行,才能全面关闭防火墙
问题解决:
若服务器未安装iptables,则执行
yum install iptables-services
systemctl enable iptables
systemctl start iptables3.更新yum方法
yum update
yum update xfsprogs三.安装docker
1.安装依赖包
yum install -y yum-utils device-mapper-persistent-data lvm22.设置Docker源
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo3.安装Docker CE
(1).docker安装版本查看
yum list docker-ce --showduplicates | sort -r
(2).安装docker
yum install docker-ce-18.09.6 docker-ce-cli-18.09.6 containerd.io
(3).文件配置
vi /etc/docker/daemon.json
配置:
{
"registry-mirrors": ["https://czrunef9.mirror.aliyuncs.com"]
}
vi /etc/sysconfig/selinux
修改selinux=disabled
(4).启动docker
systemctl enable docker && systemctl start docker
(5).命令补全
a:安装bash-completion
yum -y install bash-completion
b:加载bash-completion
source /etc/profile.d/bash_completion.sh
(6).重启服务
systemctl daemon-reload
systemctl restart docker
(7).验证
docker version四.K8S安装准备工作(master和node公用)
1.修改主机名
[root@localhost ~]# hostnamectl set-hostname master
[root@localhost ~]# more /etc/hostname
master2.修改hosts文件
[root@localhost etc]# cat >>/etc/hosts <<EOF
> 192.168.18.116 master
> 192.168.18.118 node01
> 192.168.18.119 node02
> EOF3.查看hosts文件
[root@localhost etc]# more /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.18.116 master
192.168.18.118 node01
192.168.18.119 node024.未验证mac地址uuid(后续不知会不会有问题)
5.禁用swap
方式一(临时禁用): swapoff -a
方式二(永久禁用): 若需要重启后也生效,在禁用swap后还需修改配置文件/etc/fstab,注释swap
[root@master ~]# sed -i.bak '/swap/s/^/#/' /etc/fstab6.内核参数修改
(临时修改)
[root@localhost net]# sysctl net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-iptables = 1
[root@localhost net]# sysctl net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-ip6tables = 17.修改Cgroup Driver(为了消除告警)
vi /etc/docker/daemon.json
配置:
{
"registry-mirrors": ["https://czrunef9.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}8.重启服务
systemctl daemon-reload
systemctl restart docker9.设置 Kubernetes源
[root@master ~]# vi /etc/yum.repos.d/kubernetes.repo
内容如下:
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
解释说明:
[] 中括号中的是repository id,唯一,用来标识不同仓库
name 仓库名称,自定义
baseurl 仓库地址
enable 是否启用该仓库,默认为1表示启用
gpgcheck 是否验证从该仓库获得程序包的合法性,1为验证
repo_gpgcheck 是否验证元数据的合法性 元数据就是程序包列表,1为验证
gpgkey=URL 数字签名的公钥文件所在位置,如果gpgcheck值为1,此处就需要指定gpgkey文件的位置,如果gpgcheck值为0就不需要此项了10.更新缓存
[root@master ~]# yum clean all
[root@master ~]# yum -y makecache五.master节点安装
1.版本查看
[root@localhost ~]# yum list kubelet --showduplicates | sort -r2.安装kubelet、kubeadm和kubectl
[root@localhost ~]#yum install -y kubelet-1.14.2 kubeadm-1.14.2 kubectl-1.14.2
注:
kubelet 运行在集群所有节点上,用于启动Pod和容器等对象的工具
kubeadm 用于初始化集群,启动集群的命令工具
kubectl 用于和集群通信的命令行,通过kubectl可以部署和管理应用,查看各种资源,创建、删除和更新各种组件
1.14.2,该版本支持的docker版本为1.13.1, 17.03, 17.06, 17.09, 18.06, 18.093.启动kubelet并设置开机启动
[root@localhost ~]# systemctl enable kubelet
[root@localhost ~]# systemctl start kubelet4.kubelet命令补全
[root@localhost ~]# echo "source <(kubectl completion bash)" >> ~/.bash_profile
[root@localhost ~]# source .bash_profile 5.下载镜像优化,解决网络问题(未验证,太麻烦)
6.初始化master
(1).关闭防火墙
service iptables status
service iptables stop
(2).初始化kubeadm
[root@master ~]# kubeadm init --apiserver-advertise-address 192.168.18.116 --image-repository=registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --kubernetes-version=1.14.2
成功后,会提示:
kubeadm join 192.168.18.116:6443 --token t5a2b4.ih936wdxu7o5d4p0 \
--discovery-token-ca-cert-hash sha256:aceaf32ecef79251ed83bfc057e4fd87d7900545bf284a0ae90f6093bce5811b
失败时,执行 kubeadm reset 后,重新初始化kubeadm7.环境配置
(1).配置kubectl
[root@master ~]# echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
[root@master ~]# source .bash_profile
(2).查看master状态,一定要配置好(1),才可以查看nodes状态
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master NotReady <none> 6m38s v1.14.2六.node节点安装
安装docker环境 (同上述 【三.安装docker】)
设置k8s环境准备条件 (同上述 【四.K8S安装准备工作】)
安装kubelet、kubeadm和kubectl (同上述 【五.2.安装kubelet、kubeadm和kubectl】)七.加入集群
1.node加入集群解析
## 情况一:master中token未过期
(1).查看令牌
[root@master ~]# kubeadm token list(2).node加入集群
[root@master ~]# kubeadm join 192.168.18.116:6443 --token t5a2b4.ih936wdxu7o5d4p0 \
--discovery-token-ca-cert-hash sha256:aceaf32ecef79251ed83bfc057e4fd87d7900545bf284a0ae90f6093bce5811b
提示:信息来自于master初始化kubeadm时,若未使用此命令,join总是加入不成功的。
## 情况二:master的token过期
(1).master上执行
(1).查看令牌
[root@master ~]# kubeadm token list
(2).之前初始化时的令牌已过期时,生成令牌
[root@master ~]# kubeadm token create
令牌信息: kxc7q9.gwrl60rz8qmnidzh
(3).生成新的加密串
[root@master ~]# openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \
openssl dgst -sha256 -hex | sed 's/^.* //'
加密串信息: cfa7597b383bd98e6fe55438daffc536fa1c548baf0e0a045b998e5b39d694a0(2).node加入集群
使用 1.(1)的令牌信息 和 1.(3)的加密串信息
[root@node01 ~]# kubeadm join 192.168.18.116:6443 --token kxc7q9.gwrl60rz8qmnidzh --discovery-token-ca-cert-hash sha256:cfa7597b383bd98e6fe55438daffc536fa1c548baf0e0a045b998e5b39d694a0 2.查看node加入节点
如上所示,node加入master节点成功,NotReady说明网络不通,需要在node节点添加网络
(1).k8s中,master管理node集群,node集群处理相关pod事件;
(2).master和node交互使用node join,node与pod交互使用flannel网络。
3.node节点NotReady解决方案(看情况配置master和node)
(1).配置pod网络
[root@master ~]# curl https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml -o kube-flannel.yml
[root@master ~]# mkdir -p /etc/cni/net.d/
[root@master ~]# docker pull quay.io/coreos/flannel:v0.10.0-amd64
[root@master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml
(2).配置cni
sudo mkdir -p /etc/cni/net.d
sudo cat > /etc/cni/net.d/10-flannel.conflist <<EOF
{
"name": "cbr0",
"plugins": [
{
"type": "flannel",
"delegate": {
"hairpinMode": true,
"isDefaultGateway": true
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
(3).查看master状态
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 19h v1.14.2
node01 Ready <none> 38m v1.14.2
则表示执行成功2.master查看node情况
查看节点状况:kubectl get pod -n kube-system
查看kube-flannel-ds-7hm8x 节点情况:
kubectl describe pod kube-flannel-ds-7hm8x -n kube-system八.Dashboard安装(master节点安装)
Dashboard提供了可以实现集群管理、工作负载、服务发现和负载均衡、存储、字典配置、日志视图等功能.
1.配置yaml
(1).下载yaml
[root@master ~]# yum install wget
[root@master ~]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
(2).修改镜像地址
[root@master ~]# sed -i 's/k8s.gcr.io/registry.cn-hangzhou.aliyuncs.com\/kuberneters/g' kubernetes-dashboard.yaml
(3).外网访问
[root@master ~]# sed -i '/targetPort:/a\ \ \ \ \ \ nodePort: 30001\n\ \ type: NodePort' kubernetes-dashboard.yaml
(4).新增管理员帐号
cat >> kubernetes-dashboard.yaml << EOF
---
# ------------------- dashboard-admin ------------------- #
apiVersion: v1
kind: ServiceAccount
metadata:
name: dashboard-admin
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: dashboard-admin
subjects:
- kind: ServiceAccount
name: dashboard-admin
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
EOF 2.部署访问
(1).部署Dashboard
[root@master ~]# kubectl apply -f kubernetes-dashboard.yaml
(2).状态查看
[root@master ~]# kubectl get deployment kubernetes-dashboard -n kube-system
[root@master ~]# kubectl get pods -n kube-system -o wide
[root@master ~]# kubectl get services -n kube-system
(3).令牌查看
[root@master ~]# kubectl describe secrets -n kube-system dashboard-admin
(4).使用火狐浏览器访问(其他浏览器可能会出错)
https://masterNodeIp:30001文章标题:kubernetes安装配置(centos7)
发布时间:2020-04-30, 10:34:55
最后更新:2020-04-30, 10:34:56