cat <
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.254.12.209 master
10.254.12.161 node
EOF
$ systemctl stop firewalld
$ systemctl disable firewalld
关闭Selinux
$ setenforce 0
关闭Swap
$ swapoff –a
$ sed -i 's/.swap./#&/' /etc/fstab
配置sysctl内核参数
cat <
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf 生效文件
yum install -y wget $ rm -rf /etc/yum.repos.d/*
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo
yum clean all && yum makecache
配置国内Kubernetes源地址
vi /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
yum install chrony –y
systemctl enable chronyd.service && systemctl start chronyd.service && systemctl status chronyd.service
chronyc sources
配置最低 2CPU 2G内存yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 设置docker yum源
yum-config-manager 命令需要依赖 yum-utils
yum list docker-ce --showduplicates | sort -r 列出docker版本
yum install -y docker-ce-18.06.1.ce-3.el7 安装18.06.1版本
systemctl restart docker && systemctl enable docker && systemctl status docker
docker --version
主从节点都要安装:
yum install kubectl kubeadm kubelet -y 安装 部署集群用的命令、集群管理工具、集群中每台机器都要运行的组件,负责管理pod及容器的生命周期。
systemctl enable kubelet && systemctl start kubelet 暂时启动不了不用管
kubeadm config print init-defaults > kubeadm.conf kubeadm建一个配置文件
sed -i "s#imageRepository: .#imageRepository: registry.aliyuncs.com/google_containers#g" kubeadm.conf 镜像地址改成国内的
sed -i "s/kubernetesVersion: ./kubernetesVersion: v1.13.0/g" kubeadm.conf 指定要安装的版本
kubeadm config images pull --config kubeadm.conf 下载镜像
docker images 查已下载镜像列表
[root@master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.aliyuncs.com/google_containers/kube-proxy v1.13.0 8fa56d18961f 7 weeks ago 80.2MB
registry.aliyuncs.com/google_containers/kube-apiserver v1.13.0 f1ff9b7e3d6e 7 weeks ago 181MB
registry.aliyuncs.com/google_containers/kube-controller-manager v1.13.0 d82530ead066 7 weeks ago 146MB
registry.aliyuncs.com/google_containers/kube-scheduler v1.13.0 9508b7d8008d 7 weeks ago 79.6MB
registry.aliyuncs.com/google_containers/coredns 1.2.6 f59dcacceff4 2 months ago 40MB
registry.aliyuncs.com/google_containers/etcd 3.2.24 3cab8e1b9802 4 months ago 220MB
registry.aliyuncs.com/google_containers/pause 3.1 da86e6ba6ca1 13 months ago 742kB
docker tag 镜像换标签为有k8s.gcr.io标识的
镜像下载好后,我们还需要tag下载好的镜像,让下载好的镜像都是带有 k8s.gcr.io 标识的,目前我们从阿里下载的镜像 标识都是,如果不打tag变成k8s.gcr.io,那么后面用kubeadm安装会出现问题,因为kubeadm里面只认 google自身的模式。我们执行下面命令即可完成tag标识更换:
$ docker tag registry.aliyuncs.com/google_containers/kube-apiserver:v1.13.0 k8s.gcr.io/kube-apiserver:v1.13.0
$ docker tag registry.aliyuncs.com/google_containers/kube-controller-manager:v1.13.0 k8s.gcr.io/kube-controller-manager:v1.13.0
$ docker tag registry.aliyuncs.com/google_containers/kube-scheduler:v1.13.0 k8s.gcr.io/kube-scheduler:v1.13.0
$ docker tag registry.aliyuncs.com/google_containers/kube-proxy:v1.13.0 k8s.gcr.io/kube-proxy:v1.13.0
$ docker tag registry.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1
$ docker tag registry.aliyuncs.com/google_containers/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24
$ docker tag registry.aliyuncs.com/google_containers/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
docker rmi 清理下载的镜像
执行完上面tag镜像的命令,我们还需要把带有 registry.aliyuncs.com 标识的镜像删除,执行:
$ docker rmi registry.aliyuncs.com/google_containers/kube-apiserver:v1.13.0
$ docker rmi registry.aliyuncs.com/google_containers/kube-controller-manager:v1.13.0
$ docker rmi registry.aliyuncs.com/google_containers/kube-scheduler:v1.13.0
$ docker rmi registry.aliyuncs.com/google_containers/kube-proxy:v1.13.0
$ docker rmi registry.aliyuncs.com/google_containers/pause:3.1
$ docker rmi registry.aliyuncs.com/google_containers/etcd:3.2.24
$ docker rmi registry.aliyuncs.com/google_containers/coredns:1.2.6
查看下载的镜像列表
执行docker images命令
结果:
[root@master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
k8s.gcr.io/kube-proxy v1.13.0 8fa56d18961f 6 weeks ago 80.2 MB
k8s.gcr.io/kube-controller-manager v1.13.0 d82530ead066 6 weeks ago 146 MB
k8s.gcr.io/kube-scheduler v1.13.0 9508b7d8008d 6 weeks ago 79.6 MB
k8s.gcr.io/kube-apiserver v1.13.0 f1ff9b7e3d6e 6 weeks ago 181 MB
k8s.gcr.io/coredns 1.2.6 f59dcacceff4 2 months ago 40 MB
k8s.gcr.io/etcd 3.2.24 3cab8e1b9802 3 months ago 220 MB
k8s.gcr.io/pause 3.1 da86e6ba6ca1 13 months ago 742 kB
部署MASTERkubeadm init 初始化master节点
$ kubeadm init --kubernetes-version=1.13.0 --pod-network-cidr=10.254.12.0/24 --apiserver-advertise-address=10.254.12.209
kubeadm init --kubernetes-version=1.11.2 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.0.11
这里我们定义POD的网段为: 10.254.12.0/24,然后api server地址就是master本机IP地址。
同时最后会生成一句话
kubeadm join 10.254.12.209:6443 --token 8ezm0e.5icyugj2g9unfmh0 --discovery-token-ca-cert-hash sha256:5888a2b6001a9cde3f015a8fe11cad012a1c1ce980516fe605cb891cc16210ba
这个我们记录下,到时候添加node的时候要用到
验证测试
配置kubectl命令
$ mkdir -p /root/.kube
$ cp /etc/kubernetes/admin.conf /root/.kube/config
执行获取pods列表命令,查看相关状态
$ kubectl get pods --all-namespaces
[root@master kubernetes]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-86c58d9df4-92kgg 0/1 Pending 0 7m48s
kube-system coredns-86c58d9df4-q42h5 0/1 Pending 0 7m48s
kube-system etcd-master 1/1 Running 0 7m6s
kube-system kube-apiserver-master 1/1 Running 0 7m16s
kube-system kube-controller-manager-master 1/1 Running 0 7m13s
kube-system kube-proxy-w2sgw 1/1 Running 0 7m48s
kube-system kube-scheduler-master 1/1 Running 0 7m26s其中coredns pod处于Pending状态,这个先不管。
查看集群的健康状态
[root@master kubernetes]# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health": "true"}
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml
$systemctl restart kube-apiserver
$systemctl restart kube-controller-manager
$systemctl restart kube-scheduler
安装pod网络插件
这个我还没做到这,待更新
kubectl apply -f kubernetes-dashboard.yaml