Kubernetes——k8s1.17.0 kubeadm安装 single control-plane cluster with kubeadm
1.环境准备
1.1 节点规划
| 序号 | ip | 主机名 | 角色 |
|---|---|---|---|
| 1 | 192.168.0.71 | master.blueicex.com | etcd ansible |
| 2 | 192.168.0.72 | node1.blueicex.com | work |
| 3 | 192.168.0.73 | node2.blueicex.com | work |
| 4 | 192.168.0.77 | resouce.blueicex.com | dns服务器、ntpd服务器 、yum源 、docker registry |
1.2 安装环境
centos7.4最小安装
ssh互信
firewalld关闭
selinux disable
ntp时间同步
dns搭建完毕/hosts配置完成
yum源自备
2. 安装准备
2.1 配置ansible
[root@master ~]# vim /etc/ansible/hosts
[alls]
master.blueicex.com
node1.blueicex.com
node2.blueicex.com
[nodes]
node1.blueicex.com
node2.blueicex.com
[resource]
resource.blueicex.com
2.2 解决由于 iptables 被绕过而导致流量无法正确路由的问题
[root@master ~]# ansible alls -m shell -a "echo 'net.bridge.bridge-nf-call-ip6tables = 1' >> /etc/sysctl.d/k8s.conf"
[root@master ~]# ansible alls -m shell -a "echo net.bridge.bridge-nf-call-iptables = 1 >> /etc/sysctl.d/k8s.conf"
[root@master ~]# ansible alls -m shell -a 'sysctl --system'
2.3 docker 安装
[root@master ~]# ansible alls -m shell -a 'yum install docker-1.13.1 -y'
2.4 配置docker存储卷
[root@master ~]# find / -iname container-storage-setup
/usr/bin/container-storage-setup
/usr/share/container-storage-setup
/usr/share/container-storage-setup/container-storage-setup
[root@master ~]# /bin/cp /usr/share/container-storage-setup/container-storage-setup /etc/sysconfig/docker-storage-setup
[root@master ~]# lsblk | grep sdb
sdb 8:16 0 20G 0 disk
[root@master ~]# vim /etc/sysconfig/docker-storage-setup
DEVS=/dev/sdb
VG=dockervg
[root@master ~]# ansible alls -m copy -a 'src=/etc/sysconfig/docker-storage-setup dest=/etc/sysconfig/'
2.5 配置docker加速器
[root@resource ~]# vim /mnt/usb/config/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com","http://hub-mirror.c.163.com","https://docker.mirrors.ustc.edu.cn","https://2savhou3.mirror.aliyuncs.com"],
"insecure-registries":["resource.blueicex.com:5000"]
}
[root@master ~]# ansible alls -m get_url -a "url=http://resource.blueicex.com/config/docker/daemon.json dest=/etc/docker"
2.6 启动docker
[root@master ~]# ansible alls -m shell -a 'bash docker-storage-setup && systemctl start docker && systemctl enable docker '
[root@master ~]# docker info| grep system
WARNING: You're not using the default seccomp profile
Backing Filesystem: xfs
Cgroup Driver: systemd
3. kubeadm安装配置集群
3.1 安装kubeadm-1.17.0 kubelet-1.17.0 kubectl-1.17.0
[root@master ~]# ansible alls -m shell -a 'yum install kubeadm-1.17.0 kubelet-1.17.0 kubectl-1.17.0 -y'
[root@master ~]# ansible alls -m shell -a 'echo KUBELET_EXTRA_ARGS=--cgroup-driver=systemd > /etc/default/kubelet'
[root@master ~]# ansible alls -m shell -a 'systemctl enable kubelet && systemctl start kubelet'
3.2 初始化集群
镜像仓库准备的镜像
resource.blueicex.com:5000/google_containers/etcd:3.4.3-0
resource.blueicex.com:5000/google_containers/kube-apiserver:v1.17.0
resource.blueicex.com:5000/google_containers/kube-controller-manager:v1.17.0
resource.blueicex.com:5000/google_containers/kube-proxy:v1.17.0
resource.blueicex.com:5000/google_containers/kube-scheduler:v1.17.0
resource.blueicex.com:5000/coreos/flannel:v0.11.0-amd64
resource.blueicex.com:5000/google_containers/coredns:1.6.5
resource.blueicex.com:5000/google_containers/pause:3.1
[root@master ~]# kubeadm init \
--image-repository=resource.blueicex.com:5000/google_containers \
--kubernetes-version=v1.17.0 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16 \
--apiserver-advertise-address=192.168.0.71 \
--token-ttl 0 \
--v=5
.............
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
.............
kubeadm join 192.168.0.71:6443 --token hmktog.g9h8o0j6txhsmjkg \
--discovery-token-ca-cert-hash sha256:9a78ae921c338e1b9473647547018d848ee0e71d40bcadbb3c4e6a3c7c516465
notice:★★★
192.168.0.71:master本机地址
resource.blueicex.com:5000/google_containers:docker仓库地址
安装不成功强制reset
[root@master ~]# kubeadm reset -f
删除节点
kubectl delete node
3.3 配置权限
[root@master ~]# mkdir -p $HOME/.kube
[root@master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master ~]# chown $(id -u):$(id -g) $HOME/.kube/config
生成环境变量
[root@master ~]# vim /root/.bashrc
export KUBECONFIG=/etc/kubernetes/admin.conf
3.3 node1 node2 节点加入集群
[root@master ~]# ansible nodes -m shell -a ' kubeadm join 192.168.0.71:6443 --token hmktog.g9h8o0j6txhsmjkg --discovery-token-ca-cert-hash sha256:9a78ae921c338e1b9473647547018d848ee0e71d40bcadbb3c4e6a3c7c516465 '
4. 安装网络组建flannel
[root@master ~]# wget http://resource.blueicex.com/config//k8s/k8s-1.17/kube-flannel.yml
[root@master ~]# vim kube-flannel.yml
...........
- name: install-cni
image: resource.blueicex.com:5000/coreos/flannel:v0.11.0-amd64
...........
containers:
- name: kube-flannel
image: resource.blueicex.com:5000/coreos/flannel:v0.11.0-amd64
...........
[root@master ~]# kubectl apply -f kube-flannel.yml
podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds-amd64 created
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 61m v1.17.0
node1 Ready <none> 19m v1.17.0
node2 Ready <none> 19m v1.17.0
[root@master ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true"}
5. kubectl bash-completion 自动补全
[root@master ~]# kubectl completion -h
...........
Examples:
...........
# Installing bash completion on Linux
## If bash-completion is not installed on Linux, please install the 'bash-completion' package
## via your distribution's package manager.
## Load the kubectl completion code for bash into the current shell
source <(kubectl completion bash)
## Write bash completion code to a file and source if from .bash_profile
kubectl completion bash > ~/.kube/completion.bash.inc
printf "
# Kubectl shell completion
source '$HOME/.kube/completion.bash.inc'
" >> $HOME/.bash_profile
source $HOME/.bash_profile
...........
[root@master ~]# kubectl completion bash > ~/.kube/completion.bash.inc
[root@master ~]# echo source ~/.kube/completion.bash.inc >> /root/.bashrc
————Blueicex 2020/05/31 14:12 [email protected]