k8s-安装部署实战
K8s-ui部署实战
一、 准备三台虚拟机
Master192.168.1.3
Node1192.168.1.4
Node2192.168.1.5
2、关闭防火强:systemctl stopfirewalld systemctl disable firewalld
3、修改各服务器/etc/hosts 增加 Master192.168.1.3
Node1 192.168.1.4
Node2 192.168.1.5
4、修改各服务器/etc/hostname
5、 Kubernetes组件:
- etcd 一个高可用的K/V键值对存储和服务发现系统
- flannel 实现夸主机的容器网络的通信
- kube-apiserver 提供kubernetes集群的API调用
- kube-controller-manager 确保集群服务
- kube-scheduler 调度容器,分配到Node
- kubelet 在Node节点上按照配置文件中定义的容器规格启动容器
- kube-proxy 提供网络代理服务
master上面部署的有etcd,kube-apiserver,kube-scheduler,kube-controller-manager,flannel,docker
node节点行部署的kube-proxy,kubelet,docker,flannel
二、安装 master
1、yum install -y kubernetes-master etcd flannel
2、配置etcd
Vi /etc/etcd/etcd.conf
修改以下几项:
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
# 监听地址端口
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_NAME="default"
# etcd集群配置;多个etcd服务器,直接在后面加url
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.1.3:2379"
3、配置kubernetes
进入/etc/kubernetes目录:
apiserver: kubernetes api配置文件;
config: kubernetes主配置文件;
controller-manager:kubernetes集群管理配置文件;
scheduler: kubernetes scheduler配置文件;
vi /etc/kubernetes/apiserver
# kube启动时绑定的地址
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
# kube调用etcd的url
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.1.3:2379"
# Kubernetes可以分配的IP范围,Kubernetes启动的每一个pod以及service都会分配一个IP地址,将会从这个范围分配。
# 是Services管理的集群IP地址范围。
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
# 以下是因为安装kubernetes而修改的配置
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota" 去掉了ServiceAccount
Vi /etc/kubernetes/config
配置config文件:
###
# kubernetes system config
#
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"
# How the controller-manager, scheduler,and proxy find the apiserver
# kube master api url
KUBE_MASTER="--master=http://192.168.1.3:8080"
三、安装node
yum install -y kubernetes-node flannel
配置kubernetes,进入/etc/kubernetes目录:
config:kubernetes主配置文件;
kubelet:kubelet node配置文件;
proxy:kubernetes proxy配置文件;
vi /etc/kubernetes/config
# How the controller-manager, scheduler,and proxy find the apiserver
# kube master api url
KUBE_MASTER="--master=http://192.168.1.3:8080"
Vi /etc/kubernetes/kubelet
kubelet配置:
###
# The address for the info server toserve on (set to 0.0.0.0 or "" for all interfaces)
# kubelet启动后绑定的地址
KUBELET_ADDRESS="--address=0.0.0.0"
# The port for the info server to serveon
# kubelet端口
KUBELET_PORT="--port=10250"
# You may leave this blank to use theactual hostname
# kubelet的hostname,在master执行kubectl getnodes显示的名字
KUBELET_HOSTNAME="--hostname-override=192.168.1.4"
# location of the api-server
# kube master api url
KUBELET_API_SERVER="--api-servers=http://192.168.1.3:8080"
# pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
# Add your own!
KUBELET_ARGS=""
(6)配置master,flanneld配置,进入/etc/sysconfig目录
修改flanneld文件如下:
# Flanneld configuration options
# etcd url location. Pointthis to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://192.168.1.3:2379"
# etcd config key. This isthe configuration key that flannel queries
# For address range assignment
#FLANNEL_ETCD_PREFIX="/atomic.io/network"
FLANNEL_ETCD_PREFIX="/kube/network"
# Any additional options that you wantto pass
#FLANNEL_OPTIONS=""
然后执行以下命令:
systemctl start etcd 启动etcd
etcdctl mkdir /kube/network
etcdctl mk /kube/network/config '{"Network":"192.168.0.1/16"}'
(7)配置nodes,flanneld配置,进入/etc/sysconfig目录
修改flanneld文件如下:
# Flanneld configuration options
# etcd url location. Pointthis to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://192.168.1.3:2379"
# etcd config key. This isthe configuration key that flannel queries
# For address range assignment
#FLANNEL_ETCD_PREFIX="/atomic.io/network"
FLANNEL_ETCD_PREFIX="/kube/network"
# Any additional options that you wantto pass
#FLANNEL_OPTIONS=""
在master上启动docker \etcd flanneld(先启动再启动docker)
在node 上启动docker flanneld(先启动再启动docker)
(9)启动master上的k8s服务
注意第一个启动的是要kube-apiserver
systemctl start kube-apiserver
systemctl start kube-controller-manager
systemctl start kube-scheduler
(10)启动nodes上的k8s服务
systemctl start kube-proxy
systemctl start kubelet
验证: kubectl get node 查看所有节点
Kubectl get namespace 查看命名空间
加载bashboard
1、 安装git : yum install –y git
2、拉取kubernetes-dashboard.yaml文件(创建bashboard镜像容器配置文件)
git clone https://github.com/jdedu/kubernetes.git
2、 修改kubernetes-bashboard.yaml文件
Api-server改为192.168.1.3:8080
Images改为bestwu/kubernetes-dashboard-amd64:v1.6.3(中文稳定版)
4\创建pods: kubectl create -f kubernetes-dashboard.yaml
5\查看pods: kubectl get pods –namespace=kube-system
5.1删除pods: kubectl delete pods kubernetes-dashboard-302935354-0h7p6 --namespace=kube-system
6\查看报错日志:kubectl describe pods kubernetes-dashboard-2496492025-rwczb--namespace=kube-system
7\查看明细日志: kubectl logskubernetes-dashboard-1338994370-w8bmt --namespace=kube-system
报错Error syncing pod, skipping: failed to "StartContainer"for "POD" with ImagePullBackOff: "Back-off pulling image\"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
以下方法均在node机器上执行
解决:其中最主要的问题是:details:(open/etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such fileordirectory)
安装
查看/etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt(该链接就是上图中的说明)是一个软链接,但是链接过去后并没有真实的/etc/rhsm,所以需要使用yum安装:
yum install *rhsm*
无效的话:
一、wgethttp://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
二、rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem
这两个命令会生成/etc/rhsm/ca/redhat-uep.pem文件.
最后执行拉取重要镜像:
docker pull bestwu/kubernetes-dashboard-amd64:v1.6.3
docker pullregistry.access.redhat.com/rhel7/pod-infrastructure:latest
现像一、所有服务运行正常 ui界面报错无法找到 各服务器没有开起ip转发
Vi /etc/sysctl
增加net.ipv4.ip_forward=1
立可生效 sysctl -p