kubeadm istio 搭建k8s微服务(1)

为什么80%的码农都做不了架构师？>>>   

使用kubeadm安装k8s集群

准备kubeadm所需镜像

docker pull gcrxio/kube-apiserver:v1.13.2
docker pull gcrxio/kube-controller-manager:v1.13.2
docker pull gcrxio/kube-scheduler:v1.13.2
docker pull gcrxio/kube-proxy:v1.13.2
docker pull gcrxio/pause:3.1
docker pull gcrxio/etcd:3.2.24
docker pull coredns/coredns:1.2.6

docker tag docker.io/gcrxio/kube-proxy:v1.13.2 k8s.gcr.io/kube-proxy:v1.13.2
docker tag docker.io/gcrxio/kube-scheduler:v1.13.2 k8s.gcr.io/kube-scheduler:v1.13.2
docker tag docker.io/gcrxio/kube-apiserver:v1.13.2 k8s.gcr.io/kube-apiserver:v1.13.2
docker tag docker.io/gcrxio/kube-controller-manager:v1.13.2 k8s.gcr.io/kube-controller-manager:v1.13.2
docker tag docker.io/gcrxio/etcd:3.2.24  k8s.gcr.io/etcd:3.2.24
docker tag docker.io/gcrxio/pause:3.1  k8s.gcr.io/pause:3.1
docker tag docker.io/coredns/coredns:1.2.6  k8s.gcr.io/coredns:1.2.6

docker rmi gcrxio/kube-apiserver:v1.13.2
docker rmi gcrxio/kube-controller-manager:v1.13.2
docker rmi gcrxio/kube-scheduler:v1.13.2
docker rmi gcrxio/kube-proxy:v1.13.2
docker rmi gcrxio/pause:3.1
docker rmi gcrxio/etcd:3.2.24
docker rmi coredns/coredns:1.2.6

初始化kubeadm

kubeadm init --pod-network-cidr=192.168.0.0/16

配置kubectl

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

安装etcd

kubectl apply -f \
https://docs.projectcalico.org/v3.4/getting-started/kubernetes/installation/hosted/etcd.yaml

安装calico

kubectl apply -f \
https://docs.projectcalico.org/v3.4/getting-started/kubernetes/installation/hosted/calico.yaml

等待pods加载完成

watch kubectl get pods --all-namespaces

去掉master的taint标记 这样可以在上边部署其他pod

kubectl taint nodes --all node-role.kubernetes.io/master-

查看节点

kubectl get nodes -o wide

---

添加节点

查看kubeadm token

kubeadm token list

如果过期 创建新的

kubeadm token create

获取--discovery-token-ca-cert-hash

openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'

在节点机器上运行

kubeadm join 172.10.30.100:6443 \
--token 8gl99n.iu0m7c669vm0d1b1 \
--discovery-token-ca-cert-hash sha256:e3107f0be5fa44f939a6460b0c980a89e6d491dca89f5a44bc6923e40acc8e0b

查看节点

kubectl get nodes

---

参考资料

calico 网络安装

kubeadm创建k8s集群

转载于:https://my.oschina.net/yoke/blog/3001589