Kubernetes 实战 Centos 7 kubeadm 搭建 Kubernetes v1.14.0 多节点集群
1、Kubernetes集群几种部署方式
minikube方式
Minikube是一个工具,可以在本地快速运行一个单点的Kubernetes,适合尝试Kubernetes或日常开发的用户使用,但是不能用于生产环境。
kubeadm方式
Kubeadm也是一个工具,提供kubeadm init和kubeadm join,可用于快速部署Kubernetes集群。
二进制包方式
从官方下载发行版的二进制包,手动部署每个组件,组成Kubernetes集群,过程较为繁琐。本文采用kubeadm搭建,接下来按照我的步骤进行,否则你会遇到各种各样的吭。。。。。。。。。
2、基础环境配置说明
| ip | hostname | role |
| 172.16.7.181 | master.ctpd.com | master |
| 172.16.7.182 | node1.ctpd.com | node |
3. 部署步骤
所有机器的基础配置
1. 修改主机名(省略)
2. 修改hosts文件解析(所有主机保持一致)
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.7.181 master.ctpd.com master
172.16.7.182 node1.ctpd.com node13. 关闭swap分区 、防火墙 、selinux等
swap:
1. 临时关闭 swapoff -a
2. 永久禁用 注释掉/etc/fstab文件中“/dev/mapper/centos-swap”这一行:
3. 重新加载:
sysctl --system
修改内核模块:
配置k8s.conf文件(#k8s.conf文件原来不存在,需要自己创建的)
cat /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness=0
防火墙:
systemctl stop firewalld
systemctl disable firewalld
关闭selinux:
1. 临时 setenforce 0
2. 永久关闭
vim /etc/sysconfig/selinux
SELINUX=enforcing
替换为
SELINUX=disabled
4. 准备k8s.repo, docker-ce.repo 放在 /etc/yum.repos.d 目录,
k8s.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgdocker-ce.repo
[docker-ce-edge]
name=Docker CE Edge - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-edge-debuginfo]
name=Docker CE Edge - Debuginfo $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-edge-source]
name=Docker CE Edge - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-test]
name=Docker CE Test - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-test-debuginfo]
name=Docker CE Test - Debuginfo $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-test-source]
name=Docker CE Test - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-nightly]
name=Docker CE Nightly - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-nightly-debuginfo]
name=Docker CE Nightly - Debuginfo $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-nightly-source]
name=Docker CE Nightly - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg5. 安装组件
yum -y install kubelet-1.14.0 kubeadm-1.14.0 kubectl-1.14.06. 设置开机启动,并启动服务
systemctl enable docker
systemctl enable kubelet.service
systemctl start docker
systemctl start kubelet7. 下载镜像(该步骤是最坑的,除非你能合理上网,严格按照我的步骤来否则你会被折腾死的。。。。)
准备pull.sh 脚本内容如下:
#!/bin/bash
images=(kube-proxy:v1.14.0 kube-scheduler:v1.14.0 kube-controller-manager:v1.14.0 kube-apiserver:v1.14.0 etcd:3.3.10 coredns:1.3.1 pause:3.1 )
for imageName in ${images[@]} ; do
docker pull xiliangma/$imageName
docker tag xiliangma/$imageName k8s.gcr.io/$imageName
docker rmi xiliangma/$imageName
done添加执行权限,执行脚本(需耐心等待。。。。。。):
chmod +x pull.sh
./pull.sh
查看images(我本机下载的是部署k8s后集群的镜像,可能要比你的多不要care)
8. 初始化master节点(采用的是flannel网络,可以自己百度扫盲不在赘述。。。。此步骤在master节点操作)
kubeadm init --kubernetes-version=v1.14.0 --pod-network-cidr=10.244.0.0/16成功后输出如下(可将下面的输出保存起来,后面步骤会用到):
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 172.16.7.181:6443 --token mltgdv.zwv212prlzrggio1 \
--discovery-token-ca-cert-hash sha256:dfd217d9c3c83f913a5a3fe2482b504780c176eef31bd00ed2ce3ce928f53555 9. 执行以下命令配置kubectl,作为普通用户管理集群并在集群上工作(master节点操作)
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config10. 部署pod网络(master节点操作)
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml11. 查看pod 、主机 (master节点操作)
kubectl get pods --all-namespaces
kubectl get nodes
节点输出如下:
[root@master181 work]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master.ctpd.com Ready master 82m v1.14.0
12. 加入节点(work节点操作)
执行第8步中输出的命令
可以查看节点来确定是否加入成功:
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master.ctpd.com Ready master 30h v1.14.1
node1.ctpd.com Ready 23h v1.14.1 13. 部署dashboard(没界面怎么能行, master节点操作)
1. 下载dashboard yaml文件
wget https://github.com/xiliangMa/restapi/raw/master/k8s/dashboard/kubernetes-dashboard.yaml
2. 创建dashboard pod
kubectl create -f kubernetes-dashboard.yaml
3. 查看pod状态,如果为running时就可以访问了
[root@master181 work]# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-fb8b8dccf-6fnrf 1/1 Running 0 95m
kube-system coredns-fb8b8dccf-g4d88 1/1 Running 0 95m
kube-system etcd-master186.ctpd.com 1/1 Running 0 95m
kube-system kube-apiserver-master186.ctpd.com 1/1 Running 0 94m
kube-system kube-controller-manager-master186.ctpd.com 1/1 Running 0 94m
kube-system kube-flannel-ds-amd64-crm95 1/1 Running 0 93m
kube-system kube-proxy-p9wjc 1/1 Running 0 95m
kube-system kube-scheduler-master186.ctpd.com 1/1 Running 0 94m
kube-system kubernetes-dashboard-5d9599dc98-m8g6d 1/1 Running 0 79m4. 获取token:
kubectl -n kube-system describe $(kubectl -n kube-system get secret -n kube-system -o name| grep namespace) | grep token
5. 访问dashboard(改成自己的ip)
https://192.168.8.164:30006
好了一切都搞定了,下次见