安装K8S过程

安装K8S过程

1、修改下载镜像源

• Ubuntu 修改为阿里云

  cat <<EOF > /etc/apt/sources.list.d/kubernetes.list
  deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
  EOF
  

• CentOS 修改为阿里云

  cat <<EOF > /etc/yum.repos.d/kubernetes.repo
  [kubernetes]
  name=Kubernetes
  baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
  enabled=1
  gpgcheck=0
  EOF
  

2、更新并安装

• 更新

  $ apt-get update 
  $ apt-get install -y kubelet kubeadm kubectl --allow-unauthenticated
  # $ apt-get install -y kubernetes-cni=0.6.0-00
  

3、下载镜像

• 编写脚本

  $ touch pullk8s.sh    # 创建脚本文件
  $ nano pullk8s.sh     # 编辑脚本
  # shell 脚本内容为
  #!/bin/sh
  for  i  in  `kubeadm config images list`;  do
      imageName=${i#k8s.gcr.io/}
      docker pull registry.aliyuncs.com/google_containers/$imageName
      docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
      docker rmi registry.aliyuncs.com/google_containers/$imageName
  done;
  

  或：建议此方法

  #!/bin/sh
  images_list=(
   k8s.gcr.io/kube-apiserver:v1.17.3
   k8s.gcr.io/kube-controller-manager:v1.17.3
   k8s.gcr.io/kube-scheduler:v1.17.3
   k8s.gcr.io/kube-proxy:v1.17.3
   k8s.gcr.io/pause:3.1
   k8s.gcr.io/etcd:3.4.3-0
   k8s.gcr.io/coredns:1.6.5
  )
  for  i  in  ${images_list[@]};  do
              imageName=${i#k8s.gcr.io/}
              docker pull registry.aliyuncs.com/google_containers/$imageName
              docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
              docker rmi registry.aliyuncs.com/google_containers/$imageName
          done;
  

  Ctrl + O #保存
  回车键
  Ctrl + x #退出
• 通过脚本下载镜像

  $ chmod +x pullk8s.sh
  $ sh pullk8s.sh
  

4、修改配置(非常重要，否则初始化时，仍然去google下载镜像)

• 忽略swap 错误
  kubernetes集群不允许开启swap，所以我们需要忽略这个错误
  编辑文件 /etc/sysconfig/kubelet，
  将文件里的KUBELET_EXTRA_ARGS=改成：
  KUBELET_EXTRA_ARGS="–fail-swap-on=false"

5、执行初始化

• 保持 docker service deamon 运行

  systemctl enable docker.service
  

• 执行初始化命令（ip修改为 0.0.0.0，否则kennel出现步骤6的错误）

  kubeadm init --apiserver-advertise-address=当前IP --ignore-preflight-errors=NumCPU --kubernetes-version=v1.17.3
  

6、执行过程超时出错如何处理

• 重新执行时错误：

  error execution phase preflight: [preflight] Some fatal errors occurred:
  	[ERROR Port-10259]: Port 10259 is in use
  	[ERROR Port-10257]: Port 10257 is in use
  	[ERROR FileAvailable--etc-kubernetes-manifests-kube-apiserver.yaml]: /etc/kubernetes/manifests/kube-apiserver.yaml already exists
  	[ERROR FileAvailable--etc-kubernetes-manifests-kube-controller-manager.yaml]: /etc/kubernetes/manifests/kube-controller-manager.yaml already exists
  	[ERROR FileAvailable--etc-kubernetes-manifests-kube-scheduler.yaml]: /etc/kubernetes/manifests/kube-scheduler.yaml already exists
  	[ERROR FileAvailable--etc-kubernetes-manifests-etcd.yaml]: /etc/kubernetes/manifests/etcd.yaml already exists
  	[ERROR Port-10250]: Port 10250 is in use
  [preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
  To see the stack trace of this error execute with --v=5 or higher
  

• 处理方法：

  $ kubeadm reset
  

• 重新运行初始化，仍然超时错误

  This error is likely caused by:
  - The kubelet is not running
  - The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)
  - 
  [kubelet-check] Initial timeout of 40s passed.
  
  Unfortunately, an error has occurred:
  	timed out waiting for the condition
  
  This error is likely caused by:
  	- The kubelet is not running
  	- The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)
  
  Additionally, a control plane component may have crashed or exited when started by the container runtime.
  To troubleshoot, list all containers using your preferred container runtimes CLI, e.g. docker.
  Here is one example how you may list all Kubernetes containers running in docker:
  - 'docker ps -a | grep kube | grep -v pause'
  Once you have found the failing container, you can inspect its logs with:
  - 'docker logs CONTAINERID'
  - error execution phase wait-control-plane: couldn't initialize a Kubernetes cluster
  
  

• 查看日志：
  无法连接到 apiserver

  Err :connection error: desc = "transport: Error while dialing dial tcp 127.0.0.1:2379: connect: connection refused". Reconnecting...
  panic: context deadline exceeded
  

  修改初始化ip为 0.0.0.0

  kubeadm init --apiserver-advertise-address=0.0.0.0 --ignore-preflight-errors=NumCPU --kubernetes-version=v1.17.3
  

7、终于成功了

• 初始化成功，执行后续相关操作

  Your Kubernetes control-plane has initialized successfully!
  
  To start using your cluster, you need to run the following as a regular user:
  
    mkdir -p $HOME/.kube
    sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    sudo chown $(id -u):$(id -g) $HOME/.kube/config
  
  You should now deploy a pod network to the cluster.
  Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
    https://kubernetes.io/docs/concepts/cluster-administration/addons/
  
  Then you can join any number of worker nodes by running the following on each as root: 
    省略....
  

8、查看状态

• 查看pods

  $ kubectl get pods --all-namespaces
  NAMESPACE     NAME                                  READY   STATUS    RESTARTS   AGE
  kube-system   coredns-6955765f44-8wtsp              1/1     Running   0          32m
  kube-system   coredns-6955765f44-ksdw8              1/1     Running   0          32m
  kube-system   etcd-centos-2020                      1/1     Running   0          32m
  kube-system   kube-apiserver-centos-2020            1/1     Running   0          32m
  kube-system   kube-controller-manager-centos-2020   1/1     Running   0          32m
  kube-system   kube-proxy-v4vwz                      1/1     Running   0          32m
  kube-system   kube-scheduler-centos-2020            1/1     Running   0          32m
  
  

• 查看健康状态

  $ kubectl get cs
  NAME                 STATUS    MESSAGE             ERROR
  scheduler            Healthy   ok                  
  controller-manager   Healthy   ok                  
  etcd-0               Healthy   {"health":"true"}  
  

• 查看节点

  $ kubectl get nodes
  NAME          STATUS   ROLES    AGE   VERSION
  centos        Ready    master   39m   v1.17.3
  

9、部署dashboard

• 部署

  kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml
  

• 命令行代理

  kubectl proxy
  

• 访问地址
  http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

• 问题：通过公网ip无法访问