环境准备
1. 配置/etc/hosts文件,将所有机器配置成通过主机名可以访问。
2. 如果环境中有代理,请一定要在环境变量中将no_proxy配置正确。
3. master还需要执行下面的命令
#创建/etc/sysctl.d/k8s.conf文件,添加如下内容: net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 #执行命令使修改生效。 modprobe br_netfilter sysctl -p /etc/sysctl.d/k8s.conf
安装 kubeadm, kubelet, kubectl
ubuntu
apt-get update && apt-get install -y apt-transport-https curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add - cat </etc/apt/sources.list.d/kubernetes.list deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main EOF apt-get update apt-get install -y kubelet kubeadm kubectl
centos
cat </etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF # 安装 yum install -y kubelet kubeadm kubectl
Master机器下载apiserver, schedule, etcd, controller-manager, coredns镜像
#!/bin/bash #获取所需的镜像 k8s_images=`kubeadm config images list` #更改镜像下载位置 images_cn=`echo $k8s_images | sed -e "s/k8s.gcr.io/docker.io\/mirrorgooglecontainers/g"` #docker pull下载镜像, 并重新将docker.io/mirrorgooglecontainers改变成k8s.grc.io for image in images_cn do docker pull $image docker tag $image `echo $image | sed -e "s/docker.io\/mirrorgooglecontainers/k8s.gcr.io/"` done
所有node,master关闭swap,selinux
swapoff -a
修改/etc/fstab文件,注销掉swap相关的行
kubeadm init进行初始化master组件
kubeadm init --pod-network-cidr=10.244.0.0/16
Master应用flannel overlay network
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
普通用户使用kubectl
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
node节点加入master集群
加入前的准备
- 将前面在master上下载的pause,flannel,kube-proxy的镜像都用load到node机器上的docker daemon里。
kubeadm init初始化成功后会打印出node 加入master的命令,如下:
kubeadm join 10.239.44.68:6443 --token 8jxvj4.5lop20zjbu48h6kl \
--discovery-token-ca-cert-hash sha256:1ca8f0a098601b94d7c2a9b4a3758ff0880a0213db813336dec0e9272ed55a78
注意:kubeadm init生成的token有效期只有1天,如果你的node节点在使用kubeadm join时出现如下错误
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml' error execution phase preflight: unable to fetch the kubeadm-config ConfigMap: failed to get config map: Unauthorized
请到master上检查你所使用的token是否有效,kubeadm token list
49y4v3.jxq5w76jj5hh028u2019-04-13T15:00:47-04:00 authentication,signing The default bootstrap token generated by 'kubeadm init'. system:bootstrappers:kubeadm:default-node-token 8jxvj4.5lop20zjbu48h6kl 23h 2019-04-25T10:21:41-04:00 authentication,signing system:bootstrappers:kubeadm:default-node-token
生成不过期的token
kubeadm token create --ttl 0 --print-join-command
join成功后node节点执行docker ps可以看到
[root@webrtc-skylake-msdk zhenqi]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b29e46c58033 ff281650a721 "/opt/bin/flanneld -…" 10 minutes ago Up 10 minutes k8s_kube-flannel_kube-flannel-ds-amd64-j6dwl_kube-system_f7597ab9-66a4-11e9-ac72-d45ddf09a4df_0 07e0d45931cb 20a2d7035165 "/usr/local/bin/kube…" 18 minutes ago Up 18 minutes k8s_kube-proxy_kube-proxy-jsqqv_kube-system_f759af51-66a4-11e9-ac72-d45ddf09a4df_0 48c858ea21ee k8s.gcr.io/pause:3.1 "/pause" 18 minutes ago Up 18 minutes k8s_POD_kube-proxy-jsqqv_kube-system_f759af51-66a4-11e9-ac72-d45ddf09a4df_0 d4b2ce6ecaa2 k8s.gcr.io/pause:3.1 "/pause" 18 minutes ago Up 18 minutes k8s_POD_kube-flannel-ds-amd64-j6dwl_kube-system_f7597ab9-66a4-11e9-ac72-d45ddf09a4df_0
master上执行kubectl get node
[webrtc@webrtc53 images]$ kubectl get node NAME STATUS ROLES AGE VERSION webrtc-skylake-msdk Ready42m v1.14.1 webrtc53 Ready master 11d v1.14.1
kubeadm 常用的命令
help Help about any command init Run this command in order to set up the Kubernetes control plane. # master上执行,初始化所有的master组件 join Run this on any machine you wish to join an existing cluster # node上执行,加入master reset Run this to revert any changes made to this host by 'kubeadm init' or 'kubeadm join'. # 清理 init,join的环境 token Manage bootstrap tokens. # token的增删查 upgrade Upgrade your cluster smoothly to a newer version with this command. # 更新集群 version Print the version of kubeadm
如何debug 安装过程中的问题?
1. 查看系统log,一般都能解决了。
2. 注意网络问题,特别是有代理的情况下。
3. images的下载。