centos 7.6.180 安装 Kubernetes 1.17.3
文章目录
- 1 准备三台虚拟机
- 2 修改hosts
- 3 关闭防火墙,禁用selinux,禁用 swap
- 3.1 关闭防火墙
- 3.2 禁用selinux
- 3.3 禁用swap
- 4 修改系统配置
- 4.1 net.bridge
- 5 同步时间
- 6 安装docker
- 7 安装Kubernetes
- 7.1 安装Kubernetes
- 8 配置Kubernetes
- 8.1 配置master
- 8.1.1 初始化主节点
- 8.1.2 联网配置
- 8.2 配置node
- 9 查看
- 9.1 查看node
- 9.2 查看Pod
- 参考文档
1 准备三台虚拟机
配置2核2G
172.16.159.165 master1.k8s
172.16.159.166 node1.k8s
172.16.159.167 node2.k8s
修改主机名
在master1.k8s (172.16.159.165)上:
hostnamectl set-hostname master1.k8s
node1.k8s(172.16.159.166)上:
hostnamectl set-hostname node1.k8s
node2.k8s(172.16.159.167)上:
hostnamectl set-hostname node2.k8s
2 修改hosts
master1.k8s,node1.k8s,node2.k8s 三台机器都需要操作。
cat >> /etc/hosts << EOF
172.16.159.165 master1.k8s
172.16.159.166 node1.k8s
172.16.159.167 node2.k8s
EOF
3 关闭防火墙,禁用selinux,禁用 swap
master1.k8s,node1.k8s,node2.k8s 三台机器都需要操作。
3.1 关闭防火墙
关闭并禁用防火墙
[root@master1 ~]# systemctl stop firewalld && systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
查看默认防火墙状态(关闭后显示not running,开启后显示running)
[root@master1 ~]# firewall-cmd --state
not running
清除防火墙规则(否则pod及容器无法跨主机互通问题)
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F
iptables -L -n
3.2 禁用selinux
关闭Selinux
[root@master1 ~]# setenforce 0
[root@master1 ~]# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
重启
[root@master1 ~]# reboot
查看Selinux状态
[root@master1 ~]# sestatus
SELinux status: disabled
3.3 禁用swap
[root@master1 ~]# swapoff -a
[root@master1 ~]# sed -i 's/.*swap.*/#&/' /etc/fstab
[root@master1 ~]# free
total used free shared buff/cache available
Mem: 2030472 79496 1826568 8952 124408 1797140
Swap: 0 0 0
[root@master1 ~]#
4 修改系统配置
4.1 net.bridge
一些 RHEL/CentOS 7 的用户曾经遇到过问题:
由于 iptables 被绕过而导致流量无法正确路由的问题。
您应该确保 在sysctl 配置中的 net.bridge.bridge-nf-call-iptables 被设置为 1
# cat < /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
# sysctl --system
5 同步时间
因为虚拟机有可能经常关机,与本地时间不同步,安装k8s有可能失败
# yum -y install ntp
# ntptime
# timedatectl
时间同步
ntpdate cn.pool.ntp.org
编辑计划任务,每小时做一次同步
crontab -e
0 * * * * /usr/sbin/ntpdate cn.pool.ntp.org
6 安装docker
master1.k8s,node1.k8s,node2.k8s 三台机器都需要操作。
《centos 7.6.1810安装与使用docker 18.09.6》:https://blog.csdn.net/CleverCode/article/details/107181446
7 安装Kubernetes
7.1 安装Kubernetes
master1.k8s,node1.k8s,node2.k8s 三台机器都需要操作。
1 配置国内kubernetes源
cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
2 安装 kubelet、kubeadm、kubectl
kubelet 负责与其他节点集群通信,并进行本节点pod和容器生命周期的管理。
kubeadm 是kubernetes的自动化部署工具,降低了部署难度,提高效率。
kubectl 是kubernetes集群管理工具。
安装
# yum install -y kubelet-1.17.3 kubeadm-1.17.3 kubectl-1.17.3
设置开机自启
# systemctl enable kubelet && systemctl start kubelet
8 配置Kubernetes
8.1 配置master
在master1.k8s 操作
8.1.1 初始化主节点
# kubeadm init --kubernetes-version="v1.17.3" --pod-network-cidr="10.16.0.0/8" --image-repository registry.aliyuncs.com/google_containers
k8s 主节点初始化成功后日志
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 172.16.159.165:6443 --token yxmvci.hio9tpu4b58phpgm \
--discovery-token-ca-cert-hash sha256:fa1e09d4bca3a95b53398212457827467a2a720489223123116223bb7a576a68
查看初始化完成后拉取到的镜像
查看运行的容器
根据控制台日志依次执行下面
[root@master1 ~]# mkdir -p $HOME/.kube
[root@master1 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master1 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
验证各组件是否正常
[root@master1 ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true"}
[root@master1 ~]#
执行 kubectl get nodes,查看k8s 节点,状态未就绪
8.1.2 联网配置
下载kube-flannel.yml
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
刚开始一直NotReady,重启之后就好了,变成Ready了。
8.2 配置node
node1.k8s,node2.k8s 执行 初始化8.1主节点之后的提示信息
kubeadm join 172.16.159.165:6443 --token yxmvci.hio9tpu4b58phpgm \
--discovery-token-ca-cert-hash sha256:fa1e09d4bca3a95b53398212457827467a2a720489223123116223bb7a576a68
9 查看
9.1 查看node
执行完8.2操作后,过几分钟,在master1.k8s执行。node节点从 NotReady变成Ready了。
查看所有节点
[root@master1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master1.k8s Ready master 49m v1.17.3
node1.k8s Ready <none> 3m34s v1.17.3
node2.k8s Ready <none> 2m53s v1.17.3
-o wide 显示详情
[root@master1 ~]# kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master1.k8s Ready master 50m v1.17.3 172.16.159.165 <none> CentOS Linux 7 (Core) 4.4.229-1.el7.elrepo.x86_64 docker://18.9.6
node1.k8s Ready <none> 4m30s v1.17.3 172.16.159.166 <none> CentOS Linux 7 (Core) 4.4.229-1.el7.elrepo.x86_64 docker://18.9.6
node2.k8s Ready <none> 3m49s v1.17.3 172.16.159.167 <none> CentOS Linux 7 (Core) 4.4.229-1.el7.elrepo.x86_64 docker://18.9.6
9.2 查看Pod
# 查看所有pod 必须指定命名空间
kubectl get pods -n kube-system
# -n kube-system 指定命名空间
# -o wide 显示详情信息
kubectl get pods -n kube-system -o wide
[root@master1 ~]# kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-9d85f5447-2sssz 1/1 Running 0 97m 10.0.0.3 master1.k8s <none> <none>
coredns-9d85f5447-ndwpt 1/1 Running 0 97m 10.0.0.2 master1.k8s <none> <none>
etcd-master1.k8s 1/1 Running 1 96m 172.16.159.165 master1.k8s <none> <none>
kube-apiserver-master1.k8s 1/1 Running 1 96m 172.16.159.165 master1.k8s <none> <none>
kube-controller-manager-master1.k8s 1/1 Running 1 96m 172.16.159.165 master1.k8s <none> <none>
kube-flannel-ds-amd64-84gnt 1/1 Running 0 50m 172.16.159.167 node2.k8s <none> <none>
kube-flannel-ds-amd64-lp8hf 1/1 Running 0 51m 172.16.159.166 node1.k8s <none> <none>
kube-flannel-ds-amd64-zwdq7 1/1 Running 0 70m 172.16.159.165 master1.k8s <none> <none>
kube-proxy-4hxl9 1/1 Running 1 97m 172.16.159.165 master1.k8s <none> <none>
kube-proxy-8ppds 1/1 Running 0 51m 172.16.159.166 node1.k8s <none> <none>
kube-proxy-pmjs5 1/1 Running 0 50m 172.16.159.167 node2.k8s <none> <none>
kube-scheduler-master1.k8s 1/1 Running 1 96m 172.16.159.165 master1.k8s <none> <none>
[root@master1 ~]#
参考文档
https://www.cnblogs.com/gmmy/p/12372805.html
https://blog.csdn.net/fp19930214/article/details/104919677
http://www.mamicode.com/info-detail-2950096.html
https://blog.csdn.net/freedom00001/article/details/104462944