角色 | Ip | 组件 |
---|---|---|
Master | 192.168.33.110 | etcd、kube-apiserver、kube-controller-manager、kube-scheduler、docker |
Node01 | 192.168.33.111 | kube-proxy、kubelet、docker |
Node02 | 192.168.33.112 | kube-proxy、kubelet、docker |
查看默认防火墙状态(关闭后显示not running ,开启后显示 running)
firewall-cmd --state
关闭防火墙, 禁止fifirewall开机启动
systemctl stop fifirewalld.service
systemctl disable fifirewalld.service
清空防火墙规则
$ sudo iptables -F && sudo iptables -X && sudo iptables -F -t nat && sudo iptables -X -t nat
$ sudo iptables -P FORWARD ACCEPT
设置永久主机名称,然后重新登录
sudo hostnamectl set-hostname master
sudo hostnamectl set-hostname node1
sudo hostnamectl set-hostname node2
192.168.33.110 master
192.168.33.111 node1
192.168.33.112 node2
$ yum -y install ntpdate
$ sudo ntpdate cn.pool.ntp.org
如果开启了 swap 分区,kubelet 会启动失败(可以通过将参数 --fail-swap-on 设置为false 来忽略 swap on),故需要在每台机器上关闭 swap 分区:
swapoff -a
为了防止开机自动挂载 swap 分区,可以注释 /etc/fstab 中相应的条目:
$ sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
关闭 SELinux,否则后续 K8S 挂载目录时可能报错 Permission denied :
sudo setenforce 0
修改配置文件,永久生效;
$ vim /etc/selinux/config
SELINUX=disabled
在/etc/sysctl.conf中添加:
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@localhost ~]# cat /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
执行sysctl -p 时出现:
[root@localhost ~]# sysctl -p
sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-ip6tables: No such file or directory
sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or directory
解决方法:
[root@localhost ~]# modprobe br_netfilter
[root@localhost ~]# ls /proc/sys/net/bridge
bridge-nf-call-arptables bridge-nf-filter-pppoe-tagged
bridge-nf-call-ip6tables bridge-nf-filter-vlan-tagged
bridge-nf-call-iptables bridge-nf-pass-vlan-input-dev
[root@localhost ~]# sysctl -p
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
#删除之前etcd,与kubernets
yum remove -y etcd kubernetes
#删除之前docker
yum remove -y docker\
docker-client\
docker-client-latest\
docker-common\
docker-latest\
docker-latest-logrotate\
docker-logrotate\
docker-selinux\
docker-engine-selinux\
docker-engine\
docker-ce-cli
[root@localhost ~]# yum list installed | grep kub
kubernetes-client.x86_64 1.5.2-0.7.git269f928.el7 @extras
kubernetes-master.x86_64 1.5.2-0.7.git269f928.el7 @extras
yum remove -y kubernetes-client.x86_64 kubernetes-master.x86_64
CentOS 7 (使用yum进行安装)
# step 1: 安装必要的一些系统工具
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3: 更新并安装 Docker-CE
sudo yum makecache fast
cd /etc/yum.repos.d/
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
sudo yum makecache fast
setenforce 0
yum install -y docker-ce-18.06.0.ce kubeadm-1.11.1 kubelet-1.11.1 kubectl-1.11.1 kubernetes-cni-0.6.0-0
#配置docker 代理
vi /usr/lib/systemd/system/docker.service
#在[Service]下添加
Environment="HTTPS_PROXY=192.168.33.1:7890" "HTTP_PROXY=192.168.33.1:7890" "NO_PROXY=127.0.0.1,192.168.0.0/16,localhost,192.168.33.0/24"
#修改配置文件
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
systemctl daemon-reload
systemctl enable kubelet docker
systemctl start docker.service
kubeadm init --kubernetes-version=v1.11.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --apiserver-advertise-address=192.168.33.110 --ignore-preflight-errors=Swap
#运行后生成这句话,要记住
kubeadm join 192.168.33.110:6443 --token 6b902v.c7pe1u79znxebf4m --discovery-token-ca-cert-hash sha256:0792195a1d48a772ba0ad94006d3f477f395672843abf2ccba8aad8e4e5f5124 --ignore-preflight-errors=Swap
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
#手动下载
curl -o kube-flannel.yml -sSL https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
如安装不成功,手动下载镜像并修改镜像名为yml镜像名:
docker pull quay-mirror.qiniu.com/coreos/flannel:v0.11.0-amd64
docker tag quay-mirror.qiniu.com/coreos/flannel:v0.11.0-amd64 quay.io/coreos/flannel:v0.10.0-amd64
查看状态
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 9h v1.11.1
#删除之前etcd,与kubernets
yum remove -y etcd kubernetes
#删除之前docker
yum remove -y docker\
docker-client\
docker-client-latest\
docker-common\
docker-latest\
docker-latest-logrotate\
docker-logrotate\
docker-selinux\
docker-engine-selinux\
docker-engine\
docker-ce-cli
[root@localhost ~]# yum list installed | grep kub
kubernetes-client.x86_64 1.5.2-0.7.git269f928.el7 @extras
kubernetes-master.x86_64 1.5.2-0.7.git269f928.el7 @extras
yum remove -y kubernetes-client.x86_64 kubernetes-master.x86_64
CentOS 7 (使用yum进行安装)
# step 1: 安装必要的一些系统工具
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3: 更新并安装 Docker-CE
sudo yum makecache fast
cd /etc/yum.repos.d/
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
sudo yum makecache fast
setenforce 0
###软件安装
yum install -y docker-ce-18.06.0.ce kubeadm-1.11.1 kubelet-1.11.1 kubernetes-cni-0.6.0-0
yum remove -y kubeadm-1.11.5 kubelet-1.11.5 kubernetes-cni-0.6.0-0
scp root@master:/usr/lib/systemd/system/docker.service /usr/lib/systemd/system/docker.service
scp root@master:/etc/sysconfig/kubelet /etc/sysconfig/kubelet
systemctl daemon-reload
systemctl enable kubelet docker
systemctl start docker.service
kubeadm join 192.168.33.110:6443 --token 6b902v.c7pe1u79znxebf4m --discovery-token-ca-cert-hash sha256:0792195a1d48a772ba0ad94006d3f477f395672843abf2ccba8aad8e4e5f5124 --ignore-preflight-errors=Swap
同node01节点
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 9h v1.11.1
node1 Ready <none> 9h v1.11.1
node2 Ready <none> 9h v1.11.1
[root@master ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health": "true"}