1.使用kubeadm工具快速安装Kubernetes集群
关掉selinux
vi /etc/selinux/config
disabled
关掉firewalld,iptables
systemctl disable firewalld
systemctl stop firewalld
systemctl disable iptables
systemctl stop iptables
编辑生成kubernetes的yum源
[root@k8s-1 network-scripts]# cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
修改iptables相关参数
cat < /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
安装kubeadm和相关工具
yum install kubectl kubelet kubernetes-cni kubeadm docker # 安装必要组件
systemctl enable docker.service && systemctl start docker.service
systemctl enable kubelet.service && systemctl start kubelet.service
下载docker镜像
docker pull cloudnil/etcd-amd64:3.2.18
docker pull cloudnil/pause-amd64:3.1
docker pull cloudnil/kube-proxy-amd64:v1.11.0
docker pull cloudnil/kube-scheduler-amd64:v1.11.0
docker pull cloudnil/kube-controller-manager-amd64:v1.11.0
docker pull cloudnil/kube-apiserver-amd64:v1.11.0
docker pull cloudnil/k8s-dns-sidecar-amd64:1.14.4
docker pull cloudnil/k8s-dns-kube-dns-amd64:1.14.4
docker pull cloudnil/k8s-dns-dnsmasq-nanny-amd64:1.14.4
docker pull cloudnil/kube-discovery-amd64:1.0
docker pull cloudnil/dnsmasq-metrics-amd64:1.0
docker pull cloudnil/exechealthz-amd64:1.2
docker pull cloudnil/coredns:1.1.3
对镜像重命名
docker tag cloudnil/etcd-amd64:3.2.18 k8s.gcr.io/etcd-amd64:3.2.18
docker tag cloudnil/pause-amd64:3.1 k8s.gcr.io/pause:3.1
docker tag cloudnil/kube-proxy-amd64:v1.11.0 k8s.gcr.io/kube-proxy-amd64:v1.11.0
docker tag cloudnil/kube-scheduler-amd64:v1.11.0 k8s.gcr.io/kube-scheduler-amd64:v1.11.0
docker tag cloudnil/kube-controller-manager-amd64:v1.11.0 k8s.gcr.io/kube-controller-manager-amd64:v1.11.0
docker tag cloudnil/kube-apiserver-amd64:v1.11.0 k8s.gcr.io/kube-apiserver-amd64:v1.11.0
docker tag cloudnil/kube-discovery-amd64:1.0 k8s.gcr.io/kube-discovery-amd64:1.0
docker tag cloudnil/k8s-dns-sidecar-amd64:1.14.4 k8s.gcr.io/k8s-dns-sidecar-amd64:1.14.4
docker tag cloudnil/k8s-dns-kube-dns-amd64:1.14.4 k8s.gcr.io/k8s-dns-kube-dns-amd64:1.14.4
docker tag cloudnil/k8s-dns-dnsmasq-nanny-amd64:1.14.4 k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64:1.14.4
docker tag cloudnil/dnsmasq-metrics-amd64:1.0 k8s.gcr.io/dnsmasq-metrics-amd64:1.0
docker tag cloudnil/exechealthz-amd64:1.2 k8s.gcr.io/exechealthz-amd64:1.2
docker tag cloudnil/coredns:1.1.3 k8s.gcr.io/coredns:1.1.3
至此,准备工作已就绪,执行kubelet init 命令即可一键完成kubernetes Master节点的安装:
kubelet init --kubernetes-version=1.11.0
安装结果如下
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join 192.168.10.208:6443 --token 4adw2b.smh6acorw0rfin3v --discovery-token-ca-cert-hash sha256:5bc323055a87fd0f6ee228e4b9d4fa58743125be0ae287ea9a26e04dbce5028e
按照提示执行完如下命令,即完成了master的安装工作
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
安装nodes节点
首先安装docker和kubeadm相关工具
yum install docker kubeadm kubelet kubectl kubernetes-cni
启动docker,kubelet
systemctl enable docker.service && systemctl start docker.service
systemctl enable kubelet.service && systemctl start kubelet.service
下载pause-amd64:3.1和kube-proxy-amd64:v1.11.0
docker pull cloudnil/pause-amd64:3.1
docker pull cloudnil/kube-proxy-amd64:v1.11.0
执行kubeadm join命令,加入集群
kubeadm join 192.168.10.208:6443 --token 8u66y8.uouc3e2u4hwdni3s --discovery-token-ca-cert-hash sha256:d373d424a129f5e2d2d2ba0a64bd6b9ffeca868653b4deb6bb12c5f4d3b38abd
可以看到如下的输出
you can solve this problem with following methods:
1. Run 'modprobe -- ' to load missing kernel modules;
2. Provide the missing builtin kernel ipvs support
I0827 15:12:58.869512 3242 kernel_validator.go:81] Validating kernel version
I0827 15:12:58.869637 3242 kernel_validator.go:96] Validating kernel config
[discovery] Trying to connect to API Server "192.168.10.208:6443"
[discovery] Created cluster-info discovery client, requesting info from "https://192.168.10.208:6443"
[discovery] Requesting info from "https://192.168.10.208:6443" again to validate TLS against the pinned public key
[discovery] Cluster info signature and contents are valid and TLS certificate validates against pinned roots, will use API Server "192.168.10.208:6443"
[discovery] Successfully established connection with API Server "192.168.10.208:6443"
[kubelet] Downloading configuration for the kubelet from the "kubelet-config-1.11" ConfigMap in the kube-system namespace
[kubelet] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[preflight] Activating the kubelet service
[tlsbootstrap] Waiting for the kubelet to perform the TLS Bootstrap...
[patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "node1" as an annotation
This node has joined the cluster:
* Certificate signing request was sent to master and a response
was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the master to see this node join the cluster.
安装网络插件
[cgs@master ~]$ kubectl apply -f https://git.io/weave-kube-1.6
切换到master 执行命令 kubectl get nodes
[cgs@master ~]$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 33m v1.11.2
node1 Ready 22m v1.11.2