k8s 安装指南

介绍

kubectl用于运行Kubernetes集群命令的管理工具。
kubelet是主要的节点代理，它会监视已分配给节点的pod，具体功能：
kubeadm Kubeadm 是一个工具

本次安装版本为：

Kubernetes v1.19.2
Docker

环境准备

操作系统
集群配置

IP 角色 cpu 内存

192.168.31.121 k8smaster 1 4G

192.168.31.131 k8snode1 1 4G

192.168.31.132 k8snode2 1 4G

IP	角色	cpu	内存
192.168.31.121	k8smaster	1	4G
192.168.31.131	k8snode1	1	4G
192.168.31.132	k8snode2	1	4G

192.168.31.121 k8smaster
192.168.31.131 k8snode1
192.168.31.132 k8snode2

系统配置

禁用selinux
禁用swap
设置rpm镜像源

安装docker

设置containerd.io源

 wget https://download.docker.com/linux/centos/7/x86_64/edge/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
 yum install containerd.io-1.2.6-3.3.el7.x86_64.rpm

安装docker

curl -sSL https://get.daocloud.io/docker | sh

设置阿里云加速器并设置docker以systemd驱动启动

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"exec-opts":["native.cgroupdriver=systemd"],   
"log-driver": "json-file",
    "log-opts": {
    "max-size": "100m"
 },
"storage-driver": "overlay2",
"storage-opts": [
    "overlay2.override_kernel_check=true"
], 
"registry-mirrors": ["https://xxx.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

启动容器
```
sudo systemctl restart docker
```

添加阿里kubernetes源

所有电脑

# cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

k8s master 安装

yum install kubectl kubelet kubeadm
systemctl enable kubelet

初始化集群

kubeadm init --kubernetes-version=1.19.2  \
--apiserver-advertise-address=192.168.31.121   \
--image-repository registry.aliyuncs.com/google_containers  \
--service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16

参数说明：

apiserver-advertise-address: k8smaster ip地址
image-repository 用来拉取 k8s 的镜像仓库地址
service-cidr 指明用 Master 的哪个 interface 与 Cluster 的其他节点通信。
pod-network-cidr Pod 网络的范围

初始化完毕返回如下信息表示成功：

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.31.121:6443 --token 8gkv2e.futyk4tc5ekh9p1g \
    --discovery-token-ca-cert-hash sha256:55931b102e704c98ce1acc63a0052789579ddbc9c2dcfccbc8fb7f9bb8f51573

查看状态

kubectl get node
kubectl get pod --all-namespaces

node节点为NotReady，因为corednspod没有启动，缺少网络pod

安装网络

这里选择calico网络

kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

安装完网络后，等待片刻查看状态发现都启动成功了。

[root@k8smaster .kube]# kubectl get pod --all-namespaces
NAMESPACE     NAME                                      READY   STATUS    RESTARTS   AGE
kube-system   calico-kube-controllers-c9784d67d-8p2qd   1/1     Running   0          2m59s
kube-system   calico-node-drm2r                         1/1     Running   0          2m59s
kube-system   coredns-6d56c8448f-gp4n9                  1/1     Running   0          14m
kube-system   coredns-6d56c8448f-hsmkm                  1/1     Running   0          14m
kube-system   etcd-k8smaster                            1/1     Running   0          14m
kube-system   kube-apiserver-k8smaster                  1/1     Running   0          14m
kube-system   kube-controller-manager-k8smaster         1/1     Running   0          14m
kube-system   kube-proxy-n2vzn                          1/1     Running   0          14m
kube-system   kube-scheduler-k8smaster                  1/1     Running   0          14m
[root@k8smaster .kube]# kubectl get node
NAME        STATUS   ROLES    AGE   VERSION
k8smaster   Ready    master   15m   v1.19.2

安装dashborad

安装

wget  https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml
kubectl apply -f recommended.yaml

自定义token生成

mkdir dashboard-certs
cd dashboard-certs/
#创建命名空间
kubectl create namespace kubernetes-dashboard
# 创建key文件
openssl genrsa -out dashboard.key 2048
#证书请求
openssl req -days 36000 -new -out dashboard.csr -key dashboard.key -subj '/CN=dashboard-cert'
#自签证书
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
#创建kubernetes-dashboard-certs对象
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard

设置管理员

#创建账号：
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: dashboard-admin
  namespace: kubernetes-dashboard

---
#为用户分配权限：
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: dashboard-admin-bind-cluster-role
  labels:
    k8s-app: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: dashboard-admin
  namespace: kubernetes-dashboard

使管理员生效

kubectl apply dashboard-admin.yaml

查看dashboard-admin账户的登录 token

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep dashboard-admin | awk '{print $1}')

工作站点接入

将主节点中的【/etc/kubernetes/admin.conf】文件拷贝到从节点相同目录下

执行脚本

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

参考文档

使用kubeadm在Centos8上部署kubernetes1.18
Kubernetes 1.8.x 全手动安装教程

k8s 环境搭建

k8s 安装指南

介绍

本次安装版本为：

环境准备

系统配置

安装docker

添加阿里kubernetes源

k8s master 安装

初始化集群

查看状态

安装网络

安装dashborad

工作站点接入

参考文档

你可能感兴趣的:(k8s 环境搭建)