前面一篇已經安裝好了ETCD、docker與flannel(k8s1.4.3安裝實踐記錄(1)),現在可以開始安裝k8s了
1、K8S
目前centos yum上的kubernetes還是1.2.0,因此我們只能是使用下載的安裝包,進行kubernetes的安裝
[root@bogon system]# yum list |grep kubernetes cockpit-kubernetes.x86_64 0.114-2.el7.centos extras kubernetes.x86_64 1.2.0-0.13.gitec7364b.el7 extras kubernetes-client.x86_64 1.2.0-0.13.gitec7364b.el7 extras kubernetes-cni.x86_64 0.3.0.1-0.07a8a2 kubelet kubernetes-master.x86_64 1.2.0-0.13.gitec7364b.el7 extras kubernetes-node.x86_64 1.2.0-0.13.gitec7364b.el7 extras kubernetes-unit-test.x86_64 1.2.0-0.13.gitec7364b.el7 extras
1.1 K8S下載
使用wget 或者下載軟件下載k8s安裝包:https://github.com/kubernetes/kubernetes/releases/download/v1.4.3/kubernetes.tar.gz,下載完成,我們會拿到當前1.4.3版本的安裝文件。
1.2 解壓並安裝
解壓安裝包,並將執行文件存放到合適的地方
tar -zxvf kubernetes.tar.gz cd kubernetes/server/bin mkidr /usr/local/kube cp -R * /usr/local/kube
設置環境變量文件/etc/profile,將kube執行文件加入的環境變量中
export KUBE_PATH=/usr/local/kube
export PATH=$PATH:$KUBE_PATH
執行環境變量,使其生效:
source /etc/profile
1.3 啟動主節點
當前主節點為192.168.37.130,需要在主節點上執行kube-apiserver ,kube-controller-manager,kube-scheduler三個進程。
1.3.1 開放端口
如果沒有關閉防火牆且使用的是firewalld,則需要開放相關的端口
firewall-cmd --zone=public --add-port=8080/tcp --permanent firewall-cmd --zone=public --add-port=10250/tcp --permanent firewall-cmd --zone=public --add-port=6443/tcp --permanent firewall-cmd --zone=public --add-port=15441/tcp --permanent firewall-cmd --reload firewall-cmd --list-all
1.3.2 啟動kube-apiserver
kube-apiserver --insecure-bind-address=192.168.37.130 --insecure-port=8080 --service-cluster-ip-range='192.168.37.130/24' --log_dir=/usr/local/kubernete_test/logs/kube --v=0 --logtostderr=false --etcd_servers=http://192.168.37.130:2379,http://192.168.37.131:2379 --allow_privileged=false
1.3.3 啟動 kube-controller-manager
kube-controller-manager --v=0 --logtostderr=true --log_dir=/data/kubernets/logs/kube-controller-manager/ --master=http://192.168.37.130:8080
1.3.4 啟動kube-scheduler
kube-scheduler --master='192.168.37.130:8080' --v=0 --log_dir=/data/kubernets/logs/kube-scheduler
1.3.5 查看是否啟動完成
[root@bogon ~]# kubectl get componentstatuses NAME STATUS MESSAGE ERROR scheduler Healthy ok controller-manager Healthy ok etcd-0 Healthy {"health": "true"} etcd-1 Healthy {"health": "true"}
可以看到兩個etcd啟動完成
1.3.6 設置service
在/usr/lib/systemd/system文件夾中創建各個進程的service文件
1、kube-apiserver.service
[Unit] Description=kube-apiserver Documentation=http://kubernetes.io/docs/ [Service] EnvironmentFile=-/etc/sysconfig/kubernets/kube-apiserver ExecStart=/usr/local/kube/kube-apiserver ${INSECURE_BIND_ADDRESS} ${INSECURE_PORT} ${SERVICE_CLUSTER_IP_RANGE} ${LOG_DIR} ${VERSION} ${LOGTOSTDERR} ${ETCD_SERVERS} ${ALLOW_PRIVILEGED} KillMode=process Restart=on-failure RestartSec=42s [Install] WantedBy=multi-user.target
其對應的配置文件/etc/sysconfig/kubernets/kube-apiserver如下:
#INSECURE_BIND_ADDRESS="--insecure-bind-address=0.0.0.0" INSECURE_BIND_ADDRESS="--address=0.0.0.0" INSECURE_PORT="--insecure-port=8080" SERVICE_CLUSTER_IP_RANGE="--service-cluster-ip-range=172.16.0.0/16" LOG_DIR="--log_dir=/usr/local/kubernete_test/logs/kube" VERSION="--v=0" LOGTOSTDERR="--logtostderr=false" ETCD_SERVERS="--etcd_servers=http://192.168.37.130:2379,http://192.168.37.131:2379" ALLOW_PRIVILEGED="--allow-privileged=false" ADMISSION_CONTROL="--admission-control=NamespaceAutoProvision,ServiceAccount,LimitRanger,ResourceQuota"
注意:配置文件中的參數名不能使用“-”
2016年11月3日補充:在剛開始配置的時候將INSECURE_BIND_ADDRESS="--insecure-bind-address=192.168.37.130",但這樣會存在一個使用本地鏈路127.0.0.1:8080去訪問的是被拒絕掉,而修改為INSECURE_BIND_ADDRESS="--address=0.0.0.0"就不會存在這種問題,具體見:http://www.cnblogs.com/lyzw/p/6023935.html
2、kube-controller-manager
配置kube-controller-manager.service
[Unit]
Description=kube-controller-manager
Documentation=http://kubernetes.io/docs/
[Service]
EnvironmentFile=-/etc/sysconfig/kubernets/kube-controller-manager
ExecStart=/usr/local/kube/kube-controller-manager ${VERSION} ${LOGTOSTDERR} ${LOG_DIR} ${MASTER}
KillMode=process
Restart=on-failure
RestartSec=42s
[Install]
WantedBy=multi-user.target
設置/etc/sysconfig/kubernets/kube-controller-manager
VERSION="--v=0" LOGTOSTDERR="--logtostderr=true" LOG_DIR="--log_dir=/data/kubernets/logs/kube-controller-manager/" MASTER="--master=http://192.168.37.130:8080"
3、設置kube-scheduler服務
kube-scheduler.service
[Unit] Description=kube-scheduler Documentation=http://kubernetes.io/docs/ [Service] EnvironmentFile=-/etc/sysconfig/kubernets/kube-scheduler ExecStart=/usr/local/kube/kube-scheduler ${VERSION} ${LOGTOSTDERR} ${LOG_DIR} ${MASTER} KillMode=process Restart=on-failure RestartSec=42s [Install] WantedBy=multi-user.target
配置文件如下
VERSION="--v=0" LOGTOSTDERR="--logtostderr=true" LOG_DIR="--log_dir=/data/kubernets/logs/kube-scheduler" MASTER="--master=http://192.168.37.130:8080
4、重啟各個服務
systemctl daemon-reload systemctl start kube-apiserver systemctl start kube-controller-manager systemctl start kube-scheduler
1.4 啟動minion
Minion需要啟動kube-proxy,kubelet兩個進程
1.4.1 kube-proxy啟動
#在兩台機器都執行 kube-proxy --logtostderr=true --v=0 --master=http://192.168.37.130:8080
1.4.1 kubelet啟動
kubelet --logtostderr=true --v=0 --allow-privileged=false --log_dir=/data/kubernets/logs/kubelet --address=0.0.0.0 --port=10250 --hostname_override=192.168.37.130 --api_servers=http://192.168.37.130:8080
1.4.5配置service
1、kube-proxy.service
[Unit] Description=kube-proxy Documentation=http://kubernetes.io/docs/ [Service] EnvironmentFile=-/etc/sysconfig/kubernets/kube-proxy ExecStart=/usr/local/kube/kube-proxy ${VERSION} ${LOGTOSTDERR} ${LOG_DIR} ${MASTER} KillMode=process Restart=on-failure RestartSec=42s [Install] WantedBy=multi-user.target
/etc/sysconfig/kubernets/kube-proxy
VERSION="--v=0" LOGTOSTDERR="--logtostderr=true" LOG_DIR="--log_dir=/data/kubernets/logs/kube-controller-manager/" MASTER="--master=http://192.168.37.130:8080"
2、kubelet.service
[Unit] Description=kubelet Documentation=http://kubernetes.io/docs/ [Service] EnvironmentFile=-/etc/sysconfig/kubernets/kubelet ExecStart=/usr/local/kube/kubelet ${LOGTOSTDERR} ${VERSION} ${ALLOW_PRIVILEGED} ${LOG_DIR} ${ADDRESS} ${PORT} ${HOSTNAME_OVERRIDE} ${API_SERVERS} KillMode=process Restart=on-failure RestartSec=42s [Install] WantedBy=multi-user.target
/etc/sysconfig/kubernets/kubelet配置文件
LOGTOSTDERR="--logtostderr=true" VERSION="--v=0" ALLOW_PRIVILEGED="--allow-privileged=false" LOG_DIR="--log_dir=/data/kubernets/logs/kubelet" ADDRESS="--address=0.0.0.0" PORT="--port=10250" HOSTNAME_OVERRIDE="--hostname_override=192.168.37.131" API_SERVERS="--api_servers=http://192.168.37.130:8080"
經過如上的步驟,k8s基本上已經安裝好了,后續在把dashboard給安裝上。
問題:
1、采用網上的配置,執行會產生一些警告信息:
[root@bogon server]# kube-apiserver --address=192.168.37.130 --insecure-port=8080 --service-cluster-ip-range='192.168.37.130/24' --log_dir=/usr/local/kubernete_test/logs/kube --kubelet_port=10250 --v=0 --logtostderr=false --etcd_servers=http://192.168.37.130:2379,http://192.168.37.131:2379 --allow_privileged=false Flag --address has been deprecated, see --insecure-bind-address instead. Flag --kubelet-port has been deprecated, kubelet-port is deprecated and will be removed. [restful] 2016/11/01 15:31:15 log.go:30: [restful/swagger] listing is available at https://192.168.37.130:6443/swaggerapi/ [restful] 2016/11/01 15:31:15 log.go:30: [restful/swagger] https://192.168.37.130:6443/swaggerui/ is mapped to folder /swagger-ui/
2、執行kubectl get componentstatuses報錯
[root@bogon ~]# kubectl get componentstatuses The connection to the server localhost:8080 was refused - did you specify the right host or port?
如上問題,如果在master機器上執行,則是因為/etc/hosts文件沒有配置導致,在文件中加入ip localhost條目即可。
如果是在從節點上,在執行kubectl get componentstatuses語句時候,加上kubectl -s $masterIP:$port get componentstatuses,其中$masterIP為主節點IP,$port為主節點的服務IP,即安裝文檔中的8080端口,如:kubectl -s http://192.168.37.130:8080 get componentstatuses