192.168.251.9 master
192.168.251.231 node
建議可以搭建etcd集群來做數據庫存儲,並搭建kube-dns,然后把k8s的日志落地到/var/log/kubernetes目錄
1.關閉防火牆
查看防火牆狀態firewalld systemctl status firewalld.service 關閉防火牆 systemctl stop firewalld.service systemctl disable firewalld.service 安全設置 setenforce 0 關閉Selinux /etc/selinux/config SELINUX=disabled 查看iptables systemctl status iptables.service systemctl stop iptables.service 設置主機名 hostnamectl k8s-1 hostnamectl k8s-2 設置ntp yum -y install ntp systemctl start ntpd systemctl enable ntpd reboot重啟機器
2.加入yum源
cd /etc/yum.repos.d wget http://mirrors.163.com/.help/CentOS7-Base-163.repo wget http://mirrors.aliyun.com/repo/Centos-7.repo rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm
3.安裝
master 需要安裝 kubernetes-master etcd flannel docker
node需要安裝 kubernetes-node flannel docker
4.安裝master
yum install docker libdevmapper* ntp etcd flannel kubernetes-master -y
(1)配置 etcd
所有的etcd都統一配置
cat /etc/etcd/etcd.conf ETCD_NAME=default ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.163.148:2379" //masterIP端口
(2)配置apiserver
/etc/kubernetes/apiserver KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.251.9:2379" KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=192.168.0.0/16"
(3)配置controller-manager
/etc/kubernetes/controller-manager KUBE_CONTROLLER_MANAGER_ARGS="--node-monitor-grace-period=10s --pod-eviction-timeout=10s"
(4)配置config
/etc/kubernetes/config KUBE_MASTER="--master=http://192.168.251.9:8080"
啟動 注意先啟動kubernetes,再啟動docker
systemctl enable docker systemctl restart flanneld docker systemctl enable etcd kube-apiserver kube-scheduler kube-controller-manager systemctl start etcd kube-apiserver kube-scheduler kube-controller-manager systemctl stop etcd kube-apiserver kube-scheduler kube-controller-manager
5.node安裝
yum -y install docker kubernetes-node flannel systemctl start docker systemctl enable docker
(1)修改kube-node
[root@localhost ~]# vi /etc/kubernetes/config KUBE_LOGTOSTDERR="--logtostderr=true" # journal message level, 0 is debug KUBE_LOG_LEVEL="--v=0" # Should this cluster be allowed to run privileged docker containers KUBE_ALLOW_PRIV="--allow-privileged=false" # How the controller-manager, scheduler, and proxy find the apiserver #KUBE_MASTER="--master=http://127.0.0.1:8080" KUBE_MASTER="--master=http://192.168.251.9:8080"
(2)配置kubelet
[root@localhost ~]# vi /etc/kubernetes/kubelet ### # kubernetes kubelet (minion) config # The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) KUBELET_ADDRESS="--address=127.0.0.1" # The port for the info server to serve on # KUBELET_PORT="--port=10250" # You may leave this blank to use the actual hostname KUBELET_HOSTNAME="--hostname-override=192.168.251.231" # location of the api-server KUBELET_API_SERVER="--api-servers=http://192.168.251.9:8080" # pod infrastructure container KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest" # Add your own! #KUBELET_ARGS="" KUBELET_ARGS="--pod-infra-container-image=kubernetes/pause"
(3)配置flanneld
/etc/sysconfig/flanneld FLANNEL_ETCD_ENDPOINTS="http://192.168.251.9:2379" FLANNEL_ETCD_PREFIX="/coreos.com/network"
(4) 啟動服務
systemctl restart flanneld docker systemctl start kubelet kube-proxy systemctl enable flanneld kubelet kube-proxy docker
(5)在master上驗證服務.
# kubectl get nodes ## 獲取k8s客戶端
registry.alauda.cn/googlecontainer/kubernetes-dashboard-amd64
6.在master上安裝web ui kubernetes-dashboard:
cd /opt/docker wget https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml 獲取 kubernetes-dashboard.yaml文件 修改, 將google的替換本地的鏡像 image: docker.io/ist0ne/kubernetes-dashboard-amd64 不要去google拉取鏡像 imagePullPolicy: IfNotPresent 配置apiserver的ip和端口 - --apiserver-host=http://192.168.251.9:8080 修改完成后上傳至master 運行 kubectl create -f kubernetes-dashboard.yaml 驗證 # kubectl get pods --namespace=kube-system NAME READY STATUS RESTARTS AGE kubernetes-dashboard-747085828-0r767 0/1 ContainerCreating 0 33s 查看該容器的詳細過程: # kubectl describe pods kubernetes-dashboard-747085828-0r767 --namespace=kube-system Name: kubernetes-dashboard-747085828-0r767 Namespace: kube-system Node: 192.168.251.231/192.168.251.231 Start Time: Thu, 02 Mar 2017 14:51:55 +0800 Labels: app=kubernetes-dashboard pod-template-hash=747085828 Status: Running IP: 172.17.40.2 Controllers: ReplicaSet/kubernetes-dashboard-747085828 Containers: kubernetes-dashboard: Container ID: docker://5ac9c56ae81ceb37dae1c15e9a0d5b4d87cea5556c9cd92f5e667ac4659d815a Image: docker.io/ist0ne/kubernetes-dashboard-amd64 Image ID: docker-pullable://docker.io/ist0ne/kubernetes-dashboard-amd64@sha256:faf7362425df7c542c65280ae15f2ba8e56a188d6999f4870b6821bb3ef5c637 Port: 9090/TCP Args: --apiserver-host=http://192.168.251.9:8080 State: Running Started: Thu, 02 Mar 2017 14:52:39 +0800 Ready: True Restart Count: 0 Liveness: http-get http://:9090/ delay=30s timeout=30s period=10s #success=1 #failure=3 Volume Mounts: <none> Environment Variables: <none> Conditions: Type Status Initialized True Ready True PodScheduled True No volumes. QoS Class: BestEffort Tolerations: dedicated=master:Equal:NoSchedule Events: FirstSeen LastSeen Count From SubobjectPath Type Reason Message --------- -------- ----- ---- ------------- -------- ------ ------- 2m 2m 1 {default-scheduler } Normal Scheduled Successfully assigned kubernetes-dashboard-747085828-0r767 to 192.168.251.231 <invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Pulling pulling image "docker.io/ist0ne/kubernetes-dashboard-amd64" <invalid> <invalid> 2 {kubelet 192.168.251.231} Warning MissingClusterDNS kubelet does not have ClusterDNS IP configured and cannot create Pod using "ClusterFirst" policy. Falling back to DNSDefault policy. <invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Pulled Successfully pulled image "docker.io/ist0ne/kubernetes-dashboard-amd64" <invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Created Created container with docker id 5ac9c56ae81c; Security:[seccomp=unconfined] <invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Started Started container with docker id 5ac9c56ae81c
當有多個node,可以用該命令中看到容器被分配到哪個node上,啟動后分配的ip地址等信息.
如果在結果中看到"State: Running"時,請移步到node查看容器運行狀態,應該也是up的狀態.
此時可以通過http://kube-apiserver:port/ui訪問
http://192.168.251.9:8080/ui
7.監控之Docker監控——cadvisor k8s自帶的單機版監控,每個node都有界面,
http://192.168.251.9:4194 http://192.168.251.231:4194/containers/ api接口 http://192.168.251.9:8080/swaager-ui
8. 注意點&遇到的問題:
1). 注意服務的啟動順序,特別是master,在確保etcd啟動的情況下,先啟動apiserver
2). 注意yaml文件的格式縮進.
3). 如果發現剛創建的pod的status是depening,原因可能有幾點:其一,客戶端配置有listen 127.0.0.1的服務,master無法與其建立連接;其二,環境初始化沒有做好;其三,移步node,使用docker logs 查看日志
4). kubernetes-dashboard.yaml文件中的containers images地址目前為公開的,09月30日會關閉.
5). 如果自己有國外vps,可在服務器上創建docker registry;先pull下google的k8s dashboard,然后push到自己的registry,自己修改下yaml中的image即可.
9.參考文檔:
https://kubernetes.io/docs/tutorials/
http://blog.csdn.net/dream_broken/article/details/52954069
http://blog.csdn.net/swcj/article/details/54969234
http://www.jb51.net/article/94343.htm
http://www.cnblogs.com/softlin/p/5675890.html
http://blog.csdn.net/freewebsys/article/details/52685592