TL;DR;
科學上網,科學上網,科學上網,重要的事情說三次。如果不會科學上網,這篇文章就沒有看下去的意義。作為一個技術人員如果不願意折騰,很難有所作為。作為一個單純的技術人員,最好把心思放在技術上,做到真正的科學上網。這里不會教如何科學上網,請大家自行摸索。
服務器
| 名稱 | 操作系統 | 配置 | IP |
| master | CentOS 7 | 4核2G內存 | 192.168.132.132 |
| node1 | CentOS 7 | 2核2G內存 | 192.168.132.130 |
Master安裝
1. 修改主機名為master。
hostnamectl set-hostname master
2. 關閉防火牆和selinux
systemctl stop firewalld
systemctl disable firewalld
vi /etc/selinux/config,將SELINUX=enforcing改為SELINUX=disabled,重啟機器
3.安裝docker
yum install -y docker
systemctl enable docker && systemctl start docker
docker info查看docker信息,記錄docker的版本,以及cgroup信息:
Docker從1.13版本開始調整了默認的防火牆規則,禁用了iptables filter表中FOWARD鏈,這樣會引起Kubernetes集群中跨Node的Pod無法通信,需要執行以下指令:
systemctl stop docker
iptables -P FORWARD ACCEPT
systemctl start docker
4. 設置net.bridge.bridge-nf-call-iptables
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
參考:https://kubernetes.io/docs/setup/independent/install-kubeadm/
5. 掛代理(科學上網)
export http_proxy=http://127.0.0.1:8118
export https_proxy=http://127.0.0.1:8118
export no_proxy="localhost, 192.168.132.132" #192.168.132.132為master主機IP
cat <<EOF >> /etc/sysconfig/docker
HTTP_PROXY='http://127.0.0.1:8118'
HTTPS_PROXY='http://127.0.0.1:8118'
EOF
systemctl restart docker
6. 安裝kubeadm, kubelet, kubectl
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet
7. 配置cgroup,使/etc/systemd/system/kubelet.service.d/10-kubeadm.conf中的cgroup的值和docker info中的cgroup一致。然后重啟kubelet:
systemctl daemon-reload
systemctl restart kubelet
8.更新yum獲取最新的kubeadm
yum update
9. 關閉系統的Swap:
swapoff -a
10. kubeadm init,這里選用Calico的網絡,因此設置--pod-network-cidr=192.168.0.0/16。
kubeadm init --pod-network-cidr=192.168.0.0/16 --apiserver-advertise-address=192.168.132.132
漫長等待,下載鏡像會比較耗時,如果長時間沒反應,而且沒有下載鏡像的話,可以kubeadm reset,重啟kubelet,再kubeadm init 。直到成功,看到以下界面:
記錄下加入節點的指令:kubeadm join ...
11. 設置kubelet config
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
export KUBECONFIG=/etc/kubernetes/admin.conf
12. 安裝網絡,這里使用Calico。
kubectl apply -f https://docs.projectcalico.org/v3.0/getting-started/kubernetes/installation/hosted/kubeadm/1.7/calico.yaml
Node安裝
按照Master安裝的1-9步驟進行安裝。其中調整如下:
1. 修改主機名為nodex(這里是node1)。
hostnamectl set-hostname node1
5. 掛代理(科學上網)
export http_proxy=http://127.0.0.1:8118
export https_proxy=http://127.0.0.1:8118
export no_proxy="localhost, 192.168.132.132, 192.168.132.130" #192.168.132.132為master主機IP,192.168.132.130為node1主機IP
cat <<EOF >> /etc/sysconfig/docker
HTTP_PROXY='http://127.0.0.1:8118'
HTTPS_PROXY='http://127.0.0.1:8118'
EOF
systemctl restart docker
10. 執行安裝Master時輸出的kubeadm join ...
在Master上執行kubectl get nodes查看添加結果:
11. 給node打標簽(可選)
kubectl label node node1 kubernetes.io/role=node
補充說明:拉取鏡像有時會比較耗時,請耐心等待,相同的鏡像可以考慮從master拷貝。
12. 部署一個nginx檢查一下(可選)
nginx.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx
labels:
app: nginx
namespace: default
spec:
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
nodeSelector:
kubernetes.io/role: node
containers:
- name: nginx
image: nginx:1.13
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
name: nginx
labels:
app: nginx
namespace: default
spec:
selector:
app: nginx
type: NodePort
ports:
- name: nginx
nodePort: 30000
port: 80
protocol: TCP
targetPort: 80
使用Node1的地址http://192.168.132.130:30000/進行訪問:
參考資料
https://kubernetes.io/docs/setup/independent/install-kubeadm/
https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/