一、環境介紹
使用兩台虛擬機,一台master節點,一台業務節點,如果可以,多創建幾台業務節點也可以,安裝部署方法等同。
軟件安裝:
https://pan.baidu.com/s/1BvrQpFGWPKOJB7Z82nHalA
密碼:4m9z
1、Master節點:
主機名:Master
兩塊網卡:
地址:10.0.3.15(公網)192.168.56.104(私網)
2、Minion-1節點:
主機名:Minion1
兩塊網卡:
地址:10.0.3.16(公網)192.168.56.105(私網)
軟件版本:
kubernetes:v1.9.0
docker:17.03
etcd:3.1.10
pause :3.0
flannel:v0.9.1
kubernetes-dashboard:v1.8.1
kubeadm默認要從google的鏡像倉庫下載鏡像,我們將附件中鏡像文件導入到master節點和minion節點上。
文件名:k8s_images.tar.bz2
MD5: b60ad6a638eda472b8ddcfa9006315ee
二、准備工作
1、配置vm1和vm2節點ssh互信。(master和業務節點同步執行)
# ssh-keygen
# ssh-copy-id -i /root/.ssh/id_rsa.pub root@vm2
# ssh-keygen
# ssh-copy-id -i /root/.ssh/id_rsa.pub root@vm1
2、關閉防火牆和selinux
# systemctl stop firewalld && systemctl disable firewalld
# vi /etc/selinux/config
SELINUX=disabled //改完使用getenforce,如果顯示未生效,需重啟。
# echo "
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
" >> /etc/sysctl.conf
# sysctl -p
禁用selinux,主要為了允許容器可以訪問主機文件系統和pod networks的需要。
設置內核參數主要是為了避免 RHEL/CentOS 7系統下出現路由異常。
3、設置各節點的主機名
[root@Master ~]# hostname
Master
[root@Minion1 ~]# hostname
Minion1
三、安裝docker
安裝 17.03.2-ce版本的docker,並導入image文件。(master和業務節點上同步執行)
# yum install bzip2
# tar -xjvf k8s_images.tar.bz2
# cd k8s_images
# yum -y localinstall docker-ce-*
# systemctl start docker && systemctl enable docker
# docker version
# cd k8s_images/docker_images/
# for i in $(ls *.tar);do docker load < $i;done
# cd ..
# docker load < kubernetes-dashboard_v1.8.1.tar
# docker images | grep google
四、安裝Kubernetes
1、安裝k8s 1.9.0版本軟件包(master和業務節點上同步執行)
# cd /root/k8s_images/
# rpm -ivh socat-1.7.3.2-2.el7.x86_64.rpm
# rpm -ivh kube*.rpm
# rpm -qa |grep kube & rpm -qa |grep socat
保證以上包能正確安裝。截圖如下:
啟動kubelet服務
systemctl enable kubelet && systemctl start kubelet
2、初始化master節點。(master節點上執行)
2.1 改驅動
kubelet默認的cgroup的driver和docker的不一樣,docker默認的cgroupfs,kubelet默認為systemd,因此我們要修改成一致。在虛擬機上部署k8s 1.9版本需要關閉操作系統交換分區。
# swapoff -a
# grep -i 'cgroupfs' /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs"
# systemctl daemon-reload
2.2 初始化節點
初始化命令:
#kubeadm init --apiserver-advertise-address=192.168.56.104 --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.9.0
//此處IP為master上私網IP地址。10.244.0.0/16地址可改可以不改,該地址為節點上pod見通信所用網段地址,如果改,需要將所改網段與kube-flannel.yml中地址保持一致,實驗階段可以先不改。
當看到如下提示即可:
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each nodeas root:
kubeadm join --token 20049e.19abe8bacc412b0a 192.168.56.104:6443 --discovery-token-ca-cert-hash sha256:b44f687a629fe0d56a6700f8e6bbee1837190a64baad0ea057070e30c6a28142
# echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
# source ~/.bash_profile
//添加環境變量。
# kubectl version
如果初始化失敗需要重新進行初始化,需要先進行reset一下
# kubeadm reset
2.3部署網絡插件flannel
# wget https://raw.githubusercontent.com/coreos/flannel/v0.9.1/Documentation/kube-flannel.yml
# kubectl create -f kube-flannel.yml
clusterrole "flannel" created
clusterrolebinding "flannel" created
serviceaccount "flannel" created
configmap "kube-flannel-cfg" created
daemonset "kube-flannel-ds" created
如果報錯的話:[root@k8s-master k8s_images]# kubectl create -f kube-flannel.yml
The connection to the server localhost:8080 was refused - did you specify the right host or port?
# 重新進行初始化,並且source bash_file
3、初始化業務節點。(業務節點上執行)
3.1 改驅動
# swapoff -a
# grep -i 'cgroupfs' /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs"
3.2 初始化節點
# kubeadm join --token 20049e.19abe8bacc412b0a 192.168.56.104:6443 --discovery-token-ca-cert-hash sha256:b44f687a629fe0d56a6700f8e6bbee1837190a64baad0ea057070e30c6a28142
出現以下即可:
[discovery] Successfully established connection with API Server "192.168.56.104:6443"
This node has joined the cluster:
* Certificate signing request was sent to master and a response
was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the master to see this node join the cluster.
4、查看初始化是否完成。(master節點上執行)
# systemctl daemon-reload
# systemctl restart kubelet
# kubectl get node
# kubectl get pod --all-namespaces
五、常見問題
1、如果是用虛擬機做實驗,重啟虛擬機后,master節點上出現:
解決方法:
# swapoff -a //關閉操作系統交換分區即可。具體原因尚不得知,還在研究中。
2、業務節點notready。
現象:
解決方法:
方法一:在master和業務節點上重啟kubelet。
# swapoff -a
# systemctl restart kubelet
方法二:如果方法一無法達到效果,可以快速初始化節點:
步驟一:在master上:
# kubadm token list
獲取token。
步驟二:在業務節點上:
# swapoff -a
# kubeadm reset
# kubeadm join --token 259ae3.7b3c1269c8dfb568 192.168.56.104:6443 --discovery-token-unsafe-skip-ca-verification
看到如下即可:
步驟三:在master上:
# systemctl daemon-reload
# systemctl restart kubelet
六、常用命令
kubectl get componentstatuses //查看node節點組件狀態
kubectl get svc -n kube-system //查看應用
kubectl cluster-info //查看集群信息
kubectl describe --namespace kube-system service kubernetes-dashboard //詳細服務信息
kubectl apply -f kube-apiserver.yaml //更新kube-apiserver容器
kubectl delete -f /root/k8s/k8s_images/kubernetes-dashboard.yaml //刪除應用
kubectl delete service example-server //刪除服務
systemctl start kube-apiserver.service //啟動服務。
kubectl get deployment --all-namespaces //啟動的應用
kubectl get pod -o wide --all-namespaces //查看pod上跑哪些服務
kubectl get pod -o wide -n kube-system //查看應用在哪個node上
kubectl describe pod --namespace=kube-system //查看pod上活動信息
kubectl describe depoly kubernetes-dashboard -n kube-system
kubectl get depoly kubernetes-dashboard -n kube-system -o yaml
kubectl get service kubernetes-dashboard -n kube-system //查看應用
kubectl delete -f kubernetes-dashboard.yaml //刪除應用
kubectl get events //查看事件
kubectl get rc/kubectl get svc
kubectl get namespace //獲取namespace信息
kubectl delete node 節點名 //刪除節點
詳細命令參照:http://blog.csdn.net/xingwangc2014/article/details/51204224