內外網絡互通
[root@k8s-1 ~]# cat /etc/redhat-release CentOS Linux release 7.6.1810 (Core)
配置k8syum倉庫,及Docker-ceyum倉庫
[root@k8s-1 yum.repos.d]# vim /etc/yum.repos.d/kubernetes.repo [kubernetes] name=kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ gpgcheck=0 enable=1 [root@k8s-1 yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo --2019-05-10 11:03:16-- https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo 正在解析主機 mirrors.aliyun.com (mirrors.aliyun.com)... 47.246.0.251, 47.246.0.253, 47.246.0.254, ... 正在連接 mirrors.aliyun.com (mirrors.aliyun.com)|47.246.0.251|:443... 已連接。 已發出 HTTP 請求,正在等待回應... 200 OK 長度:2640 (2.6K) [application/octet-stream] 正在保存至: “docker-ce.repo” 100%[====================================================================================================================================================================================================================================>] 2,640 --.-K/s 用時 0s 2019-05-10 11:03:17 (152 MB/s) - 已保存 “docker-ce.repo” [2640/2640])
安裝
[root@k8s-1 yum.repos.d]# yum install docker-ce kubelet kubeadm kubectl kubernetes-cni
設置開機自啟啟動docker
[root@k8s-1 yum.repos.d]# systemctl enable docker
設置開機自啟啟動kubelet
[root@k8s-1 yum.repos.d]# systemctl enable kubelet.service
啟動docker與kubelet
[root@k8s-1 yum.repos.d]# systemctl start docker [root@k8s-1 yum.repos.d]# systemctl start kubelet
由於國內網絡原因,kubernetes的鏡像托管在google雲上,無法直接下載,所以直接把把鏡像搞下來有個技術大牛把gcr.io的鏡像每天同步到https://github.com/anjia0532/gcr.io_mirror這個站點,因此,如果需要用到gcr.io的鏡像,可以執行如下的腳本進行鏡像拉取
[root@k8s-1 yum.repos.d]# vim pullimages.sh
#!/bin/bash
images=(kube-proxy-amd64:v1.11.1 kube-scheduler-amd64:v1.11.1 kube-controller-manager-amd64:v1.11.1
kube-apiserver-amd64:v1.11.1 etcd-amd64:3.2.18 coredns:1.1.3 pause:3.1 )
for imageName in ${images[@]} ; do
docker pull anjia0532/google-containers.$imageName
docker tag anjia0532/google-containers.$imageName k8s.gcr.io/$imageName
docker rmi anjia0532/google-containers.$imageName
done
[root@k8s-1 yum.repos.d]# sh pullimages.sh
kubernetes集群不允許開啟swap
[root@k8s-1 yum.repos.d]# vi /etc/fstab # # /etc/fstab # Created by anaconda on Wed May 8 12:34:12 2019 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/centos-root / xfs defaults 0 0 UUID=6c895b50-de9d-4a3e-8a25-3867ac58f21c /boot xfs defaults 0 0 #/dev/mapper/centos-swap swap swap defaults 0 0 永久禁用 [root@k8s-1 yum.repos.d]# swapoff -a 臨時關閉,當前生效
編寫kubeadm.yaml;kubeadm 1.14 配置文件
[root@k8s-1 yum.repos.d]# cd
[root@k8s-1 ~]# vim kubeadm.yaml
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
controllerManager:
extraArgs:
horizontal-pod-autoscaler-use-rest-clients: "true"
horizontal-pod-autoscaler-sync-period: "10s"
node-monitor-grace-period: "10s"
apiServer:
extraArgs:
runtime-config: "api/all=true"
kubernetesVersion: "stable-1.14"
啟動
[root@k8s-1 ~]# kubeadm init --config kubeadm.yaml
這樣就可以完成 Kubernetes Master 的部署了,這個過程只需要幾分鍾,部署完成后,kubeadm 會生成一行指令:
kubeadm join 192.168.183.7:6443 --token 18ov5i.7l91ujayrn6x29d1 \
--discovery-token-ca-cert-hash sha256:5914bfca1399d70664a90ef0d80c8aa776e1b2a5aa203b30613131e47808149c
配置kubectl與apiserver的認證
[root@k8s-1 ~]# mkdir -p $HOME/.kube [root@k8s-1 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config [root@k8s-1 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
檢查健康
[root@k8s-1 ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health":"true"}
檢查狀態
[root@k8s-1 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-1 NotReady master 22m v1.14.1
部署網絡插件
[root@k8s-1 ~]# kubectl apply -f https://git.io/weave-kube-1.6 serviceaccount/weave-net created clusterrole.rbac.authorization.k8s.io/weave-net created clusterrolebinding.rbac.authorization.k8s.io/weave-net created role.rbac.authorization.k8s.io/weave-net created rolebinding.rbac.authorization.k8s.io/weave-net created daemonset.extensions/weave-net created
查看狀態
[root@k8s-1 ~]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE coredns-fb8b8dccf-bhst6 1/1 Running 0 28m coredns-fb8b8dccf-mtmsl 1/1 Running 0 28m etcd-k8s-1 1/1 Running 0 27m kube-apiserver-k8s-1 1/1 Running 0 27m kube-controller-manager-k8s-1 1/1 Running 0 27m kube-proxy-ww2kz 1/1 Running 0 28m kube-scheduler-k8s-1 1/1 Running 0 27m weave-net-mg6m4 2/2 Running 0 69s
其中,為節點打上“污點”(Taint)的命令是:
[root@k8s-1 ~]# kubectl taint nodes --all node-role.kubernetes.io/master- node/k8s-1 untainted
可視化插件,下載鏡像 參考:https://github.com/kubernetes/dashboard
[root@k8s-1 ~]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml --2019-05-10 11:59:19-- https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml 正在解析主機 raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.0.133, 151.101.64.133, 151.101.128.133, ... 正在連接 raw.githubusercontent.com (raw.githubusercontent.com)|151.101.0.133|:443... 已連接。 已發出 HTTP 請求,正在等待回應... 200 OK 長度:4577 (4.5K) [text/plain] 正在保存至: “kubernetes-dashboard.yaml” 100%[====================================================================================================================================================================================================================================>] 4,577 --.-K/s 用時 0s 2019-05-10 11:59:20 (32.5 MB/s) - 已保存 “kubernetes-dashboard.yaml” [4577/4577])