碼上快樂

相關內容    簡體    繁體

Linux下安裝docker與kubernetes(k8s)

本文轉載自   查看原文   2019-07-19 18:07   2329    技術

環境

安裝是使用Vmware虛擬機下進行,操作系統是CentOS7 64位。規划是使用三台虛擬機搭建k8s的集群,網絡使用NAT模式。三台的ip分別為:

  • k8s-master:192.168.91.132
  • k8s-node1:192.168.91.130
  • k8s-node2:192.168.91.131

docker的版本是18以上,我啟用了ce版本,所以實際的版本號是18.06.3-ce
k8s的版本是v1.15.0

kubernetes基礎環境配置

docker本身對於環境沒有太大要求,所以下面都是針對k8s的

# 將 SELinux 設置為 permissive 模式(將其禁⽤用)
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

# 關閉swap
swapoff -a
cp -p /etc/fstab /etc/fstab.bak$(date '+%Y%m%d%H%M%S')
sed -i "s/\/dev\/mapper\/centos-swap/\#\/dev\/mapper\/centos-swap/g" /etc/fstab
systemctl daemon-reload

# 關閉防火牆,這是最簡單的處理方式,當使用的網絡環境是VPC時,內部網絡實際上是安全的
systemctl stop firewalld 
systemctl disable firewalld

# 設置底層的網絡轉發參數
echo "net.bridge.bridge-nf-call-ip6tables = 1" >>/etc/sysctl.conf 
echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf 
sysctl -p
modprobe br_netfilter
echo "modprobe br_netfilter" >> /etc/rc.local
sysctl -p 

# 設置kubernetes的倉庫源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

安裝docker和kubernetes

yum install docker-ce kubelet kubeadm kubectl
systemctl enable docker && systemctl restart docker 
systemctl enable kubelet && systemctl start kubelet

注意:CentOS默認安裝的版本較低(比如我默認安裝就是13的版本號),所以當你需要最新版本的時候,還需要卸載重裝最新的docker。
2017年的3月1號之后,Docker的版本命名開始發生變化,同時將CE版本和EE版本進行分開。
區別如下:
Docker社區版(CE):為了開發人員或小團隊創建基於容器的應用,與團隊成員分享和自動化的開發管道。docker-ce提供了簡單的安裝和快速的安裝,以便可以立即開始開發。docker-ce集成和優化,基礎設施。(免費)
Docker企業版(EE):專為企業的發展和IT團隊建立誰。docker-ee為企業提供最安全的容器平台,以應用為中心的平台。(付費)

# 停止服務
systemctl stop docker
# 刪除docker相關
yum erase docker \
                  docker-*

# 添加阿里雲的鏡像倉庫,docker.io的是很慢的
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager \
--add-repo \
    http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

# 安裝啟動docker
yum install docker-ce -y
systemctl start docker
systemctl enable docker

下載kubernetes的鏡像

kubernetes是Google使用go語言開發的,所以默認是去獲取Google提供的鏡像。所以我們需要找其他的方式來拉取。
我們寫了一個腳本 pull_images.sh,用來從 hub.docker.com 拉取鏡像。

#!/bin/bash

gcr_name=k8s.gcr.io
hub_name=mirrorgooglecontainers
# define images
images=(
kubernetes-dashboard-amd64:v1.10.1
kube-apiserver:v1.15.0
kube-controller-manager:v1.15.0
kube-scheduler:v1.15.0
kube-proxy:v1.15.0
pause:3.1
etcd:3.3.10
)

for image in ${images[@]}; do
        docker pull $hub_name/$image
        docker tag $hub_name/$image $gcr_name/$image
        docker rmi $hub_name/$image
done

docker pull coredns/coredns:1.3.1
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
docker rmi coredns/coredns:1.3.1

原理其實也很簡單,就是從拉下來之后重新tag,標記為k8s.gcr.io域下。
完成之后如下:

[root@k8s-master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
k8s.gcr.io/kube-proxy v1.15.0 d235b23c3570 4 weeks ago 82.4MB
k8s.gcr.io/kube-apiserver v1.15.0 201c7a840312 4 weeks ago 207MB
k8s.gcr.io/kube-controller-manager v1.15.0 8328bb49b652 4 weeks ago 159MB
k8s.gcr.io/kube-scheduler v1.15.0 2d3813851e87 4 weeks ago 81.1MB
k8s.gcr.io/coredns 1.3.1 eb516548c180 6 months ago 40.3MB
k8s.gcr.io/etcd 3.3.10 2c4adeb21b4f 7 months ago 258MB
k8s.gcr.io/kubernetes-dashboard-amd64 v1.10.0 0dab2435c100 10 months ago 122MB
k8s.gcr.io/pause 3.1 da86e6ba6ca1 19 months ago 742kB

初始化k8s-master

到現在實際上k8s安裝已經完成,我們要初始化master節點了,直接執行命令

# 由於我們使用虛擬機,基本上是一個cpu,而k8s建議cpu要有2個,所以我們忽略這個錯誤
kubeadm init --kubernetes-version v1.15.0 --pod-network-cidr 10.244.0.0/16 --ignore-preflight-errors=NumCPU

執行之后要注意下面的信息,提示我們集群搭建的后續操作

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.91.132:6443 --token zf26v4.3u5z3g09ekm4owt3 \
    --discovery-token-ca-cert-hash sha256:fce98cb6779dbcc73408d1faad50c9d8f86f154ed88a5380c08cece5e08aba58

添加node節點

只要在你的node節點執行對應join命令即可

kubeadm join 192.168.91.132:6443 --token zf26v4.3u5z3g09ekm4owt3 \
    --discovery-token-ca-cert-hash sha256:fce98cb6779dbcc73408d1faad50c9d8f86f154ed88a5380c08cece5e08aba58

執行之后在master節點上執行 kubectl get nodes,可以看到

NAME STATUS ROLES AGE VERSION
k8s-master Ready master 21h v1.15.0
k8s-node1 Ready <none> 127m v1.15.0

啟動Kubernetes dashboard

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
kubectl proxy

http://127.0.0.1:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

完成

異常匯總

k8s重啟后無法啟動。

使用journalctl -f查看日志

-- The start-up result is done.
Jul 19 10:27:34 k8s-node1 kubelet[9831]: Flag --cgroup-driver has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information.
Jul 19 10:27:34 k8s-node1 kubelet[9831]: Flag --cgroup-driver has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information.
Jul 19 10:27:34 k8s-node1 kubelet[9831]: I0130 10:27:34.877299 9831 server.go:407] Version: v1.15.0
Jul 19 10:27:34 k8s-node1 kubelet[9831]: I0130 10:27:34.877538 9831 plugins.go:103] No cloud provider specified.
Jul 19 10:27:34 k8s-node1 kubelet[9831]: I0130 10:27:34.892361 9831 certificate_store.go:130] Loading cert/key pair from "/var/lib/kubelet/pki/kubelet-client-current.pem".
Jul 19 10:27:34 k8s-node1 kubelet[9831]: I0130 10:27:34.926248 9831 server.go:666] --cgroups-per-qos enabled, but --cgroup-root was not specified. defaulting to /
Jul 19 10:27:34 k8s-node1 kubelet[9831]: F0130 10:27:34.926665 9831 server.go:261] failed to run Kubelet: Running with swap on is not supported, please disable swap! or set --fail-swap-on flag to false. /proc/swaps contained: [Filename Type Size Used Priority /swapfile file 2097148 0 -2]
Jul 19 10:27:34 k8s-node1 systemd[1]: kubelet.service: main process exited, code=exited, status=255/n/a
Jul 19 10:27:34 k8s-node1 systemd[1]: Unit kubelet.service entered failed state.
Jul 19 10:27:34 k8s-node1 systemd[1]: kubelet.service failed.

剛開始以為是Flag --cgroup-driver has been deprecated這一段,后來才發現應該是failed to run Kubelet: Running with swap on is not supported, please disable swap!這一段,這個日志就很明顯了。
解決方案就是關閉Swap,重啟后生效

swapoff -a
cp -p /etc/fstab /etc/fstab.bak$(date '+%Y%m%d%H%M%S')
sed -i "s/\/dev\/mapper\/centos-swap/\#\/dev\/mapper\/centos-swap/g" /etc/fstab
systemctl daemon-reload
systemctl restart kubelet

所以我把這段加到了上面

kubernetes部分pod一直沒有正常running。

例如:

[root@k8s-master ~]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-5c98db65d4-b2rgr 1/1 Running 0 20h
kube-system coredns-5c98db65d4-l6x97 1/1 Running 0 20h
kube-system etcd-k8s-master 1/1 Running 4 20h
kube-system kube-apiserver-k8s-master 1/1 Running 15 20h
kube-system kube-controller-manager-k8s-master 1/1 Running 27 20h
kube-system kube-flannel-ds-amd64-k5kjg 1/1 Running 2 110m
kube-system kube-flannel-ds-amd64-z7lcn 1/1 Running 20 88m
kube-system kube-proxy-992ql 1/1 Running 4 20h
kube-system kube-proxy-ss9r6 1/1 Running 0 27m
kube-system kube-scheduler-k8s-master 1/1 Running 29 20h
kube-system kubernetes-dashboard-7d75c474bb-s7fwq 0/1 ErrImagePull 0 102s

最后kubernetes-dashboard-7d75c474bb-s7fwq顯示ErrImagePull。
我們執行命令kubectl describe pod kubernetes-dashboard-7d75c474bb-s7fwq -n kube-system
(注意一定要加 -n 指定命名空間,否則會以default空間,會出現 Error from server (NotFound): pods "xxxxxxxx" not found
最后Events的部分如下:

Events:
  Type Reason Age From Message
  ---- ------ ---- ---- -------
  Normal Scheduled 119s default-scheduler Successfully assigned kube-system/kubernetes-dashboard-7d75c474bb-s7fwq to k8s-node1
  Normal Pulling 50s (x3 over 118s) kubelet, k8s-node1 Pulling image "k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1"
  Warning Failed 33s (x3 over 103s) kubelet, k8s-node1 Failed to pull image "k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1": rpc error: code = Unknown desc = Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
  Warning Failed 33s (x3 over 103s) kubelet, k8s-node1 Error: ErrImagePull
  Normal BackOff 6s (x4 over 103s) kubelet, k8s-node1 Back-off pulling image "k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1"
  Warning Failed 6s (x4 over 103s) kubelet, k8s-node1 Error: ImagePullBackOff

從這個日志發現問題是kubernetes-dashboard-amd64:v1.10.1要求的版本比目前docker中的版本高(目前的版本是v1.10.0),所以重新拉一個鏡像即可。


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 Docker系列(二):通過Docker安裝使用 Kubernetes (K8s) Windows10 下安裝Docker 和 Kubernetes (k8s) 踩過的坑。 ubuntu16.04 docker kubernetes(k8s) istio 安裝 Kubernetes(K8s) 基於Docker For Windows安裝部署(那些坑) 開啟和安裝Kubernetes k8s 基於Docker For Windows docker和k8s(Kubernetes)是配套使用 Kubernetes k8s 基於Docker For Windows docker k8s安裝 k8s Docker 安裝 centos7.7下docker與k8s安裝(DevOps三)
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM