從過去以物理機和虛擬機為主體的開發運維環境,向以容器為核心的基礎設施的轉變過程,並不是一次溫和的改革,而是涵蓋了對網絡、存儲、調度、操作系統、分布式原理等各個方面的容器化理解和改造。
配置
2g內存2cpu
內核
Linux 4.17.11-1.el7.elrepo.x86_64
然后進入虛擬機可用命令查看ip地址查看互通
ip addr show
用swap分區
sudo swapoff -a
永久禁用
sudo vi /etc/fstab
把/dev/mapper/centos-swap swap這行注釋掉
編寫配置
vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 vm.swappiness=0
sysctl --system
2. 配置kubernetes yum源
vim /etc/yum.repos.d/kubernetes.repo
[kubernetes] name=kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ gpgcheck=0 enable=1
======================== 執行:
cd /etc/yum.repos.d/
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum clean all
yum repolist
安裝
安裝kubeadm, kubelet and kubectl
yum install docker-ce kubelet-1.11.1 kubeadm-1.11.1 kubectl-1.11.1 kubernetes-cni
systemctl enable docker systemctl enable kubelet.service systemctl start docker systemctl start kubelet
3.由於國內網絡原因,kubernetes的鏡像托管在google雲上,無法直接下載,所以直接把把鏡像搞下來有個技術大牛把gcr.io的鏡像
每天同步到https://github.com/anjia0532/gcr.io_mirror這個站點,因此,如果需要用到gcr.io的鏡像,可以執行如下的腳本進行鏡像拉取
vim pullimages.sh
#!/bin/bash
images=(kube-proxy-amd64:v1.11.1 kube-scheduler-amd64:v1.11.1 kube-controller-manager-amd64:v1.11.1
kube-apiserver-amd64:v1.11.1 etcd-amd64:3.2.18 coredns:1.1.3 pause:3.1 )
for imageName in ${images[@]} ; do
docker pull anjia0532/google-containers.$imageName
docker tag anjia0532/google-containers.$imageName k8s.gcr.io/$imageName
docker rmi anjia0532/google-containers.$imageName
done
sh pullimages.sh
5.kubernetes集群不允許開啟swap,所以我們需要忽略這個錯誤
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
編寫kubeadm.yaml
vim kubeadm.yaml
apiVersion: kubeadm.k8s.io/v1alpha1 kind: MasterConfiguration controllerManagerExtraArgs: horizontal-pod-autoscaler-use-rest-clients: "true" horizontal-pod-autoscaler-sync-period: "10s" node-monitor-grace-period: "10s" apiServerExtraArgs: runtime-config: "api/all=true" kubernetesVersion: "v1.11.1"
kubeadm init --config kubeadm.yaml
這樣就可以完成 Kubernetes Master 的部署了,這個過程只需要幾分鍾,部署完成后,kubeadm 會生成一行指令:
kubeadm join 10.168.0.2:6443 --token 00bwbx.uvnaa2ewjflwu1ry --discovery-token-ca-cert-hash sha256:00eb62a2a6020f94132e3fe1ab721349bbcd3e9b94da9654cfe15f2985ebd711
4.配置kubectl與apiserver的認證
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
檢查健康狀態
kubectl get cs
查看節點狀態
kubectl get nodes
現在,我們就可以使用 kubectl get 命令來查看當前唯一一個節點的狀態了:
kubectl get nodes
部署網絡插件Weave
kubectl apply -f https://git.io/weave-kube-1.6
查看
kubectl get pods -n kube-system
[root@localhost ~]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE coredns-78fcdf6894-csxpw 1/1 Running 0 27m coredns-78fcdf6894-td848 1/1 Running 0 27m etcd-localhost.localdomain 1/1 Running 0 26m kube-apiserver-localhost.localdomain 1/1 Running 0 26m kube-controller-manager-localhost.localdomain 1/1 Running 0 26m kube-proxy-v78j8 1/1 Running 0 27m kube-scheduler-localhost.localdomain 1/1 Running 0 26m weave-net-vcnb6 2/2 Running 0 44s
加入污點
kubectl taint nodes --all node-role.kubernetes.io/master-
可視化插件,下載鏡像
wget https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
docker pull anjia0532/google-containers.kubernetes-dashboard-amd64:v1.10.0 docker tag anjia0532/google-containers.kubernetes-dashboard-amd64:v1.10.0 k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0 docker rmi anjia0532/google-containers.kubernetes-dashboard-amd64:v1.10.0
修改kubernetes-dashboard.yaml,可以直接token認證進入
kind: Service apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-system spec: # 添加Service的type為NodePort type: NodePort ports: - port: 443 targetPort: 8443 # 添加映射到虛擬機的端口,k8s只支持30000以上的端口 nodePort: 30001 selector: k8s-app: kubernetes-dashboard
kubectl apply -f kubernetes-dashboard.yaml
看 Dashboard 對應的 Pod 的狀態了
kubectl get pods -n kube-system
部署容器存儲插件,下載鏡像
kubectl apply -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/operator.yaml kubectl apply -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/cluster.yaml
查看安裝情況
kubectl get pods -n rook-ceph-system kubectl get pods -n rook-ceph
開啟服務
nohup kubectl proxy --address='0.0.0.0' --accept-hosts='^*$' --disable-filter=true &
獲取token命令
kubectl -n kube-system describe $(kubectl -n kube-system get secret -n kube-system -o name | grep namespace) | grep token
訪問dashboard
通過node節點的ip,加剛剛我們設置的nodePort就可以訪問了。
https://<node-ip>:<node-port>
下面是我成功的結果圖
備忘:
查看全部節點
kubectl get pods --all-namespaces
查看pods
kubectl describe pod -n kube-system
查看具體問題
kubectl describe pod kubernetes-dashboard-767dc7d4d-mg5gw -n kube-system
參考:
https://jusene.me/2018/09/10/k8s-1/
http://blog.51cto.com/ghbsunny/2162205?source=dra
https://my.oschina.net/andylo25/blog/1618342
https://imroc.io/posts/kubernetes/install-kubernetes-1.9-on-centos7-with-kubeadm/
https://segmentfault.com/a/1190000013681047
https://www.centos.bz/2018/07/kubernetes%E7%9A%84dashboard%E7%99%BB%E5%BD%95%E6%96%B9%E5%BC%8F/