kubeadm
kubeadm是一個專門快速部署kubernetes集群的工具。
可以使用kubeadm init 來初始化master節點,然后使用kubeadm join 將其他的node節點加入到集群中
kubeadm通過一個簡單的配置是將一個最小可用的集群運行起來
- 新用戶可以從kubeadm開始快速搭建kubernetes
- 熟悉的人可以使用kubeadm快熟搭建集群並測試他們的應用
- 大型的項目可以配合其他工具,
官方文檔
https://kubernetes.io/docs/reference/setup-tools/kubueadm/kubeadm
https://kubernetes.io/docs/setup/independet/install-kubeadm
基於kubeadm部署k8s
14 master kubeadm,kubelet,kubectl,docker
10 node01 kubeadm,kubelet,kubectl,docker
11 node02 kubeadm,kubelet,kubectl,docker
關閉防火牆個selinux
[root@master ~]# setenforce 0
setenforce: SELinux is disabled
[root@master ~]# iptables -F
[root@master ~]# systemctl stop firewalld
[root@master ~]# systemctl disable firewalld
[root@master ~]# systemctl stop NetworkManager
[root@master ~]# systemctl disable NetworkManger
Failed to execute operation: No such file or directory
[root@master ~]# systemctl disable NetworkManager
[root@master ~]# sed -i '/^SELINUX=/s/enforcing/disabled/' /etc/selinux/config
部署主機並綁定hosts
[root@k8s-master ~]# vim /etc/hosts
192.168.200.14 k8s-master
192.168.200.10 k8s-node01
a92.168.200.11 k8s-node02
[root@master ~]# scp /etc/hosts 192.168.200.10:/etc/
[root@master ~]# scp /etc/hosts 192.168.200.20:/etc/
主機配置初識化
[root@k8s-master ~]# yum -y install vim wget net-tools lrzsz
[root@k8s-master ~]# swapoff -a
[root@k8s-master ~]# sed -i '/swap/s/^/#/' /etc/fstab
cat <<EOF>> /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
[root@k8s-master ~]# modprobe br_netfilter
[root@k8s-master ~]# sysctl -p
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
所有主機部署docker環境
所有主機配置阿里雲鏡像加速
部署kubernetes集群
組件介紹
- kubeadm:安裝工具,使所有的組件都會以容器的方式運行
- kubectl:客戶端連接k8s api 工具
- kubelet:運行在node節點,用來啟動容器的工具
推薦使用阿里雲的yum源
所有主機安裝kubelet kubeadm kubectl
yum install -y install kubelet-1.17.0 kubeadm-1.17.0 kubectl-1.17.0
[root@k8s-master k8s]# ls
conntrack-tools-1.4.4-7.el7.x86_64.rpm kubernetes-cni-0.8.7-0.x86_64.rpm
cri-tools-1.13.0-0.x86_64.rpm libnetfilter_cthelper-1.0.0-11.el7.x86_64.rpm
kubeadm-1.20.0-0.x86_64.rpm libnetfilter_cttimeout-1.0.0-7.el7.x86_64.rpm
kubectl-1.20.0-0.x86_64.rpm libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm
kubelet-1.20.0-0.x86_64.rpm
yum -y install *.rpm
[root@k8s-master ~]# systemctl enable kubelet.service
#kubelet剛安裝后是無法啟動的,需要加入節點或者初始化為master后才可以啟動
配置init-config.yaml
kubeadm的配置項都噸出在configMap中,可以將其寫入配置文件,方便管理
#在master主機上配置
[root@k8s-master ~]# kubeadm config print init-defaults > init-config.yaml
#打印初始化相關的配置到config.yaml文件中
kubeadm config view:查看當前集群中的配置值
kubeadm config print join-defaults:輸出kubeadm join 默認參數文件內容
init-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.200.14 #master的ip
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: k8s-master
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd #容器掛載到本地的目錄
imageRepository: registry.aliyuncs.com/google_containers #切換國內的鏡像地址
kind: ClusterConfiguration
kubernetesVersion: v1.20.0
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
podSubnet: 10.244.0.0/16 #新增pod網段
scheduler: {}
安裝master節點
[root@k8s-master ~]# kubeadm config images list(pull) --config init-config.yaml #查看配置文件關聯的鏡像(下載)
[root@k8s-master master]# ls
coredns_1.7.0.tar kube-controller-manager_v1.20.0.tar pause_3.2.tar
etcd_3.4.13-0.tar kube-proxy_v1.20.0.tar
kube-apiserver_v1.20.0.tar kube-scheduler_v1.20.0.tar
[root@k8s-master master]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@k8s-master master]# ls | while read line
> do
> docker load < $line
> done #保存鏡像
[root@k8s-master ~]# docker images
REPOSITORY TAG IMAGE IDED SIZE
registry.aliyuncs.com/google_containers/kube-proxy v1.20.0 10cc8819nths ago 118MB
registry.aliyuncs.com/google_containers/kube-apiserver v1.20.0 ca9843d3nths ago 122MB
registry.aliyuncs.com/google_containers/kube-controller-manager v1.20.0 b9fa1895nths ago 116MB
registry.aliyuncs.com/google_containers/kube-scheduler v1.20.0 3138b6e3nths ago 46.4MB
registry.aliyuncs.com/google_containers/etcd 3.4.13-0 0369cf43nths ago 253MB
registry.aliyuncs.com/google_containers/coredns 1.7.0 bfe3a36enths ago 45.2MB
registry.aliyuncs.com/google_containers/pause 3.2 80d28bednths ago 683kB
[root@k8s-master ~]# kubeadm init - -config=init-config.yaml #初始化安裝k8s
kubectl默認會在執行的用戶家目錄下面的。kube目錄下尋找config文件,所以在當前目錄下創建一個.kube文件,並且將初始化生成的admin.conf拷貝到./kube/config
初始化的時候會提示,直接拉取執行
初始化時
安裝node節點
#初始化時自動提示,在node節點直接執行
[root@k8s-node01 ~]# kubeadm join 192.168.200.14:6443 --token abcdef.0123456789abcdef \
> --discovery-token-ca-cert-hash sha256:546631d9bc3d6fe0043d6b4da27ec3332a2909b991cb66a4156760fc63be78ca
--token(臨時二十四小時連接驗證)
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
提示在master上執行kubectl get nodes,獲取node節點信息
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master NotReady control-plane,master 9m v1.20.0
k8s-node01 NotReady <none> 2m17s v1.20.0
k8s-node02 NotReady <none> 2m13s v1.20.0
安裝flannel
master節點notready 的原因就是沒有網絡插件。
此時master主機上傳kube-flannel.yml 所有主機上傳flannel_v0.12.0-amd64.tar
[root@k8s-master ~]# ls
docker flannel_v0.12.0-amd64.tar init-config.yaml k8s kube-flannel.yml master
[root@k8s-master ~]# scp flannel_v0.12.0-amd64.tar 192.168.200.10:/root/
[root@k8s-master ~]# scp flannel_v0.12.0-amd64.tar 192.168.200.11:/root/
docker load < flannel_v0.12.0-amd64.tar #所有主機導入鏡像
[root@k8s-master ~]# kubectl apply -f kube-flannel.yml #master運行
[root@k8s-master ~]# kubectl get nodes #再次查看節點
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane,master 17m v1.20.0
k8s-node01 Ready <none> 11m v1.20.0
k8s-node02 Ready <none> 11m v1.20.0
[root@k8s-master ~]# kubectl get pods -n kube-system
安裝D安上board UI
所有主機部署Dashboard
默認這個部署文件中,會獨立創建一個kubernetes-dashboard的命令空間。
dashboard的鏡像來自於docker hub官方
[root@k8s-master ~]# ls
dashboard_v2.0.0.tar init-config.yaml master
docker k8s metrics-scraper_v1.0.4.tar
flannel_v0.12.0-amd64.tar kube-flannel.yml recommended.yaml
[root@k8s-master ~]# docker load < dashboard_v2.0.0.tar
[root@k8s-master ~]# docker load < metrics-scraper_v1.0.4.tar
[root@k8s-master ~]# vim recommended.yaml
41 ports:
42 - port: 443
43 targetPort: 8443
44 nodePort: 32443
164 name: cluster-admin #管理權限
[root@k8s-master ~]# kubectl apply -f recommended.yaml #部署文件
[root@k8s-master ~]# kubectl get pods -n kubernetes-dashboard #查看
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-7b59f7d4df-css6p 1/1 Running 0 38s
kubernetes-dashboard-74d688b6bc-nvhdj 1/1 Running 0 38s
#此時就可以使用瀏覽器訪問
使用koten進入
[root@k8s-master ~]# kubectl describe secret -n kubernetes-dashboard $(kubectl get secret -n kubernetes-dashboard-token | awk '{print $1}') | grep token | awk '{print $2}' #獲取到密碼
命名空間可詳細查看
安裝metrics-server
在node節點下載鏡像
[root@k8s-node01 ~]# ls
dashboard_v2.0.0.tar flannel_v0.12.0-amd64.tar metrics-scraper_v1.0.4.tar
docker k8s metrics-server-amd64_v0.3.6.tar
[root@k8s-node01 ~]# docker load < metrics-server-amd64_v0.3.6.tar
932da5156413: Loading layer 3.062MB/3.062MB
7bf3709d22bb: Loading layer 38.13MB/38.13MB
Loaded image: bluersw/metrics-server-amd64:v0.3.6
[root@k8s-node01 ~]# docker tag bluersw/metrics-server-amd64:v0.3.6 k8s.gcr.io/metrics-server-amd64:v0.3.6
修改kubernetes apiserver啟動參數
[root@k8s-master ~]# vim /etc/kubernetes/manifests/kube-apiserver.yaml
44 - --enable-aggregator-routing=true #添加的
下載一個配置文件
[root@k8s-master ~]# kubectl create -f components.yaml
#此時就可以查看狀態了
[root@k8s-master ~]# kubectl top nodes
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
k8s-master 235m 5% 1187Mi 69%
k8s-node01 81m 2% 749Mi 43%
k8s-node02 68m 1% 825Mi 48%
