k8s集群搭建

1.前期准备

1.1.准备centos 7系统

1.2.关闭防火墙

systemctl stop firewalld

systemctl disable firewalld

1.3关闭selinux

setenforce 0

sed -i '/^SELINUX=/cSELINUX=disabled' /etc/sysconfig/selinux

1.4主节点docker安装，详情请看：docker主节点安装

2. K8s master安装

2. 1.Yum方式在线安装k8s

yum -y install etcd kubernetes

2.2.配置Etcd

vi /etc/etcd/etcd.conf（红色部分为master节点的ip）

#

ETCD_NAME=default

ETCD_DATA_DIR="/var/lib/etcd/default.etcd"

ETCD_LISTEN_CLIENT_URLS="http://192.168.140.129:2379,http://192.168.140.129:4001,http://127.0.0.1:2379,http://127.0.0.1:4001"

ETCD_ADVERTISE_CLIENT_URLS="http://192.168.140.129:2379,http://192.168.140.129:4001,http://127.0.0.1:2379,http://127.0.0.1:4001"

2.3.api Server配置

 vi /etc/kubernetes/apiserver（admission_control去掉ServiceAccount）

KUBE_API_ADDRESS="--address=0.0.0.0"

KUBE_API_PORT="--port=8080"

KUBELET_PORT="--kubelet_port=10250"

KUBE_ETCD_SERVERS="--etcd_servers=http://192.168.140.129:2379"

KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

KUBE_API_ARGS=""

2.4.启动K8s master

systemctl restart etcd

systemctl restart kube-apiserver

systemctl restart kube-controller-manager

systemctl restart kube-scheduler

2.5.设置开机自动启动

systemctl enable etcd

systemctl enable kube-apiserver

systemctl enable kube-controller-manager

systemctl enable kube-scheduler

2.6.状态查看

systemctl status etcd

systemctl status kube-apiserver

systemctl status kube-controller-manager

systemctl status kube-scheduler

2.7.设置etcd网络(若执行过程中卡住则选择手动打出命令即可)

etcdctl mk /atomic.io/network/config '{"Network":"172.19.0.0/16", "SubnetLen":24, "Backend":{"Type":"vxlan"}}'

3. K8s slave安装

3. 1.Yum方式在线安装k8s

yum -y install docker

yum -y install flannel kubernetes-node

3.2.Docker配置

3.2.1.修改 /etc/sysconfig/docker 配置

vi /etc/sysconfig/docker

#删除/etc/sysconfig/docker中内容为 OPTIONS='--selinux-enabled --log-driver=journald --xxx'中的 --selinux-enabled

 

#添加以下内容，信任http方式从docker私服拉镜像（ip一般为master节点IP）

INSECURE_REGISTRY='--insecure-registry 192.168.140.129:5000'

3.2.2.修改 /etc/sysconfig/docker-storage 配置

vi /etc/sysconfig/docker-storage

//将文件里的overlay2改成overlay即可。如果没有找到overlay2则添加下列配置

DOCKER_STORAGE_OPTIONS="--storage-driver overlay "

 

3.2.3. 配置Flannel

vi /etc/sysconfig/flanneld（192.168.140.129为etcd节点ip，192.168.140.130为当前物理机器的ip）

FLANNEL_ETCD_ENDPOINTS="http://192.168.140.129:2379"

FLANNEL_ETCD_PREFIX="/atomic.io/network"

FLANNEL_ETCD="http://192.168.140.129:2379"

FLANNEL_ETCD_KEY="/atomic.io/network"

FLANNEL_OPTIONS="-iface=ens32 -public-ip=192.168.140.130 -ip-masq=true"

 

3.3. Kubernetes配置

3.3.1.编辑脚本

vi /etc/kubernetes/config（红色部分为k8s主节点的ip）

KUBE_LOGTOSTDERR="--logtostderr=true"

KUBE_LOG_LEVEL="--v=0"

KUBE_ALLOW_PRIV="--allow-privileged=false"

KUBE_MASTER="--master=http://192.168.140.129:8080"

#apiserver的地址和端口 # location of the api-server 

KUBELET_API_SERVER="--api-servers=http://192.168.140.129:8080"

 

3.3.2.编辑脚本

vi /etc/kubernetes/kubelet（蓝色部分为当前从节点的ip,红色部分为k8s主节点的ip,黄色部分为docker私服地址地址）

KUBELET_ADDRESS="--address=0.0.0.0"

KUBELET_PORT="--port=10250"

KUBELET_HOSTNAME="--hostname-override=192.168.140.130" $修改成对应Node的IP

KUBELET_API_SERVER="--api-servers=http://192.168.140.129:8080" $指定Master节点的API Server

KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=192.168.140.129:5000/pod-infrastructure:latest"

KUBELET_ARGS=""

3.4.设置iptables

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -P INPUT ACCEPT

iptables -P FORWARD ACCEPT

iptables -F

3.5.设置iptables重启自动执行

vi ~/.bashrc

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -P INPUT ACCEPT

iptables -P FORWARD ACCEPT

iptables -F

3.6.从节点启动K8s

systemctl restart kube-proxy

systemctl restart kubelet

systemctl restart flanneld

systemctl restart docker

3.7.设置开机自动启动

systemctl enable kube-proxy

systemctl enable kubelet

systemctl enable flanneld

systemctl enable docker

3.8.状态查看

systemctl status kube-proxy

systemctl status kubelet

systemctl status flanneld

systemctl status docker