kubernetes1.9版本集群配置向导
说明使用kubeadm创建kubernetes环境是单个节点,需要对kube-api做高可用,这里使用keepalived对3个master节点kubernetes api做高可用,etcd也部署到3台master节点。网络使用CoreDNS+kube-router主机 IP k8smaster01 192.168.0.230k8smaster02 192.168.0
·
说明
使用kubeadm创建kubernetes环境是单个节点,需要对kube-api做高可用,这里使用keepalived对3个master节点kubernetes api做高可用,etcd也部署到3台master节点。网络使用CoreDNS+kube-router
主机
IP
k8smaster01
192.168.0.230
k8smaster02
192.168.0.231
k8smaster03
192.168.0.232
k8snode01
192.168.0.233
k8s
api
VIP
192.168.0.238
版本号
docker
:
17.03.2
-
ce
OS
:
CentOS
Linux
release
7.4.1708
kubernetes
:
1.9.4
etcdctl
:
3.2.15
Keepalived
:
v1
.
3.5
[
root
@
k8smaster01
~
]
# docker images
REPOSITORY
TAG
IMAGE
ID
CREATED
SIZE
gcr
.
io
/
google_containers
/
kube
-
proxy
-
amd64
v1
.
9.4
119ae3dc765b
3
days
ago
109
MB
gcr
.
io
/
google_containers
/
kube
-
scheduler
-
amd64
v1
.
9.4
897eabbc86ac
3
days
ago
62.9
MB
gcr
.
io
/
google_containers
/
kube
-
apiserver
-
amd64
v1
.
9.4
3945a0b35e33
3
days
ago
212
MB
gcr
.
io
/
google_containers
/
kube
-
controller
-
manager
-
amd64
v1
.
9.4
35c62345e5ac
3
days
ago
139
MB
busybox
latest
f6e427c148a7
2
weeks
ago
1.15
MB
cloudnativelabs
/
kube
-
router
latest
03dcb0d528f0
4
weeks
ago
88.1
MB
coredns
/
coredns
1.0.1
58d63427cdea
3
months
ago
45.1
MB
gcr
.
io
/
google_containers
/
k8s
-
dns
-
sidecar
-
amd64
1.14.7
db76ee297b85
4
months
ago
42
MB
gcr
.
io
/
google_containers
/
k8s
-
dns
-
kube
-
dns
-
amd64
1.14.7
5d049a8c4eec
4
months
ago
50.3
MB
gcr
.
io
/
google_containers
/
k8s
-
dns
-
dnsmasq
-
nanny
-
amd64
1.14.7
5feec37454f4
4
months
ago
40.9
MB
gcr
.
io
/
google_containers
/
pause
-
amd64
3.0
99e59f495ffa
22
months
ago
747
kB
下载链接
度娘网盘:链接: https://pan.baidu.com/s/140HwRcJaA_3Q8S6MF2Ip0g 密码: akqa
docker download
https
:
//download.docker.com/linux/centos/7/x86_64/stable/Packages/
# yum install keepalived
# cat /etc/keepalived/keepalived.conf
!
Configuration
File
for
keepalived
global_defs
{
notification_email
{
bbotte
@
163.com
}
router_id
LVS
_k8s
}
vrrp_script
CheckK8sMaster
{
script
"curl -k https://192.168.0.238:6443"
#VIP
interval
3
timeout
9
fall
2
rise
2
}
vrrp_instance
VI_1
{
state
MASTER
#MASTER/SLAVE
interface
ens192
#网卡名称
virtual_router
_id
51
priority
100
#权重,配置不同数值
advert
_int
1
# local host ip
mcast_src
_ip
192.168.0.230
authentication
{
auth_type
PASS
auth_pass
bbotte
_k8s
}
unicast_peer
{
#对方的ip
192.168.0.231
192.168.0.232
}
virtual_ipaddress
{
192.168.0.238
/
24
}
track_script
{
CheckK8sMaster
}
}
# systemctl enable keepalived && systemctl restart keepalived
# yum install ipvsadm -y
# ipvsadm -Ln
# cat etcd-csr.json
{
"key"
:
{
"algo"
:
"rsa"
,
"size"
:
2048
}
,
"names"
:
[
{
"O"
:
"etcd"
,
"OU"
:
"etcd Security"
,
"L"
:
"Beijing"
,
"ST"
:
"Beijing"
,
"C"
:
"CN"
}
]
,
"CN"
:
"etcd"
,
"hosts"
:
[
"127.0.0.1"
,
"192.168.0.230"
,
"192.168.0.231"
,
"192.168.0.232"
,
"192.168.0.233"
,
"192.168.0.238"
]
}
# cat etcd-gencert.json
{
"signing"
:
{
"default"
:
{
"usages"
:
[
"signing"
,
"key encipherment"
,
"server auth"
,
"client auth"
]
,
"expiry"
:
"87600h"
}
}
}
# cat etcd-root-ca-csr.json
{
"key"
:
{
"algo"
:
"rsa"
,
"size"
:
4096
}
,
"names"
:
[
{
"O"
:
"etcd"
,
"OU"
:
"etcd Security"
,
"L"
:
"Beijing"
,
"ST"
:
"Beijing"
,
"C"
:
"CN"
}
]
,
"CN"
:
"etcd-root-ca"
}
# cat /etc/kubernetes/config.yaml
apiVersion
:
kubeadm
.
k8s
.
io
/
v1alpha1
kind
:
MasterConfiguration
etcd
:
endpoints
:
-
https
:
//192.168.0.230:2379 #3个master节点
-
https
:
//192.168.0.231:2379
-
https
:
//192.168.0.232:2379
caFile
:
/
etc
/
etcd
/
ssl
/
etcd
-
root
-
ca
.
pem
#和etcd使用一样的证书
certFile
:
/
etc
/
etcd
/
ssl
/
etcd
.
pem
keyFile
:
/
etc
/
etcd
/
ssl
/
etcd
-
key
.
pem
dataDir
:
/
var
/
lib
/
etcd
networking
:
podSubnet
:
10.244.0.0
/
16
kubernetesVersion
:
1.9.4
api
:
advertiseAddress
:
"192.168.0.238"
#api的地址,即keepalived的VIP
token
:
"4bdbca.6e3531d0ec698d96"
tokenTTL
:
"0s"
apiServerCertSANs
:
-
etcd01
-
etcd02
-
etcd03
-
192.168.0.230
-
192.168.0.231
-
192.168.0.232
-
192.168.0.238
featureGates
:
CoreDNS
:
true
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献22条内容
所有评论(0)