K8S 环境部署(12.2版本)
1.1、环境整理首先将Linux 内核升级到4 .x ,并更新本地依赖。yum update -y1.2、Docker安装1.2.1、卸载旧版本首先需要对服务器进行清理, 如果之前安装过Docker , 需要先执行卸载操作,具体命令如下:sudo yum remove docker docker-client docker-client-latest docker-common d...
·
1.1、环境整理
首先将Linux 内核升级到4 .x ,并更新本地依赖。
yum update -y
1.2、Docker安装
1.2.1、卸载旧版本
首先需要对服务器进行清理, 如果之前安装过Docker , 需要先执行卸载操作,具体命令
如下:
sudo yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine
1.2.2、安装Docker CE
安装yum-utils提供的yum-config-manager,device-mapper-persistent-data和lvm2
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
使用下面的命令来设置稳定存储库:
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
可以选择性地启用edge 和测试存储库,这些存储库包含在Docker 中,在默认情况下是禁用的。具体执行命令如下:
sudo yum-config-manager --enable docker-ce-edge
sudo yum-config-manager --enable docker-ce-test
也可以通过使用禁用标志来运行yum-config-manager 命令, 以禁用edge 或测试存储库。
要重新启用它, 可以使用-enable 标志。下面的命令禁用edge 存储库:
yum-config-manager --disable docker-ce-edge
最后, 可执行如下命令安装最新版本的Docker CE :
yum install docker-ce -y
还能通过如下命令安装指定版本的Docker CE :
yum install docker-ce -<VERSION STRING>
执行查询Docke r 版本号, 看是否安装成功:
docker --version
如下:
Docker version 18.09.3, build 774a1f4
1.2.3、启动docker
systemctl daemon-reload && systemctl restart docker
1.3、安装kubeadm, kubelet和kubectl
1.3.1、配置kubernetes源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
关闭selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0
开始安装
yum install -y kubelet-1.12.2 kubeadm-1.12.2 kubectl-1.12.2 kubernetes-cni-0.6.0
systemctl enable kubelet
1.4、在master上配置
1.4.1、配置内核
cat <<EOF > /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p
1.4.2、关闭swap
swapoff -a
1.4.3、初始化K8S
kubeadm init --kubernetes-version=v1.12.2 --pod-network-cidr=10.244.0.0/16
# 启动
sudo systemctl start kubelet
由于https://k8s.gcr.io/v2/无法访问,所以先下载相关的镜像文件。
docker pull mirrorgooglecontainers/kube-apiserver-amd64:v1.12.2
docker pull mirrorgooglecontainers/kube-controller-manager-amd64:v1.12.2
docker pull mirrorgooglecontainers/kube-scheduler-amd64:v1.12.2
docker pull mirrorgooglecontainers/kube-proxy-amd64:v1.12.2
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd-amd64:3.2.24
docker pull coredns/coredns:1.2.2
给镜像文件打tag
docker tag mirrorgooglecontainers/kube-proxy-amd64:v1.12.2 k8s.gcr.io/kube-proxy:v1.12.2
docker tag mirrorgooglecontainers/kube-apiserver-amd64:v1.12.2 k8s.gcr.io/kube-apiserver:v1.12.2
docker tag mirrorgooglecontainers/kube-controller-manager-amd64:v1.12.2 k8s.gcr.io/kube-controller-manager:v1.12.2
docker tag mirrorgooglecontainers/kube-scheduler-amd64:v1.12.2 k8s.gcr.io/kube-scheduler:v1.12.2
docker tag mirrorgooglecontainers/etcd-amd64:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag coredns/coredns:1.2.2 k8s.gcr.io/coredns:1.2.2
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
1.4.4、配置KUBECONFIG环境变量
cp -f /etc/kubernetes/admin.conf $HOME/
chown (id -u):(id -g) $HOME/admin.conf
export KUBECONFIG=$HOME/admin.conf
echo "export KUBECONFIG=$HOME/admin.conf" >> ~/.bash_profile
允许master运行pod,如果需要master作为worker运行pod,执行
kubectl taint nodes --all node-role.kubernetes.io/master-
1.4.5、获取组件的健康状态
[root@host-192-100-36-176 ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health": "true"}
1.4.6、查看节点信息
[root@host-192-100-36-176 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
host-192-100-36-176 NotReady master 40m v1.12.2
这里status未就绪,是因为没有网络插件,如flannel.地址https://github.com/coreos/flannel可以查看flannel在github上的相关项目。
1.4.7、安装flannel
[root@host-192-100-36-176 ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
podsecuritypolicy.extensions/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.extensions/kube-flannel-ds-amd64 created
daemonset.extensions/kube-flannel-ds-arm64 created
daemonset.extensions/kube-flannel-ds-arm created
daemonset.extensions/kube-flannel-ds-ppc64le created
daemonset.extensions/kube-flannel-ds-s390x created
镜像拉取成功后,一般会启动起来。此时默认的node状态为Ready,如下
[root@host-192-100-36-176 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
host-192-100-36-176 Ready master 47m v1.12.2
获取当前系统上所有在运行的pod的状态,指定名称空间为kube-system
[root@host-192-100-36-176 ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-576cbf47c7-k6x2q 1/1 Running 0 47m
coredns-576cbf47c7-ndj54 1/1 Running 0 47m
etcd-host-192-100-36-176 1/1 Running 0 46m
kube-apiserver-host-192-100-36-176 1/1 Running 0 46m
kube-controller-manager-host-192-100-36-176 1/1 Running 0 46m
kube-flannel-ds-amd64-zzmtt 1/1 Running 0 100s
kube-proxy-l7hp2 1/1 Running 0 47m
kube-scheduler-host-192-100-36-176 1/1 Running 0 46m
获取当前系统的名称空间
[root@host-192-100-36-176 ~]# kubectl get ns
NAME STATUS AGE
default Active 48m
kube-public Active 48m
kube-system Active 48m
1.5、添加node
1.5.1、下载镜像文件,同上
1.5.2、安装flannel
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
1.5.3、节点加入到集群中
kubeadm join 192.100.36.176:6443 --token q13c4x.0tsn1i3tj0zozbhc --discovery-token-ca-cert-hash sha256:14bdc1a457aeb34d43cebef2cfde34abd4cbaa3c5f8d3c05d55c24438e613926
1.5.4、查看节点的状态
[root@host-192-100-36-176 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
host-192-100-36-176 Ready master 112m v1.12.2
host-192-100-36-180 Ready <none> 43m v1.12.2
host-192-100-36-189 Ready <none> 49m v1.12.2
1.6、安装dashboard
dashboard project在https://github.com/kubernetes/dashboard/releases
1.6.1、安装1.10.1版本的dashboard
docker pull mirrorgooglecontainers/kubernetes-dashboard-amd64:v1.10.0
docker tag mirrorgooglecontainers/kubernetes-dashboard-amd64:v1.10.0 k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.0/src/deploy/recommended/kubernetes-dashboard.yaml
查看部署信息
kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-78fcdf6894-nmcmz 1/1 Running 1 54d
coredns-78fcdf6894-p5pfm 1/1 Running 1 54d
etcd-k8s-master 1/1 Running 2 54d
kube-apiserver-k8s-master 1/1 Running 9 54d
kube-controller-manager-k8s-master 1/1 Running 5 54d
kube-flannel-ds-n5c86 1/1 Running 1 54d
kube-flannel-ds-nrcw2 1/1 Running 1 52d
kube-flannel-ds-pgpr7 1/1 Running 5 54d
kube-proxy-glzth 1/1 Running 1 52d
kube-proxy-rxlt7 1/1 Running 2 54d
kube-proxy-vxckf 1/1 Running 4 54d
kube-scheduler-k8s-master 1/1 Running 3 54d
kubernetes-dashboard-767dc7d4d-n4clq 1/1 Running 0 3s
kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 54d
kubernetes-dashboard ClusterIP 10.105.204.4 <none> 443/TCP 30m
kubectl patch svc kubernetes-dashboard -p '{"spec":{"type":"NodePort"}}' -n kube-system #以打补丁方式修改dasboard的访问方式
service/kubernetes-dashboard patched
kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 54d
kubernetes-dashboard NodePort 10.105.204.4 <none> 443:32645/TCP 31m
访问dashboard页面https://192.168.158.88:30849/#!/login
1.6.2、service account
创建一个cluster-admin角色的service account , 和一个clusterrolebinding, 以便访问所有的k8s资源
kubectl create serviceaccount cluster-admin-dashboard-sa
kubectl create clusterrolebinding cluster-admin-dashboard-sa \
--clusterrole=cluster-admin \
--serviceaccount=default:cluster-admin-dashboard-sa
1.6.3、查找token
Copy产生的Token,并使用此Token登录到dashboard中
[root@host-192-100-36-176 ~]# kubectl get secret | grep cluster-admin-dashboard-sa
cluster-admin-dashboard-sa-token-sswrb kubernetes.io/service-account-token 3 2m6s
[root@host-192-100-36-176 ~]# kubectl describe secrets/cluster-admin-dashboard-sa-token-sswrb
Name: cluster-admin-dashboard-sa-token-sswrb
Namespace: default
Labels: <none>
Annotations: kubernetes.io/service-account.name: cluster-admin-dashboard-sa
kubernetes.io/service-account.uid: b7c2c5db-7c6d-11e9-91b8-fa163e5187e6
Type: kubernetes.io/service-account-token
Data
====
namespace: 7 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImNsdXN0ZXItYWRtaW4tZGFzaGJvYXJkLXNhLXRva2VuLXNzd3JiIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImNsdXN0ZXItYWRtaW4tZGFzaGJvYXJkLXNhIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiYjdjMmM1ZGItN2M2ZC0xMWU5LTkxYjgtZmExNjNlNTE4N2U2Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OmRlZmF1bHQ6Y2x1c3Rlci1hZG1pbi1kYXNoYm9hcmQtc2EifQ.jqxyUOdpUn2XaLX6Sd43q_oaAHhlaiV_JTWbd0vfL5W7o4UX_GUCXcCgG87yXxQdNX5ojjDENnkpp3mE6TJrergR7iKrTKvtAk5XsqSZ5L4CWJY3eJXH0MuovKtEUcV7Cwgq01fau7ZAOM85hukbLB4PXBT6XabhZH4Vks1pyIDzbnMLdZEChXu6XQQ3XTVj2c9FX_IaEfb_6GPZeP76R7VTO1euqaYqeHfTVSLP6pOgwjVFr-lKE5qLI-3E7BieKCjdeuQrNZp6-pyOHhinrQ3UHuNGlZGTZVhzfeLxq3h4a9G7w9uCBBqWeyTRpjP_uszhyY-5qiJJUzoO8aFWuA
ca.crt: 1025 bytes
将token拷贝到令牌的位置,登录进去,即可看到dashboard页面。
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献1条内容
所有评论(0)