Kubernetes 安装及部署

1 k8s安装环境准备

1.1 配置并安装k8s国内源

  1. 创建配置文件sudo touch /etc/apt/sources.list.d/kubernetes.list

  2. 添加写权限

    itcast@master:~$ sudo chmod 666 /etc/apt/sources.list.d/kubernetes.list 
    

    再添加,内容如下:

    deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main
    
  3. 执行sudo apt update 更新操作系统源,开始会遇见如下错误

    tcast@master:~$ sudo apt update
    Get:1 http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial InRelease [8,993 B]
    Err:1 http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial InRelease    
      The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6A030B21BA07F4FB
    Hit:2 http://mirrors.aliyun.com/ubuntu cosmic InRelease                        
    Hit:3 http://mirrors.aliyun.com/ubuntu cosmic-updates InRelease                
    Hit:4 http://mirrors.aliyun.com/ubuntu cosmic-backports InRelease              
    Hit:5 http://mirrors.aliyun.com/ubuntu cosmic-security InRelease               
    Err:6 https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu cosmic InRelease      
      Could not wait for server fd - select (11: Resource temporarily unavailable) [IP: 202.141.176.110 443]
    Reading package lists... Done                          
    W: GPG error: http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6A030B21BA07F4FB
    E: The repository 'http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial InRelease' is not signed.
    N: Updating from such a repository can't be done securely, and is therefore disabled by default.
    N: See apt-secure(8) manpage for repository creation and user configuration details.
    

    其中:

    The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6A030B21BA07F4FB
    

    签名认证失败,需要重新生成。记住上面的NO_PUBKEY 6A030B21BA07F4FB

  4. 添加认证key

    运行如下命令,添加错误中对应的key(错误中NO_PUBKEY后面的key的后8位)

    gpg --keyserver keyserver.ubuntu.com --recv-keys BA07F4FB
    

    接着运行如下命令,确认看到OK,说明成功,之后进行安装:

    gpg --export --armor BA07F4FB | sudo apt-key add -
    
  5. 再次重新sudo apt update更新系统下载源数据列表

itcast@master:~$ sudo apt update
Hit:1 https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu cosmic InRelease                  
Hit:2 http://mirrors.aliyun.com/ubuntu cosmic InRelease                                    
Hit:3 http://mirrors.aliyun.com/ubuntu cosmic-updates InRelease                            
Hit:4 http://mirrors.aliyun.com/ubuntu cosmic-backports InRelease                          
Hit:5 http://mirrors.aliyun.com/ubuntu cosmic-security InRelease                           
Get:6 http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial InRelease [8,993 B]      
Ign:7 http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial/main amd64 Packages
Get:7 http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial/main amd64 Packages [26.6 kB]
Fetched 26.6 kB in 42s (635 B/s)    
Reading package lists... Done
Building dependency tree       
Reading state information... Done
165 packages can be upgraded. Run 'apt list --upgradable' to see them.

以上没有报和错误异常,表示成功。

1.2 禁止基础设施

  1. 禁止防火墙

    $ sudo ufw disable
    Firewall stopped and disabled on system startup
    
  2. 关闭swap

    # 成功
    $ sudo swapoff -a 
    # 永久关闭swap分区
    $ sudo sed -i 's/.*swap.*/#&/' /etc/fstab
    
    我还在 /etc/fsttab中永久关闭了 swap
    使用top可以查看 swap的使用情况
    
    
  3. 禁止selinux

    selinux一个ubuntu自带的(类似于360,没啥用,耽误性能)安全管家。

# 安装操控selinux的命令
$ sudo apt install -y selinux-utils
# 禁止selinux
$ setenforce 0
# 重启操作系统
$ shutdown -r now
# 查看selinux是否已经关闭
$ sudo getenforce
Disabled(表示已经关闭)

2 k8s系统网络配置

(1) 配置内核参数,将桥接的IPv4流量传递到iptables的链

创建/etc/sysctl.d/k8s.conf文件

添加内容如下:

net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness = 0

(2) 执行命令使修改生效

# 【候选】建议执行下面的命令
$ sudo modprobe br_netfilter
$ sudo sysctl -p /etc/sysctl.d/k8s.conf

3 安装k8s

注意: 切换到root用户 $ su

  1. 安装Kubernetes 目前安装版本 v1.13.1

    $ apt update && apt-get install -y kubelet=1.13.1-00 kubernetes-cni=0.6.0-00 kubeadm=1.13.1-00 kubectl=1.13.1-00
    

kubernetes 是一个分布式的集群管理系统,在每个节点(node)上都要运行一个 worker 对容器进行生命周期的管理,这个 worker 程序就是 kubelet。 它就是一个服务!!!

  1. 设置为开机重启

    $ sudo systemctl enable kubelet && systemctl start kubelet
    $ sudo shutdown -r now
    

4 验证k8s

  1. 使用root用户登录Master主机

  2. 执行如下个命令

    kubectl get nodes 
    

输出如下

$ kubectl get nodes
The connection to the server localhost:8080 was refused - did you specify the right host or port?
  1. 查看当前k8s版本

    $ kubectl version
    
Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.1", GitCommit:"eec55b9ba98609a46fee712359c7b5b365bdd920", GitTreeState:"clean", BuildDate:"2018-12-13T10:39:04Z", GoVersion:"go1.11.2", Compiler:"gc", Platform:"linux/amd64"}
The connection to the server localhost:8080 was refused - did you specify the right host or port?
Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐