kubeadm部署K8S
一、K8S的搭建
0、准备
网络地址: 节点网络:10.201.106.0/24 Service网络:10.96.0.0/12 Pod网络(flannel默认网段):10.244.0.0/16 节点功能: master1(10.201.106.131):master节点,etcd master2(10.201.106.132):node1节点 master3(10.201.106.133):node2节点 预配置: 1、NTP时间同步 2、基于主机名通信:/etc/hosts 3、关闭firewalld和iptables.service 4、所有节点关闭swap,打开内生桥接功能,需要重启: [ ~]# vim /usr/lib/sysctl.d/00-system.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-arptables = 1 备注:通过微软镜像源,快速拉取镜像,小工具azk8spull安装 git clone https://github.com/xuxinkun/littleTools cd littleTools chmod +x install.sh ./install.sh source /etc/profile
0.1 设置阿里云镜像
设置docker镜像源: 地址:https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo master1设置docker镜像源: [ yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo 设置k8s镜像源: master1设置K8S镜像 [ yum.repos.d]# vim kubernetes.repo [kubernetes] name=Kubernetes Repo baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg enabeld=1
0.2 将master上的docker和k8s镜像源文件拷贝到两个node节点
[ yum.repos.d]# scp docker-ce.repo kubernetes.repo master2:/etc/yum.repos.d/ [ yum.repos.d]# scp docker-ce.repo kubernetes.repo master3:/etc/yum.repos.d/
1、安装K8S
1.1 master节点安装docker和k8s的rpm包
默认安装最新版本: [ ~]# yum install docker-ce kubeadm kubectl kubelet 如需指定版本: [ ~]# yum install docker-ce-18.06.3.ce-3.el7 kubeadm-1.13.6-0 kubectl-1.13.6-0 kubelet-1.13.6-0 设置服务自启动: [ ~]# systemctl enable docker [ ~]# systemctl enable kubelet
1.2 master节点docker设置
设置服务启动脚本(设置镜像源) [ ~]# vim /usr/lib/systemd/system/docker.service # for containers run by docker Environment="HTTPS_PROXY=http://www.ik8s.io:10080" Environment="NO_PROXY=127.0.0.0/8,10.201.106.0/24" 启动docker服务: [ ~]# systemctl daemon-reload [ ~]# systemctl start docker 查看设置 [ ~]# docker info | grep Proxy HTTPS Proxy: http://www.ik8s.io:10080 No Proxy: 127.0.0.0/8,10.201.106.0/24 如代理无法下载,使用微软镜像下载: kubeadm config images list azk8spull k8s.gcr.io*
1.3 master节点初始化
查看kubelet生成文件:
[ ~]# rpm -ql kubelet
查看kudeadm帮助:
[ ~]# kubeadm init --help
忽略swap报错设置(若已关闭swap可不做):
[ ~]# vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
重要:开始初始化master节点:
[ ~]# kubeadm init --kubernetes-version=v1.14.2 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
(记录下来)得到输出,用于node节点加入主节点认证:
kubeadm join 10.201.106.131:6443 --token 27ojcb.sc3hc3e43rru0zu5 --discovery-token-ca-cert-hash sha256:9b68cf142c04ba3508af6fe7fb89fe268ddc751b37ff435669f39e7906e76e
重要:拷贝配置文件并更改权限(该配置文件包含认证证书信息):
[ ~]# mkdir -p $HOME/.kube
[ ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[ ~]# chown $(id -u):$(id -g) $HOME/.kube/config
查看信息:
查看组件状态信息
[ ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health":"true"}
[ ~]# kubectl get componentstatus
查看集群节点信息:
[ ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master1.com NotReady master 82m v1.14.21.4 设置网络插件
下载flannel(基于清单下载部署,默认下载最新版本): 地址:https://github.com/coreos/flannel 部署flannel [ ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml 等待初始化完成,可以看到pod节点: [ ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master1.com Ready master 119m v1.14.2 查看kube-system名称空间: [ ~]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE coredns-fb8b8dccf-8ms4d 1/1 Running 0 120m coredns-fb8b8dccf-wb97j 1/1 Running 0 120m etcd-master1.com 1/1 Running 0 119m kube-apiserver-master1.com 1/1 Running 0 119m kube-controller-manager-master1.com 1/1 Running 0 119m kube-flannel-ds-amd64-z7vjw 1/1 Running 0 17m kube-proxy-xkhhn 1/1 Running 0 120m kube-scheduler-master1.com 1/1 Running 0 119m 查看集群中名称空间状态: [ ~]# kubectl get ns NAME STATUS AGE default Active 122m kube-node-lease Active 122m kube-public Active 122m kube-system Active 122m
1.5 初始化Node节点
从master1复制docker服务文件覆盖master2,3节点: [ ~]# scp /usr/lib/systemd/system/docker.service master2:/usr/lib/systemd/system/docker.service [ ~]# scp /usr/lib/systemd/system/docker.service master3:/usr/lib/systemd/system/docker.service 从master1复制kubelet配置文件: [ ~]# scp /etc/sysconfig/kubelet master2:/etc/sysconfig/ [ ~]# scp /etc/sysconfig/kubelet master3:/etc/sysconfig/ node1配置: 安装docker和kubelet: [ ~]# yum install docker-ce kubelet kubeadm [ ~]# systemctl enable docker [ ~]# systemctl enable kubelet node1启动docker服务: [ ~]# systemctl daemon-reload [ ~]# systemctl restart docker node1加入k8s集群(如果网络无法下载镜像,通过微软镜像(azk8spull)导入kube-proxy,flannel,pause三个镜像) [ ~]# kubeadm join 10.201.106.131:6443 --token 27ojcb.sc3hc3e43rru0zu5 --discovery-token-ca-cert-hash sha256:9b68cf142c04ba3508af6fe7fb89fe268ddc751b37ff435669f39e7906e76ea1 等待node1节点下载好kube-proxy,flannel,pause三个镜像并启动容器后在master节点查看状态: [ ~]# kubectl get node NAME STATUS ROLES AGE VERSION master1.com Ready master 4h24m v1.14.2 master2.com Ready <none> 9m27s v1.14.2 查看pods: [ ~]# kubectl get pods -n kube-system -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES coredns-fb8b8dccf-8ms4d 1/1 Running 3 4h25m 10.244.0.6 master1.com <none> <none> coredns-fb8b8dccf-wb97j 1/1 Running 2 4h25m 10.244.0.5 master1.com <none> <none> etcd-master1.com 1/1 Running 1 4h25m 10.201.106.131 master1.com <none> <none> kube-apiserver-master1.com 1/1 Running 1 4h25m 10.201.106.131 master1.com <none> <none> kube-controller-manager-master1.com 1/1 Running 1 4h25m 10.201.106.131 master1.com <none> <none> kube-flannel-ds-amd64-qr4p6 1/1 Running 0 11m 10.201.106.132 master2.com <none> <none> kube-flannel-ds-amd64-z7vjw 1/1 Running 2 163m 10.201.106.131 master1.com <none> <none> kube-proxy-f86s9 1/1 Running 0 11m 10.201.106.132 master2.com <none> <none> kube-proxy-xkhhn 1/1 Running 2 4h25m 10.201.106.131 master1.com <none> <none> kube-scheduler-master1.com 1/1 Running 1 4h25m 10.201.106.131 master1.com <none> <none> node2加入步骤跟node1一样: [ ~]# kubeadm join 10.201.106.131:6443 --token 27ojcb.sc3hc3e43rru0zu5 --discovery-token-ca-cert-hash sha256:9b68cf142c04ba3508af6fe7fb89fe268ddc751b37ff435669f39e7906e76ea1 --ignore-preflight-errors=Swap
2、K8S应用基础入门
2.1 查看
查看节点详细描述信息: [ ~]# kubectl describe node master1.com 查看主节点和工作节点版本: [ ~]# kubectl version 查看整个集群信息: [ ~]# kubectl cluster-info
2.2 部署应用
2.2.1 创建一个nginx(Pod)
[ ~]# kubectl run --help 尝试创建一个nginx: [ ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1 --dry-run=true 真正创建一个nginx: [ ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1 查看当前系统上已经创建的deployment: [ ~]# kubectl get deployment NAME READY UP-TO-DATE AVAILABLE AGE nginx-deploy 1/1 1 1 23m 查看Pod: [ ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-deploy-55d8d67cf-r2rwn 1/1 Running 0 23m 查看属于哪个节点: [ ~]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-deploy-55d8d67cf-r2rwn 1/1 Running 0 24m 10.244.1.5 master2.com <none> <none>
其它报错处理
问题1:代理无法拉取镜像
代理如果无法使用,手动拉镜像:
https://blog.csdn.net/sjyu_ustc/article/details/79990858
https://blog.51cto.com/liuzhengwei521/2301497
https://www.cnblogs.com/zxy860320/p/9996109.html
https://blog.csdn.net/Mr_rsq/article/details/84943480
https://blog.51cto.com/purplegrape/2315451
拉镜像:
docker pull mirrorgooglecontainers/kube-apiserver:v1.13.6
docker pull mirrorgooglecontainers/kube-controller-manager:v1.13.6
docker pull mirrorgooglecontainers/kube-scheduler:v1.13.6
docker pull mirrorgooglecontainers/kube-proxy:v1.13.6
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.2.24
docker pull coredns/coredns:1.2.6
docker pull quay.io/coreos/flannel:v0.10.0-amd64
打标:
docker tag mirrorgooglecontainers/kube-apiserver:v1.13.6 k8s.gcr.io/kube-apiserver:v1.13.6
docker tag mirrorgooglecontainers/kube-controller-manager:v1.13.6 k8s.gcr.io/kube-controller-manager:v1.13.6
docker tag mirrorgooglecontainers/kube-scheduler:v1.13.6 k8s.gcr.io/kube-scheduler:v1.13.6
docker tag mirrorgooglecontainers/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24 docker tag coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
docker tag anjia0532/pause:3.1 k8s.gcr.io/pause:3.1
docker tag mirrorgooglecontainers/kube-proxy:v1.13.6 k8s.gcr.io/kube-proxy:v1.13.6
拉取:
kubeadm config images list |sed -e ‘s/^/docker pull /g‘ -e ‘s#k8s.gcr.io#mirrorgooglecontainers#g‘ | sh -x
docker pull coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
打标:
docker images |grep mirrorgooglecontainers |awk ‘{print "docker tag",$1":"$2,$1":"$2}‘ |sed -e ‘s#mirrorgooglecontainers#k8s.gcr.io#2‘ |sh -x
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
删除旧镜像:
docker images |grep mirrorgooglecontainers |awk ‘{print "docker rmi -f", $1":"$2}‘ |sh -x问题2:docker存储报错处理链接:
https://cloud.tencent.com/info/bfe4fa029038643970af08b6f13624c8.html
问题3:cgroup不一致报错(如果无法解决,建议使用centos7.4以上系统,最新系统更好):
https://blog.csdn.net/Andriy_dangli/article/details/85062983
[ ~]# vi /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
[ ~]# vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=cgroupfs"通过阿里云镜像下载K8S镜像
https://blog.csdn.net/zsd498537806/article/details/85157560
相关推荐
kunyus 2020-10-28
hubanbei00的家园 2020-10-25
btqszl 2020-10-21
shurenyun 2020-08-19
CurrentJ 2020-08-18
88427810 2020-11-02
XiaoMuFireAnt 2020-09-02
hegaoye0 2020-08-18
WFMoonlight 2020-08-17
xiunai 2020-08-02
技术积累LZ 2020-07-28
lilygg 2020-07-22
akcsdno 2020-07-21
winc 2020-07-05
Dannyvon 2020-07-04
###host字段指定授权使用该证书的etcd节点IP或子网列表,需要将etcd集群的3个节点都添加其中。cp etcd-v3.3.13-linux-amd64/etcd* /opt/k8s/bin/
xiunai 2020-07-04
hevenue 2020-06-28
xiunai 2020-06-28
ajuan 2020-06-25