一、基础环境配置
操作系统:CentOS 7.5,三台节点,1台master,2台nodes
关闭selinux和firewalld
# vim /etc/selinux/configSELINUX=disabled# setenforce 0# systemctl stop firewalld# systemctl disable firewalld
配置chronyd服务,保证各node时间同步(此处使用阿里巴巴提供的ntp时间服务器)
# yum install chrony# vim /etc/chrony.confserver ntp.aliyun.com iburst stratumweight 0driftfile /var/lib/chrony/drift rtcsync makestep 10 3bindcmdaddress 127.0.0.1bindcmdaddress ::1keyfile /etc/chrony.keys commandkey 1generatecommandkey logchange 0.5logdir /var/log/chrony# systemctl enable chronyd # systemctl start chronyd
基于ssh秘钥认证,并且基于域名解析
[root@master ~]# vim /etc/hosts192.168.0.12 master.dongfei.tech master192.168.0.13 node01.dongfei.tech node01192.168.0.14 node02.dongfei.tech node02 [root@master ~]# ssh-keygen[root@master ~]# ssh-copy-id -i .ssh/id_rsa.pub node01[root@master ~]# ssh-copy-id -i .ssh/id_rsa.pub node02[root@master ~]# scp /etc/hosts node01:/etc/[root@master ~]# scp /etc/hosts node02:/etc/
网络环境规划
节点网络:192.168.0.0/24(需要手动配置,推荐配置静态地址)
Pod网络:10.244.0.0/16
Service网络:10.96.0.0/12
配置yum源
[root@master ~]# cd /etc/yum.repos.d/[root@master yum.repos.d]# vim kubernetes.repo[kubernetes]name=Kubernetes Repobaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpggpgcheck=0enabled=1[root@master yum.repos.d]# wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo[root@master yum.repos.d]# sed -i 's/gpgcheck=1/gpgcheck=0/g' docker-ce.repo #注意,将gpgcheck改为0[root@master yum.repos.d]# scp kubernetes.repo docker-ce.repo node01:/etc/yum.repos.d/[root@master yum.repos.d]# scp kubernetes.repo docker-ce.repo node02:/etc/yum.repos.d/
二、安装docker和kubernetes
解决docker-ce依赖包
[root@master ~]# wget https://mirrors.aliyun.com/centos-vault/7.3.1611/extras/x86_64/Packages/container-selinux-2.9-4.el7.noarch.rpm[root@master ~]# yum -y localinstall container-selinux-2.9-4.el7.noarch.rpm
安装docker并配置
[root@master ~]# yum install docker-ce -y[root@node01 ~]# yum install docker-ce -y[root@node02 ~]# yum install docker-ce -y[root@master ~]# vim /usr/lib/systemd/system/docker.service[Service] Environment="HTTPS_PROXY=http://www.ik8s.io:10080"Environment="NO_PROXY=127.0.0.0/8"[root@master ~]# systemctl daemon-reload[root@master ~]# systemctl start docker[root@master ~]# systemctl enable docker[root@master ~]# docker infoHTTPS Proxy: http://www.ik8s.io:10080No Proxy: 127.0.0.0/8
确认bridge-nf-call-iptables参数的值为1
[root@master ~]# cat /proc/sys/net/bridge/bridge-nf-call-iptables1
在master节点上安装配置kubernetes
[root@master ~]# yum install kubelet kubeadm kubectl -y[root@master ~]# systemctl enable kubelet[root@master ~]# vim /etc/sysconfig/kubeletKUBELET_EXTRA_ARGS="--fail-swap-on=false"
初始化master
[root@master ~]# kubeadm init --kubernetes-version=v1.11.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap[root@master ~]# mkdir -p $HOME/.kube[root@master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config[root@master ~]# kubectl get cs #如果此处状态非健康,请检查之前的操作NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health": "true"}将以下信息记录下来
kubeadm join 192.168.0.12:6443 --token vlqtub.4827hc5ga73c9q8c --discovery-token-ca-cert-hash sha256:88f3a75bc1eef8077e4a97736faba1696e25fd3bc86e8347904b1db23f796556
部署flannel
[root@master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml[root@master ~]# kubectl get nodes #等待数分钟,状态为Ready即成功
将master的各配置文件同步到各nodes
[root@master ~]# scp container-selinux-2.9-4.el7.noarch.rpm node01:[root@master ~]# scp container-selinux-2.9-4.el7.noarch.rpm node02:[root@master ~]# scp /usr/lib/systemd/system/docker.service node01:/usr/lib/systemd/system/docker.service[root@master ~]# scp /usr/lib/systemd/system/docker.service node02:/usr/lib/systemd/system/docker.service[root@master ~]# scp /etc/sysconfig/kubelet node01:/etc/sysconfig/kubelet[root@master ~]# scp /etc/sysconfig/kubelet node02:/etc/sysconfig/kubelet
在node01节点中安装配置kubernetes(node02相同操作)
[root@node01 ~]# yum localinstall container-selinux-2.9-4.el7.noarch.rpm -y[root@node01 ~]# yum install docker-ce kubelet kubeadm -y[root@node01 ~]# systemctl enable docker kubelet[root@node01 ~]# systemctl daemon-reload[root@node01 ~]# systemctl start docker[root@node01 ~]# systemctl enable docker[root@node01 ~]# docker infoHTTPS Proxy: http://www.ik8s.io:10080No Proxy: 127.0.0.0/8[root@node01 ~]# kubeadm join 192.168.0.12:6443 --token vlqtub.4827hc5ga73c9q8c --discovery-token-ca-cert-hash sha256:88f3a75bc1eef8077e4a97736faba1696e25fd3bc86e8347904b1db23f796556 --ignore-preflight-errors=Swap
在master节点上查看集群状态
[root@master ~]# kubectl get nodesNAME STATUS ROLES AGE VERSIONmaster.dongfei.tech Ready master 28m v1.11.2node01.dongfei.tech Ready <none> 3m v1.11.2node02.dongfei.tech Ready <none> 3m v1.11.2
三、kubectl的简单使用
创建2个nginx的pod
[root@master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=2deployment.apps/nginx-deploy created
查看命令
[root@master ~]# kubectl get deployment[root@master ~]# kubectl get pods[root@master ~]# kubectl get pods -w[root@master ~]# kubectl get pods -o wide[root@master ~]# kubectl get pods --show-labels
创建Service
[root@master ~]# kubectl expose deployment nginx-deploy --name=nginx --port=80 --target-port=80 --protocol=TCP
查看svc命令
[root@master ~]# kubectl get svc[root@master ~]# kubectl get svc -n kube-system[root@master ~]# kubectl describe svc nginx[root@master ~]# kubectl run client --image=busybox --replicas=1 -it --restart=Never #创建测试client/ # wget -O - -q http://nginx:80/ #俩个pod实现负载均衡Welcome to nginx!
修改svc,使其可以在集群外部访问
[root@master ~]# kubectl edit svc nginx type: NodePort [root@master ~]# kubectl get svc nginxNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE nginx NodePort 10.98.231.135 <none> 80:30562/TCP m 外部访问:http://192.168.0.12:30562
感谢阅读,未完待续。。。
原文出处:https://www.cnblogs.com/L-dongf/p/9539464.html
随时随地看视频
热门评论
-
幕布斯34326792018-09-03 0
查看全部评论kubernetes 的yum 源能否提供下呢,好像国内源不行