Kubernetes安裝部署篇
Master安裝
- 關閉防火牆、selinux和swap分區
[root@master01 yum.repos.d]# systemctl stop firewalld
[root@master01 yum.repos.d]# systemctl disable firewalld
[root@master01 yum.repos.d]# setenforce 0
[root@master01 yum.repos.d]# sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
[root@master01 yum.repos.d]# swapoff -a
[root@master01 yum.repos.d]# sed -i 's/.*swap.*/#&/' /etc/fstab
- 修改/etc/hosts解析
[root@master01 yum.repos.d]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.245.130 master01
192.168.245.133 node01
192.168.245.134 node02
- 修改內核參數
[root@master01 yum.repos.d]# vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@master01 yum.repos.d]# sysctl -p
- 配置yum源並進行安裝、啓動
[root@master01 yum.repos.d]# yum install -y wget
[root@master01 yum.repos.d]# mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
[root@master01 yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@master01 yum.repos.d]# yum -y install epel-release
[root@master01 yum.repos.d]# yum clean all && yum makecache
[root@master01 yum.repos.d]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
> [kubernetes]
> name=Kubernetes
> baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
> enabled=1
> gpgcheck=1
> repo_gpgcheck=1
> gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
> EOF
[root@master01 yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
[root@master01 yum.repos.d]# yum install -y docker-ce-18.06.1.ce-3.el7
[root@master01 yum.repos.d]# systemctl enable docker && systemctl start docker
[root@master01 yum.repos.d]# yum install -y kubelet kubeadm kubectl
[root@master01 yum.repos.d]# systemctl enable kubelet
- kubernetes 初始化
kubeadm init --kubernetes-version=1.15.0 \
--apiserver-advertise-address=192.168.245.130 \
--image-repository registry.aliyuncs.com/google_containers \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16 \
--ignore-preflight-errors=NumCPU # k8s要求兩個CPU以上,如若不滿足需加該參數
# 注意將該命令回顯中的token記錄下來
# 生成kube配置文件
[root@master01 yum.repos.d]# mkdir -p /root/.kube
[root@master01 yum.repos.d]#
[root@master01 yum.repos.d]# cp /etc/kubernetes/admin.conf /root/.kube/config
# 配置flannel網絡
[root@master01 yum.repos.d]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml
Node安裝
- 關閉防火牆、selinux和swap分區
[root@node01 yum.repos.d]# systemctl stop firewalld
[root@node01 yum.repos.d]# systemctl disable firewalld
[root@node01 yum.repos.d]# setenforce 0
[root@node01 yum.repos.d]# sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
[root@node01 yum.repos.d]# swapoff -a
[root@node01 yum.repos.d]# sed -i 's/.*swap.*/#&/' /etc/fstab
- 修改/etc/hosts解析
[root@node01 yum.repos.d]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.245.130 master01
192.168.245.133 node01
192.168.245.134 node02
- 修改內核參數
[root@node01 yum.repos.d]# vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@node01 yum.repos.d]# sysctl -p
- 配置yum源並進行安裝、啓動
[root@node01 yum.repos.d]# yum install -y wget
[root@node01 yum.repos.d]# mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
[root@node01 yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@node01 yum.repos.d]# yum -y install epel-release
[root@node01 yum.repos.d]# yum clean all && yum makecache
[root@node01 yum.repos.d]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
> [kubernetes]
> name=Kubernetes
> baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
> enabled=1
> gpgcheck=1
> repo_gpgcheck=1
> gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
> EOF
[root@node01 yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
[root@node01 yum.repos.d]# yum install -y docker-ce-18.06.1.ce-3.el7
[root@node01 yum.repos.d]# systemctl enable docker && systemctl start docker
[root@node01 yum.repos.d]# yum install -y kubelet kubeadm kubectl
[root@node01 yum.repos.d]# systemctl enable kubelet
- 添加至k8s集羣中
[root@node01 yum.repos.d]# kubeadm join 192.168.245.130:6443 --token ctsupa.el3u5d4k6se3skid \ --discovery-token-ca-cert-hash sha256:8475249a210fbca561488a21b54a092c6785d7b983a3ff80ff88413f4328f91f
- 登錄master進行檢查,這裏通過創建一個nginx deployment進行測試
[root@master01 yum.repos.d]# kubectl create deployment nginx --image=nginx
deployment.apps/nginx created
[root@master01 yum.repos.d]# kubectl expose deployment nginx --port=80 --type=NodePort
service/nginx exposed
[root@master01 yum.repos.d]# kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/nginx-554b9c67f9-ttm6m 0/1 Pending 0 3s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 60m
service/nginx NodePort 10.1.10.64 <none> 80:30314/TCP 2s
[root@master01 yum.repos.d]# kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/nginx-554b9c67f9-ttm6m 0/1 Pending 0 7s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 60m
service/nginx NodePort 10.1.10.64 <none> 80:30314/TCP 6s
部署Dashboard
[root@master01 ~]#wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
[root@master01 ~]# sed -i 's/k8s.gcr.io/loveone/g' kubernetes-dashboard.yaml
[root@master01 ~]# sed -i '/targetPort:/a\ \ \ \ \ \ nodePort: 30001\n\ \ type: NodePort' kubernetes-dashboard.yaml
[root@master01 ~]# kubectl create -f kubernetes-dashboard.yaml
[root@master01 ~]# kubectl create serviceaccount dashboard-admin -n kube-system
serviceaccount/dashboard-admin created
[root@master01 ~]# kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created
[root@master01 ~]# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
Name: dashboard-admin-token-lmrx2
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: dashboard-admin
kubernetes.io/service-account.uid: 5b8d5892-6081-4fdf-8fab-704a93fe58e0
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tOHNoN3MiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiYmJjZDc4ODEtYzAwYy00YWM1LTg5MDAtNTdjMTk1ZDZhOWRiIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.xwnMcUu1cQht4rvoSrXlrpYkkUmyf9VFRCMVcA82jGokFyatPHNeiuhX9sRmZxeirl__5sJdmeL9lDYG6BLEavE-YQzOLCkpdY4H179ZLYGuV6ecGUiiCShR6xhsxivg21Ay7RqwQGPi3OHL-8cu8CegupZYoRzt06YZCmLKy-RosfDE9ZrDYZG_NbEm31N8SrLevp33E-DiLsL2kFTG-sB_-VBD3zdcPsJgqgTwVULJf8ODmlC4d1kqqNFPb-BdAh8KtqOu4RXNeOImYZDFSeQpagDq1H9VXg0zThWLBLpAEkbHYSeqVirXWwvwYoyG9Z2nJ9_TaixvgYgXPIyT-A
隨後記錄token,用瀏覽器登錄即可
