搭建基于Ubuntu的k8s单主节点

不指定版本默认安装最新版，一个主节点和一个从节点
以下是官方搭建环境要求，大概意思需要2核2G配置，相关端口不要被占用

Installing kubeadm
One or more machines running one of:
Ubuntu 16.04+
Debian 9
CentOS 7
RHEL 7
Fedora 25/26 (best-effort)
HypriotOS v1.0.1+
Container Linux (tested with 1800.6.0)
2 GB or more of RAM per machine (any less will leave little room for your apps)
2 CPUs or more
Full network connectivity between all machines in the cluster (public or private network is fine)
Unique hostname, MAC address, and product_uuid for every node. See here for more details.
Certain ports are open on your machines. See here for more details.
Swap disabled. You MUST disable swap in order for the kubelet to work properly
Verify the MAC address and product_uuid are unique for every node
Check required ports
Master node(s)
Protocol Direction Port Range Purpose Used By
TCP Inbound 6443* Kubernetes API server All
TCP Inbound 2379-2380 etcd server client API kube-apiserver, etcd
TCP Inbound 10250 Kubelet API Self, Control plane
TCP Inbound 10251 kube-scheduler Self
TCP Inbound 10252 kube-controller-manager Self
Worker node(s)
Protocol Direction Port Range Purpose Used By
TCP Inbound 10250 Kubelet API Self, Control plane
TCP Inbound 30000-32767 NodePort Services** All

搭建步骤

• 安装docker（两个节点都安装）

apt-get update
apt-get install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") $(lsb_release -cs) stable"
apt-get update && apt-get install -y docker-ce=$(apt-cache madison docker-ce | grep 17.03 | head -1 | awk '{print $3}')

• 安装kubeadm, kubelet and kubectl组件（都安装）

  组件作用：
  kubeadm: the command to bootstrap the cluster.
  kubelet: the component that runs on all of the machines in your cluster and does things like starting pods and containers.
  kubectl: the command line util to talk to your cluster,connect to master,run on master

apt-get update && apt-get install -y apt-transport-https 
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add - 
cat > /etc/apt/sources.list.d/kubernetes.list <<EOF
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubele kubeadm kubectl

• 拉取相关镜像（主节点都拉取，从节点拉取kube-proxy-amd64、pause:3.1即可）

拉取镜像之前查看相关组件版本

kubeadm config images list

根据获取的版本拉取相应镜像，由于拉取镜像在国外，我们可以把国内的镜像拉取到本地，将镜像仓库中的docker镜像并重新打标签，以下是pull镜像的脚本，大家根据自己情况替换相应参数

#! /bin/bash
images=(
"kube-proxy:v1.13.3"
"kube-controller-manager:v1.13.3"
"kube-scheduler:v1.13.3"
"kube-apiserver:v1.13.3"
"kubernetes-dashboard-amd64:v1.8.3"
"coredns:1.2.6"
"etcd:3.2.24"
"pause:3.1"
)
mirror=registry.aliyuncs.com
ns=google_containers
echo "[[mirror=$mirror, namespace=$ns"
for image in ${images[@]}
do
    echo "[[pull image - $image"
    docker pull $mirror/$ns/$image
    docker tag $mirror/$ns/$image k8s.gcr.io/$image
    docker rmi $mirror/$ns/$image
done

• 初始化kubeadm

kubeadm默认会向服务器查询版本号，而查询接口无法访问，指定相应版本

kubeadm init --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --kubernetes-version=v1.11.1

• 启动集群

  （1）# 在主节点可以使用特定用户启动，这里使用root
  mkdir -p $HOME/.kube
  # admin.conf是kubeadm帮我们初始化好的可以让kubectl拿来做配置文件指定连接至k8s的apiServer并完成认证的文件，里面包含了一些配置信息
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config
  # 用root还有一种方法
  export KUBECONFIG=/etc/kubernetes/admin.conf
  
  # 查看集群状态
  kubectl get cs
  NAME                 STATUS    MESSAGE              ERROR
  scheduler            Healthy   ok                   
  controller-manager   Healthy   ok                   
  etcd-0               Healthy   {"health": "true"}
  # 查看node状态，状态为NotReady，是因为没有网络组件
  kubectl get nodes
  NAME      STATUS     ROLES     AGE       VERSION
  bogon     NotReady   master    16m       v1.11.1

• 安装flannel网络（master安装）

sysctl net.bridge.bridge-nf-call-iptables=1
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
# 再次运行查看node状态，为Ready
kubectl get nodes

查看网络组件

# flannel状态为Running即可
kubectl get pods --all-namespaces

• Troubleshooting

可能出现的问题
（1）To run kubeadm init again, you must first tear down the cluster.  
Tear down
方法（简单粗暴）：
kubectl drain <node name> --delete-local-data --force --ignore-daemonsets
kubectl delete node <node name>
kubeadm reset
（2）节点主机名不要相同
（3）Failed to setup network for pod \"my-nginx-1948696469-7p4nn_default(a40fe652-cc14-11e6-8c42-00163e1001d7)\" using network plugins \"cni\": \"cni0\" already has an IP address different from 10.244.1.1/24
在node上执行：kubeadm reset后，之前flannel创建的bridge device cni0和网口设备flannel.1依然健在。
为了保证环境彻底恢复到初始状态，我们可以通过下面命令删除这两个设备：

# ifconfig  cni0 down
# brctl delbr cni0
# ip link delete flannel.1