kuberneters安裝
準備
| hostname | IP | 硬件 | 系統 | 軟件 |
|---|---|---|---|---|
| elk-master | 192.168.1.24 | 2核4G | CentOS 7.2 | docker-ce-18.09.7、kuberneters1.17.1 |
| elk-node1 | 192.168.1.25 | 2核4G | CentOS 7.2 | docker-ce-18.09.7、kuberneters1.17.1 |
| elk-node2 | 192.168.1.26 | 2核4G | CentOS 7.2 | docker-ce-18.09.7、kuberneters1.17.1 |
以下每個主機都要執行
查看centos版本、cpu、設置hostname、關閉防火牆、設置SeLinux、關閉swap
[root@elk-master ~]# hostname
elk-master
[root@elk-master ~]# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
[root@elk-master ~]# lscpu
[root@elk-master ~]# systemctl stop firewalld
[root@elk-master ~]# systemctl disable firewalld
[root@elk-master ~]# setenforce 0
[root@elk-master ~]# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
[root@elk-master ~]# swapoff -a
[root@elk-master ~]# cp /etc/fstab /etc/fstab_tmp
[root@elk-master ~]# cat /etc/fstab_tmp |grep -v swap > /etc/fstab
[root@elk-master ~]# yum install -y wget
安裝docker-ce-18.09.7
關於阿里雲的鏡像加速器這裏就不多介紹可以參考
https://blog.csdn.net/li1325169021/article/details/90770119
獲取後替換下列的XXXXX
#卸載原有docker
[root@elk-master ~]# yum remove -y docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine
#開始安裝
[root@elk-master ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
#docker倉庫
[root@elk-master ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@elk-master ~]# yum install -y docker-ce-18.09.7 docker-ce-cli-18.09.7 containerd.io
#設置阿里雲的docker鏡像加速器 地址獲取參考
[root@elk-master ~]# cat <<EOF >/etc/docker/daemon.json
{
"registry-mirrors": ["https://XXXXX.mirror.aliyuncs.com"]
}
EOF
#啓動docker服務
[root@elk-master ~]# systemctl start docker
#驗證
[root@elk-master ~]# docker version
Client:
Version: 18.09.7
API version: 1.39
Go version: go1.10.8
Git commit: 2d0083d
Built: Thu Jun 27 17:56:06 2019
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 18.09.7
API version: 1.39 (minimum version 1.12)
Go version: go1.10.8
Git commit: 2d0083d
Built: Thu Jun 27 17:26:28 2019
OS/Arch: linux/amd64
Experimental: false
#設置開機啓動
[root@elk-master ~]# systemctl enable docker
如遇啓動不起來,可通過 systemctl status docker 或者 journalctl -xe -u docker 命令查看具體問題
安裝kubernetes
配置/etc/sysctl.conf
vi /etc/sysctl.conf 末行添加
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
保存後執行sysctl -p 生效
#刪除之前裝過的kubernetes
yum remove -y kubelet kubeadm kubectl
#添加k8s的源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
#安裝
yum install -y kubelet-1.17.1 kubeadm-1.17.1 kubectl-1.17.1
#修改docker的Cgroup Driver 爲systemd
sed -i "s#^ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd#g" /usr/lib/systemd/system/docker.service
systemctl daemon-reload
systemctl restart docker
systemctl enable kubelet
初始化 master (elk-master)
export MASTER_IP=192.168.1.24 #master的宿主ip地址
export APISERVER_NAME=elk-master #master的hostname
export POD_SUBNET=10.20.0.1/16 #pod 的subnet
echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts
kubeadm 初始化配置文件創建
rm -f ./kubeadm-config.yaml
cat <<EOF > ./kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v1.17.1
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
controlPlaneEndpoint: "${APISERVER_NAME}:6443"
networking:
serviceSubnet: "10.10.0.0/16"
podSubnet: "${POD_SUBNET}"
dnsDomain: "cluster.local"
EOF
#準備鏡像
kubeadm config images pull
#kubeadm init
#過程比較慢 稍等一會
kubeadm init --config=kubeadm-config.yaml --upload-certs
一切正常後
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of the control-plane node running the following command on each as root:
kubeadm join elk-master:6443 --token csakso.fjzahtnog7h05i7x \
--discovery-token-ca-cert-hash sha256:64c3e4924b1a1fe866259c7cfa4036cab533a5c5e68b74d59cb341dcd8e774df \
--control-plane --certificate-key ebcf32bbc84a183f50c4aaf32b3d370288b0806da0e7c70f1af8a6b4f6c38823
Please note that the certificate-key gives access to cluster sensitive data, keep it secret!
As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use
"kubeadm init phase upload-certs --upload-certs" to reload certs afterward.
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join elk-master:6443 --token csakso.fjzahtnog7h05i7x \
--discovery-token-ca-cert-hash sha256:64c3e4924b1a1fe866259c7cfa4036cab533a5c5e68b74d59cb341dcd8e774df
如果忘記token 後續也可以在master節點上執行kubeadm token create --print-join-command 重新獲取join token
安裝calico3.10.2
wget https://docs.projectcalico.org/v3.10/manifests/calico.yaml
sed -i "s#192\.168\.0\.0/16#${POD_SUBNET}#" calico.yaml
kubectl apply -f calico.yaml
#發現報錯
The connection to the server elk-master:6443 was refused - did you specify the right host or port?
#發現報錯
The connection to the server elk-master:6443 was refused - did you specify the right host or port?
排查錯誤
systemctl status kubelet
journalctl -xeu kubelet
#有個錯誤
Failed to start ContainerManager failed to initialize top level QOS containers: failed to update top level Burstable QOS cgroup : failed to set supported cgroup subsystems for cgroup [kubepods burstable]: failed to find subsystem mount for required subsystem:pids
具體錯誤原因可參考:https://github.com/kubernetes/kubernetes/issues/79046
因此修改kubelet的啓動配置文件 /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf ,在ExecStart上添加 --feature-gates SupportPodPidsLimit=false --feature-gates SupportNodePidsLimit=false,修改後執行systemctl daemon-reload && systemctl restart kubelet。至此,kubelet已經能成功啓動。
#下載需要一段時間 稍等一會 等ready 都爲1時就行
kubectl apply -f calico.yaml
[root@elk-master ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-7489ff5b7c-q6tlw 0/1 Pending 0 2s
kube-system calico-node-qc844 0/1 Init:0/3 0 2s
kube-system coredns-7f9c544f75-cpl8w 0/1 Pending 0 58m
kube-system coredns-7f9c544f75-hcftr 0/1 Pending 0 58m
kube-system etcd-elk-master 1/1 Running 1 2m28s
kube-system kube-apiserver-elk-master 1/1 Running 1 2m28s
kube-system kube-controller-manager-elk-master 1/1 Running 1 2m28s
kube-system kube-proxy-fr6wd 1/1 Running 0 58m
kube-system kube-scheduler-elk-master 1/1 Running 1 2m28s
calicov3.10.2的docker images 已上傳 覺得啓動慢的可以上去下載
calico-cni-3.10.2
calico-node-3.10.2.tar
kube-controllers-3.10.2.tar
calico.yaml 我下載時版本爲3.10.2 如果下載的不是可以下我放雲盤上的地址下載
calico-3.10.2.yaml
注意 cat calico.yaml 中的calico的版本是否我3.10.2的,如果不是,要麼耐心等待會,要麼把calico.yaml
中的3.10.* 修改成3.10.2 然後docker load -i xx.tar ,xx.tar 爲雲盤文件
worker 節點 (elk-node1)
[root@elk-node1 ~]# echo "192.168.1.24 elk-master" >>/etc/hosts
[root@elk-node1 ~]# kubeadm join elk-master:6443 --token csakso.fjzahtnog7h05i7x \
--discovery-token-ca-cert-hash sha256:64c3e4924b1a1fe866259c7cfa4036cab533a5c5e68b74d59cb341dcd8e774df
驗證
kube-system kube-scheduler-elk-master 1/1 Running 3 97m
[root@elk-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
elk-master Ready master 153m v1.17.1
elk-node1 Ready <none> 7m53s v1.17.1
elk-node2 Ready <none> 5m53s v1.17.1
[root@elk-master ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-74c9747c46-kdz5d 1/1 Running 1 63m
kube-system calico-node-dnckh 1/1 Running 0 8m45s
kube-system calico-node-mcqj2 1/1 Running 1 63m
kube-system coredns-7f9c544f75-cpl8w 1/1 Running 1 153m
kube-system coredns-7f9c544f75-hcftr 1/1 Running 1 153m
kube-system etcd-elk-master 1/1 Running 3 98m
kube-system kube-apiserver-elk-master 1/1 Running 3 98m
kube-system kube-controller-manager-elk-master 1/1 Running 4 98m
kube-system kube-proxy-fr6wd 1/1 Running 3 153m
kube-system kube-proxy-hgzt2 1/1 Running 0 8m45s
kube-system kube-scheduler-elk-master 1/1 Running 3 98m
到此kuberneter 使用kubeadm 方式安裝就完成了