systemctl restart firewalld
systemctl stop firewalld
這裏我用的是一臺服務器
121.36.104.222 ab
121.36.104.222 master
121.36.104.222 etcd
121.36.104.222 node-1
121.36.104.222 registry
kubernetes 工作模式 c/s(客戶端/服務器) b/s(瀏覽器/服務端)
修改主機名
hostnamectl --static set-hostname master
hostnamectl --static set-hostname node-1
安裝epel-release
yum -y install epel-release
修改 /etc/etcd/etcd.conf 配置文件
注:只修改下面未註釋的三行
注:只修改下面未註釋的三行
#[Member]
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" #6行,監控的哪塊網卡,端口
ETCD_NAME="master" #9行 etcd數據庫起的名字
#[Clustering]
#用此路徑訪問etcd數據庫
ETCD_ADVERTISE_CLIENT_URLS="http://0.0.0.1:2379" #21行 路徑訪問到我
systemctl enable etcd && systemctl start etcd
etcdctl -C http://127.0.0.1:2379 cluster-health
顯示如下
[root@ab ~]# etcdctl -C http://127.0.0.1:2379 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://127.0.0.1:2379
cluster is healthy
5)安裝docker
yum install docker -y
修改docker配置文件
vim /etc/sysconfig/docker
//在if語句下面添加一行
OPTIONS='--insecure-registry registry:5000'
docker訪問默認使用443端口,不配置不能用。registry做過主機名解析
啓動docker
systemctl enable docker && systemctl start docker
部署安裝kubernetes
yum install kubernetes -y
注意:
在kubernetes master上需要運行以下組件,故分別配置組件啓動相應服務:
kubernetes API Server
kubernetes Controller Manager
kubernetes Scheduler
修改apiserver配置文件
vi /etc/kubernetes/apiserver
# The address on the local server to listen to. ——監聽地址
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
# The port on the local server to listen on.——監聽端口
KUBE_API_PORT="--port=8080"
# Comma separated list of nodes in the etcd cluster ——逗號分割的存在etcd數據庫中的節點列表
KUBE_ETCD_SERVERS="--etcd-servers=http://0.0.0.0:2379"
# default admission control policies——k8s支持的所有控制器,刪掉ServiceAccount和SecurityContextDeny
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
修改config配置文件
vim /etc/kubernetes/config
# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://127.0.0.1:8080" 控制器調度器聯繫apiserver組件的地址
啓動apiserver、控制器、調度器
systemctl start kube-apiserver.service && systemctl enable kube-apiserver.service
systemctl start kube-controller-manager.service && systemctl enable kube-controller-manager.service
systemctl start kube-scheduler.service && systemctl enable kube-scheduler.service
部署node節點,因爲我們master和node是同一臺主機,所以下面關於node的重複步驟可以不做的,若多臺主機的話,node節點按照以下配置。
node安裝docker
yum install docker -y
修改docker配置文件
vim /etc/sysconfig/docker
//在if語句後面添加一行
OPTIONS='--insecure-registry registry:5000'
啓動node節點的docker
# systemctl enable docker && systemctl start docker
node節點需要兩個組件:
Kubelet
kubernetes Proxy
修改node節點配置文件,單臺主機的話,這個是不需要修改的,上邊已經改過了
vim /etc/kubernetes/config
# How the controller-manager, scheduler, and proxy find the apiserver
# —— 連接apiserver的地址
KUBE_MASTER="--master=http://127.0.0.1:8080"
修改kubelet配置文件
vim /etc/kubernetes/kubelet
# kubernetes kubelet (minion) config
# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=0.0.0.0" kubelet監聽地址
# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=121.36.104.222" #使用自己的主機名稱,#11 行 node節點主機名或者IP
# location of the api-server
KUBELET_API_SERVER="--api-servers=http://127.0.0.1:8080" #api-server 的地址
啓動
systemctl start kubelet.service && systemctl enable kubelet.service
systemctl start kube-proxy.service && systemctl enable kube-proxy.service
查看節點狀態
在master上查看集羣及節點狀態
[root@ab ~]# kubectl -s http://121.36.104.222:8080 get node
NAME STATUS AGE
127.0.0.1 Ready 1m
[root@ab ~]# kubectl get nodes
NAME STATUS AGE
127.0.0.1 Ready 1m
創建覆蓋網絡 --Flannel #就不用手動配置路由
在master,node上均執行如下命令,進行安裝
集羣中所有主機均需要安裝配置flannel,我們只有一臺主機,配置一臺就行了
yum -y install flannel
配置flannel
vi /etc/sysconfig/flanneld
# etcd url location. Point this to the server where etcd runs
#——配置連接etcd數據庫
FLANNEL_ETCD_ENDPOINTS="http://127.0.0.1:2379"
配置etcd中關於flannel的key
創建子網,子網需要以鍵值對的形式存到數據庫中。
在配置文件中指定目錄,默認會在這個目錄中創建一個config的配置文件用來存放網絡的配置
此步驟默認已經做好,無需再配置
# vi /etc/sysconfig/flanneld
# For address range assignment
FLANNEL_ETCD_PREFIX="/atomic.io/network"
這個是在etcd服務器上操作,管理員以後的操作
配置 flannel 使用的 network,並將配置保存在 etcd 中(IP地址不用改):
etcdctl mk /atomic.io/network/config '{ "Network": "172.17.0.0/16" }'
{ "Network": "172.17.0.0/16" }
每個節點都啓動flannel
systemctl restart flanneld
PS:從etcd中獲取network 配置,併爲本節點產生一個subnet保存在etcd中,並且產生 /run/flannel/subnet.env 文件配置文件內容入下(這個文件不用改):
[root@ab ~]# cat /run/flannel/subnet.env
FLANNEL_NETWORK=172.17.0.0/16
FLANNEL_SUBNET=172.17.47.1/24
FLANNEL_MTU=1472
FLANNEL_IPMASQ=false
啓動
啓動Flannel之後,需要一次重啓docker,kubernets
在master執行
systemctl start flanneld.service && systemctl enable flanneld.service
在 master啓動
重啓所有服務
systemctl restart flanneld.service && systemctl restart docker && systemctl restart kube-apiserver.service && systemctl restart kube-controller-manager.service && systemctl restart kube-scheduler.service
如果有一天網絡不能用了需要 更新
網絡刷新一下(排錯的時候使用,部署的時候不用)
etcdctl update /atomic.io/network/config '{"Network":"172.17.0.0/16"}'
然後在每個minion 節點上,flannel 啓動,他從etcd中獲取 network 配置,併爲本節點產生一個subnet,也保存在etcd中。並且產生 /run/flannel/subnet.env 文件:
cat /run/flannel/subnet.env
FLANNEL_NETWORK=172.17.0.0/16 #這是全局的 flannel network
FLANNEL_SUBNET=172.17.38.1/24 #這是本節點上 flannel subnet
FLANNEL_MTU=1472
FLANNEL_IPMASQ=false
在node 節點上
重啓所有服務
systemctl restart flanneld.service && systemctl restart docker && systemctl restart kubelet.service && systemctl restart kube-proxy.service
部署dashboard,首先需要兩個鏡像,不翻牆也可以下載,就是比較慢。
docker pull daocloud.io/daocloud/google_containers_kubernetes-dashboard-amd64:v1.6.1 #國內即可下載
裝載另一個鏡像
docker pull docker.io/tianyebj/pod-infrastructure
docker save -o podinfrastructure.tar docker.io/tianyebj/pod-infrastructure
docker load < podinfrastructure.tar
查看導入後的鏡像
docker images
所有node節點修改配置文件,單臺主機的話,既是master也是node也要修改。
vi /etc/kubernetes/kubelet
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=docker.io/tianyebj/pod-infrastructure:latest"
//此處要與你的鏡像名稱保持一致!
重啓服務
systemctl restart kubelet
master節點任意目錄創建yaml文件
vi dashboard.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
# Keep the name in sync with image version and
# gce/coreos/kube-manifests/addons/dashboard counterparts
name: kubernetes-dashboard-latest
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
version: latest
kubernetes.io/cluster-service: "true"
spec:
containers:
- name: kubernetes-dashboard
image: daocloud.io/daocloud/google_containers_kubernetes-dashboard-amd64:v1.6.1
resources:
# keep request = limit to keep this container in guaranteed class
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 9090
args:
- --apiserver-host=http://121.36.104.222:8080
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
第一個箭頭指向的地方需要和你的鏡像名稱保持一致,一定要一致,不知道名稱,使用docker images命令進行查看。
第二個箭頭指向的地方修改爲自己虛擬機的IP地址,虛擬機自己網卡的ipv4地址
接着創建第二個yaml文件,照抄下面就行,不用修改
vi dashboardsvc.yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
spec:
selector:
k8s-app: kubernetes-dashboard
ports:
- port: 80
targetPort: 9090
master執行如下命令。
# kubectl create -f dashboard.yaml
# kubectl create -f dashboardsvc.yaml
不想用了,刪除上面兩個
kubectl delete deployment kubernetes-dashboard-latest --namespace=kube-system
kubectl delete svc kubernetes-dashboard-latest --namespace=kube-system
[root@ab ~]# kubectl get pod -o wide --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE
kube-system kubernetes-dashboard-latest-2292089379-rmn0m 1/1 Running 0 23s 172.17.0.2 127.0.0.1
這個狀態status一定要是running纔算成功,
使用瀏覽器驗證:
瀏覽器輸入:http://121.36.104.222:8080/ui
創建一個nginx 的Pod的 yaml文件
示例
vi dc-nginx.yaml
apiVersion: v1
kind: Pod
metadata:
name: dc-nginx
labels:
web: nginx
nginx: nginx1
spec:
containers:
- name: dc-nginx-web
image: daocloud.io/library/nginx
ports:
- containerPort: 80
創建
kubectl create -f dc-nginx.yaml
pod "dc-nginx" created
查看pod容器 #顯示READY 是 0/1 是不正常的
[root@ab ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
dc-nginx 0/1 ContainerCreating 0 11s
在重新獲取一次
[root@ab ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
dc-nginx 1/1 Running 0 30s
進入Pod 對應的容器內部
kubectl exec -it dc-nginx /bin/bash
刪除Pod:
kubectl delete pod pod名 #單個刪除
kubectl delete pod --all #批量刪除
例如
kubectl delete pod dc-nginx
pod "dc-nginx" deleted
重新啓動基於yaml文件的應用
kubectl delete -f xxx.yaml
kubectl create -f xxx.yaml
頁面創建應用
http://www.mamicode.com/info-detail-2921170.html 2,典型使用場景 ,從這裏開始看
使用命令kubectl run創建應用
https://www.cnblogs.com/linuxk/p/9525150.html