環境:
鏡像版本:v1.15.0 — 軟件包也要爲v1.15.0
flannel.tar 爲:v0.10.0-amd6
1.安裝
(1)關閉swap
swapoff -a
vim /etc/fstab
關閉火牆/讓火牆允許服務通過
(2)安裝
yum install -y *
cri-tools-1.13.0-0.x86_64.rpm kubelet-1.15.0-0.x86_64.rpm
kubeadm-1.15.0-0.x86_64.rpm kubernetes-cni-0.7.5-0.x86_64.rpm
kubectl-1.15.0-0.x86_64.rpm
2.導入鏡像
for i in *.tar; do docker load -i $i ; done
coredns.tar etcd.tar
kube-apiserver.tar kube-controller-manager.tar
kube-proxy.tar kube-scheduler.tar
pause.tar
3.vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
sysctl --system
4.其他兩個節點也一樣
scp /etc/sysctl.d/k8s.conf server4:/etc/sysctl.d/
sysctl --system
scp /etc/sysctl.d/k8s.conf server6:/etc/sysctl.d/
sysctl --system
5.主節點初始化kubeadm (cpu至少兩個)
kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=172.25.60.5
有兩個warning,可以忽略
6.根據提示在其他docker節點上執行命令
kubeadm join 172.25.60.5:6443 --token vsbib2.q8fx0hbgwdkc2hc8 \
--discovery-token-ca-cert-hash \
sha256:633b0abc5d56564265e202d17e0a945ffabd1fc97eb769d693679de036e6c96c
注:net.ipv4.ip_forward = 1
sysctl -a| grep ip_forward //查看
vim /etc/sysctl.conf //更改
sysctl -p //刷新
7.主節點建立用戶並授權
[root@server5 ~]#useradd kubeadm
[root@server5 ~]#vim /etc/sudoers
kubeadm ALL=(ALL) NOPASSWD:ALL
[root@server5 ~]#su - kubeadm
##初始化主節點時以提示以下操作
[kubeadm@server5 ~]$ mkdir -p $HOME/.kube
[kubeadm@server5 ~]$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[kubeadm@server5 ~]$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
查看:此時查看處於NotReady
8.server4/5/6: 導入鏡像flannel.tar
docker load -i flannel.tar
9.Master: 編輯kube-flannel.yml
[kubeadm@server5 ~]$ kubectl apply -f kube-flannel.yml
查看:再查看就好了
10.解決kubeadm用戶Tab問題:
[kubeadm@server5 ~]$ echo "source < (kubectl completion bash)" >> .bashrc
1.三個節點導入鏡像
kubernetes-dashboard.tar
2. su - kubeadm
(1) kubectl create -f kubernetes-dashboard.yaml
(2)
kubectl describe svc kubernetes-dashboard -n kube-system
kubectl edit service kubernetes-dashboard -n kube-system
service/kubernetes-dashboard edited //更改Type:NodePort(倒數第三行)
kubectl describe svc kubernetes-dashboard -n kube-system
(3)vim dashboard-admin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
kubectl create -f dashboard-admin.yaml 查看端口號
測試: IP+端口號+token置進行訪問
查看用戶名:
[kubeadm@server5 ~]$ kubectl get secrets -n kube-system | grep admin
admin-user-token-bt5kk kubernetes.io/service-account-token 3 3m5s
根據用戶名查看token值:
[kubeadm@server5 ~]$ kubectl describe secrets admin-user-token-bt5kk -n kube-system