Kubernetes設計架構
Kubernetes集羣包含有節點代理kubelet和Master組件(APIs, scheduler, etc),一切都基於分佈式的存儲系統。下面這張圖是Kubernetes的架構圖
Kubernetes主要由以下幾個核心組件組成:
- etcd保存了整個集羣的狀態;
- apiserver提供了資源操作的唯一入口,並提供認證、授權、訪問控制、API註冊和發現等機制;
- controller manager負責維護集羣的狀態,比如故障檢測、自動擴展、滾動更新等;
- scheduler負責資源的調度,按照預定的調度策略將Pod調度到相應的機器上;
- kubelet負責維護容器的生命週期,同時也負責Volume(CVI)和網絡(CNI)的管理;
- Container runtime負責鏡像管理以及Pod和容器的真正運行(CRI);
- kube-proxy負責爲Service提供cluster內部的服務發現和負載均衡;
除了核心組件,還有一些推薦的Add-ons:
- kube-dns負責爲整個集羣提供DNS服務
- Ingress Controller爲服務提供外網入口
- Heapster提供資源監控
- Dashboard提供GUI
- Federation提供跨可用區的集羣
- Fluentd-elasticsearch提供集羣日誌採集、存儲與查詢
1 安裝前準備
主機列表
本次實驗選擇5臺主機,3臺作爲master主機,2臺作爲node節點
| 節點ip | OS版本 | hostname -f | 安裝軟件 |
|---|---|---|---|
| 192.168.0.1 | RHEL7.4 | k8s-master01 | docker,etcd,flanneld,kube-apiserver,kube-controller-manager,kube-scheduler |
| 192.168.0.2 | RHEL7.4 | k8s-master02 | docker,etcd,flanneld,kube-apiserver,kube-controller-manager,kube-scheduler |
| 192.168.0.3 | RHEL7.4 | k8s-master03 | docker,etcd,flanneld,kube-apiserver,kube-controller-manager,kube-scheduler |
| 192.168.0.4 | RHEL7.4 | k8s-node01 | docker,flanneld,kubelet,kube-proxy |
| 192.168.0.5 | RHEL7.4 | k8s-node02 | docker,flanneld,kubelet,kube-proxy |
關閉防火牆和SELINUX
echo "####Shutdown the firwall####"
systemctl stop firewalld.service
systemctl disable firewalld.service
echo "####Shutdown the firwall Done####"
echo -e "\n"echo "####Set the selinux disable####"
sed -i '/^SELINUX=/c SELINUX=disabled' /etc/selinux/config
setenforce 0
echo "####Set the selinux disable Done####"
echo -e "\n"
設置hostname和hosts
hostnamectl --static set-hostname k8s-master01
hostnamectl --static set-hostname k8s-master02
hostnamectl --static set-hostname k8s-master03
hostnamectl --static set-hostname k8s-node01
hostnamectl --static set-hostname k8s-node02cat << EOF >> /etc/hosts
192.168.0.1 k8s-master01 etcd01
192.168.0.2 k8s-master02 etcd02
192.168.0.3 k8s-master03 etcd03
192.168.0.4 k8s-node01
192.168.0.5 k8s-node02
EOF
安裝docker
cat << EOF > /etc/yum.repos.d/docker180902.repo
[docker180902]
name=docker180902
baseurl=ftp://192.168.100.193/pub/docker180902/
enabled=1
gpgcheck=0
EOFecho "####install docker####"
yum install -y docker-ce
mkdir -p /etc/systemd/system/docker.service.d && tee /etc/systemd/system/docker.service.d/override.conf <<- EOF
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock --storage-driver=overlay2
EOF
systemctl daemon-reload
systemctl enable docker && systemctl restart docker
echo "####install docker Done####"
echo -e "\n"
關閉swap
swapoff -a && sysctl -w vm.swappiness=0
vi /etc/fstab
#UUID=7bff6243-324c-4587-b550-55dc34018ebf swap swap defaults 0 0
設置內核參數
cat << EOF | tee /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness = 0
EOF
sysctl -p /etc/sysctl.d/k8s.conf
創建安裝目錄
mkdir /k8s/etcd/{bin,cfg,ssl} -p
mkdir /k8s/kubernetes/{bin,cfg,ssl} -p
mkdir /k8s/flanneld/ssl -p
ssh-key免密(k8s-master01上)
ssh-keygen
ssh-copy-id 192.168.0.2
ssh-copy-id 192.168.0.3
ssh-copy-id 192.168.0.4
ssh-copy-id 192.168.0.5