Kubernetes的简单部署
一、基础环境配置
- 操作系统:CentOS 7.5,三台节点,1台master,2台nodes
- 关闭selinux和firewalld
# vim /etc/selinux/config
SELINUX=disabled
# setenforce 0
# systemctl stop firewalld
# systemctl disable firewalld- 配置chronyd服务,保证各node时间同步(此处使用阿里巴巴提供的ntp时间服务器)
# yum install chrony
# vim /etc/chrony.conf
server ntp.aliyun.com iburst
stratumweight 0
driftfile /var/lib/chrony/drift
rtcsync
makestep 10 3
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
keyfile /etc/chrony.keys
commandkey 1
generatecommandkey
logchange 0.5
logdir /var/log/chrony
# systemctl enable chronyd
# systemctl start chronyd- 基于ssh秘钥认证,并且基于域名解析
[root@master ~]# vim /etc/hosts
192.168.0.12 master.dongfei.tech master
192.168.0.13 node01.dongfei.tech node01
192.168.0.14 node02.dongfei.tech node02
[root@master ~]# ssh-keygen
[root@master ~]# ssh-copy-id -i .ssh/id_rsa.pub node01
[root@master ~]# ssh-copy-id -i .ssh/id_rsa.pub node02
[root@master ~]# scp /etc/hosts node01:/etc/
[root@master ~]# scp /etc/hosts node02:/etc/- 网络环境规划
节点网络:192.168.0.0/24(需要手动配置,推荐配置静态地址)
Pod网络:10.244.0.0/16
Service网络:10.96.0.0/12
- 配置yum源
[root@master ~]# cd /etc/yum.repos.d/
[root@master yum.repos.d]# vim kubernetes.repo
[kubernetes]
name=Kubernetes Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
gpgcheck=0
enabled=1
[root@master yum.repos.d]# wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@master yum.repos.d]# sed -i 's/gpgcheck=1/gpgcheck=0/g' docker-ce.repo #注意,将gpgcheck改为0
[root@master yum.repos.d]# scp kubernetes.repo docker-ce.repo node01:/etc/yum.repos.d/
[root@master yum.repos.d]# scp kubernetes.repo docker-ce.repo node02:/etc/yum.repos.d/二、安装docker和kubernetes
- 解决docker-ce依赖包
[root@master ~]# wget https://mirrors.aliyun.com/centos-vault/7.3.1611/extras/x86_64/Packages/container-selinux-2.9-4.el7.noarch.rpm
[root@master ~]# yum -y localinstall container-selinux-2.9-4.el7.noarch.rpm- 安装docker并配置
[root@master ~]# yum install docker-ce -y
[root@node01 ~]# yum install docker-ce -y
[root@node02 ~]# yum install docker-ce -y
[root@master ~]# vim /usr/lib/systemd/system/docker.service
[Service]
Environment="HTTPS_PROXY=http://www.ik8s.io:10080"
Environment="NO_PROXY=127.0.0.0/8"
[root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl start docker
[root@master ~]# systemctl enable docker
[root@master ~]# docker info
HTTPS Proxy: http://www.ik8s.io:10080
No Proxy: 127.0.0.0/8确认bridge-nf-call-iptables参数的值为1
[root@master ~]# cat /proc/sys/net/bridge/bridge-nf-call-iptables 1
- 在master节点上安装配置kubernetes
[root@master ~]# yum install kubelet kubeadm kubectl -y
[root@master ~]# systemctl enable kubelet
[root@master ~]# vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"- 初始化master
[root@master ~]# kubeadm init --kubernetes-version=v1.11.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
[root@master ~]# mkdir -p $HOME/.kube
[root@master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master ~]# kubectl get cs #如果此处状态非健康,请检查之前的操作
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health": "true"}将以下信息记录下来
kubeadm join 192.168.0.12:6443 --token vlqtub.4827hc5ga73c9q8c --discovery-token-ca-cert-hash sha256:88f3a75bc1eef8077e4a97736faba1696e25fd3bc86e8347904b1db23f796556
- 部署flannel
[root@master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
[root@master ~]# kubectl get nodes #等待数分钟,状态为Ready即成功
- 将master的各配置文件同步到各nodes
[root@master ~]# scp container-selinux-2.9-4.el7.noarch.rpm node01: [root@master ~]# scp container-selinux-2.9-4.el7.noarch.rpm node02: [root@master ~]# scp /usr/lib/systemd/system/docker.service node01:/usr/lib/systemd/system/docker.service [root@master ~]# scp /usr/lib/systemd/system/docker.service node02:/usr/lib/systemd/system/docker.service [root@master ~]# scp /etc/sysconfig/kubelet node01:/etc/sysconfig/kubelet [root@master ~]# scp /etc/sysconfig/kubelet node02:/etc/sysconfig/kubelet
- 在node01节点中安装配置kubernetes(node02相同操作)
[root@node01 ~]# yum localinstall container-selinux-2.9-4.el7.noarch.rpm -y
[root@node01 ~]# yum install docker-ce kubelet kubeadm -y
[root@node01 ~]# systemctl enable docker kubelet
[root@node01 ~]# systemctl daemon-reload
[root@node01 ~]# systemctl start docker
[root@node01 ~]# systemctl enable docker
[root@node01 ~]# docker info
HTTPS Proxy: http://www.ik8s.io:10080
No Proxy: 127.0.0.0/8
[root@node01 ~]# kubeadm join 192.168.0.12:6443 --token vlqtub.4827hc5ga73c9q8c --discovery-token-ca-cert-hash sha256:88f3a75bc1eef8077e4a97736faba1696e25fd3bc86e8347904b1db23f796556 --ignore-preflight-errors=Swap- 在master节点上查看集群状态
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master.dongfei.tech Ready master 28m v1.11.2
node01.dongfei.tech Ready <none> 3m v1.11.2
node02.dongfei.tech Ready <none> 3m v1.11.2三、kubectl的简单使用
- 创建2个nginx的pod
[root@master ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=2
deployment.apps/nginx-deploy created- 查看命令
[root@master ~]# kubectl get deployment
[root@master ~]# kubectl get pods
[root@master ~]# kubectl get pods -w
[root@master ~]# kubectl get pods -o wide
[root@master ~]# kubectl get pods --show-labels- 创建Service
[root@master ~]# kubectl expose deployment nginx-deploy --name=nginx --port=80 --target-port=80 --protocol=TCP- 查看svc命令
[root@master ~]# kubectl get svc
[root@master ~]# kubectl get svc -n kube-system
[root@master ~]# kubectl describe svc nginx
[root@master ~]# kubectl run client --image=busybox --replicas=1 -it --restart=Never #创建测试client
/ # wget -O - -q http://nginx:80/ #俩个pod实现负载均衡
Welcome to nginx!- 修改svc,使其可以在集群外部访问
[root@master ~]# kubectl edit svc nginx
type: NodePort
[root@master ~]# kubectl get svc nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx NodePort 10.98.231.135 <none> 80:30562/TCP 6m
外部访问:http://192.168.0.12:30562感谢阅读,未完待续。。。
版权声明:本文为L-dongf原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。