博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
kubernetes环境搭建
阅读量:6540 次
发布时间:2019-06-24

本文共 6173 字,大约阅读时间需要 20 分钟。

部署前环境准备    计算机集群(centos)    10.0.100.202 master    10.0.100.203 node1    10.0.100.204 node2    集群网络连通    必要端口可用(查看端口:netstat -lntup)    docker已安装(注意:docker版本和k8s版本相适应)修改主机名:    设置hostname为k8s-master    hostnamectl --static set-hostname k8s-master    sysctl kernel.hostname=k8s-master    (也可以使用nmtui命令修改主机名)        添加集群dn配置    /etc/hosts    192.168.0.145 cc00    192.168.0.239 cc01    192.168.0.240 cc02    192.168.0.241 cc03操作系统配置优化(参考:http://blog.gcalls.cn/blog/2017/09/Kubeadm%E9%9B%86%E7%BE%A4%E6%90%AD%E5%BB%BA.html)    setenforce 0    systemctl disable firewalld    systemctl stop  firewalld    关闭Selinux    /etc/selinux/config    SELINUX=disabled    网桥配置    /etc/sysctl.d/k8s.conf     net.bridge.bridge-nf-call-ip6tables = 1    net.bridge.bridge-nf-call-iptables = 1    sysctl -p环境清理(重新搭建前清理)kubeadm resetrm -rf /etc/kubernetes/manifests    /etc/kubernetes/pki    /var/lib/kubelet    /etc/kubernetes/admin.conf    /etc/kubernetes/kubelet.conf    /var/lib/cni    /run/flannel    /etc/cnikubectl drain 
--delete-local-data --force --ignore-daemonsetskubectl delete node
docker stop $(docker ps -a)docker rm $(docker ps -a -q)安装/启动组件以及相关辅助软件yum安装socat/docker-engine/docker/docker-engine-selinux kubeadm/kubelet/kubectl/kubernetes-cni(注意版本需要相互匹配)启动/重启docker/kubelet服务 systemctl daemon-reload systemctl enable docker systemctl start docker systemctl restart docker systemctl status docker获取k8s核心组件镜像docker pull gcr.io/google_containers/kube-proxy-amd64:v1.7.5docker pull gcr.io/google_containers/kube-apiserver-amd64:v1.7.5docker pull gcr.io/google_containers/kube-controller-manager-amd64:v1.7.5docker pull gcr.io/google_containers/kube-scheduler-amd64:v1.7.5docker pull gcr.io/google_containers/etcd-amd64:3.0.17docker pull gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.1docker pull gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.1docker pull gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.1docker pull gcr.io/google_containers/pause-amd64:3.0flanneldashboard注: 1、版本与kubeadm一致、 2、kubeadm init时,会去执行/etc/kubernetes/manifests下的yaml[其中指定了引用的镜像]部署etcd集群(分别在node1/node2/node3上)docker run -d --hostname $(uname -n) --name etcd -p 2380:2380 -p 2379:2379 \--restart always [container_id] \etcd --name [etcd-i-name/infra-i] --initial-advertise-peer-urls http://[node-i-ip]:2380 \--listen-peer-urls http://0.0.0.0:2380 \--listen-client-urls http://0.0.0.0:2379 \--advertise-client-urls http://[node-i-ip]:2379 \--initial-cluster-token etcd-cluster-1 \--initial-cluster infra0=http://[node-i-ip]:2380 \--initial-cluster-state new关闭网络:unset http_proxyunset https_proxysystemctl daemon-reloadsystemctl enable docker && systemctl restart dockersystemctl enable kubelet && systemctl restart kubeletkubeadm相关配置文件说明/etc/kubernetes├── admin.conf├── controller-manager.conf├── kubelet.conf├── manifests│ ├── kube-apiserver.yaml│ ├── kube-controller-manager.yaml│ └── kube-scheduler.yaml├── pki│ ├── apiserver.crt│ ├── apiserver.key│ ├── apiserver-kubelet-client.crt│ ├── apiserver-kubelet-client.key│ ├── ca.crt│ ├── ca.key│ ├── front-proxy-ca.crt│ ├── front-proxy-ca.key│ ├── front-proxy-client.crt│ ├── front-proxy-client.key│ ├── sa.key│ └── sa.pub└── scheduler.confkube初始化kubeadm init --apiserver-advertise-address=[master-ip] --kubernetes-version=v1.6.7 --pod-network-cidr=172.18.0.0/16 --config=kubeadm-config.yaml --skip-preflight-checkskubeadm-config.yaml(参考官网安装yaml说明) apiVersion: kubeadm.k8s.io/v1alpha1 kind: MasterConfiguration api: advertiseAddress: [master-ip] networking: podSubnet: 172.18.0.0/16 etcd: endpoints: - http://[master-ip]:2379 kubernetesVersion: v1.6.7docker ps查看container启动情况join子节点获取tokenkubeadm token listkubeadm join --token [token] 192.168.0.145:6443配置kubectl认证信息# 非root用户mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/config # root用户export KUBECONFIG=/etc/kubernetes/admin.conf开启主节点部署pod能力 kubectl taint nodes --all node-role.kubernetes.io/master- kubectl label nodes cc00 node-role.kubernetes.io/master=cc00 --overwrite查看master部署情况:kubectl versionkubectl get nodes --show-labelskubectl describe nodes kubectl get pod -o wide --all-namespaceskubectl get service --all-namespaceskubectl get service -n wenlinkubectl describe pods -n=kube-systemkubeadm token listkubectl logs -f -n kube-system安装flannel网络(与前面的镜像匹配)kubectl apply -f \https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel.yml再次查看master上pod情况:pod-dns状态running修改api-server配置,将端口改到8080/etc/kubernetes/manifests/kube-apiserver.yaml - kube-apiserver - --anonymous-auth=false ... ... - --insecure-bind-address=192.168.0.145 - --insecure-port=8080 livenessProbe: failureThreshold: 8 httpGet: host: 192.168.0.145 path: /healthz port: 8080 scheme: HTTP initialDelaySeconds: 15 timeoutSeconds: 15系统重新加载 systemctl daemon-reload && systemctl restart kubelet安装dash-board参考:https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/dashboardhttp://jkzhao.github.io/2017/09/19/Kubernetes1-6%E9%9B%86%E7%BE%A4%E4%B8%8A-%E5%BC%80%E5%90%AF%E4%BA%86TLS-%E5%AE%89%E8%A3%85Dashboard/调试: 查看系统日志 查看pod日志 kubectl logs -f -n kube-system kube-apiserver kubectl logs -f -n kube-system kube-proxy kubectl logs -f -n kube-system kube-dns测试验证创建pull私有仓库镜像的secretkubectl create secret docker-registry aip-docker --docker-server=aip-snapshot-docker.artnj.zte.com.cn --docker-username=aip-ci --docker-password=****** --docker-email=tang.chaobin@zte.com.cn -n aiservice使用busybox工具测试网络是否正常busybox -- curl -- 2048service podkubectl exec -ti busybox -- nslookup kubernetes.default.svc.cluster.local参考资料:官网安装说明:https://kubernetes.io/docs/setup/independent/install-kubeadm/安装笔记http://blog.gcalls.cn/blog/2017/09/Kubeadm%E9%9B%86%E7%BE%A4%E6%90%AD%E5%BB%BA.htmlhttps://saurabh-deochake.github.io/posts/2017/07/post-1/

 

posted on
2018-08-05 09:55 阅读(
...) 评论(
...)

转载于:https://www.cnblogs.com/wenlin-gk/p/9424580.html

你可能感兴趣的文章
定位多线程内存越界问题实践总结【转】
查看>>
Linux RTC驱动模型分析之rtc-sysfs.c【转】
查看>>
GPIO推挽输出和开漏输出详解
查看>>
11-20 bom 浏览器对象模型
查看>>
0430学习进度条
查看>>
修改DevExpress中英文提示,将英文改为中文
查看>>
洛谷P2307 迷宫
查看>>
计蒜之道 百度AI小课堂-上升子序列
查看>>
微信token验证失败的解决方法
查看>>
Linux系统安装jdk
查看>>
mac配置vim语法高亮
查看>>
五大技巧识别钓鱼网站
查看>>
Spark自带Pi程序运行
查看>>
HTML标准事件(包含HTML5)
查看>>
前端技术应该走大前端(全栈)还是专注前端
查看>>
补码原码反码
查看>>
spark SQL学习(spark连接hive)
查看>>
WinEdt打开UTF-8文件乱码问题——ctex[转]
查看>>
C# 串口操作系列(1) -- 入门篇,一个标准的,简陋的串口例子
查看>>
【打假】★撕破港行脸皮-三星官方查验手机真实销售地区★
查看>>