前言:由於之前剛開始學習k8s的時候,用的是二進位制方式進行搭建,非常的麻煩,出錯了又需要回退。現在嘗試用比較簡單的kubeadm搭建,非常的簡單。
環境:
centos7.x最小化安裝
docker:docker-ce-18.06.1.ce-3.el7
kubelet-1.5.2 kubeadm-1.5.2 kubectl-1.5.2
192.168.106.137 master
192.168.106.135 node01
192.168.106.136 node02
三臺機器上都要操作:
對於以下操作,建議使用直接用ansible ansible做每臺機器的互信:
ansible all -m authorized_key -a "user=root key='{{ lookup('file', '/root/.ssh/id_rsa.pub') }}' path=/root/.ssh/authorized_keys manage_dir=no" --ask-pass -c paramiko
複製程式碼#換成阿里雲源(curl和wget都可以)
yum install wget
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup && wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo && yum makecache && yum install -y epel-release
複製程式碼#關閉防火牆(防火牆可以選擇用iptables/firewalld直接開放埠)
systemctl stop firewalld
systemctl disable firewalld
複製程式碼#關閉selinux
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
複製程式碼#關閉swap分割槽,交換分割槽Swap就不要使用了,畢竟叢集還是要穩定性為主的
#臨時關閉
swapoff -a
#永久關閉並生效
echo "vm.swappiness = 0" >> /etc/sysctl.conf
sysctl -p
複製程式碼#修改 linux 核心引數
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
複製程式碼#新增hosts
cat >> /etc/hosts <<EOF
192.168.106.137 master
192.168.106.135 node01
192.168.106.136 node02
EOF
複製程式碼#docker安裝
yum install -y yum-utils device-mapper-persistent-data lvm2
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum makecache fast
yum -y install docker-ce-18.06.1.ce-3.el7
systemctl enable docker
systemctl start docker
docker --version
複製程式碼#配置阿里雲加速
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://vg0bksne.mirror.aliyuncs.com"]
}
EOF
systemctl restart docker
複製程式碼#安裝kubeadm, kubelet and kubectl
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet
複製程式碼主節點上:
#初始化主節點
kubeadm init --apiserver-advertise-address=192.168.106.137 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.16.2 --service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16
複製程式碼#安裝網路:
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml
複製程式碼#檢視叢集狀態
kubectl get pods -n kube-system
kubectl get nodes
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
複製程式碼修改皮膚大屏需要修改一些配置
皮膚大屏:
下載配置:
wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
複製程式碼修改配置:
(1):
image: lizhenliang/kubernetes-dashboard-amd64:v1.10.1
複製程式碼(2):
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
nodePort: 30001
複製程式碼#如果中間失敗了,按照你的之前執行的順序進行回退
kubectl delete -f kubernetes-dashboard.yaml
複製程式碼#建立服務帳戶
cat > dashboard_service_account_admin.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
EOF
kubectl apply -f dashboard_service_account_admin.yaml
複製程式碼#建立叢集角色繫結
cat > dashboard_cluster_role_binding_admin.yaml << EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
EOF
kubectl apply -f dashboard_cluster_role_binding_admin.yaml
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}') > admin-token.yaml && cat admin-token.yaml
複製程式碼訪問 192.168.106.134:30001 即可,填入剛剛生成的那段很長的token。
#如果中間有任何涉及其他問題,可以kubectl reset進行重置,然後再進行叢集搭建。