單機版搭建kubernetes(K8s)

準備

雲原生的概念越來越火，忍不住去看了看kubernetes，初次接觸，暈暈乎乎的，於是不管三七二十一，先搭建個單機版的再說(沒錢買伺服器，目前也懶得裝虛擬機器)，跑起來也算是第一步吧。網上教程一頓搜，各種配置一頓配，這裡正好做個記錄。

步驟

關閉防火強和selinux

• 關閉防火請

systemctl stop firewalld
systemctl disable firewalld

• 關閉selinux

setenforce 0

• 修改檔案/etc/selinux/config

[root@zhangpeilei ~]# cat /etc/selinux/config
SELINUX=disabled
SELINUXTYPE=targeted

禁用swap

swapoff -a

修改核心引數和模組

• 修改檔案/etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

• 執行命令

sysctl --system

modprobe br_netfilter

安裝docker，網上方法很多

yum -y install yum-utils device-mapper-persistent-data lvm2

yum-config-manager -y --add-repo https://download.docker.com/linux/centos/docker-ce.repo

yum -y install docker-ce-18.06.3.ce-3.el7 docker-ce-cli-18.06.3.ce-3.el7 containerd.io

systemctl start docker

systemctl enable docker

安裝完執行下

docker version

[root@zhangpeilei ~]# docker version
Client:
 Version:           18.06.3-ce
 API version:       1.38
 Go version:        go1.10.3
 Git commit:        d7080c1
 Built:             Wed Feb 20 02:26:51 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server:
 Engine:
  Version:          18.06.3-ce
  API version:      1.38 (minimum version 1.12)
  Go version:       go1.10.3
  Git commit:       d7080c1
  Built:            Wed Feb 20 02:28:17 2019
  OS/Arch:          linux/amd64
  Experimental:     false

安裝kubernates元件

• 修改檔案/etc/yum.repos.d/kubernetes.repo

[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

• 執行命令

yum -y install kubelet-1.13* kubeadm-1.13* kubectl-1.13*
systemctl start kubelet
systemctl enable kubelet

下載kubernetes映象，並且打標籤

docker pull mirrorgooglecontainers/kube-apiserver:v1.13.3

docker pull mirrorgooglecontainers/kube-controller-manager:v1.13.3

docker pull mirrorgooglecontainers/kube-scheduler:v1.13.3

docker pull mirrorgooglecontainers/kube-proxy:v1.13.3

docker pull mirrorgooglecontainers/pause:3.1

docker pull mirrorgooglecontainers/etcd:3.2.24

docker pull coredns/coredns:1.2.6
 
# 打標籤
docker tag mirrorgooglecontainers/kube-apiserver:v1.13.3 k8s.gcr.io/kube-apiserver:v1.13.3

docker tag mirrorgooglecontainers/kube-controller-manager:v1.13.3 k8s.gcr.io/kube-controller-manager:v1.13.3

docker tag mirrorgooglecontainers/kube-scheduler:v1.13.3 k8s.gcr.io/kube-scheduler:v1.13.3

docker tag mirrorgooglecontainers/kube-proxy:v1.13.3 k8s.gcr.io/kube-proxy:v1.13.3

docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1

docker tag mirrorgooglecontainers/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24

docker tag coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6

初始化

kubeadm init --kubernetes-version=v1.13.3

接下來根據提示做如下操作

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')

• 成功後執行如下命令看是否成功

[root@zhangpeilei ~]# kubectl get pods --all-namespaces
NAMESPACE     NAME                                  READY   STATUS    RESTARTS   AGE
kube-system   coredns-86c58d9df4-7b8vr              0/1     Pending   0          76s
kube-system   coredns-86c58d9df4-z8lrf              0/1     Pending   0          76s
kube-system   etcd-zhangpeilei                      1/1     Running   0          22s
kube-system   kube-apiserver-zhangpeilei            1/1     Running   0          13s
kube-system   kube-controller-manager-zhangpeilei   1/1     Running   0          20s
kube-system   kube-proxy-qlmpp                      1/1     Running   0          76s
kube-system   kube-scheduler-zhangpeilei            1/1     Running   0          31s
kube-system   weave-net-2ph7d                       2/2     Running   0          9s

至此我們安裝應該成功了.

master加入節點

kubeadm join <ip>:<port> --token <token> --discovery-token-ca-cert-hash <hash>

檢視節點

[root@zhangpeilei ~]# kubectl get nodes
NAME          STATUS   ROLES    AGE     VERSION
zhangpeilei   Ready    master   3h40m   v1.13.12

但安裝的時候哪有一帆風順的，下面是我碰到的一些問題。

問題一

root@zhangpeilei ~]# kubectl get pods --all-namespaces
Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")

解決方式：如果執行完

kubeadm reset

命令後，需要先

rm -rf $HOME/.kube

然後再執行如下命令:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

問題二

檢視節點

[root@zhangpeilei ~]# kubectl get nodes
NAME          STATUS   ROLES    AGE     VERSION
zhangpeilei   NotReady    master   3h40m   v1.13.12

發現節點狀態是NotReady,首先通過命令檢視日誌

journalctl -f -u kubelet.service

修改檔案/etc/cni/net.d/10-flannel.conflist

{
  "name": "cbr0",
  "cniVersion": "0.2.0",
  "plugins": [
    {
      "type": "flannel",
      "delegate": {
        "hairpinMode": true,
        "isDefaultGateway": true
      }
    },
    {
      "type": "portmap",
      "capabilities": {
        "portMappings": true
      }
    }
  ]
}

修改後執行

systemctl daemon-reload