8-21 12 views
关于master的安装见:使用kubeadm工具快速安装kubernetes集群-master(1.11.2)
初始配置
关闭selinux和firewall
|
1 2 |
sed -i '/SELINUX/s/enforcing/disabled/g' /etc/selinux/config systemctl disable firewalld && systemctl stop firewalld |
停用swap
vim /etc/fstab
|
1 2 3 4 5 6 7 8 9 10 |
# # /etc/fstab # Created by anaconda on Wed Aug 15 06:27:05 2018 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/centos-root / xfs defaults 0 0 UUID=75fa0611-374f-4d2b-a3ab-4276203eb70f /boot xfs defaults 0 0 #/dev/mapper/centos-swap swap swap defaults 0 0 |
重启系统
|
1 |
reboot |
在系统重启完成后确认以上设置
|
1 2 3 4 5 6 7 8 9 10 11 |
[root@kube-node1 ~]# sestatus SELinux status: disabled [root@kube-node1 ~]# systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:firewalld(1) [root@kube-node1 ~]# free -m total used free shared buff/cache available Mem: 16047 248 15042 8 756 15486 Swap: 0 0 0 |
安装kubeadm和相关工具
配置yum源
官方源的地址是http://yum.kubernetes.io/repos/kubernetes-el7-x86_64,国内无法访问,因为使用了国内阿里的yum源https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64。
|
1 2 3 4 5 6 7 |
tee /etc/yum.repos.d/kube.repo <<EOF [kube] name=Aliyun Repository baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 EOF |
安装Node,并加入集群
安装Node
|
1 2 |
yum makecache yum -y install docker kubeadm kubelet kubectl kubernetes-cni |
启动服务
|
1 2 |
systemctl enable docker && systemctl start docker systemctl enable kubelet && systemctl start kubelet |
执行kubeadm join命令,加入集群
复制master在安装成功后,提示的那条命令
|
1 |
kubeadm join 10.9.54.20:6443 --token x2krg1.8e4lz8i3yn0qku3h --discovery-token-ca-cert-hash sha256:5d94c96130fc6e167281a034a2ba2b37d02ade133417278cc8eae7f6ffd0ca4d |
返回如下信息,表示加入成功
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
Successfully established connection with API Server 10.9.54.20:6443" [kubelet] Downloading configuration for the kubelet from the "kubelet-config-1.11" ConfigMap in the kube-system namespace [kubelet] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [preflight] Activating the kubelet service [tlsbootstrap] Waiting for the kubelet to perform the TLS Bootstrap... [patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "kub-node1" as an annotation This node has joined the cluster: * Certificate signing request was sent to master and a response was received. * The Kubelet was informed of the new secure connection details. Run 'kubectl get nodes' on the master to see this node join the cluster. </pre] [discovery] Successfully established connection with API Server "10.9.54.20:6443" [kubelet] Downloading configuration for the kubelet from the "kubelet-config-1.11" ConfigMap in the kube-system namespace [kubelet] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [preflight] Activating the kubelet service [tlsbootstrap] Waiting for the kubelet to perform the TLS Bootstrap... [patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "kub-node1" as an annotation This node has joined the cluster: * Certificate signing request was sent to master and a response was received. * The Kubelet was informed of the new secure connection details. Run 'kubectl get nodes' on the master to see this node join the cluster. |
安装网络插件
根据提示,在master上通过kubectl get nodes命令,会发现Kubernetes提示Master节点为NotReady状态,这是因为还没有安装CNI网络插件
|
1 2 3 4 |
[root@k8s-master ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-master NotReady master 1m v1.11.2 k8s-node1 NotReady <none> 7s v1.11.2 |
在node上下载相关镜像
master在安装完网络插件后,会向集群内所有的node节点下发安装任务,node在安装网络插件时会依赖这些镜像
|
1 2 3 4 5 6 7 8 9 10 11 |
docker pull mirrorgooglecontainers/pause:3.1 docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1 docker pull mirrorgooglecontainers/pause-amd64:3.1 docker tag mirrorgooglecontainers/pause-amd64:3.1 k8s.gcr.io/pause-amd64:3.1 docker pull coredns/coredns:1.1.3 docker tag coredns/coredns:1.1.3 k8s.gcr.io/coredns:1.1.3 docker pull mirrorgooglecontainers/kube-proxy-amd64:v1.11.2 docker tag mirrorgooglecontainers/kube-proxy-amd64:v1.11.2 k8s.gcr.io/kube-proxy-amd64:v1.11.2 |
weave插件
网络插件有很多选择,可以参考https://kubernetes.io/docs/concepts/cluster-administration/addons/的说明
我这里选择的是weave插件,执行下面命令即可完成安装
|
1 2 3 4 5 6 7 |
[root@k8s-master ~]# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')" serviceaccount/weave-net created clusterrole.rbac.authorization.k8s.io/weave-net created clusterrolebinding.rbac.authorization.k8s.io/weave-net created role.rbac.authorization.k8s.io/weave-net created rolebinding.rbac.authorization.k8s.io/weave-net created daemonset.extensions/weave-net created |
再次查看
|
1 2 3 4 |
[root@k8s-master ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-master Ready master 5m v1.11.2 k8s-node1 Ready <none> 5m v1.11.2 |
验证kubernetes集群安装完成
|
1 2 3 4 5 6 7 8 9 10 11 12 |
[root@k8s-master ~]# kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-78fcdf6894-f29c5 1/1 Running 0 5m kube-system coredns-78fcdf6894-gcfcr 1/1 Running 0 5m kube-system etcd-k8s-master 1/1 Running 0 5m kube-system kube-apiserver-k8s-master 1/1 Running 0 5m kube-system kube-controller-manager-k8s-master 1/1 Running 0 5m kube-system kube-proxy-7s7xp 1/1 Running 0 5m kube-system kube-proxy-9cjrs 1/1 Running 0 5m kube-system kube-scheduler-k8s-master 1/1 Running 0 5m kube-system weave-net-58wnh 2/2 Running 4 5m kube-system weave-net-rs6qh 2/2 Running 0 5m |
如果发现有状态是错误的pod,则可以执行kubectl –namespace=kube-system describe pod [pod_name]来查看错误原因,常见的原因是image镜像没有下载下来,不过要看清楚提示的是node节点没有下载下来还是master自己的。
如果想赏钱,可以用微信扫描下面的二维码,一来能刺激我写博客的欲望,二来好维护云主机的费用; 另外再次标注博客原地址 itnotebooks.com 感谢!
