节点ip
10.0.0.4 master
10.0.0.5 node
在所有节点上执行
cat <<EOF >>/etc/hosts
10.0.0.4 master
10.0.0.5 node
EOF
关闭防火墙
systemctl stop firewalld && systemctl disable firewalld
关闭selinux
setenforce 0
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
关闭swap
swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab
修改内核
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
修改句柄
echo "* soft nofile 65536" >> /etc/security/limits.conf
echo "* hard nofile 65536" >> /etc/security/limits.conf
echo "* soft nproc 65536" >> /etc/security/limits.conf
echo "* hard nproc 65536" >> /etc/security/limits.conf
echo "* soft memlock unlimited" >> /etc/security/limits.conf
echo "* hard memlock unlimited" >> /etc/security/limits.conf
下载镜像源、安装docker、kubelet
yum install -y wget
mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo
yum clean all && yum makecache
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum install -y docker-ce-18.06.1.ce-3.el7.x86_64
修改dockercgroupdriver为systemd
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
systemctl enable docker && systemctl restart docker
docker –version
Docker version 18.06.1-ce, build e68fc7a
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet
systemctl stop kubelet
在master上执行
kubeadm init --apiserver-advertise-address=10.0.0.4 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
安装flannel
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
查看集群状态,下列显示正常
kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 60m v1.16.1
在node上执行
kubeadm join 10.0.0.4:6443 --token icqnv6.tn35t5at6igs5308 \
--discovery-token-ca-cert-hash sha256:c0f37a3e61b8cb6b64395e51d653eed73bc071cb6b51e56691f6db7865e597de
加入集群成功后在master机器上查看集群状态,下列显示正常
kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 60m v1.16.1
node1 Ready <none> 2m24s v1.16.1
在master上部署dashboard
wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
sed -i 's/k8s.gcr.io/loveone/g' kubernetes-dashboard.yaml
sed -i '/targetPort:/a\ \ \ \ \ \ nodePort: 30001\n\ \ type: NodePort' kubernetes-dashboard.yaml
kubectl create -f kubernetes-dashboard.yam
创建完成后,检查相关服务运行状态
kubectl get deployment kubernetes-dashboard -n kube-system
kubectl get pods -n kube-system -o wide
kubectl get services -n kube-system
netstat -ntlp|grep 30001
在浏览器输入Dashboard访问地址:https://10.0.0.4:30001
温馨提示node加入失败
systemctl stop kubelet
systemctl stop docker
rm -rf /var/lib/cni/
rm -rf /var/lib/kubelet/*
rm -rf /etc/cni/
ifconfig cni0 down
ifconfig flannel.1 down
ifconfig docker0 down
ip link delete cni0
ip link delete flannel.1
systemctl start docker
rm -rf /etc/kubernetes/
iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X