准备实验
主机 | IP | 内存 | CPU核数 | 系统 |
---|---|---|---|---|
k8s-master | 192.168.245.128 | 2G | 1 | centos7.8 |
k8s-node | 192.168.245.129 | 2G | 1 | centos7.8 |
部署k8s集群
一,修改主机名,关闭防火墙
### master
[root@bogon ~]# hostnamectl set-hostname k8s-master
[root@k8s-master ~]# systemctl stop firewalld
[root@k8s-master ~]# setenforce 0
### node
[root@bogon ~]# hostnamectl set-hostname k8s-node1
[root@k8s-node1 ~]# systemctl stop firewalld
[root@k8s-node1 ~]# setenforce 0
二,同步时间,并临时关闭swap
## 在两台服务器上执行下边的操作
[root@k8s-master ~]# ntpdate ntp1.aliyun.com
2 Apr 15:13:33 ntpdate[13421]: adjust time server 120.25.115.20 offset 0.000356 sec
[root@k8s-master ~]# swapoff -a
三,配置网络
## 在两台服务器上执行下边的操作
[root@k8s-master ~]# vim /etc/hosts
192.168.245.128 k8s-master
192.168.245.129 k8s-node1
[root@k8s-master ~]# vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward=1
[root@k8s-master ~]# sysctl --system
四,安装Docker/kubeadm/kubelet【在所有的节点上】
[root@k8s-master ~]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
[root@k8s-master ~]# yum -y install docker-ce
[root@k8s-master ~]# systemctl enable docker && systemctl start docker
[root@k8s-master ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://yol1de5p.mirror.aliyuncs.com"]
}
[root@k8s-master ~]# systemctl restart docker
[root@k8s-master ~]# vim /etc/yum.repos.d/kubernets.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
[root@k8s-master ~]# yum install -y kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0
[root@k8s-master ~]# systemctl enable kubelet
五,部署k8s-master节点
## 这里注意修改apiserver-advertise-address对应IP
kubeadm init \
--apiserver-advertise-address=192.168.200.36 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.18.0 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16 \
--ignore-preflight-errors=all
## 看到如下信息表示初始化成功
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.245.128:6443 --token wssu5b.au7cq1ufu9s5b1fg \
--discovery-token-ca-cert-hash sha256:7f7b7f0b6cee91a86949dc951e3e4b73087257e5a11435d975cb0bd71f757135
[root@k8s-master ~]# echo "$?"
0
[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
[root@k8s-master ~]# ll .kube/config
-rw-------. 1 root root 5455 4月 2 15:46 .kube/config
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master NotReady master 3m30s v1.18.0
### 初始化参数说明
--apiserver-advertise-address 集群通告地址
--image-repository 由于默认拉取镜像地址k8s.gcr.io国内无法访问,这里指定阿里云镜像仓库地址
--kubernetes-version K8s版本,与上面安装的一致
--service-cidr 集群内部虚拟网络,Pod统一访问入口
--pod-network-cidr Pod网络,,与下面部署的CNI网络组件yaml中保持一致
六,部署node节点
[root@k8s-node1 ~]# kubeadm join 192.168.245.128:6443 --token wssu5b.au7cq1ufu9s5b1fg \
--discovery-token-ca-cert-hash sha256:7f7b7f0b6cee91a86949dc951e3e4b73087257e5a11435d975cb0bd71f757135
##这里的验证就是我们在master端部署的时候,给的验证。不要抄错了
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
###在master端查看
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master NotReady master 9m30s v1.18.0
k8s-node1 NotReady <none> 2m43s v1.18.0
七,加载网络插件(master)
[root@k8s-master ~]# wget https://docs.projectcalico.org/v3.8/manifests/calico.yaml
[root@k8s-master ~]# sed -i -e "s?192.168.0.0/16?10.244.0.0/16?g" calico.yaml
[root@k8s-master ~]# kubectl apply -f calico.yaml
daemonset.apps/calico-node created
serviceaccount/calico-node created
deployment.apps/calico-kube-controllers created
serviceaccount/calico-kube-controllers created
[root@k8s-master ~]# kubectl get nodes ###有的时候需要等会
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 17m v1.18.0
k8s-node1 Ready <none> 10m v1.18.0
八,安装Kuboard (master操作)
第三方Kuboard安装网址:https://www.kuboard.cn/
## 在线安装
[root@k8s-master ~]# kubectl apply -f https://addons.kuboard.cn/kuboard/kuboard-v3.yaml
namespace/kuboard created
configmap/kuboard-v3-config created
serviceaccount/kuboard-boostrap created
clusterrolebinding.rbac.authorization.k8s.io/kuboard-boostrap-crb created
daemonset.apps/kuboard-etcd created
deployment.apps/kuboard-v3 created
service/kuboard-v3 created
[root@k8s-master ~]# kubectl get pods -n kuboard ##需要等待一会
NAME READY STATUS RESTARTS AGE
kuboard-agent-2-6cbf57bfd-h5f6k 1/1 Running 0 3m26s
kuboard-agent-668fc4558-t76h4 1/1 Running 0 3m26s
kuboard-etcd-6rkwg 1/1 Running 0 7m6s
kuboard-questdb-64db899bff-28gxz 1/1 Running 0 3m26s
kuboard-v3-695f6bd686-v2nr8 1/1 Running 0 7m6s
在浏览器中打开链接 http://your-node-ip-address:30080