此方法为使用系统发行方yum源中的软件,并非最新软件
系统版本
CentOS Linux release 7.6.1810 (Core)
内核版本
3.10.0-957.1.3.el7.x86_64
主机配置
三台主机均为虚拟机(虚拟化环境VMware VSphere6.0):
CPU:8核 内存:8G 磁盘:100G
部署架构
etcd集群:10.0.10.63、10.0.10.64、10.0.10.65
kubernetes集群:
master:10.0.10.63
node1:10.0.10.64
node2:10.0.10.65
关闭selinux
sed -i s/SELINUX=enforcing/SELINUX=disabled/g /etc/selinux/config ; cat /etc/selinux/config | grep disabled
setenforce 0
关闭防火墙和NetworkManager
systemctl stop firewalld NetworkManager ; systemctl disable firewalld NetworkManager
安装组件
yum install -y etcd kubernetes
修改etcd配置文件配置集群
vim /etc/etcd/etcd.conf
ETCD_DATA_DIR="/var/lib/etcd/etcd.data"
ETCD_LISTEN_PEER_URLS="http://10.0.10.63:2380"
ETCD_LISTEN_CLIENT_URLS="http://10.0.10.63:2379,http://localhost:2379"
ETCD_NAME="etcd-1"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://10.0.10.63:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://10.0.10.63:2379,http://localhost:2379"
ETCD_INITIAL_CLUSTER="etcd-1=http://10.0.10.63:2380,etcd-2=http://10.0.10.64:2380,etcd-3=http://10.0.10.65:2380"
ETCD_INITIAL_CLUSTER_TOKEN="k8s-etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"
启动etcd
systemctl start etcd ; systemctl enable etcd
检查状态
etcdctl cluster-health
etcdctl member list
master节点:
修改apiserver配置文件
KUBE_API_ARGS ="--insecure-port=8080 --service-cluster-ip-range=1.1.0.0/16 --service-node-port-range=1-65535 --admission_control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota --logtostderr=false --log-dir=/var/log/kubernetes --v=2"
修改config配置文件
KUBE_LOGTOSTDERR="--logtostderr=false"
KUBE_LOG_LEVEL="--v=2"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://10.0.10.63:8080"
修改controller-manager配置文件
KUBE_CONTROLLER_MANAGER_ARGS="--log-dir=/var/log/kubernetes"
修改scheduler配置文件
KUBE_SCHEDULER_ARGS="--log-dir=/var/log/kubernetes"
node节点:
修改config配置文件
KUBE_LOGTOSTDERR="--logtostderr=false"
KUBE_LOG_LEVEL="--v=2"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://10.0.10.63:8080"
修改kubelet配置文件
KUBELET_ADDRESS="--address=10.0.10.63"
KUBELET_HOSTNAME="--hostname-override=10.0.10.63"
KUBELET_API_SERVER="--api-servers=http://10.0.10.63:8080"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
KUBELET_ARGS="--log-dir=/var/log/kubernetes"
修改proxy文件
KUBE_PROXY_ARGS="--log-dir=/var/log/kubernetes"
建立日志目录
mkdir /var/log/kubernetes
chown kube:kube /var/log/kubernetes
服务启动
启动master节点
systemctl restart kube-apiserver ; systemctl enable kube-apiserver
systemctl restart kube-controller-manager ; systemctl enable kube-controller-manager
systemctl restart kube-scheduler ; systemctl enable kube-scheduler
启动node节点
systemctl restart docker ; systemctl enable docker
systemctl restart kubelet ; systemctl enable kubelet
systemctl restart kube-proxy ; systemctl enable kube-proxy
修改kubectl配置文件
[root@localhost ~]
apiVersion: v1
clusters:
- cluster:
server: http://10.0.10.63:8080
contexts: []
current-context: ""
kind: Config
preferences: {}
users: []
测试
[root@bogon ~]
NAME STATUS AGE EXTERNAL-IP
10.0.10.63 Ready 5d <none>
10.0.10.64 Ready 5d <none>
10.0.10.65 Ready 5d <none>
添加rhsm证书
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem