通过yum安装kubernetes
# yum -y install etcd kubernetes
关闭防火墙
# systemctl disable firewalld
# systemctl stop firewalld
修改docker文件的OPTIONS
# vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled=false --insecure-registry gcr.io'
修改kubernetes的apiserver,将KUBE_ADMISSION_CONTROL里的--admission-control参数ServiceAccount删除
# vim /etc/kubernetes/apiserver
修改后:
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
修改镜像库地址
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
启动服务
#启动服务
systemctl start etcd
systemctl start docker
systemctl start kube-apiserver
systemctl start kube-controller-manager
systemctl start kube-scheduler
systemctl start kubelet
systemctl start kube-proxy
#开机自启动
systemctl enable etcd
systemctl enable docker
systemctl enable kube-apiserver
systemctl enable kube-controller-manager
systemctl enable kube-scheduler
systemctl enable kubelet
systemctl enable kube-proxy
安装rhsm组件
# yum install *rhsm* -y
创建mysql-rc.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: mysql
spec:
replicas: 1
selector:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
创建pod
#kubectl create -f mysql-rc.yaml
创建service
apiVersion: v1
kind: Service
metadata:
name: mysql1
spec:
type: NodePort
ports:
- port: 3307
nodePort: 33306
targetPort: 3306
selector:
app: mysql
#kubectl create -f mysql-svc.yaml
查看状态
# kubectl get po
NAME READY STATUS RESTARTS AGE
mysql-53hn7 1/1 Running 0 16m
*安装过程异常,pod的状态一直是:ContainerCreating
# kubectl get pod
NAME READY STATUS RESTARTS AGE
mysql-53hn7 0/1 ContainerCreating 0 49s
查看pod的描述发现一直pull不到registry.access.redhat.com/rhel7/pod-infrastructure:latest
# kubectl describe pod mysql-53hn7
Name: mysql-53hn7
Namespace: default
Node: 127.0.0.1/127.0.0.1
Start Time: Mon, 23 Mar 2020 17:07:07 +0800
Labels: app=mysql
Status: Pending
IP:
Controllers: ReplicationController/mysql
Containers:
mysql:
Container ID:
Image: mysql
Image ID:
Port: 3306/TCP
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Volume Mounts: <none>
Environment Variables:
MYSQL_ROOT_PASSWORD: 123456
Conditions:
Type Status
Initialized True
Ready False
PodScheduled True
No volumes.
QoS Class: BestEffort
Tolerations: <none>
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
34m 34m 1 {default-scheduler } Normal Scheduled Successfully assigned mysql-53hn7 to 127.0.0.1
34m 3m 11 {kubelet 127.0.0.1} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
34m 2m 137 {kubelet 127.0.0.1} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
2m 1m 4 {kubelet 127.0.0.1} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
2m 2s 10 {kubelet 127.0.0.1} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
解决方法:
# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
如提示
# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ...
open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory
则需要先获取rpm再执行rpm2cpio,可以pull则跳过下面两步
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem
稍等一会再查看pod已经在running状态
# kubectl get pods
到这里已经安装好了MySQL,通过docker命令进入容器里面查看
# docker ps
获得容器id后,登陆进去设置允许用户远程连接
# docker exec -it a22c6bd29fea bash
登陆mysql
# mysql -uroot -p
alter user 'root'@'%' identified with mysql_native_password by'root';
alter user 'root'@'%' identified by 'xxxx(password)';
到这里可能遇到问题,发现死活远程连接不上(防火墙已经关闭,云端端口规则设置,mysql的远程登陆修改都配好了)
需要重新打开防火墙,将容器的外部访问端口设置再关闭防火墙!巨坑!!!!!!
firewalld:systemctl start firewalld #开启防火墙
firewall-cmd --zone=public --add-port=32307/tcp --permanent #设置端口放开
firewall-cmd --reload #重新加载配置文件
参考资料:
https://blog.csdn.net/qq_26818183/article/details/79374880
https://blog.csdn.net/d7185540/article/details/80868816