1. 时钟同步(不同步安装可能会出问题):
// 安装
yum install -y chrony
// 启用
systemctl start chronyd
systemctl enable chronyd
// 设置亚洲时区
timedatectl set-timezone Asia/Shanghai
// 启用NTP同步
timedatectl set-ntp yes
最后用 date
命令查看时间,应该和本地时间是一致的
2. 安装kubeadm/kebelet/kebectl:
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
setenforce 0
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet
Some users on RHEL/CentOS 7 have reported issues with traffic being routed incorrectly due to iptables being bypassed. You should ensure net.bridge.bridge-nf-call-iptables is set to 1 in your sysctl config, e.g.
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
3. init集群:
- 一定要先在hosts文件中改所有nodes的名字,不能重复:
vi /etc/hosts
//添加ip 与对应的名字
10.141.212.22 centos-master
10.141.212.23 centos-minion-1
10.141.212.24 centos-minion-2
- 先pull下来init需要的镜像,再在master上init集群:
kubeadm config images pull
kubeadm init --pod-network-cidr=10.244.0.0/16
(会出现报错提示: running with swap on is not supported. Please disable swap
执行 sudo swapoff -a 即可)
输出:
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join 10.141.212.22:6443 --token j4bq1b.puf0hi7bvabpsfas --discovery-token-ca-cert-hash sha256:6ecfd2d8e3a828202e56170d63d3942ef6cd04657d42b27aa82a1f68ba3a98c6
- 向master节点的 /etc/profile 添加
vi /etc/profile
export KUBECONFIG=/etc/kubernetes/admin.conf
source /etc/profile
- 在master节点上Installing a pod network:
sysctl net.bridge.bridge-nf-call-iptables=1
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml
检查(保证kube-dns pod3个都是好的):
kubectl get pods --all-namespaces
在node节点上:
先确定docker开启,再执行 sudo swapoff -a
kubeadm join 10.141.212.22:6443 --token j4bq1b.puf0hi7bvabpsfas --discovery-token-ca-cert-hash sha256:6ecfd2d8e3a828202e56170d63d3942ef6cd04657d42b27aa82a1f68ba3a98c6
输出为:
This node has joined the cluster:
* Certificate signing request was sent to master and a response
was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the master to see this node join the cluster.
4. 拆除集群
Talking to the master with the appropriate credentials, run:
kubectl drain [node name] --delete-local-data --force --ignore-daemonsets
kubectl delete node [node name]
Then, on the node being removed, reset all kubeadm installed state:
kubeadm reset