centos下安装配置k8s、dashboard及helm
参考:k8s搭建:https://mp.weixin.qq.com/s?__biz=MzIwNjQyOTMyOA==&mid=100000018&idx=1&sn=7a11b3baa999f5760394adfbb3c4f42c&scene=19#wechat_redirect
k8s搭建:https://blog.csdn.net/u013772906/article/details/109746708
dashboard安装及配置:https://blog.csdn.net/zz_aiytag/article/details/103874977/
注:1-9、11、13、16为所有节点都执行,10、12、14、15、17为主节点执行
从节点加入主节点可根据主节点初始化后的提示进行
-
yum install -y wget vim net-tools epel-release —安装必要工具
-
vi /etc/sysconfig/network-scripts/ifcfg-eno16777736 —配置固定ip
-
vim /etc/hosts —将主机名与ip加入映射
-
swapoff -a —关闭swap分区
sed -i ‘s/.swap./#&/’ /etc/fstab —永久关闭 -
setenforce 0 —关闭selinux
sed -i ‘s/SELINUX=permissive/SELINUX=disabled/g’ /etc/sysconfig/selinux —永久关闭
sed -i “s/SELINUX=enforcing/SELINUX=disabled/g” /etc/sysconfig/selinux -
systemctl disable firewalld —关闭防火墙开机自启
systemctl stop firewalld —关闭防火墙 -
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup —备份yum源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo —修改yum源为阿里云
cat < /etc/yum.repos.d/kubernetes.repo {
[kubernetes]
name=Kubernetes —配置k8s国内源
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
EOF }
yum clean all —清除缓存
yum makecache fast —重新加载 -
yum -y install yum-utils device-mapper-persistent-data lvm2 —安装docker必要插件
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo —配置docker国内源
yum -y install docker-ce-19.03.13-3.el7 —安装指定版本docker-ce
systemctl enable docker —设置开机自启
systemctl start docker —启动docker
cat > /etc/docker/daemon.json <<EOF {
{
“exec-opts”: [“native.cgroupdriver=systemd”] —配置docker使用systemd来管理
}
EOF }
systemctl daemon-reload —重新加载修改过的系统配置文件
systemctl restart docker —重启docker -
yum -y install kubeadm-1.17.2-0 kubelet-1.17.2-0 kubectl-1.17.2-0 kubernetes-cni —使用kubeadm安装配置k8s,安装指定版本
systemctl enable kubelet —设置开机自启
kubeadm config images list —查看当前版本所需镜像yum -y remove kubeadm-1.17.2-0 kubelet-1.17.2-0 kubectl-1.17.2-0 kubernetes-cni —卸载
cat <<EOF > pullimage.sh { #!/bin/bash ## 使用如下脚本下载国内镜像,并修改tag为google的tag set -e KUBE_VERSION=v1.17.2 KUBE_PAUSE_VERSION=3.1 ETCD_VERSION=3.4.3-0 CORE_DNS_VERSION=1.6.5 GCR_URL=k8s.gcr.io ALIYUN_URL=registry.cn-hangzhou.aliyuncs.com/google_containers ---改为所需镜像的对应版本,设置国内源,修改image标签 images=(kube-proxy:${KUBE_VERSION} kube-scheduler:${KUBE_VERSION} kube-controller-manager:${KUBE_VERSION} kube-apiserver:${KUBE_VERSION} pause:${KUBE_PAUSE_VERSION} etcd:${ETCD_VERSION} coredns:${CORE_DNS_VERSION}) for imageName in ${images[@]} ; do docker pull $ALIYUN_URL/$imageName docker tag $ALIYUN_URL/$imageName $GCR_URL/$imageName docker rmi $ALIYUN_URL/$imageName done EOF }
echo “1”>/proc/sys/net/bridge/bridge-nf-call-iptables —将bridge-nf-call-iptables设置为1
-
kubeadm init --kubernetes-version=v1.17.2 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.2.100
—master节点初始化(在哪台执行哪台就是master),flannel网络对应的是10.244网段,后边为当前服务器ip
mkdir -p $HOME/.kube —根据初始化后的提示执行
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown ( i d − u ) : (id -u): (id−u):(id -g) $HOME/.kube/config -
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
—安装flannel网络插件(需要先将ip199.232.96.133与域名raw.githubusercontent.com加入hosts映射)
kubectl -n kube-system get po -l app=flannel -o wide —查看flannel是否启动成功 -
scp -r /etc/kubernetes/admin.conf node1:/etc/kubernetes/ —将主节点admin权限复制到从节点(从节点可以执行kubectl相关命令)
scp -r /etc/kubernetes/admin.conf node2:/etc/kubernetes/ -
docker save -o kube-proxy.tar k8s.gcr.io/kube-proxy:v1.17.2 —将主节点的image打包到从节点,从节点进行安装
docker save -o pause.tar k8s.gcr.io/pause:3.1 -
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml —下载dashboard
vim recommended.yaml —将servise类型改为NodePort,将nodePort端口改为30001,设置为在master节点部署(nodeName: master)
kubectl apply -f recommended.yaml —使用yaml部署
kubectl get pods,svc -n kubernetes-dashboard -o wide —查看状态 -
cat < create-admin.yaml {
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
apiVersion: rbac.authorization.k8s.io/v1 —配置admin用户
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard }
kubectl apply -f create-admin.yaml —使用配置文件安装
kubectl get sa,secrets -n kubernetes-dashboard —查看admin用户
kubectl describe secret admin-user-token-8v76x -n kubernetes-dashboard —查看admin用户token
使用火狐浏览器 https://masterIP:30001访问
- kind: ServiceAccount
-
iptables -P INPUT ACCEPT && iptables -P OUTPUT ACCEPT && iptables -P FORWARD ACCEPT && iptables -A INPUT -p icmp —修改防火墙配置
-
wget https://get.helm.sh/helm-v3.2.1-linux-amd64.tar.gz —下载helm
tar -zxvf helm-v3.2.1-linux-amd64.tar.gz —解压
cp linux-amd64/helm /usr/local/bin/ —配置全局变量