centos下安装配置k8s、dashboard及helm

centos下安装配置k8s、dashboard及helm
参考：k8s搭建：https://mp.weixin.qq.com/s?__biz=MzIwNjQyOTMyOA==&mid=100000018&idx=1&sn=7a11b3baa999f5760394adfbb3c4f42c&scene=19#wechat_redirect
k8s搭建：https://blog.csdn.net/u013772906/article/details/109746708
dashboard安装及配置：https://blog.csdn.net/zz_aiytag/article/details/103874977/
注：1-9、11、13、16为所有节点都执行，10、12、14、15、17为主节点执行
从节点加入主节点可根据主节点初始化后的提示进行

1. yum install -y wget vim net-tools epel-release —安装必要工具

2. vi /etc/sysconfig/network-scripts/ifcfg-eno16777736 —配置固定ip

3. vim /etc/hosts —将主机名与ip加入映射

4. swapoff -a —关闭swap分区
   sed -i ‘s/.swap./#&/’ /etc/fstab —永久关闭

5. setenforce 0 —关闭selinux
   sed -i ‘s/SELINUX=permissive/SELINUX=disabled/g’ /etc/sysconfig/selinux —永久关闭
   sed -i “s/SELINUX=enforcing/SELINUX=disabled/g” /etc/sysconfig/selinux

6. systemctl disable firewalld —关闭防火墙开机自启
   systemctl stop firewalld —关闭防火墙

7. mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup —备份yum源
   wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo —修改yum源为阿里云
   cat < /etc/yum.repos.d/kubernetes.repo {
   [kubernetes]
   name=Kubernetes —配置k8s国内源
   baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
   enabled=1
   gpgcheck=0
   EOF }
   yum clean all —清除缓存
   yum makecache fast —重新加载

8. yum -y install yum-utils device-mapper-persistent-data lvm2 —安装docker必要插件
   yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo —配置docker国内源
   yum -y install docker-ce-19.03.13-3.el7 —安装指定版本docker-ce
   systemctl enable docker —设置开机自启
   systemctl start docker —启动docker
   cat > /etc/docker/daemon.json <<EOF {
   {
   “exec-opts”: [“native.cgroupdriver=systemd”] —配置docker使用systemd来管理
   }
   EOF }
   systemctl daemon-reload —重新加载修改过的系统配置文件
   systemctl restart docker —重启docker

9. yum -y install kubeadm-1.17.2-0 kubelet-1.17.2-0 kubectl-1.17.2-0 kubernetes-cni —使用kubeadm安装配置k8s，安装指定版本
   systemctl enable kubelet —设置开机自启
   kubeadm config images list —查看当前版本所需镜像

   yum -y remove kubeadm-1.17.2-0 kubelet-1.17.2-0 kubectl-1.17.2-0 kubernetes-cni —卸载

   cat <<EOF > pullimage.sh														{
    #!/bin/bash
   
    ## 使用如下脚本下载国内镜像，并修改tag为google的tag
    set -e
   
    KUBE_VERSION=v1.17.2
    KUBE_PAUSE_VERSION=3.1
    ETCD_VERSION=3.4.3-0
    CORE_DNS_VERSION=1.6.5
   
    GCR_URL=k8s.gcr.io
    ALIYUN_URL=registry.cn-hangzhou.aliyuncs.com/google_containers						---改为所需镜像的对应版本，设置国内源，修改image标签
   
    images=(kube-proxy:${KUBE_VERSION}
    kube-scheduler:${KUBE_VERSION}
    kube-controller-manager:${KUBE_VERSION}
    kube-apiserver:${KUBE_VERSION}
    pause:${KUBE_PAUSE_VERSION}
    etcd:${ETCD_VERSION}
    coredns:${CORE_DNS_VERSION})
   
    for imageName in ${images[@]} ; do
   	docker pull $ALIYUN_URL/$imageName
   	docker tag  $ALIYUN_URL/$imageName $GCR_URL/$imageName
   	docker rmi $ALIYUN_URL/$imageName
    done
    EOF																			}
   

   echo “1”>/proc/sys/net/bridge/bridge-nf-call-iptables —将bridge-nf-call-iptables设置为1

10. kubeadm init --kubernetes-version=v1.17.2 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.2.100
    —master节点初始化（在哪台执行哪台就是master），flannel网络对应的是10.244网段，后边为当前服务器ip
    mkdir -p $HOME/.kube —根据初始化后的提示执行
    sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    sudo chown $(id-u):$(id -g) $HOME/.kube/config

11. kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
    —安装flannel网络插件（需要先将ip199.232.96.133与域名raw.githubusercontent.com加入hosts映射）
    kubectl -n kube-system get po -l app=flannel -o wide —查看flannel是否启动成功

12. scp -r /etc/kubernetes/admin.conf node1:/etc/kubernetes/ —将主节点admin权限复制到从节点（从节点可以执行kubectl相关命令）
    scp -r /etc/kubernetes/admin.conf node2:/etc/kubernetes/

13. docker save -o kube-proxy.tar k8s.gcr.io/kube-proxy:v1.17.2 —将主节点的image打包到从节点，从节点进行安装
    docker save -o pause.tar k8s.gcr.io/pause:3.1

14. wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml —下载dashboard
    vim recommended.yaml —将servise类型改为NodePort，将nodePort端口改为30001，设置为在master节点部署（nodeName: master）
    kubectl apply -f recommended.yaml —使用yaml部署
    kubectl get pods,svc -n kubernetes-dashboard -o wide —查看状态

15. cat < create-admin.yaml {
    apiVersion: v1
    kind: ServiceAccount
    metadata:
    name: admin-user
    namespace: kubernetes-dashboard

    ---

    apiVersion: rbac.authorization.k8s.io/v1 —配置admin用户
    kind: ClusterRoleBinding
    metadata:
    name: admin-user
    roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: cluster-admin
    subjects:

    • kind: ServiceAccount
      name: admin-user
      namespace: kubernetes-dashboard }
      kubectl apply -f create-admin.yaml —使用配置文件安装
      kubectl get sa,secrets -n kubernetes-dashboard —查看admin用户
      kubectl describe secret admin-user-token-8v76x -n kubernetes-dashboard —查看admin用户token
      使用火狐浏览器 https://masterIP:30001访问

16. iptables -P INPUT ACCEPT && iptables -P OUTPUT ACCEPT && iptables -P FORWARD ACCEPT && iptables -A INPUT -p icmp —修改防火墙配置

17. wget https://get.helm.sh/helm-v3.2.1-linux-amd64.tar.gz —下载helm
    tar -zxvf helm-v3.2.1-linux-amd64.tar.gz —解压
    cp linux-amd64/helm /usr/local/bin/ —配置全局变量