1、关闭自带防火墙
systemctl disable firewalld
systemctl stop firewalld
2、安装etcd和Kubernetes
yum install -y etcd kubernetes
3、按顺序启动所有服务
systemctl start etcd
systemctl start docker
systemctl start kube-apiserver
systemctl start kube-controller-manager
systemctl start kube-scheduler
systemctl start kubelet
systemctl start kube-proxy
安装版:
etcd v3.3.11
Kubernetes v1.5.2
Docker v1.13.1
注意:Docker 1.13以上版本默认将ip-forward设成false了,导致后续kubernetes安装的节点服务在对外暴露时会被防火墙拦截。
解决方法:
vim /etc/sysctl.conf net.ipv4.ip_forward=1
重启系统,查看防火墙配置
iptables -S 显示结果: ... -P FORWARD ACCEPT ...
github上有个issue《docker 1.13 container is not reachable after giving IP-address #211》
4、安装MySQL服务
编写RC脚本:mysql-rc.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: mysql
spec:
replicas: 1
selector:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
运行脚本:
kubectl create -f mysql-rc.yaml
编写Service服务脚本:mysql-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql
spec:
ports:
- port: 3306
selector:
app: mysql
运行脚本:
kubectl create -f mysql-svc.yaml
4、安装Tomcat Web服务
编写RC脚本:myweb-rc.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: myweb
spec:
replicas: 2
selector:
app: myweb
template:
metadata:
labels:
app: myweb
spec:
containers:
- name: myweb
image: kubeguide/tomcat-app:v1
ports:
- containerPort: 8080
编写Service服务脚本:myweb-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: myweb
spec:
type: NodePort
ports:
- port: 8080
nodePort: 30001
selector:
app: myweb
运行脚本:
kubectl create -f myweb-svc.yaml
5、访问Tomcat Web服务
http://x.x.x.x:30001