关闭centos 自带的防火墙服务:
systemctl stop firewalld
systemctl disable firewalld
# 直接
yum update
# 安装完一定要重启linux
配置kubenetes 源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[Kubernetes]
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
安装 etcd kubenetes 以下操作会自动安装docker,如果已经安装docker,会报错,卸载重装即可
yum install -y etcd kubernetes
安装好软件后,修改两个配置文件
Docker配置文件 /etc/sysconfig/docker,其中的OPTIONS的内容设置为:
$ vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled=false --insecure-registry gcr.io'
Kubernetes修改apiserver的配置文件,在/etc/kubernetes/apiserver中
$ vim /etc/kubernetes/apiserver
KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,
LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
去掉 ServiceAccount 选项。否则会在往后的pod创建中,会出现类似以下的错误:
Error from server: error when creating "mysql-rc.yaml": Pod "mysql" is forbidden:
no API token found for service account default/default,
retry after the token is automatically created and added to the service account
按照顺序启动
systemctl start etcd
systemctl start docker
systemctl start kube-apiserver
systemctl start kube-controller-manager
systemctl start kube-scheduler
systemctl start kubelet
systemctl start kube-proxy
#设置开机启动
systemctl enable etcd
systemctl enable docker
systemctl enable kube-apiserver
systemctl enable kube-controller-manager
systemctl enable kube-scheduler
systemctl enable kubelet
systemctl enable kube-proxy
验证 kubectl version 显示如下信息说明安装成功
[root@MiWiFi-R4-srv ~]# ps -ef | grep kube
kube 8579 1 0 07:24 ? 00:00:06 /usr/bin/kube-apiserver --logtostderr=true --v=0 --etcd-servers=http://127.0.0.1:2379 --insecure-bind-address=127.0.0.1 --allow-privileged=false --service-cluster-ip-range=10.254.0.0/16 --admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota
kube 8596 1 1 07:25 ? 00:00:11 /usr/bin/kube-controller-manager --logtostderr=true --v=0 --master=http://127.0.0.1:8080
kube 8622 1 0 07:25 ? 00:00:01 /usr/bin/kube-scheduler --logtostderr=true --v=0 --master=http://127.0.0.1:8080
root 8641 1 1 07:25 ? 00:00:17 /usr/bin/kubelet --logtostderr=true --v=0 --api-servers=http://127.0.0.1:8080 --address=127.0.0.1 --hostname-override=127.0.0.1 --allow-privileged=false --pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest
root 8717 1 1 07:25 ? 00:00:08 /usr/bin/kube-proxy --logtostderr=true --v=0 --master=http://127.0.0.1:8080
root 18353 8168 0 07:40 pts/0 00:00:00 grep --color=auto kube
[root@MiWiFi-R4-srv ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"269f928217957e7126dc87e6adfa82242bfe5b1e", GitTreeState:"clean", BuildDate:"2017-07-03T15:31:10Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"269f928217957e7126dc87e6adfa82242bfe5b1e", GitTreeState:"clean", BuildDate:"2017-07-03T15:31:10Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
[root@MiWiFi-R4-srv ~]# etcdctl cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://localhost:2379
cluster is healthy
到目前为止,一个单机版的Kubernetes的环境就安装启动完成了
接着我们创建一些应用
1.启动MySQL容器服务
我们先拉取mysql的服务镜像 :
sudo docker pull mysql
或
docker pull hub.c.163.com/library/mysql:latest
启动MySQL服务
首先为MySQL服务创建一个RC定义文件:mysql-rc.yaml,下面给出了该文件的完整内容,路径目录自己找就可以。
apiVersion: v1
kind: ReplicationController
metadata:
name: mysql
spec:
replicas: 1
selector:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: hub.c.163.com/library/mysql
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
yaml定义文件说明:
- kind:表明此资源对象的类型,例如上面表示的是一个RC
- spec: 对RC的相关属性定义,比如说spec.selector是RC的Pod标签(Label)选择器,既监控和管理拥有这些表情的Pod实例,确保当前集群上始终有且 仅有replicas个Pod实例在运行。
- spec.template定义pod的模板,这些模板会在当集群中的pod数量小于replicas时,被作为依据去创建新的Pod
创建好 mysql-rc.yaml后, 为了将它发布到Kubernetes中,我们在Master节点执行命令
[root@MiWiFi-R4-srv home]# kubectl create -f mysql-rc.yaml
replicationcontroller "mysql" created
接下来,我们用kuberctl命令查看刚刚创建的RC:
[root@MiWiFi-R4-srv home]# kubectl get rc
NAME DESIRED CURRENT READY AGE
mysql 1 0 0 14s
查看Pod的创建情况,可以运行下面的命令:
[root@MiWiFi-R4-srv home]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mysql-b0gk0 0/1 ContainerCreating 0 3s
可见pod的状态处于ContainerCreating,我们需要耐心等待一下,直到状态为Running
NAME READY STATUS RESTARTS AGE
mysql-b0gk0 1/1 Running 0 6m
最后,我们创建一个与之关联的Kubernetes Service - MySQL的定义文件:mysql-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql
spec:
ports:
- port: 3306
selector:
app: mysql
其中 metadata.name是Service的服务名,port定义服务的端口,spec.selector确定了哪些Pod的副本对应本地的服务。
运行kuberctl命令,创建service:
$ kubectl create -f mysql-svc.yaml
service "mysql" created
然后我们查看service的状态
$ kubectl get svc
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 18m
mysql 10.254.185.20 <none> 3306/TCP 14s
注意到MySQL服务被分配了一个值为 10.254.185.20
的CLUSTER-IP,这是一个虚地址,随后,Kubernetes集群中的其他新创建的Pod就可以通过Service 的CLUSTER-IP+端口6379来连接和访问它了。