一、准备工作
systemctl disable firewalldsystemctl stop firewalld
sed -i s'/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
cat /etc/hosts
192.168.1.237 master
192.168.1.238 node1
192.168.1.239 node2
yum -y install ntpdate && ntpdate cn.pool.ntp.org
yum -y update && reboot
vi /etc/yum.repos.d/virt7-docker-common-release.repo
[virt7-docker-common-release]
name=virt7-docker-common-release
baseurl=http://cbs.centos.org/repos/virt7-docker-common-release/x86_64/os/
gpgcheck=0
yum install -y --enablerepo=virt7-docker-common-release etcd kubernetes ntp flannel
二、配置etcd
[root@bogon ~]# grep -v '^#' /etc/etcd/etcd.conf
ETCD_NAME=k8s
ETCD_DATA_DIR="/data/etcd"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://0.0.0.0:2379"
启动etcd
systemctl daemon-reload
systemctl enable etcd.service
systemctl start etcd.service
查看服务状态
systemctl status -l etcd
etcd服务检查
[root@bogon ~]# etcdctl cluster-health
[root@bogon ~]# etcdctl member list
etcd网络配置
etcdctl set /k8s/network/config '{"Network": "10.255.0.0/16"}'
etcdctl get /k8s/network/config
三、Master节点部署
配置kubernetes system config
[root@bogon ~]# grep -v '^#' /etc/kubernetes/config
KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://192.168.1.237:8080"
配置kuber-apiserver启动参数
[root@bogon ~]#grep -v '^#' /etc/kubernetes/apiserver
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_ETCD_SERVERS="--etcd-servers=http://127.0.0.1:2379"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE_API_ARGS=""
启动kube-api-servers服务
systemctl daemon-reload
systemctl enable kube-apiserver.service
systemctl start kube-apiserver.service
验证服务
http://192.168.1.237:8080/healthz
部署kube-controller-manager服务
[root@bogon ~]# cat /etc/kubernetes/controller-manager
KUBE_CONTROLLER_MANAGER_ARGS=""
启动kube-controller-manager
systemctl daemon-reload
systemctl enable kube-controller-manager
systemctl start kube-controller-manager
部署kube-scheduler服务
[root@bogon ~]# cat /etc/kubernetes/scheduler
KUBE_SCHEDULER_ARGS=""
启动kube-scheduler服务
systemctl daemon-reload
systemctl enable kube-scheduler
systemctl start kube-scheduler
Node节点部署
[root@bogon ~]# grep -v '^#' /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.1.237:2379"
FLANNEL_ETCD_PREFIX="/k8s/network"
FLANNEL_OPTIONS="--iface=ens33"
启动flannel
systemctl daemon-reload
systemctl enable flanneld.service
systemctl start flanneld.service
注意启动flannel前要关闭docker这样flannel才会覆盖docker0网桥
flanneld服务启动后就会根据etcd里面配置划分子网了,划分子网是给docker使用的,docker想使用还得折腾一翻,其实就是想办法把几个重要变量传过去,使docker启动时能够使用
注意启动docker前要使某些变量生效,需要:
source /run/flannel/docker
source /run/flannel/subnet.env
在node1上ping node2的docker0能通就标识正常
配置node1 kube-proxy
[root@bogon ~]# grep -v '^#' /etc/kubernetes/config
KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://192.168.1.237:8080"
[root@bogon ~]# grep -v '^#' /etc/kubernetes/proxy
KUBE_PROXY_ARGS=""
配置node1 kubelet
[root@bogon ~]# grep -v '^#' /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_HOSTNAME="--hostname-override=node1"
KUBELET_API_SERVER="--api-servers=http://192.168.1.237:8080"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/pengg/nginx:latest"
KUBELET_ARGS=""
systemctl daemon-reload
systemctl enable kube-proxy.service
systemctl start kube-proxy.service
systemctl daemon-reload
systemctl enable kubelet.service
systemctl start kubelet.service
测试集群
[root@bogon ~]# kubectl get nodes
NAME STATUS AGE
node1 Ready 1h
node2 Ready 1h