CentOS7 安装 kubernetes 集群 (单工作节点)
本文档旨在快速部署与体验 kubernetes
,只运行一个工作节点,如果要运行多个工作节点,则还需要考虑一些网络问题
一、基础配置(两端都要)
两台服务器:
- master1 是控制节点,运行
kube-apiserver
,kube-controller-manager
,kube-scheduler
和etcd
四个服务 - node1 是工作节点,实际运行容器的地方,运行
kubelet
,proxy
,cadvisor
和docker
服务说明:
- etcd 是一个高可用的
Key/Value
存储系统,主要用于分享配置和服务发现。 - cAdvisor 是谷歌公司用来分析运行中的
Docker
容器的资源占用以及性能特性的工具。
1.1 编辑 hosts
文件
# vim /etc/hosts
192.168.100.166 master1
192.168.100.167 node1
1.2 关闭防火墙
# systemctl disable iptables-services firewalld
# systemctl stop iptables-services firewalld
因为 docker
与这两种防火墙的兼容性不好
1.3 配置 YUM
源
# vi /etc/yum.repos.d/virt7-docker-common-release.repo
[virt7-docker-common-release]
name=virt7-docker-common-release
baseurl=http://cbs.centos.org/repos/virt7-docker-common-release/x86_64/os/
gpgcheck=0
1.4 安装程序包
# yum -y install --enablerepo=virt7-docker-common-release kubernetes etcd
1.5 编辑配置文件 /etc/kubernetes/config
# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://master1:2379"
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"
# How the replication controller and scheduler find the kube-apiserver
KUBE_MASTER="--master=http://master1:8080"
二、配置 master1
节点
2.1 编辑 /etc/etcd/etcd.conf
# [member]
ETCD_NAME=default
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
#[cluster]
ETCD_ADVERTISE_CLIENT_URLS="http://0.0.0.0:2379"
2.2 编辑 /etc/kubernetes/apiserver
# The address on the local server to listen to.
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"
# Port kubelets listen on
KUBELET_PORT="--kubelet-port=10250"
# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
# Add your own!
KUBE_API_ARGS="--secure-port=0"
2.3 启动服务
for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler; do
systemctl restart $SERVICES
systemctl enable $SERVICES
systemctl status $SERVICES
done
三、配置 node1
节点
3.1 编辑 /etc/kubernetes/kubelet
# The address for the info server to serve on
KUBELET_ADDRESS="--address=0.0.0.0"
# The port for the info server to serve on
KUBELET_PORT="--port=10250"
# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=node1"
# Location of the api-server
KUBELET_API_SERVER="--api-servers=http://master1:8080"
# Add your own!
KUBELET_ARGS=""
3.2 启动服务
for SERVICES in kube-proxy kubelet docker; do
systemctl restart $SERVICES
systemctl enable $SERVICES
systemctl status $SERVICES
done
四、启动一个 POD
4.1 查看可用节点
[root@master1 ~]# kubectl get nodes
NAME STATUS AGE
node1 Ready 4h
如果状态是 Ready
则表示前面的安装基本都是OK的,可以使用了
4.2 定义一个 pod
以 nginx
服务器为例
[root@master1 ~]# mkdir pods
[root@master1 ~]# cd pods
[root@master1 pods]# vim pod-nginx.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
4.3 启动这个 pod
[root@master1 pods]# kubectl create -f pod-nginx.yaml
pod "nginx" created
4.4 查看状态
[root@master1 pods]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 0/1 ContainerCreating 0 2s
[root@master1 pods]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 14s
[root@master1 pods]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE NODE
nginx 1/1 Running 0 1m node1
状态为 Running
表示 pod
已经正常启动
在这里遇到了第一个坑,由于国内访问不了 gcr.io
,导致 pod
一直处于 ContainerCreating
状态,解决的办法是在 node1
节点,从 docker
官方下载 pause
镜像,然后打上 gcr.io
的标签。
[root@node1 ~]# docker pull kubernetes/pause
[root@node1 ~]# docker tag kubernetes/pause gcr.io/google_containers/pause:2.0
[root@node1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/kubernetes/pause latest f9d5de079539 2 years ago 239.8 kB
gcr.io/google_containers/pause 2.0 f9d5de079539 2 years ago 239.8 kB
4.5 尽情的玩耍吧(请忽略)
[root@master1 pods]# kubectl get pods --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE NODE
default httpd 1/1 Running 0 1h node1
default nginx 1/1 Running 0 2m node1
[root@master1 pods]#
[root@master1 pods]# kubectl describe pod nginx
Name: nginx
Namespace: default
Node: node1/192.168.100.167
Start Time: Mon, 12 Sep 2016 16:10:03 +0800
Labels: <none>
Status: Running
IP: 172.17.0.2
Controllers: <none>
Containers:
nginx:
Container ID: docker://c19aa6d59d6c0d3f6795fe7b93bc9f7b55b0653987909b5a28b2489ccf8ff451
Image: nginx:latest
Image ID: docker://sha256:4efb2fcdb1ab05fb03c9435234343c1cc65289eeb016be86193e88d3a5d84f6b
Port: 80/TCP
QoS Tier:
cpu: BestEffort
memory: BestEffort
State: Running
Started: Mon, 12 Sep 2016 16:10:11 +0800
Ready: True
Restart Count: 0
Environment Variables:
Conditions:
Type Status
Ready True
No volumes.
No events.
[root@node1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c19aa6d59d6c nginx:latest "nginx -g 'daemon off" About an hour ago Up About an hour k8s_nginx.538ff56_nginx_default_4ea138f0-78c0-11e6-afbf-000c29e23365_ced077ea
1c5f8babd16a gcr.io/google_containers/pause:2.0 "/pause" About an hour ago Up About an hour k8s_POD.cf58006d_nginx_default_4ea138f0-78c0-11e6-afbf-000c29e23365_3f2bcf72
c757ee7d86e8 httpd:latest "httpd-foreground" 3 hours ago Up 3 hours k8s_httpd.6541ffbe_httpd_default_c3b73c62-78b2-11e6-afbf-000c29e23365_549c4b76
65a441b8787c gcr.io/google_containers/pause:2.0 "/pause" 3 hours ago Up 3 hours k8s_POD.364e00d5_httpd_default_c3b73c62-78b2-11e6-afbf-000c29e23365_047c5258