提示:文章写完后,目录可以自动生成,如何生成可参考右边的帮助文档
一、Swarm的安装
1.安装Docker
使用Ubuntu的软件安装器安装
apt install docker -y
apt install docker.io -y
成功示例如下所示
2.查看是否安装成功
docker -v
3. 拉取swarm镜像
docker pull swarm
4. 初始化 swarm 集群
docker swarm init
5. 查看swarm集群信息
docker info
6. 创建并部署一个service
docker service create --replicas 1 --name yxl alpine ping docker.com\
// 确认服务是否创建成功
docker service ls
7.运行并查看任务
docker service ps yxl
//查看当前node上执行的task
docker ps
8.删除退出
//删除service
docker service rm yxl
//查看是否删除成功
docker service ps yxl
//强制退出swarm
docker swarm leave --force
二、Kubernetes的安装
1.添加Kubernetes signing key 和Repository
代码如下(示例):
sudo apt install curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add
sudo apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"
2.安装Kubeadm
代码如下(示例):
sudo apt install kubeadm
//重启kubelet
systemctl daemon-reload
systemctl restart kubelet
sudo systemctl restart kubelet.service
sudo systemctl daemon-reload
sudo systemctl stop kubelet
sudo systemctl enable kubelet
sudo systemctl start kubelet
3.禁用swapoff
代码如下(示例):
//临时关闭
sudo swapoff -a
//永久关闭 注释掉最后一行的swap
sudo vim /etc/fstab
4.开启路由转发功能以及iptables的过滤策略
vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf
5.初始化Master节点
//初始化master节点
kubeadm init --kubernetes-version=v1.12.3 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.6.6.110
//加入节点
kubeadm join 10.6.6.192:6443 --token afbkdo.6335xh1w0lv7odbh --discovery-token-ca-cert-hash sha256:b9abe5a668609f0225c8bb3ecba3a70a0be370f90905fcce79a6d783bbd0aeef
//配置主节点是否参与调度
kubectl taint nodes master.k8s node-role.kubernetes.io/master-
kubectl taint nodes master.k8s node-role.kubernetes.io/master=:NoSchedule
6.开启非安全端口访问
- --secure-port=6443
- --insecure-bind-address=0.0.0.0
- --insecure-port=8080
7.配置证书续期
- --kubeconfig=/etc/kubernetes/controller-manager.conf
- --experimental-cluster-signing-duration=87600h0m0s
- --feature-gates=RotateKubeletServerCertificate=true