K8S集群搭建

参考地址：    

https://www.cnblogs.com/wml3030/p/15510747.html

官方文档:  

https://kubernetes.io/docs/reference/setup-tools/kubueadm/kubeadm

https://kubernetes.io/docs/setup/independet/install-kubeadm

### 1-基础环境

服务器 linux-centos 7.6

master节点 192.168.198.111    (k111)

slaver节点 192.168.198.112     (k112)

slaver节点  192.168.198.113    (k113)

### 1-基础环境

#### >关闭防火墙 selinux

```

setenforce 0

iptables -F

systemctl stop firewalld

systemctl disable firewalld

systemctl stop NetworkManager

systemctl disable NetworkManager

sed -i '/^SELINUX=/s/enforcing/disabled/' /etc/selinux/config  

```

#### >部署主机并绑定hosts

```

hostnamectl set-hostname k111

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.198.111 k111

192.168.198.112 k112

192.168.198.113 k113

```

#### >阿里云的yum源

```

1. 备份一下

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo_bak

2.下载Centos7-阿里yum源

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

3.配置k8s地址

vi  /etc/yum.repos.d/kubernetes.repo

[kubernetes]

name=Kubernetes

baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64

enabled=1

gpgcheck=1

repo_gpgcheck=1

gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

 

4.重新加载yum

yum clean all &&  yum makecache

 

```

#### >主机配置初识化

``` 

yum -y install vim wget net-tools lrzsz

swapoff -a

sed -i '/swap/s/^/#/' /etc/fstab

cat <<EOF>> /etc/sysctl.conf

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

EOF

modprobe br_netfilter

sysctl -p

``` 

#### >所有主机部署docker环境

```

参考菜鸟教程 

CentOS Docker 安装 | 菜鸟教程CentOS Docker 安装 Docker 支持以下的 64 位 CentOS 版本： CentOS 7 CentOS 8 更高版本... 使用官方安装脚本自动安装 安装命令如下： curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun 也可以使用国内 daocloud 一键安装命令： curl -sSL https://get.daoclou..https://www.runoob.com/docker/centos-docker-install.html

```

#### >所有主机配置阿里云镜像加速

```

sudo mkdir -p /etc/docker

sudo tee /etc/docker/daemon.json <<-'EOF'

{

  "registry-mirrors": ["https://h9icw8m9.mirror.aliyuncs.com"]

}

EOF

sudo systemctl daemon-reload

sudo systemctl restart docker

```

 

### 2-部署kubernetes集群

#### 架构图

#### 组件介绍

```

kubeadm：安装工具，使所有的组件都会以容器的方式运行

kubectl：客户端连接k8s api 工具

kubelet：运行在node节点，用来启动容器的工具

```

#### A.所有主机安装kubelet kubeadm kubectl

```

yum install -y  kubelet-1.17.0 kubeadm-1.17.0 kubectl-1.17.0

或者

yum install -y  kubelet-1.20.0 kubeadm-1.20.0 kubectl-1.20.0

[root@k8s-master ~]# systemctl enable kubelet.service 

#kubelet刚安装后是无法启动的，需要加入节点或者初始化为master后才可以启动

```

#### B.在master主机上配置

* 配置init-config.yaml

```

#在master主机上配置

#打印初始化相关的配置到config.yaml文件中

mkdir -pv /usr/local/k8s

cd  /usr/local/k8s

kubeadm config print init-defaults > init-config.yaml

```

init-config.yaml

```

apiVersion: kubeadm.k8s.io/v1beta2

bootstrapTokens:

- groups:

  - system:bootstrappers:kubeadm:default-node-token

  token: abcdef.0123456789abcdef

  ttl: 24h0m0s

  usages:

  - signing

  - authentication

kind: InitConfiguration

localAPIEndpoint:

  advertiseAddress: 192.168.198.111  #master的ip

  bindPort: 6443

nodeRegistration:

  criSocket: /var/run/dockershim.sock

  name: k111

  taints:

  - effect: NoSchedule

    key: node-role.kubernetes.io/master

---

apiServer:

  timeoutForControlPlane: 4m0s

apiVersion: kubeadm.k8s.io/v1beta2

certificatesDir: /etc/kubernetes/pki

clusterName: kubernetes

controllerManager: {}

dns:

  type: CoreDNS

etcd:

  local:

    dataDir: /var/lib/etcd  #容器挂载到本地的目录

#imageRepository: k8s.gcr.io

imageRepository: registry.aliyuncs.com/google_containers  #切换国内的镜像地址

kind: ClusterConfiguration

kubernetesVersion: v1.17.0

networking:

  dnsDomain: cluster.local

  serviceSubnet: 10.96.0.0/12

  podSubnet: 10.244.0.0/16  #新增pod网段

scheduler: {}

```

```

kubeadm config view  #查看当前集群中的配置值

kubeadm config print join-defaults  #输出kubeadm join 默认参数文件内容

``` 

 

#### C.安装master节点

kubeadm config images list --config init-config.yaml  #查看配置文件关联的镜像（下载）

kubeadm config images pull --config init-config.yaml  #查看配置文件关联的镜像（下载）

kubeadm init --config=init-config.yaml  #初始化安装k8s

```

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube

  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.

Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:

  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.198.111:6443 --token abcdef.0123456789abcdef \

    --discovery-token-ca-cert-hash sha256:f933c7e48512f1d8f1815fa940d27bca5ef3d3bf0da975f63b8932e7674a8c2b

```

#### D.安装node节点

```

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.198.111:6443 --token abcdef.0123456789abcdef \

    --discovery-token-ca-cert-hash sha256:f933c7e48512f1d8f1815fa940d27bca5ef3d3bf0da975f63b8932e7674a8c2b

```

```

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

```

#### E.安装flannel

master节点notready 的原因就是没有网络插件。

获取 kube-flannel.yml 

参考： https://blog.csdn.net/qq_22409661/article/details/113371921

```

执行命令

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml #master运行

或者

kubectl apply -f kube-flannel.yml   #master运行

```

 kubectl get nodes  #再次查看节点

 

#### F.所有主机部署Dashboard

参考： https://www.cnblogs.com/bigberg/p/13469736.html

- A 创建pod容器

```

获取配置文件 recommended.yaml

https://github.com/kubernetes/dashboard/blob/v2.0.1/aio/deploy/recommended.yaml

###修改配置

kind: Service

apiVersion: v1

metadata:

  labels:

    k8s-app: kubernetes-dashboard

  name: kubernetes-dashboard

  namespace: kubernetes-dashboard

spec:

  type: NodePort  # 新增

  ports:

    - port: 443

      targetPort: 8443

      nodePort: 32443 # 新增

  selector:

    k8s-app: kubernetes-dashboard

 

apply -f recommended.yaml   #部署文件

get pods -n kubernetes-dashboard  #查看

```

- B 设置用户

https://github.com/kubernetes/dashboard/blob/v2.0.1/docs/user/access-control/creating-sample-user.md

kubectl apply -f dashboard-adminuser.yaml

```

apiVersion: v1

kind: ServiceAccount

metadata:

  name: admin-user

  namespace: kubernetes-dashboard

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

  name: admin-user

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: cluster-admin

subjects:

- kind: ServiceAccount

  name: admin-user

  namespace: kubernetes-dashboard

```

 

- C K8S-dashboard访问地址：

https://192.168.198.111:32443/#/login

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')

token: 

eyJhbGciOiJSUzI1NiIsImtpZCI6IlEybWJHVmFfQkR5a0lfOElFaHM2NWJNbnR6dGhDYm56c3hqa3dzTjZQMkUifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWtmMnJkIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJjNzRkNjE5YS01ZTg2LTQzZDYtYmJhOS0xNzY1ZmQ0NzBiMjgiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.kaziX37i4d9Y55WHCQcX8HfW2KAaNMD-sP1gIzt7fginzKYqxXuIpXBKPFcl1eZLzx1mF5Qtm6HSW4u4VWlCCfSvDqF2r5ibrJr_jUyPP2G6O5NbxwBmWHFeh4hsUVjvhe-ajNa1mCQ6FsBdsp1IVxflYfZB1qgR9SBzBIASsxJ4QNof_-ZlTE0ER7LTRAYbIdSEN2zpJ85a9YT2_Rj5OEg2EDz1AmvOQWlGj8LlILGTnyPNdg7mWZNDv3ndPOsrbVSBxzou8JKModJqMFC-xN-L5t3a2VNZh0b-2wwwG2D7bXpOpqHU_jbNwlE1ofMdduCQD7wBPZo6PQkWOFPqVA