- 安装kubeadm kubelet
apt-get update && apt-get install -y apt-transport-https
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm
或指定版本
apt-cache madison kubelet
apt-get install -y kubelet=1.15.0-00 kubeadm=1.15.0-00
参考中文文档http://docs.kubernetes.org.cn/457.html
2.安装docker17.03.0~ce(不支持最新版18)
apt-get install -y --no-install-recommends apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://apt.dockerproject.org/gpg | sudo apt-key add -
add-apt-repository "deb https://apt.dockerproject.org/repo/ ubuntu-$(lsb_release -cs) main"
apt-get update;
apt-cache madison docker-engine
apt-get -y install docker-engine=17.03.0~ce-0~ubuntu-xenial
更改/etc/kubernetes/manifests/10-kubeadm.conf(不一定是这个目录下)的配置文件然后重启
vim /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
Environment="KUBELET_SYSTEM_PODS_ARGS=--pod-manifest-path=/etc/kubernetes/manifests --fail-swap-on=false"
Environment="KUBELET_NETWORK_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin"
Environment="KUBELET_DNS_ARGS=--cluster-dns=10.96.0.10 --cluster-domain=cluster.local"
Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.crt"
Environment="KUBELET_CADVISOR_ARGS=--cadvisor-port=0"
Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs"
Environment="KUBELET_CERTIFICATE_ARGS=--rotate-certificates=true --cert-dir=/var/lib/kubelet/pki"
EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
EnvironmentFile=-/etc/default/kubelet
ExecStart=
#ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_CGROUP_ARGS $KUBELET_CERTIFICATE_ARGS
重新加载命令systemctl daemon-reload ;systemctl restart kubelet。如果初始化失败,首先看systemctl status kubelet是否正常运行
swapoff -a
初始化kubeadm init
kubeadm init --apiserver-advertise-address=192.168.7.200 --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors='Swap'
无错误后会显示kubeadm join信息
kubeadm join 192.168.7.200:6443 --token 1qsbs7.w3f6o3sb10e2fcu3 \
--discovery-token-ca-cert-hash sha256:8fa0152621a2462a6c5ac0b09f1f0f656d2b1b56fa86acfc7fdc45899cf71813
To start using your cluster, you need to run (as a regular user):
具体怎么执行显示kubeadm join信息下面会有
sudo cp /etc/kubernetes/admin.conf $HOME/
sudo chown $(id -u):$(id -g) $HOME/admin.conf
export KUBECONFIG=$HOME/admin.conf
kubectl create -f https://github.com/coreos/flannel/raw/master/Documentation/kube-flannel.yml
kubectl get pods -n kube-system 全部显示running
kubectl get nodes 显示Ready
如果需要重新初始化执行 kubeadm reset
设置标签label
kubectl label nodes node的NAME slave=newmocean可以指定服务节点运行
水平扩容
kubectl get rc(资源类型)
kubectl scale rc rc的NAME --replicas=2
- 如果只在一台master执行测试
kubectl taint nodes --all node-role.kubernetes.io/master-
- 从harbor拉取镜像文件,需要使用secret
cat .docker/config.json | base64 -w 0 得到
ewoJImF1dGhzIjogewoJCSI4Mi4xMDIuMTkuMTk5OjUwMDAiOiB7CgkJCSJhdXRoIjogIlFXUnRhVzQ2Tm1OUWVXUmFWMkpIYkU5bFFYRk9TUT09IgoJCX0KCX0KfQ==
填入到配置文件images-pull-secret.yaml
kubectl create -f images-pull-secret.yaml
kubectl get secrets查看创建的secret
kubectl describe secret name(Screct name)查看详细信息
8、可以创建rc 拉取镜像并启动相关服务
如果需要拉取添加其他镜像,只需在spec.template.spec.containers[]依次添加
可以配置相关Volume,端口号
spec.template.spec.containers.volumeMounts.name需要与
spec.template.spec.volumes.name 一致
spec.template.spec.containers.volumeMounts.mountPath 是容器目录
spec.template.spec. volumes.hostPath.path 是机器目录
- openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
获取新的--discovery-token-ca-cert-hash sha256:参数
kubeadm token create 获取新的token 失效时间24h