1、升级centos 7内核
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
yum --disablerepo=\* --enablerepo=elrepo-kernel repolist
yum --disablerepo=\* --enablerepo=elrepo-kernel list kernel*
yum --disablerepo=\* --enablerepo=elrepo-kernel install -y kernel-ml.x86_64
grub2-set-default 0
yum remove -y kernel-tools-libs.x86_64 kernel-tools.x86_64
reboot
uname -a
2、安装docker
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo```
yum makecache fast
yum -y install docker-ce
systemctl start docker
cd /etc/docker/
vi daemon.json
添加docker镜像源
{
"registry-mirrors": [
"https://kfwkfulq.mirror.aliyuncs.com",
"https://2lqq34jg.mirror.aliyuncs.com",
"https://pee6w651.mirror.aliyuncs.com",
"https://registry.docker-cn.com",
"http://hub-mirror.c.163.com"
],
"dns": ["8.8.8.8","8.8.4.4"]
}
systemctl restart docker
docker run hello-world
3、安装K8s
设置阿里云源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
exclude=kube*
EOF
安装k8s工具
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
启动
systemctl enable kubelet
设置路由
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
swapoff -a
systemctl stop firewalld.service
cd /
mkdir k8s
cd k8s
初始化配置
kubeadm config print init-defaults > kubeam-init.yaml
修改地址为本机IP 192.***.***.***
添加阿里云image源:
registry.cn-hangzhou.aliyuncs.com/google_containers
下载image
kubeadm config images pull --config kubeadm-init.yaml
初始化主节点
kubeadm init --config kubeam-init.yaml
按照提示初始化节点
保存join码
查看节点状态
kubelet get node
查看健康情况
kubelet get cs
查看错误日志
journalctl -f -u kubelet
注释下面两个配置文件中的 port:0
vim /etc/kubernetes/manifests/kube-controller-manager.yaml
vim /etc/kubernetes/manifests/kube-scheduler.yaml
systemctl restart kubelet
下载网络通信插件
wget https://docs.projectcalico.org/manifests/calico.yaml
kubectl apply -f calico.yaml
下载可视化控制台插件
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc5/aio/deploy/recommended.yaml
kubectl apply -f recommended.yaml
查看所有pod状态
kubectl get svc --all-namespaces
安装管理员用户
创建文件
kubernetes-admin.yaml
内容:
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
---
# Create ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system```
kubectl apply -f kubernetes-admin.yaml
获取token
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
添加外部端口,改为NodePort
kubectl patch svc kubernetes-dashboard -n kubernetes-dashboard -p '{"spec":{"type":"NodePort","ports":[{"port":443,"targetport":8443,"nodePort":30443}]}}'
查看指定pod日志
kubectl log -f -n kube-system calico-node-w9l75 -c calico-node
浏览器访问: 本机IP:30443
harbor安装
安装docker-compose
curl -L https://get.daocloud.io/docker/compose/releases/download/1.25.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
在Github上下载Harbor离线安装包harbor-offline-installer-v2.2.0.tgz
gunzip harbor-offline-installer-v2.2.0.tgz
tar -xvf harbor-offline-installer-v2.2.0.tar
复制harbor.yml.tmpl,重命名为harbor.yml,配置并修改hostname,访问方式,这里选用http
安装
./install.sh
访问:XXX.XXX.XXX:端口
harbor的一些操作
启动harbor: `docker-compose up -d`
停止harbor: `docker-compose stop`
重启harbor: `docker-compose restart`
查看harbor状态: `docker-compose ps`
harbor通过rsyslog收集日志,日志默认在物理机的/var/log/harbor文件夹中
项目部署