俩台节点:
master节点 node节点
所有节点都配置:
1.配置yum源
K8S.tar.gz上传
tar -zxvf K8S.tar.gz
cat /etc/yum.repos.d/local.repo
2.升级系统内核
yum upgrade -y
3.配置主机映射
cat /etc/hosts
4.配置防火墙及SELinux
systemctl stop firewalld && systemctl disable firewalld
iptables -F/X/Z
/usr/sbin/iptables-save
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config
重启
5.关闭swap
swapoff -a
sed -i “s//dev/mapper/centos-swap/#/dev/mapper/centos-swap/g” /etc/fstab
6.配置时间同步
master节点: 安装chrony服务:yum install -y chrony
master节点修改/etc/chrony.conf文件
[root@master ~]# sed -i ‘s/^server/#&/’ /etc/chrony.conf
[root@master ~]# cat >> /etc/chrony.conf << EOF
local stratum 10
server master iburst
allow all
EOF
重启chronyd服务
systemctl enable chronyd && systemctl restart chronyd
timedatectl set-ntp true
node节点:修改/etc/chrony.conf文件
[root@node ~]# sed -i ‘s/^server/#&/’ /etc/chrony.conf
[root@node ~]# echo server 192.168.100.10 iburst >> /etc/chrony.conf //IP为master节点地址
[root@node ~]# systemctl enable chronyd && systemctl restart chronyd
所有节点执行chronyc sources命令,查询结果中如果存在以“^*”开头的行,即说明已经同步成功
7.配置路由转发
所有节点创建/etc/sysctl.d/K8S.conf文件
[root@master ~]# cat << EOF | tee /etc/sysctl.d/K8S.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
[root@master ~]# modprobe br_netfilter
[root@master ~]# sysctl -p /etc/sysctl.d/K8S.conf
8.配置IPVS
所有节点:
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe – ip_vs
modprobe – ip_vs_rr
modprobe – ip_vs_wrr
modprobe – ip_vs_sh
modprobe – nf_conntrack_ipv4
EOF
[root@master ~]# chmod 755 /etc/sysconfig/modules/ipvs.modules
[root@master ~]# bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
9.使用lsmod | grep -e ip_vs -e nf_conntrack_ipv4命令查看是否已经正确加载所需的内核模块
10.所有节点安装ipset软件包
[root@master ~]# yum install ipset ipvsadm -y
11.安装Docker
所有节点:
[root@master ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@master ~]# yum install docker-ce-18.09.6 docker-ce-cli-18.09.6 containerd.io -y
[root@master ~]# mkdir -p /etc/docker
[root@master ~]# tee /etc/docker/daemon.json <<-‘EOF’
{
“exec-opts”: [“native.cgroupdriver=systemd”]
}
EOF
[root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl restart docker
[root@master ~]# systemctl enable docker
[root@master ~]# ./kubernetes_base.sh
[root@master ~]# docker info |grep Cgroup
Cgroup Driver: system
12.所有节点安装Kubernetes工具并启动Kubelet
[root@master ~]# yum install -y kubelet-1.14.1 kubeadm-1.14.1 kubectl-1.14.1
[root@master ~]# systemctl enable kubelet && systemctl start kubelet
13.初始化Kubernetes集群
master姐弟啊
[root@master ~]# kubeadm init --apiserver-advertise-address 192.168.100.40
–kubernetes-version=“v1.14.1” --pod-network-cidr=10.16.0.0/16
–image-repository=registry.aliyuncs.com/google_containers
14.Kubectl默认会在执行的用户home目录下面的.kube目录下寻找config文件,配置kubectl工具。
[root@master ~]# mkdir -p $HOME/.kube
[root@master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master ~]# sudo chown
(
i
d
−
u
)
:
(id -u):
(id−u):(id -g) $HOME/.kube/config
15.检查集群状态
kubectl get cs
16.配置Kubernetes网络
master节点:
[root@master ~]# kubectl apply -f yaml/kube-flannel.yaml
[root@master ~]# kubectl get pods -n kube-system
17.node节点加入集群(主节点运行完出现的)
,使用kubeadm join命令将Node节点加入集群
【[root@node ~]# kubeadm join 192.168.20.10:6443 --token qf4lef.d83xqvv00l1zces9
–discovery-token-ca-cert-hash
sha256:ec7c7db41a13958891222b2605065564999d124b43c8b02a3b32a6b2ca1a1c6c】
18.检查各节点状态
[root@master ~]# kubectl get nodes
19.安装Dashboard
[root@master ~]# kubectl apply -f yaml/kubernetes-dashboard.yaml
检查所有Pod状态
[root@master ~]# kubectl get pods -n kube-system
网址:ip+30000
20.通过以下命令获取访问Dashboard的认证令牌
[root@master ~]# kubectl -n kube-system describe secret
$(kubectl -n kube-system get secret | grep kubernetes-dashboard-admin-token | awk ‘{print $1}’)
21.配置Kuboard
[root@master ~]# kubectl create -f yaml/kuboard.yaml
在浏览器输入地址http://192.168.20.10:31000,即可进入Kuboard的认证界面,
在Token文本框中输入令牌后可进入Kuboard控制台
k8s平台简单使用
(1)新建namespace
新建blog namespace,将应用都部署到blog这个命名空间下面。
[root@master ~]# kubectl create namespace blog
namespace/blog created
(2)编写YAML文件
编写YAML文件wordpress-pod.yaml。
[root@master ~]# cat wordpress-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: wordpress
namespace: blog
spec:
containers:
- name: wordpress
image: wordpress
imagePullPolicy: IfNotPresent
ports:- containerPort: 80
name: wdport
env: - name: WORDPRESS_DB_HOST
value: localhost:3306 - name: WORDPRESS_DB_USER
value: wordpress - name: WORDPRESS_DB_PASSWORD
value: wordpress
- containerPort: 80
- name: mysql
image: mysql:5.6
imagePullPolicy: IfNotPresent
ports:- containerPort: 3306
name: dbport
env: - name: MYSQL_ROOT_PASSWORD
value: rootPassW0rd - name: MYSQL_DATABASE
value: wordpress - name: MYSQL_USER
value: wordpress - name: MYSQL_PASSWORD
value: wordpress
volumeMounts: - name: db
mountPath: /var/lib/mysql
volumes:
- containerPort: 3306
- name: db
hostPath:
path: /var/lib/mysql
注意:这里针对MySQL这个容器做了一个数据卷的挂载,这是为了能够将MySQL的数据能够持久化到节点上,这样下次MySQL容器重启过后数据不至于丢失。
(3)创建Pod
[root@master ~]# kubectl create -f wordpress-pod.yaml
pod/wordpress created
(4)创建MySQL的Deployment对象
创建一个MySQL的Deployment对象wordpress-db.yaml。
[root@master ~]# cat wordpress-db.yaml
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: mysql-deploy
namespace: blog
labels:
app: mysql
spec:
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:5.6 #使用mysql:5.7镜像会报错
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3306
name: dbport
env:
- name: MYSQL_ROOT_PASSWORD
value: rootPassW0rd
- name: MYSQL_DATABASE
value: wordpress
- name: MYSQL_USER
value: wordpress
- name: MYSQL_PASSWORD
value: wordpress
volumeMounts:
- name: db
mountPath: /var/lib/mysql
volumes:
- name: db
hostPath:
path: /var/lib/mysql
apiVersion: v1
kind: Service
metadata:
name: mysql
namespace: blog
spec:
selector:
app: mysql
ports:
- name: mysqlport
protocol: TCP
port: 3306
targetPort: dbport
然后创建上面的wordpress-db.yaml文件。
[root@master ~]# kubectl create -f wordpress-db.yaml
deployment.apps/mysql-deploy created
service/mysql created
然后查看Service的详细情况。
[root@master ~]# kubectl describe svc mysql -n blog
Name: mysql
Namespace: blog
Labels:
Annotations:
Selector: app=mysql
Type: ClusterIP
IP: 10.111.15.153
Port: mysqlport 3306/TCP
TargetPort: dbport/TCP
Endpoints: 10.24.9.15:3306
Session Affinity: None
Events:
可以看到Endpoints部分匹配到了一个Pod,生成了一个clusterIP为10.111.15.153,现在就可以通过这个clusterIP加上定义的3306端口问MySQL服务了。
(5)创建Wordpress服务
创建Wordpress服务,将上面的wordpress的Pod转换成Deployment对象wordpress.yaml。
[root@master ~]# cat wordpress.yaml
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: wordpress-deploy
namespace: blog
labels:
app: wordpress
spec:
template:
metadata:
labels:
app: wordpress
spec:
containers:- name: wordpress
image: wordpress
imagePullPolicy: IfNotPresent
ports:- containerPort: 80
name: wdport
env: - name: WORDPRESS_DB_HOST
value: 10.111.15.153:3306 # 此处的IP,是mysql svc的clusterIP - name: WORDPRESS_DB_USER
value: wordpress - name: WORDPRESS_DB_PASSWORD
value: wordpress
- containerPort: 80
- name: wordpress
apiVersion: v1
kind: Service
metadata:
name: wordpress
namespace: blog
spec:
type: NodePort
selector:
app: wordpress
ports:
- name: wordpressport
protocol: TCP
port: 80
targetPort: wdport
注意:要添加属性type: NodePort,然后创建wordpress.yaml文件。
[root@master ~]# kubectl create -f wordpress.yaml
deployment.apps/wordpress-deploy created
service/wordpress created
(6)访问服务
查看svc。
[root@master ~]# kubectl get svc -n blog
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
mysql ClusterIP 10.111.15.153 3306/TCP 7m53s
wordpress NodePort 10.104.80.117 80:32012/TCP 76s