我的服务器完全无法访问互联网,所以所有部署都是离线的,用到的组件全都是我从网上下载好,然后通过内网传上去的。当然我会把相关组件包上传到网盘,大家自己去下载就好
所有组件及依赖包去网盘下载,链接如下
链接: https://pan.baidu.com/s/1KUjX6HQhUQZtiXhZD7_faQ 提取码: 9uka 复制这段内容后打开百度网盘手机App,操作更方便哦
MasterNode:192.168.200.101
WorkNode:192.168.200.103/192.168.200.104/192.168.200.105/192.168.200.106
操作系统版本
[root@Work-Node3 ~]#
[root@Work_Node3 ~]# cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
[root@Work-Node3 ~]#
Docker Version:docker-ce-18.09.9-3
Kubenetes Version:kubeadm-1.17.4
1. 挂载ISO装完系统,修改主机名
[root@localhost ~]# hostnamectl set-hostname --static Master-Node1
[root@localhost ~]# hostname
Master-Node1
[root@localhost ~]#
2. 修改hosts文件,节点之间相互解析
[root@Master-Node1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.200.101 Master-Node1
192.168.200.103 Work-Node1
192.168.200.104 Work-Node2
192.168.200.105 Work-Node3
192.168.200.106 Work-Node4
[root@Master-Node1 ~]#
3. 关闭禁用防火墙
[root@Master-Node1 ~]#
[root@Master-Node1 ~]# systemctl stop firewalld
[root@Master-Node1 ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@Master-Node1 ~]#
4. 禁用selinux
[root@Master-Node1 ~]# sed -i 's/enforcing/disabled/' /etc/selinux/config
[root@Master-Node1 ~]# getenforce
Enforcing
[root@Master-Node1 ~]#
5. 关闭swap
[root@Master-Node1 kube_deploy]# swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
[root@Master-Node1 kube_deploy]# free -m
total used free shared buff/cache available
Mem: 7802 378 3503 83 3920 7044
Swap: 0 0 0
[root@Master-Node1 kube_deploy]#
5. 设置时区
[root@Master-Node1 ~]# timedatectl set-timezone Asia/Shanghai
[root@Master-Node1 ~]# timedatectl
Local time: Tue 2024-01-23 22:09:07 CST
Universal time: Tue 2024-01-23 14:09:07 UTC
RTC time: Tue 2024-01-23 14:10:07
Time zone: Asia/Shanghai (CST, +0800)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
6. 初始化内核参数
[root@Master-Node1 ~]# cat > kubernetes.conf <<EOF
> net.bridge.bridge-nf-call-iptables=1
> net.bridge.bridge-nf-call-ip6tables=1
> net.ipv4.ip_forward=1
> net.ipv4.tcp_tw_recycle=0
> vm.swappiness=0 # 禁止使用 swap 空间,只有当系统 OOM 时才允许使用它
> vm.overcommit_memory=1 # 不检查物理内存是否够用
> vm.panic_on_oom=0 # 开启 OOM
> fs.inotify.max_user_instances=8192
> fs.inotify.max_user_watches=1048576
> fs.file-max=52706963
> fs.nr_open=52706963
> net.ipv6.conf.all.disable_ipv6=1
> net.netfilter.nf_conntrack_max=2310720
> EOF
[root@Master-Node1 ~]#
7. 拷贝刚刚创建的文件到/etc/sysctl.d/
[root@Master-Node1 ~]# cp kubernetes.conf /etc/sysctl.d/kubernetes.conf
[root@Master-Node1 ~]#
8. 配置时钟同步chronyc,所有节点从master node同步时钟,编辑/etc/chronyc.conf文件
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst //注释掉这4行,新起一行,指定本机为服务端
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server 127.0.0.1 iburst
allow 192.168.200.0/25 //允许哪些地址来这个服务器同步时钟
local stratum 10 //取消这一行的注释
9. chronyc 客户端配置,客户端配置比较简单,编辑/etc/chronyc.conf文件
server 192.168.200.101 iburst
10. 配置完成后重启服务端和客户端的chronyd服务,并查看时钟同步状态
[root@Master-Node1 ~]# systemctl restart chronyd
[root@Master-Node1 ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? localhost 0 6 0 - +0ns[ +0ns] +/- 0ns
[root@Master-Node1 ~]#
[root@Work-Node2 ~]# systemctl restart chronyd
[root@Work-Node2 ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.168.200.101 10 6 17 11 -1956us[-1962us] +/- 2212us
[root@Work-Node2 ~]# timedatectl
Local time: Tue 2024-01-23 23:15:45 CST
Universal time: Tue 2024-01-23 15:15:45 UTC
RTC time: Tue 2024-01-23 15:15:45
Time zone: Asia/Shanghai (CST, +0800)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: n/a
[root@Work-Node2 ~]#
11. 安装docker-ce-cli-18.09.9-3.el7.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall docker-ce-cli-18.09.9-3.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining docker-ce-cli-18.09.9-3.el7.x86_64.rpm: 1:docker-ce-cli-18.09.9-3.el7.x86_64
Marking docker-ce-cli-18.09.9-3.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package docker-ce-cli.x86_64 1:18.09.9-3.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
docker-ce-cli x86_64 1:18.09.9-3.el7 /docker-ce-cli-18.09.9-3.el7.x86_64 72 M
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 72 M
Installed size: 72 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 1:docker-ce-cli-18.09.9-3.el7.x86_64 1/1
Verifying : 1:docker-ce-cli-18.09.9-3.el7.x86_64 1/1
Installed:
docker-ce-cli.x86_64 1:18.09.9-3.el7
Complete!
[root@Master-Node1 kube_deploy]#
12. 安装audit-libs-python-2.8.5-4.el7.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall audit-libs-python-2.8.5-4.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining audit-libs-python-2.8.5-4.el7.x86_64.rpm: audit-libs-python-2.8.5-4.el7.x86_64
Marking audit-libs-python-2.8.5-4.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.8.5-4.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
audit-libs-python x86_64 2.8.5-4.el7 /audit-libs-python-2.8.5-4.el7.x86_64 316 k
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 316 k
Installed size: 316 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : audit-libs-python-2.8.5-4.el7.x86_64 1/1
Verifying : audit-libs-python-2.8.5-4.el7.x86_64 1/1
Installed:
audit-libs-python.x86_64 0:2.8.5-4.el7
Complete!
[root@Master-Node1 kube_deploy]#
13. 安装libsemanage-python-2.5-14.el7.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall libsemanage-python-2.5-14.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining libsemanage-python-2.5-14.el7.x86_64.rpm: libsemanage-python-2.5-14.el7.x86_64
Marking libsemanage-python-2.5-14.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package libsemanage-python.x86_64 0:2.5-14.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
libsemanage-python x86_64 2.5-14.el7 /libsemanage-python-2.5-14.el7.x86_64 441 k
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 441 k
Installed size: 441 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libsemanage-python-2.5-14.el7.x86_64 1/1
Verifying : libsemanage-python-2.5-14.el7.x86_64 1/1
Installed:
libsemanage-python.x86_64 0:2.5-14.el7
Complete!
[root@Master-Node1 kube_deploy]#
14. 安装setools-libs-3.3.8-4.el7.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall setools-libs-3.3.8-4.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining setools-libs-3.3.8-4.el7.x86_64.rpm: setools-libs-3.3.8-4.el7.x86_64
Marking setools-libs-3.3.8-4.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package setools-libs.x86_64 0:3.3.8-4.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
setools-libs x86_64 3.3.8-4.el7 /setools-libs-3.3.8-4.el7.x86_64 1.8 M
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 1.8 M
Installed size: 1.8 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : setools-libs-3.3.8-4.el7.x86_64 1/1
Verifying : setools-libs-3.3.8-4.el7.x86_64 1/1
Installed:
setools-libs.x86_64 0:3.3.8-4.el7
Complete!
[root@Master-Node1 kube_deploy]#
15. 安装checkpolicy-2.5-8.el7.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall checkpolicy-2.5-8.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining checkpolicy-2.5-8.el7.x86_64.rpm: checkpolicy-2.5-8.el7.x86_64
Marking checkpolicy-2.5-8.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package checkpolicy.x86_64 0:2.5-8.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
checkpolicy x86_64 2.5-8.el7 /checkpolicy-2.5-8.el7.x86_64 1.2 M
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 1.2 M
Installed size: 1.2 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : checkpolicy-2.5-8.el7.x86_64 1/1
Verifying : checkpolicy-2.5-8.el7.x86_64 1/1
Installed:
checkpolicy.x86_64 0:2.5-8.el7
Complete!
[root@Master-Node1 kube_deploy]#
16. 安装 libcgroup-0.41-21.el7.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall libcgroup-0.41-21.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining libcgroup-0.41-21.el7.x86_64.rpm: libcgroup-0.41-21.el7.x86_64
Marking libcgroup-0.41-21.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package libcgroup.x86_64 0:0.41-21.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
libcgroup x86_64 0.41-21.el7 /libcgroup-0.41-21.el7.x86_64 134 k
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 134 k
Installed size: 134 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libcgroup-0.41-21.el7.x86_64 1/1
Verifying : libcgroup-0.41-21.el7.x86_64 1/1
Installed:
libcgroup.x86_64 0:0.41-21.el7
Complete!
[root@Master-Node1 kube_deploy]#
17. 安装python-IPy-0.75-6.el7.noarch.rpm
[root@Master-Node1 kube_deploy]# yum localinstall python-IPy-0.75-6.el7.noarch.rpm
Loaded plugins: fastestmirror, langpacks
Examining python-IPy-0.75-6.el7.noarch.rpm: python-IPy-0.75-6.el7.noarch
Marking python-IPy-0.75-6.el7.noarch.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package python-IPy.noarch 0:0.75-6.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
python-IPy noarch 0.75-6.el7 /python-IPy-0.75-6.el7.noarch 119 k
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 119 k
Installed size: 119 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : python-IPy-0.75-6.el7.noarch 1/1
Verifying : python-IPy-0.75-6.el7.noarch 1/1
Installed:
python-IPy.noarch 0:0.75-6.el7
Complete!
[root@Master-Node1 kube_deploy]#
18. 安装policycoreutils-python-2.5-34.el7.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall policycoreutils-python-2.5-34.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining policycoreutils-python-2.5-34.el7.x86_64.rpm: policycoreutils-python-2.5-34.el7.x86_64
Marking policycoreutils-python-2.5-34.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package policycoreutils-python.x86_64 0:2.5-34.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
policycoreutils-python x86_64 2.5-34.el7 /policycoreutils-python-2.5-34.el7.x86_64 1.2 M
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 1.2 M
Installed size: 1.2 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : policycoreutils-python-2.5-34.el7.x86_64 1/1
Verifying : policycoreutils-python-2.5-34.el7.x86_64 1/1
Installed:
policycoreutils-python.x86_64 0:2.5-34.el7
Complete!
[root@Master-Node1 kube_deploy]#
19. 安装container-selinux-2.107-3.el7.noarch.rpm
[root@Master-Node1 kube_deploy]# yum localinstall container-selinux-2.107-3.el7.noarch.rpm
Loaded plugins: fastestmirror, langpacks
Examining container-selinux-2.107-3.el7.noarch.rpm: 2:container-selinux-2.107-3.el7.noarch
Marking container-selinux-2.107-3.el7.noarch.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package container-selinux.noarch 2:2.107-3.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
container-selinux noarch 2:2.107-3.el7 /container-selinux-2.107-3.el7.noarch 40 k
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 40 k
Installed size: 40 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 2:container-selinux-2.107-3.el7.noarch 1/1
Verifying : 2:container-selinux-2.107-3.el7.noarch 1/1
Installed:
container-selinux.noarch 2:2.107-3.el7
Complete!
[root@Master-Node1 kube_deploy]#
20. 安装containerd.io-1.2.6-3.3.el7.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall containerd.io-1.2.6-3.3.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining containerd.io-1.2.6-3.3.el7.x86_64.rpm: containerd.io-1.2.6-3.3.el7.x86_64
Marking containerd.io-1.2.6-3.3.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package containerd.io.x86_64 0:1.2.6-3.3.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
containerd.io x86_64 1.2.6-3.3.el7 /containerd.io-1.2.6-3.3.el7.x86_64 96 M
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 96 M
Installed size: 96 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : containerd.io-1.2.6-3.3.el7.x86_64 1/1
Verifying : containerd.io-1.2.6-3.3.el7.x86_64 1/1
Installed:
containerd.io.x86_64 0:1.2.6-3.3.el7
Complete!
[root@Master-Node1 kube_deploy]#
21. 安装docker-ce-18.09.9-3.el7.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall docker-ce-18.09.9-3.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining docker-ce-18.09.9-3.el7.x86_64.rpm: 3:docker-ce-18.09.9-3.el7.x86_64
Marking docker-ce-18.09.9-3.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package docker-ce.x86_64 3:18.09.9-3.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
docker-ce x86_64 3:18.09.9-3.el7 /docker-ce-18.09.9-3.el7.x86_64 90 M
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 90 M
Installed size: 90 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 3:docker-ce-18.09.9-3.el7.x86_64 1/1
Verifying : 3:docker-ce-18.09.9-3.el7.x86_64 1/1
Installed:
docker-ce.x86_64 3:18.09.9-3.el7
Complete!
[root@Master-Node1 kube_deploy]#
22. 查看一下安装的docker 的版本
[root@Master-Node1 ~]# docker version
Client:
Version: 18.09.9
API version: 1.39
Go version: go1.11.13
Git commit: 039a7df9ba
Built: Wed Sep 4 16:51:21 2019
OS/Arch: linux/amd64
Experimental: false
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
[root@Master-Node1 ~]#
23. 设置kube-proxy,开启ipvs的前置条件
[root@Master-Node1 ~]# modprobe br_netfilter
[root@Master-Node1 ~]# cat > /etc/sysconfig/modules/ipvs.modules <<EOF
> #!/bin/bash
> modprobe -- ip_vs
> modprobe -- ip_vs_rr
> modprobe -- ip_vs_wrr
> modprobe -- ip_vs_sh
> modprobe -- nf_conntrack_ipv4
> EOF
[root@Master-Node1 ~]# chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
nf_conntrack_ipv4 15053 0
nf_defrag_ipv4 12729 1 nf_conntrack_ipv4
ip_vs_sh 12688 0
ip_vs_wrr 12697 0
ip_vs_rr 12600 0
ip_vs 145458 6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
nf_conntrack 139264 2 ip_vs,nf_conntrack_ipv4
libcrc32c 12644 3 xfs,ip_vs,nf_conntrack
[root@Master-Node1 ~]#
24. 创建docker目录,配置daemon
[root@Master-Node1 ~]# mkdir /etc/docker
[root@Master-Node1 ~]# cat > /etc/docker/daemon.json <<EOF
> {
> "exec-opts": ["native.cgroupdriver=systemd"],
> "registry-mirrors":
> ["https://v16stybc.mirror.aliyuncs.com"],
> "log-driver": "json-file",
> "log-opts": { "max-size": "100m"
> }
> }
> EOF
[root@Master-Node1 ~]# mkdir -p /etc/systemd/system/docker.service.d # systemctl daemon-reload && systemctl restart docker && systemctl enable docker
[root@Master-Node1 ~]#
25. 安装组件libnetfilter_cthelper-1.0.0-11.el7.x86_64.rpm,libnetfilter_cttimeout-1.0.0-7.el7.x86_64.rpm,libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall libnetfilter_cthelper-1.0.0-11.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining libnetfilter_cthelper-1.0.0-11.el7.x86_64.rpm: libnetfilter_cthelper-1.0.0-11.el7.x86_64
Marking libnetfilter_cthelper-1.0.0-11.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package libnetfilter_cthelper.x86_64 0:1.0.0-11.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
libnetfilter_cthelper x86_64 1.0.0-11.el7 /libnetfilter_cthelper-1.0.0-11.el7.x86_64 35 k
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 35 k
Installed size: 35 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libnetfilter_cthelper-1.0.0-11.el7.x86_64 1/1
Verifying : libnetfilter_cthelper-1.0.0-11.el7.x86_64 1/1
Installed:
libnetfilter_cthelper.x86_64 0:1.0.0-11.el7
Complete!
[root@Master-Node1 kube_deploy]# yum localinstall libnetfilter_cttimeout-1.0.0-7.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining libnetfilter_cttimeout-1.0.0-7.el7.x86_64.rpm: libnetfilter_cttimeout-1.0.0-7.el7.x86_64
Marking libnetfilter_cttimeout-1.0.0-7.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package libnetfilter_cttimeout.x86_64 0:1.0.0-7.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
libnetfilter_cttimeout x86_64 1.0.0-7.el7 /libnetfilter_cttimeout-1.0.0-7.el7.x86_64 39 k
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 39 k
Installed size: 39 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libnetfilter_cttimeout-1.0.0-7.el7.x86_64 1/1
Verifying : libnetfilter_cttimeout-1.0.0-7.el7.x86_64 1/1
Installed:
libnetfilter_cttimeout.x86_64 0:1.0.0-7.el7
Complete!
[root@Master-Node1 kube_deploy]# yum localinstall libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm: libnetfilter_queue-1.0.2-2.el7_2.x86_64
Marking libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package libnetfilter_queue.x86_64 0:1.0.2-2.el7_2 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
libnetfilter_queue x86_64 1.0.2-2.el7_2 /libnetfilter_queue-1.0.2-2.el7_2.x86_64 45 k
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 45 k
Installed size: 45 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libnetfilter_queue-1.0.2-2.el7_2.x86_64 1/1
Verifying : libnetfilter_queue-1.0.2-2.el7_2.x86_64 1/1
Installed:
libnetfilter_queue.x86_64 0:1.0.2-2.el7_2
Complete!
[root@Master-Node1 kube_deploy]#
26. 安装conntrack-tools-1.4.4-7.el7.x86_64.rpm
[root@Work-Node2 kube_deploy]# yum localinstall conntrack-tools-1.4.4-7.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining conntrack-tools-1.4.4-7.el7.x86_64.rpm: conntrack-tools-1.4.4-7.el7.x86_64
Marking conntrack-tools-1.4.4-7.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package conntrack-tools.x86_64 0:1.4.4-7.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
conntrack-tools x86_64 1.4.4-7.el7 /conntrack-tools-1.4.4-7.el7.x86_64 550 k
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 550 k
Installed size: 550 k
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : conntrack-tools-1.4.4-7.el7.x86_64 1/1
Verifying : conntrack-tools-1.4.4-7.el7.x86_64 1/1
Installed:
conntrack-tools.x86_64 0:1.4.4-7.el7
Complete!
[root@Work-Node2 kube_deploy]#
27. 安装socat-1.7.3.2-2.el7.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall socat-1.7.3.2-2.el7.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining socat-1.7.3.2-2.el7.x86_64.rpm: socat-1.7.3.2-2.el7.x86_64
Marking socat-1.7.3.2-2.el7.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package socat.x86_64 0:1.7.3.2-2.el7 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
socat x86_64 1.7.3.2-2.el7 /socat-1.7.3.2-2.el7.x86_64 1.1 M
Transaction Summary
==================================================================================================================================================================
Install 1 Package
Total size: 1.1 M
Installed size: 1.1 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : socat-1.7.3.2-2.el7.x86_64 1/1
Verifying : socat-1.7.3.2-2.el7.x86_64 1/1
Installed:
socat.x86_64 0:1.7.3.2-2.el7
Complete!
[root@Master-Node1 kube_deploy]#
27. 安装kubelet-1.17.4-0.x86_64.rpm kubernetes-cni-0.8.7-0.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall kubelet-1.17.4-0.x86_64.rpm kubernetes-cni-0.8.7-0.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining kubelet-1.17.4-0.x86_64.rpm: kubelet-1.17.4-0.x86_64
Marking kubelet-1.17.4-0.x86_64.rpm to be installed
Examining kubernetes-cni-0.8.7-0.x86_64.rpm: kubernetes-cni-0.8.7-0.x86_64
Marking kubernetes-cni-0.8.7-0.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package kubelet.x86_64 0:1.17.4-0 will be installed
---> Package kubernetes-cni.x86_64 0:0.8.7-0 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
kubelet x86_64 1.17.4-0 /kubelet-1.17.4-0.x86_64 106 M
kubernetes-cni x86_64 0.8.7-0 /kubernetes-cni-0.8.7-0.x86_64 55 M
Transaction Summary
==================================================================================================================================================================
Install 2 Packages
Total size: 162 M
Installed size: 162 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : kubernetes-cni-0.8.7-0.x86_64 1/2
Installing : kubelet-1.17.4-0.x86_64 2/2
Verifying : kubelet-1.17.4-0.x86_64 1/2
Verifying : kubernetes-cni-0.8.7-0.x86_64 2/2
Installed:
kubelet.x86_64 0:1.17.4-0 kubernetes-cni.x86_64 0:0.8.7-0
Complete!
[root@Master-Node1 kube_deploy]#
28. 安装kubeadm集群部署工具kubeadm-1.17.4-0.x86_64.rpm kubectl-1.17.4-0.x86_64.rpm
[root@Master-Node1 kube_deploy]# yum localinstall kubeadm-1.17.4-0.x86_64.rpm kubectl-1.17.4-0.x86_64.rpm
Loaded plugins: fastestmirror, langpacks
Examining kubeadm-1.17.4-0.x86_64.rpm: kubeadm-1.17.4-0.x86_64
Marking kubeadm-1.17.4-0.x86_64.rpm to be installed
Examining kubectl-1.17.4-0.x86_64.rpm: kubectl-1.17.4-0.x86_64
Marking kubectl-1.17.4-0.x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package kubeadm.x86_64 0:1.17.4-0 will be installed
---> Package kubectl.x86_64 0:1.17.4-0 will be installed
--> Finished Dependency Resolution
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock error was
14: curl#6 - "Could not resolve host: mirrorlist.centos.org; Unknown error"
Dependencies Resolved
==================================================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================================================
Installing:
kubeadm x86_64 1.17.4-0 /kubeadm-1.17.4-0.x86_64 38 M
kubectl x86_64 1.17.4-0 /kubectl-1.17.4-0.x86_64 41 M
Transaction Summary
==================================================================================================================================================================
Install 2 Packages
Total size: 79 M
Installed size: 79 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : kubectl-1.17.4-0.x86_64 1/2
Installing : kubeadm-1.17.4-0.x86_64 2/2
Verifying : kubeadm-1.17.4-0.x86_64 1/2
Verifying : kubectl-1.17.4-0.x86_64 2/2
Installed:
kubeadm.x86_64 0:1.17.4-0 kubectl.x86_64 0:1.17.4-0
Complete!
[root@Master-Node1 kube_deploy]#
29. 重新加载并重启docker服务
[root@Master-Node1 kube_images]# systemctl daemon-reload
[root@Master-Node1 kube_images]# systemctl restart docker
30. 准备docker镜像,由于我们使用的是本地部署,没办法访问互联网,所以我们要把镜像上传到docker 仓库
[root@Master-Node1 kube_images]# ls > 1
[root@Master-Node1 kube_images]# cat 1
coredns_v1.6.5.tar
etcd_v3.4.3-0.tar
flannel-cni-plugin_v1.2.0.tar
flannel_v0.23.0.tar
kube-apiserver_v1.17.4.tar
kube-controller-manager_v1.17.4.tar
kube-proxy_v1.17.4.tar
kube-scheduler_v1.17.4.tar
pause_v3.1.tar
[root@Master-Node1 kube_images]# for i in $(cat 1);do docker load -i $i;done
225df95e717c: Loading layer [==================================================>] 336.4kB/336.4kB
7c9b0f448297: Loading layer [==================================================>] 41.37MB/41.37MB
Loaded image ID: sha256:70f311871ae12c14bd0e02028f249f933f925e4370744e4e35f706da773a8f61
fe9a8b4f1dcc: Loading layer [==================================================>] 43.87MB/43.87MB
ce04b89b7def: Loading layer [==================================================>] 224.9MB/224.9MB
1b2bc745b46f: Loading layer [==================================================>] 21.22MB/21.22MB
Loaded image ID: sha256:303ce5db0e90dab1c5728ec70d21091201a23cdf8aeca70ab54943bbaaf0833f
7df5bd7bd262: Loading layer [==================================================>] 5.904MB/5.904MB
9332f71f5f3d: Loading layer [==================================================>] 2.416MB/2.416MB
Loaded image ID: sha256:a55d1bad692b776e7c632739dfbeffab2984ef399e1fa633e0751b1662ea8bb4
cc2447e1835a: Loading layer [==================================================>] 7.626MB/7.626MB
525b7df4f3e3: Loading layer [==================================================>] 8.565MB/8.565MB
6fb233ca7b2e: Loading layer [==================================================>] 15.42MB/15.42MB
2c4f3ec3618d: Loading layer [==================================================>] 2.309MB/2.309MB
012316e1827d: Loading layer [==================================================>] 40.57MB/40.57MB
d74840864589: Loading layer [==================================================>] 5.632kB/5.632kB
30ff9185289a: Loading layer [==================================================>] 9.728kB/9.728kB
854f8f22aa03: Loading layer [==================================================>] 8.704kB/8.704kB
Loaded image ID: sha256:01cdfa8dd262f793cedbb1561d574a180c0fe09e795ca641445566ca32840830
fc4976bd934b: Loading layer [==================================================>] 53.88MB/53.88MB
9daac3fed755: Loading layer [==================================================>] 118.7MB/118.7MB
Loaded image ID: sha256:2e1ba57fe95af623588d22b8ac7420eef9756b40566d19a803ba0c70ee49157a
99df54617e88: Loading layer [==================================================>] 108.6MB/108.6MB
Loaded image ID: sha256:7f997fcf3e944358ca0032f69549b984bec4a34af08341dcf21180ec2b3453ca
682fbb19de80: Loading layer [==================================================>] 21.06MB/21.06MB
2dc2f2423ad1: Loading layer [==================================================>] 5.168MB/5.168MB
ad9fb2411669: Loading layer [==================================================>] 4.608kB/4.608kB
597151d24476: Loading layer [==================================================>] 8.192kB/8.192kB
0d8d54147a3a: Loading layer [==================================================>] 8.704kB/8.704kB
960d0ce862e2: Loading layer [==================================================>] 37.81MB/37.81MB
Loaded image ID: sha256:6dec7cfde1e56ac690b3d61c687d14ca7ee6f9fab15ff1bbb2497431655b8a09
f6953727aaba: Loading layer [==================================================>] 42.1MB/42.1MB
Loaded image ID: sha256:5db16c1c7aff35cbf3fcfb2fdd62557d7be9c075feb5a85b27e86ea126d9a04d
e17133b79956: Loading layer [==================================================>] 744.4kB/744.4kB
Loaded image ID: sha256:da86e6ba6ca197bf6bc5e9d900febd906b133eaa4750e6bed647b0fbe50ed43e
[root@Master-Node1 kube_images]#
31. 查看一下镜像,发现导进去的镜像没有名字了,重新tag一下
[root@Master-Node1 kube_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 01cdfa8dd262 2 months ago 73.5MB
<none> <none> a55d1bad692b 6 months ago 8.04MB
<none> <none> 6dec7cfde1e5 3 years ago 116MB
<none> <none> 2e1ba57fe95a 3 years ago 171MB
<none> <none> 7f997fcf3e94 3 years ago 161MB
<none> <none> 5db16c1c7aff 3 years ago 94.4MB
<none> <none> 70f311871ae1 4 years ago 41.6MB
<none> <none> 303ce5db0e90 4 years ago 288MB
<none> <none> da86e6ba6ca1 6 years ago 742kB
[root@Master-Node1 kube_images]# docker tag a55d1bad692b 192.168.200.101:5000/flannel-cni-plugin:v1.2.0
[root@Master-Node1 kube_images]# docker tag 6dec7cfde1e5 192.168.200.101:5000/kube-proxy:v1.17.4
[root@Master-Node1 kube_images]# docker tag 7f997fcf3e94 192.168.200.101:5000/kube-controller-manager:v1.17.4
[root@Master-Node1 kube_images]# docker tag 2e1ba57fe95a 192.168.200.101:5000/kube-apiserver:v1.17.4
[root@Master-Node1 kube_images]# docker tag 5db16c1c7aff 192.168.200.101:5000/kube-scheduler:v1.17.4
[root@Master-Node1 kube_images]# docker tag 70f311871ae1 192.168.200.101:5000/coredns:1.6.5
[root@Master-Node1 kube_images]# docker tag 303ce5db0e90 192.168.200.101:5000/etcd:3.4.3-0
[root@Master-Node1 kube_images]# docker tag da86e6ba6ca1 192.168.200.101:5000/pause:3.1
[root@Master-Node1 kube_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry 2 a8781fe3b7a2 4 days ago 25.4MB
192.168.200.101:5000/flannel v0.23.0 01cdfa8dd262 3 months ago 73.5MB
192.168.200.101:5000/flannel-cni-plugin v1.2.0 a55d1bad692b 6 months ago 8.04MB
192.168.200.101:5000/kube-proxy v1.17.4 6dec7cfde1e5 3 years ago 116MB
192.168.200.101:5000/kube-controller-manager v1.17.4 7f997fcf3e94 3 years ago 161MB
192.168.200.101:5000/kube-apiserver v1.17.4 2e1ba57fe95a 3 years ago 171MB
192.168.200.101:5000/kube-scheduler v1.17.4 5db16c1c7aff 3 years ago 94.4MB
192.168.200.101:5000/coredns 1.6.5 70f311871ae1 4 years ago 41.6MB
192.168.200.101:5000/etcd 3.4.3-0 303ce5db0e90 4 years ago 288MB
192.168.200.101:5000/pause 3.1 da86e6ba6ca1 6 years ago 742kB
32. 初始化集群,网上有好多初始化集群的脚本,我在这里遇到了问题,使用脚本初始化的时候,它死活就要去找tag为k8s.gcr.io的镜像,类似如下
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-controller-manager:v1.17.4: output: Error response from daemon: Get https://k8s.gcr.io/v2/: dial tcp: lookup k8s.gcr.io on [::1]:53: dial udp [::1]:53: connect: no route to host
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-scheduler:v1.17.4: output: Error response from daemon: Get https://k8s.gcr.io/v2/: dial tcp: lookup k8s.gcr.io on [::1]:53: dial udp [::1]:53: connect: no route to host
, error: exit status 1
如果我将镜像tag为类似如下
k8s.gcr.io/kube-controller-manager v1.17.4 7f997fcf3e94 3 years ago 161MB
k8s.gcr.io/kube-apiserver v1.17.4 2e1ba57fe95a 3 years ago 171MB
就可以正常初始化,但这样的话在后面装flannel的时候又会有问题了,所以我还是希望它能用
192.168.200.101:5000/kube-apiserver v1.17.4 2e1ba57fe95a 3 years ago 171MB
192.168.200.101:5000/kube-controller-manager v1.17.4 7f997fcf3e94 3 years ago 161MB
这样tag的镜像初始化集群,如下是我的yaml脚本,懂的大神可以指导一下,我这里使用命令初始化集群
[root@Master-Node1 kube_deploy]# cat kubeadm.yaml
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.200.101 # 本机IP
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: Master-Node1
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: 192.168.200.101:6443 # 控制平面IP,也就是VIP
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd
#imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers # 阿里云镜像
imageRepository: "localhost:5000"
kind: ClusterConfiguration
kubernetesVersion: v1.17.4
networking:
dnsDomain: cluster.local
podSubnet: 10.20.0.0/16 # pod网络网段
serviceSubnet: 172.20.0.0/20 # service网络网段
scheduler: {}
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
featureGates:
SupportIPVSProxyMode: true
mode: ipvs
初始化集群:
kubeadm init \
> --apiserver-advertise-address=192.168.200.101 \
> --image-repository 192.168.200.101:5000 \
> --kubernetes-version v1.17.4 \
> --service-cidr=10.96.0.0/16 \
> --pod-network-cidr=10.244.0.0/16 \
> upload-certs
[root@Master-Node1 kube_deploy]# kubeadm init \
> --apiserver-advertise-address=192.168.200.101 \
> --image-repository 192.168.200.101:5000 \
> --kubernetes-version v1.17.4 \
> --service-cidr=10.96.0.0/16 \
> --pod-network-cidr=10.244.0.0/16 \
> --upload-certs
W0202 16:09:12.782102 83746 validation.go:28] Cannot validate kube-proxy config - no validator is available
W0202 16:09:12.782192 83746 validation.go:28] Cannot validate kubelet config - no validator is available
[init] Using Kubernetes version: v1.17.4
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [master-node1 kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 192.168.200.101]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [master-node1 localhost] and IPs [192.168.200.101 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [master-node1 localhost] and IPs [192.168.200.101 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
W0202 16:09:21.342585 83746 manifests.go:214] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC"
[control-plane] Creating static Pod manifest for "kube-scheduler"
W0202 16:09:21.344844 83746 manifests.go:214] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[apiclient] All control plane components are healthy after 17.506078 seconds
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.17" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
[upload-certs] Using certificate key:
6b004ef432db6c40e16881949714ee895ab62572f8453fbeac082ff173a9ac53
[mark-control-plane] Marking the node master-node1 as control-plane by adding the label "node-role.kubernetes.io/master=''"
[mark-control-plane] Marking the node master-node1 as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: xdo5te.48jodgzaxo06be0b
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.200.101:6443 --token xdo5te.48jodgzaxo06be0b \
--discovery-token-ca-cert-hash sha256:3f7e4ce77123b1799f4467abe03f3611e7ebc8395eef0a1a5b91aa74bbf48f40
[root@Master-Node1 kube_deploy]#
34. 集群初始化完成后,可以看到提示控制面初始化成功完成的提示,并根据提示在
$HOME下创建目录.kube,然后将/etc/kubernetes/admin.conf拷贝为$HOME/.kube/config
再使用命令kubectl get pods --all-namespaces获取集群内的所有POD,返回如下
[root@Master-Node1 kube_deploy]# kubectl get pods --all-namespaces
The connection to the server localhost:8080 was refused - did you specify the right host or port?
[root@Master-Node1 kube_deploy]#
连接本机的8080端口被拒绝了,需要修改配置文件/etc/kubernetes/manifests/kube-apiserver.yaml,将- --insecure-port=0修改为- --insecure-port=8080,然后重启kubelet服务
[root@Master-Node1 kube_deploy]# systemctl restart kubelet
[root@Master-Node1 kube_deploy]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-6955765f44-b8cp5 0/1 Pending 0 3m53s
kube-system coredns-6955765f44-gsqwv 0/1 Pending 0 3m53s
kube-system etcd-master-node1 1/1 Running 0 4m
kube-system kube-apiserver-master-node1 0/1 Pending 0 17s
kube-system kube-controller-manager-master-node1 1/1 Running 0 4m
kube-system kube-proxy-l9ldm 1/1 Running 0 3m54s
kube-system kube-scheduler-master-node1 1/1 Running 0 4m
[root@Master-Node1 kube_deploy]#
35. 查看集群中的节点状态
[root@Master-Node1 kube_deploy]# kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master-node1 NotReady master 7m50s v1.17.4 192.168.200.101 <none> CentOS Linux 7 (Core) 3.10.0-1160.71.1.el7.x86_64 docker://18.9.9
[root@Master-Node1 kube_deploy]# kubectl
37. 安装flannel,配置文件如下,注意,我使用的是本地docker,所以需要修改flannel-cni-plugin和flannel的镜像的位置为本地docker的存储位置
还有安装完成后,可能会一直报启动容器失败,打印的日志如下
[root@Master-Node1 kube_deploy]# kubectl logs kube-flannel-ds-4rhnn -n kube-flannel -c kube-flannel
Error from server (NotFound): pods "kube-flannel-ds-4rhnn" not found
[root@Master-Node1 kube_deploy]# kubectl logs kube-flannel-ds-49zx4 -n kube-flannel
I0203 03:33:18.623284 1 main.go:210] CLI flags config: {etcdEndpoints:http://127.0.0.1:4001,http://127.0.0.1:2379 etcdPrefix:/coreos.com/network etcdKeyfile: etcdCertfile: etcdCAFile: etcdUsername: etcdPassword: version:false kubeSubnetMgr:true kubeApiUrl: kubeAnnotationPrefix:flannel.alpha.coreos.com kubeConfigFile: iface:[] ifaceRegex:[] ipMasq:true ifaceCanReach: subnetFile:/run/flannel/subnet.env publicIP: publicIPv6: subnetLeaseRenewMargin:60 healthzIP:0.0.0.0 healthzPort:0 iptablesResyncSeconds:5 iptablesForwardRules:true netConfPath:/etc/kube-flannel/net-conf.json setNodeNetworkUnavailable:true}
W0203 03:33:18.623423 1 client_config.go:617] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
I0203 03:33:18.646104 1 kube.go:145] Waiting 10m0s for node controller to sync
I0203 03:33:18.646266 1 kube.go:490] Starting kube subnet manager
I0203 03:33:19.646714 1 kube.go:152] Node controller sync successful
I0203 03:33:19.646921 1 main.go:230] Created subnet manager: Kubernetes Subnet Manager - master-node1
I0203 03:33:19.646928 1 main.go:233] Installing signal handlers
I0203 03:33:19.647042 1 main.go:541] Found network config - Backend type: vxlan
I0203 03:33:19.647068 1 match.go:206] Determining IP address of default interface
E0203 03:33:19.647478 1 main.go:277] Failed to find any valid interface to use: failed to get default interface: Unable to find default route
提示是说找不到默认接口或者路由,网上说可能有些网卡的名字比较奇怪 ,无法被识别,所以需要在yaml文件中指定网卡名字,我在kube-flannel段增加了- --iface=ens33
---
kind: Namespace
apiVersion: v1
metadata:
name: kube-flannel
labels:
k8s-app: flannel
pod-security.kubernetes.io/enforce: privileged
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: flannel
name: flannel
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- patch
- apiGroups:
- networking.k8s.io
resources:
- clustercidrs
verbs:
- list
- watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: flannel
name: flannel
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flannel
subjects:
- kind: ServiceAccount
name: flannel
namespace: kube-flannel
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: flannel
name: flannel
namespace: kube-flannel
---
kind: ConfigMap
apiVersion: v1
metadata:
name: kube-flannel-cfg
namespace: kube-flannel
labels:
tier: node
k8s-app: flannel
app: flannel
data:
cni-conf.json: |
{
"name": "cbr0",
"cniVersion": "0.3.1",
"plugins": [
{
"type": "flannel",
"delegate": {
"hairpinMode": true,
"isDefaultGateway": true
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
net-conf.json: |
{
"Network": "10.244.0.0/16",
"Backend": {
"Type": "vxlan"
}
}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kube-flannel-ds
namespace: kube-flannel
labels:
tier: node
app: flannel
k8s-app: flannel
spec:
selector:
matchLabels:
app: flannel
template:
metadata:
labels:
tier: node
app: flannel
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
hostNetwork: true
priorityClassName: system-node-critical
tolerations:
- operator: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
- name: install-cni-plugin
image: k8s.gcr.io/flannel-cni-plugin:v1.2.0 //修改为本地docker的位置及tag
command:
- cp
args:
- -f
- /flannel
- /opt/cni/bin/flannel
volumeMounts:
- name: cni-plugin
mountPath: /opt/cni/bin
- name: install-cni
image: k8s.gcr.io/flannel:v0.23.0 //修改为本地docker的位置及tag
command:
- cp
args:
- -f
- /etc/kube-flannel/cni-conf.json
- /etc/cni/net.d/10-flannel.conflist
volumeMounts:
- name: cni
mountPath: /etc/cni/net.d
- name: flannel-cfg
mountPath: /etc/kube-flannel/
containers:
- name: kube-flannel
image: k8s.gcr.io/flannel:v0.23.0 //修改为本地docker的位置及tag
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
- --iface=ens33
resources:
requests:
cpu: "100m"
memory: "50Mi"
securityContext:
privileged: false
capabilities:
add: ["NET_ADMIN", "NET_RAW"]
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: EVENT_QUEUE_DEPTH
value: "5000"
volumeMounts:
- name: run
mountPath: /run/flannel
- name: flannel-cfg
mountPath: /etc/kube-flannel/
- name: xtables-lock
mountPath: /run/xtables.lock
volumes:
- name: run
hostPath:
path: /run/flannel
- name: cni-plugin
hostPath:
path: /opt/cni/bin
- name: cni
hostPath:
path: /etc/cni/net.d
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
- name: xtables-lock
hostPath:
path: /run/xtables.lock
type: FileOrCreate
38. 在所有节点上,新建文件 /run/flannel/subnet.env
FLANNEL_NETWORK=10.10.0.0/16
FLANNEL_SUBNET=10.10.0.1/24
FLANNEL_MTU=1450
FLANNEL_IPMASQ=true
39. 安装flannel,执行如下命令
[root@Master-Node1 kube_deploy]# kubectl apply -f flannel.yaml
namespace/kube-flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
[root@Master-Node1 kube_deploy]#
40. 获取所有POD状态,所有POD都已经running了
[root@Master-Node1 kube_deploy]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-cn9f9 1/1 Running 0 99s
kube-system coredns-5c59b695d8-t6bfm 1/1 Running 0 59m
kube-system coredns-5c59b695d8-wf2hx 1/1 Running 0 59m
kube-system etcd-master-node1 1/1 Running 0 60m
kube-system kube-apiserver-master-node1 1/1 Running 0 60m
kube-system kube-controller-manager-master-node1 1/1 Running 0 60m
kube-system kube-proxy-kjz6k 1/1 Running 0 59m
kube-system kube-scheduler-master-node1 1/1 Running 0 60m
[root@Master-Node1 kube_deploy]#
41. 将节点加入集群,我们集群初始化完成的时候,提示使用token和密钥加入集群,我的是
kubeadm join 192.168.200.101:6443 --token xdo5te.48jodgzaxo06be0b \
--discovery-token-ca-cert-hash sha256:3f7e4ce77123b1799f4467abe03f3611e7ebc8395eef0a1a5b91aa74bbf48f40
获取POD状态
发现有几个POD起不来,看看原因
kubectl describe pods -n kube-flannel kube-flannel-ds-w8bql
拉取镜像失败,手动拉取看看
客户端请求https,服务端响应的是http
修改/etc/docker/daemon.json,增加如下内容
"insecure-registries": ["http://192.168.200.101:5000"]
保存退出,重启docker
[root@Work-Node2 kube_deploy]# systemctl daemon-reload
[root@Work-Node2 kube_deploy]# systemctl restart docker
[root@Work-Node2 kube_deploy]#
再尝试手动拉取镜像,可以成功拉取了
把那个失败的POD删掉,它会自动重建
在work节点安装flannel,报了一堆Forbidden的错
[root@Work-Node2 kube_deploy]# kubectl apply -f flannel.yaml
configmap/kube-flannel-cfg unchanged
Error from server (Forbidden): error when retrieving current configuration of:
Resource: "/v1, Resource=namespaces", GroupVersionKind: "/v1, Kind=Namespace"
Name: "kube-flannel", Namespace: ""
Object: &{map["apiVersion":"v1" "kind":"Namespace" "metadata":map["annotations":map["kubectl.kubernetes.io/last-applied-configuration":""] "labels":map["k8s-app":"flannel" "pod-security.kubernetes.io/enforce":"privileged"] "name":"kube-flannel"]]}
from server for: "flannel.yaml": namespaces "kube-flannel" is forbidden: User "system:node:work-node2" cannot get resource "namespaces" in API group "" in the namespace "kube-flannel"
Error from server (Forbidden): error when retrieving current configuration of:
Resource: "rbac.authorization.k8s.io/v1, Resource=clusterroles", GroupVersionKind: "rbac.authorization.k8s.io/v1, Kind=ClusterRole"
Name: "flannel", Namespace: ""
Object: &{map["apiVersion":"rbac.authorization.k8s.io/v1" "kind":"ClusterRole" "metadata":map["annotations":map["kubectl.kubernetes.io/last-applied-configuration":""] "labels":map["k8s-app":"flannel"] "name":"flannel"] "rules":[map["apiGroups":[""] "resources":["pods"] "verbs":["get"]] map["apiGroups":[""] "resources":["nodes"] "verbs":["get" "list" "watch"]] map["apiGroups":[""] "resources":["nodes/status"] "verbs":["patch"]] map["apiGroups":["networking.k8s.io"] "resources":["clustercidrs"] "verbs":["list" "watch"]]]]}
from server for: "flannel.yaml": clusterroles.rbac.authorization.k8s.io "flannel" is forbidden: User "system:node:work-node2" cannot get resource "clusterroles" in API group "rbac.authorization.k8s.io" at the cluster scope
Error from server (Forbidden): error when retrieving current configuration of:
Resource: "rbac.authorization.k8s.io/v1, Resource=clusterrolebindings", GroupVersionKind: "rbac.authorization.k8s.io/v1, Kind=ClusterRoleBinding"
Name: "flannel", Namespace: ""
Object: &{map["apiVersion":"rbac.authorization.k8s.io/v1" "kind":"ClusterRoleBinding" "metadata":map["annotations":map["kubectl.kubernetes.io/last-applied-configuration":""] "labels":map["k8s-app":"flannel"] "name":"flannel"] "roleRef":map["apiGroup":"rbac.authorization.k8s.io" "kind":"ClusterRole" "name":"flannel"] "subjects":[map["kind":"ServiceAccount" "name":"flannel" "namespace":"kube-flannel"]]]}
from server for: "flannel.yaml": clusterrolebindings.rbac.authorization.k8s.io "flannel" is forbidden: User "system:node:work-node2" cannot get resource "clusterrolebindings" in API group "rbac.authorization.k8s.io" at the cluster scope
Error from server (Forbidden): error when retrieving current configuration of:
Resource: "/v1, Resource=serviceaccounts", GroupVersionKind: "/v1, Kind=ServiceAccount"
Name: "flannel", Namespace: "kube-flannel"
Object: &{map["apiVersion":"v1" "kind":"ServiceAccount" "metadata":map["annotations":map["kubectl.kubernetes.io/last-applied-configuration":""] "labels":map["k8s-app":"flannel"] "name":"flannel" "namespace":"kube-flannel"]]}
from server for: "flannel.yaml": serviceaccounts "flannel" is forbidden: User "system:node:work-node2" cannot get resource "serviceaccounts" in API group "" in the namespace "kube-flannel": can only create tokens for individual service accounts
Error from server (Forbidden): error when retrieving current configuration of:
Resource: "apps/v1, Resource=daemonsets", GroupVersionKind: "apps/v1, Kind=DaemonSet"
Name: "kube-flannel-ds", Namespace: "kube-flannel"
Object: &{map["apiVersion":"apps/v1" "kind":"DaemonSet" "metadata":map["annotations":map["kubectl.kubernetes.io/last-applied-configuration":""] "labels":map["app":"flannel" "k8s-app":"flannel" "tier":"node"] "name":"kube-flannel-ds" "namespace":"kube-flannel"] "spec":map["selector":map["matchLabels":map["app":"flannel"]] "template":map["metadata":map["labels":map["app":"flannel" "tier":"node"]] "spec":map["affinity":map["nodeAffinity":map["requiredDuringSchedulingIgnoredDuringExecution":map["nodeSelectorTerms":[map["matchExpressions":[map["key":"kubernetes.io/os" "operator":"In" "values":["linux"]]]]]]]] "containers":[map["args":["--ip-masq" "--kube-subnet-mgr" "--iface=ens33"] "command":["/opt/bin/flanneld"] "env":[map["name":"POD_NAME" "valueFrom":map["fieldRef":map["fieldPath":"metadata.name"]]] map["name":"POD_NAMESPACE" "valueFrom":map["fieldRef":map["fieldPath":"metadata.namespace"]]] map["name":"EVENT_QUEUE_DEPTH" "value":"5000"]] "image":"192.168.200.101:5000/flannel:v0.23.0" "name":"kube-flannel" "resources":map["requests":map["cpu":"100m" "memory":"50Mi"]] "securityContext":map["capabilities":map["add":["NET_ADMIN" "NET_RAW"]] "privileged":%!q(bool=false)] "volumeMounts":[map["mountPath":"/run/flannel" "name":"run"] map["mountPath":"/etc/kube-flannel/" "name":"flannel-cfg"] map["mountPath":"/run/xtables.lock" "name":"xtables-lock"]]]] "hostNetwork":%!q(bool=true) "initContainers":[map["args":["-f" "/flannel" "/opt/cni/bin/flannel"] "command":["cp"] "image":"192.168.200.101:5000/flannel-cni-plugin:v1.2.0" "name":"install-cni-plugin" "volumeMounts":[map["mountPath":"/opt/cni/bin" "name":"cni-plugin"]]] map["args":["-f" "/etc/kube-flannel/cni-conf.json" "/etc/cni/net.d/10-flannel.conflist"] "command":["cp"] "image":"192.168.200.101:5000/flannel:v0.23.0" "name":"install-cni" "volumeMounts":[map["mountPath":"/etc/cni/net.d" "name":"cni"] map["mountPath":"/etc/kube-flannel/" "name":"flannel-cfg"]]]] "priorityClassName":"system-node-critical" "serviceAccountName":"flannel" "tolerations":[map["effect":"NoSchedule" "operator":"Exists"]] "volumes":[map["hostPath":map["path":"/run/flannel"] "name":"run"] map["hostPath":map["path":"/opt/cni/bin"] "name":"cni-plugin"] map["hostPath":map["path":"/etc/cni/net.d"] "name":"cni"] map["configMap":map["name":"kube-flannel-cfg"] "name":"flannel-cfg"] map["hostPath":map["path":"/run/xtables.lock" "type":"FileOrCreate"] "name":"xtables-lock"]]]]]]}
from server for: "flannel.yaml": daemonsets.apps "kube-flannel-ds" is forbidden: User "system:node:work-node2" cannot get resource "daemonsets" in API group "apps" in the namespace "kube-flannel"
[root@Work-Node2 kube_deploy]#
在master节点执行命令
kubectl edit clusterrolebinding node-cluster-admin-binding
为节点添加角色,将3个节点都加进去后,如果此时保存退出,相同的主体添加了多个条目,则最后添加的主体会把前面主体覆盖,所以我们编辑好后,把文件拷贝出来,直接退出,新建一个文件,例如node-cluster-admin-binding.yaml
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: "2024-02-04T02:51:10Z"
name: node-cluster-admin-binding
resourceVersion: "401448"
selfLink: /apis/rbac.authorization.k8s.io/v1/clusterrolebindings/node-cluster-admin-binding
uid: 1d85b3ad-ce3b-429d-be22-a31a7bddbea2
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: User
name: system:node:work-node1
- apiGroup: rbac.authorization.k8s.io
kind: User
name: system:node:work-node2
- apiGroup: rbac.authorization.k8s.io
kind: User
name: system:node:work-node3
将拷贝的内容贴到node-cluster-admin-binding中,并保存退出,
然后执行如下命令
[root@Master-Node1 kube_deploy]# kubectl apply -f node-cluster-admin-binding.yaml
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
clusterrolebinding.rbac.authorization.k8s.io/node-cluster-admin-binding configured
[root@Master-Node1 kube_deploy]#
执行命令kubectl get clusterrolebinding node-cluster-admin-binding -o yaml,可以看到,三个节点都已经添加进去了
[root@Master-Node1 kube_deploy]# kubectl get clusterrolebinding node-cluster-admin-binding -o yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{},"creationTimestamp":"2024-02-04T02:51:10Z","name":"node-cluster-admin-binding","resourceVersion":"401448","selfLink":"/apis/rbac.authorization.k8s.io/v1/clusterrolebindings/node-cluster-admin-binding","uid":"1d85b3ad-ce3b-429d-be22-a31a7bddbea2"},"roleRef":{"apiGroup":"rbac.authorization.k8s.io","kind":"ClusterRole","name":"cluster-admin"},"subjects":[{"apiGroup":"rbac.authorization.k8s.io","kind":"User","name":"system:node:work-node1"},{"apiGroup":"rbac.authorization.k8s.io","kind":"User","name":"system:node:work-node2"},{"apiGroup":"rbac.authorization.k8s.io","kind":"User","name":"system:node:work-node3"}]}
creationTimestamp: "2024-02-04T02:51:10Z"
name: node-cluster-admin-binding
resourceVersion: "403141"
selfLink: /apis/rbac.authorization.k8s.io/v1/clusterrolebindings/node-cluster-admin-binding
uid: 1d85b3ad-ce3b-429d-be22-a31a7bddbea2
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: User
name: system:node:work-node1
- apiGroup: rbac.authorization.k8s.io
kind: User
name: system:node:work-node2
- apiGroup: rbac.authorization.k8s.io
kind: User
name: system:node:work-node3
[root@Master-Node1 kube_deploy]#
再次安装flannel,成功安装
[root@Work-Node2 kube_deploy]# kubectl apply -f flannel.yaml
namespace/kube-flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
[root@Work-Node2 kube_deploy]#
master节点获取pod状态
kubectl get pods --all-namespaces
[root@Master-Node1 kube_deploy]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-jp7n5 1/1 Running 0 40s
kube-flannel kube-flannel-ds-k89jn 0/1 CrashLoopBackOff 2 40s
kube-flannel kube-flannel-ds-rf2rf 1/1 Running 0 40s
kube-system coredns-5c59b695d8-2gns6 1/1 Running 1 47h
kube-system coredns-5c59b695d8-v7sj2 1/1 Running 1 47h
kube-system etcd-master-node1 1/1 Running 2 47h
kube-system kube-apiserver-master-node1 1/1 Running 2 47h
kube-system kube-controller-manager-master-node1 1/1 Running 6 47h
kube-system kube-proxy-dv6f5 1/1 Running 0 47h
kube-system kube-proxy-dzxj6 1/1 Running 1 47h
kube-system kube-proxy-v7pz2 1/1 Running 1 47h
kube-system kube-scheduler-master-node1 1/1 Running 5 47h
[root@Master-Node1 kube_deploy]#
可以看到有一个POD状态仍然是CrashLoopBackOff 状态,看看这个POD的事件
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled <unknown> default-scheduler Successfully assigned kube-flannel/kube-flannel-ds-k89jn to work-node2
Normal Pulled <invalid> kubelet, work-node2 Container image "192.168.200.101:5000/flannel-cni-plugin:v1.2.0" already present on machine
Normal Created <invalid> kubelet, work-node2 Created container install-cni-plugin
Normal Started <invalid> kubelet, work-node2 Started container install-cni-plugin
Normal Pulled <invalid> kubelet, work-node2 Container image "192.168.200.101:5000/flannel:v0.23.0" already present on machine
Normal Created <invalid> kubelet, work-node2 Created container install-cni
Normal Started <invalid> kubelet, work-node2 Started container install-cni
Normal Pulled <invalid> (x4 over <invalid>) kubelet, work-node2 Container image "192.168.200.101:5000/flannel:v0.23.0" already present on machine
Normal Created <invalid> (x4 over <invalid>) kubelet, work-node2 Created container kube-flannel
Normal Started <invalid> (x4 over <invalid>) kubelet, work-node2 Started container kube-flannel
Warning BackOff <invalid> (x7 over <invalid>) kubelet, work-node2 Back-off restarting failed container
[root@Master-Node1 kube_deploy]#
重启容器失败,看看容器日志
kubectl logs kube-flannel-ds-k89jn -n kube-flannel
[root@Work-Node2 kube_deploy]# kubectl logs kube-flannel-ds-k89jn -n kube-flannel
I0204 11:23:21.195127 1 main.go:210] CLI flags config: {etcdEndpoints:http://127.0.0.1:4001,http://127.0.0.1:2379 etcdPrefix:/coreos.com/network etcdKeyfile: etcdCertfile: etcdCAFile: etcdUsername: etcdPassword: version:false kubeSubnetMgr:true kubeApiUrl: kubeAnnotationPrefix:flannel.alpha.coreos.com kubeConfigFile: iface:[ens33] ifaceRegex:[] ipMasq:true ifaceCanReach: subnetFile:/run/flannel/subnet.env publicIP: publicIPv6: subnetLeaseRenewMargin:60 healthzIP:0.0.0.0 healthzPort:0 iptablesResyncSeconds:5 iptablesForwardRules:true netConfPath:/etc/kube-flannel/net-conf.json setNodeNetworkUnavailable:true}
W0204 11:23:21.195237 1 client_config.go:617] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
E0204 11:23:21.196207 1 main.go:227] Failed to create SubnetManager: error retrieving pod spec for 'kube-flannel/kube-flannel-ds-k89jn': Get "https://10.96.0.1:443/api/v1/namespaces/kube-flannel/pods/kube-flannel-ds-k89jn": dial tcp 10.96.0.1:443: connect: network is unreachable
[root@Work-Node2 kube_deploy]#
路由不可达,手动添加路由
[root@Work-Node2 kube_deploy]# route add -net 10.96.0.1 netmask 255.255.255.255 gw 192.168.200.101
然后把这个POD删掉,它会自动重建,再获取状态,可以看到已经running了
[root@Work-Node2 kube_deploy]# kubectl delete pod kube-flannel-ds-k89jn -n kube-flannel
pod "kube-flannel-ds-k89jn" deleted
[root@Work-Node2 kube_deploy]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-jp7n5 1/1 Running 0 11m
kube-flannel kube-flannel-ds-m4lqw 1/1 Running 0 29s
kube-flannel kube-flannel-ds-rf2rf 1/1 Running 0 11m
kube-system coredns-5c59b695d8-2gns6 1/1 Running 1 47h
kube-system coredns-5c59b695d8-v7sj2 1/1 Running 1 47h
kube-system etcd-master-node1 1/1 Running 2 47h
kube-system kube-apiserver-master-node1 1/1 Running 2 47h
kube-system kube-controller-manager-master-node1 1/1 Running 7 47h
kube-system kube-proxy-dv6f5 1/1 Running 0 47h
kube-system kube-proxy-dzxj6 1/1 Running 1 47h
kube-system kube-proxy-v7pz2 1/1 Running 1 47h
kube-system kube-scheduler-master-node1 1/1 Running 6 47h
[root@Work-Node2 kube_deploy]#
至此,所有节点已经加入了集群,所有POD也都正常运行
[root@Master-Node1 kube_deploy]# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-7pbn2 1/1 Running 0 61s
kube-flannel kube-flannel-ds-ggw6z 1/1 Running 0 6m58s
kube-flannel kube-flannel-ds-jp7n5 1/1 Running 0 22h
kube-flannel kube-flannel-ds-m4lqw 1/1 Running 0 22h
kube-flannel kube-flannel-ds-rf2rf 1/1 Running 0 22h
kube-system coredns-5c59b695d8-2gns6 1/1 Running 1 2d22h
kube-system coredns-5c59b695d8-v7sj2 1/1 Running 1 2d22h
kube-system etcd-master-node1 1/1 Running 2 2d22h
kube-system kube-apiserver-master-node1 1/1 Running 2 2d22h
kube-system kube-controller-manager-master-node1 1/1 Running 20 2d22h
kube-system kube-proxy-6fxks 1/1 Running 0 3h14m
kube-system kube-proxy-dv6f5 1/1 Running 0 2d22h
kube-system kube-proxy-dzxj6 1/1 Running 1 2d22h
kube-system kube-proxy-sjzxv 1/1 Running 0 6m58s
kube-system kube-proxy-v7pz2 1/1 Running 1 2d22h
kube-system kube-scheduler-master-node1 1/1 Running 20 2d22h
[root@Master-Node1 kube_deploy]#