1、搭建步骤
关闭防火墙:
$ systemctl stop firewalld
$ systemctl disable firewalld
关闭selinux:
$ sed -i 's/enforcing/disabled/' /etc/selinux/config
$ setenforce 0
关闭swap:
$ swapoff -a $ 临时
$ vim /etc/fstab $ 永久
添加主机名与IP对应关系(记得设置主机名):
设置主机名:
vi /etc/sysconfig/network
HOSTNAME=dh-k8s-master
$ cat /etc/hosts
192.168.109.5 dh-k8s-master
192.168.109.6 dh-k8s-node1
将桥接的IPv4流量传递到iptables的链:
$ cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
$ sysctl --system
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
EOF
-- 安装工具
yum install -y kubelet-1.15.3 kubeadm-1.15.3 kubectl-1.15.3 --disableexcludes=kubernetes
docker pull mirrorgooglecontainers/kube-apiserver:v1.15.0
docker pull mirrorgooglecontainers/kube-controller-manager:v1.15.0
docker pull mirrorgooglecontainers/kube-scheduler:v1.15.0
docker pull mirrorgooglecontainers/kube-proxy:v1.15.0
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker pull coredns/coredns:1.1.3
docker tag docker.io/mirrorgooglecontainers/kube-proxy:v1.15.0 k8s.gcr.io/kube-proxy:v1.15.0
docker tag docker.io/mirrorgooglecontainers/kube-scheduler:v1.15.0 k8s.gcr.io/kube-scheduler:v1.15.0
docker tag docker.io/mirrorgooglecontainers/kube-apiserver:v1.15.0 k8s.gcr.io/kube-apiserver:v1.15.0
docker tag docker.io/mirrorgooglecontainers/kube-controller-manager:v1.15.0 k8s.gcr.io/kube-controller-manager:v1.15.0
docker tag docker.io/mirrorgooglecontainers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10
docker tag docker.io/mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag docker.io/coredns/coredns:1.1.3 k8s.gcr.io/coredns:1.1.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.15.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.15.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.15.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.15.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.10
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.1.3
docker images |grep mirrorgooglecontainers |awk '{print "docker rmi ", $1":"$2}' |sh -x
-- 启动
kubeadm init --kubernetes-version=v1.15.0 --apiserver-advertise-address=192.168.109.5 --pod-network-cidr=10.0.0.0/16 --service-cidr 11.0.0.0/12 --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers
[root@dh-k8s-master ~]# kubeadm token create --print-join-command
kubeadm join 192.168.109.5:6443 --token jo55m8.iv3s8hf4s9dsz7lt --discovery-token-ca-cert-hash sha256:5e97fd1996362d8f7d41d521f2eb6caa3f3e4bb382b4c9d3d93c74cdc98e3042
-- 启动成功后要保留,后续假如性的节点要使用
kubeadm join 192.168.109.5:6443 --token vhzjoh.ac0zuwt5n0jaeuvs --discovery-token-ca-cert-hash sha256:b3b0fc91ea1e5d2447484017969878dc929d64d45809b25d4effa28cf997f79d
启动日志保留
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
待加入的节点执行
kubeadm join 192.168.109.5:6443 --token phmioh.pcldggd4nb0ftq78 \
--discovery-token-ca-cert-hash sha256:5e97fd1996362d8f7d41d521f2eb6caa3f3e4bb382b4c9d3d93c74cdc98e3042
辅助:在集群中查看集群的token值
kubeadm token create --print-join-command
[root@dh-k8s-master ~]# kubeadm token create --print-join-command
kubeadm join 192.168.109.5:6443 --token jo55m8.iv3s8hf4s9dsz7lt --discovery-token-ca-cert-hash sha256:5e97fd1996362d8f7d41d521f2eb6caa3f3e4bb382b4c9d3d93c74cdc98e3042
安装flannel网络插件
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
[root@dh-k8s-master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
查看节点
kubectl get nodes
检查集群状态
kubectl get cs
[root@dh-k8s-master ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true"}
2、排错常用命令
kubectl -n kube-system get svc
kubectl -n kube-system edit svc kubernetes-dashboard
kubectl delete -f kubernetes-dashboard.yaml
kubectl describe pods --namespace=kube-system kubernetes-dashboard-7d75c474bb-xfbsr
kubectl get pods --namespace=kubernetes-dashboard
kubectl logs --namespace=kubernetes-dashboard kubernetes-dashboard-7d8b9cc8d-dxd6c
命令行提示
echo "source <(kubectl completion bash)" >> ~/.bashrc
source ~/.bashrc