K8S集群搭建

1、搭建步骤


关闭防火墙:
$ systemctl stop firewalld
$ systemctl disable firewalld

关闭selinux:
$ sed -i 's/enforcing/disabled/' /etc/selinux/config 
$ setenforce 0

关闭swap:
$ swapoff -a  $ 临时
$ vim /etc/fstab  $ 永久

添加主机名与IP对应关系(记得设置主机名):
设置主机名:
vi /etc/sysconfig/network 
HOSTNAME=dh-k8s-master
$ cat /etc/hosts
192.168.109.5 dh-k8s-master
192.168.109.6 dh-k8s-node1

将桥接的IPv4流量传递到iptables的链:
$ cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
$ sysctl --system

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
EOF


-- 安装工具
yum install -y kubelet-1.15.3 kubeadm-1.15.3 kubectl-1.15.3 --disableexcludes=kubernetes

docker pull mirrorgooglecontainers/kube-apiserver:v1.15.0
docker pull mirrorgooglecontainers/kube-controller-manager:v1.15.0
docker pull mirrorgooglecontainers/kube-scheduler:v1.15.0
docker pull mirrorgooglecontainers/kube-proxy:v1.15.0
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker pull coredns/coredns:1.1.3

docker tag docker.io/mirrorgooglecontainers/kube-proxy:v1.15.0 k8s.gcr.io/kube-proxy:v1.15.0
docker tag docker.io/mirrorgooglecontainers/kube-scheduler:v1.15.0 k8s.gcr.io/kube-scheduler:v1.15.0
docker tag docker.io/mirrorgooglecontainers/kube-apiserver:v1.15.0 k8s.gcr.io/kube-apiserver:v1.15.0
docker tag docker.io/mirrorgooglecontainers/kube-controller-manager:v1.15.0 k8s.gcr.io/kube-controller-manager:v1.15.0
docker tag docker.io/mirrorgooglecontainers/etcd:3.3.10  k8s.gcr.io/etcd:3.3.10
docker tag docker.io/mirrorgooglecontainers/pause:3.1  k8s.gcr.io/pause:3.1
docker tag docker.io/coredns/coredns:1.1.3  k8s.gcr.io/coredns:1.1.3

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.15.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.15.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.15.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.15.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.10
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.1.3

 

docker images |grep mirrorgooglecontainers |awk '{print "docker rmi ", $1":"$2}' |sh -x


-- 启动
kubeadm init --kubernetes-version=v1.15.0  --apiserver-advertise-address=192.168.109.5  --pod-network-cidr=10.0.0.0/16 --service-cidr 11.0.0.0/12 --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers

[root@dh-k8s-master ~]# kubeadm token create --print-join-command
kubeadm join 192.168.109.5:6443 --token jo55m8.iv3s8hf4s9dsz7lt     --discovery-token-ca-cert-hash sha256:5e97fd1996362d8f7d41d521f2eb6caa3f3e4bb382b4c9d3d93c74cdc98e3042 

-- 启动成功后要保留,后续假如性的节点要使用
kubeadm join 192.168.109.5:6443 --token vhzjoh.ac0zuwt5n0jaeuvs     --discovery-token-ca-cert-hash sha256:b3b0fc91ea1e5d2447484017969878dc929d64d45809b25d4effa28cf997f79d 
    
启动日志保留
To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

待加入的节点执行
kubeadm join 192.168.109.5:6443 --token phmioh.pcldggd4nb0ftq78 \
    --discovery-token-ca-cert-hash sha256:5e97fd1996362d8f7d41d521f2eb6caa3f3e4bb382b4c9d3d93c74cdc98e3042 
辅助:在集群中查看集群的token值
kubeadm token create --print-join-command

[root@dh-k8s-master ~]# kubeadm token create --print-join-command
kubeadm join 192.168.109.5:6443 --token jo55m8.iv3s8hf4s9dsz7lt     --discovery-token-ca-cert-hash sha256:5e97fd1996362d8f7d41d521f2eb6caa3f3e4bb382b4c9d3d93c74cdc98e3042 

    
安装flannel网络插件
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

[root@dh-k8s-master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created

查看节点
kubectl get nodes

检查集群状态
kubectl get cs

[root@dh-k8s-master ~]# kubectl get cs
NAME                 STATUS    MESSAGE             ERROR
controller-manager   Healthy   ok                  
scheduler            Healthy   ok                  
etcd-0               Healthy   {"health":"true"} 

2、排错常用命令

kubectl -n kube-system get svc
kubectl -n kube-system edit svc kubernetes-dashboard
kubectl delete -f kubernetes-dashboard.yaml

kubectl describe pods --namespace=kube-system kubernetes-dashboard-7d75c474bb-xfbsr

kubectl get pods --namespace=kubernetes-dashboard
kubectl logs --namespace=kubernetes-dashboard kubernetes-dashboard-7d8b9cc8d-dxd6c

命令行提示
echo "source <(kubectl completion bash)" >> ~/.bashrc 
source ~/.bashrc

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值