1、节点规划
docker1: 192.168.137.11 Master
docker2: 192.168.137.12 Node
docker3: 192.168.137.13 Node
docker4: 192.168.137.14 Node
2、环境准备
VMware® Workstation 15 Pro
操作系统:CentOS-7-x86_64-DVD-1804
3、环境初始化
#关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
#关闭 SeLinux
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
#关闭 swap
swapoff -a
yes | cp /etc/fstab /etc/fstab_bak
cat /etc/fstab_bak |grep -v swap > /etc/fstab
#配置yum源
curl http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
curl http://mirrors.aliyun.com/repo/epel-7.repo -o /etc/yum.repos.d/epel.repo
curl http://mirrors.aliyun.com/repo/Centos-7.repo -o /etc/yum.repos.d/CentOS-Base.repo
mkdir /yum
mount /dev/sr0 /yum
cat >/etc/yum.repos.d/CentOS-Media.repo <<EOF
[c7-media]
name=CentOS-$releasever - Media
baseurl=file:///yum
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
EOF
yum clean all && yum makecache
#进行时间同步
```bash
timedatectl
timedatectl set-ntp true
#增加配置
cat > /etc/sysctl.d/k8s.conf<<EOF
net.ipv4.ip_forward=1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
#加载
sysctl --system
#配置hosts文件
cat >/etc/hosts <<EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 $(hostname)
192.168.137.11 docker1.heng
192.168.137.12 docker2.heng
192.168.137.13 docker3.heng
192.168.137.14 docker4.heng
EOF
4、下载软件安装包
本来是想装最新版,发现aliyun库里只有这个版本
yum install --downloadonly --downloaddir=/tmp kubernetes
5、安装
5.1 所有节点
5.1.1 k8s依赖软件安装包
5.1.2 k8s依赖软件安装
yum localinstall -y *.rpm
5.1.3 安装flannel网络
yum install flannel -y
sed -i 's#http://127.0.0.1:2379#http://192.168.137.11:2379#g' /etc/sysconfig/flanneld
5.2 Master节点操作
5.2.1 Master节点安装包
5.2.2 Master节点软件安装
[root@docker1 k8s]# yum localinstall -y *.rpm
[root@docker1 k8s]# yum install -y etcd-3.3.11-2.el7.centos.x86_64
5.2.3 配置主节点etcd
[root@docker1 k8s]# vim /etc/etcd/etcd.conf
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.137.11:2379"
5.2.3 配置本地registry
[root@docker1 k8s]# systemctl restart docker.service
[root@docker1 k8s]# docker run -d -p 5000:5000 --restart=always --name registry -v /opt/registry:/var/lib/registry registry
5.2.4 配置镜像仓库
[root@docker1 k8s]# vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --registry-mirror=https://registry.docker-cn.com --insecure-registry=192.168.137.11:5000'
5.2.5 配置Master节点
[root@docker1 k8s]# vim /etc/kubernetes/apiserver
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_API_PORT="--port=8080"
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.137.11:2379"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
5.2.6 配置flannel网络
[root@docker1 k8s]# etcdctl mk /atomic.io/network/config '{ "Network": "172.16.0.0/16" }'
[root@docker1 k8s]# etcdctl get /atomic.io/network/config
{ "Network": "172.16.0.0/16" }
5.2.7 服务启动配置
[root@docker1 k8s]# systemctl daemon-reload
[root@docker1 k8s]# systemctl restart etcd.service
[root@docker1 k8s]# systemctl enable etcd.service
[root@docker1 k8s]# systemctl start flanneld.service
[root@docker1 k8s]# systemctl enable flanneld.service
[root@docker1 k8s]# systemctl restart docker.service
[root@docker1 k8s]# systemctl enable docker.service
[root@docker1 k8s]# systemctl enable kube-apiserver.service
[root@docker1 k8s]# systemctl start kube-apiserver.service
[root@docker1 k8s]# systemctl enable kube-controller-manager.service
[root@docker1 k8s]# systemctl start kube-controller-manager.service
[root@docker1 k8s]# systemctl enable kube-scheduler.service
[root@docker1 k8s]# systemctl start kube-scheduler.service
5.3 Node节点操作
5.3.1 Node节点安装包
5.3.1 Node节点软件安装
[root@docker2 k8s-node]# yum localinstall -y *.rpm
5.3.2 配置镜像仓库
[root@docker2 k8s-node]# vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --insecure-registry=192.168.137.11:5000'
5.3.3 配置Node节点
[root@docker2 k8s-node]# vim /etc/kubernetes/config
KUBE_MASTER="--master=http://192.168.137.11:8080"
[root@docker2 k8s-node]# vim /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=192.168.137.12"
KUBELET_HOSTNAME="--hostname-override=192.168.137.12"
KUBELET_API_SERVER="--api-servers=http://192.168.137.11:8080"
5.3.4 服务启动配置
[root@docker2 k8s-node]# systemctl daemon-reload
[root@docker2 k8s-node]# systemctl enable flanneld.service
[root@docker2 k8s-node]# systemctl start flanneld.service
[root@docker2 k8s-node]# systemctl restart docker.service
[root@docker2 k8s-node]# systemctl enable docker.service
[root@docker2 k8s-node]# systemctl enable kubelet.service
[root@docker2 k8s-node]# systemctl start kubelet.service
[root@docker2 k8s-node]# systemctl enable kube-proxy.service
[root@docker2 k8s-node]# systemctl start kube-proxy.service
6 测试
6.1 检查节点
[root@docker2 k8s-node]# kubectl get nodes #写文档时特意停的13和14节点,太卡了。。。
6.2 创建Pod
6.2.1 上传镜像至本地镜像仓库
#下载nginx镜像
[root@docker2 k8s-node]# docker pull nginx
#更改镜像名格式
[root@docker2 k8s-node]# docker image tag e791337790a6 192.168.137.11:5000/heng/nginx:v1
#上传镜像至本地镜像仓库
[root@docker2 k8s-node]# docker push 192.168.137.11:5000/heng/nginx:v1
6.2.2 编写创建Pod的yaml文件
[root@docker1 file_yaml]# cat k8s_pod.yml
piVersion: v1
kind: Pod
metadata:
name: nginx1
labels:
app: web1
spec:
containers:
- name: nginx1
image: 192.168.137.11:5000/heng/nginx:v1
ports:
- containerPort: 80
6.2.2 创建Pod
[root@docker1 file_yaml]# kubectl create -f k8s_pod.yml
6.3 查看Pod状态
[root@docker1 file_yaml]# kubectl get pod nginx1
注:这是改好的状态,第一次启动没起来,下面进行分析
[root@docker1 file_yaml]# kubectl describe pod nginx1
再详细信息中查看到报错如下:
Error syncing pod, skipping: failed to “StartContainer” for “POD” with ErrImagePull: “image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)”
6.4 获取pod-infrastructure:latest镜像
#查询镜像
[root@docker1 file_yaml]# docker search pod-infrastructure:latest
#镜像获取(忘了选的哪个了。。)
6.5 镜像上传至本地镜像仓库
[root@docker1 file_yaml]# docker image tag 99965fb98423 192.168.137.11:5000/heng/pod-infrastructure:latest
[root@docker1 file_yaml]# docker push 192.168.137.11:5000/heng/pod-infrastructure:latest
6.7 所有Node节点修改配置文件
vim /etc/kubernetes/kubelet
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=192.168.137.11:5000/heng/pod-infrastructure:latest"
systemctl restart kubelet.service
6.8 重新创建Pod
[root@docker1 file_yaml]# kubectl delete pod nginx1
pod "nginx1" deleted
[root@docker1 file_yaml]# kubectl create -f k8s_pod.yml
[root@docker1 file_yaml]# kubectl get pod nginx1
NAME READY STATUS RESTARTS AGE
nginx1 1/1 Running 0 12s
7 END
本是想装个高版本的玩的,无奈身边无牛人,网上没有找到完整的安装说明,退而求其次安装版本较低的,不过功能还是可以的,自己练习玩一下还是没问题的。
[root@docker1 file_yaml]# docker version
Client:
Version: 1.13.1
API version: 1.26
Package version: docker-1.13.1-109.gitcccb291.el7.centos.x86_64
Go version: go1.10.3
Git commit: cccb291/1.13.1
Built: Tue Mar 3 17:21:24 2020
OS/Arch: linux/amd64
Server:
Version: 1.13.1
API version: 1.26 (minimum version 1.12)
Package version: docker-1.13.1-109.gitcccb291.el7.centos.x86_64
Go version: go1.10.3
Git commit: cccb291/1.13.1
Built: Tue Mar 3 17:21:24 2020
OS/Arch: linux/amd64
Experimental: false
[root@docker1 file_yaml]# kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"269f928217957e7126dc87e6adfa82242bfe5b1e", GitTreeState:"clean", BuildDate:"2017-07-03T15:31:10Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"269f928217957e7126dc87e6adfa82242bfe5b1e", GitTreeState:"clean", BuildDate:"2017-07-03T15:31:10Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
[root@docker1 file_yaml]# etcdctl --version
etcdctl version: 3.3.11
API version: 2
[root@docker1 file_yaml]# rpm -qa|grep flannel*
flannel-0.7.1-4.el7.x86_64