master配置:
安装应用
yum install etcd docker kubernetes flannel -y
关闭防火墙
systemctl stop firewalld.service
关闭selinux
setenforce 0
vim /etc/etcd/etcd.conf
ETCD_NAME="default"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379"
vim /etc/kubernetes/apiserver
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_API_PORT="--port=8080"
KUBE_ETCD_SERVERS="--etcd-servers=http://10.0.0.11:2379"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
vim /etc/kubernetes/config
22 KUBE_MASTER="--master=http://10.0.0.11:8080"
vi /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.2.121:2379"
etcdctl mk /atomic.io/network/config '{ "Network": "172.16.0.0/16" }'
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> /etc/rc.d/rc.local \
&& echo 1 > /proc/sys/net/ipv4/ip_forward \
&& chmod +x /etc/rc.d/rc.local \
&& ll /etc/rc.d/rc.local \
&& cat /proc/sys/net/ipv4/ip_forward
systemctl restart kube-apiserver.service kube-controller-manager.service kube-scheduler.service flanneld.service docker
========================================================
node配置:
安装应用
yum install docker kubernetes flannel python-rhsm* -y
关闭防火墙
systemctl stop firewalld.service
关闭selinux
setenforce 0
vim /etc/kubernetes/config
KUBE_MASTER="--master=http://10.0.0.11:8080"
vim /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_HOSTNAME="--hostname-override=192.168.2.121"
KUBELET_API_SERVER="--api-servers=http://10.0.0.11:8080"
vi /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.2.121:2379"
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> /etc/rc.d/rc.local \
&& echo 1 > /proc/sys/net/ipv4/ip_forward \
&& chmod +x /etc/rc.d/rc.local \
&& ll /etc/rc.d/rc.local \
&& cat /proc/sys/net/ipv4/ip_forward
cd /etc/rhsm/ca/
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem
docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
vi /usr/lib/systemd/system/docker.service
Environment="HTTPS_PROXY=http://www.ik8s.ip:10080"
ExecReload=/bin/kill -s HUP $MAINPID
systemctl daemon-reload
systemctl restart kubelet.service kube-proxy.service docker flanneld.service
==============================================================
在master上创建、删除、发布服务:
以rc方式创建pod
vi nginx-rc.yml
--------------------------------
---
apiVersion: v1
kind: ReplicationController
metadata:
name: nginx
spec:
replicas: 1
selector:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
--------------------------------
kubectl create -f nginx-rc.yml
查看rc
kubectl get replicationcontroller -o wide
NAME DESIRED CURRENT READY AGE CONTAINER(S) IMAGE(S) SELECTOR
nginx 1 1 1 1h nginx nginx:latest app=nginx
删除rc
kubectl delete -f nginx-rc.yml
查看pod
kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
nginx-mxpcz 1/1 Running 0 2m 172.16.54.2 192.168.2.122
查看pod详细信息
kubectl describe pod nginx-mxpcz
Name: nginx-mxpcz
Namespace: default
Node: 192.168.2.122/192.168.2.122
Start Time: Fri, 02 Aug 2019 11:31:32 +0800
Labels: app=nginx
Status: Running
IP: 172.16.54.2
Controllers: ReplicationController/nginx
Containers:
nginx:
Container ID: docker://5d2337b9f1743e40ad2a5c5768b51907b1e517ab44df8d11d8ed6bc1aa28b06f
Image: nginx:latest
Image ID: docker-pullable://docker.io/nginx@sha256:eb3320e2f9ca409b7c0aa71aea3cf7ce7d018f03a372564dbdb023646958770b
Port: 80/TCP
State: Running
Started: Fri, 02 Aug 2019 11:31:59 +0800
Ready: True
Restart Count: 0
Volume Mounts: <none>
Environment Variables: <none>
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
No volumes.
QoS Class: BestEffort
Tolerations: <none>
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
3m 3m 1 {default-scheduler } Normal Scheduled Successfully assigned nginx-mxpcz to 192.168.2.122
3m 3m 1 {kubelet 192.168.2.122} spec.containers{nginx} Normal Pulling pulling image "nginx:latest"
3m 2m 2 {kubelet 192.168.2.122} Warning MissingClusterDNS kubelet does not have ClusterDNS IP configured and cannot create Pod using "ClusterFirst" policy. Falling back to DNSDefault policy.
2m 2m 1 {kubelet 192.168.2.122} spec.containers{nginx} Normal Pulled Successfully pulled image "nginx:latest"
2m 2m 1 {kubelet 192.168.2.122} spec.containers{nginx} Normal Created Created container with docker id 5d2337b9f174; Security:[seccomp=unconfined]
2m 2m 1 {kubelet 192.168.2.122} spec.containers{nginx} Normal Started Started container with docker id 5d2337b9f174
发布节点服务容器访问地址:
kubectl expose pods/nginx-mxpcz --type="NodePort" --port 80
查看服务
kubectl get service
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 3h
nginx-mxpcz 10.254.130.113 <nodes> 80:30775/TCP 18s
查点服务详细内容
kubectl describe service nginx-mxpcz
Name: nginx-mxpcz
Namespace: default
Labels: app=nginx
Selector: app=nginx
Type: NodePort
IP: 10.254.130.113
Port: <unset> 80/TCP
NodePort: <unset> 30775/TCP
Endpoints: 172.16.54.2:80
Session Affinity: None
No events.
直接访问容器服务器:
http://192.168.2.122:30775/
通过管理节点访问容器:
http://192.168.2.121:8080/api/v1/namespaces/default/pods/nginx-mxpcz/proxy/
查看pos访问日志
kubectl logs nginx-mxpcz
进入容器
kubectl exec -ti nginx-mxpcz bash