1、安装docker
sudo yum -y install docker
#docker增加非https仓库支持:
sudo vi /etc/docker/daemon.json
{ "insecure-registries":["10.255.1.153:5000"] }
#启用服务
sudo systemctl start docker
sudo systemctl enable docker
#授权oper用户使用docker
sudo chown oper ..../docker/sock
2、安装k8s
(1)增加repo文件
cat > /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
EOF
(2)修改系统配置
vi /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
###
sysctl -p /etc/sysctl.d/k8s.conf
(3)修改机器名称并添加hosts
vi /etc/hosts
127.0.0.1 uat-k8s-master
(5)拉取本地k8s镜象:
docker pull 10.255.1.153:5000/coredns:1.2.6
docker pull 10.255.1.153:5000/etcd:3.2.24
docker pull 10.255.1.153:5000/kube-apiserver:v1.13.3
docker pull 10.255.1.153:5000/kube-controller-manager:v1.13.3
docker pull 10.255.1.153:5000/kube-proxy:v1.13.3
docker pull 10.255.1.153:5000/kube-scheduler:v1.13.3
docker pull 10.255.1.153:5000/pause:3.1
(6)对本地镜像重新tag:
docker tag 10.255.1.153:5000/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
docker tag 10.255.1.153:5000/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag 10.255.1.153:5000/kube-apiserver:v1.13.3 k8s.gcr.io/kube-apiserver:v1.13.3
docker tag 10.255.1.153:5000/kube-controller-manager:v1.13.3 k8s.gcr.io/kube-controller-manager:v1.13.3
docker tag 10.255.1.153:5000/kube-proxy:v1.13.3 k8s.gcr.io/kube-proxy:v1.13.3
docker tag 10.255.1.153:5000/kube-scheduler:v1.13.3 k8s.gcr.io/kube-scheduler:v1.13.3
docker tag 10.255.1.153:5000/pause:3.1 k8s.gcr.io/pause:3.1
(7)创建完成后保存join的链接:
kubeadm join 10.255.16.89:6443 --token aohbe5.8pw6ui9sa5o0fq6g --discovery-token-ca-cert-hash sha256:48fd01ab4863809e6d08af94ccab7f5ced842b0413c6750e1480c32e09aaf19f
nfs安装
(1)master:
yum -y install nfs-utils rpcbind
vim /etc/exports
# 添加以下内容
/data/deploy/logs 10.10.103.0/24(rw,no_root_squash,no_all_squash,sync)
# 使配置生效
exportfs -r
# 依次启动服务
systemctl start rpcbind
systemctl start nfs-server
(2)node:
yum -y install nfs-utils
安装elk
docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 \
-it --name elk \
sebp/elk
修改elk中的filebeat-input,进行json格式codec处理
input {
beats {
port => 5044
ssl => false
codec => "json"
}
}
在worker节点上安装filebeat
1、准备配置文件filebeat.yml
filebeat.prospectors:
- type: log
paths:
- /data/deploy/*/logs/wrapper.log
output.logstash:
hosts: ["10.255.16.89:5044"]
2、执行docker镜像
docker run -d --name filebeat \
-v /data/apps/filebeat/filebeat.yml:/filebeat.yml \
-v /data/deploy:/data/deploy \
prima/filebeat
增加elasticsearch的代理对filebeat过来的日志进行精确排序
docker run -d --rm --name elasticproxy \
-p 8899:8899 zhangyuming/elasticproxy elasticproxy \
-elastic_host 10.255.16.89:9200
修改kibana.yml,将elasticsearch的指向改为8899的代理
vi /opt/kibana/config/kibana.yml
# 修改以下行
elasticsearch.url: "http://10.255.16.89:8899"
小贴士
(1)强制删除pod
kubectl delete pod trtec-web-mp-6mlzs --grace-period=0 --force