一、节点规划
Role | Ip | Host |
master | 192.168.1.151 | docker1 |
minion | 192.168.1.154 | docker2 |
minion | 192.168.2.2 | docker3 |
minion | 192.168.1.6 | docker4 |
二、安装部署
1、各节点操作系统为centos7.0.内核版本为
Linux docker3 3.10.0-229.el7.x86_64 #1 SMP Fri Mar 6 11:36:42 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
2、在所有节点上配置yum源,过程如下:
[root@docker1 ~]# cat /etc/yum.repos.d/k8s.repo
[virt7-testing]
name=virt7-testing
baseurl=http://cbs.centos.org/repos/virt7-common-testing/x86_64/os/
gpgcheck=0
3、所有节点配置本地解析,将如下内容追加到/etc/hosts文件中
192.168.1.151 docker1
192.168.1.154 docker2
192.168.2.2 docker3
192.168.1.6 docker4
4、所有节点执行安装命令
yum -y install --enablerepo=virt7-testing kubernetes
5、master节点上安装etcd,保存集群的元数据(etcd这里只使用单机版)
yum -y install http://cbs.centos.org/kojifiles/packages/etcd/0.4.6/7.el7.centos/x86_64/etcd-0.4.6-7.el7.centos.x86_64.rpm
6、启动etcd
systemctl start etcd.service
systemctl enable etcd.service
7、授权,kubernetes启动时使用的是kube的用户,因此需对部分目录授予write的权限
chmod o+w /var/run/
8、配置master节点
[root@docker1 ~]# cat /etc/kubernetes/config
###
# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
# kube-apiserver.service
# kube-controller-manager.service
# kube-scheduler.service
# kubelet.service
# kube-proxy.service
# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://docker1:4001"
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow_privileged=false"
[root@docker1 ~]# cat /etc/kubernetes/apiserver
###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#
# The address on the local server to listen to.
KUBE_API_ADDRESS="--address=0.0.0.0"
#
# # The port on the local server to listen on.
KUBE_API_PORT="--port=8080"
#
# # How the replication controller and scheduler find the kube-apiserver
KUBE_MASTER="--master=http://docker1:8080"
#
# # Port kubelets listen on
KUBELET_PORT="--kubelet-port=10250"
#
# # Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
#
# # Add your own!
KUBE_API_ARGS=""
[root@docker1 ~]# cat k8s_start.sh
#!/bin/bash
#
#
for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler
do
systemctl restart $SERVICES
systemctl enable $SERVICES
systemctl status $SERVICES
done
9、为启动脚本授予执行权限,并期启动master节点
chmod +x k8s_start.sh
[root@docker1 ~]# ./k8s_start.sh
● etcd.service - Etcd Server
Loaded: loaded (/usr/lib/systemd/system/etcd.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2015-12-27 23:10:49 EST; 183ms ago
Main PID: 3961 (etcd)
CGroup: /system.slice/etcd.service
└─3961 /usr/bin/etcd
Dec 27 23:10:49 docker1 systemd[1]: etcd.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Dec 27 23:10:49 docker1 systemd[1]: Unit etcd.service entered failed state.
Dec 27 23:10:49 docker1 systemd[1]: etcd.service failed.
Dec 27 23:10:49 docker1 systemd[1]: Started Etcd Server.
Dec 27 23:10:49 docker1 systemd[1]: Starting Etcd Server...
Dec 27 23:10:49 docker1 etcd[3961]: Using the directory docker1.etcd as the etcd curation directory because a directory was not specified.
● kube-apiserver.service - Kubernetes API Server
Loaded: loaded (/usr/lib/systemd/system/kube-apiserver.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2015-12-27 23:10:53 EST; 141ms ago
Docs: https://github.com/GoogleCloudPlatform/kubernetes
Main PID: 3990 (kube-apiserver)
CGroup: /system.slice/kube-apiserver.service
└─3990 /usr/bin/kube-apiserver --logtostderr=true --v=0 --etcd-servers=http://docker1:4001 --address=0.0.0.0 --port=8080 --kubelet-port=10250 --allow_privileg...
Dec 27 23:10:50 docker1 systemd[1]: Starting Kubernetes API Server...
Dec 27 23:10:50 docker1 kube-apiserver[3990]: I1227 23:10:50.135347 3990 plugins.go:69] No cloud provider specified.
Dec 27 23:10:50 docker1 kube-apiserver[3990]: I1227 23:10:50.135735 3990 master.go:273] Node port range unspecified. Defaulting to 30000-32767.
Dec 27 23:10:50 docker1 kube-apiserver[3990]: I1227 23:10:50.136166 3990 master.go:295] Will report 192.168.1.151 as public IP address.
Dec 27 23:10:50 docker1 kube-apiserver[3990]: [restful] 2015/12/27 23:10:50 log.go:30: [restful/swagger] listing is available at https://192.168.1.151:6443/swaggerapi/
Dec 27 23:10:50 docker1 kube-apiserver[3990]: [restful] 2015/12/27 23:10:50 log.go:30: [restful/swagger] https://192.168.1.151:6443/swaggerui/ is mapped to fol...wagger-ui/
Dec 27 23:10:51 docker1 kube-apiserver[3990]: I1227 23:10:51.222827 3990 server.go:441] Serving securely on 0.0.0.0:6443
Dec 27 23:10:51 docker1 kube-apiserver[3990]: I1227 23:10:51.222869 3990 server.go:483] Serving insecurely on 0.0.0.0:8080
Dec 27 23:10:53 docker1 kube-apiserver[3990]: I1227 23:10:53.763747 3990 server.go:456] Using self-signed cert (/var/run/kubernetes/apiserver.crt, /var/run/...erver.key)
Dec 27 23:10:53 docker1 systemd[1]: Started Kubernetes API Server.
Hint: Some lines were ellipsized, use -l to show in full.
● kube-controller-manager.service - Kubernetes Controller Manager
Loaded: loaded (/usr/lib/systemd/system/kube-controller-manager.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2015-12-27 23:10:53 EST; 158ms ago
Docs: https://github.com/GoogleCloudPlatform/kubernetes
Main PID: 4022 (kube-controller)
CGroup: /system.slice/kube-controller-manager.service
└─4022 /usr/bin/kube-controller-manager --logtostderr=true --v=0
Dec 27 23:10:53 docker1 systemd[1]: kube-controller-manager.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Dec 27 23:10:53 docker1 systemd[1]: Unit kube-controller-manager.service entered failed state.
Dec 27 23:10:53 docker1 systemd[1]: kube-controller-manager.service failed.
Dec 27 23:10:53 docker1 systemd[1]: Started Kubernetes Controller Manager.
Dec 27 23:10:53 docker1 systemd[1]: Starting Kubernetes Controller Manager...
Dec 27 23:10:54 docker1 kube-controller-manager[4022]: W1227 23:10:54.011958 4022 controllermanager.go:149] Neither --kubeconfig nor --master was specified. ...not work.
Dec 27 23:10:54 docker1 kube-controller-manager[4022]: I1227 23:10:54.012694 4022 plugins.go:69] No cloud provider specified.
Dec 27 23:10:54 docker1 kube-controller-manager[4022]: I1227 23:10:54.012818 4022 nodecontroller.go:114] Sending events to api server.
Dec 27 23:10:54 docker1 kube-controller-manager[4022]: E1227 23:10:54.013046 4022 controllermanager.go:201] Failed to start service controller: ServiceContro...provider.
Hint: Some lines were ellipsized, use -l to show in full.
● kube-scheduler.service - Kubernetes Scheduler Plugin
Loaded: loaded (/usr/lib/systemd/system/kube-scheduler.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2015-12-27 23:10:54 EST; 176ms ago
Docs: https://github.com/GoogleCloudPlatform/kubernetes
Main PID: 4050 (kube-scheduler)
CGroup: /system.slice/kube-scheduler.service
└─4050 /usr/bin/kube-scheduler --logtostderr=true --v=0
Dec 27 23:10:54 docker1 systemd[1]: Stopping Kubernetes Scheduler Plugin...
Dec 27 23:10:54 docker1 systemd[1]: kube-scheduler.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Dec 27 23:10:54 docker1 systemd[1]: Unit kube-scheduler.service entered failed state.
Dec 27 23:10:54 docker1 systemd[1]: kube-scheduler.service failed.
Dec 27 23:10:54 docker1 systemd[1]: Started Kubernetes Scheduler Plugin.
Dec 27 23:10:54 docker1 systemd[1]: Starting Kubernetes Scheduler Plugin...
Dec 27 23:10:54 docker1 kube-scheduler[4050]: W1227 23:10:54.210952 4050 server.go:83] Neither --kubeconfig nor --master was specified. Using default API c... not work.
Hint: Some lines were ellipsized, use -l to show in full.
10、配置minion节点,其他的minion节点只需KUBELET_HOSTNAME替换为自己的hostname即可
[root@docker2 ~]# cat /etc/kubernetes/kubelet
###
# kubernetes kubelet (minion) config
# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=0.0.0.0"
# The port for the info server to serve on
KUBELET_PORT="--port=10250"
# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname_override=docker2"
# location of the api-server
KUBELET_API_SERVER="--api_servers=http://docker1:8080"
# Add your own!
KUBELET_ARGS=""
[root@docker2 ~]# cat /etc/kubernetes/proxy
###
# kubernetes proxy config
# default config should be adequate
KUBE_ALLOW_PRIV="--allow_privileged=false"
KUBE_MASTER="--master=http://docker1:8080"
# Add your own!
KUBE_PROXY_ARGS=""
11、编写启动脚本,授权并启动
[root@docker2 ~]# cat k8s_start.sh
#!/bin/bash
#
#
for SERVICES in kube-proxy kubelet docker; do
systemctl restart $SERVICES
systemctl enable $SERVICES
systemctl status $SERVICES
done
[root@docker2 ~]# chmod +x k8s_start.sh
[root@docker2 ~]# ./k8s_start.sh
● kube-proxy.service - Kubernetes Kube-Proxy Server
Loaded: loaded (/usr/lib/systemd/system/kube-proxy.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2015-12-22 09:33:46 EST; 868ms ago
Docs: https://github.com/GoogleCloudPlatform/kubernetes
Main PID: 15558 (kube-proxy)
CGroup: /system.slice/kube-proxy.service
└─15558 /usr/bin/kube-proxy --logtostderr=true --v=0 --master=http://127.0.0.1:8080
Dec 22 09:33:46 docker2 systemd[1]: Started Kubernetes Kube-Proxy Server.
Dec 22 09:33:46 docker2 systemd[1]: Starting Kubernetes Kube-Proxy Server...
Dec 22 09:33:47 docker2 kube-proxy[15558]: E1222 09:33:47.177340 15558 api.go:180] Unable to load endpoints: Get http://127.0.0.1:8080/api/v1/endpoints: dial...on refused
Dec 22 09:33:47 docker2 kube-proxy[15558]: E1222 09:33:47.178010 15558 api.go:108] Unable to load services: Get http://127.0.0.1:8080/api/v1/services: dial t...on refused
Hint: Some lines were ellipsized, use -l to show in full.
● kubelet.service - Kubernetes Kubelet Server
Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2015-12-22 09:33:48 EST; 398ms ago
Docs: https://github.com/GoogleCloudPlatform/kubernetes
Main PID: 15603 (kubelet)
CGroup: /system.slice/kubelet.service
└─15603 /usr/bin/kubelet --logtostderr=true --v=0 --api_servers=http://docker1:8080 --address=0.0.0.0 --port=10250 --hostname_override=docker2 --allow_privile...
Dec 22 09:33:48 docker2 systemd[1]: Started Kubernetes Kubelet Server.
Dec 22 09:33:48 docker2 systemd[1]: Starting Kubernetes Kubelet Server...
Dec 22 09:33:48 docker2 kubelet[15603]: W1222 09:33:48.171739 15603 server.go:474] Could not load kubeconfig file /var/lib/kubelet/kubeconfig: stat /var/lib...th instead.
Dec 22 09:33:48 docker2 kubelet[15603]: W1222 09:33:48.171966 15603 server.go:436] Could not load kubernetes auth path /var/lib/kubelet/kubernetes_auth: sta...h defaults.
Dec 22 09:33:48 docker2 kubelet[15603]: I1222 09:33:48.172272 15603 manager.go:127] cAdvisor running in container: "/"
Dec 22 09:33:48 docker2 kubelet[15603]: I1222 09:33:48.173321 15603 fs.go:93] Filesystem partitions: map[/dev/sda3:{mountpoint:/ major:8 minor:3} /dev/sda1:...8 minor:1}]
Dec 22 09:33:48 docker2 kubelet[15603]: I1222 09:33:48.251416 15603 manager.go:156] Machine: {NumCores:2 CpuFrequency:2128000 MemoryCapacity:3975888896 Mach...pacity:5129
Dec 22 09:33:48 docker2 kubelet[15603]: I1222 09:33:48.254637 15603 manager.go:163] Version: {KernelVersion:3.10.0-327.3.1.el7.x86_64 ContainerOsVersion:Cen...ion:0.15.1}
Dec 22 09:33:48 docker2 kubelet[15603]: I1222 09:33:48.258407 15603 plugins.go:69] No cloud provider specified.
Hint: Some lines were ellipsized, use -l to show in full.
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2015-12-22 09:33:50 EST; 255ms ago
Docs: http://docs.docker.com
Main PID: 15646 (docker)
CGroup: /system.slice/docker.service
└─15646 /usr/bin/docker daemon --selinux-enabled --graph=/data/docker
Dec 22 09:33:50 docker2 docker[15646]: time="2015-12-22T09:33:50.395823077-05:00" level=info msg="Option DefaultDriver: bridge"
Dec 22 09:33:50 docker2 docker[15646]: time="2015-12-22T09:33:50.395898275-05:00" level=info msg="Option DefaultNetwork: bridge"
Dec 22 09:33:50 docker2 docker[15646]: time="2015-12-22T09:33:50.414168046-05:00" level=warning msg="Running modprobe bridge nf_nat br_netfilter failed with m...t status 1"
Dec 22 09:33:50 docker2 docker[15646]: time="2015-12-22T09:33:50.419603908-05:00" level=info msg="Firewalld running: false"
Dec 22 09:33:50 docker2 docker[15646]: time="2015-12-22T09:33:50.593291653-05:00" level=info msg="Loading containers: start."
Dec 22 09:33:50 docker2 docker[15646]: time="2015-12-22T09:33:50.593710179-05:00" level=info msg="Loading containers: done."
Dec 22 09:33:50 docker2 docker[15646]: time="2015-12-22T09:33:50.593756094-05:00" level=info msg="Daemon has completed initialization"
Dec 22 09:33:50 docker2 docker[15646]: time="2015-12-22T09:33:50.593816756-05:00" level=info msg="Docker daemon" commit="a01dc02/1.8.2" execdriver=native-0.2 ...-el7.centos
Dec 22 09:33:50 docker2 systemd[1]: Started Docker Application Container Engine.
Dec 22 09:33:50 docker2 docker[15646]: time="2015-12-22T09:33:50.679168952-05:00" level=info msg="GET /version"
Hint: Some lines were ellipsized, use -l to show in full.
12、master节点验证集群状态
[root@docker1 ~]# kubectl get nodes
NAME LABELS STATUS
docker2 kubernetes.io/hostname=docker2 Ready
docker3 kubernetes.io/hostname=docker3 Ready
docker4 kubernetes.io/hostname=docker4 Ready
结果显示所有minion的状态都为Ready,至此kubernetes集群已部署完毕!
转载于:https://blog.51cto.com/quenlang/1729072