准备工作
首先准备Kubernets的环境,使用的是centos7.5
关闭防火墙:
# systemctl disable firewalld
# systemctl stop firewalld
安装etcd和kubernetes(会自动安装Docker软件)
由于centos mini版本没有ifconfig和netstat的命令。所以安装了net-tools的工具
# yum -y install net-tools
#yum install -g etcd kubernetes
k8s、etcd和Docker软件版本查询
---------k8s信息查询-------
默认安装完成以后,看了一下k8s的版本,是v1.5.2# kubectl --version
Kubernetes v1.5.2[root@spareribs~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"269f928217957e7126dc87e6adfa82242bfe5b1e", GitTreeState:"clean", BuildDate:"2017-07-03T15:31:10Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"269f928217957e7126dc87e6adfa82242bfe5b1e", GitTreeState:"clean", BuildDate:"2017-07-03T15:31:10Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}--------docker信息查询--------# docker version
Client:
Version:1.12.6API version:1.24Package version: docker-1.12.6-32.git88a4867.el7.centos.x86_64
Go version: go1.7.4Git commit: 88a4867/1.12.6Built: Mon Jul3 16:02:02 2017OS/Arch: linux/amd64
Server:
Version:1.12.6API version:1.24Package version: docker-1.12.6-32.git88a4867.el7.centos.x86_64
Go version: go1.7.4Git commit: 88a4867/1.12.6Built: Mon Jul3 16:02:02 2017OS/Arch: linux/amd64------etcd信息查询-------# etcdctl --version
etcdctl version:3.1.9API version:2
修改配置文件
修改Docker的OPTIONS配置
#vi /etc/sysconfig/docker
# OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'OPTIONS='--selinux-enabled=false --insecure-registry gcr.io'修改k8s APIserver的配置文件
#vi /etc/kubernetes/apiserver
# KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
注:不修改后期创建rc与pod的时候会出现pod无法创建但是rc能创建
生成rhsm证书文件
# wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
# rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem
注:创建容器时需要从redhat站点下载pod-infrastructure:latest镜像,如果没有此证书文件会报错,Pod会一直显示ContainerCreating状态。
配置docker阿里云镜像加速
cat > /etc/docker/daemon.json <
{"registry-mirrors": ["https://registry.docker-cn.com"]
}