# kubeadm on CentOS with Proxy >[参考](https://kubernetes.io/docs/setup/independent/install-kubeadm/) #### 环境 192.168.137.200 master.example.com 192.168.137.201 node1.example.com 192.168.137.202 node2.example.com Kubeadm: 1.10.0 CentOS: 7.4 docker: 1.12.6 *防火墙、SELinix已经关闭* *三台机器免密登录*--未验证 #### 前期准备 1. 设置域名 ``` echo master.example.com > /etc/hostname cat <<EOF >> /etc/hosts 192.168.137.200 master.example.com master 192.168.137.201 node1.example.com node1 192.168.137.202 node2.example.com node2 EOF ``` 2. 关闭交换区 `swapoff -a` 注释掉 /etc/fstab 有关 swap 的行 ***最好重启一下 `init 6`*** 3. 安装 docker ``` yum install -y docker #设置 docker 代理 mkdir -p /etc/systemd/system/docker.service.d cat << EOF > /etc/systemd/system/docker.service.d/http-proxy.conf [Service] Environment="HTTP_PROXY=http://192.168.137.1:1080" "HTTPS_PROXY=http://192.168.137.1:1080" "NO_PROXY=localhost,127.0.0.1,192.168.*,10.*" EOF #启动 systemctl daemon-reload systemctl enable docker systemctl start docker #提前下载镜像,防止网络不稳定造成超时 docker pull k8s.gcr.io/kube-apiserver-amd64:v1.10.1 docker pull k8s.gcr.io/kube-controller-manager-amd64:v1.10.1 docker pull k8s.gcr.io/kube-scheduler-amd64:v1.10.1 docker pull k8s.gcr.io/etcd-amd64:3.1.12 ``` 4. 安装 kubeadm ``` #添加源 cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg EOF #设置系统代理 export http_proxy=http://192.168.137.1:1080 export https_proxy=http://192.168.137.1:1080 export no_proxy=localhost,127.0.0.1,192.168.*,10.* #貌似不起作用,后面要手动停止代理 #安装 yum install -y kubeadm systemctl enable kubelet && systemctl start kubelet ``` 5. 初始化 kubeadm 5.1. 第一次运行获得安装版本号 `kubeadm init --pod-network-cidr=10.244.0.0/16` 当出现 *This might take a minute or longer if the control plane images have to be pulled.* 的时候,按 ctrl+c 停止 5.2 再次安装 ``` #解除系统代理 unset http_proxy unset https_proxy #清理 kubeadm reset #重新运行 kubeadm init --pod-network-cidr=10.244.0.0/16 ==============以下为成功后的输出========================= Your Kubernetes master has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ You can now join any number of machines by running the following on each node as root: kubeadm join 192.168.137.200:6443 --token mj3yfn.ryok9n4uu4kprz0p --discovery-token-ca-cert-hash sha256:241143642df84c46d7208cef1d451a20dad4d1a242cfd2f756e5cb38d197c1c9 ``` 5.3 配置 ``` export KUBECONFIG=/etc/kubernetes/admin.conf mkdir -p $HOME/.kube cp -i /etc/kubernetes/admin.conf $HOME/.kube/config chown $(id -u):$(id -g) $HOME/.kube/config ``` 6. 安装 flannel ``` kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.9.1/Documentation/kube-flannel.yml #查看所有 pod kubectl get pods --all-namespaces ``` 7. 单节点设置 默认 master 节点不能部署 pod, 下面指令解除该约束。 `kubectl taint nodes --all node-role.kubernetes.io/master-` 8. 子节点 8.1 在子节点上执行1 ~ 4 步骤(docker 的镜像不需要下载) 8.2 加入主节点 ``` #解除系统代理 unset http_proxy unset https_proxy #加入主节点,该指令是 master 安装完成后输出的。 kubeadm join 192.168.137.200:6443 --token mj3yfn.ryok9n4uu4kprz0p --discovery-token-ca-cert-hash sha256:241143642df84c46d7208cef1d451a20dad4d1a242cfd2f756e5cb38d197c1c9 #验证 ***在主节***上执行 kubectl get nodes ``` 9. 在其它机器上管理集群 ``` #将配置文件复制到本地 scp root@master:/etc/kubernetes/admin.conf . kubectl --kubeconfig ./admin.conf get nodes ``` 10. 运维 10.1 安装[Dashboard](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/) `kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml` 10.2 访问 ``` #将master地址代理到本机 kubectl proxy http://127.0.0.1:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/ #查看系统用户 kubectl -n kube-system get secret #查看token kubectl -n kube-system describe secret replicaset-controller-token-n6xqb ```
kubeadm on CentOS with Proxy
最新推荐文章于 2024-07-25 18:43:41 发布