本文介绍利用kubeadm快速部署k8s集群,以及部署k8s webui(dashboard)
准备
- 两台以上服务器(2核4G以上)
- Centos 7.6
OS配置
所有服务器配置hostname,以及添加/etc/hosts
# 修改 hostname
hostnamectl set-hostname HOSTNAME#
# 设置 hostname 解析
echo "IP(内网ip) $(hostname)" >> /etc/hosts
安装 docker / kubelet
# 在 master 节点和 所有node节点都要执行
curl -sSL https://kuboard.cn/install-script/v1.16.0/install-kubelet.sh | sh
Master安装
# 以root只在 master 节点执行
# 替换 x.x.x.x 为 master 节点实际内网 IP地址
# 替换 k8s.demo 为 您想要的 dns Name
export APISERVER_NAME=k8s.demo
export POD_SUBNET=10.100.0.1/20
echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts
curl -sSL https://kuboard.cn/install-script/v1.16.0/init-master.sh | sh
# 执行如下命令,等待所有pod为 Running 状态
watch kubectl get pod -n kube-system -o wide
# 执行如下命令,确保 master 节点为ready状态
kubectl get nodes -o wide
Node安装
# 在 master 节点执行如下命令,获取token
kubeadm token create --print-join-command
# 执行结果如下
kubeadm join k8s.apiserver.demo:6443 --token jwzbrn.vp2ycgnhok3bxp2m --discovery-token-ca-cert-hash sha256:fb5e8efced35438416e43a955781d2ce88996b952ec42af897ec3567acfe44ae
#针对所有的 node节点执行
echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts
# 替换为 master 节点上 kubeadm token create 命令的输出
kubeadm join apiserver.demo:6443 --token jwzbrn.vp2ycgnhok3bxp2m --discovery-token-ca-cert-hash sha256:fb5e8efced35438416e43a955781d2ce88996b952ec42af897ec3567acfe44ae
#在 master 节点上执行,确保所有node为ready状态
kubectl get nodes
安装 Ingress Controller
#在 master 节点上执行
kubectl apply -f https://kuboard.cn/install-script/v1.16.0/nginx-ingress.yaml
安装dashboard
#在master上执行
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml
#修改dashboard的service为nodeport,master上执行
kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard
#将type修改为NodePort
#获取访问dashboard的port,master上执行
kubectl get svc kubernetes-dashboard -n kubernetes-dashboard
#结果如
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes-dashboard NodePort 10.106.101.16 <none> 443:32115/TCP 106m
#dashboard的外部访问地址为
https://{master的外部ip}:32115
#添加dashboard的servicecount
#master上创建如下文件dashboard_sa.yaml,内容如下‘
apiVersion: v1
kind: ServiceAccount
metadata:
name: user-dashboard
namespace: kube-system
---
# ------------------- ClusterRoleBinding ------------------- #
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: user-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: user-dashboard
namespace: kube-system
#master执行如下命令,创建servicecount
kubectl apply -f dashboard_sa.yaml
#获取dashboard登录用的token
#master上执行如下命令
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep user-dashboard| awk '{print $1}')
登录dashboard
通过上面的nodeport打开dashboard地址
https://{master的外部ip}:{nodeport}
填入上见获取token登录