k8s环境部署
1.主机master节点部署
1.修改主机名
hostnamectl set-hostname k8s01
2.关闭防火墙与selinux
关闭防火墙与selinux
systemctl stop firewalld && systemctl disable firewalld
setenforce 0
vim /etc/selinux/config
selinux=disabled
禁用swap,同时修改fstab
swapoff -a
vim /etc/fstab(将swap行注释掉)
时区设置&时间同步
timedatectl set-timezone Asia/Shanghai
yum -y install ntpdate
ntpdate cn.pool.ntp.org
3.提前处理路由问题
cat > /etc/sysctl.d/k8s.conf << EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness=0
EOF
sysctl --system
4.安装docker-ce
yum -y install yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum -y install docker-ce-18.06.1.ce
systemctl enable docker.service && systemctl start docker.service
docker --version 注意这里的版本号不能是19,会导致版本与k8s不兼容
5.安装 kubelet kubeadm kubectl
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
EOF
rpm -import https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
yum install -y kubelet-1.12.1
yum install -y kubectl-1.12.1
yum install -y kubeadm-1.12.1
systemctl enable kubelet docker && systemctl start kubelet docker
6.下载k8s相关组件的docker镜像
cat > pull_k8s_images.sh <<EOF
#!/bin/bash
images=(kube-proxy:v1.12.1 kube-scheduler:v1.12.1 kube-controller-manager:v1.12.1
kube-apiserver:v1.12.1
etcd:3.2.24 coredns:1.2.2 pause:3.1 )
for imageName in ${images[@]} ; do
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName}
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName} k8s.gcr.io/$imageName
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName}
这是实测可用的国内镜像,原地址镜像被墙无法下载。
7.使用kubeadm工具部署kubernetes集群master节点
kubeadm init --kubernetes-version=v1.12.1
这里要记录下token
配置kubectl与apiserver的认证
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
8.部署网络插件
如果没有网络插件,k8s的dns的pod将一直在pending无法运行
weave插件
kubectl apply -f https://git.io/weave-kube-1.6
(可是我部署的时候一直不成功,最后pod状态好像是imagepullbackoff)所以换用flannel
flannel插件
删除原来的weave
rm -rf /etc/cni/net.d/*
kubectl delete -f https://git.io/weave-kube-1.6
下载并应用
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
编辑yaml
vi /etc/kubernetes/manifests/kube-controller-manager.yaml
添加
- --allocate-node-cidrs=true
- --cluster-cidr=10.244.0.0/16
重启并等待pod创建
systemctl restart kubelet
node节点部署
1.编辑yaml文件
#!/bin/bash
#pre config
swapoff -a
systemctl stop firewalld && systemctl disable firewalld
setenforce 0
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness=0
EOF
sysctl --system
#install docker-ce
yum -y install yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum -y install docker-ce-18.06.1.ce
/bin/systemctl start docker.service
# install kubeadm
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
EOF
wget https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
rpm -import rpm-package-key.gpg
yum install -y kubelet-1.12.1
yum install -y kubectl-1.12.1
yum install -y kubeadm-1.12.1
# install kube-proxy and pause
images=(kube-proxy:v1.12.1 pause:3.1 )
for imageName in ${images[@]} ; do
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
done
2.加入节点
kubeadm join 192.168.134.131:6443 --token 4x96f4.m5rdurewyh70w6s1 --discovery-token-ca-cert-hash sha256:eb74bba0bd60ee40f1f135f2435c66784d21877127c5bb8a7015f685737a2b41
echo export KUBECONFIG=/etc/kubernetes/kubelet.conf >> ~/.bashrc
source ~/.bashrc