kubeadm是Kubernetes官方提供的用于快速安装Kubernetes集群的工具。本次使用阿里云的1台master和2台k8s-node进行操作。
1.准备环境-系统配置
1.1 三台主机hosts中添加主机名与IP对应关系:
[root@k8s-master:/root]# vim /etc/hosts
1.2关闭防火墙、selinux和swap:
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab
1.3创建/etc/sysctl.d/k8s.conf文件,配置内核参数,将桥接的IPv4流量传递到iptables的链:
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
2.所有节点安装Docker/Kubeadm/Kubelet/Kubectl
2.1安装docker(下载->安装->启动)
[root@k8s-master:/root]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
[root@k8s-node1:/root]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
[root@k8s-node2:/root]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
[root@k8s-master:/root]# yum clean all
[root@k8s-master:/root]# yum repolist
[root@k8s-master:/root]# yum install docker-ce-18.06.1.ce-3.el7
[root@k8s-node1:/root]# yum -y install docker-ce-18.06.1.ce-3.el7
[root@k8s-node2:/root]# yum -y install docker-ce-18.06.1.ce-3.el7
[root@k8s-master:/root]# systemctl enable docker && systemctl start docker
[root@k8s-node1:/root]# systemctl enable docker && systemctl start docker
[root@k8s-node2:/root]# systemctl enable docker && systemctl start docker
2.2安装Kubeadm/Kubelet/Kubectl
-添加kubernetes阿里云yum软件源
[root@k8s-master:/root]# cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name = kubernetes repo
baseurl = https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled = 1
gpgcheck = 1
repo_gpgcheck = 1
gpgkey = https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
-将kubernetes.repo文件CP至节点
[root@k8s-master:/root]# scp /etc/yum.repos.d/kubernetes.repo root@k8s-node1:/etc/yum.repos.d/
[root@k8s-master:/root]# scp /etc/yum.repos.d/kubernetes.repo root@k8s-node2:/etc/yum.repos.d/
-安装
[root@k8s-master:/root]# yum install -y kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0
[root@k8s-node1:/root]# yum install -y kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0
[root@k8s-node2:/root]# yum list kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0
注:如果要安装1.13.3版的话,指定安装yum install -y kubelet-1.13.3 kubeadm-1.13.3
kubectl-1.13.3即可 提示:假如gpgcheck报错的话(出现: Failing package is:
kubeadm-1.15.0-0.x86_64 GPG Keys are configured as:
https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg)
可以使用下面操作直接导入后再安装即可。
[root@k8s-node2:/root]# wget
https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
[root@k8s-node2:/root]# wget
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
[root@k8s-node2:/root]# rpm --import yum-key.gpg
[root@k8s-node2:/root]# rpm --import rpm-package-key.gpg
-设置开启自启动(此处不可以启动kubelet,由于还有fannel等插件未安装完成,启动会报失败)
[root@k8s-master:/root]# systemctl enable kubelet
[root@k8s-node1:/root]# systemctl enable kubelet
[root@k8s-node2:/root]# systemctl enable kubelet
3.部署kubernetes master
3.1 使用kubeadm init初始化master
[root@k8s-master:/root]# kubeadm init \
--apiserver-advertise-address=172.16.211.148 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.15.0 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16
3.2初始化完毕后,需要复制保存,用于node节点加入集群
kubeadm join 172.16.211.148:6443 --token 8fnhao.on35xe78nhdocicv
–discovery-token-ca-cert-hash sha256:c1e3af0896dbfab965da411aed37482a4a939ee3d4b6658fa378693b48747c51
[root@k8s-master:/root]# mkdir -p $HOME/.kube
[root@k8s-master:/root]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master:/root]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
-查看安装状态,由于为安装网络组件,目前状态为NotReady
[root@k8s-master:/root]# kubectl get nodes
[root@k8s-master:/root]# kubectl get pods -n kube-system
3.3部署flannel网络
[root@k8s-master:/root]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
-将quay.io/coreos/flannel:v0.11.0-amd64发送到k8s-node1和k8s-node2
[root@k8s-master:/root]# docker save quay.io/coreos/flannel:v0.11.0-amd64 > flannel.tar
[root@k8s-master:/root]# scp flannel.tar root@k8s-node1:~
[root@k8s-master:/root]# scp flannel.tar root@k8s-node2:~
[root@k8s-node1:/root]# docker load < flannel.tar
[root@k8s-node2:/root]# docker load < flannel.tar
[root@k8s-node1:/root]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
[root@k8s-node2:/root]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
3.4部署node节点(在需要加入的节点上部署)
[root@k8s-node1:/root]# kubeadm join 172.16.211.148:6443 --token 8fnhao.on35xe78nhdocicv --discovery-token-ca-cert-hash sha256:c1e3af0896dbfab965da411aed37482a4a939ee3d4b6658fa378693b48747c51
[root@k8s-node2:/root]# kubeadm join 172.16.211.148:6443 --token 8fnhao.on35xe78nhdocicv --discovery-token-ca-cert-hash sha256:c1e3af0896dbfab965da411aed37482a4a939ee3d4b6658fa378693b48747c51
3.5查看集群状态
[root@k8s-master:/root]# kubectl get nodes
4.测试kubernetes集群
4.1安装nginx来测试
[root@k8s-master:/root]# kubectl create deployment nginx --image=nginx
[root@k8s-master:/root]# kubectl expose deployment nginx --port=80 --type=NodePort
[root@k8s-master:/root]# kubectl get pod,svc -o wide
-访问效果如下:
4.2测试扩容情况(扩容到3个副本)
[root@k8s-master:/root]# kubectl scale deployment nginx --replicas=3
[root@k8s-master:/root]# kubectl get pod,svc -o wide
5.部署Dashboard
(在master节点上进行如下操作)
5.1下载Dashboard的yaml文件
wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
5.2手动编辑kubernetes-dashboard.yaml。编辑kubernetes-dashboard.yaml文件时,需要修改两处内容,首先在Dashboard Deployment部分修改Dashboard镜像下载链接,由于默认从官方社区下载,而不“科学上网”是无法下载的,因此修改为dockerhub下载地址:image: k8scn/kubernetes-dashboard-amd64 修改后内容如图:
**5.3添加端口配置。**在Dashboard Service内容加入nodePort: 30001和type: NodePort两项内容,将Dashboard访问端口映射为节点端口,以供外部访问,编辑完成后,状态如图:
5.4安装Dashboard
[root@k8s-master:/root]# kubectl apply -f kubernetes-dashboard.yaml
5.5安装完成后,检查相关服务运行状态
[root@k8s-master:/root]# kubectl create serviceaccount dashboard-admin -n kube-system
[root@k8s-master:/root]# kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
[root@k8s-master:/root]# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
-在Firefox浏览器输入Dashboard访问地址:https://172.16.211.148:30001
5.6创建service account并绑定默认cluster-admin管理员集群角色并取得令牌
[root@k8s-master:/root]# kubectl create serviceaccount dashboard-admin -n kube-system
[root@k8s-master:/root]# kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
[root@k8s-master:/root]# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
-复制输入令牌登录