CentOS7 部署 Kubernetes 流程

机器配置

节点	IP	配置
k8s-master	192.168.17.129	CPU x 2, 内存 2G, CentOS Linux release 7.7.1908 (Core)
k8s-node1	192.168.17.130	CPU x 1, 内存 2G, CentOS Linux release 7.7.1908 (Core)
k8s-node2	192.168.17.131	CPU x 1, 内存 2G, CentOS Linux release 7.7.1908 (Core)

部署过程

设置 Hostname

• k8s-master: hostnamectl set-hostname k8s-master
• k8s-node1: hostnamectl set-hostname k8s-node1
• k8s-node2: hostnamectl set-hostname k8s-node2

k8s-master, k8s-node1, k8s-node2 共同操作

# 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld

# 关闭 SELINUX
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config

# 设置 host
cat >> /etc/hosts <<EOF
192.168.17.129 k8s-master
192.168.17.130 k8s-node1
192.168.17.130 k8s-node1
EOF

ping k8s-master
ping k8s-node1
ping k8s-node2

# 关闭 Swap 分区
swapoff -a
free
# vim /etc/fstab # 注释掉 swap 的开机挂载

# 设置 iptables 规则
cat >> /etc/sysctl.d/k8s.conf <EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1 # 或手动改 /proc/sys/net/ipv4/ip_forward
EOF
sysctl --system

# 设置国内源
cd /etc/yum.repos.d/
mkdir bak

wget -O  CentOS-Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo
wget -O epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

cat > kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum clean all
yum makecache fast

# 安装并启动 Docker 
yum list docker-ce.x86_64 --showduplicates
yum install -y docker-ce-18.06.3.ce-3.el7

systemctl start docker
systemctl enable docker
docker -v

# 将 cgroup driver 为 systemd
vim /etc/docker/daemon.json
# 添加 exec-opts
# {
#  "exec-opts": ["native.cgroupdriver=systemd"]
# }
systemctl daemon-reload
systemctl restart docker
docker info | grep Cgroup # Cgroup Driver: systemd

# 安装 k8s 组件（k8s-node1, k8s-node2 可以不安装 kubeadm）
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet

k8s-master 操作

# 初始化集群
kubeadm config print init-defaults ClusterConfiguration > kubeadm.yaml
vim kubeadm.yaml
# 修改 imageRepository：k8s.gcr.io 为 imageRepository: registry.aliyuncs.com/google_containers
# 配置 master IP advertiseAddress: 192.168.17.129
# 配置子网网络
# networking:
#   dnsDomain: cluster.local
#   podSubnet: 10.244.0.0/16
#   serviceSubnet: 10.96.0.0/12
kubeadm init --config kubeadm.yaml --ignore-preflight-errors=Swap
# 得到 kubeadm join 192.168.17.129:6443 --token abcdef.0123456789abcdef --discovery-token-ca-cert-hash sha256:c0b6980f8a283ed5b002b6c29d0c701a8c09765b44013064e720c1703e4be11c
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

# 部署 flannel 组件
curl -O https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
sed -i 's/quay.io\/coreos\/flannel/quay-mirror.qiniu.com\/coreos\/flannel/g' kube-flannel.yml
kubectl apply -f  kube-flannel.yml

# 查看状态
kubectl get nodes
kubectl get cs
kubectl get pods -n kube-system -o wide

# 分发 k8s 配置
scp /etc/kubernetes/admin.conf root@k8s-node1:/etc/kubernetes/
scp /etc/kubernetes/admin.conf root@k8s-node2:/etc/kubernetes/

k8s-node1, k8s-node2 操作

# 加入集群
kubeadm join 192.168.17.129:6443 --token abcdef.0123456789abcdef --discovery-token-ca-cert-hash sha256:c0b6980f8a283ed5b002b6c29d0c701a8c09765b44013064e720c1703e4be11c

# 查看状态
echo 'export KUBECONFIG=/etc/kubernetes/admin.conf' >> ~/.bash_profile
source ~/.bash_profile

kubectl get nodes
kubectl get pods -n kube-system -o wide

k8s-master 安装 WebUI

# 安装 Web UI
wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.0/src/deploy/recommended/kubernetes-dashboard.yaml

sed -i 's/apps\/v1beta2/apps\/v1' kubernetes-dashboard.yaml
sed -i 's/registry.cn-qingdao.aliyuncs.com\/wangxiaoke\/kubernetes-dashboard-amd64/k8s.gcr.io\/kubernetes-dashboard-amd64/g' kubernetes-dashboard.yaml
sed -i '/targetPort:/a\ \ \ \ \ \ nodePort: 30001\n\ \ type: NodePort' kubernetes-dashboard.yaml

kubectl create -f ./kubernetes-dashboard.yaml
kubectl get deployment kubernetes-dashboard -n kube-system
netstat -lnput | grep 30001

# 生成令牌
kubectl create serviceaccount dashboard-admin -n kube-system
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
# 得到 token: ....

# 火狐浏览器访问：https://192.168.17.129:30001
# 复制上述 token

部署 nginx

命令行方式

kubectl create deployment nginx1 --image=hub.c.163.com/library/nginx
kubectl expose deployment nginx1 --port=80 --type=NodePort
kubectl get pod,svc
# 查看到 nginx 映射到的端口 31042
# 浏览器访问 http://192.168.201.113:31042
# 在 dashboard 多了一个节点

yaml 方式

cat > nginx-deployment.yaml <<EOF
apiVersion: apps/v1
kind: Deployment
metadata:
  name: test-nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      name: test-nginx
  template:
    metadata:
      labels:
        name: test-nginx
    spec:
      containers:
        - name: test-nginx
          image: hub.c.163.com/library/nginx
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: test-nginx-service-nodeport
spec:
  ports:
    - port: 80
      targetPort: 80
      protocol: TCP
  type: NodePort
  selector:
    name: test-nginx
EOF

kubectl create -f ./nginx-deployment.yaml
kubectl get svc
# 看到映射至 31723 端口
# 浏览器访问 192.168.17.131:31723

参考

• 部署流程：https://blog.csdn.net/weixin_30716141/article/details/99296182
• nginx yaml 文件：https://www.cnblogs.com/aguncn/p/10904902.html
• kubernetes-dashboard 源：http://www.mamicode.com/info-detail-2502611.html
• dashboard 部署：
  • https://www.cnblogs.com/dingbin/p/9801013.html
  • https://www.jianshu.com/p/32140ca6a20f
  • http://www.mamicode.com/info-detail-2825523.html