Centos7 单节点上安装kubernetes-dashboard过程
在不久前已经有配置过Kubernetes的实验,但是昨天在配置Kubernetes时并安装kubernetes-dashboard就有点异常。导致摸不着头脑,感觉头脑不好使了。还是喜欢那句话:Do one thing at a time, and do it well! 同时间考虑太多事情导致没有把一件事做好。今天再次把实验跑一通,先在单节点上。
系统:Centos7.2
1、配置yum源:
cat >/etc/yum.repos.d/kubernetes.repo<<-EOF
[virt7-docker-common-release]
name=virt7-docker-common-release
baseurl=http://cbs.centos.org/repos/virt7-docker-common-release/x86_64/os/
gpgcheck=0
EOF
2、查看当前yum里的Kubernetes版本:
[root@k8s ~]# yum info kubernetes
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.cn99.com
* epel: mirror01.idc.hinet.net
* extras: mirrors.163.com
* updates: mirrors.cn99.com
Installed Packages
Name : kubernetes
Arch : x86_64
Version : 1.5.2
Release : 0.6.gitd33fd89.el7
Size : 0.0
Repo : installed
From repo : extras
Summary : Container cluster management
URL : k8s.io/kubernetes
License : ASL 2.0
Description : Container cluster management
3、安装所需要的包:
yum -y install --enablerepo=virt7-docker-common-release kubernetes etcd
4、配置文件的修改:
a)修改配置文件:/etc/sysconfig/docker
添加下面一行,使用内网仓库:
ADD_REGISTRY='--add-registry reg.docker.lc'
b)修改配置文件:/etc/kubernetes/apiserver
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" #这里把127.0.0.1改成0.0.0.0
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,Security
ContextDeny,ResourceQuota"
去掉ServiceAccount即可;
5、查看docker的版本:[上面命令并没有加入docker,但它却自动安装了]
[root@k8s ~]# docker version
Client:
Version: 1.12.6
API version: 1.24
Package version: docker-1.12.6-28.git1398f24.el7.centos.x86_64
Go version: go1.7.4
Git commit: 1398f24/1.12.6
Built: Fri May 26 17:28:18 2017
OS/Arch: linux/amd64
Cannot connect to the Docker daemon. Is the docker daemon running on this hos
6、 把服务添加到启动项,并启动服务:
for SERVICE in docker etcd kube-apiserver kube-controller-manager kube-scheduler kube-proxy kubelet; do
systemctl start $SERVICE
systemctl enable $SERVICE
done
7、验证安装成果:
当前主机上没有任何镜像,接下来我们创建一个pod实例;
[root@k8s ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
利用Nginx.yaml配置文件创建一个实例:
[root@k8s ~]# kubectl create -f Nginx.yaml
replicationcontroller "nginx-controller" created
service "nginx-service" created
等待一下。。。。再查看当前系统中的镜像时就出现两个镜像了,它都是从内网的仓库里下载的;
[root@k8s ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
reg.docker.lc/share/pod-infrastructure latest be92a7c78132 3 weeks ago 205.2 MB
reg.docker.lc/share/nginx latest 05a60462f8ba 7 months ago 181.4 MB
查看pod实例分配的Ip地址;
[root@k8s ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE
nginx-controller-4l0wf 1/1 Running 0 12m 172.17.0.2 k8s
查看Kubetnetes里的service[简写svc],可以看到指定了外网IP地址:10.0.10.10
[root@k8s ~]# kubectl get svc
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 35m
nginx-service 10.254.57.16 10.0.10.10 8000/TCP 10s
查看nginx服务的状态:
[root@k8s ~]# curl -I 10.0.10.10:8000
HTTP/1.1 200 OK
Server: nginx/1.11.5
Date: Sat, 10 Jun 2017 11:30:41 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 11 Oct 2016 15:03:01 GMT
Connection: keep-alive
ETag: "57fcff25-264"
Accept-Ranges: bytes
这样单节点的Kubernetes就已经跑起来了,接下来就是安装kubernetes-dashboard ,下载kubernetes-dashboard.yaml文件,修改一下即可;
cat >kubernetes-dashboard.yaml<<-EOF
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: kubernetes-dashboard
template:
metadata:
labels:
app: kubernetes-dashboard
# Comment the following annotation if Dashboard must not be deployed on master
annotations:
scheduler.alpha.kubernetes.io/tolerations: |
[
{
"key": "dedicated",
"operator": "Equal",
"value": "master",
"effect": "NoSchedule"
}
]
spec:
containers:
- name: kubernetes-dashboard
image: reg.docker.lc/share/kubernetes-dashboard-amd64:v1.5.1 #默认的镜像是使用google的,这里改成内网
imagePullPolicy: Always
ports:
- containerPort: 9090
protocol: TCP
args:
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
- --apiserver-host=http://10.0.10.10:8080 #注意这里是api的地址
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
---
kind: Service
apiVersion: v1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:
- port: 80
targetPort: 9090
selector:
app: kubernetes-dashboard
EOF
创建实例:
[root@k8s ~]# kubectl create -f kubernetes-dashboard.yaml
查看是否成功运行:
[root@k8s ~]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
default nginx-controller-6n19x 1/1 Running 0 9m
kube-system kubernetes-dashboard-2079301569-0qzdv 1/1 Running 0 12m
启动成功就可以打开网页看到效果啦:
如果出现错误:如Error或者ImagePullBackOff问题时就要看日志啦;
[root@k8s ~]# kubectl logs -f kubernetes-dashboard-4291928047-5x372 --namespace=kube-system
Using HTTP port: 9090
Using apiserver-host location: http://10.0.10.10.:8080
Creating API server client for http://10.0.10.10.:8080
Error while initializing connection to Kubernetes apiserver. This most likely means that the cluster is misconfigured (e.g., it has invalid apiserver certificates or service accounts configuration) or the --apiserver-host param points to a server that does not exist. Reason: Get http://10.0.10.10.:8080/version: dial tcp: lookup 10.0.10.10.: invalid domain name
Refer to the troubleshooting guide for more information: https://github.com/kubernetes/dashboard/blob/master/docs/user-guide/troubleshooting.md
这个错误真是太低级了,所以说配置要认真检查,不然会搞死自己。tcp: lookup 10.0.10.10.: invalid domain name 就是IP地址后面多了一个’.’
附上中途遇到的问题:
[root@docker-ce ~]# kubectl create -f kubernetes-dashboard.yaml
Error from server (AlreadyExists): error when creating "kubernetes-dashboard.yaml": deployments.extensions "kubernetes-dashboard" already exists
Error from server (AlreadyExists): error when creating "kubernetes-dashboard.yaml": services "kubernetes-dashboard" already exists
上面说到services kubernetes-dashboard已经存在了,但是这个在kubectl get services 是看不到的,用下边的方法,看到一个状态是异常的ImagePullBackOff;
[root@docker-ce ~]# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system kubernetes-dashboard-1007002191-m85x1 0/1 ImagePullBackOff 0 16m
所以这样也是无法删除的:
[root@docker-ce ~]# kubectl delete namespace kube-system
Error from server (Forbidden): namespaces "kube-system" is forbidden: this namespace may not be deleted
可以通过这样删除:
[root@docker-ce ~]# kubectl delete -f kubernetes-dashboard.yaml
deployment "kubernetes-dashboard" deleted
service "kubernetes-dashboard" deleted