Kubernetes1.15.0安装记录(国内安装法)

Kubernetes1.15.0安装记录

集群结构

节点IPCPU数量内存系统域名
主节点192.168.23.130>=2>=2GCentOS7master
从节点192.168.23.131>=2>=2GCentOS7node

基础环境配置

  1. 配置hostname和hosts文件

    主节点
    #hostnamectl set-hostname master
    从节点
    #hostnamectl set-hostname node
    
    [root@master]# cat /etc/hosts
    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    192.168.23.130 master
    192.168.23.131 node
    [root@master]# scp /etc/hosts node:/etc/hosts
    
    1. 关闭防火墙和selinux(主从均做)
    #systemctl stop firewalld
    #systemctl disable firewalld
    #sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
    
    1. 关闭swap /etc/fstab 注释swap行(主从均做)
       # vi[root@master certs]# cat /etc/fstab 
       # /etc/fstab
       # Created by anaconda on Thu Nov  9 17:12:16 2017
       /dev/mapper/centos-root /                       xfs     defaults        0 0
       UUID=072cfb34-9d1d-400a-b0a6-586769794446 /boot                   xfs     defaults        0 0
       /dev/mapper/centos-home /home                   xfs     defaults        0 0
       # /dev/mapper/centos-swap swap                    swap    defaults        0 0   
    
    1. 配置yum源(主从均做)
  • 新建docker-ce.repo,添加

    [docker-ce-stable]
    name=Docker CE Stable - $basearch
    baseurl=https://download.docker.com/linux/centos/7/$basearch/stable
    enabled=1
    gpgcheck=1
    gpgkey=https://download.docker.com/linux/centos/gpg
    
  • 新建k8s.repo,添加

    [k8s]
    name=k8s_repo
    baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
    gpgcheck=0
    enable=1
    
  • 新建epel.repo,添加

[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch
metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
  1. 下载安装常用工具(主从均做)

    # yum install -y conntrack ipvsadm ipset jq sysstat curl  libseccomp bash-completion device-mapper-persistent-data lvm2 conntrack-tools libtool-ltdl iptables
    
  2. 时间同步(主从均做)

       # yum install chrony -y
       # systemctl enable chronyd.service && systemctl start chronyd.service
       # systemctl status chronyd
       # chronyc sources
    
  3. ssh互信(主登陆从,从登陆主类似),配置iptables

    # ssh-keygen
    # ssh-copy-id node
    # ssh node
    # echo "1" >/proc/sys/net/bridge/bridge-nf-call-iptables
    
  4. 重启机器,检查如下几点

    主从节点可以互相ping通对方域名

    主从节点互相ssh登陆可以免密码登陆

    主从节点时间一致,selinux均已关闭

docker 安装(主从均做)

  1. 安装docker

    # yum install -y container-selinux docker-ce
    
  2. 配置加速器

    [root@master ~]# cat /etc/docker/daemon.json 
    {
            "registry-mirrors":["https://q2hy3fzi.mirror.aliyuncs.com/"],
            "graph":"/tol/docker-data"
    }
  1. 启动docker
# systemctl enable docker
# systemctl start docker

安装kubernetes相关工具

  1. 安装kubelet kubeadm kubectl,其中kubectl是客户端工具,node节点可以安装
# yum  install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
  1. 镜像下载
  • 由于所需镜像均在谷歌网站,国内无法直接下载,需要通过阿里云下载镜像后重新打标为谷歌标签,首先可以查看所需镜像
[root@master ~]# kubeadm config images list
   W0826 18:11:25.314033   12426 version.go:98] could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable-1.txt": Get https://dl.k8s.io/release/stable-1.txt: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
   W0826 18:11:25.314204   12426 version.go:99] falling back to the local client version: v1.15.3
   k8s.gcr.io/kube-apiserver:v1.15.3
   k8s.gcr.io/kube-controller-manager:v1.15.3
   k8s.gcr.io/kube-scheduler:v1.15.3
   k8s.gcr.io/kube-proxy:v1.15.3
   k8s.gcr.io/pause:3.1
   k8s.gcr.io/etcd:3.3.10
   k8s.gcr.io/coredns:1.3.1
  • 生成配置应答文件

    # kubeadm config print init-defaults > kubeadm.conf
    
  • 执行命令后,在当前目录下将生成kubeadm.conf文件,修改其中的imageRepository选项,将其值修改为registry.aliyuncs.com/google_containers,即:

    imageRepository: registry.aliyuncs.com/google_containers
    
  • 根据配置文件下载镜像

    # kubeadm config images pull --config kubeadm.conf
    
  • 等待镜像下载至本地,正常情况下,kubeadm config images list命令下的镜像均会下载下来,如果有镜像未下载,只需重复运行上面命令即可

  • 重新对镜像打标,将阿里云标签换成谷歌的标签

    # docker tag registry.aliyuncs.com/google_containers/kube-proxy:v1.15.0 k8s.gcr.io/kube-proxy:v1.15.0
    
    # docker tag registry.aliyuncs.com/google_containers/kube-apiserver:v1.15.0 k8s.gcr.io/kube-apiserver:v1.15.0
    
    # docker tag registry.aliyuncs.com/google_containers/kube-controller-manager:v1.15.0 k8s.gcr.io/kube-controller-manager:v1.15.0
    
    # docker tag registry.aliyuncs.com/google_containers/kube-scheduler:v1.15.0 k8s.gcr.io/kube-scheduler:v1.15.0
    
    # docker tag registry.aliyuncs.com/google_containers/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
    
    # docker tag registry.aliyuncs.com/google_containers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10
    
    # docker tag registry.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1
    
  • 移除原下载的阿里镜像

    # docker rmi registry.aliyuncs.com/google_containers/kube-proxy:v1.15.0
    
    # docker rmi registry.aliyuncs.com/google_containers/kube-apiserver:v1.15.0
    
    # docker rmi registry.aliyuncs.com/google_containers/kube-controller-manager:v1.15.0
    
    # docker rmi registry.aliyuncs.com/google_containers/kube-scheduler 
    
    # docker rmi registry.aliyuncs.com/google_containers/kube-scheduler:v1.15.0 
    
    # docker rmi registry.aliyuncs.com/google_containers/coredns:1.3.1 
    
    # docker rmi registry.aliyuncs.com/google_containers/etcd:3.3.10
    

部署master节点

  1. 初始化master节点
#  kubeadm init --kubernetes-version=v1.15.0 --pod-network-cidr=172.22.0.0/16 --apiserver-advertise-address=192.168.23.130
  • 如果一切正常,将会显示安装成功信息,最后并会给出node节点加入的命令
    kubeadm join 192.168.23.130:6443 --token nzay3v.g2915ugobo8bq08o \
     --discovery-token-ca-cert-hash sha256:bfa0a4aa2869324df83069cc4bf3d37042c9fadc936ae5dd1f1d2e5d0b9bac38
    
  • 正常情况下,在目录下也会生成如下文件
    # ls /etc/kubernetes/
    

admin.conf certs controller-manager.conf kubelet.conf manifests pki scheduler.conf

15. 配置kubectl命令
```bash
# mkdir /root/.kube
# cp /etc/kubernetes/admin.conf /root/.kube/config
  1. 验证,查看健康状态
[root@master ~]# kubectl get cs
NAME                 STATUS    MESSAGE             ERROR
controller-manager   Healthy   ok                  
scheduler            Healthy   ok                  
etcd-0               Healthy   {"health":"true"} 

安装flannel网络模块并添加node节点

  1. 进入Github flannel官网,其帮助信息中有安装命令,该命令指向一个网页文件,可能经常变动,需以官网最新命令为准
# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
  1. 添加node节点,添加前检查node节点docker和kubelet是否安装和启动
  • 在node节点上执行master节点初始化时生成的添加节点命令
# kubeadm join 192.168.23.130:6443 --token nzay3v.g2915ugobo8bq08o --discovery-token-ca-cert-hash sha256:bfa0a4aa2869324df83069cc4bf3d37042c9fadc936ae5dd1f1d2e5d0b9bac38
  • 正常情况下,node节点将自动下载kube-proxy、pause和flannel镜像,由于国内原因,kube-proxy和pause不能被自动下载,需要如master节点一样手动下载后并修改标签。
docker pull registry.aliyuncs.com/google_containers/pause:3.1
docker pull registry.aliyuncs.com/google_containers/kube-proxy:v1.15.0

docker tag registry.aliyuncs.com/google_containers/kube-proxy:v1.15.0 k8s.gcr.io/kube-proxy:v1.15.0
docker tag registry.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1

docker rmi registry.aliyuncs.com/google_containers/kube-proxy:v1.15.0
docker rmi registry.aliyuncs.com/google_containers/pause:3.1
  • 期间需要较长时间等待,如果flannel镜像也难下载下来,也可以在node节点上手动下载flannel镜像
 docker pull quay.io/coreos/flannel:v0.11.0-amd64
  • node节点下载完必备镜像后,可以在master节点上查看其状态,如果master和node都处于ready状态,表示服务安装正确
[root@master ~]# kubectl get node
NAME     STATUS   ROLES    AGE   VERSION
master   Ready    master   19h   v1.15.3
node     Ready    <none>   18h   v1.15.3

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值