建议大家在使用自己电脑时,直接使用Minikube。
Minikube是一个易于在本地运行Kubernetes的工具,可在你的笔记本电脑上的虚拟机内轻松创建单机版 Kubernetes集群。
Minikube参考:https://github.com/kubernetes/minikube
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backupwget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
cat </etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF
安装VirtualBox依赖包
yum -y install opusfile libvpx libXt libXmu SDL
下载并安装VirtualBox
axel -n 10 https://download.virtualbox.org/virtualbox/6.0.10/VirtualBox-6.0-6.0.10_132072_el7-1.x86_64.rpmrpm -ivh VirtualBox-6.0-6.0.10_132072_el7-1.x86_64.rpm
下载并安装minikube
curl -Lo minikube http:minikube start --registry-mirror=https:
安装kubectl
启动minikube dashboard
注:启动完成后,根据安装提示信息,在本地访问。
安装目标
机器配置要求
环境准备
一共5台机器,192.168.7.49-53
配置Linux国内源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repowget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.reposed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
配置kubernetes国内源
cat </etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF
所有节点安装docker
yum install -y yum-utilsyum-config-manager yum install docker-ce docker-ce-cli containerd.io
所有节点安装kubelet、kubeadm
yum -y install kubelet kubeadm
修改操作系统默认设置
设置主机名和hosts
每台主机设置不同的主机名
hostnamectl set-hostname node-kubeadm-XXX
配置每台主机的hosts
cat > /etc/hosts <127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.7.49 node-kubeadm-49192.168.7.50 node-kubeadm-50192.168.7.51 node-kubeadm-51192.168.7.52 node-kubeadm-52192.168.7.53 node-kubeadm-53EOF
设置时区
timedatectl set-timezone Asia/Shanghai
设置时间同步
yum install chrony -ysystemctl start chronyd && systemctl enable chronyd
降低交换分区使用比例
echo "vm.swappiness=0" >> /etc/sysctl.conf && sysctl -p
关闭防火墙
systemctl disable firewalldsystemctl stop firewalld
确认关闭状态
Chain INPUT (policy ACCEPT)target prot opt source destination
Chain FORWARD (policy ACCEPT)target prot opt source destination
Chain OUTPUT (policy ACCEPT)target prot opt source destination
关闭SELinux
setenforce 0sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
检查修改结果
cat /etc/selinux/config……SELINUX=disabled……
所有节点设置Docker
cat > /etc/docker/daemon.json <{ "exec-opts": ["native.cgroupdriver=systemd"], "log-driver": "json-file", "log-opts": { "max-size": "100m" }, "registry-mirrors":["http://registry.docker-cn.com"], "storage-driver": "overlay2", "storage-opts": [ "overlay2.override_kernel_check=true" ]}EOF
mkdir -p /etc/systemd/system/docker.service.d
systemctl daemon-reloadsystemctl restart docker
所有节点修改网络配置配置
cat </etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1EOFsysctl --system
所有节点确认加载了br_netfilter模块
lsmod | grep br_netfilter
如果没有加载模块则手动加载模块
启动docker和kubelet
systemctl enable docker && systemctl start dockersystemctl enable kubelet && systemctl start kubelet
获取默认配置
kubeadm config print init-defaults > init-config.yml
init-config.yml修改点
apiVersion: kubeadm.k8s.io/v1beta2clusterName: cnovit-kubernetesimageRepository: registry.cn-hangzhou.aliyuncs.com/google_containerskind: ClusterConfigurationkubernetesVersion: v1.18networking: podSubnet: 10.32.0.0/16
下载所需镜像
kubeadm config images pull --config=init-config.yml
执行初始化
kubeadm init --config=init-config.yml
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.7.49:6443
在工作节点运行加入节点命令
kubeadm join 192.168.7.49:6443 --token x872ma.0sjrutrm5yg7pdz0 \ --discovery-token-ca-cert-hash sha256:23fc57c7a5bdde795f9ba5f8f7b8e9c6df53c80d14360d3123ae9fabdc04ec91
主节点执行检查节点加入情况
# kubectl get nodesnode-kubeadm-49 NotReady master 97s v1.18node-kubeadm-50 NotReady <none> 52s v1.18node-kubeadm-51 NotReady <none> 50s v1.18node-kubeadm-52 NotReady <none> 46s v1.18node-kubeadm-53 NotReady <none> 47s v1.18
使用Calico配置Kubernetes网络
以下配置是50节点以内的配置。还可以考虑使用Flannel。
curl https://docs.projectcalico.org/v3.8/manifests/calico.yaml -O
设置子网,和init-config.yml保持一致
sed -i -e "s?192.168.0.0/16?10.32.0.0/16?g" calico.yaml
应用修改后的配置
kubectl apply -f calico.yaml
验证所有节点都running
NAMESPACE NAME READY STATUS RESTARTS AGEkube-system calico-kube-controllers-65b8787765-srwz2 0/1 Pending 0 8skube-system calico-node-68rwc 0/1 Running 0 8skube-system calico-node-7qtzb 0/1 Running 0 8skube-system calico-node-9tnq4 0/1 Running 0 8skube-system calico-node-d78fc 0/1 Running 0 8skube-system calico-node-tqsw8 0/1 Running 0 8skube-system coredns-6967fb4995-bvpfb 0/1 Running 0 4m53skube-system coredns-6967fb4995-cbtnr 0/1 Running 0 4m53skube-system etcd-node-kubeadm-249 1/1 Running 0 4m7skube-system kube-apiserver-node-kubeadm-249 1/1 Running 0 3m54skube-system kube-controller-manager-node-kubeadm-249 1/1 Running 0 4m8skube-system kube-proxy-29wf8 1/1 Running 0 4m24skube-system kube-proxy-7f6q8 1/1 Running 0 4m27skube-system kube-proxy-7gnwj 1/1 Running 0 4m52skube-system kube-proxy-8sp2f 1/1 Running 0 4m22skube-system kube-proxy-9rwrk 1/1 Running 0 4m29skube-system kube-scheduler-node-kubeadm-249 1/1 Running 0 4m13s
下载页面管理配置文件
wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
修改镜像下载地址
kind: DeploymentapiVersion: apps/v1spec: template: spec: containers: - name: kubernetes-dashboard image: registry.cn-hangzhou.aliyuncs.com/google_containers/kubernetes-dashboard-amd64:v1.10.1
编辑镜像配置
kubectl -n kube-system edit service kubernetes-dashboard
修改 type: ClusterIP to type: NodePort并保存
kind: Servicemetadata: creationTimestamp: "2019-08-19T09:38:23Z" labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-system resourceVersion: "9852" selfLink: /api/v1/namespaces/kube-system/services/kubernetes-dashboard uid: 02e37aa9-9c31-4fd4-9af0-5980fc1190a6spec: clusterIP: 10.104.46.251 ports: - port: 443 protocol: TCP targetPort: 8443 selector: k8s-app: kubernetes-dashboard sessionAffinity: None type: NodePort
获取本地映射端口
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes-dashboard NodePort 10.104.46.251 <none> 443:31328/TCP 58s
管理页面访问地址是:https://192.168.7.49:31328
创建管理用户
创建dashboard-adminuser.yaml文件
apiVersion: v1kind: ServiceAccountmetadata: name: admin-user namespace: kube-system---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: name: admin-userroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-adminsubjects:- kind: ServiceAccount name: admin-user namespace: kube-system
创建用户
kubectl apply -f dashboard-adminuser.yaml
获取管理用户token
Name: admin-user-token-2h9vxNamespace: kube-systemLabels:Annotations: kubernetes.io/service-account.name: admin-user kubernetes.io/service-account.uid: d150666c-fc60-49d6-bbb3-84656e4497e7
Type: kubernetes.io/service-account-token
Data====ca.crt: 1025 bytesnamespace: 11 bytestoken: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL......
使用令牌登录https://192.168.7.49:31328
注:
Calico网络配置:https://docs.projectcalico.org/v3.8/getting-started/kubernetes/
管理界面安装:https://github.com/kubernetes/dashboard/wiki/Installation
单节点部署时使用NodePort配置管理界面远程访问:https://github.com/kubernetes/dashboard/wiki/Accessing-Dashboard---1.7.X-and-above
创建访问管理界面的用户:https://github.com/kubernetes/dashboard/wiki/Creating-sample-user
