kubernetes及Dashboard实战配置

Posted SUN_DRAGON

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了kubernetes及Dashboard实战配置相关的知识,希望对你有一定的参考价值。

kubernetes及Dashboard配置

本文在两台部署Centos7上部署kubernetes框架以及Dashboard的配置。

  • Master的IP192.169.31.159
  • Node的IP192.168.31.196

安装必备程序

1.Master上的操作
Master需要安装:docker、 kubernetes-master、etcd、flannel

yum install -y docker
yum install -y kubernetes-master etcd flannel

2.Node上的操作
Node需要安装:docker、kubernetes-node、flannel

yum install -y docker
yum install -y kubernetes-node flannel

部署docker仓库

由于在安装Dashboard过程中没有办法下载两个镜像:kubernetes-dashboard和registry.access.redhat.com/rhel7/pod-infrastructure密码:lbyp。所以,事先下载了这两个资源,然后导入镜像,并上传到仓库,以供部署时pull。

  • 部署仓库
docker pull registry
docker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry registry  #指定端口和挂载目录
  • 上传镜像
docker load < dashboard.tar
docker load < podinfrastructure.tar
docker tag gcr.io/google_containers/kubernetes-dashboard-amd64:v1.7.1 192.168.31.159:5000/google_containers/kubernetes-dashboard-amd64:latest
docker tag registry.access.redhat.com/rhel7/pod-infrastructure:latest 192.168.31.159:5000/rhel7/pod-infrastructure:latest
docker push 192.168.31.159:5000/google_containers/kubernetes-dashboard-amd64:latest
docker push 192.168.31.159:5000/rhel7/pod-infrastructure:latest

  • 在node上配置docker见下一节

  • 在node(192.168.31.196)上尝试拉取镜像

docker pull 192.168.31.159:5000/google_containers/kubernetes-dashboard-amd64:latest
docker pull 192.168.31.159:5000/rhel7/pod-infrastructure:latest

配置

  • Docker配置
 #vim /etc/sysconfig/docker
 OPTIONS='--insecure-registry 192.168.31.159:5000'
if [ -z "$DOCKER_CERT_PATH" ]; then
    DOCKER_CERT_PATH=/etc/docker
fi

可以通过pull尝试拉取,以验证配置是否正确。

  • Master, etcd配置
#vim /etc/etcd/etcd.conf
ETCD_NAME=default
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.31.159:2379"
  • Master, flannel配置
#vim /etc/sysconfig/flanneld
# Flanneld configuration options  

# etcd url location.  Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://192.168.31.159:2379"#etcd地址

# etcd config key.  This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/kube/network"

# Any additional options that you want to pass
FLANNEL_OPTIONS="-iface=enp3s0"#指定可以连同node的网络
  • Master, kubernetes配置
# vim /etc/kubernetes/apiserver
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"#0000其他地址可以访问

# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"#指定访问端口

# Port minions listen on
# KUBELET_PORT="--kubelet-port=10250"#kubelet端口,默认即可

# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.31.159:2379"#etcd地址,这里配置在master上

# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=172.17.0.0/16"#服务直接所分配的ip(docker)

# default admission control policies
# ServiceAccount
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

# Add your own!
KUBE_API_ARGS=""

#vim /etc/kubernetes/config
KUBE_LOGTOSTDERR="--logtostderr=true"

# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"

# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"

# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://192.168.31.159:8080"
  • Node, Kubernetes配置
# vim /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0"

# The port for the info server to serve on
KUBELET_PORT="--port=10250"

# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=192.168.31.196"

# location of the api-server
KUBELET_API_SERVER="--api-servers=http://192.168.31.159:8080"

# pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure"

# Add your own!
KUBELET_ARGS=""

#vim /etc/kubernetes/config
KUBE_LOGTOSTDERR="--logtostderr=true"

# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"

# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"

# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://192.168.31.159:8080"
  • Node, flannel配置
#vim  vim /etc/sysconfig/flanneld 
FLANNEL_ETCD_ENDPOINTS="http://192.168.31.159:2379"

# etcd config key.  This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/kube/network"

# Any additional options that you want to pass
FLANNEL_OPTIONS="-iface=eno1"

启动并验证

# master
systemctl start docker
systemctl start etcd
systemctl start flanneld
systemctl start kube-apiserver
systemctl start kube-controller-manager
systemctl start kube-scheduler
#node
systemctl start docker
systemctl start flanneld
systemctl start kube-proxy
systemctl start kubelet

http://192.168.31.159:8080 查看所有请求url
http://192.168.31.159:8080/healthz/ping 查看健康状况

部署Dashboard

下载kube-dashboard.yaml
kubectl create -f kube-dashboard.yaml

遇到的问题

  • 注意服务的启动顺序,特别是master,在确保etcd启动的情况下,先启动apiserver
  • 注意yaml文件的格式缩进
  • 如果发现访问出现timed out,可能是因为防火墙等未关闭.
# systemctl stop firewalld && systemctl disable firewalld
# setenforce 0
# vim /etc/selinux/config
SELINUX=disabled
  • 我在部署Dashboard时,无法创建kubernetes-dashboard,说是已经存在。刚开始只是简单的删除pods,发现过一会儿又重新creating。这是因为在pods之上还有deployment, service, replicas…等资源,需要将他们delete之后,才可创建新的dashboard.

参考:

http://www.jb51.net/article/94343.htm
http://blog.csdn.net/u010397369/article/details/42422243
https://www.kubernetes.org.cn/3096.html

以上是关于kubernetes及Dashboard实战配置的主要内容,如果未能解决你的问题,请参考以下文章

Kubernetes实战总结 - dashboard部署(v2.0.0-rc6)

每天5分钟玩转Kubernetes | Dashboard配置登录权限

kubernetes搭建dashboard

k8s dashboard安装部署实战详细手册

k8s dashboard安装部署实战详细手册

kubernates dashboard管理界面安装及管理员用户配置