k8s ui 鏈嶅姟鎼缓

Posted 2020-12-28

鏍囩锛?a href='http://www.mamicode.com/so/1/structure' title='structure'>structure   Fix   trying   鍚姩鑴氭湰   缂栬緫   鍘熸潵   Docker CE   notify   trie   

涓€銆佺幆澧冮厤缃?/p>

master 172.16.101.199 docker,apiserver, controller-manager, scheduler
etcd 172.16.101.199 etcd
node1 172.16.101.221 flannel, docker, kubelet, kube-proxy
node2 172.16.101.221 flannel, docker, kubelet, kube-proxy

1/璁剧疆hosts鏂囦欢
172.16.101.199 master
172.16.101.199 etcd
172.16.101.220 node1
172.16.101.221 node2

2銆佸熀纭€璁剧疆
2銆? 鍏抽棴闃茬伀澧?br/>2銆? 鍏抽棴selinux
2銆? 璁剧疆hosts
2.4 鍚敤iPv4杞彂
CentOS7 涓嬪彲缂栬緫閰嶇疆鏂囦欢/etc/sysctl.conf

net.ipv4.ip_forward = 1

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

鎵цsudo sysctl -p 绔嬪埢鐢熸晥銆?br/>2.5 绂佺敤SWAP锛?br/>姘镐箙绂佺敤swap鍙互鐩存帴淇敼/etc/fstab鏂囦欢锛屾敞閲婃帀swap椤?br/>2.6 鍏嶇閽ョ櫥褰?/p>

2銆乵aster锛?/p>

锛?锛夈€佸畨瑁卍ocker

CentOS7

瀹夎渚濊禆鍖?/h1>

yum install -y yum-utils device-mapper-persistent-data lvm2

娣诲姞Docker杞欢鍖呮簮

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

鏇存柊yum鍖呯储寮?/h1>

yum makecache fast

瀹夎Docker CE

yum install docker-ce -y

鍚姩

systemctl start docker
systemctl enable docker

鍗歌浇鏂规硶涓€

yum remove docker-ce
rm -rf /var/lib/docker

#鍗歌浇docker鏂规硶浜岋細
yum list installed | grep docker
鍒犻櫎瀹夎鍖?br/>sudo yum -y remove docker-engine.x86_64

锛?锛夊畨瑁卥ubernets.flannel.etcd
yum install kubernetes-master etcd flannel-y
锛?锛夐厤缃甧tcd
cat /etc/etcd/etcd.conf |egrep -v "^#|^$"

ETCD_NAME=default
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" ## 鐩戝惉鍦板潃绔彛
ETCD_ADVERTISE_CLIENT_URLS="http://etcd:2379" ## etcd闆嗙兢閰嶇疆;澶氫釜etcd鏈嶅姟鍣?鐩存帴鍦ㄥ悗闈㈠姞url

##鍚姩etcd鏈嶅姟

systemctl start etcd

锛?锛夐厤缃甼ubernetes

cat /etc/kubernetes/kubernetes.conf

KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" ## kube鍚姩鏃剁粦瀹氱殑鍦板潃
KUBE_ETCD_SERVERS="--etcd-servers=http://etcd:2379" ## kube璋冪敤etcd鐨剈rl
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=172.17.0.0/16" ## 姝ゅ湴鍧€鏄痙ocker瀹瑰櫒鐨勫湴鍧€娈?br/>KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
KUBE_API_ARGS=""

cat config |egrep -v "^#|^$"

KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://172.16.101.199:8080" ## kube master api url
锛?锛夐厤缃甪lanned
#cat /etc/sysconfig/flanneld

FLANNEL_ETCD_ENDPOINTS="http://etcd:2379"
FLANNEL_ETCD_PREFIX="/kube/network" 娉ㄦ剰锛歬ube

鐗瑰埆娉ㄦ剰椤癸細杩欐潯閫夐」寰堥噸瑕?/h2>

etcdctl mk /kube/network/config 鈥榹"Network":"172.17.0.0/16"}鈥?## 娉ㄦ剰姝ゅ鐨刬p鍜屼笂鏂囦腑鍑虹幇鐨刬p鍦板潃淇濇寔涓€鑷?

鎶ラ敊闂锛?br/>E0808 11:09:44.387201 10537 network.go:102] failed to retrieve network config: 100: Key not found (/kube) [3]

3銆乶ode1-2 瀹夎

1). 瀹夎杞欢鍖?

yum install kubernetes-node flannel -y #榛樿瀹夎docker-1.13.1鐗堟湰锛屽叾闇€瑕佸惎鍔╠ocker灏卞彲浠ヤ簡

systemctl enable docker
systemctl start docker
docker version
2锛夐厤缃甪lannel

#cat /etc/sysconfig/flanneld

FLANNEL_ETCD_ENDPOINTS="http://etcd:2379"
FLANNEL_ETCD_PREFIX="/kube/network" 娉ㄦ剰锛歬ube

systemctl start flanneld

3锛夐厤缃甼ubelet

cd /etc/kubernetes

cat config |egrep -v "^#|^$"

KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://172.16.101.199:8080" ## kube master api url

cat kubelet |egrep -v "^#|^$"

KUBELET_ADDRESS="--address=0.0.0.0" ## kubelet 鍚姩鍚庣粦瀹氱殑鍦板潃
KUBELET_PORT="--port=10250" ## kubelet 绔彛
KUBELET_HOSTNAME="--hostname-override=172.16.101.220" ##kubelet鐨刪ostname,鍦╩aster鎵цkubectl get nodes鏄剧ず鐨勫悕瀛?br/>KUBELET_API_SERVER="--api-servers=http://172.16.101.199:8080" ## kube master api url
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
KUBELET_ARGS=""

4銆佸惎鍔ㄩ『搴?/h2>

master锛?br/>systemctl start docker #鍚姩
systemctl status docker #妫€娴?br/>systemctl start etcd
systemctl status etcd
systemctl start flanneld
systemctl status flanneld
鏌ョ湅ip,浼氬嚭鐜癴lannel0鐨勭綉缁滄帴鍙ｈ澶?璇ュ湴鍧€鍜宒ocker0鍦板潃鏄竴鑷寸殑,濡傛灉涓嶄竴鑷磋纭浠ヤ笂鏈嶅姟鏄惁姝ｅ父鍚姩

鍚姩椤哄簭:kube-apiserver灞呴.
systemctl start kube-apiserver
systemctl start kube-controller-manager
systemctl start kube-scheduler

node锛?br/>systemctl start docker.service
systemctl start kube-proxy
systemctl start kubelet

5銆佹娴嬮厤缃纭€?br/>璁块棶http://kube-apiserver:port
http://172.16.101.199:8080 鏌ョ湅鎵€鏈夎姹倁rl
http://172.16.101.199:8080/healthz/ping 鏌ョ湅鍋ュ悍鐘跺喌

6銆佸紑鍚痥8s dashboard:

master锛?/p>

1). 鍦╩aster涓婇獙璇佹湇鍔?

kubectl get nodes ## 鑾峰彇k8s瀹㈡埛绔?

NAME STATUS AGE
172.16.101.220 Ready 1h
172.16.101.221 Ready 1h

kubectl get namespace ## 鑾峰彇k8s鎵€鏈夊懡鍚嶇┖闂?/h1>

NAME STATUS AGE
default Active 1h
kube-system Active 1h

---

鏂板缓kube-dashboard.yaml

cd /usr/local/src/docker/

kubectl delete -f kubernetes-dashboard.yaml
kubectl get pods --namespace=kube-system

kubectl get pod --all-namespaces
kubectl describe pods kubernetes-dashboard-2215670400-w0j11 --namespace=kube-system

瀹㈡埛绔細
systemctl restart flanneld
systemctl start kube-proxy
systemctl start kubelet

node1-2

瀹㈡埛绔墽琛岋細
yum install python-rhsm
yum install rhsm
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem

docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest

#鍩虹鍛戒护
kubectl get po/svc/cm/rc : 鏌ョ湅瀹瑰櫒
kubectl describe po name 锛氭煡鐪嬭鎯?br/>kubectl delete po name 锛氬垹闄よ祫婧?br/>-o wide : 澶氭樉绀哄嚑鍒椾俊鎭?br/>--all-namespaces : 鎵€鏈夊懡鍚嶇┖闂?br/>-n name : 鎸囧畾鍛藉悕绌洪棿(default鍙互涓嶅甫姝ゅ弬鏁?
kubectl apply/create -f aaa.yaml : 鎵цyml鏂囦欢
kubectl exec 瀹瑰櫒鍚嶇О -it -- bash : 杩涘叆瀹瑰櫒
exit : 閫€鍑?/p>

kubectl delete po name 锛氬垹闄よ祫婧?/p>

---

1銆侀棶棰樹竴
瑙ｅ喅涓嶈兘鍒犻櫎闂锛?br/>[[email protected] docker]# kubectl create -f kubernetes-dashboard.yaml
Error from server (AlreadyExists): error when creating "kubernetes-dashboard.yaml": deployments.extensions "kubernetes-dashboard" already exists
Error from server (AlreadyExists): error when creating "kubernetes-dashboard.yaml": services "kubernetes-dashboard" already exists
瑙ｅ喅鏂规硶锛?br/>kubectl delete namespace kube-system
kubectl delete -f kubernetes-dashboard.yaml

https://www.jb51.net/article/94343.htm/

2銆侀棶棰樹簩
瑙ｅ喅瓒呮椂闂锛?br/>Error: 鈥榙ial tcp 172.17.71.2:9090: getsockopt: no route to host鈥?br/>Trying to reach: 鈥?a href="http://172.17.71.2:9090/" rel="nofollow">http://172.17.71.2:9090/鈥?br/>getsockopt: connection timed out鈥欓棶棰?/p>

濡傛灉瀹夎鐨刣ocker鐗堟湰涓?.13鍙婁互涓婏紝骞朵笖缃戠粶鐣呴€氾紝flannel銆乪tcd閮芥甯革紝浣嗚繕鏄細鍑虹幇getsockopt: connection timed out鈥樼殑閿欒锛屽垯鍙兘鏄痠ptables閰嶇疆闂銆傚叿浣撻棶棰橈細

Error: 鈥榙ial tcp 10.233.50.3:8443: getsockopt: connection timed out

濡傛灉瀹夎鐨刣ocker鐗堟湰涓?.13鍙婁互涓婏紝骞朵笖缃戠粶鐣呴€氾紝flannel銆乪tcd閮芥甯革紝浣嗚繕鏄細鍑虹幇getsockopt: connection timed out鈥樼殑閿欒锛屽垯鍙兘鏄痠ptables閰嶇疆闂銆傚叿浣撻棶棰橈細

Error: 鈥榙ial tcp 10.233.50.3:8443: getsockopt: connection timed out

docker浠?.13鐗堟湰寮€濮嬶紝鍙兘灏唅ptables FORWARD chain鐨勯粯璁ょ瓥鐣ヨ缃负DROP锛屼粠鑰屽鑷磒ing鍏朵粬Node涓婄殑Pod IP澶辫触锛岄亣鍒拌繖绉嶉棶棰樻椂锛岄渶瑕佹墜鍔ㄨ缃瓥鐣ヤ负ACCEPT锛?/p>

sudo iptables -P FORWARD ACCEPT

浣跨敤iptables -nL鍛戒护鏌ョ湅锛屽彂鐜癋orward鐨勭瓥鐣ヨ繕鏄痙rop锛屽彲鏄垜浠槑鏄庢墽琛屼簡iptables -P FORWARD ACCEPT銆傚師鏉ワ紝docker鏄湪杩欏彞璇濇墽琛屼箣鍚庡惎鍔ㄧ殑锛岄渶瑕佹瘡娆″湪docker涔嬪悗鍐嶆墽琛岃繖鍙ヨ瘽銆傘€傘€傝繖涔堝仛鏈夌偣澶夯鐑︿簡锛屾墍浠ユ垜浠慨鏀逛笅docker鐨勫惎鍔ㄨ剼鏈細

vi /usr/lib/systemd/system/docker.service

[Service]
Type=notify

ExecStart=/usr/bin/dockerd $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS $DOCKER_DNS_OPTIONS

娣诲姞杩欒鎿嶄綔锛屽湪姣忔閲嶅惎docker涔嬪墠閮戒細璁剧疆iptables绛栫暐涓篈CCEPT

ExecStartPost=/sbin/iptables -I FORWARD -s 0.0.0.0/0 -j ACCEPT

ExecReload=/bin/kill -s HUP $MAINPID

鍦ㄥ惎鍔ㄦ枃浠朵腑鐨?[Service] 涓嬫坊鍔犱竴琛岄厤缃紝鍗充笂闈唬鐮佷腑鐨勯厤缃嵆鍙€?/p>

鐒跺悗閲嶅惎docker锛屽啀娆℃煡鐪媎ashboard缃戦〉銆?/p>

杩欎釜闂鍦ㄥ疄鍦ㄨВ鍐充笉浜?br/>master瑁呬竴涓猲ode瀹㈡埛绔?/p>