kubeadm部署K8S
Posted zhongle21
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了kubeadm部署K8S相关的知识,希望对你有一定的参考价值。
一、K8S的搭建
0、准备
网络地址:
节点网络:10.201.106.0/24
Service网络:10.96.0.0/12
Pod网络(flannel默认网段):10.244.0.0/16
节点功能:
master1(10.201.106.131):master节点,etcd
master2(10.201.106.132):node1节点
master3(10.201.106.133):node2节点
预配置:
1、NTP时间同步
2、基于主机名通信:/etc/hosts
3、关闭firewalld和iptables.service
4、所有节点关闭swap,打开内生桥接功能,需要重启:
[root@master1 ~]# vim /usr/lib/sysctl.d/00-system.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 1
备注:通过微软镜像源,快速拉取镜像,小工具azk8spull安装
git clone https://github.com/xuxinkun/littleTools
cd littleTools
chmod +x install.sh
./install.sh
source /etc/profile
0.1 设置阿里云镜像
设置docker镜像源:
地址:https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
master1设置docker镜像源:
[root@master1 yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
设置k8s镜像源:
master1设置K8S镜像
[root@master1 yum.repos.d]# vim kubernetes.repo
[kubernetes]
name=Kubernetes Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
enabeld=1
0.2 将master上的docker和k8s镜像源文件拷贝到两个node节点
[root@master1 yum.repos.d]# scp docker-ce.repo kubernetes.repo master2:/etc/yum.repos.d/
[root@master1 yum.repos.d]# scp docker-ce.repo kubernetes.repo master3:/etc/yum.repos.d/
1、安装K8S
1.1 master节点安装docker和k8s的rpm包
默认安装最新版本:
[root@master1 ~]# yum install docker-ce kubeadm kubectl kubelet
如需指定版本:
[root@master1 ~]# yum install docker-ce-18.06.3.ce-3.el7 kubeadm-1.13.6-0 kubectl-1.13.6-0 kubelet-1.13.6-0
设置服务自启动:
[root@master1 ~]# systemctl enable docker
[root@master1 ~]# systemctl enable kubelet
1.2 master节点docker设置
设置服务启动脚本(设置镜像源)
[root@master1 ~]# vim /usr/lib/systemd/system/docker.service
# for containers run by docker
Environment="HTTPS_PROXY=http://www.ik8s.io:10080"
Environment="NO_PROXY=127.0.0.0/8,10.201.106.0/24"
启动docker服务:
[root@master1 ~]# systemctl daemon-reload
[root@master1 ~]# systemctl start docker
查看设置
[root@master1 ~]# docker info | grep Proxy
HTTPS Proxy: http://www.ik8s.io:10080
No Proxy: 127.0.0.0/8,10.201.106.0/24
如代理无法下载,使用微软镜像下载:
kubeadm config images list
azk8spull k8s.gcr.io*
1.3 master节点初始化
查看kubelet生成文件:
[root@master1 ~]# rpm -ql kubelet
查看kudeadm帮助:
[root@master1 ~]# kubeadm init --help
忽略swap报错设置(若已关闭swap可不做):
[root@master1 ~]# vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
重要:开始初始化master节点:
[root@master1 ~]# kubeadm init --kubernetes-version=v1.14.2 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
(记录下来)得到输出,用于node节点加入主节点认证:
kubeadm join 10.201.106.131:6443 --token 27ojcb.sc3hc3e43rru0zu5 --discovery-token-ca-cert-hash sha256:9b68cf142c04ba3508af6fe7fb89fe268ddc751b37ff435669f39e7906e76e
重要:拷贝配置文件并更改权限(该配置文件包含认证证书信息):
[root@master1 ~]# mkdir -p $HOME/.kube
[root@master1 ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master1 ~]# chown $(id -u):$(id -g) $HOME/.kube/config
查看信息:
查看组件状态信息
[root@master1 ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health":"true"}
[root@master1 ~]# kubectl get componentstatus
查看集群节点信息:
[root@master1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master1.com NotReady master 82m v1.14.2
1.4 设置网络插件
下载flannel(基于清单下载部署,默认下载最新版本):
地址:https://github.com/coreos/flannel
部署flannel
[root@master1 ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
等待初始化完成,可以看到pod节点:
[root@master1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master1.com Ready master 119m v1.14.2
查看kube-system名称空间:
[root@master1 ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-fb8b8dccf-8ms4d 1/1 Running 0 120m
coredns-fb8b8dccf-wb97j 1/1 Running 0 120m
etcd-master1.com 1/1 Running 0 119m
kube-apiserver-master1.com 1/1 Running 0 119m
kube-controller-manager-master1.com 1/1 Running 0 119m
kube-flannel-ds-amd64-z7vjw 1/1 Running 0 17m
kube-proxy-xkhhn 1/1 Running 0 120m
kube-scheduler-master1.com 1/1 Running 0 119m
查看集群中名称空间状态:
[root@master1 ~]# kubectl get ns
NAME STATUS AGE
default Active 122m
kube-node-lease Active 122m
kube-public Active 122m
kube-system Active 122m
1.5 初始化Node节点
从master1复制docker服务文件覆盖master2,3节点:
[root@master1 ~]# scp /usr/lib/systemd/system/docker.service master2:/usr/lib/systemd/system/docker.service
[root@master1 ~]# scp /usr/lib/systemd/system/docker.service master3:/usr/lib/systemd/system/docker.service
从master1复制kubelet配置文件:
[root@master1 ~]# scp /etc/sysconfig/kubelet master2:/etc/sysconfig/
[root@master1 ~]# scp /etc/sysconfig/kubelet master3:/etc/sysconfig/
node1配置:
安装docker和kubelet:
[root@master2 ~]# yum install docker-ce kubelet kubeadm
[root@master2 ~]# systemctl enable docker
[root@master2 ~]# systemctl enable kubelet
node1启动docker服务:
[root@master2 ~]# systemctl daemon-reload
[root@master2 ~]# systemctl restart docker
node1加入k8s集群(如果网络无法下载镜像,通过微软镜像(azk8spull)导入kube-proxy,flannel,pause三个镜像)
[root@master2 ~]# kubeadm join 10.201.106.131:6443 --token 27ojcb.sc3hc3e43rru0zu5 --discovery-token-ca-cert-hash sha256:9b68cf142c04ba3508af6fe7fb89fe268ddc751b37ff435669f39e7906e76ea1
等待node1节点下载好kube-proxy,flannel,pause三个镜像并启动容器后在master节点查看状态:
[root@master1 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
master1.com Ready master 4h24m v1.14.2
master2.com Ready <none> 9m27s v1.14.2
查看pods:
[root@master1 ~]# kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-fb8b8dccf-8ms4d 1/1 Running 3 4h25m 10.244.0.6 master1.com <none> <none>
coredns-fb8b8dccf-wb97j 1/1 Running 2 4h25m 10.244.0.5 master1.com <none> <none>
etcd-master1.com 1/1 Running 1 4h25m 10.201.106.131 master1.com <none> <none>
kube-apiserver-master1.com 1/1 Running 1 4h25m 10.201.106.131 master1.com <none> <none>
kube-controller-manager-master1.com 1/1 Running 1 4h25m 10.201.106.131 master1.com <none> <none>
kube-flannel-ds-amd64-qr4p6 1/1 Running 0 11m 10.201.106.132 master2.com <none> <none>
kube-flannel-ds-amd64-z7vjw 1/1 Running 2 163m 10.201.106.131 master1.com <none> <none>
kube-proxy-f86s9 1/1 Running 0 11m 10.201.106.132 master2.com <none> <none>
kube-proxy-xkhhn 1/1 Running 2 4h25m 10.201.106.131 master1.com <none> <none>
kube-scheduler-master1.com 1/1 Running 1 4h25m 10.201.106.131 master1.com <none> <none>
node2加入步骤跟node1一样:
[root@master3 ~]# kubeadm join 10.201.106.131:6443 --token 27ojcb.sc3hc3e43rru0zu5 --discovery-token-ca-cert-hash sha256:9b68cf142c04ba3508af6fe7fb89fe268ddc751b37ff435669f39e7906e76ea1 --ignore-preflight-errors=Swap
2、K8S应用基础入门
2.1 查看
查看节点详细描述信息:
[root@master1 ~]# kubectl describe node master1.com
查看主节点和工作节点版本:
[root@master1 ~]# kubectl version
查看整个集群信息:
[root@master1 ~]# kubectl cluster-info
2.2 部署应用
2.2.1 创建一个nginx(Pod)
[root@master1 ~]# kubectl run --help
尝试创建一个nginx:
[root@master1 ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1 --dry-run=true
真正创建一个nginx:
[root@master1 ~]# kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1
查看当前系统上已经创建的deployment:
[root@master1 ~]# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deploy 1/1 1 1 23m
查看Pod:
[root@master1 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deploy-55d8d67cf-r2rwn 1/1 Running 0 23m
查看属于哪个节点:
[root@master1 ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deploy-55d8d67cf-r2rwn 1/1 Running 0 24m 10.244.1.5 master2.com <none> <none>
其它报错处理
问题1:代理无法拉取镜像
代理如果无法使用,手动拉镜像:
https://blog.csdn.net/sjyu_ustc/article/details/79990858
https://blog.51cto.com/liuzhengwei521/2301497
https://www.cnblogs.com/zxy860320/p/9996109.html
https://blog.csdn.net/Mr_rsq/article/details/84943480
https://blog.51cto.com/purplegrape/2315451
拉镜像:
docker pull mirrorgooglecontainers/kube-apiserver:v1.13.6
docker pull mirrorgooglecontainers/kube-controller-manager:v1.13.6
docker pull mirrorgooglecontainers/kube-scheduler:v1.13.6
docker pull mirrorgooglecontainers/kube-proxy:v1.13.6
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.2.24
docker pull coredns/coredns:1.2.6
docker pull quay.io/coreos/flannel:v0.10.0-amd64
打标:
docker tag mirrorgooglecontainers/kube-apiserver:v1.13.6 k8s.gcr.io/kube-apiserver:v1.13.6
docker tag mirrorgooglecontainers/kube-controller-manager:v1.13.6 k8s.gcr.io/kube-controller-manager:v1.13.6
docker tag mirrorgooglecontainers/kube-scheduler:v1.13.6 k8s.gcr.io/kube-scheduler:v1.13.6
docker tag mirrorgooglecontainers/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24 docker tag coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
docker tag anjia0532/pause:3.1 k8s.gcr.io/pause:3.1
docker tag mirrorgooglecontainers/kube-proxy:v1.13.6 k8s.gcr.io/kube-proxy:v1.13.6
拉取:
kubeadm config images list |sed -e ‘s/^/docker pull /g‘ -e ‘s#k8s.gcr.io#mirrorgooglecontainers#g‘ | sh -x
docker pull coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
打标:
docker images |grep mirrorgooglecontainers |awk ‘{print "docker tag",$1":"$2,$1":"$2}‘ |sed -e ‘s#mirrorgooglecontainers#k8s.gcr.io#2‘ |sh -x
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
删除旧镜像:
docker images |grep mirrorgooglecontainers |awk ‘{print "docker rmi -f", $1":"$2}‘ |sh -x
问题2:docker存储报错处理链接:
https://cloud.tencent.com/info/bfe4fa029038643970af08b6f13624c8.html
问题3:cgroup不一致报错(如果无法解决,建议使用centos7.4以上系统,最新系统更好):
https://blog.csdn.net/Andriy_dangli/article/details/85062983
[root@master2 ~]# vi /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
[root@master2 ~]# vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=cgroupfs"
通过阿里云镜像下载K8S镜像
https://blog.csdn.net/zsd498537806/article/details/85157560以上是关于kubeadm部署K8S的主要内容,如果未能解决你的问题,请参考以下文章