容器云kubernetes+docker-ce
设备列表
master:172.22.6.241
node1:172.22.6.242
node1:172.22.6.243
node1:172.22.6.244
版本
kubernetes:v1.10.0
docker-ce:17.03.3-ce
一.基础环境配置(全部机器配置)
关闭防火墙和selinux
systemctl stop firewalld
systemctl disabled firewalld
setenforce 0
关闭swap
swapoff -a
配置内核参数
配置docker-ce的yum源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
配置kubernetes的yum源
cat << EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
EOF
安装docker
yum list docker-ce --showduplicates 查看可用的docker-ce版本
yum install -y --setopt=obsoletes=0 docker-ce-17.03.3.ce-1.el7.x86_64 docker-ce-selinux-17.03.3.ce-1.el7.noarch(此参数为取消安装包取代关系,有时候有些旧的安装包被新的安装包取代了,安装的时候就会自动安装新的,但是我们需要沿用指定版本的docker以保证Kubernetes的稳定性)
查看docker的cgroup模式
docker info | grep cgroup
修改kubelet的cgroup模式是否为与docker一致,否则需要改成一致
vim /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs"
重启kubelet
systemctl enable kubelet && systemctl start kubelet
安装kubernetes组件
yum install kubelet-1.10.0 kubeadm-1.10.0 kubernetes-cni
二.编辑脚本,下载kubernetes镜像
#!/bin/bash images=(kube-proxy-amd64:v1.10.0 kube-scheduler-amd64:v1.10.0 kube-controller-manager-amd64:v1.10.0 kube-apiserver-amd64:v1.10.0 etcd-amd64:3.1.12 pause-amd64:3.1 kubernetes-dashboard-amd64:v1.8.3 k8s-dns-sidecar-amd64:1.14.8 k8s-dns-kube-dns-amd64:1.14.8 k8s-dns-dnsmasq-nanny-amd64:1.14.8) for imageName in ${images[@]} ; do docker pull keveon/$imageName docker tag keveon/$imageName k8s.gcr.io/$imageName docker rmi keveon/$imageName done
执行脚本
kubeadm init --kubernetes-version=v1.10.0 --pod-network-cidr=10.244.0.0/16
安装成功后会有如下命令提示(这个提示是帮助你后续把nodes加进集群中的,请务必记录下来。)
kubeadm join 172.22.6.241:6443 --token 9xsiga.f2cg1zzjyj8m5sqm --discovery-token-ca-cert-hash sha256:c21573b14c24b61ff55d76340fc22515e853c32a20bff7e45426c83fe5840e33
初始化失败或者想重装,可以重置集群。
kubeadm reset
设置kubernetes配置文件
# 对于非root用户
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
# 对于root用户
export KUBECONFIG=/etc/kubernetes/admin.conf
也可以直接放到~/.bash_profile
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> /etc/profile
source /etc/profile
安装flannel网络
配置kubernetes网络环境
mkdir /etc/cni/net.d/ -p
cat <<EOF> /etc/cni/net.d/10-flannel.conf
{
"name": "cbr0",
"type": "flannel",
"delegate": {
"isDefaultGateway": true
}
}
EOF
配置flannel网络环境
mkdir /run/flannel/
cat <<EOF> /run/flannel/subnet.env
FLANNEL_NETWORK=10.244.0.0/16
FLANNEL_SUBNET=10.244.1.0/24
FLANNEL_MTU=1450
FLANNEL_IPMASQ=true
EOF
创建oci网络模型目录
mkdir /usr/share/oci-umount/oci-umount.d -p
编写flannal的yml文件
这个可以直接用网上提供的yaml
kubectl apply -f ./kubernetes-flannel.yml
也可以自己编写yaml文件
vim kubernetes-flannel.yml
kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: flannel rules: - apiGroups: - "" resources: - pods verbs: - get - apiGroups: - "" resources: - nodes verbs: - list - watch - apiGroups: - "" resources: - nodes/status verbs: - patch --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: flannel roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: flannel subjects: - kind: ServiceAccount name: flannel namespace: kube-system --- apiVersion: v1 kind: ServiceAccount metadata: name: flannel namespace: kube-system --- kind: ConfigMap apiVersion: v1 metadata: name: kube-flannel-cfg namespace: kube-system labels: tier: node app: flannel data: cni-conf.json: | { "name": "cbr0", "type": "flannel", "delegate": { "isDefaultGateway": true } } net-conf.json: | { "Network": "10.244.0.0/16", "Backend": { "Type": "vxlan" } } --- apiVersion: extensions/v1beta1 kind: DaemonSet metadata: name: kube-flannel-ds namespace: kube-system labels: tier: node app: flannel spec: template: metadata: labels: tier: node app: flannel spec: hostNetwork: true nodeSelector: beta.kubernetes.io/arch: amd64 tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule serviceAccountName: flannel initContainers: - name: install-cni image: quay.io/coreos/flannel:v0.9.1-amd64 command: - cp args: - -f - /etc/kube-flannel/cni-conf.json - /etc/cni/net.d/10-flannel.conf volumeMounts: - name: cni mountPath: /etc/cni/net.d - name: flannel-cfg mountPath: /etc/kube-flannel/ containers: - name: kube-flannel image: quay.io/coreos/flannel:v0.9.1-amd64 command: [ "/opt/bin/flanneld", "--ip-masq", "--kube-subnet-mgr" ] securityContext: privileged: true env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace volumeMounts: - name: run mountPath: /run - name: flannel-cfg mountPath: /etc/kube-flannel/ volumes: - name: run hostPath: path: /run - name: cni hostPath: path: /etc/cni/net.d - name: flannel-cfg configMap: name: kube-flannel-cfg
kubectl apply -f ./kubernetes-flannel.yml
四:添加节点(node节点)
删除kubernetes中的网络传参(当你的kubelet无法正常启动的时候才进行此操作)
vim /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
删除/etc/systemd/system/kubelet.service.d/10-kubeadm.conf里最后一行里的$KUBELET_NETWORK_ARGS
添加节点(这个是master初始化成功的时候提示出来的命令)
kubeadm join 172.22.6.241:6443 --token 9xsiga.f2cg1zzjyj8m5sqm --discovery-token-ca-cert-hash sha256:c21573b14c24b61ff55d76340fc22515e853c32a20bff7e45426c83fe5840e33
如有提示说找不到docker的pid文件,添加如下参数
--ignore-preflight-errors=cri
五.查看集群状态
查看集群节点状态
kubectl get nodes --all-namespaces
NAME STATUS ROLES AGE VERSION yun01 Ready master 3d v1.10.0 yun02 Ready <none> 3d v1.10.0 yun03 Ready <none> 3d v1.10.0 yun04 Ready <none> 3d v1.10.0
查看集群pod状态
kubectl get svc,pods --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE default service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d kube-system service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 3d kube-system service/kubernetes-dashboard-external NodePort 10.96.28.16 <none> 9090:30090/TCP 3d NAMESPACE NAME READY STATUS RESTARTS AGE kube-system pod/etcd-yun01 1/1 Running 4 3d kube-system pod/kube-apiserver-yun01 1/1 Running 5 3d kube-system pod/kube-controller-manager-yun01 1/1 Running 4 3d kube-system pod/kube-dns-86f4d74b45-r95sl 3/3 Running 11 3d kube-system pod/kube-flannel-ds-kprjb 1/1 Running 2 3d kube-system pod/kube-flannel-ds-m264m 1/1 Running 3 3d kube-system pod/kube-flannel-ds-wk2f7 1/1 Running 5 3d kube-system pod/kube-flannel-ds-zq5km 1/1 Running 2 3d kube-system pod/kube-proxy-cj6vj 1/1 Running 4 3d kube-system pod/kube-proxy-ff4cf 1/1 Running 4 3d kube-system pod/kube-proxy-q6pjl 1/1 Running 3 3d kube-system pod/kube-proxy-wbthp 1/1 Running 2 3d kube-system pod/kube-scheduler-yun01 1/1 Running 4 3d kube-system pod/kubernetes-dashboard-5cc6564db9-m98fw 1/1 Running 4 3d
至此,kubernetes集群搭建完成。
参考:
http://blog.51cto.com/devingeng/2096495
转载请注明出处。