---恢复内容开始---
实验环境准备2台虚拟机:
master节点:172.17.1.36
node节点:172.17.1.40
首先安装master节点:
master 的虚拟机是全新的机器,在安装kubernetes之前的做下准备工作
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
hostname master ,并且修改/etc/hostname
关闭selinux
setenforce 0 永久关闭修改配置文件/etc/selinux/config 修改成SELINUX=disabled
准备docker 和kubernetes的repo文件
cd /etc/yum.repos.d/
vi docker-ce.repo
[docker-ce-stable] name=Docker CE Stable - $basearch baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/stable enabled=1 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-stable-debuginfo] name=Docker CE Stable - Debuginfo $basearch baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/stable enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-stable-source] name=Docker CE Stable - Sources baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/stable enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-edge] name=Docker CE Edge - $basearch baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/edge enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-edge-debuginfo] name=Docker CE Edge - Debuginfo $basearch baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/edge enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-edge-source] name=Docker CE Edge - Sources baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/edge enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-test] name=Docker CE Test - $basearch baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/test enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-test-debuginfo] name=Docker CE Test - Debuginfo $basearch baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/test enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-test-source] name=Docker CE Test - Sources baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/test enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-nightly] name=Docker CE Nightly - $basearch baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/nightly enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-nightly-debuginfo] name=Docker CE Nightly - Debuginfo $basearch baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/debug-$basearch/nightly enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg [docker-ce-nightly-source] name=Docker CE Nightly - Sources baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/source/nightly enabled=0 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
vi kubernetes.repo
[kubernetes] name=Kubernetes Repo baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ gpgcheck=1 #不想验证这里改成0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg enableld=1
rpm --import rpm-package-key.gpg 导入下gpgkey
yum install docker-ce kubeadm-1.11.1 kubectl-1.11.1 kubelet-1.11.1 我安装是的1.11.1的版本
启动docker,并设置开机启动
systemctl start docker
systemctl enable docker
确保桥接的状态是打开的,返回是1说明是正常的
systemctl enable kubelet 开机启动kubelet ,不要启动,因为配置没有初始化完成
vim /etc/sysconfig/kubelet 忽略swap on 开启集群不能初始化得错误
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
kubeadm init --kubernetes-version=v1.11.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap 初始化集群
注意:初始化的时候需要以下的docker 镜像,由于某些不可描述的原因,下载不了,我这里是准备好的镜像文件导入的
[k8s.gcr.io/kube-apiserver-amd64:v1.11.1]
[k8s.gcr.io/kube-controller-manager-amd64:v1.11.1]
[k8s.gcr.io/kube-scheduler-amd64:v1.11.1]
[k8s.gcr.io/kube-proxy-amd64:v1.11.1]
[k8s.gcr.io/pause:3.1
[k8s.gcr.io/etcd-amd64:3.2.18]
[k8s.gcr.io/coredns:1.1.3]
出现这个界面是说明初始化完成!
kubeadm join 172.17.1.36:6443 --token 0kyf48.b4aevmeo1wdylowk --discovery-token-ca-cert-hash sha256:587072eb329d8af7bb52241ab52f6b27d8496dfc99ac1371686b05dcadc3e029 这个是node节点加入集群的命令,最好保存下
根据提示做这2不操作
[root@master yum.repos.d]# mkdir -p $HOME/.kube
[root@master yum.repos.d]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
最后安装flannel 网络插件
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
这里下载flannel的镜像 quay.io/coreos/flannel:v0.10.0-amd64
验证下集群的状态
这样集群的master节点安装完成!
安装node节点
和master节点一样,需要docker-ce.repo,kubernetes.repo,还有关闭防火墙,关闭selinux,操作和master一样
yum install docker-ce kubeadm-1.11.1 kubelet-1.11.1
vim /etc/sysconfig/kubelet 忽略swap on 开启集群不能初始化得错误
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
加入集群:
kubeadm join 172.17.1.36:6443 --token 0kyf48.b4aevmeo1wdylowk --discovery-token-ca-cert-hash sha256:587072eb329d8af7bb52241ab52f6b27d8496dfc99ac1371686b05dcadc3e029 --ignore-preflight-errors=Swap
node 上要有以下镜像:
[k8s.gcr.io/kube-proxy-amd64:v1.11.1]
[k8s.gcr.io/pause:3.1
quay.io/coreos/flannel:v0.10.0-amd64
在master节点下查看下状态
完工,kubernetes 部署完成!
部署dashboard
提前把k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0 导入到node节点,当让有梯子的人就不用了
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml 应用dashboard的部署文件
已经部署好了,
创建serviceaccount 用于登陆dashboard
kubectl create serviceaccount dashboard-admin -n kube-system
创建clusterrolebinding
kubectl create clusterrolebinding cluster-dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
查找刚刚生成的secret
这里我登陆dashboard用的是secret的token
把刚刚dashboard船舰的service 的类型改成NodePort ,可以在部署dashboard的时候修改下yaml文件
kubectl patch svc kubernetes-dashboard -p '{"spec":{"type":"NodePort"}}' -n kube-system
登陆dashboard
选择令牌
输入刚刚secret的token
dashboard部署完成!