安装部署k8s-版本-1.13

1.环境准备

# 统一hosts
cat /etc/hosts
10.0.0.10  k8s-master
10.0.0.20  k8s-node1
10.0.0.30  k8s-node2
# 同步时间
ntpdate ntp1.aliyun.com
# 禁用SELINUX,关闭firewalld和iptables.service,k8s会自己设置iptables网络策略 
systemctl stop iptables.service
systemctl disable iptables.service
systemctl stop firewalld.service 
systemctl disable firewalld.service
# 关闭swap,修改/etc/fstab文件,注释掉SWAP的自动挂载,使用free -m确认swap已经关闭
swapoff -a
# 调整swappiness参数
# 创建/etc/sysctl.d/k8s.conf文件,添加如下内容
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness=0
# 生效
modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf
# 开启ipvs
yum -y install ipvsadm
vim /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
ipvs_mods_dir="/usr/lib/modules/$(uname -r)/kernel/net/netfilter/ipvs"
for i in $(ls $ipvs_mods_dir | grep -o "^[^.]*");do
   /sbin/modinfo -F filename $i &> /dev/null
  if [ $? -eq 0 ];then
    /sbin/modprobe $i
  fi
done
chmod +x /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep ip_vs

2.安装

# 安装 Docker
yum install -y yum-utils device-mapper-persistent-data lvm2
curl -o /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install docker-ce-18.06.1.ce-3.el7 -y
# 翻墙代理不管用了,注释掉
vim /usr/lib/systemd/system/docker.service
#Environment="HTTPS_PROXY=http://www.ik8s.io:10080"
Environment="NO_PROXY=127.0.0.1/8,127.0.0.1/16"
systemctl daemon-reload
systemctl start docker
systemctl enable docker

cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
# 给两个node分发文件
ssh-keygen -t dsa
ssh-copy-id -i ~/.ssh/id_dsa.pub 10.0.0.20
ssh-copy-id -i ~/.ssh/id_dsa.pub 10.0.0.30
for i in 20 30; do scp /etc/yum.repos.d/{docker-ce.repo,kubernetes.repo} 10.0.0.$i:/etc/yum.repos.d/;done
# 如果用下面这条命令,就会下载最新版本,这里我们用1.13
# yum install -y kubelet kubeadm kubectl
yum -y install kubelet-1.13.0 kubeadm-1.13.0 kubernetes-cni-0.6.0 kubectl-1.13.0
# 设置为开机自启,先不要启动该服务.等初始化完成了再启动
systemctl enable kubelet
# 将镜像先下载到本地
cat pull-images.sh
#!/bin/bash
images=(kube-apiserver:v1.13.0 kube-controller-manager:v1.13.0 kube-scheduler:v1.13.0 kube-proxy:v1.13.0 pause:3.1 etcd:3.2.24 coredns:1.2.6)

for ima in ${images[@]}
do
   docker pull   registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima
   docker tag    registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima   k8s.gcr.io/$ima
   docker rmi  -f  registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima
done

chmod +x pull-images.sh && ./pull-images.sh
# 集群初始化
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
kubeadm init --kubernetes-version=v1.13.0 --pod-network-cidr=10.244.0.0/16 
--service-cidr=10.96.0.0/12  --ignore-preflight-errors=Swap
...
  kubeadm join 10.0.0.10:6443 --token 05blrg.37hx6cwa85giuj5c --discovery-token-ca-cert-hash 
sha256:0a1635e9f31e78317524545faa3dd5957665f8b871b168a605ef523dacbea7bb
# 初始化中输出的kubeadm join 10.0.0.10:6443这句话,保存好,以后要使用这个命令把node加入集群,并且该命令无法复现
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# 安装flannel网络组件(master上执行)
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

初始化k8s集群

3.查看信息

# 查看状态信息
kubectl get cs
# 查看节点信息,状态为NotReady,是因为还缺flannel组件,没有这个组件无法设置网络
kubectl get nodes
# 查看当前master节点上kube-system名称空间里运行的所有pod状态
kubectl get pods -n kube-system
# 所有pod必须保证都是running状态的,如果哪个不是,可以通过类似如下命令查看原因
kubectl dscrible pods coredns-86c58d9df4-qz9xc -n kube-system
# 查看当前节点名称空间
kubectl get ns
# 查看pod详细状态
kubectl get pods -n kube-system -o wide
kubectl get pods --all-namespaces -o wide

4.node上执行

# nodes上可以不安装kubectl
yum -y install kubelet-1.13.0 kubeadm-1.13.0 kubernetes-cni-0.6.0
systemctl enable kubelet
cat pull-images.sh
#!/bin/bash
images=(pause:3.1 kube-proxy:v1.13.0)
for ima in ${images[@]}
do
   docker pull   registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima
   docker tag    registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima   k8s.gcr.io/$ima
   docker rmi  -f  registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/$ima
done

chmod +x pull-images.sh && ./pull-images.sh
docker pull quay.io/coreos/flannel:v0.11.0-amd64
# 执行kubeadm join
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
kubeadm join 10.0.0.10:6443 --token 05blrg.37hx6cwa85giuj5c --discovery-token-ca-cert-hash 
sha256:0a1635e9f31e78317524545faa3dd5957665f8b871b168a605ef523dacbea7bb 
--ignore-preflight-errors=Swap

也可以从这里下载镜像registry.cn-hangzhou.aliyuncs.com/google_containers

node节点上需要的三个镜像

两个节点加入master

参考博客:https://www.jianshu.com/p/427162394424

参考博客:http://blog.itpub.net/28916011/viewspace-2213536/