系统: Ubuntu 18.04.2 LTS
内存: 8G
机器:
| 属性 | IP | Hostname | ssh |
| Master | 192.168.91.48 | blackray-pc | |
| node1 | 192.168.91.221 | node1-VirtualBox | node1@192.168.91.221 |
| node2 | 192.168.91.222 | node1-VirtualBox | node2@192.168.91.222 |
1 安装前准备
1.1 关闭系统swap分区(需要重启系统)
vi /etc/fstab,注释swap行的UUID信息
1.2 /etc/apt/source.list中配置阿里云k8s源
# kubeadm及kubernetes组件安装源
deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main
1.3 安装kubeadm kubectl kubelet
apt-get update
apt-get install kubeadm kubelet kubectl -y
2 下载k8s需要的镜像,由于k8s.gcr.io国内访问不了,可以从docker.io上下载相同版本镜像,再重新打tag为源版本(可以先执行第三部,从报错信息中查看需要下载的镜像版本)
2.1
docker pull docker.io/mirrorgooglecontainers/kube-apiserver:v1.13.4
docker pull docker.io/mirrorgooglecontainers/kube-controller-manager:v1.13.4
docker pull docker.io/mirrorgooglecontainers/kube-scheduler:v1.13.4
docker pull docker.io/mirrorgooglecontainers/kube-proxy:v1.13.4
docker pull docker.io/mirrorgooglecontainers/pause:3.1
docker pull docker.io/mirrorgooglecontainers/etcd:3.2.24
docker pull docker.io/coredns/coredns:1.2.6
2.2 将镜像重新打tag回k8s.gcr.io
docker tag docker.io/mirrorgooglecontainers/kube-apiserver:v1.13.4 k8s.gcr.io/kube-apiserver:v1.13.4
docker tag docker.io/mirrorgooglecontainers/kube-controller-manager:v1.13.4 k8s.gcr.io/kube-controller-manager:v1.13.4
docker tag docker.io/mirrorgooglecontainers/kube-scheduler:v1.13.4 k8s.gcr.io/kube-scheduler:v1.13.4
docker tag docker.io/mirrorgooglecontainers/kube-proxy:v1.13.4 k8s.gcr.io/kube-proxy:v1.13.4
docker tag docker.io/mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag docker.io/mirrorgooglecontainers/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag docker.io/coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
3 初始化Master 使用flannel网络方案(执行第二步镜像的版本号从这一步的提示信息中获取)
3.1 kubeadm init --apiserver-advertise-address 192.168.91.48 --pod-network-cidr=10.244.0.0/16
执行完毕,在提示信息中提示工作节点如何加入集群的命令,如:
kubeadm join 192.168.91.48:6443 --token kt3n05.2kckopgl445znxir --discovery-token-ca-cert-hash sha256:34bf00baef51f48991e3eb6a9f898d2c93daf53d272d886c2b7b8417eb567f65
3.2 执行命令
sudo cp /etc/kubernetes/admin.conf $HOME/
sudo chown $(id -u):$(id -g) $HOME/admin.conf
export KUBECONFIG=$HOME/admin.conf (临时生效)
在/etc/profile文件中加入export KUBECONFIG=$HOME/admin.conf
3.3 安装flannel网络: kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
token过期(24小时过期)后可重新生成token:
kubeadm token create --ttl 0 (--ttl 0代表永不过期)
查看token: kubeadm token list
获取ca证书sha256编码hash值
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
回显值:34bf00baef51f48991e3eb6a9f898d2c93daf53d272d886c2b7b8417eb567f65
新的加入命令
kubeadm join 192.168.91.48:6443 --token enzyy3.3v8g89erxgs33rzt --discovery-token-ca-cert-hash sha256:34bf00baef51f48991e3eb6a9f898d2c93daf53d272d886c2b7b8417eb567f65
4 node节点安装以下镜像(被墙,需要手动安装)
k8s.gcr.io/kube-proxy v1.13.4 fadcc5d2b066 2 weeks ago 80.3MB
k8s.gcr.io/pause 3.1 da86e6ba6ca1 15 months ago 742kB
镜像安装与第二步一致
5 工作几点加入集群,执行命令
kubeadm join 192.168.91.48:6443 --token kt3n05.2kckopgl445znxir --discovery-token-ca-cert-hash sha256:34bf00baef51f48991e3eb6a9f898d2c93daf53d272d886c2b7b8417eb567f65
6 在Master节点上查看节点状态
kubectl get node
STATUS状态值为READY时表示工作节点加入k8s集群成功并可正常工作
7 编写yaml文件,测试服务是否可正常调度(Master节点上)
nginx-service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: nginx
name: nginx
spec:
ports:
- port: 80 #服务暴露的端口
protocol: TCP
targetPort: 80 #容器暴露的端口
nodePort: 30008 #节点暴露的端口
selector:
app: nginx
type: NodePort
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
在yaml文件所在的工作目录执行 kubectl apply -f nginx-service.yaml
访问http://192.168.91.221:30008 或 http://192.168.91.222:30008出现nginx首页即表示正常运行
