环境:Centos7
版本:Kubernetes v1.11.4
一、下载Kubernetes(在所有机器上都要)
1)下载
wget https://github.com/kubernetes/kubernetes/releases/download/v1.11.4/kubernetes.tar.gz
2)解压
tar -zxvf kubernetes.tar.gz cd kubernetes sh cluster/get-kube-binaries.sh
3)server目录下会多一个文件
解压:进入到bin目录,可以看到很多二进制文件
二、Master上部署服务etcd、kube-apiserver、kube-controller-manager、kube-schedule服务
1、关闭防火墙
yum -y install firewalld systemctl stop firewalld systemctl disable firewalld.service
2、配置etcd
etcd服务作为Kubernetes集群的主数据库,在安装Kubernetes各服务之前需要首先安装和启动
wget https://github.com/coreos/etcd/releases/download/v3.3.2/etcd-v3.3.2-linux-amd64.tar.gz tar -zxvf cd etcd-v3.3.2-linux-amd64/tar.gz cd etcd-v3.3.2-linux-amd64/
把etcd、etcdctl拷贝到/usr/bin目录下,并设置systemd服务文件
cp etcd etcdctl /usr/bin/
vim /usr/lib/systemd/system/etcd.service
[Unit] Description=Etcd Server After=network.target [Service] Type=simple WorkingDirectory=/var/lib/etcd/ EnvironmentFile=-/etc/etcd/etcd.conf ExecStart=/usr/bin/etcd [Install] WantedBy=multi-user.target
加载配置文件并启动
mkdir /var/lib/etcd systemctl daemon-reload systemctl start etcd.service
查看etcd是否健康
etcdctl cluster-health
3、kube-apiserver
vim /usr/lib/systemd/system/kube-apiserver.service
[Unit] Description=Kubernetes API Server After=etcd.service Wants=etcd.service [Service] EnvironmentFile=/etc/kubernetes/apiserver ExecStart=/usr/bin/kube-apiserver $KUBE_LOGTOSTDERR $KUBE_ETCD_SERVERS $KUBE_LOG_LEVEL $KUBE_LOG_DIR $KUBE_API_ADDRESS $KUBE_API_PORT $KUBE_SERVICE_ADDRESS $KUBE_SERVICE_PORT $KUBE_ADMISSION_CONTROL Restart=on-failure Type=notify LimitNOFILE=65535 [Install] WantedBy=multi-user.target
配置文件:
vim /etc/kubernetes/apiserver
KUBE_ETCD_SERVERS="--etcd-servers=http://127.0.0.1:2379" KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" KUBE_API_PORT="--insecure-port=8080" KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=169.169.0.0/16" KUBE_SERVICE_PORT="--service-node-port-range=1-65535" KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ResourceQuota" KUBE_LOGTOSTDERR="--logtostderr=false" KUBE_LOG_DIR="--log-dir=/var/log/kubernetes" KUBE_LOG_LEVEL="--v=2"
--etcd-servers:指定etcd服务的URL
--insecure-bind-address:apiserver绑定主机的非安全IP地址,设置0.0.0.0表示绑定所有IP地址
--insecure-port:apiserver绑定主机的非安全端口号,默认为8080
--service-cluster-ip-range:Kubernetes集群中Service的虚拟IP地址范围,该IP范围不能与物理机的真实IP段有重合
--service-node-ip-range:Kubernetes集群中Service可映射的物理机端口号范围,默认为30000~32767
--admission-control:Kubernetes集群的准入控制设置,各控制模块以插件的形式依次生效
--logtostderr:设置为false表示将日志写入文件,不写入stderr
--log-dir:日志目录
--v:日志级别
启动并查看其状态:
cp kube-apiserver /usr/bin/ systemctl daemon-reload systemctl start kube-apiserver.service systemctl status kube-apiserver.service
4、kube-controller-manager
kube-controller-manager服务依赖于kube-apiserver
vim /usr/lib/systemd/system/kube-controller-manager.service
[Unit] Description=Kubernetes Controller Manager Server After=kube-apiserver.service Requires=kube-apiserver.service [Service] EnvironmentFile=/etc/kubernetes/controller-manager ExecStart=/usr/bin/kube-controller-manager $KUBE_LOGTOSTDERR $KUBE_LOGDIR $KUBE_LOG_LEVEL $KUBE_MASTER Restart=on-failure LimitNOFILE=65535 [Install] WantedBy=multi-user.target
vim /etc/kubernetes/controller-manager
KUBE_MASTER="--master=http://127.0.0.1:8080" KUBE_LOGTOSTDERR="--logtostderr=false" KUBE_LOGDIR="--log-dir=/var/log/kubenetes" KUBE_LOG_LEVEL="--v=2"
--master:表示apiserver的URL地址
--logtostderr:设置为false表示将日志写入文件,不写入stderr
--log-dir:日志目录
--v:日志级别
启动查看状态:
cp kube-controller-manager /usr/bin/ systemctl start kube-controller-manager.service systemctl status kube-controller-manager.service
5、kube-schedule
kube-schedule服务也依赖于kube-apiserver服务
vim /usr/lib/systemd/system/kube-schedule.service
[Unit] Description=Kubernetes Schedule Server After=kube-apiserver.service Requires=kube-apiserver.service [Service] EnvironmentFile=/etc/kubernetes/schedule ExecStart=/usr/bin/kube-scheduler $KUBE_LOGTOSTDERR $KUBE_LOGDIR $KUBE_LOG_LEVEL $KUBE_MASTER Restart=on-failure LimitNOFILE=65535 [Install] WantedBy=multi-user.target
vim /etc/kubernetes/schedule
KUBE_MASTER="--master=http://127.0.0.1:8080" KUBE_LOGTOSTDERR="--logtostderr=false" KUBE_LOGDIR="--log-dir=/var/log/kubenetes" KUBE_LOG_LEVEL="--v=2"
启动、查看状态
cp kube-scheduler /usr/bin/ systemctl daemon-reload systemctl start kube-schedule.service systemctl status kube-schedule.service
三、Node上的Kubelet、kube-proxy服务
在node节点上得先安装docker
yum -y remove docker* yum -y install docker systemctl start docker
1)Kubelet
Kubelet服务依赖于Docker服务
vim /usr/lib/systemd/system/kubelet.service
[Unit] Description=Kubernetes Kubelete Server After=docker.service Requires=docker.service [Service] WorkingDirectory=/var/lib/kubelet EnvironmentFile=/etc/kubernetes/kubelet ExecStart=/usr/bin/kubelet $KUBELET_ADDRESS $KUBELET_POD_INFRA_CONTAINER $KUBELET_ARGS $KUBE_LOGTOSTDERR $KUBE_LOGDIR $KUBE_LOG_LEVEL $KUBE_CGROUPS
$KUBE_HOSTNAME Restart=on-failure [Install] WantedBy=multi-user.target
vim /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0" KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure" KUBELET_ARGS="--enable-server=true --enable-debugging-handlers=true --fail-swap-on=false --kubeconfig=/etc/kubernetes/config" KUBE_LOGTOSTDERR="--logtostderr=false" KUBE_LOGDIR="--log-dir=/var/log/kubenetes" KUBE_LOG_LEVEL="--v=2" KUBE_CGROUPS="--runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice"
KUBE_HOSTNAME="--hostname-override=node1"
vim /etc/kubernetes/config
apiVersion: v1 kind: Config users: - name: kubelet clusters: - name: kubernetes cluster: server: http://172.29.1.165:8080 contexts: - context: cluster: kubernetes user: kubelet name: service-account-context current-context: service-account-context
mkdir /var/lib/kubelet cp kubelet /usr/bin/ systemctl daemon-reload systemctl start kubelet.service systemctl status kubelet.service
这里启动kubelet可能会报错:
failed to run Kubelet: failed to create kubelet: misconfiguration: kubelet cgroup driver: "cgroupfs" is different from docker cgroup driver: "systemd"
解决办法:
vim /lib/systemd/system/docker.service
--exec-opt native.cgroupdriver=systemd 修改成 --exec-opt native.cgroupdriver=cgroupfs
2、kube-proxy
vim /usr/lib/systemd/system/kube-proxy.service
[Unit] Description=Kubernetes Kubelete Server After=network.service Requires=network.service [Service] EnvironmentFile=/etc/kubernetes/proxy ExecStart=/usr/bin/kube-proxy $KUBE_LOGTOSTDERR $KUBE_LOGDIR $KUBE_LOG_LEVEL $KUBE_MASTER Restart=on-failure LimitNOFILE=65535 [Install] WantedBy=multi-user.target
vim /etc/kubernetes/proxy
KUBE_MASTER="--master=http://172.29.1.165:8080" KUBE_LOGTOSTDERR="--logtostderr=false" KUBE_LOGDIR="--log-dir=/var/log/kubenetes" KUBE_LOG_LEVEL="--v=2"
cp kube-proxy /usr/bin/ systemctl daemon-reload systemctl start kube-proxy.service systemctl status kube-proxy.service
四、验证
在master上查看组件状态:
cp kubectl /usr/bin/
kubectl get cs
在master上查看nodes,看nodes是否在master上注册
kubectl get nodes