kubeadm部署k8s-1.9

kubeadm部署k8s-1.9

环境:

centos 7.4

docker 1.12.6

etcd 3.2.7

k8s 1.9.0

注意各组件版本

https://github.com/kubernetes/kubeadm/blob/master/docs/design/design_v1.9.md

quay.io/calico/node:v2.6.5

quay.io/calico/kube-controllers:v1.0.2

quay.io/calico/cni:v1.11.2

gcr.io/google_containers/hyperkube-amd64:v1.9.0

gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.7

gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.7

gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.7

一.安装kubeadm(master-node,worker-node)

cat <<EOF > /etc/yum.repos.d/kubernetes.repo

[kubernetes]

name=Kubernetes

baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64

enabled=1

gpgcheck=1

repo_gpgcheck=1

gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

EOF

yum -y install kubeadm

cat > /etc/systemd/system/kubelet.service.d/20-pod-infra-image.conf <<EOF

[Service]

Environment="KUBELET_EXTRA_ARGS=--pod-infra-container-image=192.168.130.1:5000/google_containers/pause-amd64:3.0

--fail-swap-on=false"

EOF

systemctl daemon-reload

systemctl enable kubelet

swapoff -a

cat <<EOF >  /etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

EOF

sysctl --system

二.kubeadm init(master-node)

https://github.com/kubernetes/kubeadm/issues/613

cri-tools目前还处于alpha版，kubeadm init过程中的WARNING可以忽略

k8s_version=v1.9.0

cat >kubeadm.yaml <<EOF

apiVersion: kubeadm.k8s.io/v1alpha1

kind: MasterConfiguration

api:

  advertiseAddress: 0.0.0.0

etcd:

  endpoints:

  - http://192.168.130.11:2379

  - http://192.168.130.12:2379

  - http://192.168.130.13:2379

networking:

  dnsDomain: cluster.local

  serviceSubnet: 10.96.0.0/12

  podSubnet: 10.244.0.0/16

kubernetesVersion: $k8s_version

imageRepository: 192.168.130.1:5000/google_containers

unifiedControlPlaneImage: 192.168.130.1:5000/google_containers/hyperkube-amd64:$k8s_version

EOF

kubeadm init --config kubeadm.yaml

三.kubeadm join(worker-node)

kubeadm join --token 112e43.c377ac6a880a3a28 192.168.130.11:6443 --discovery-token-ca-cert-hash sha256:b3ff811bf01b2b8859a1951c8dc999c2948d8ee073a88ba0fcf544587b061efd

可以看到，网络没好之前，非hostNetwork容器，如kube-dns，因无法拿到ip而处于Pending状态。

四.网络

kubectl apply -f https://docs.projectcalico.org/v2.6/getting-started/kubernetes/installation/rbac.yaml

curl https://docs.projectcalico.org/v2.6/getting-started/kubernetes/installation/hosted/calico.yaml -o calico.yaml

calico.yaml最简只需修改etcd_endpoints, CALICO_IPV4POOL_CIDR与各自环境匹配即可。

calico容器成功运行后，会在worker节点上自动创建/etc/cni/net.d, /opt/cni/{calico,calico-ipam}

kubectl apply -f calico.yaml

网络起来后，kube-dns成功启动，并且worker-node状态也变为了Ready状态

dashboard等其它内容，请参看kubeadm部署k8s-1.7.4

补充:

coredns

CoreDNS可以直接替换Kubernetes 1.9 中的kube-dns(k8s-dns-sidecar,k8s-dns-kube-dns,k8s-dns-dnsmasq-nanny)

目前的版本为coredns/coredns:1.0.0

有两种方式可以指定kubeadm来使用coredns

1. 配置文件

cat >kubeadm.yaml <<EOF

apiVersion: kubeadm.k8s.io/v1alpha1

kind: MasterConfiguration

api:

  advertiseAddress: 0.0.0.0

etcd:

  endpoints:

  - http://192.168.130.11:2379

  - http://192.168.130.12:2379

  - http://192.168.130.13:2379

networking:

  dnsDomain: cluster.local

  serviceSubnet: 10.96.0.0/12

  podSubnet: 10.244.0.0/16

kubernetesVersion: $k8s_version

imageRepository: 192.168.130.1:5000/google_containers

unifiedControlPlaneImage: 192.168.130.1:5000/google_containers/hyperkube-amd64:$k8s_version

featureGates:

  CoreDNS: true 

EOF

2.传参

kubeadm init --feature-gates=CoreDNS=true ...