Kubernetes的安装有两种方式:一是使用各个厂商封装的Kubernetes发行版,优点是可以一键安装部署,操作简单,缺点也很明显,若安装过程中某一步骤出现问题,很难定位处理;二是使用官方提供的kubeadm安装,优点是在安装过程中能熟悉各个组件的基本功能和命令,便于之后深入理解Kubernetes,缺点是安装步骤相对复杂。本文采用第二种,使用kubeadm安装目前最新版本v1.18.5,考虑到做为入门的学习调研,搭建了单Master的Kubernates集群,若要应用于生产环境,则需要安装多Master的高可用集群。
网上有很多关于Kubernetes的安装文档,这些文档大部分需要安装特别多的组件,而其中有些组件不是必须的,不利于初学者的学习和理解。Kubernetes官方的安装文档比较精简,但是安装步骤比较零散,且有些Docker容器需要科学*上网才能下载。本文档主要参考官网的安装步骤,力求只安装必要组件的同时,也补全官网安装步骤中介绍的比较粗略的部分,希望能给Kubernetes初学者提供一些参考,少走弯路。下面开始安装~~~
1. 环境准备 (master和work节点均需操作)
关闭swap分区
- 临时关闭swap
swapoff -a
- 永久关闭swap
vim /etc/fstab
注释掉自动挂载swap分区那行
禁用防火墙和selinux [1]
- 禁用防火墙
systemctl stop firewalld && systemctl disable firewalld
- 禁用selinux
#临时修改
setenforce 0
#永久修改,重启服务器后生效
sed -i 's/enforcing/disabled/' /etc/selinux/config
设置CRI 运行时的必要参数(docker运行会依赖这些参数)
- 设置必需的sysctl参数,这些参数在重新启动后仍然存在
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sysctl --system
安装Docker [2]
- 安装必要的包
yum -y install yum-utils device-mapper-persistent-data lvm2
- 添加阿里云yum源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
- 查看可用版本
yum list docker-ce --showduplicates | sort -r
- 安装Docker CE
yum -y install docker-ce-19.03.4-3.el7 docker-ce-cli-19.03.4
- 创建 /etc/docker 目录
mkdir /etc/docker
- 设置deamon 并配置阿里云镜像加速
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"registry-mirrors": ["https://gqk8w9va.mirror.aliyuncs.com"]
}
EOF
mkdir -p /etc/systemd/system/docker.service.d
- 软链docker数据目录(考虑到/var挂载的磁盘存储空间一般比较小,存储docker镜像容易把磁盘打满)
mkdir /data0/docker
ln -s /data0/docker /var/lib/docker
- 启动docker并设置开机自启动
systemctl daemon-reload
systemctl start docker
systemctl enable docker
- 查看阿里云镜像加速和版本
docker info
docker version
安装kubeadm [3]
- 配置kubernetes仓库,使用阿里云yum源(官网配置的仓库地址,需科学*上网才能下载)
cat >/etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
- 安装v1.18.5版本的kubeadm、kubelet、kubectl
yum -y install kubelet-1.18.5-0 kubeadm-1.18.5-0 kubectl-1.18.5-0
kubeadm version
- 设置kubelet开机自启动
systemctl enable kubelet
2. 使用kubeadm创建单master集群
初始化master节点
- 配置kubeadm配置文件,针对不同版本的k8s注意修改相应版本号
cat <<EOF > ./kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v1.18.5
imageRepository: k8s.gcr.io
#master地址
controlPlaneEndpoint: "10.13.1.2:6443"
networking:
serviceSubnet: "10.96.0.0/16"
#k8s容器组所在的网段
podSubnet: "10.20.0.1/16"
dnsDomain: "cluster.local"
EOF
- 下载k8s所需镜像,由于国内连不上https://k8s.gcr.io/v2/, 因此需要先在dockerhub下载相关镜像,在修改对应tag [4]
cat <<EOF > pull_k8s_images.sh
set -o errexit
set -o nounset
set -o pipefail
##这里定义版本
KUBE_VERSION=v1.18.5
KUBE_PAUSE_VERSION=3.2
ETCD_VERSION=3.4.3-0
DNS_VERSION=1.6.7
GCR_URL=k8s.gcr.io
##这里就是写你要使用的仓库
DOCKERHUB_URL=gotok8s
##这里是镜像列表
images=(
kube-proxy:${KUBE_VERSION}
kube-scheduler:${KUBE_VERSION}
kube-controller-manager:${KUBE_VERSION}
kube-apiserver:${KUBE_VERSION}
pause:${KUBE_PAUSE_VERSION}
etcd:${ETCD_VERSION}
coredns:${DNS_VERSION}
)
##这里是拉取和改名的循环语句
for imageName in ${images[@]} ; do
docker pull $DOCKERHUB_URL/$imageName
docker tag $DOCKERHUB_URL/$imageName $GCR_URL/$imageName
docker rmi $DOCKERHUB_URL/$imageName
done
EOF
chmod +x ./pull_k8s_images.sh
sh pull_k8s_images.sh
- 执行初始化操作
kubeadm init --config=kubeadm-config.yaml
- 初始化完成后的控制台输出
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of control-plane nodes by copying certificate authorities
and service account keys on each node and then running the following as root:
kubeadm join 10.13.1.2:6443 --token e9j0mj.l7vmkwisjk8kwuno
--discovery-token-ca-cert-hash sha256:a594e62b65f41eb4e3e92238b9c6cd8451c411a57efecf6d192be8c649a96606
--control-plane
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.13.1.2:6443 --token e9j0mj.l7vmkwisjk8kwuno
--discovery-token-ca-cert-hash sha256:a594e62b65f41eb4e3e92238b9c6cd8451c411a57efecf6d192be8c649a96606
- 拷贝kubeconfig文件
mkdir -p /root/.kube
cp -i /etc/kubernetes/admin.conf /root/.kube/config
- 安装网络插件calio
//下载文件
wget https://docs.projectcalico.org/v3.8/manifests/calico.yaml
//安装calico网络插件
kubectl apply -f calico.yaml
worker节点加入集群
-
下载k8s所需镜像,参考master节点下载k8s镜像步骤
-
worker节点加入集群
kubeadm join 10.13.1.2:6443 --token e9j0mj.l7vmkwisjk8kwuno
--discovery-token-ca-cert-hash sha256:a594e62b65f41eb4e3e92238b9c6cd8451c411a57efecf6d192be8c649a96606
验证集群状态(master节点)
//安装完成后稍等一会查看pods状态
kubectl get pods -n kube-system
//查看node状态
kubectl get nodes
#output
NAME STATUS ROLES AGE VERSION
10.13.1.3 Ready <none> 3m12s v1.18.5
10.13.1.2 Ready master 27m v1.18.5
若发现master和worker节点状态均为Ready,说明安装完成啦!
故障排查
- 若观察到某一个pod状态不正常,可通过查看该pod的详细信息进行问题定位
kubectl describe pod <pod-name>
删除集群
// 删除deployment
kubectl get deployment -o wide
kubectl delete deployment deployment_name
// 删除pod
kubectl get pods
kubectl delete pods --all
// 删除节点
kubectl drain <node_name>
kubectl delete node <node_name>
// 重置集群
kubeadm reset
3. 参考资料
1. https://kubesphere.com.cn/forum/d/1272-kubeadm-k8s-kubesphere-2-1-1 手把手教程:Kubeadm 安装 k8s 后安装 kubesphere 2.1.1
2. https://kubernetes.io/zh/docs/setup/production-environment/container-runtimes/ 官网文档——容器运行时
3. https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#k8s-install-1 官网文档——安装 kubeadm
4. https://blog.csdn.net/weixin_43168190/article/details/107227626 k8s拉取镜像失败最简单最快最完美解决方法 [ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-apiserver
5. https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/ Creating a single control-plane cluster with kubeadm