192.168.251.9 master
192.168.251.231 node
建议可以搭建etcd集群来做数据库存储,并搭建kube-dns,然后把k8s的日志落地到/var/log/kubernetes目录
1.关闭防火墙
查看防火墙状态firewalld systemctl status firewalld.service 关闭防火墙 systemctl stop firewalld.service systemctl disable firewalld.service 安全设置 setenforce 0 关闭Selinux /etc/selinux/config SELINUX=disabled 查看iptables systemctl status iptables.service systemctl stop iptables.service 设置主机名 hostnamectl k8s-1 hostnamectl k8s-2 设置ntp yum -y install ntp systemctl start ntpd systemctl enable ntpd reboot重启机器
2.加入yum源
cd /etc/yum.repos.d wget http://mirrors.163.com/.help/CentOS7-Base-163.repo wget http://mirrors.aliyun.com/repo/Centos-7.repo rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm
3.安装
master 需要安装 kubernetes-master etcd flannel docker
node需要安装 kubernetes-node flannel docker
4.安装master
yum install docker libdevmapper* ntp etcd flannel kubernetes-master -y
(1)配置 etcd
所有的etcd都统一配置
cat /etc/etcd/etcd.conf ETCD_NAME=default ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.163.148:2379" //masterIP端口
(2)配置apiserver
/etc/kubernetes/apiserver KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.251.9:2379" KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=192.168.0.0/16"
(3)配置controller-manager
/etc/kubernetes/controller-manager KUBE_CONTROLLER_MANAGER_ARGS="--node-monitor-grace-period=10s --pod-eviction-timeout=10s"
(4)配置config
/etc/kubernetes/config KUBE_MASTER="--master=http://192.168.251.9:8080"
启动 注意先启动kubernetes,再启动docker
systemctl enable docker systemctl restart flanneld docker systemctl enable etcd kube-apiserver kube-scheduler kube-controller-manager systemctl start etcd kube-apiserver kube-scheduler kube-controller-manager systemctl stop etcd kube-apiserver kube-scheduler kube-controller-manager
5.node安装
yum -y install docker kubernetes-node flannel systemctl start docker systemctl enable docker
(1)修改kube-node
[root@localhost ~]# vi /etc/kubernetes/config KUBE_LOGTOSTDERR="--logtostderr=true" # journal message level, 0 is debug KUBE_LOG_LEVEL="--v=0" # Should this cluster be allowed to run privileged docker containers KUBE_ALLOW_PRIV="--allow-privileged=false" # How the controller-manager, scheduler, and proxy find the apiserver #KUBE_MASTER="--master=http://127.0.0.1:8080" KUBE_MASTER="--master=http://192.168.251.9:8080"
(2)配置kubelet
[root@localhost ~]# vi /etc/kubernetes/kubelet ### # kubernetes kubelet (minion) config # The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) KUBELET_ADDRESS="--address=127.0.0.1" # The port for the info server to serve on # KUBELET_PORT="--port=10250" # You may leave this blank to use the actual hostname KUBELET_HOSTNAME="--hostname-override=192.168.251.231" # location of the api-server KUBELET_API_SERVER="--api-servers=http://192.168.251.9:8080" # pod infrastructure container KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest" # Add your own! #KUBELET_ARGS="" KUBELET_ARGS="--pod-infra-container-image=kubernetes/pause"
(3)配置flanneld
/etc/sysconfig/flanneld FLANNEL_ETCD_ENDPOINTS="http://192.168.251.9:2379" FLANNEL_ETCD_PREFIX="/coreos.com/network"
(4) 启动服务
systemctl restart flanneld docker systemctl start kubelet kube-proxy systemctl enable flanneld kubelet kube-proxy docker
(5)在master上验证服务.
# kubectl get nodes ## 获取k8s客户端
registry.alauda.cn/googlecontainer/kubernetes-dashboard-amd64
6.在master上安装web ui kubernetes-dashboard:
cd /opt/docker wget https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml 获取 kubernetes-dashboard.yaml文件 修改, 将google的替换本地的镜像 image: docker.io/ist0ne/kubernetes-dashboard-amd64 不要去google拉取镜像 imagePullPolicy: IfNotPresent 配置apiserver的ip和端口 - --apiserver-host=http://192.168.251.9:8080 修改完成后上传至master 运行 kubectl create -f kubernetes-dashboard.yaml 验证 # kubectl get pods --namespace=kube-system NAME READY STATUS RESTARTS AGE kubernetes-dashboard-747085828-0r767 0/1 ContainerCreating 0 33s 查看该容器的详细过程: # kubectl describe pods kubernetes-dashboard-747085828-0r767 --namespace=kube-system Name: kubernetes-dashboard-747085828-0r767 Namespace: kube-system Node: 192.168.251.231/192.168.251.231 Start Time: Thu, 02 Mar 2017 14:51:55 +0800 Labels: app=kubernetes-dashboard pod-template-hash=747085828 Status: Running IP: 172.17.40.2 Controllers: ReplicaSet/kubernetes-dashboard-747085828 Containers: kubernetes-dashboard: Container ID: docker://5ac9c56ae81ceb37dae1c15e9a0d5b4d87cea5556c9cd92f5e667ac4659d815a Image: docker.io/ist0ne/kubernetes-dashboard-amd64 Image ID: docker-pullable://docker.io/ist0ne/kubernetes-dashboard-amd64@sha256:faf7362425df7c542c65280ae15f2ba8e56a188d6999f4870b6821bb3ef5c637 Port: 9090/TCP Args: --apiserver-host=http://192.168.251.9:8080 State: Running Started: Thu, 02 Mar 2017 14:52:39 +0800 Ready: True Restart Count: 0 Liveness: http-get http://:9090/ delay=30s timeout=30s period=10s #success=1 #failure=3 Volume Mounts: <none> Environment Variables: <none> Conditions: Type Status Initialized True Ready True PodScheduled True No volumes. QoS Class: BestEffort Tolerations: dedicated=master:Equal:NoSchedule Events: FirstSeen LastSeen Count From SubobjectPath Type Reason Message --------- -------- ----- ---- ------------- -------- ------ ------- 2m 2m 1 {default-scheduler } Normal Scheduled Successfully assigned kubernetes-dashboard-747085828-0r767 to 192.168.251.231 <invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Pulling pulling image "docker.io/ist0ne/kubernetes-dashboard-amd64" <invalid> <invalid> 2 {kubelet 192.168.251.231} Warning MissingClusterDNS kubelet does not have ClusterDNS IP configured and cannot create Pod using "ClusterFirst" policy. Falling back to DNSDefault policy. <invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Pulled Successfully pulled image "docker.io/ist0ne/kubernetes-dashboard-amd64" <invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Created Created container with docker id 5ac9c56ae81c; Security:[seccomp=unconfined] <invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Started Started container with docker id 5ac9c56ae81c
当有多个node,可以用该命令中看到容器被分配到哪个node上,启动后分配的ip地址等信息.
如果在结果中看到"State: Running"时,请移步到node查看容器运行状态,应该也是up的状态.
此时可以通过http://kube-apiserver:port/ui访问
http://192.168.251.9:8080/ui
7.监控之Docker监控——cadvisor k8s自带的单机版监控,每个node都有界面,
http://192.168.251.9:4194 http://192.168.251.231:4194/containers/ api接口 http://192.168.251.9:8080/swaager-ui
8. 注意点&遇到的问题:
1). 注意服务的启动顺序,特别是master,在确保etcd启动的情况下,先启动apiserver
2). 注意yaml文件的格式缩进.
3). 如果发现刚创建的pod的status是depening,原因可能有几点:其一,客户端配置有listen 127.0.0.1的服务,master无法与其建立连接;其二,环境初始化没有做好;其三,移步node,使用docker logs 查看日志
4). kubernetes-dashboard.yaml文件中的containers images地址目前为公开的,09月30日会关闭.
5). 如果自己有国外vps,可在服务器上创建docker registry;先pull下google的k8s dashboard,然后push到自己的registry,自己修改下yaml中的image即可.
9.参考文档:
https://kubernetes.io/docs/tutorials/
http://blog.csdn.net/dream_broken/article/details/52954069
http://blog.csdn.net/swcj/article/details/54969234
http://www.jb51.net/article/94343.htm
http://www.cnblogs.com/softlin/p/5675890.html
http://blog.csdn.net/freewebsys/article/details/52685592