kubeadm安装k8s

环境

节点IP
master192.168.82.210
node1192.168.82.220
node2192.168.82.221

部署 kubernetes master

添加yum(翻墙机的私有yum)

wget -O /etc/yum.repos.d/k8s.repo http://192.168.82.200/k8s.repo
参考Centos建立私有yum源

安装k8s

yum install kubelet kubeadm kubectl kubernetes-cni

安装docker

curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/internet | sh -

systemctl enable docker
systemctl start docker

下载镜像 (通过翻墙机)

images=(kube-discovery-amd64:1.0 kube-scheduler-amd64:v1.5.0 kube-proxy-amd64:v1.5.0 kube-controller-manager-amd64:v1.5.0 kube-apiserver-amd64:v1.5.0 etcd-amd64:3.0.14-kubeadm pause-amd64:3.0 exechealthz-amd64:1.2  kubedns-amd64:1.9 kube-dnsmasq-amd64:1.4 dnsmasq-metrics-amd64:1.0)
for imageName in ${images[@]} ; do
  docker pull gcr.io/google_containers/$imageName
  docker tag   gcr.io/google_containers/$imageName 192.168.82.200:8080/tonychen/$imageName
  docker push 192.168.82.200:8080/tonychen/$imageName
done

参考私有docker register (Harbor)

启动 kubernetes

# 在启动kubelet之前我们需要先修改vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf,为kubelet添加一个额外的参数

// 这样kubelet就不会在启动pod的时候去墙外的k8s仓库拉取pause-amd64:3.0镜像了
--pod-infra-container-image=192.168.82.200:8080/tonychen/pause-amd64:3.0

Environment="KUBELET_INFRA_IMAGE=--pod-infra-container-image=192.168.82.200:8080/tonychen/pause-amd64:3.0"

ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_EXTRA_ARGS $KUBELET_INFRA_IMAGE

systemctl enable kubelet
systemctl start kubelet

创建集群

export KUBE_REPO_PREFIX=192.168.82.200:8080/tonychen \
         KUBE_DISCOVERY_IMAGE=192.168.82.200:8080/tonychen/kube-discovery-amd64:1.0 \
         KUBE_ETCD_IMAGE=192.168.82.200:8080/tonychen/etcd-amd64:3.0.14-kubeadm

kubeadm init --api-advertise-addresses=192.168.82.210 --pod-network-cidr=10.244.0.0/16  --use-kubernetes-version v1.5.0
# --pod-network-cidr=10.244.0.0/16  使用fannel网络必填

记录 token

Kubernetes master initialised successfully!

You can now join any number of machines by running the following on each node:

kubeadm join --token=87b67c.5a5f0dc807248c75 192.168.82.210

检查 kubelet 状态

systemctl status kubelet

部署 flannel 网络

#下载镜像(翻墙机)
docker pull quay.io/coreos/flannel-git:v0.6.1-28-g5dde68d-amd64
docker tag quay.io/coreos/flannel-git:v0.6.1-28-g5dde68d-amd64 192.168.82.200:8080/tonychen/flannel-git:v0.6.1-28-g5dde68d-amd64
docker push 192.168.82.200:8080/tonychen/flannel-git:v0.6.1-28-g5dde68d-amd64

wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

# 修改yml中的image地址为私有库中地址
# 记得修改kube-flannel.yml中的name值,不然会不通哦
cni-conf.json: |
    {
      "name": "cni0",# 下载来的是cbr0,要改成cni0
      "type": "flannel",
      "delegate": {
        "isDefaultGateway": true
      }
    }


kubectl create -f kube-flannel.yml

部署 kubernetes node

添加yum(翻墙机的私有yum)

wget -O /etc/yum.repos.d/k8s.repo http://192.168.82.200/k8s.repo

安装k8s

yum install kubelet kubeadm kubectl kubernetes-cni

启动kubelet

# 在启动kubelet之前我们需要先修改vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf,为kubelet添加一个额外的参数

// 这样kubelet就不会在启动pod的时候去墙外的k8s仓库拉取pause-amd64:3.0镜像了
--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0

Environment="KUBELET_INFRA_IMAGE=--pod-infra-container-image=192.168.82.200:8080/tonychen/pause-amd64:3.0"

ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_EXTRA_ARGS $KUBELET_INFRA_IMAGE

systemctl enable kubelet
systemctl start kubelet

安装docker

阿里云加速安装 

curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/internet | sh -

systemctl enable docker
systemctl start docker

加入集群

# 要等master的 kube-dns 是running状态再执行
kubeadm join --token=c8c211.1f5ecf51c2e676c0 192.168.82.210


Running pre-flight checks
WARNING: kubelet service is not enabled, please run 'systemctl enable kubelet.service'
<util/tokens> validating provided token
<node/discovery> created cluster info discovery client, requesting info from "http://192.168.82.210:9898/cluster-info/v1/?token-id=c8c211"
<node/discovery> cluster info object received, verifying signature using given token
<node/discovery> cluster info signature and contents are valid, will use API endpoints [https://192.168.82.210:6443]
<node/bootstrap> trying to connect to endpoint https://192.168.82.210:6443
<node/bootstrap> detected server version v1.5.0
<node/bootstrap> successfully established connection with endpoint https://192.168.82.210:6443
<node/csr> created API client to obtain unique certificate for this node, generating keys and certificate signing request
<node/csr> received signed certificate from the API server:
Issuer: CN=kubernetes | Subject: CN=system:node:node1.k8s | CA: false
Not before: 2016-12-14 06:20:00 +0000 UTC Not After: 2017-12-14 06:20:00 +0000 UTC
<node/csr> generating kubelet configuration
<util/kubeconfig> created "/etc/kubernetes/kubelet.conf"

Node join complete:
* Certificate signing request sent to master and response
  received.
* Kubelet informed of new secure connection details.

Run 'kubectl get nodes' on the master to see this machine join.

查看集群状态

# master上执行
[root@master ~]# kubectl get nodes
NAME         STATUS    AGE
master.k8s   Ready     1h
node1.k8s    Ready     1m

设置 kubernetes(master中执行)

其他主机控制集群

# 备份master节点的 配置文件

/etc/kubernetes/admin.conf

# 保存至 其他电脑, 通过执行配置文件控制集群

kubectl --kubeconfig ./admin.conf get nodes

配置dashboard

# 翻墙机下载image
docker pull gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.0
docker tag gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.0 192.168.82.200:8080/tonychen/kubernetes-dashboard-amd64:v1.5.0
docker push 192.168.82.200:8080/tonychen/kubernetes-dashboard-amd64:v1.5.0

#下载 yaml 文件, 直接导入会去官方拉取images
curl -O https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml

#编辑 yaml 改一下 imagePullPolicy,把 Always 改成 IfNotPresent(本地没有再去拉取) 或者 Never(从不去拉取) 即可

# 修改image为私有库地址

kubectl create -f ./kubernetes-dashboard.yaml

deployment "kubernetes-dashboard" created
service "kubernetes-dashboard" created

# 查看 NodePort ,既外网访问端口

kubectl describe svc kubernetes-dashboard --namespace=kube-system

NodePort:               <unset> 30609/TCP

# 访问 dashboard

http://192.168.82.210:30609/

参考资料:

  1. https://mritd.me/2016/10/29/set-up-kubernetes-cluster-by-kubeadm/
  2. http://www.xf80.com/2016/10/31/kubernetes-update-1.4.5/#hostname
# kubernetes # docker
Logo
Cloudpods

开源、云原生的融合云平台

更多推荐

面向未来的 IT 基础设施管理架构——融合云(Unified IaaS)

随着数字化时代的到来,IT系统已成为人类社会正常运转不可或缺的组成部分。不远的未来,智能制造,5G和人工智能等技术将成为推动生产力发展的重要引擎,人类社会将面临前所未有的全面彻底的数字化浪潮。IT基础设施作为IT系统运行的平台和载体,是实现数字化的基石。在这场数字化浪潮中,企业必须积极拥抱云计算技术,采用符合技术发展趋势、面向未来的IT基础构架,才能在未来的竞争中赢得先机。 一、云计算历经十余年

avatar Cloudpods

Cloudpods负载均衡的功能介绍

作者:周有松 今天的内容会从以下几个方面展开: 负载均衡产品简介。主要介绍负载均衡作为一个云上产品,它的功能模型是怎样的,日常使用中会遇到的业务词汇负载均衡的功能与典型应用场景。这部分主要结合业务词汇,对负载均衡服务中常见的一些功能选项进行介绍,并举例介绍一些典型的应用场景最后,我们做一下总结,讨论一下负载均衡产品相比传统方式的优点 一、产品简介​ 1. 以NGINX为例​ 提到负载均衡,我们以

avatar Cloudpods

使用Linux vfio将Nvidia GPU透传给QEMU虚拟机

Linux 上虚拟机 GPU 透传需要使用 vfio 的方式。主要是因为在 vfio 方式下对虚拟设备的权限和 DMA 隔离上做的更好。但是这么做也有个缺点,这个物理设备在主机和其他虚拟机都不能使用了。 qemu 直接使用物理设备本身命令行是很简单的,关键在于事先在主机上对系统、内核和物理设备的一些配置。 单纯从 qemu 的命令行来看,其实和普通虚拟机启动就差了最后那个-device的选项。这

avatar Cloudpods