kubeadm安装Kubernetes-1.6.1集群
系统环境:# cat /etc/centos-release
CentOS Linux release 7.3.1611 (Core)
关闭防火墙、selinux:
# systemctl disable firewalld
# systemctl stop firewalld
# vim /etc/sysconfig/selinux
……
SELINUX=disabled
……
# getenforce
Enforcing
# setenforce 0
# getenforce
Permissive
添加yum源:
# cat /etc/yum.repos.d/kubernetes.repo
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
yum install -y yum-utils
yum-config-manager \
--add-repo \
https://docs.docker.com/v1.13/engine/installation/linux/repo_files/centos/docker.repo
yum makecache fast
查看版本:
yum list docker-engine.x86_64--showduplicates |sort -r
docker-engine.x86_64 1.13.1-1.el7.centos docker-main
docker-engine.x86_64 1.12.6-1.el7.centos docker-main
docker-engine.x86_64 1.11.2-1.el7.centos docker-main
yum list kubeadm--showduplicates |sort -r
kubeadm.x86_64 1.6.1-0 kubernetes
kubeadm.x86_64 1.6.0-0 kubernetes
yum list kubelet--showduplicates |sort -r
kubelet.x86_64 1.6.1-0 kubernetes
kubelet.x86_64 1.6.0-0 kubernetes
kubelet.x86_64 1.5.4-0 kubernetes
yum list kubectl--showduplicates |sort -r
kubectl.x86_64 1.6.1-0 kubernetes
kubectl.x86_64 1.6.0-0 kubernetes
kubectl.x86_64 1.5.4-0 kubernetes
yum list kubernets-cni--showduplicates |sort -r
kubernetes-cni x86_64 0.5.1-0 kubernetes
系统配置:
根据官方文档中的Installing Kubernetes on Linux with kubeadm · Limitations小节中的内容,对各节点系统做如下设置:
创建/etc/sysctl.d/k8s.conf文件,添加如下内容:
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
执行sysctl -p /etc/sysctl.d/k8s.conf使修改生效。
安装软件包:
# yum -y install docker-engine-1.12.6
# yum -y install socat kubelet-1.6.1 kubeadm-1.6.1 kubectl-1.6.1 kubernetes-cni-0.5.1
# rpm -qa|grep kube
kubectl-1.6.1-0.x86_64
kubelet-1.6.1-0.x86_64
kubernetes-cni-0.5.1-0.x86_64
kubeadm-1.6.1-0.x86_64
启动docker:
# systemctl enable docker && systemctl start docker
下载Kubernetes-1.6.0所需镜像:
# docker pull quay.io/coreos/flannel:v0.7.1-amd64
# docker pull gcr.io/google_containers/kube-proxy-amd64:v1.6.1
# docker pull gcr.io/google_containers/kube-apiserver-amd64:v1.6.1
# docker pull gcr.io/google_containers/kube-scheduler-amd64:v1.6.1
# docker pull gcr.io/google_containers/kube-controller-manager-amd64:v1.6.1
# docker pull gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.1
# docker pull gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.1
# docker pull gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.1
# docker pull gcr.io/google_containers/etcd-amd64:3.0.17
# docker pull gcr.io/google_containers/pause-amd64:3.0
查看镜像:
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
quay.io/coreos/flannel v0.7.1-amd64 cd4ae0be5e1b 2 weeks ago 77.76 MB
gcr.io/google_containers/kube-proxy-amd64 v1.6.1 ec956fe05f2d 4 weeks ago 109.2 MB
gcr.io/google_containers/kube-apiserver-amd64 v1.6.1 1f685ed29076 4 weeks ago 150.5 MB
gcr.io/google_containers/kube-scheduler-amd64 v1.6.1 acfe393e96ba 4 weeks ago 76.75 MB
gcr.io/google_containers/kube-controller-manager-amd64 v1.6.1 591d6604f79b 4 weeks ago 132.7 MB
gcr.io/google_containers/k8s-dns-sidecar-amd64 1.14.1 fc5e302d8309 9 weeks ago 44.52 MB
gcr.io/google_containers/k8s-dns-kube-dns-amd64 1.14.1 f8363dbf447b 9 weeks ago 52.36 MB
gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64 1.14.1 1091847716ec 9 weeks ago 44.84 MB
gcr.io/google_containers/etcd-amd64 3.0.17 243830dae7dd 9 weeks ago 168.9 MB
gcr.io/google_containers/pause-amd64 3.0 99e59f495ffa 12 months ago 746.9 kB
启动kubelet:
# systemctl enable kubelet
# systemctl start kubelet
初始化master机器:
# kubeadm init --apiserver-advertise-address=172.16.20.99 --kubernetes-version=v1.6.1 --pod-network-cidr=10.244.0.0/16
参数解释:
--apiserver-advertise-address # API Server(master)IP地址
--kubernetes-version # 初始化安装的Kubernetes版本
--pod-network-cidr # 选择flannel作为Pod的网络插件,所以指定 10.244.0.0/16
使用kubectl 管理命令行:
为了使用kubectl访问apiserver,在~/.bash_profile中追加下面的环境变量:
# echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile# source ~/.bash_profile# kubectl get nodesNAME STATUS AGE VERSIONnode0 NotReady 3m v1.6.1
安装Pod的网络插件:
# kubectl create -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel-rbac.yml# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.ymlserviceaccount "flannel" createdconfigmap "kube-flannel-cfg" createddaemonset "kube-flannel-ds" created
PS:如果Node有多个网卡的话,参考flannel issues 39701,目前需要在kube-flannel.yml中使用--iface参数指定集群主机内网网卡的名称,否则可能会出现dns无法解析。需要将kube-flannel.yml下载到本地,flanneld启动参数加上--iface=<iface-name>使用kubectl get pod --all-namespaces -o wide确保所有的Pod都处于Running状态。 kubectl get pod --all-namespaces -o wide
使Master机器参与工作负载:
使用kubeadm初始化的集群,出于安全考虑Pod不会被调度到Master Node上,也就是说Master Node不参与工作负载。
这里搭建的是测试环境可以使用下面的命令使Master Node参与工作负载:
[*]kubectl taint nodes --all node-role.kubernetes.io/master-
测试DNS
建立测试容器:
# vim busybox.yaml
apiVersion: v1
kind: Pod
metadata:
name: busybox
namespace: default
spec:
containers:
- image: busybox
command:
- sleep
- "3600"
imagePullPolicy: IfNotPresent
name: busybox
restartPolicy: Always
# kubectl create -f busybox.yaml
pod "busybox" created
进入后执行nslookup kubernetes.default确认解析正常
# kubectl exec -ti busybox -- nslookup kubernetes.default
Server: 10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
Name: kubernetes.default
Address 1: 10.96.0.1 kubernetes.default.svc.cluster.local测试ok之后,删掉这个测试pod
# kubectl delete pod busybox
pod "busybox" deleted
查看Kubernetes集群token(小技巧):
# kubeadm token list
TOKEN TTL EXPIRES USAGES DESCRIPTION
22a850.15bb6e6da239c542 <forever> <never> authentication,signing The default bootstrap token generated by 'kubeadm init'.
页:
[1]