基于kubernetes构建Docker集群管理详解
一、环境部署1、平台版本说明
1)Centos7.0 OS
2)Kubernetes V0.6.2
3)etcd version 0.4.6
4)Docker version 1.3.2
2、平台环境说明
192.168.1.20kubernetes etcd
192.168.1.21
3、环境安装
1)系统初始化工作(所有主机)
系统安装-选择[最小化安装]
# yum -y install wget ntpdate bind-utils
# wget http://mirror.centos.org/centos/7/extras/x86_64/Packages/epel-release-7-6.noarch.rpm
# yum update
CentOS 7.0默认使用的是firewall作为防火墙,这里改为iptables防火墙(熟悉度更高,非必须)。
1.1、关闭firewall:
# systemctl stop firewalld.service #停止firewall
# systemctl disable firewalld.service #禁止firewall开机启动
1.2、安装iptables防火墙
# yum install iptables-services #安装
# systemctl start iptables.service #最后重启防火墙使配置生效
# systemctl enable iptables.service #设置防火墙开机启动
2)安装Etcd(192.168.1.20主机)
# mkdir -p /home/install && cd /home/install
# wget https://github.com/coreos/etcd/releases/download/v0.4.6/etcd-v0.4.6-linux-amd64.tar.gz
# tar -zxvf etcd-v0.4.6-linux-amd64.tar.gz
# cd etcd-v0.4.6-linux-amd64
# cp etcd* /bin/
# /bin/etcd -version
etcd version 0.4.6
启动服务etcd服务,如有提供第三方管理需求,另需在启动参数中添加“-cors='*'”参数。
# mkdir -p /data/etcd
# /bin/etcd -name etcdserver -peer-addr 192.168.1.20:7001 -addr 192.168.1.20:4001 -data-dir /data/etcd -peer-bind-addr 0.0.0.0:7001 -bind-addr 0.0.0.0:4001 &
配置etcd服务防火墙,其中4001为服务端口,7001为集群数据交互端口。
# iptables -I INPUT -s 192.168.1.0/24 -p tcp --dport 4001 -j ACCEPT
# iptables -I INPUT -s 192.168.1.0/24 -p tcp --dport 7001 -j ACCEPT
3)安装Kubernetes(涉及所有Master、Minion主机)
通过yum源方式安装,默认将安装etcd, docker, and cadvisor相关包。
#cd/etc/yum.repos.d/
#wget http://mirrors.aliyun.com/repo/Centos-7.repo
#yum -y install kubernetes
4)Kubernetes配置(仅Master主机)
master运行三个组件,包括apiserver、scheduler、controller-manager,相关配置项也只涉及这三块。
4.1、【/etc/kubernetes/config】
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"
# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://127.0.0.1:8080"
# Comma seperated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd_servers=http://192.168.1.20:4001"
4.2、【/etc/kubernetes/apiserver】
# The address on the local server to listen to.
KUBE_API_ADDRESS="--address=0.0.0.0"
# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"
# How the replication controller and scheduler find the kube-apiserver
KUBE_MASTER="--master=192.168.1.20:8080"
# Port minions listen on
KUBELET_PORT="--kubelet-port=10250"
# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://127.0.0.1:2379"
# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
# default admission control policies
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
# Add your own!
KUBE_API_ARGS=""
4.3、【/etc/kubernetes/controller-manager】
# Comma seperated list of minions
KUBELET_ADDRESSES="--machines= 192.168.1.21,192.168.1.100"
# Add your own!
KUBE_CONTROLLER_MANAGER_ARGS=""
4.4、【/etc/kubernetes/scheduler】
# Add your own!
KUBE_SCHEDULER_ARGS=""
启动master侧相关服务
# systemctl daemon-reload
# systemctl start kube-apiserver.service kube-controller-manager.service kube-scheduler.service
# systemctl enable kube-apiserver.service kube-controller-manager.service kube-scheduler.service
页:
[1]