Peter绿水原无忧,因风皱面;青山本不老,为雪白头
2台机器,1台为Master,1台为Node修改Host Master为dmaster,Node为dslave
安装K8s and Etcd
在Master机器上安装
yum install etcd
yum install kubernetes
Node机器只需要
yum install kubernetes
安装k8s会自动安装docker,目前版本是1.8
配置K8s
Etcd默认的监听端口是4001,在这里修改
vim /etc/etcd/etcd.conf
修改Master机器K8s配置
1. apiserver配置
vim /etc/kubernetes/apiserver
###
# kubernetes system config
#
# The following values are used to configure the kube
-apiserver
#
# The address on the local server to listen to.
KUBE_API_ADDRESS
="--address=0.0.0.0"
# The port on the local server to listen on.
KUBE_API_PORT
="--port=8080"
# Port minions listen on
KUBELET_PORT
="--kubelet_port=10250"
# Comma separated list of nodes
in the etcd cluster
KUBE_ETCD_SERVERS
="--etcd_servers=http://127.0.0.1:4001"
# Address range to use
for services
KUBE_SERVICE_ADDRESSES
="--service-cluster-ip-range=10.254.0.0/16"
# default admission control policies
KUBE_ADMISSION_CONTROL
="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
# Add your own
!
KUBE_API_ARGS
="--secure-port=0"
2.K8s配置
vim /etc/kubernetes/config
# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
# kube
-apiserver.service
# kube
-controller-manager.service
# kube
-scheduler.service
# kubelet.service
# kube
-proxy.service
# logging to stderr means we get it
in the systemd journal
KUBE_LOGTOSTDERR
="--logtostderr=true"
# journal message level,
0 is debug
KUBE_LOG_LEVEL
="--v=0"
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV
="--allow_privileged=false"
# How the controller
-manager, scheduler, and proxy find the apiserver
KUBE_MASTER
="--master=http://dmaster:8080"
KUBE_ETCD_SERVERS
="--etcd-servers=http://dmaster:4001"
3.启动服务
systemctl enable etcd kube-apiserver kube-controller-manager kube-scheduler
systemctl restart etcd kube-apiserver kube-controller-manager kube-scheduler
systemctl status etcd kube-apiserver kube-controller-manager kube-scheduler
修改Node机器配置
1. K8s配置
vim /etc/kubernetes/kubelet
# kubernetes kubelet (minion) config
# The address
for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS
="--address=127.0.0.1"
# The port
for the info server to serve on
KUBELET_PORT
="--port=10250"
# You may leave this blank to use the actual
hostname
KUBELET_HOSTNAME
="--hostname_override=dslave"
# location of the api
-server
KUBELET_API_SERVER
="--api_servers=http://dmaster:8080"
# Add your own
!
KUBELET_ARGS
=""
2. 启动服务
systemctl enable kube-proxy kubeletdocker
systemctl restart kube-proxy kubeletdocker
systemctl status kube-proxy kubeletdocker
新增Pod
1. 在Master机器查看Node状态
# kubectl get nodes
NAME LABELS STATUS
dslave kubernetes.io
/hostname=dslave Ready
2. 新建Pod资源文件
apiVersion: v1
kind: Pod
metadata:
name: mysql
labels:
name: mysql
spec:
containers:
- resources:
limits :
cpu:
0.5
image: mysql
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
# change this
value: rootpwd
ports:
- containerPort: 3306
name: mysql
volumeMounts:
# name must match the volume name below
- name: mysql-persistent-storage
#
mount path within the container
mountPath:
/var/lib/mysql
volumes:
- name: mysql-persistent-storage
cinder:
volumeID: bd82f7e2
-wece-4c01-a505-4acf60b07f4a
fsType: ext4
3. 导入资源
kubectl create -f mysql.yaml
4. 查看资源状态
# kubectl get pods
NAME READY STATUS RESTARTS AGE
mysql
1/1 Running 0 1h
这里已经部署在运行了,所以是Running。Status开始是Ready。
5. 查看日志
Master机器日志
tail -f /var/log/messages | grep kube
Dec 11 09:54:11 192 kube-scheduler: I1211 09:54:11.380994 20445 event.go:203] Event(api.ObjectReference{Kind:"Pod", Namespace:"default", Name:"mysql", UID:"2f192467-a030-11e5-8a55-000c298cfaa1", APIVersion:"v1", ResourceVersion:"3522", FieldPath:""}): reason: 'scheduled' Successfully assigned mysql to dslave
在部署Pod时,在Node机器日志中报错
Dec 11 09:30:22 dslave kubelet: E1211 09:30:22.745867 99650 manager.go:1557] Failed to create pod infra container: image pull failed for gcr.io/google_containers/pause:0.8.0, this may be because there are no credentials on this request.details: (Network timed out while trying to connect to http://gcr.io/v1/repositories/google_containers/pause/images. You may want to check your internet connection or if you are behind a proxy.); Skipping pod "mysql_default"
Dec 11 09:30:22 dslave kubelet: E1211 09:30:22.955470 99650 pod_workers.go:111] Error syncing pod bcbb3b8a-a02a-11e5-8a55-000c298cfaa1, skipping: image pull failed for gcr.io/google_containers/pause:0.8.0, this may be because there are no credentials on this request.details: (Network timed out while trying to connect to http://gcr.io/v1/repositories/google_containers/pause/images. You may want to check your internet connection or if you are behind a proxy.)
Google被墙了,下载资源包到本地
http://www.sunmite.com/linux/installing-kubernetes-cluster-on-centos7-to-manage-pods-and-services/attachment/pause-0-8-0/
在Node节点导入
docker load --input pause-0.8.0.tar
这是一个容器,负责Pod内部的网络
还有一个问题是权限的问题
no API token found for service account default/default, retry after the token is automatically created and added to the service account
这样即可解决
#vim /etc/kubernetes/apiserver
KUBE_ADMISSION_CONTROL
="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
#systemctl restart kube
-apiserver.service
页:
[1]