centos7 安装kubernetes1.4

butter7372

　　192.168.251.9 master
192.168.251.231  node
　　建议可以搭建etcd集群来做数据库存储，并搭建kube-dns，然后把k8s的日志落地到/var/log/kubernetes目录
　　1.关闭防火墙



查看防火墙状态firewalld
systemctl status firewalld.service
关闭防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service
安全设置
setenforce 0
关闭Selinux
/etc/selinux/config
SELINUX=disabled

查看iptables
systemctl status iptables.service
systemctl stop iptables.service

设置主机名
hostnamectl k8s-1
hostnamectl k8s-2


设置ntp
yum -y install ntp
systemctl start ntpd
systemctl enable ntpd
reboot重启机器
　　2.加入yum源



cd /etc/yum.repos.d
wget http://mirrors.163.com/.help/CentOS7-Base-163.repo
wget http://mirrors.aliyun.com/repo/Centos-7.repo

rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm
　　3.安装
　　master 需要安装 kubernetes-master etcd flannel docker
node需要安装 kubernetes-node flannel docker
　　
4.安装master



yum install docker libdevmapper* ntp etcd flannel kubernetes-master -y
　　(1)配置 etcd
所有的etcd都统一配置



cat /etc/etcd/etcd.conf
ETCD_NAME=default
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.163.148:2379" //masterIP端口
　　
(2)配置apiserver



/etc/kubernetes/apiserver
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.251.9:2379"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=192.168.0.0/16"
　　
(3)配置controller-manager



/etc/kubernetes/controller-manager
KUBE_CONTROLLER_MANAGER_ARGS="--node-monitor-grace-period=10s --pod-eviction-timeout=10s"
　　
(4)配置config



/etc/kubernetes/config
KUBE_MASTER="--master=http://192.168.251.9:8080"
　　启动 注意先启动kubernetes，再启动docker



systemctl enable docker
systemctl restart flanneld docker
systemctl enable etcd kube-apiserver kube-scheduler kube-controller-manager
systemctl start etcd kube-apiserver kube-scheduler kube-controller-manager

systemctl stop etcd kube-apiserver kube-scheduler kube-controller-manager
　　
5.node安装



yum -y install docker kubernetes-node flannel
systemctl start docker
systemctl enable docker
　　(1)修改kube-node



[iyunv@localhost ~]# vi /etc/kubernetes/config
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"
# How the controller-manager, scheduler, and proxy find the apiserver
#KUBE_MASTER="--master=http://127.0.0.1:8080"
KUBE_MASTER="--master=http://192.168.251.9:8080"
　　(2)配置kubelet



[iyunv@localhost ~]# vi /etc/kubernetes/kubelet
###
# kubernetes kubelet (minion) config
# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=127.0.0.1"
# The port for the info server to serve on
# KUBELET_PORT="--port=10250"
# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=192.168.251.231"
# location of the api-server
KUBELET_API_SERVER="--api-servers=http://192.168.251.9:8080"
# pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
# Add your own!
#KUBELET_ARGS=""
KUBELET_ARGS="--pod-infra-container-image=kubernetes/pause"
　　
(3)配置flanneld



/etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.251.9:2379"
FLANNEL_ETCD_PREFIX="/coreos.com/network"
　　
(4) 启动服务



systemctl restart flanneld docker
systemctl start kubelet kube-proxy
systemctl enable flanneld kubelet kube-proxy docker
　　
(5)在master上验证服务.



# kubectl get nodes ## 获取k8s客户端

registry.alauda.cn/googlecontainer/kubernetes-dashboard-amd64
　　6.在master上安装web ui kubernetes-dashboard：



cd /opt/docker
wget https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml

获取 kubernetes-dashboard.yaml文件 修改，
将google的替换本地的镜像
image: docker.io/ist0ne/kubernetes-dashboard-amd64
不要去google拉取镜像
imagePullPolicy: IfNotPresent
配置apiserver的ip和端口
- --apiserver-host=http://192.168.251.9:8080

修改完成后上传至master
运行 kubectl create -f kubernetes-dashboard.yaml
验证
# kubectl get pods --namespace=kube-system
NAME READY STATUS RESTARTS AGE
kubernetes-dashboard-747085828-0r767 0/1 ContainerCreating 0 33s

查看该容器的详细过程:
# kubectl describe pods kubernetes-dashboard-747085828-0r767 --namespace=kube-system
Name: kubernetes-dashboard-747085828-0r767
Namespace: kube-system
Node: 192.168.251.231/192.168.251.231
Start Time: Thu, 02 Mar 2017 14:51:55 +0800
Labels: app=kubernetes-dashboard
pod-template-hash=747085828
Status: Running
IP: 172.17.40.2
Controllers: ReplicaSet/kubernetes-dashboard-747085828
Containers:
kubernetes-dashboard:
Container ID: docker://5ac9c56ae81ceb37dae1c15e9a0d5b4d87cea5556c9cd92f5e667ac4659d815a
Image: docker.io/ist0ne/kubernetes-dashboard-amd64
Image ID: docker-pullable://docker.io/ist0ne/kubernetes-dashboard-amd64@sha256:faf7362425df7c542c65280ae15f2ba8e56a188d6999f4870b6821bb3ef5c637
Port: 9090/TCP
Args:
--apiserver-host=http://192.168.251.9:8080
State: Running
Started: Thu, 02 Mar 2017 14:52:39 +0800
Ready: True
Restart Count: 0
Liveness: http-get http://:9090/ delay=30s timeout=30s period=10s #success=1 #failure=3
Volume Mounts: <none>
Environment Variables: <none>
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
No volumes.
QoS Class: BestEffort
Tolerations: dedicated=master:Equal:NoSchedule
Events:
FirstSeen LastSeen Count From SubobjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
2m 2m 1 {default-scheduler } Normal Scheduled Successfully assigned kubernetes-dashboard-747085828-0r767 to 192.168.251.231
<invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Pulling pulling image "docker.io/ist0ne/kubernetes-dashboard-amd64"
<invalid> <invalid> 2 {kubelet 192.168.251.231} Warning MissingClusterDNS kubelet does not have ClusterDNS IP configured and cannot create Pod using "ClusterFirst" policy. Falling back to DNSDefault policy.
<invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Pulled Successfully pulled image "docker.io/ist0ne/kubernetes-dashboard-amd64"
<invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Created Created container with docker id 5ac9c56ae81c; Security:[seccomp=unconfined]
<invalid> <invalid> 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Started Started container with docker id 5ac9c56ae81c
　　当有多个node,可以用该命令中看到容器被分配到哪个node上,启动后分配的ip地址等信息.
如果在结果中看到"State: Running"时,请移步到node查看容器运行状态,应该也是up的状态.
　　
此时可以通过http://kube-apiserver:port/ui访问
　　http://192.168.251.9:8080/ui
　　7.监控之Docker监控——cadvisor k8s自带的单机版监控，每个node都有界面，



http://192.168.251.9:4194
http://192.168.251.231:4194/containers/

api接口 http://192.168.251.9:8080/swaager-ui
　　8. 注意点&遇到的问题:
1). 注意服务的启动顺序,特别是master,在确保etcd启动的情况下,先启动apiserver
2). 注意yaml文件的格式缩进.
3). 如果发现刚创建的pod的status是depening,原因可能有几点:其一,客户端配置有listen 127.0.0.1的服务,master无法与其建立连接;其二,环境初始化没有做好;其三,移步node,使用docker logs 查看日志
4). kubernetes-dashboard.yaml文件中的containers images地址目前为公开的,09月30日会关闭.
5). 如果自己有国外vps,可在服务器上创建docker registry;先pull下google的k8s dashboard,然后push到自己的registry,自己修改下yaml中的image即可.
　　9.参考文档：
　　https://kubernetes.io/docs/tutorials/
http://blog.csdn.net/dream_broken/article/details/52954069
http://blog.csdn.net/swcj/article/details/54969234
http://www.iyunv.net/article/94343.htm
http://www.cnblogs.com/softlin/p/5675890.html
http://blog.csdn.net/freewebsys/article/details/52685592