基础概念
kubernetes,简称 K8s,是用8代替8个字符“ubernete”而成的缩写。是一个开源的,用于管理云平台中多个主机上的容器化的应用,Kubernetes 的目标是让部署容器化的应用简单并且高效(powerful),Kubernetes提供了应用部署,规划,更新,维护的一种机制。
kubeadm是官方社区推出的一个用于快速部署kubernetes集群的工具,这个工具能通过两条指令完成一个kubernetes集群的部署。
kubeadm init
kubeadm join <master node and port> # 这个再init之后执行
环境准备
主机名配置
主节点:
hostnamectl set-hostname centos-master1
从节点:
hostnamectl set-hostname centos-node1
set-hostname centos-node2
配置主机名解析
修改配置文件,vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.160.129 centos-master1
192.168.160.130 centos-node1
192.168.160.131 centos-node2
关闭防火墙
在每台机器上都运行!!!
systemctl disable firewalld
systemctl stop firewalld
firewall-cmd --state
关闭selinux
在每台机器上都运行!!!
systemctl disable firewalld
systemctl stop firewalld
firewall-cmd --state
setenforce 0
sed -i 's/enforcing/disabled/' /etc/selinux/config
配置网桥模块
查看是否加载
lsmod | grep br_netfilter
安装docker
所有主机执行!!!
Kubernetes默认CRI(容器运行时)为Docker,因此先安装Docker。
这次安装地docker版本为18.06.1版本:
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo # 下载docker源
yum install -y docker-ce-18.06.1.ce-3.el7 # 安装docker
ystemctl enable docker && systemctl start docker
docker --version
替换镜像仓库以及修改cgroupdriver
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://p4e9di9t.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
设置k8s的YUM源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
安装kubeadm,kubelet和kubectl
安装指定版本的1.18,避免兼容性问题
yum install -y kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0
# 开机自启动
systemctl enable kubelet
主节点初始化
kubeadm init --apiserver-advertise-address=192.168.160.129 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.18.0 --service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16
复制配置文件,并授权
在master节点上,根据提示执行:
# To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
安装网络插件
curl -O https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
master生成token
kubeadm token create --print-join-command
结果如下:
[root@centos-master ~]# kubeadm token create --print-join-command
W0801 20:43:27.871329 8583 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
kubeadm join 192.168.160.129:6443 --token a57eqj.em1acygcl6hyol80 --discovery-token-ca-cert-hash sha256:ce0d4655dff4bca6e1b21d1cf79ca1c9d51396211c7d1c30088b39c893c183ef
连接其他节点
在node节点上执行:
kubeadm join 192.168.160.129:6443 --token a57eqj.em1acygcl6hyol80 --discovery-token-ca-cert-hash sha256:ce0d4655dff4bca6e1b21d1cf79ca1c9d51396211c7d1c30088b39c893c183ef
然后,主节点查看节点状态:
kubectl get nodes
报错提示
这个是由于还没有挂载上node节点,等待一会儿就好了。
[root@centos-node2 ~]# kubeadm join 192.168.160.129:6443 --token a57eqj.em1acygcl6hyol80 --discovery-token-ca-cert-hash sha256:ce0d4655dff4bca6e1b21d1cf79ca1c9d51396211c7d1c30088b39c893c183ef
W0801 20:50:11.379651 6789 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set.
[preflight] Running pre-flight checks
[WARNING Hostname]: hostname "centos-node2" could not be reached
[WARNING Hostname]: hostname "centos-node2": lookup centos-node2 on 192.168.160.2:53: no such host
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.18" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
