1、修改本地/etc/hosts文件
#将以下内容追加(>>)到 /etc/hosts文件
cat <<EOF >> /etc/hosts
172.26.48.4 k8s-master
172.26.48.5 k8s-node1
172.26.135.94 k8s-node2
EOF
2、CentOS 7 配置国内阿里云镜像源
#将以下内容替换(>)到 /etc/yum.repos.d/kubernetes.repo文件
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
3、关闭 SELinux,目的为了允许容器能够与本机文件系统交互。
setenforce 0
setenforce: SELinux is disabled
systemctl daemon-reload
4、修改网络开启桥接网络支持,只针对(RHEL/CentOS 7)系统
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf
sysctl --system
5、关闭swap——不关闭配置节点或是配置master都会有问题
swapoff -a
6、安装 ebtables ethtool,否则后边执行 kubeadm init 的时候会报错
yum install ebtables ethtool -y
#然后修改当前内核状态 这个文件是在 Docker安装成功后才出现的
echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables
7、安装kubelet、kubeadm、kubectl
yum install -y kubelet kubeadm kubectl
yum install -y kubelet-1.14.2 kubeadm-1.14.2 kubectl-1.14.2
systemctl enable kubelet && systemctl start kubelet
8、镜像准备
kubernetes 服务启动依赖很多镜像,但是这些镜像要是在国内没有*的话,是下载不下来的。这里我们可以去 Docker Hub 下载指定版本的镜像替代,下载完成后,通过 docker tag … 命令修改成指定名称的镜像即可。
kubeadm config images list
I0524 22:03:10.774681 19610 version.go:96] could not fetch a
Kubernetes version from the internet: unable to get URL
“https://dl.k8s.io/release/stable-1.txt”: Get
https://dl.k8s.io/release/stable-1.txt: net/http: request canceled
while waiting for connection (Client.Timeout exceeded while awaiting
headers) I0524 22:03:10.774766 19610 version.go:97] falling back to
the local client version: v1.14.2 k8s.gcr.io/kube-apiserver:v1.14.2
k8s.gcr.io/kube-controller-manager:v1.14.2
k8s.gcr.io/kube-scheduler:v1.14.2 k8s.gcr.io/kube-proxy:v1.14.2
k8s.gcr.io/pause:3.1 k8s.gcr.io/etcd:3.3.10 k8s.gcr.io/coredns:1.3.1
9、创建文件setup_image.sh 编写脚本批量下载镜像,并修改镜像tag与google的k8s镜像名称一致
#!/bin/bash
# 定义镜像集合数组
images=(
kube-apiserver:v1.14.2
kube-controller-manager:v1.14.2
kube-scheduler:v1.14.2
kube-proxy:v1.14.2
pause:3.1
etcd:3.3.10
)
# 循环从国内Docker镜像库 https://hub.docker.com 中下载镜像
for img in ${images[@]};
do
# 从国内源下载镜像
docker pull mirrorgooglecontainers/$img
# 改变镜像名称
docker tag mirrorgooglecontainers/$img k8s.gcr.io/$img
# 删除源始镜像
docker rmi mirrorgooglecontainers/$img
#
echo '================'
done
# 有一个在Docker Hub中找不到,换个下载仓库
docker pull coredns/coredns:1.3.1
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
docker rmi coredns/coredns:1.3.1
10、kubeadm 常用命令
# 启动一个 Kubernetes 主节点
[root@k8s-master deploy]# kubeadm init
# 启动一个 Kubernetes 工作节点并且将其加入到集群
[root@k8s-master deploy]# kubeadm join
# 更新一个 Kubernetes 集群到新版本
[root@k8s-master deploy]# kubeadm upgrade
# 如果使用 v1.7.x 或者更低版本的 kubeadm 初始化集群,您需要对集群做一些配置以便使用 kubeadm upgrade 命令
[root@k8s-master deploy]# kubeadm config
# 管理 kubeadm join 使用的令牌
[root@k8s-master deploy]# kubeadm token
# 重新生成链接 Token
[root@k8s-master deploy]# kubeadm token create --print-join-command
# 查看未失效的 Token列表
[root@k8s-master deploy]# kubeadm token list
# 还原 kubeadm init 或者 kubeadm join 对主机所做的任何更改
[root@k8s-master deploy]# kubeadm reset
# 查询所有 pod
[root@k8s-master deploy]# kubectl get pod -A -o wide
# 查询所有节点
[root@k8s-master deploy]# kubectl get nodes -o wide
# 查看k8s问题节点日志
[root@k8s-master deploy]# journalctl -f -u kubelet
# 查看命名空间
[root@k8s-master deploy]# kubectl get namespace
11、初始化 master (正常情况)
kubeadm init --pod-network-cidr=<pod网络IP地址/子网掩码> --kubernetes-version=<k8s版本>
kubeadm init --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.14.2
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 172.26.48.4:6443 --token yx9yza.rcb08m1giup70y63 \
--discovery-token-ca-cert-hash sha256:f6548aa3508014ac5dab129231b54f5085f37fe8e6fc5d362f787be70a1a8a6e
[root@k8s-master deploy]#
11.1、初始化master出现的错误情况
[root@alimaster k8s]# kubeadm init --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.14.2
[init] Using Kubernetes version: v1.14.2
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 19.03.0-beta5. Latest validated version: 18.09
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR NumCPU]: the number of available CPUs 1 is less than the required 2
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
以上是因为cup核数不够,如果测试用可以忽略
kubeadm init --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.14.2 --ignore-preflight-errors=NumCPU
12、好了初始化 Master 完成后,我们使用命令 kubectl get node 查看集群节点信息,但是你会发现并没有出现 Node 信息,反而报错如下:
[root@k8s-master deploy]# kubectl get pods
The connection to the server localhost:8080 was refused - did you specify the right host or port?
13、出现以上原因是没有执行init中日志提示的那一步
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
[root@k8s-master deploy]# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-master NotReady master 9m8s v1.14.2
[root@k8s-master deploy]#
[root@k8s-master deploy]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-fb8b8dccf-8xbcf 0/1 Pending 0 10s
kube-system coredns-fb8b8dccf-ztxxg 0/1 Pending 0 10s
kube-system kube-proxy-kcvph 1/1 Running 0 9s
[root@k8s-master deploy]#
14、安装 pod 网络附加组件
kubernetes 提供了很多种网络组件选择,有 Calia、Canal、Flannel、Kube-router、Romana、Weave Net 可以使用,具体使用可以参考 (3/4)安装pod网络 来操作,这里我们选择 Flannel 作为网络组件。
注意: 为了使Flannel正常工作,执行kubeadm init命令时需要增加–pod-network-cidr=10.244.0.0/16参数。Flannel适用于amd64,arm,arm64和ppc64le上工作,但使用除amd64平台得其他平台,你必须手动下载并替换amd64。
# 查看当前系统的发行版信息
[root@k8s-master deploy]# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 7.5.1804 (Core)
Release: 7.5.1804
Codename: Core
[root@k8s-master deploy]#
[root@k8s-master deploy]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-rbac.yml
[root@k8s-master deploy]#
[root@k8s-master deploy]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
[root@k8s-master deploy]#
# 需要等待一小会儿,在查看运行状态就都是 Running 了
[root@k8s-master deploy]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-fb8b8dccf-8xbcf 1/1 Running 0 2m8s
kube-system coredns-fb8b8dccf-ztxxg 1/1 Running 0 2m8s
kube-system etcd-k8s-master 1/1 Running 0 81s
kube-system kube-apiserver-k8s-master 1/1 Running 0 81s
kube-system kube-controller-manager-k8s-master 1/1 Running 0 74s
kube-system kube-flannel-ds-amd64-hk4wt 1/1 Running 0 51s
kube-system kube-proxy-kcvph 1/1 Running 0 2m7s
kube-system kube-scheduler-k8s-master 1/1 Running 0 69s
[root@k8s-master deploy]#