准备
我是在虚拟机机安装单机的所以先
1.设置vbox虚拟机设置网络互通
网卡设置
配置
2g内存2cpu
内核
Linux 4.17.11-1.el7.elrepo.x86_64
然后进入虚拟机可用命令查看ip地址查看互通
ip addr show
用swap分区
sudo swapoff -a
永久禁用
sudo vi /etc/fstab
把/dev/mapper/centos-swap swap这行注释掉
编写配置
vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1 vm.swappiness=0
sysctl --system
2. 配置kubernetes yum源
vim /etc/yum.repos.d/kubernetes.repo
[kubernetes]name=kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/gpgcheck=0enable=1
cd /etc/yum.repos.d/
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum clean all
yum repolist
安装
安装kubeadm, kubelet and kubectl
yum install docker-ce kubelet-1.11.1 kubeadm-1.11.1 kubectl-1.11.1 kubernetes-cni
systemctl enable dockersystemctl enable kubelet.servicesystemctl start dockersystemctl start kubelet
3.由于国内网络原因,kubernetes的镜像托管在google云上,无法直接下载,所以直接把把镜像搞下来有个技术大牛把gcr.io的镜像
每天同步到https://github.com/anjia0532/gcr.io_mirror这个站点,因此,如果需要用到gcr.io的镜像,可以执行如下的脚本进行镜像拉取
vim pullimages.sh
#!/bin/bashimages=(kube-proxy-amd64:v1.11.1 kube-scheduler-amd64:v1.11.1 kube-controller-manager-amd64:v1.11.1kube-apiserver-amd64:v1.11.1 etcd-amd64:3.2.18 coredns:1.1.3 pause:3.1 )for imageName in ${images[@]} ; dodocker pull anjia0532/google-containers.$imageNamedocker tag anjia0532/google-containers.$imageName k8s.gcr.io/$imageNamedocker rmi anjia0532/google-containers.$imageNamedonesh pullimages.sh
5.kubernetes集群不允许开启swap,所以我们需要忽略这个错误
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
编写kubeadm.yaml
vim kubeadm.yaml
apiVersion: kubeadm.k8s.io/v1alpha1kind: MasterConfigurationcontrollerManagerExtraArgs: horizontal-pod-autoscaler-use-rest-clients: "true" horizontal-pod-autoscaler-sync-period: "10s" node-monitor-grace-period: "10s"apiServerExtraArgs: runtime-config: "api/all=true"kubernetesVersion: "v1.11.1"
kubeadm init --config kubeadm.yaml
这样就可以完成 Kubernetes Master 的部署了,这个过程只需要几分钟,部署完成后,kubeadm 会生成一行指令:
kubeadm join 10.168.0.2:6443 --token 00bwbx.uvnaa2ewjflwu1ry --discovery-token-ca-cert-hash sha256:00eb62a2a6020f94132e3fe1ab721349bbcd3e9b94da9654cfe15f2985ebd711
4.配置kubectl与apiserver的认证
mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/config
检查健康状态
kubectl get cs
查看节点状态
kubectl get nodes
现在,我们就可以使用 kubectl get 命令来查看当前唯一一个节点的状态了:
kubectl get nodes
部署网络插件Weave
kubectl apply -f https://git.io/weave-kube-1.6
查看
kubectl get pods -n kube-system
[root@localhost ~]# kubectl get pods -n kube-systemNAME READY STATUS RESTARTS AGEcoredns-78fcdf6894-csxpw 1/1 Running 0 27mcoredns-78fcdf6894-td848 1/1 Running 0 27metcd-localhost.localdomain 1/1 Running 0 26mkube-apiserver-localhost.localdomain 1/1 Running 0 26mkube-controller-manager-localhost.localdomain 1/1 Running 0 26mkube-proxy-v78j8 1/1 Running 0 27mkube-scheduler-localhost.localdomain 1/1 Running 0 26mweave-net-vcnb6 2/2 Running 0 44s
加入污点
kubectl taint nodes --all node-role.kubernetes.io/master-
可视化插件,下载镜像
wget https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
docker pull anjia0532/google-containers.kubernetes-dashboard-amd64:v1.10.0docker tag anjia0532/google-containers.kubernetes-dashboard-amd64:v1.10.0 k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0docker rmi anjia0532/google-containers.kubernetes-dashboard-amd64:v1.10.0
修改kubernetes-dashboard.yaml,可以直接token认证进入
kind: ServiceapiVersion: v1metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-systemspec: # 添加Service的type为NodePort type: NodePort ports: - port: 443 targetPort: 8443 # 添加映射到虚拟机的端口,k8s只支持30000以上的端口 nodePort: 30001 selector: k8s-app: kubernetes-dashboardkubectl apply -f kubernetes-dashboard.yaml
看 Dashboard 对应的 Pod 的状态了
kubectl get pods -n kube-system
部署容器存储插件,下载镜像
kubectl apply -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/operator.yamlkubectl apply -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/cluster.yaml
查看安装情况
kubectl get pods -n rook-ceph-systemkubectl get pods -n rook-ceph
开启服务
nohup kubectl proxy --address='0.0.0.0' --accept-hosts='^*$' --disable-filter=true &
获取token命令
kubectl -n kube-system describe $(kubectl -n kube-system get secret -n kube-system -o name | grep namespace) | grep token
访问dashboard
通过node节点的ip,加刚刚我们设置的nodePort就可以访问了。
https://<node-ip>:<node-port>
下面是我成功的结果图
备忘:
查看全部节点
kubectl get pods --all-namespaces
查看pods
kubectl describe pod -n kube-system
查看具体问题
kubectl describe pod kubernetes-dashboard-767dc7d4d-mg5gw -n kube-system
原文链接:https://www.datayang.com/article/45
- 微信(WeChat)
- 多少不重要
-
- 支付宝(Alipay)
- 有鼓励就好
-
