01:k8s 安装部署
k8s 官网详解:
https://www.kubernetes.org.cn/k8s
准备环境:三台centos7 服务器
192.168.3.201 k8s-master(主)
192.168.3.203 k8s-node-1(节点)
192.168.3.204 k8s-node-2(节点)
#安装前准备
关闭防火墙并设置开机不启动三台机操作一样
systemctl stop firewalld && systemctl disable firewalld && systemctl status firewalld
yum -y install vim net-tools wget
#kubernetes(k8s)的安装方法
五种方法:
kubernetes 二进制安装 (配置最繁琐,不亚于安装openstack)
kubeadm 安装 (谷歌推出的自动化安装工具,网络有要求)
minikube 安装 (仅仅用来体验k8s)
yum 安装 (最简单,版本比较低====学习推荐此种方法)
go编译安装 (最难)
我们采用yum安装,学习怎么使用k8s才是重点。
1:修改主机和host 解析
#请在三台机器都执行如下操作
cat << EOF >> /etc/hosts
192.168.3.201 k8s-master
192.168.3.203 k8s-node-1
192.168.3.204 k8s-node-2
EOF
cat /etc/hosts
分别修改主机名:
hostnamectl set-hostname k8s-master
hostnamectl set-hostname k8s-node-1
hostnamectl set-hostname k8s-node-2
![image_thumb[4]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143040314-575576077.png "image_thumb[4]")
2: 安装docker 1.12版本,系统自带的1.13有点小bug,需要修改,不然后期容器网络通讯会不通,三天机操作
yum provides docker
![image_thumb[2]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143040961-1906379950.png "image_thumb[2]")
#去官网找1.12版本docker
http://vault.centos.org/7.4.1708/extras/x86_64/Packages/
#需要提前安装 CentOS-Base.repo源
三台机器都需要下载这三个docker包(wget下载太慢,迅雷下载后传到其他两台机器):
http://vault.centos.org/7.4.1708/extras/x86_64/Packages/docker-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm
http://vault.centos.org/7.4.1708/extras/x86_64/Packages/docker-client-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm
http://vault.centos.org/7.4.1708/extras/x86_64/Packages/docker-common-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm
![image_thumb[7]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143041476-795612986.png "image_thumb[7]")
[root@k8s-master ~]# ls
docker-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm
docker-client-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm
docker-common-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm
[root@k8s-master ~]# scp * 192.168.3.203:~
root@192.168.6.130's password:
docker-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm 100% 15MB 30.7MB/s 00:00
docker-client-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm 100% 3451KB 29.6MB/s 00:00
docker-common-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm 100% 83KB 6.9MB/s 00:00
[root@k8s-master ~]# scp * 192.168.3.204:~
root@192.168.6.131's password:
docker-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm 100% 15MB 24.2MB/s 00:00
docker-client-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm 100% 3451KB 23.3MB/s 00:00
docker-common-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm 100% 83KB 5.8MB/s 00:00
[root@k8s-master ~]#
(1):卸载系统已经安装的docker
由于笔者前面安装有docker-ce版本,需要全部卸载干净(推荐你使用全新的机器安装)
[root@k8s-node-1 ~]# rpm -qa |grep docker
docker-ce-19.03.3-3.el7.x86_64
docker-ce-cli-19.03.3-3.el7.x86_64
[root@k8s-node-1 ~]# rpm -e docker-ce-19.03.3-3.el7.x86_64
[root@k8s-node-1 ~]# rpm -e docker-ce-cli-19.03.3-3.el7.x86_642
[root@k8s-node-1 ~]# rm -rf /var/lib/docker/* 清空之前docker产生的所有文件。
[root@k8s-node-1 ~]# rm -rf /etc/docker/*
![image_thumb[10]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143041893-1134431867.png "image_thumb[10]")
3:在三台都安装docker 1.12(必须要按如下顺序安装,不然可能会报错)
yum localinstall docker-common-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm -y
yum localinstall docker-client-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm -y
yum localinstall docker-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm -y
4:验证docker 是否安装成功并启动设置开机启动,三台都安装
[root@k8s-master ~]# docker -v
Docker version 1.12.6, build 3e8e77d/1.12.6
systemctl start docker && systemctl enable docker
5:master节点安装etcd (k8s数据库kv类型存储)原生支持做集群
[root@k8s-master ~]# yum install etcd.x86_64 -y
[root@k8s-master ~]# vim /etc/etcd/etcd.conf
ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379
ETCD_ADVERTISE_CLIENT_URLS=http://192.168.3.201:2379
启动
systemctl start etcd.service && systemctl enable etcd.service
如果出现报错,一般是配置文件配置错了:
![image_thumb[12]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143042211-1743365148.png "image_thumb[12]")
![image_thumb[16]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143042614-2115284023.png "image_thumb[16]")
测试:
#set 设置一队键值 数据存储
[root@k8s-master ~]# etcdctl set testdir/testkey0 xujin
Xujin
#get获取
[root@k8s-master ~]# etcdctl get testdir/testkey0
xujin
#检测集群状态
[root@k8s-master ~]# etcdctl -C http://192.168.3.201:2379 cluster-health![image_thumb[18]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143043287-1364800002.png "image_thumb[18]")
6:master节点安装kubernetes
[root@k8s-master ~]# yum install kubernetes-master.x86_64 -y
#修改配置文件如下
[root@k8s-master ~]# vim /etc/kubernetes/apiserver
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_API_PORT="--port=8080"
KUBELET_PORT="--kubelet-port=10250"
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.3.201:2379"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,Securi
tyContextDeny,ResourceQuota"
结果如下图
![image_thumb[20]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143043679-1572396244.png "image_thumb[20]")
#修改config文件
[root@k8s-master ~]# vim /etc/kubernetes/config
KUBE_MASTER="--master=http://192.168.3.201:8080"
![image_thumb[23]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143044209-1194418696.png "image_thumb[23]")
启动:k8s
# 启动kube-apiserver
#这个服务用来:接受并响应用户的请求
[root@k8s-master ~]# systemctl start kube-apiserver.service
[root@k8s-master ~]# systemctl enable kube-apiserver.service
#启动 kube-controller-manager
#控制管理器的概念,保证容器存活
#每隔一段时间去扫描容器状态,看有没有死了。
#容器死了,会调度apiserver再起一个新的容器
#保证容器的个数,比如我们设定起三个nginx容器,多了就会杀掉,少了就会起
[root@k8s-master ~]# systemctl start kube-controller-manager.service
[root@k8s-master ~]# systemctl enable kube-controller-manager.service
#启动kube-scheduler
#调度器,选择启动容器的node节点,通俗点就是容器在哪一个节点服务器上面创建
[root@k8s-master ~]# systemctl start kube-scheduler.service
[root@k8s-master ~]# systemctl enable kube-scheduler.service
到此主master 192.168.3.201 k8s安装好了。
-----------------------------------------------------------------------
node节点安装kubernetes
(130,131两台服务器都执行如下命令)
yum install kubernetes-node.x86_64 -y
vim /etc/kubernetes/config
KUBE_MASTER="--master=http://192.168.3.201:8080"
vim /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_PORT="--port=10250"
KUBELET_HOSTNAME="--hostname-override=k8s-node-1" #注意131这里需要配置k8s-node-2
KUBELET_API_SERVER="--api-servers=http://192.168.3.201:8080"
#启动kubelet服务
#调用docker,管理容器的生命周期
systemctl start kubelet.service
systemctl enable kubelet.service
#启动kube-proxy
#提供容器网络访问
systemctl start kube-proxy.service
systemctl enable kube-proxy.service
检测node集群是否正常:
主master(129)主机执行:
[root@k8s-master ~]# kubectl get nodes
#出现如下节点,说明我们节点安装正常
NAME STATUS AGE
k8s-node-1 Ready 6m
k8s-node-2 Ready 6m
![image_thumb[26]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143044749-1715452217.png "image_thumb[26]")
=================================
配置k8s服务器网络:
K8s支持多种网络类型,具体参考官网介绍或者百度。
我们这里选择安装flannel网络。
1: 所有k8s服务器配置flannel网络(201,203,204三台机器都执行如下操作)
[root@k8s-master ~]# yum install flannel -y
[root@k8s-master ~]# sed -i 's#http://127.0.0.1:2379#http://192.168.3.201:2379#g' /etc/sysconfig/flanneld
[root@k8s-master ~]# cat /etc/sysconfig/flanneld![image_thumb[28]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143045206-1936000810.png "image_thumb[28]")
之后再203,204 两台节点也执行如上步骤就可以了。
2: master(201) 节点:创建网络,并重启服务
#mk 递归创建目录config, 里面存的值是: '{ "Network": "172.16.0.0/16" }'
# key -------------------- value
#网络16位,可以分配足够多的IP地址给容器
[root@k8s-master ~]# etcdctl mk /atomic.io/network/config '{ "Network": "172.16.0.0/16" }'
#master(201)重启服务
[root@k8s-master ~]#systemctl enable flanneld.service
[root@k8s-master ~]#systemctl restart flanneld.service
[root@k8s-master ~]#systemctl restart docker
[root@k8s-master ~]#systemctl restart kube-apiserver.service
[root@k8s-master ~]#systemctl restart kube-controller-manager.service
[root@k8s-master ~]#systemctl restart kube-scheduler.service
Node(203,204)节点:重启服务
systemctl enable flanneld.service
systemctl restart flanneld.service
service docker restart
systemctl restart kubelet.service
systemctl restart kube-proxy.service
3:测试容器网络
#三台都起一个容器,看ip a地址,然后互相ping,发现都是通的
[root@k8s-master ~]# docker run -it busybox
[root@k8s-node-1 ~]# docker run -it busybox
[root@k8s-node-2 ~]# docker run -it busybox
/ # ping baidu.com #首先看是否外网正常![image_thumb[30]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143045836-781201286.png "image_thumb[30]")
/ # ip a #查看各自的自动生成的IP,互相ping会发现也是通的。
![image_thumb[33]](https://img2020.cnblogs.com/blog/1339941/202009/1339941-20200908143046411-328380086.png "image_thumb[33]")
到此网络也配置正常,基础的k8s搭建完毕!
=====================================================
如果网络不通可能是防火墙的问题,要么直接关闭防火墙,或者配置一条规则
#k8s三台服务器都执行
[root@k8s-master ~]#iptables -P FORWARD ACCEPT
[root@k8s-node-1 ~]#iptables -P FORWARD ACCEPT
[root@k8s-node-2 ~]#iptables -P FORWARD ACCEPT