一、先决条件
参考链接:
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
注:关闭firewalld和selinux
二、安装runtime(Docker)
参考链接:
https://kubernetes.io/docs/setup/production-environment/container-runtimes/#docker
https://docs.docker.com/install/linux/docker-ce/centos/
- 1. 当前OS版本记录
- 2. 安装epel
yum --enablerepo=extras install -y epel-release
- 3. 卸载旧版本(如果需要)
yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-engine
- 4. 配置repository
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
- 5. 安装docker(按照Kubernetes官网建议选择的docker版本,详见前面参考链接)
yum update –y && yum install -y docker-ce-18.06.2.ce
## Create /etc/docker directory
mkdir /etc/docker
# Setup daemon.
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
mkdir -p /etc/systemd/system/docker.service.d
# Restart Docker
systemctl daemon-reload
systemctl restart docker
systemctl enable docker
三、安装kubeadm, kubelet和kubectl
参考链接:
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
- 1. 配置repository
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
- 2. 安装kubeadm, kubelet and kubectl
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable --now kubelet
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
四、安装master
参考链接:
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/
注:国内可能会存在墙的限制导致安装失败,我是用的海外的云服务器安装的
- 1. 初始化master
kubeadm init <args>
需要记录这条命令后面用来部署worker节点:
kubeadm join 172.16.10.17:6443 --token r3hwsa.wzwswpulmfb0q5uh --discovery-token-ca-cert-hash sha256:1a7d743d88150XXXXXXXXXXXXXXXXXXXXXXX4f4f48b
- 2. 设置安全配置文件
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
五、部署网络插件
参考链接:https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/
此处以Weave为例
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
六、安装worker
参考链接:https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/
- 重复安装docker和kubeadm,kubelet,kubectl
- 执行安装master成功后返回的命令
kubeadm join 172.16.10.17:6443 --token r3hwsa.wzwswpulmfb0q5uh --discovery-token-ca-cert-hash sha256:1a7d743d8815XXXXXXXXXXXXXXXXXXXXX5578cf60587a4f4f48b
七、安装Dashboard
参考链接:https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
- 安装dashboard
默认的recommended.yaml仅允许本机访问,需要修改如下内容,通过nodeport提供外部访问
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml
- 创建示例用户
参考链接:
https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
token:
eyJhbGciOiJXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXjf_7kZFldbLwFMA3i1z2pXnktfZjSaFstOQyh3ss6CUsNIdt6MoFfR5-bOqvlH6h0M88KUltEkA4yvoPjFXUK-3GHEfNinjYupyQUVyN6RpxPKUrddUQ5qcz7GIJZA
- 通过nodeip+port访问即可访问
八、安装存储
以Rook为例
参考链接:
https://rook.io/docs/rook/v1.1/ceph-quickstart.html
wget https://raw.githubusercontent.com/rook/rook/release-1.1/cluster/examples/kubernetes/ceph/cluster-test.yaml
wget https://raw.githubusercontent.com/rook/rook/release-1.1/cluster/examples/kubernetes/ceph/operator.yaml
wget https://raw.githubusercontent.com/rook/rook/release-1.1/cluster/examples/kubernetes/ceph/cluster-test.yaml
kubectl create -f common.yaml
kubectl create -f operator.yaml
kubectl create -f cluster-test.yaml
——本文作者:赵毅鹏,沈磊