kubernetes v1.5.2搭建,部署nginx,tomcat,三臺centos7 叢集,一篇秒懂kubernetes工具
阿新 • • 發佈:2018-11-11
安裝vmware
先安裝一個,centos7 minimal模式,安裝完重啟,輸入root與密碼,進入控制檯
ip addr
//可以看ip,minimal是沒有安裝ifconfig等等工具的配置開機聯網
cd /etc/sysconfig/network-scripts
vi ifcfg-ens33
ONBOOT=yes
service network restar
//然後就可以使用xshell連線了。安裝必要工具
yum upgrade
yum install net-tools //可以使用yum search ifconfig 查詢包
yum groupinstall development tools //可選,安裝gcc等等開發工具包 一臺配置好了,vmware關機後使用vmware的克隆,複製兩個,三臺機器就準備完畢,先三臺各自【快照】一次方便回退重試
kubernetes總體叢集一個master,兩個node
- master&etcd 192.168.204.130
- node 192.168.204.131
- node 192.168.204.132master安裝kubernetes
systemctl stop firewalld && sudo systemctl disable firewalld
yum install -y kubernetes etcd docker flannel node安裝kubernetes
systemctl stop firewalld && sudo systemctl disable firewalld
yum install -y kubernetes docker flannelmaster配置修改,主要都是改ip
//etcd配置
vi /etc/etcd/etcd.conf 都有隻需要修改ip
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS=http://192.168.204.130:2379
//apiserver 配置 master配置修改完,先啟動etcd服務
systemctl start etcd
//檢查etcd cluster狀態,輸出cluster is healthy
etcdctl cluster-health
//檢查etcd叢集成員列表,這裡只有一臺,有顯示,表示etcd配置好了
etcdctl member list
//新增kubernetes叢集內的ip配置,/atomic.io/network是上面etcd裡預設配置的,叢集內會被flannel自動分配172.17.0.0網段地址
etcdctl mk /atomic.io/network/config '{"Network":"172.17.0.0/16", "SubnetMin": "172.17.1.0", "SubnetMax": "172.17.254.0"}'新增 redhat-uep.pem 證書檔案,主要是kubectl create後,pull映象會出錯
failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
/etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt是/etc/rhsm/ca/redhat-uep.pem的軟連線
/etc/rhsm/ca/redhat-uep.pem不存在
兩種方法得到redhat-uep.pem檔案,xshell的xftp直接放入目錄/etc/rhsm/ca/
1。下載,解壓
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm2cpio xxx.rpm | cpio -idmv
2。自己寫
https://github.com/candlepin/python-rhsm/blob/master/etc-conf/ca/redhat-uep.pem啟動kubernetes各元件,tailf /var/log/messages 可以看所有日誌
systemctl restart kube-apiserver
//上面執行後,看http://192.168.204.130:8080/ http://192.168.204.130:8080/healthz/ping有內容就kube-apiserver啟動成功了
systemctl restart kube-controller-manager
systemctl restart kube-scheduler
systemctl restart kube-proxy
systemctl restart kubelet
systemctl restart flanneld
systemctl restart docker
//上面執行後,ps aux | grep docker,看dockerd-curren程序的引數 是否有--bip=172.17.11.1/24 --ip-masq=true --mtu=1472
//有,表示flannel已接管docker的ip配置
//再看ifconfig的flannel0 172.17.11.0 與docker0 172.17.11.1是否同一網段如果上面都正常,master就完成了
node配置,與master差不多,很少
//Kubelet配置
vi /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_HOSTNAME="--hostname-override=192.168.204.131" //這裡是node的ip,131 132
KUBELET_API_SERVER="--api-servers=http://192.168.204.130:8080" //master的ip
//config配置
vi /etc/kubernetes/config
KUBE_MASTER="--master=http://192.168.204.130:8080"
//scheduler和proxy預設不要改,或者
vi /etc/kubernetes/scheduler
vi /etc/kubernetes/proxy
KUBE_SCHEDULER_ARGS="--address=0.0.0.0"
KUBE_PROXY_ARGS="--address=0.0.0.0"
//flannel配置
vi /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.204.130:2379"
FLANNEL_OPTIONS="--logtostderr=false --log_dir=/var/log/k8s/flannel/ --iface=ens33"兩個node配置完,就可以啟動了
systemctl restart kube-proxy
systemctl restart kubelet
systemctl restart flanneld
systemctl restart docker與master一樣檢查 docker與flannel
在master上看node
kubectl get nodes在node上看node,加 -s 指定api server
kubectl -s 192.168.204.130:8080 get nodes看版本
kubectl version部署nginx, 寫三個yaml檔案
//nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
name: nginx-pod
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
//nginx-rc.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: nginx-rc
spec:
replicas: 2
selector:
name: nginx-pod
template:
metadata:
labels:
name: nginx-pod
spec:
containers:
- name: nginx-pod
image: nginx
ports:
- containerPort: 80
//nginx-service.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
type: NodePort
ports:
- port: 80
nodePort: 30001
selector:
name: nginx-pod使用kubectl 建立部署nginx,就是通過docker pull image nginx 完成部署
kubectl create -f nginx-pod.yaml
//執行完,雖然顯示created,但是其實需要pull image 慢慢來的,使用
kubectl describe pod nginx
//看看具體的狀態,如果出現open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt錯誤看上面
//Status: Running,IP有了,Container ID有了,基本就好了
//還可以看看image有沒有pull下來,docker ps -a 是否有nginx
kubectl create -f nginx-rc.yaml
kubectl create -f nginx-service.yaml
//有問題,可以把上面的create換成delete刪除重建
//檢視部署列表
kubectl get pods
kubectl get rc
kubectl get service訪問nginx,驗證
http://192.168.204.131:30001/
http://192.168.204.132:30001/
如果打不開,試試下面(每個node節點都要) (https://github.com/kubernetes/kubernetes/issues/40182)
iptables -P FORWARD ACCEPT如果上面沒問題,部署tomcat
//tomcat-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: myweb
spec:
replicas: 2
template:
metadata:
labels:
app: myweb
spec:
containers:
- name: myweb
image: docker.io/tomcat
ports:
- containerPort: 80
//tomcat-service.yaml
apiVersion: v1
kind: Service
metadata:
name: myweb
spec:
type: NodePort
ports:
- port: 8080
targetPort: 8080
nodePort: 31111
selector:
app: myweb執行命令
kubectl create -f tomcat-deployment.yaml
kubectl create -f tomcat-service.yaml
kubectl describe deployment myweb訪問tomcat
http://192.168.204.131:31111/
http://192.168.204.132:31111/其他
kubectl get svc 顯示埠對映
etcdctl --endpoints http://192.168.204.130:2379 ls / 在安裝了etcd的伺服器,看其他伺服器的etcd儲存
netstat -antp |grep kube-proxy 顯示被flannel監聽的埠nodePort
repair.go:122] the cluster IP 10.51.0.1 for service kubernetes/default is not within the service CIDR 10.52.0.0/16; please recreate
檢查/etc/kubernetes/apiserver的KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=192.168.98.0/24"
清除快取
etcdctl rm /registry/services/specs/default/kubernetes
重啟