Kubernetes集群的安裝部署
此文參照https://www.cnblogs.com/zhenyuyaodidiao/p/6500830.html,並根據實操過程略作修改。
1、環境介紹及準備:
1.1 物理機操作系統
物理機操作系統采用Centos7.3 64位,細節如下。
[root@k8s-master ~]# uname -a
Linux k8s-master 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[root@k8s-master ~]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
1.2 主機信息
本文準備了三臺機器用於部署k8s的運行環境,細節如下:
節點及功能 |
主機名 |
IP |
Master、etcd、registry |
K8s-master |
192.168.44.60 |
Node1 |
K8s-slave01 |
192.168.44.61 |
Node2 |
K8s-slave02 |
192.168.44.62 |
另外三臺機器做了ssh免密登錄,免密登錄示例
並且做如下配置(三臺機器都需要)
[root@k8s-master ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.44.60 etcd 192.168.44.60 registry 192.168.44.60 k8s-master 192.168.44.61 k8s-slave01 192.168.44.62 k8s-slave02
1.3 關閉三臺機器上的防火墻
systemctl disable firewalld.service systemctl stop firewalld.service
2、部署etcd
k8s運行依賴etcd,需要先部署etcd,本文采用yum方式安裝:
[root@k8s-master ~]# yum install etcd -y
yum安裝的etcd默認配置文件在/etc/etcd/etcd.conf。編輯配置文件,更改以下帶顏色部分信息:
[root@k8s-master ~]# vim /etc/etcd/etcd.conf
# [member]
ETCD_NAME=master
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
#ETCD_WAL_DIR=""
#ETCD_SNAPSHOT_COUNT="10000"
#ETCD_HEARTBEAT_INTERVAL="100"
#ETCD_ELECTION_TIMEOUT="1000"
#ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379,http://0.0.0.0:4001"
#ETCD_MAX_SNAPSHOTS="5"
#ETCD_MAX_WALS="5"
#ETCD_CORS=""
#
#[cluster]
#ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380"
# if you use different ETCD_NAME (e.g. test), set ETCD_INITIAL_CLUSTER value for this name, i.e. "test=http://..."
#ETCD_INITIAL_CLUSTER="default=http://localhost:2380"
#ETCD_INITIAL_CLUSTER_STATE="new"
#ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_ADVERTISE_CLIENT_URLS="http://etcd:2379,http://etcd:4001"
#ETCD_DISCOVERY=""
#ETCD_DISCOVERY_SRV=""
#ETCD_DISCOVERY_FALLBACK="proxy"
#ETCD_DISCOVERY_PROXY=""
啟動並驗證狀態
[root@k8s-master ~]# systemctl start etcd
[root@k8s-master ~]# etcdctl set testdir/testkey0 0
0
[root@k8s-master ~]# etcdctl get testdir/testkey0
0
[root@k8s-master ~]# etcdctl -C http://etcd:4001 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://etcd:2379
cluster is healthy
[root@k8s-master ~]# etcdctl -C http://etcd:2379 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://etcd:2379
cluster is healthy
3、部署master
3.1 安裝Docker
[root@k8s-master ~]# yum install docker
配置Docker配置文件,使其允許從registry中拉取鏡像。
[root@k8s-master ~]# vim /etc/sysconfig/docker
# /etc/sysconfig/docker
# Modify these options if you want to change the way the docker daemon runs
OPTIONS=‘--selinux-enabled=false --log-driver=journald --signature-verification=false‘
if [ -z "${DOCKER_CERT_PATH}" ]; then
DOCKER_CERT_PATH=/etc/docker
fi
OPTIONS=‘--insecure-registry registry:5000‘
設置開機自啟動並開啟服務
[root@k8s-master ~]# chkconfig docker on [root@k8s-master ~]# service docker start
3.2 安裝kubernets
[root@k8s-master ~]# yum install kubernetes
3.3 配置並啟動kubernetes
在kubernetes master上需要運行以下組件:
Kubernets API Server
Kubernets Controller Manager
Kubernets Scheduler
相應的要更改以下幾個配置中帶顏色部分信息:
3.3.1 /etc/kubernetes/apiserver
[root@k8s-master ~]# vim /etc/kubernetes/apiserver
###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#
# The address on the local server to listen to.
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"
# Port minions listen on
# KUBELET_PORT="--kubelet-port=10250"
# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://etcd:2379"
# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
# default admission control policies
#KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
# Add your own!
KUBE_API_ARGS=""
3.3.2 /etc/kubernetes/config
[root@k8s-master ~]# vim /etc/kubernetes/config
###
# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
# kube-apiserver.service
# kube-controller-manager.service
# kube-scheduler.service
# kubelet.service
# kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"
# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://k8s-master:8080"
啟動服務並設置開機自啟動
[root@k8s-master ~]# systemctl enable kube-apiserver.service [root@k8s-master ~]# systemctl start kube-apiserver.service [root@k8s-master ~]# systemctl enable kube-controller-manager.service [root@k8s-master ~]# systemctl start kube-controller-manager.service [root@k8s-master ~]# systemctl enable kube-scheduler.service [root@k8s-master ~]# systemctl start kube-scheduler.service
4、部署node(註意,兩臺slave的node機器都需要操作一遍)
4.1 安裝docker
參見3.1
4.2 安裝kubernets
兩臺slave的node機器上分別yum安裝
yum install kubernetes
4.3 配置並啟動kubernetes
在kubernetes node上需要運行以下組件:
Kubelet
Kubernets Proxy
相應的要更改以下幾個配置文中帶顏色部分信息:
4.3.1 /etc/kubernetes/config
[root@K8s-slave01 ~]# vim /etc/kubernetes/config
###
# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
# kube-apiserver.service
# kube-controller-manager.service
# kube-scheduler.service
# kubelet.service
# kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"
# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://k8s-master:8080"
4.3.2 /etc/kubernetes/kubelet
[root@K8s-slave01 ~]# vim /etc/kubernetes/kubelet
###
# kubernetes kubelet (minion) config
# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=0.0.0.0"
# The port for the info server to serve on
# KUBELET_PORT="--port=10250"
# You may leave this blank to use the actual hostname 註意修改成自己的節點名稱
KUBELET_HOSTNAME="--hostname-override=k8s-slave01"
# location of the api-server 修改成自己的主節點名稱
KUBELET_API_SERVER="--api-servers=http://k8s-master:8080"
# pod infrastructure container 記住這個地方,後面會對此講解
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
# Add your own!
KUBELET_ARGS=""
啟動服務並設置開機自啟動
[root@k8s-master ~]# systemctl enable kubelet.service [root@k8s-master ~]# systemctl start kubelet.service [root@k8s-master ~]# systemctl enable kube-proxy.service [root@k8s-master ~]# systemctl start kube-proxy.service
4.4 查看狀態
在master上查看集群中節點及節點狀態
[root@k8s-master ~]# kubectl -s http://k8s-master:8080 get node
NAME STATUS AGE
k8s-slave01 Ready 39s
k8s-slave02 Ready 45s
[root@k8s-master ~]# kubectl get nodes
NAME STATUS AGE
k8s-slave01 Ready 50s
k8s-slave02 Ready 56s
至此,已經搭建了一個kubernetes集群,但目前該集群還不能很好的工作,請繼續後續的步驟。
5、創建覆蓋網絡——Flannel
5.1 安裝Flannel
在master、node上均執行如下命令,進行安裝
[root@k8s-master ~]# yum install flannel
5.2 配置Flannel
master、node上均編輯/etc/sysconfig/flanneld,修改紅色部分
[root@k8s-master ~]# vi /etc/sysconfig/flanneld
# Flanneld configuration options
# etcd url location. Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://etcd:2379"
# etcd config key. This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/atomic.io/network"
# Any additional options that you want to pass
#FLANNEL_OPTIONS=""
5.3 配置etcd中關於flannel的key
Flannel使用Etcd進行配置,來保證多個Flannel實例之間的配置一致性,所以需要在etcd上進行如下配置:(‘/atomic.io/network/config’這個key與上文/etc/sysconfig/flannel中的配置項FLANNEL_ETCD_PREFIX是相對應的,值裏面的ip可以參照ifconfig列出的docker0一項的ip,錯誤的話啟動就會出錯)
值參照如下
[root@k8s-slave01 ~]# ifconfig docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1472 inet 172.17.78.1 netmask 255.255.255.0 broadcast 0.0.0.0 inet6 fe80::42:d9ff:fe56:982c prefixlen 64 scopeid 0x20<link>
.....
執行下面命令
[root@k8s-master ~]# etcdctl mk /atomic.io/network/config ‘{ "Network": "172.17.0.1/16" }‘
{ "Network": "172.17.0.1/16" }
5.4 啟動
啟動Flannel之後,需要依次重啟docker、kubernete。
在master執行:
systemctl enable flanneld.service systemctl start flanneld.service service docker restart systemctl restart kube-apiserver.service systemctl restart kube-controller-manager.service systemctl restart kube-scheduler.service
在node上執行:
systemctl enable flanneld.service systemctl start flanneld.service service docker restart systemctl restart kubelet.service systemctl restart kube-proxy.service
至此集群基本搭建完畢,但是一般企業裏面都需要一個web的ui頁面,所以下文講解如何在集群的基礎上搭建ui界面。
Kubernetes集群的安裝部署