K8S部署安装实战(二进制安装)
一、安装环境
| 角色 | 主机名 | IP地址 |
| master | master | 192.168.2.100 |
| etcd | etcd | 192.168.2.101 |
| minion | node1 | 192.168.2.102 |
二、基础环境配置
关闭防火墙和selinux(etcd、master、node都要操作)
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@localhost ~]# setenforce 0
[root@localhost ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@localhost ~]# yum install ntp -y
完毕!
[root@localhost ~]# ntpdate pool.ntp.org
23 Apr 11:21:36 ntpdate[10724]: adjust time server 203.107.6.88 offset 0.012317 sec
[root@localhost ~]# systemctl start ntpd
[root@localhost ~]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.三、K8S安装部署
etcd操作
yum安装etcd
[root@localhost ~]# hostnamectl set-hostname etcd
[root@localhost ~]# bash
[root@etcd ~]# yum install etcd -y修改配置文件
[root@etcd ~]# cp /etc/etcd/etcd.conf /etc/etcd/etcd.conf.bak
[root@etcd ~]# vim /etc/etcd/etcd.conf
ETCD_LISTEN_CLIENT_URLS="http://192.168.2.101:2379,http://127.0.0.1:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.2.101:2379,http://127.0.0.1:2379"服务启动
[root@etcd ~]# systemctl restart etcd
[root@etcd ~]# systemctl enable etcd
master操作
[root@localhost ~]# hostnamectl set-hostname master
[root@localhost ~]# bash
[root@master ~]# yum install kubernetes-master flannel -y[root@master ~]# cd /etc/kubernetes/
[root@master kubernetes]# cp config config.bak
[root@master kubernetes]# cp apiserver apiserver.bak[root@master kubernetes]# vim config
KUBE_MASTER="--master=http://192.168.2.100:8080"
[root@master kubernetes]# vim apiserver
# 监听地址
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
# 制定ETCD服务器地址
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.2.101:2379"
# 去掉ServiceAccount认证
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
启动服务并设置开机启动
[root@master kubernetes]# systemctl restart kube-apiserver
[root@master kubernetes]# systemctl restart kube-controller-manager
[root@master kubernetes]# systemctl restart kube-scheduler
[root@master kubernetes]# systemctl enable kube-apiserver
[root@master kubernetes]# systemctl enable kube-controller-manager
[root@master kubernetes]# systemctl enable kube-scheduler查看服务
node1操作
yum安装服务
[root@localhost ~]# hostnamectl set-hostname node1
[root@localhost ~]# bash
[root@node1 kubernetes]# wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@node1 ~]# yum install kubernetes-node docker-ce *rhsm* flannel -y[root@node1 ~]# cd /etc/kubernetes/
[root@node1 kubernetes]# cp config config.bak
[root@node1 kubernetes]# cp kubelet kubelet.bak[root@node1 kubernetes]# vim config
KUBE_MASTER="--master=http://192.168.2.100:8080"
[root@node1 kubernetes]# vim kubelet
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_HOSTNAME="--hostname-override=192.168.2.102"
KUBELET_API_SERVER="--api-servers=http://192.168.2.100:8080"
启动服务
[root@node1 ~]# systemctl restart kube-proxy
[root@node1 ~]# systemctl restart docker
[root@node1 ~]# systemctl restart kubelet
[root@node1 ~]# systemctl enable kube-proxy
[root@node1 ~]# systemctl enable docker
[root@node1 ~]# systemctl enable kubelet查看服务
master查看是否可以获取到节点信息
四、flanneld网络配置
master、node配置flannel网络
[root@master kubernetes]# vim /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.2.101:2379"[root@node1 ~]# vim /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.2.101:2379"etcd服务器创建flannel网络
[root@etcd ~]# etcdctl mk /atomic.io/network/config '{"Network":"172.17.0.0/16"}'检查服务
master和node1启动flanneld服务
[root@master kubernetes]# systemctl restart flanneld
[root@master kubernetes]# systemctl enable flanneld[root@node1 ~]# systemctl start flanneld
[root@node1 ~]# systemctl enable flanneld五、Dashboard UI安装部署
node1下载下面两个docker镜像
- pod-infrastructure
- kubernetes-dashboard-amd64
master下载dashboard-controller.yaml和dashboard-service.yaml
下面提供百度云盘地址
链接:https://pan.baidu.com/s/1PSmxs3INDPJqLSGGZpHHWA 密码:v0hlmaster配置ashboard-controller.yaml和dashboard-service.yaml
[root@master kubernetes]# vim dashboard-controller.yamlapiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
spec:
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
spec:
containers:
- name: kubernetes-dashboard
image: bestwu/kubernetes-dashboard-amd64:v1.6.3
resources:
# keep request = limit to keep this container in guaranteed class
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 9090
args:
- --apiserver-host=http://192.168.2.100:8080
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30[root@master kubernetes]# vim dashboard-service.yaml apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
spec:
selector:
k8s-app: kubernetes-dashboard
ports:
- port: 80
targetPort: 9090node导入docker镜像
[root@node1 ~]# docker load <kubernetes-dashboard-amd64.tgz
[root@node1 ~]# docker tag $(docker images|grep none|awk '{print $3}') registry.access.redhat.com/rhel7/pod-infrastructure
[root@node1 ~]# docker load<pod-infrastructure.tgz
[root@node1 ~]# docker tag $(docker images|grep none|awk '{print $3}') bestwu/kubernetes-dashboard-amd64:v1.6.3
master操作
kubectl create -f dashboard-controller.yaml
kubectl create -f dashboard-service.yaml 
创建完成查看Pods和Service的详细信息
浏览器访问http://192.168.2.100:8080
etcd、master、node需要执行
iptables -P FORWARD ACCEPT浏览器访问http://192.168.2.100:8080/ui查看ui是否可以访问
至此K8S搭建完成!!!
声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
