k8s基础环境搭建
环境准备
服务器之间时间同步
1. 关闭防火墙
systemctl stop firewalld
setenforce 0
2. 设置yum源 三台机器都要设置一个master两个node节点
下载docker镜像yum源
cd /etc/yum.repos.d
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
vi kubernetes.repo
[kubernetes]
name=Kubernetes Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
执行yum repolist 查看镜像是否成功
3. 安装docker 生产用版本 1.7.03 所有节点安装
yum install -y docker
设置开机启动docker
systemctl enable docker
草,网上很多文章说不需要kubeadm,导致8080一直报错,官网又让安装
You will install these packages on all of your machines:
kubeadm: the command to bootstrap the cluster.
kubelet: the component that runs on all of the machines in your cluster and does things like starting pods and containers.
kubectl: the command line util to talk to your cluster.
4. 安装kubeadm
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable --now kubelet
启动docker
systemctl start docker
启动 systemctl enable kubelet && systemctl start kubelet
查看docker信息
docker version 或者docker info
查看kubeadm版本
kubeadm version
查看kubelet信息
rpm -ql kubelet
查看kubelet的状态
systemctl status kubelet
查看日志
tail /var/log/messages
a. 关于忽略swap 可省略
Kubernetes 1.8开始要求关闭系统的Swap,如果不关闭,默认配置下kubelet将无法启动。
可以通过kubelet的启动参数–fail-swap-on=false更改这个限制。
设置 swapoff -a
查看cat /etc/sysconfig/kubelet
修改kubelet中内容为 KUBELET_EXTRA_ARGS="--fail-swap-on=false"
配置转发参数
cat /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables =
net.bridge.bridge-nf-call-iptables =
vm.swappiness=
b. 编写脚本下载必需的镜像 vi images.sh
#!/bin/bash
images="kube-apiserver:v1.14.0 kube-scheduler:v1.14.0 kube-controller-manager:v1.14.0 kube-proxy:v1.14.0
etcd:3.3.10 pause:3.1"
for imageName in $images
do
echo $imageName
docker pull docker.io/mirrorgooglecontainers/$imageName
docker tag docker.io/mirrorgooglecontainers/$imageName k8s.gcr.io/$imageName
docker rmi docker.io/mirrorgooglecontainers/$imageName
done
others="coredns:1.3.1"
for other in $others
do
docker pull docker.io/coredns/$other
docker tag docker.io/coredns/$other k8s.gcr.io/$other
docker rmi docker.io/coredns/$other
done
chmod 777 images.sh
c. kubeadm初始化
kubeadm init --kubernetes-version=v1.14.0 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
记录以下信息用于node节点连接到master
kubeadm join 172.19.68.9:6443 --token mhg1pv.wpsv2mmou2pat7ug \
--discovery-token-ca-cert-hash sha256:4f315d48cf4fb954e76e25d3683577ef87f248377aa2bafbae514073eb43fffc
d. 执行命令
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
状态命令检查kubectl get cs
检查节点 kubectl get nodes
e. 部署网络插件 flannel
https://github.com/coreos/flannel
执行命令 kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
查看flannel镜像 docker image ls
查看pods是否启动 kubectl get pods -n kube-system
kubectl get pods -n kube-system -o wide 打印更多信息
查看命令空间 kubectl get ns
最后一步 配置node结点
下载必需镜像 如果不下载pause,master结点中node结点一直在noready状态
docker pull mirrorgooglecontainers/pause:3.1
docker tag docker.io/mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker rmi docker.io/mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/kube-proxy:v1.14.0
docker tag docker.io/mirrorgooglecontainers/kube-proxy:v1.14.0 k8s.gcr.io/kube-proxy:v1.14.0
docker rmi docker.io/mirrorgooglecontainers/kube-proxy:v1.14.0
查看master上面结点信息
kubectl get pods -n kube-system -o wide
查看错误原因的命令 kubectl describe pod kubernetes-dashboard-5f7b999d65-klr7j -n kube-system
删除不了的原因是因为没有添加命名空间
首先删除deployment再删除pod
管理平台界面
首先下载官方的yaml文件
wgethttps://raw.githubusercontent.com/kubernetes/dashboard/v1.10.0/src/deploy/recommended/kubernetes-dashboard.yaml
sed -i 's#k8s.gcr.io#gcrxio#g' kubernetes-dashboard.yaml
kubectl apply -f kubernetes-dashboard.yaml
# Copyright The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License. # ------------------- Dashboard Secret ------------------- # apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-certs
namespace: kube-system
type: Opaque ---
# ------------------- Dashboard Service Account ------------------- # apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system ---
# ------------------- Dashboard Role & Role Binding ------------------- # kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kubernetes-dashboard-minimal
namespace: kube-system
rules:
# Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
- apiGroups: [""]
resources: ["secrets"]
verbs: ["create"]
# Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["create"]
# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]
verbs: ["get", "update", "delete"]
# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["kubernetes-dashboard-settings"]
verbs: ["get", "update"]
# Allow Dashboard to get metrics from heapster.
- apiGroups: [""]
resources: ["services"]
resourceNames: ["heapster"]
verbs: ["proxy"]
- apiGroups: [""]
resources: ["services/proxy"]
resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
verbs: ["get"] ---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kubernetes-dashboard-minimal
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard-minimal
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kube-system ---
# ------------------- Dashboard Deployment ------------------- # kind: Deployment
apiVersion: apps/v1beta2
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
replicas:
revisionHistoryLimit:
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- name: kubernetes-dashboard
image: gcrxio/kubernetes-dashboard-amd64:v1.10.0
ports:
- containerPort:
protocol: TCP
args:
- --auto-generate-certificates
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
# - --apiserver-host=http://my-address:port
volumeMounts:
- name: kubernetes-dashboard-certs
mountPath: /certs
# Create on-disk volume to store exec logs
- mountPath: /tmp
name: tmp-volume
livenessProbe:
httpGet:
scheme: HTTPS
path: /
port:
initialDelaySeconds:
timeoutSeconds:
volumes:
- name: kubernetes-dashboard-certs
secret:
secretName: kubernetes-dashboard-certs
- name: tmp-volume
emptyDir: {}
serviceAccountName: kubernetes-dashboard
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule ---
# ------------------- Dashboard Service ------------------- # kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort # 新增
ports:
- port:
targetPort:
selector:
k8s-app: kubernetes-dashboard
查看暴露的端口
kubectl get svc -n kube-system
查看dash-board的输出信息
kubectl -n kube-system edit svc kubernetes-dashboard
问题1
查看dash-board的错误信息 kubectl logs kubernetes-dashboard-7b64bfd466-hxqtj -n kube-system
登录 https://47.102.46.176:32147/#!/login
登录方式使用tocken
https://blog.csdn.net/mr_rsq/article/details/87914766
dashboard登录不成功排查方式
执行命令如下:
kubectl get pods --all-namespaces -o wide
kubectl get services --all-namespaces
k8s基础环境搭建的更多相关文章
- Spark入门实战系列--2.Spark编译与部署(上)--基础环境搭建
[注] 1.该系列文章以及使用到安装包/测试数据 可以在<倾情大奉送--Spark入门实战系列>获取: 2.Spark编译与部署将以CentOS 64位操作系统为基础,主要是考虑到实际应用 ...
- EXT 基础环境搭建
EXT 基础环境搭建使用 Sencha CMD 下载地址 https://www.sencha.com/products/extjs/cmd-download/ Sencha CMD 常用命令 API ...
- IOS开发基础环境搭建
一.目的 本文的目的是windows下IOS开发基础环境搭建做了对应的介绍,大家可根据文档步骤进行mac环境部署: 二.安装虚拟机 下载虚拟机安装文件绿色版,点击如下文件安装 获取安装包: ...
- Spark环境搭建(上)——基础环境搭建
Spark摘说 Spark的环境搭建涉及三个部分,一是linux系统基础环境搭建,二是Hadoop集群安装,三是Spark集群安装.在这里,主要介绍Spark在Centos系统上的准备工作--linu ...
- 【1】windows下IOS开发基础环境搭建
一.目的 本文的目的是windows下IOS开发基础环境搭建做了对应的介绍,大家可根据文档步骤进行mac环境部署: 二.安装虚拟机 下载虚拟机安装文件绿色版,点击如下文件安装 获取安装包: ...
- Maven 学习笔记(一) 基础环境搭建
在Java的世界里,项目的管理与构建,有两大常用工具,一个是Maven,另一个是Gradle,当然,还有一个正在淡出的Ant.Maven 和 Gradle 都是非常出色的工具,排除个人喜好,用哪个工具 ...
- (一)Hyperledger Fabric 1.1安装部署-基础环境搭建
在学习和开发hyperledger fabric的时候遇到了一些坑,现将自己的一些总结和心得整理如下,以期对大家有所帮助.本次使用的宿主机环境:ubuntu,版本:Ubuntu 16.04.3 LTS ...
- hadoop3.1.0 window win7 基础环境搭建
https://blog.csdn.net/wsh596823919/article/details/80774805 hadoop3.1.0 window win7 基础环境搭建 前言:在windo ...
- HyperLedger Fabric 1.4 基础环境搭建(7)
学习了前面几章理论知识后,本章开始介绍实践操作,先介绍Fabric基础环境搭建,采用的操作系统为Centos 7 64位,依次介绍Docker安装.Docker-Compose安装.GO语言环境安装. ...
随机推荐
- IdentityServer4入门三:授权模式
在入门一.入门二我们实现了一个完整的API保护的过程.需要保护的API只需在其Controler上应用[Authorize]特性,来显式指定受保护的资源.而我们实现的这个例子,所应用的模式叫“Clie ...
- SpringBoot + Vue前后端分离图片上传到本地并前端访问图片
同理应该可用于其他文件 图片上传 application.yml 配置相关常量 prop: upload-folder: E:/test/ # 配置SpringMVC文件上传限制,默认1M.注意MB要 ...
- Linux系统下vi编辑器的一些简单使用操作
Linux系统安装vi编辑器 打开终端,输入: sudo apt install vim 然后输入Y等待安装即可 Linux系统下使用vi编辑器的使用 安装好vim后,终端中输入vim即可进入vim编 ...
- php手记之04-tp5数据库操作
//--------查询// 原生sql语句查询 // $ret = Db::query("select * from tp5_user where id>10"); // ...
- 几种主流浏览器内置http抓包工具软件使用方
对于学习网站的人或者相关编程人员,经常需要用到http抓包工具来跟踪网页,但主流抓包软件如httpwatch.httpanalyzerstdv都是收费的,破解版往往也不稳定.实际上现在很多浏览器都内置 ...
- 终极解决办法rvct Cannot obtain license for Compiler (feature compiler) with license version >= 3.1
参考:https://blog.csdn.net/nic_r/article/details/7458038 ARM C/C++ Compiler, RVCT4. [Build ] armcc : e ...
- Qt pri文件
pri文件就是一个简单的文件夹包含或者动态库调用路径等说明,在pro文件里include了pri文件,相当于把pri文件的内容直接复制到pro文件中
- ubuntu18.04下eclipse修改maven源为阿里源
下载安装Java和Eclipse:https://www.cnblogs.com/zifeiy/p/9030111.html 然后命令行安装Maven(不是必须的): sudo apt-get ins ...
- 使用layui的form.on绑定select选中事件, form.on()不执行的原因分析
使用layui的form.on绑定select选中事件中, form.on()不执行, 主要原因有 1, select标签中没有写lay_filter属性,用来监听 <select id=&qu ...
- 不论报任何错误 都是网络源有问题,安装spacemacs报错的解决方式
不论报任何错误 都是网络源有问题 打开.spacemacs ### 这是原头部 (defun dotspacemacs/layers () "Configuration Layers d ...