CentOS7 安装kubernetes

2台机器，1台为Master，1台为Node

修改Host Master为dmaster,Node为dslave

安装K8s and Etcd

---

在Master机器上安装

yum install etcd

yum install kubernetes 

Node机器只需要

yum install kubernetes 

安装k8s会自动安装docker，目前版本是1.8

配置K8s

---

Etcd默认的监听端口是4001，在这里修改

vim /etc/etcd/etcd.conf

修改Master机器K8s配置

1. apiserver配置

vim /etc/kubernetes/apiserver

###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#
 
# The address on the local server to listen to.
KUBE_API_ADDRESS="--address=0.0.0.0"
 
# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"
 
# Port minions listen on
KUBELET_PORT="--kubelet_port=10250"
 
# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd_servers=http://127.0.0.1:4001"
 
# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
 
# default admission control policies
KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
 
# Add your own!
KUBE_API_ARGS="--secure-port=0"

2.K8s配置

vim /etc/kubernetes/config

# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
#   kube-apiserver.service
#   kube-controller-manager.service
#   kube-scheduler.service
#   kubelet.service
#   kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"
 
# journal message level,  is debug
KUBE_LOG_LEVEL="--v=0"
 
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow_privileged=false"
 
# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://dmaster:8080"
KUBE_ETCD_SERVERS="--etcd-servers=http://dmaster:4001"

3.启动服务

systemctl enable etcd kube-apiserver kube-controller-manager kube-scheduler

systemctl restart etcd kube-apiserver kube-controller-manager kube-scheduler

systemctl status etcd kube-apiserver kube-controller-manager kube-scheduler

修改Node机器配置

1. K8s配置

vim /etc/kubernetes/kubelet

# kubernetes kubelet (minion) config
 
# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=127.0.0.1"
 
# The port for the info server to serve on
KUBELET_PORT="--port=10250"
 
# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname_override=dslave"
 
# location of the api-server
KUBELET_API_SERVER="--api_servers=http://dmaster:8080"
 
# Add your own!
KUBELET_ARGS=""

2. 启动服务

systemctl enable kube-proxy kubeletdocker

systemctl restart kube-proxy kubeletdocker

systemctl status kube-proxy kubeletdocker

新增Pod

---

1. 在Master机器查看Node状态

[root@ k8s]# kubectl get nodes
NAME      LABELS                          STATUS
dslave    kubernetes.io/hostname=dslave   Ready

2. 新建Pod资源文件

apiVersion: v1
kind: Pod
metadata:
  name: mysql
  labels:
    name: mysql
spec:
  containers:
    - resources:
        limits :
          cpu: 0.5
      image: mysql
      name: mysql
      env:
        - name: MYSQL_ROOT_PASSWORD
          # change this
          value: rootpwd
      ports:
        - containerPort:
          name: mysql
      volumeMounts:
          # name must match the volume name below
        - name: mysql-persistent-storage
          # mount path within the container
          mountPath: /var/lib/mysql
  volumes:
    - name: mysql-persistent-storage
      cinder:
        volumeID: bd82f7e2-wece-4c01-a505-4acf60b07f4a
        fsType: ext4

3. 导入资源

kubectl create -f mysql.yaml

4. 查看资源状态

[root@ k8s]# kubectl get pods
NAME      READY     STATUS    RESTARTS   AGE
mysql     /       Running             1h

这里已经部署在运行了，所以是Running。Status开始是Ready。

5. 查看日志

Master机器日志

tail -f /var/log/messages | grep kube

Dec  ::  kube-scheduler: I1211 ::11.380994    event.go:] Event(api.ObjectReference{Kind:"Pod", Namespace:"default", Name:"mysql", UID:"2f192467-a030-11e5-8a55-000c298cfaa1", APIVersion:"v1", ResourceVersion:"", FieldPath:""}): reason: 'scheduled' Successfully assigned mysql to dslave

在部署Pod时，在Node机器日志中报错

Dec  :: dslave kubelet: E1211 ::22.745867    manager.go:] Failed to create pod infra container: image pull failed for gcr.io/google_containers/pause:0.8., this may be because there are no credentials on this request.  details: (Network timed out while trying to connect to http://gcr.io/v1/repositories/google_containers/pause/images. You may want to check your internet connection or if you are behind a proxy.); Skipping pod "mysql_default"
Dec  :: dslave kubelet: E1211 ::22.955470    pod_workers.go:] Error syncing pod bcbb3b8a-a02a-11e5-8a55-000c298cfaa1, skipping: image pull failed for gcr.io/google_containers/pause:0.8., this may be because there are no credentials on this request.  details: (Network timed out while trying to connect to http://gcr.io/v1/repositories/google_containers/pause/images. You may want to check your internet connection or if you are behind a proxy.)

Google被墙了，下载资源包到本地

http://www.sunmite.com/linux/installing-kubernetes-cluster-on-centos7-to-manage-pods-and-services/attachment/pause-0-8-0/

在Node节点导入

docker load --input pause-0.8.0.tar

这是一个容器，负责Pod内部的网络

还有一个问题是权限的问题

no API token found for service account default/default, retry after the token is automatically created and added to the service account

这样即可解决

#vim /etc/kubernetes/apiserver
KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
 
#systemctl restart kube-apiserver.service