安装最新版本的kubernets(+安装插件dashboard)
一、安装docker
// 安装系统工具:
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
// 添加docker yum repo信息:
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
// 更新并安装 docker:
sudo yum makecache fast
sudo yum -y install docker-ce
// 开启docker服务并设置开机启动:
sudo systemctl start docker
sudo systemctl enable docker
// 设置docker:
sudo mkdir -p /etc/docker
cat /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"], ##这一步一定要有,否则在初始化kubectl的时候很可能会报错
"bip": "10.20.0.1/16",
"fixed-cidr": "10.20.0.0/16",
"mtu": 1500,
"insecure-registries": ["harbor.eainc.com"]
}
// 重启 docker
sudo systemctl daemon-reload
sudo systemctl restart docker
// 关闭swap,否则会导致kubectl服务启动失败
sudo swapoff -a
二、安装kubelet、kubeadm、kubectl
// 设置kubernetes软件源
cat /etc/yum.repos.d/kubrenetes.repo
[kubernetes]
name=Kubernetes Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
// 安装 kubelet kubeadm kubectl 服务
yum install -y kubelet kubeadm kubectl // 查看kubectl(很重要)
# kubectl version
Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.0", GitCommit:"e8462b5b5dc2584fdcd18e6bcfe9f1e4d970a529", GitTreeState:"clean", BuildDate:"2019-06-19T16:40:16Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"} // kubectl 的版本是 1.15.0 ,后面docker拉取的kube- 服务也要为1.15.0
三、安装基础镜像
docker pull mirrorgooglecontainers/kube-apiserver:v1.15.0
docker pull mirrorgooglecontainers/kube-controller-manager:v1.15.0
docker pull mirrorgooglecontainers/kube-scheduler:v1.15.0
docker pull mirrorgooglecontainers/kube-proxy:v1.15.0
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.
docker pull coredns/coredns:1.3.
docker pull docker.io/dockerofwj/flannel docker tag mirrorgooglecontainers/kube-apiserver:v1.15.0 k8s.gcr.io/kube-apiserver:v1.15.0
docker tag mirrorgooglecontainers/kube-controller-manager:v1.15.0 k8s.gcr.io/kube-controller-manager:v1.15.0
docker tag mirrorgooglecontainers/kube-scheduler:v1.15.0 k8s.gcr.io/kube-scheduler:v1.15.0
docker tag mirrorgooglecontainers/kube-proxy:v1.15.0 k8s.gcr.io/kube-proxy:v1.15.0
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag mirrorgooglecontainers/etcd:3.3. k8s.gcr.io/etcd:3.3.
docker tag coredns/coredns:1.3. k8s.gcr.io/coredns:1.3.
docker tag docker.io/dockerofwj/flannel quay.io/coreos/flannel:v0.10.0-amd64 docker image rm mirrorgooglecontainers/kube-apiserver:v1.15.0
docker image rm mirrorgooglecontainers/kube-controller-manager:v1.15.0
docker image rm mirrorgooglecontainers/kube-scheduler:v1.15.0
docker image rm mirrorgooglecontainers/kube-proxy:v1.15.0
docker image rm mirrorgooglecontainers/pause:3.1
docker image rm mirrorgooglecontainers/etcd:3.3.
docker image rm coredns/coredns:1.3.
docker image rm docker.io/dockerofwj/flannel
四、k8s初始化
# kubeadm init --kubernetes-version=v1.15.0 --apiserver-advertise-address=192.168.37.49 --pod-network-cidr=10.10.0.0/16 --ignore-preflight-errors=swap
............................
Your Kubernetes control-plane has initialized successfully! ### 看到这一行说明初始化成功 To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.3.4:6443 --token 21k4ls.cdne6rd3p8p31gpy \
--discovery-token-ca-cert-hash sha256:dc5a8012c92dae38cedb7581153552d7f8b589bf670b67cb131da144eff83124
### 最后两行很重要,关系到node节点的设置
// 设置环境变量
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
// 配置 kubectl并验证
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> /etc/profile
source /etc/profile
echo $KUBECONFIG #查看是否输出正确内容
// 设置系统参数
sysctl net.bridge.bridge-nf-call-iptables=1
五、Master安装Pod网络
// Pod网络用于Pod之间进行通信。这里我们选用flannel网络方案
vim kube-flannel.yaml
#添加以下内容
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: flannel
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- ""
resources:
- nodes
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- patch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: flannel
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flannel
subjects:
- kind: ServiceAccount
name: flannel
namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: flannel
namespace: kube-system
---
kind: ConfigMap
apiVersion: v1
metadata:
name: kube-flannel-cfg
namespace: kube-system
labels:
tier: node
app: flannel
data:
cni-conf.json: |
{
"name": "cbr0",
"plugins": [
{
"type": "flannel",
"delegate": {
"hairpinMode": true,
"isDefaultGateway": true
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
net-conf.json: |
{
"Network": "10.10.0.0/16",
"Backend": {
"Type": "vxlan"
}
}
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-flannel-ds-amd64
namespace: kube-system
labels:
tier: node
app: flannel
spec:
template:
metadata:
labels:
tier: node
app: flannel
spec:
hostNetwork: true
nodeSelector:
beta.kubernetes.io/arch: amd64
tolerations:
- operator: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
- name: install-cni
image: quay.io/coreos/flannel:v0.10.0-amd64
command:
- cp
args:
- -f
- /etc/kube-flannel/cni-conf.json
- /etc/cni/net.d/-flannel.conflist
volumeMounts:
- name: cni
mountPath: /etc/cni/net.d
- name: flannel-cfg
mountPath: /etc/kube-flannel/
containers:
- name: kube-flannel
image: quay.io/coreos/flannel:v0.10.0-amd64
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "100m"
memory: "50Mi"
securityContext:
privileged: true
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: run
mountPath: /run
- name: flannel-cfg
mountPath: /etc/kube-flannel/
volumes:
- name: run
hostPath:
path: /run
- name: cni
hostPath:
path: /etc/cni/net.d
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-flannel-ds-arm64
namespace: kube-system
labels:
tier: node
app: flannel
spec:
template:
metadata:
labels:
tier: node
app: flannel
spec:
hostNetwork: true
nodeSelector:
beta.kubernetes.io/arch: arm64
tolerations:
- operator: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
- name: install-cni
image: quay.io/coreos/flannel:v0.10.0-arm64
command:
- cp
args:
- -f
- /etc/kube-flannel/cni-conf.json
- /etc/cni/net.d/-flannel.conflist
volumeMounts:
- name: cni
mountPath: /etc/cni/net.d
- name: flannel-cfg
mountPath: /etc/kube-flannel/
containers:
- name: kube-flannel
image: quay.io/coreos/flannel:v0.10.0-arm64
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "100m"
memory: "50Mi"
securityContext:
privileged: true
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: run
mountPath: /run
- name: flannel-cfg
mountPath: /etc/kube-flannel/
volumes:
- name: run
hostPath:
path: /run
- name: cni
hostPath:
path: /etc/cni/net.d
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-flannel-ds-arm
namespace: kube-system
labels:
tier: node
app: flannel
spec:
template:
metadata:
labels:
tier: node
app: flannel
spec:
hostNetwork: true
nodeSelector:
beta.kubernetes.io/arch: arm
tolerations:
- operator: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
- name: install-cni
image: quay.io/coreos/flannel:v0.10.0-arm
command:
- cp
args:
- -f
- /etc/kube-flannel/cni-conf.json
- /etc/cni/net.d/-flannel.conflist
volumeMounts:
- name: cni
mountPath: /etc/cni/net.d
- name: flannel-cfg
mountPath: /etc/kube-flannel/
containers:
- name: kube-flannel
image: quay.io/coreos/flannel:v0.10.0-arm
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "100m"
memory: "50Mi"
securityContext:
privileged: true
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: run
mountPath: /run
- name: flannel-cfg
mountPath: /etc/kube-flannel/
volumes:
- name: run
hostPath:
path: /run
- name: cni
hostPath:
path: /etc/cni/net.d
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-flannel-ds-ppc64le
namespace: kube-system
labels:
tier: node
app: flannel
spec:
template:
metadata:
labels:
tier: node
app: flannel
spec:
hostNetwork: true
nodeSelector:
beta.kubernetes.io/arch: ppc64le
tolerations:
- operator: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
- name: install-cni
image: quay.io/coreos/flannel:v0.10.0-ppc64le
command:
- cp
args:
- -f
- /etc/kube-flannel/cni-conf.json
- /etc/cni/net.d/-flannel.conflist
volumeMounts:
- name: cni
mountPath: /etc/cni/net.d
- name: flannel-cfg
mountPath: /etc/kube-flannel/
containers:
- name: kube-flannel
image: quay.io/coreos/flannel:v0.10.0-ppc64le
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "100m"
memory: "50Mi"
securityContext:
privileged: true
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: run
mountPath: /run
- name: flannel-cfg
mountPath: /etc/kube-flannel/
volumes:
- name: run
hostPath:
path: /run
- name: cni
hostPath:
path: /etc/cni/net.d
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-flannel-ds-s390x
namespace: kube-system
labels:
tier: node
app: flannel
spec:
template:
metadata:
labels:
tier: node
app: flannel
spec:
hostNetwork: true
nodeSelector:
beta.kubernetes.io/arch: s390x
tolerations:
- operator: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
- name: install-cni
image: quay.io/coreos/flannel:v0.10.0-s390x
command:
- cp
args:
- -f
- /etc/kube-flannel/cni-conf.json
- /etc/cni/net.d/-flannel.conflist
volumeMounts:
- name: cni
mountPath: /etc/cni/net.d
- name: flannel-cfg
mountPath: /etc/kube-flannel/
containers:
- name: kube-flannel
image: quay.io/coreos/flannel:v0.10.0-s390x
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
resources:
requests:
cpu: "100m"
memory: "50Mi"
limits:
cpu: "100m"
memory: "50Mi"
securityContext:
privileged: true
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: run
mountPath: /run
- name: flannel-cfg
mountPath: /etc/kube-flannel/
volumes:
- name: run
hostPath:
path: /run
- name: cni
hostPath:
path: /etc/cni/net.d
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
// 创建 flannel 网络
kubectl apply -f kube-flannel.yaml // 节点加入集群(如果没有部署节点就不需要这一步,执行命令的环境是node节点环境)
kubeadm join 192.168.3.4:6443 --token 21k4ls.cdne6rd3p8p31gpy --discovery-token-ca-cert-hash sha256:dc5a8012c92dae38cedb7581153552d7f8b589bf670b67cb131da144eff83124 六、下载安装Dashboard
// 可以在https://github.com/kubernetes/dashboard/releases上查看最新版本
// 下载dashboard
wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml // 修改配置文件
# sed -i 's/k8s.gcr.io/loveone/g' kubernetes-dashboard.yaml
# sed -i '/targetPort:/a\ \ \ \ \ \ nodePort: 30001\n\ \ type: NodePort' kubernetes-dashboard.yaml // 部署dashboard
# kubectl create -f kubernetes-dashboard.yaml // 启动相关服务
kubectl get deployment kubernetes-dashboard -n kube-system
kubectl get pods -n kube-system -o wide
kubectl get services -n kube-system // 查看端口是否启动
netstat -ntlp|grep 30001 七、浏览器测试
由于https证书的问题,暂时只能先通过火狐浏览器增加安全例外的方式访问(亲测,google浏览器不行) 在Firefox浏览器输入Dashboard访问地址:https://192.168.3.4:30001
令牌获取方法如下:令牌是token后面的内容
# kubectl create serviceaccount dashboard-admin -n kube-system
serviceaccount/dashboard-admin created # kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created # kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
Name: dashboard-admin-token-96mdl
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: dashboard-admin
kubernetes.io/service-account.uid: d70e1d17-94bd--815c-f18dc1c9fd1b Type: kubernetes.io/service-account-token Data
====
ca.crt: bytes
namespace: bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tOTZtZGwiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiZDcwZTFkMTctOTRiZC00NzU3LTgxNWMtZjE4ZGMxYzlmZDFiIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.VpiN4MWsZzCPG25m3I77bKq2n4_5b1EnOR5pczlsNpVJC_wDJ6Hjbcm-MzANE2-kVkRTAdYZUAmIOZqadhDePg26ZqV6Z1hOkakyIGHi9h39Y459K2mNYSz9MnWqvRMBRS1qmeZy7jTqP4HwQWR_P0v8RFjyF07-2Y9pDrSVwcmH551WiD-fpoERgLKcSGrb9zYoyMUynWh0peQhIfW8NuDSL3krgY8ZuJ-gHKEAg7nUSt4GNIdCniR-vaCnmT8yC9M0Jv-1vV0dx6f4kTd65dQxuce6K37K_eBZ6mbU9bvqMXBBIurH1w2mly56RxsrONjBiXxluF0uq8GKxDjTfA
认证通过后,登陆dashboard首页如图:
安装最新版本的kubernets(+安装插件dashboard)的更多相关文章
- ubuntu14.04下配置Java环境以及安装最新版本的eclipse
首先是配置JDK 步骤一:下载最新版本的JDK,链接:http://www.oracle.com/technetwork/java/javase/downloads/index.html 步骤二:首先 ...
- 如何安装最新版本的memcached
转载自孟叔的博客: https://learndevops.cn/index.php/2016/06/10/how-to-install-the-latest-version-of-memcache ...
- angular4.0 安装最新版本的nodejs、npm、@angular/cli的方法
在使用ng项目的ui框架时,比如ng-zorro.angular Material,需要安装最新版本的@angular/cli: 配置ng-zorro框架 ng-zorro官网:https://ng. ...
- centos下安装最新版本git(通过master分支下载最新版)
centos6.7下安装最新版本git 本文参考:http://www.01happy.com/centos-install-latest-git/ 按照原博主所提供的思路安装可能会出现下列问题 解决 ...
- Windows7 64位安装最新版本MySQL服务器
Windows7 64位安装最新版本MySQL服务器 近期,一直在研究MySQL数据库,经常修改配置文件,导致MySQL数据库无法使用,不得不反复重装MySQL数据库.以下是在Windows7 64位 ...
- 【工具相关】ionic-通过nmp安装最新版本的 cordova 和 ionic
一,命令行下输入: sudo npm install -g cordova ionic 用来安装最新版本的cordova和ionic. 如下图所示: 二,等待一下,如下图所示. 三,用命令 npm u ...
- 安装最新版本的zabbix
1. 先安装php5.4 最新版本: yum安装php5.4或5.5 https://blog.csdn.net/MarkBoo/article/details/49424183 2. 然后参照官网或 ...
- Ubuntu16.04下安装最新版本的CMake
当前最新版CMake为3.9.1.. Ubuntu中更新cmake到最新版本,过程如下: 1. 卸载已经安装的旧版的CMake[非必需] apt-get autoremove cmake 2. 文 ...
- 【教程】CentOS 7安装 最新版本Docker
博主最近需要安装Docker,步骤如下: Docker安装官方地址:https://docs.docker.com/install/linux/docker-ce/centos/ 以下命令都是在roo ...
随机推荐
- 后盾网lavarel视频项目---lavarel用户认证实例
后盾网lavarel视频项目---lavarel用户认证实例 一.总结 一句话总结: 主要是用的Auth认证,所以配置是配置的auth(config/auth.php),控制器中调用也是用的Auth( ...
- CSS 有序或者无序列表的前面的标记 list-style-type 属性
例子: <html> <head> <style type="text/css"> ul.none{list-style-type:none} ...
- [mysql]设置创建时间,更新时间未生效
问题描述: 新增一条case,create_time没有自动生成创建时间,值为空 原因 : create_time字段类型是DateTime(错误)而不是TIMESTAMP(正确) 解决办法: 把c ...
- java下载文件时文件名出现乱码的解决办法
转: java下载文件时文件名出现乱码的解决办法 2018年01月12日 15:43:32 橙子橙 阅读数:6249 java下载文件时文件名出现乱码的解决办法: String userAgent ...
- 47全排列II
题目:给定一个可包含重复数字的序列,返回所有不重复的全排列. 示例: 输入:[1,1,2]输出:[[1,1,2],[1,2,1],[2,1,1]] 来源:https://leetcode-cn.com ...
- java:IO流(File,字节流/输入输出流(InputStream(FileInputStream),OutputStream(FileOutStream)),字符流(Reader,Writer))
File: * java.io.File类:代表一个文件或目录. * 常用的构造方法: * File(String pathname)通过将给定路径名字符串转换为抽象路径名来创建一个新 File 实例 ...
- sklearn.preprocessing.StandardScaler数据标准化
原文链接:https://blog.csdn.net/weixin_39175124/article/details/79463993 数据在前处理的时候,经常会涉及到数据标准化.将现有的数据通过某种 ...
- pip提示ModuleNotFoundError: No module named 'pkg_resources'
卸载setuptools后,pip下载python包一直提示ModuleNotFoundError: No module named 'pkg_resources',如下图: 在网上找了很多贴了都无法 ...
- java中抽象类、接口及区别
转自:http://www.cnblogs.com/dolphin0520/p/3811437.html 一.抽象类 在了解抽象类之前,先来了解一下抽象方法.抽象方法是一种特殊的方法:它只有声明,而没 ...
- kubernetes集群node加入不了master错误处理
#如果node加入不了master或者加入成功但是,在master中显示不出来.排查错误:1. 运行,kubelet, 查看日志,一般是kubelet的运行和docker启动方式不匹配.调整:vim ...