CentOS7.6部署k8s环境

测试环境:

节点名称

节点IP

节点功能

K8s-master

10.10.1.10/24

Master、etcd、registry

K8s-node-1

10.10.1.20/24

node-1

K8s-node-2

10.10.1.30/24

node-2

步骤:

  1. 修改hosts文件

[root@Node-1 ~]# hostnamectl --static set-hostname  k8s-master

[root@Node-1 ~]# vi /etc/hosts

10.10.1.10    k8s-master

10.10.1.10   etcd

10.10.1.10   registry

10.10.1.20   k8s-node-1

10.10.1.30   k8s-node-2

  1. 部署etcd(注:本次只master节点安装etcd)

[root@node-1 ~]#  yum install etcd –y

[root@node-1 ~]# vi /etc/etcd/etcd.conf

#[Member]

#ETCD_CORS=""

ETCD_DATA_DIR="/var/lib/etcd/default.etcd"

#ETCD_WAL_DIR=""

#ETCD_LISTEN_PEER_URLS="http://localhost:2380"

ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379,http://0.0.0.0:4001"

ETCD_NAME="master"

#[Clustering]

#ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380"

ETCD_ADVERTISE_CLIENT_URLS=http://etcd:2379,http://etcd:4001

启动服务

[root@node-1 ~]# systemctl start etcd.service

[root@node-1 ~]# systemctl enable etcd.service

验证集群状态

[root@node-1 ~]#  etcdctl -C http://etcd:4001 cluster-health

member 8e9e05c52164694d is healthy: got healthy result from http://etcd:2379

cluster is healthy

[root@node-1 ~]#

  1. 部署master

3.1.安裝docker

[root@node-1 ~]# yum install docker

[root@node-1 ~]# vi /etc/sysconfig/docker

# /etc/sysconfig/docker

# Modify these options if you want to change the way the docker daemon runs

OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'

if [ -z "${DOCKER_CERT_PATH}" ]; then

DOCKER_CERT_PATH=/etc/docker

fi

OPTIONS='--insecure-registry registry:5000'

3.2.启动docker服务并设置开机启动

[root@node-1 ~]# systemctl start docker.service

[root@node-1 ~]# systemctl enable docker.service

3.3.安裝kubernets

[root@node-1 ~]# yum install kubernetes

3.4. 配置并且启动kubernets服务(该步骤只在master节点)

Kubernets API Server

Kubernets Controller Manager

Kubernets Scheduler

[root@node-1 ~]# vi /etc/kubernetes/apiserver

# kubernetes system config

#

# The following values are used to configure the kube-apiserver

#

# The address on the local server to listen to.

KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"

# The port on the local server to listen on.

KUBE_API_PORT="--port=8080"

# Port minions listen on

# KUBELET_PORT="--kubelet-port=10250"

# Comma separated list of nodes in the etcd cluster

KUBE_ETCD_SERVERS="--etcd-servers=http://etcd:2379"

# Address range to use for services

KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

# default admission control policies

#KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"

KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

# Add your own!

KUBE_API_ARGS=""

[root@node-1 ~]# vi /etc/kubernetes/config

# How the controller-manager, scheduler, and proxy find the apiserver

KUBE_MASTER="--master=http://k8s-master:8080"

3.5. 启动服务并设置开机启动

[root@k8s-master ~]# systemctl enable kube-apiserver.service

[root@k8s-master ~]# systemctl start kube-apiserver.service

[root@k8s-master ~]# systemctl enable kube-controller-manager.service

[root@k8s-master ~]# systemctl start kube-controller-manager.service

[root@k8s-master ~]# systemctl enable kube-scheduler.service

[root@k8s-master ~]# systemctl start kube-scheduler.service

  1. 部署节点

4.1.部署和3.1-3.3相同

4.2.修改配置文件

[root@Node-2 ~]# vi /etc/kubernetes/config

# How the controller-manager, scheduler, and proxy find the apiserver

KUBE_MASTER="--master=http://k8s-master:8080"

[root@Node-2 ~]# vi //etc/kubernetes/kubelet

KUBELET_ADDRESS="--address=0.0.0.0"

KUBELET_HOSTNAME="--hostname-override=k8s-node-1"

KUBELET_API_SERVER="--api-servers=http://etcd:8080"

4.3.启动服务并设置开机启动

[root@k8s-node-1 ~]# systemctl enable kubelet.service

[root@k8s-node-1 ~]# systemctl start kubelet.service

[root@k8s-node-1 ~]# systemctl enable kube-proxy.service

[root@k8s-node-1~]# systemctl start kube-proxy.service

  1. 查看群集状态

[root@k8s-master ~]# kubectl get node

NAME         STATUS     AGE

k8s-node-1   Ready      14h

k8s-node-2   Ready      14h

  1. 安装Flannel(所有节点)

[root@node-1 ~]# yum install flannel

[root@node-1 ~]# vi /etc/sysconfig/flannel

# Flanneld configuration options

# etcd url location.  Point this to the server where etcd runs

FLANNEL_ETCD_ENDPOINTS="http://etcd:2379"

# etcd config key.  This is the configuration key that flannel queries

# For address range assignment

FLANNEL_ETCD_PREFIX="/atomic.io/network"

  1. 配置etcd中关于flannel的key

[root@node-1 ~]#  etcdctl mk /atomic.io/network/config '{ "Network": "10.0.0.0/16" }'

设置flannel服务启动和开机启动:

[root@node-1 ~]# systemctl enable flanneld.service

[root@node-1 ~]# systemctl start flanneld.serivice

管理节点执行:

service docker restart

systemctl restart kube-apiserver.service

systemctl restart kube-controller-manager.service

systemctl restart kube-scheduler.service

业务节点执行

service docker restart

systemctl restart kubelet.service

systemctl restart kube-proxy.service

业务节点拉取image

[root@Node-2 ~]# docker pull winstonpro/lnmp

[root@Node-2 ~]# docker pull tomcat

[root@Node-2 ~]# docker pull httpd

管理节点创建实例

kubectl run web --image=winstonpro/lnmp --port=80

管理节点做svc映射

kubectl expose deployment web --port=80 --target-port=80 --external-ip=10.10.1.30

常用命令:

[root@node-1 ~]# kubectl get node -o wide

NAME         STATUS     AGE       EXTERNAL-IP

k8s-node-1   Ready      14h       <none>

k8s-node-2   Ready      14h       <none>

[root@node-1 ~]# kubectl get pod -o wide

NAME                      READY     STATUS    RESTARTS   AGE       IP          NODE

app-556711052-ps9kr       1/1       Running   3          7h        10.0.53.2   k8s-node-1

tomcat-3343039334-0z187   1/1       Running   0          2h        10.0.74.3   k8s-node-2

web-3818241055-g11q8      1/1       Running   3          8h        10.0.74.2   k8s-node-2

[root@node-1 ~]# kubectl get svc -o wide

NAME         CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE       SELECTOR

kubernetes   10.254.0.1      <none>        443/TCP    15h       <none>

tomcat       10.254.69.86    10.10.1.30    7777/TCP   2h        run=tomcat

web          10.254.76.251   10.10.1.30    80/TCP     6h        run=web

[root@node-1 ~]# kubectl get  deployments

NAME      DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE

app       1         1         1            1           7h

tomcat    1         1         1            1           2h

web       1         1         1            1           8h

关于外网无法访问:

[root@Node-2 ~]# vi /etc/sysctl.conf

net.ipv4.ip_forward = 1

[root@Node-2 ~]# sysctl -p

iptables -P INPUT ACCEPT

iptables -P FORWARD ACCEPT

iptables -F

CentOS7.6部署k8s环境的更多相关文章

  1. Centos7.6部署k8s v1.16.4高可用集群(主备模式)

    一.部署环境 主机列表: 主机名 Centos版本 ip docker version flannel version Keepalived version 主机配置 备注 master01 7.6. ...

  2. CentOS7.6部署ceph环境

    CentOS7.6部署ceph环境 测试环境: 节点名称 节点IP 磁盘 节点功能 Node-1 10.10.1.10/24 /dev/sdb 监控节点 Node-2 10.10.1.20/24 /d ...

  3. django2.0 + python3.6 在centos7 下部署生产环境的一些注意事项

    一:mysql 与环境选用的坑 目前, 在生产环境部署django有三种方式: 1. apache + mod_wsgi 2. nginx + uwsigi 3. nginx + supervisor ...

  4. centos7.2 部署k8s集群

    一.背景 二.使用范围 ♦ 测试环境及实验环境 三.安装前说明 ♦ k8s网络基本概念 ♦  集群规划图 ♦ 软件版本选取 Name Version Description docker-ce 18. ...

  5. centos7下部署iptables环境纪录(关闭默认的firewalle)

    CentOS7默认的防火墙不是iptables,而是firewall.由于习惯了用iptables作为防火墙,所以在安装好centos7系统后,会将默认的firewall关闭,并另安装iptables ...

  6. centos7下部署iptables环境纪录(关闭默认的firewalle)(转)

    下面介绍centos7关闭firewall安装iptables,并且开启80端口.3306端口的操作记录:[root@localhost ~]# cat /etc/redhat-release Cen ...

  7. CentOS7单机部署lamp环境和apache虚拟主机

    (1)apache介绍 apache : httpd.apache.org 软件包:httpd 端口服务:80/tcp(http) 443/tcp(https,http+ssl) 配置文件: /etc ...

  8. centos7.1部署java环境服务器

    1.检查操作系统自带java是jdk还是jre(否有javac,本例中没有javac) [root@bogon ~]# ls -l /usr/lib/jvm/总用量 0drwxr-xr-x. 3 ro ...

  9. ansible一键部署k8s单机环境

    一.虚拟机准备 干净的Centsot7.4.4G内存.2个CPU 最小化安装,最好带虚拟化 二.执行初始化脚本 注意:脚本中配置静态网卡根据实际网卡名称配置,我用的是ens33 可以用 sed -i ...

随机推荐

  1. poj 2431 【优先队列】

    poj 2431 Description A group of cows grabbed a truck and ventured on an expedition deep into the jun ...

  2. 最短路-Dijkstra算法整理

    维基说的很全面:https://en.wikipedia.org/wiki/Dijkstra%27s_algorithm 理解: 先设置访问数组vis[]和距离数组dist[],开始时把源点(sour ...

  3. Python中的生产者消费者模型

    ---恢复内容开始--- 了解知识点: 1.守护进程: ·什么是守护进程: 守护进程其实就是一个‘子进程’,守护即伴随,守护进程会伴随主进程的代码运行完毕后而死掉 ·为何用守护进程: 当该子进程内的代 ...

  4. Skiing 2017 ACM-ICPC 亚洲区(乌鲁木齐赛区)网络赛H题(拓扑序求有向图最长路)

    参考博客(感谢博主):http://blog.csdn.net/yo_bc/article/details/77917288 题意: 给定一个有向无环图,求该图的最长路. 思路: 由于是有向无环图,所 ...

  5. Ubuntu+Apache+PHP+Mysql环境搭建(完整版)(转)

    http://www.2cto.com/os/201505/401588.html Ubuntu+Apache+PHP+Mysql环境搭建(完整版) 一.操作系统Ubuntu 14.04 64位,阿里 ...

  6. ROW_NUMBER(),不允许并列名次、相同值名次不重复,结果如123456……

    将score按ID分组排名:row_number() over(partition by id order by score desc) 将score不分组排名:row_number() over(o ...

  7. 模板—中国剩余定理+拓展GCD

    int exgcd(int a,int b,int &x,int &y) { ) { x=,y=; return a; } int gcd=exgcd(b,a%b,x,y); int ...

  8. dubbo开启access log步骤

    1,maven依赖 maven version由2.5.3调整为2.5.3.2 <dependency>     <groupId>com.alibaba</groupI ...

  9. BERT大火却不懂Transformer?读这一篇就够了 原版 可视化机器学习 可视化神经网络 可视化深度学习

    https://jalammar.github.io/illustrated-transformer/ The Illustrated Transformer Discussions: Hacker ...

  10. hdu 4476 Cut the rope (2-pointer && simulation)

    Problem - 4476 题意是,给出若干绳子,对同一根绳子只能切割一次,求出最多能获得多少长度相同的绳子. 代码中,s是最大切割长度,而当前切割长度为t/2. 代码如下: #include &l ...