kubernetes 1.7.2 安装 记录过程
系统信息
cat /etc/redhat-release
CentOS Linux release 7.4. (Core)
环境信息
|
IP地址 |
主机名称 |
| 10.10.6.11 | master |
| 10.10.6.12 | node1 |
| 10.10.6.13 | node2 |
第一部分
基础环境设置(三台设备均需设置,以下master为例)
设置主机名
hostnamectl set-hostname master
禁用selinux 和firewalld
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
systemctl disable firewalld
systemctl stop firewalld
设置环境变量
cat >> /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables =
net.bridge.bridge-nf-call-iptables =
EOF
sysctl -p /etc/sysctl.d/k8s.conf
设置docker 、kubernetes yum 源
cat >> /etc/yum.repos.d/docker.repo <<EOF
[docker-repo]
name=Docker Repository
baseurl=http://mirrors.aliyun.com/docker-engine/yum/repo/main/centos/7
enabled=
gpgcheck=
EOF cat >> /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=
gpgcheck=
EOF
第二部分(三台设备都需要执行)
安装docker 和kubeadm
yum install -y docker-ce
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://vaflkxbk.mirror.aliyuncs.com"]
}
EOF
启动docker ,查看docker信息 docker version
docker version
Client:
Version: 17.12.-ce
API version: 1.35
Go version: go1.9.2
Git commit: c97c6d6
Built: Wed Dec ::
OS/Arch: linux/amd64 Server:
Engine:
Version: 17.12.-ce
API version: 1.35 (minimum version 1.12)
Go version: go1.9.2
Git commit: c97c6d6
Built: Wed Dec ::
OS/Arch: linux/amd64
Experimental: false
安装kubernetes,
cat > /root/kubernetes.sh <<EOF
KUBE_VERSION=1.7.
KUBE_PAUSE_VERSION=3.0
KUBE_CNI_VERSION=0.5.
ETCD_VERSION=3.0.
yum install -y kubernetes-cni-${KUBE_CNI_VERSION}-.x86_64 kubelet-${KUBE_VERSION}-.x86_64 kubectl-${KUBE_VERSION}-.x86_64 kubeadm-${KUBE_VERSION}-.x86_64
EOF
chmod +x /root/kubernetes.sh && sh /root/kubernetes.sh
设置Cgroup Driver: cgroupfs 类型
sed -i 's/cgroup-driver=systemd/cgroup-driver=cgroupfs/g' /etc/systemd/system/kubelet.service.d/-kubeadm.conf
## cgroupfs 是根据docker info 中 的 Cgroup Driver: cgroupfs 来设定。
启动服务
systemctl enable docker
systemctl enable kubelet
systemctl start docker
systemctl start kubelet
下载 images
cat images.sh
set -o errexit
set -o nounset
set -o pipefail KUBE_VERSION=v1.7.2
KUBE_PAUSE_VERSION=3.0
ETCD_VERSION=3.0.
DNS_VERSION=1.14.
FLANNEL=v0.8.0-amd64 GCR_URL=gcr.io/google_containers
ALIYUN_URL=registry.cn-hangzhou.aliyuncs.com/szss_k8s images=(kube-proxy-amd64:${KUBE_VERSION}
kube-scheduler-amd64:${KUBE_VERSION}
kube-controller-manager-amd64:${KUBE_VERSION}
kube-apiserver-amd64:${KUBE_VERSION}
pause-amd64:${KUBE_PAUSE_VERSION}
etcd-amd64:${ETCD_VERSION}
k8s-dns-sidecar-amd64:${DNS_VERSION}
k8s-dns-kube-dns-amd64:${DNS_VERSION}
k8s-dns-dnsmasq-nanny-amd64:${DNS_VERSION}
flannel:${FLANNEL}) for imageName in ${images[@]} ; do
docker pull $ALIYUN_URL/$imageName
docker tag $ALIYUN_URL/$imageName $GCR_URL/$imageName
docker rmi $ALIYUN_URL/$imageName
done
查看下载images 确认无误
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
gcr.io/google_containers/kube-apiserver-amd64 v1.7.2 4935105a20b1 months ago 186MB
gcr.io/google_containers/kube-proxy-amd64 v1.7.2 13a7af96c7e8 months ago 115MB
gcr.io/google_containers/kube-controller-manager-amd64 v1.7.2 2790e95830f6 months ago 138MB
gcr.io/google_containers/kube-scheduler-amd64 v1.7.2 5db1f9874ae0 months ago .2MB
gcr.io/google_containers/flannel v0.8.0-amd64 9db3bab8c19e months ago .7MB
gcr.io/google_containers/k8s-dns-sidecar-amd64 1.14. 38bac66034a6 months ago .8MB
gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64 1.14. f7f45b9cb733 months ago .4MB
gcr.io/google_containers/kubernetes-dashboard-amd64 v1.6.0 8b3d11182363 months ago 109MB
gcr.io/google_containers/k8s-dns-kube-dns-amd64 1.14. f8363dbf447b months ago .4MB
gcr.io/google_containers/etcd-amd64 3.0. 243830dae7dd months ago 169MB
gcr.io/google_containers/pause-amd64 3.0 99e59f495ffa months ago 747kB
第三部分
在master 10.10.6.11 上执行
kubeadm init --apiserver-advertise-address=10.10.6.11 --kubernetes-version=v1.7.2 --token=863f67.19babbff7bfe8543 --pod-network-cidr=10.244.0.0/
输出信息
[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.
[init] Using Kubernetes version: v1.7.2
[init] Using Authorization modes: [Node RBAC]
[preflight] Running pre-flight checks
[preflight] WARNING: docker version is greater than the most recently validated version. Docker version: 17.12.-ce. Max validated version: 1.12
[preflight] WARNING: hostname "master" could not be reached
[preflight] WARNING: hostname "master" lookup master on 114.114.114.114:: no such host
[preflight] Starting the kubelet service
[kubeadm] WARNING: starting in 1.8, tokens expire after hours by default (if you require a non-expiring token use --token-ttl )
[certificates] Generated CA certificate and key.
[certificates] Generated API server certificate and key.
[certificates] API Server serving cert is signed for DNS names [master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.10.6.11]
[certificates] Generated API server kubelet client certificate and key.
[certificates] Generated service account token signing key and public key.
[certificates] Generated front-proxy CA certificate and key.
[certificates] Generated front-proxy client certificate and key.
[certificates] Valid certificates and keys now exist in "/etc/kubernetes/pki"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/scheduler.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/admin.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/controller-manager.conf"
[apiclient] Created API client, waiting for the control plane to become ready
[apiclient] All control plane components are healthy after 31.001278 seconds
[token] Using token: 863f67.19babbff7bfe8543
[apiconfig] Created RBAC rules
[addons] Applied essential addon: kube-proxy
[addons] Applied essential addon: kube-dns Your Kubernetes master has initialized successfully! To start using your cluster, you need to run (as a regular user): mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
http://kubernetes.io/docs/admin/addons/ You can now join any number of machines by running the following on each node
as root: kubeadm join --token 863f67.19babbff7bfe8543 10.10.6.11:
设置环境变量,这里是把变量放到/etc/profile
export KUBECONFIG=/etc/kubernetes/admin.conf
下载 kube-flannel-rbac.yml 和
vi kube-flannel-rbac.yml
wget https://raw.githubusercontent.com/coreos/flannel/v0.8.0/Documentation/kube-flannel-rbac.yml wget https://raw.githubusercontent.com/coreos/flannel/v0.8.0/Documentation/kube-flannel.yml
其中kube-flannel.yml 的flannel镜像 要与上面下载的flannel 一致
# Create the clusterrole and clusterrolebinding:
# $ kubectl create -f kube-flannel-rbac.yml
# Create the pod using the same namespace used by the flannel serviceaccount:
# $ kubectl create --namespace kube-system -f kube-flannel.yml
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: flannel
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- ""
resources:
- nodes
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- patch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: flannel
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flannel
subjects:
- kind: ServiceAccount
name: flannel
namespace: kube-system
vi kube-flannel.yml
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: flannel
namespace: kube-system
---
kind: ConfigMap
apiVersion: v1
metadata:
name: kube-flannel-cfg
namespace: kube-system
labels:
tier: node
app: flannel
data:
cni-conf.json: |
{
"name": "cbr0",
"type": "flannel",
"delegate": {
"isDefaultGateway": true
}
}
net-conf.json: |
{
"Network": "10.244.0.0/16",
"Backend": {
"Type": "vxlan"
}
}
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: kube-flannel-ds
namespace: kube-system
labels:
tier: node
app: flannel
spec:
template:
metadata:
labels:
tier: node
app: flannel
spec:
hostNetwork: true
nodeSelector:
beta.kubernetes.io/arch: amd64
tolerations:
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
serviceAccountName: flannel
containers:
- name: kube-flannel
image: gcr.io/google_containers/flannel:v0.8.0-amd64
command: [ "/opt/bin/flanneld", "--ip-masq", "--kube-subnet-mgr" ]
securityContext:
privileged: true
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: run
mountPath: /run
- name: flannel-cfg
mountPath: /etc/kube-flannel/
- name: install-cni
image: gcr.io/google_containers/flannel:v0.8.0-amd64
command: [ "/bin/sh", "-c", "set -e -x; cp -f /etc/kube-flannel/cni-conf.json /etc/cni/net.d/10-flannel.conf; while true; do sleep 3600; done" ]
volumeMounts:
- name: cni
mountPath: /etc/cni/net.d
- name: flannel-cfg
mountPath: /etc/kube-flannel/
volumes:
- name: run
hostPath:
path: /run
- name: cni
hostPath:
path: /etc/cni/net.d
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
执行以下命令:
kubectl --namespace kube-system apply -f kube-flannel-rbac.yml
kubectl --namespace kube-system apply -f kube-flannel.yml
在两个node 节点上执行
kubeadm join --token 863f67.19babbff7bfe8543 10.10.6.11: --skip-preflight-checks
输出信息
[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.
[preflight] Skipping pre-flight checks
[discovery] Trying to connect to API Server "10.10.6.11:6443"
[discovery] Created cluster-info discovery client, requesting info from "https://10.10.6.11:6443"
[discovery] Cluster info signature and contents are valid, will use API Server "https://10.10.6.11:6443"
[discovery] Successfully established connection with API Server "10.10.6.11:6443"
[bootstrap] Detected server version: v1.7.2
[bootstrap] The server supports the Certificates API (certificates.k8s.io/v1beta1)
[csr] Created API client to obtain unique certificate for this node, generating keys and certificate signing request
[csr] Received signed certificate from the API server, generating KubeConfig...
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf" Node join complete:
* Certificate signing request sent to master and response
received.
* Kubelet informed of new secure connection details. Run 'kubectl get nodes' on the master to see this machine join.
在master 上面查看信息
[root@master ~]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system etcd-master / Running 2h
kube-system kube-apiserver-master / Running 2h
kube-system kube-controller-manager-master / Running 2h
kube-system kube-dns--glrxd / Running 2h
kube-system kube-flannel-ds-7tb2x / Running 2h
kube-system kube-flannel-ds-pvwfv / Running 2h
kube-system kube-flannel-ds-t5b3t / Running 2h
kube-system kube-proxy-2k10j / Running 2h
kube-system kube-proxy-6tdhl / Running 2h
kube-system kube-proxy-dgfrb / Running 2h
kube-system kube-scheduler-master / Running 2h
[root@master ~]# kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE
etcd-master / Running 2h 10.10.6.11 master
kube-apiserver-master / Running 2h 10.10.6.11 master
kube-controller-manager-master / Running 2h 10.10.6.11 master
kube-dns--glrxd / Running 2h 10.244.0.3 master
kube-flannel-ds-7tb2x / Running 2h 10.10.6.13 node2
kube-flannel-ds-pvwfv / Running 2h 10.10.6.11 master
kube-flannel-ds-t5b3t / Running 2h 10.10.6.12 node1
kube-proxy-2k10j / Running 2h 10.10.6.13 node2
kube-proxy-6tdhl / Running 2h 10.10.6.12 node1
kube-proxy-dgfrb / Running 2h 10.10.6.11 master
kube-scheduler-master / Running 2h 10.10.6.11 master
[root@master ~]#
确保都是running 的状态
kubernetes 1.7.2 安装 记录过程的更多相关文章
- kubernetes学习笔记(一)——minikube安装记录
想学习一下kubernetes,于是先安装一个单机版来学习一下.但是就是这个最简单的单机版安装方式都倒腾了我好久,记录下自己的安装过程.博主是在windows利用vmware workstation安 ...
- xp硬盘安装Fedora14 过程记录及心得体会(fedora14 live版本680M 和fedora14 DVD版本3.2G的选择)
这次电脑奔溃了,奇怪的是直接ghost覆盖c盘竟然不中.之前电脑上硬盘安装的fedora14操作系统,也是双系统.不知道是不是这个问题,记得同学说过,在硬盘装fedora之后,要手动修改c盘隐藏的那个 ...
- 【Oracle RAC】Linux系统Oracle18c RAC安装配置详细记录过程(图文并茂)
本文Oracle 18c GI/RAC on Oracle Linux step-by-step 的安装配置步骤,同时也包含dbca 创建数据库的过程. 1. 关闭SELINUX,防火墙vi /etc ...
- Kubernetes kubeadm 安装记录
Kubernetes kubeadm 安装记录 注:比较乱,都是一些预见到的错误 kubernetes yum 源 cat /etc/yum.repos.d/kubernetes.repo [kube ...
- redhat6.0 安装ORACLE11GR2过程记录
vawaretools安装 我的是8.0vm 1,vm=>install vmtools 2,会在redhat里出现一个虚拟光驱图标. 3,复制里面的文件到root目录下. 4,解压缩文件 ta ...
- centos源码编译安装nginx过程记录
前言:Centos系统编译安装LNMP环境是每来一台新服务器或换电脑都需要做的事情.这里仅做一个记录.给初学者一个参考! 一.安装前的环境 这里用的是centos 7系统. 我们默认把下载的软件放在 ...
- kubernetes之Kubeadm快速安装v1.12.0版
通过Kubeadm只需几条命令即起一个单机版kubernetes集群系统,而后快速上手k8s.在kubeadm中,需手动安装Docker和kubeket服务,Docker运行容器引擎,kubelet是 ...
- k8s安装部署过程个人总结及参考文章
以下是本人安装k8s过程 一.单机配置 1. 环境准备 主机名 IP 配置 master1 192.168.1.181 1C 4G 关闭所有节点的seliux以及firewalld sed -i 's ...
- SCCM 2012 R2安装部署过程和问题(一)
在进行Windows Server 2012 R2虚拟化测试前,由于需要安装,部署和管理很多的服务器,自然会想到该如何提高效率和有效的管理.在Windows Server 2008的时代微软已经提供称 ...
随机推荐
- kafka分布式搭建
kafka分布式搭建 (192.168.230.129)master (192.168.230.130)slave1 (192.168.230.131)salve2 在master.slave1.sl ...
- DropFileName = "svchost.exe" 问题解决方案
1.至以下链接处下载ATTK扫描工具: http://support.trendmicro.com.cn ... stomizedpackage.exe (32位) http://support.tr ...
- mysql数据库初始化(启动mysql时候报很多错误,初始化)
./mysql_install_db --defaults-file=/etc/my.cnf --user=mysql --basedir=/usr/local/mysql --datadir=/us ...
- LVM详解笔记pv-vg-lv创建和扩展
LVM Logical Volume Manager(逻辑卷管理) 是Linux环境下对底层磁盘的一种管理机制(方式),处在物理磁盘和文件系统之间. 名词: PV (Physical Volume)物 ...
- NIO之直接缓冲区与非直接缓冲区
直接缓冲区与非直接缓冲区的概念 一.非直接缓冲区 1)创建方式 通过 static ByteBuffer allocate(int capacity) 创建的缓冲区,在JVM中内存中创建,在每次调用基 ...
- Angularjs学习笔记6_table1
<!DOCTYPE html><html lang="en" ng-app="plunker"><head> < ...
- 文件操作接口的系统调用分析---SYSCALL_DEFINEx
linux/arch/arm/kernel/call.S ... CALL(sys_read) CALL(sys_write) CALL(sys_open) CALL(sys_close) ... ...
- java - day14 - InnerClass
内部类使用 package com.InnerClass; public class Mama { String name; Baby baby; Mama(String name){ this.na ...
- MYSQL分区表功能测试简析
1.查看Mysql版本是否支持分区 SHOW VARIABLES LIKE '%partition%'; +-------------------+-------+ | Variable_nam ...
- Java并发编程(三)概念介绍
在构建稳健的并发程序时,必须正确使用线程和锁.但是这终归只是一些机制.要编写线程安全的代码,其核心在于要对状态访问操作进行管理,特别是对共享的(Shared)和可变的(Mutable)状态的访问. 对 ...