使用kubeadm快速部署k8s集群
2020-06-05 04:49
363 查看
使用kubeadm快速部署k8s集群
- 1. 准备环境
- 2. 所有节点安装Docker/kubeadm/kubelet
- 3. 部署Kubernetes Master
- 4. 加入集群
- 5. 安装Flannel
- 6. 测试k8s集群
- 7. 部署 Dashboard
1. 准备环境
角色 | IP |
---|---|
k8s-master | 192.168.60.13 |
k8s-node1 | 192.168.60.15 |
k8s-node2 | 192.168.60.16 |
关闭防火墙: # systemctl stop firewalld # systemctl disable firewalld 关闭selinux: # sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久 # setenforce 0 # 临时 关闭swap: # swapoff -a # 临时 # vim /etc/fstab # 注释swap分区那行 设置主机名: # hostnamectl set-hostname <hostname> 在master添加hosts: # cat >> /etc/hosts << EOF 192.168.60.13 k8s-master 192.168.60.15 k8s-node1 192.168.60.16 k8s-node2 EOF 设置IPv4流量转发 # cat > /etc/sysctl.d/k8s.conf << EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF # sysctl --system # 生效 时间同步: # yum install ntpdate -y # ntpdate time.windows.com
2. 所有节点安装Docker/kubeadm/kubelet
添加阿里云YUM软件源
# cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
安装Docker
拉取阿里云yum源 # wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo # yum -y install docker-ce-18.06.1.ce-3.el7 # systemctl enable docker && systemctl start docker # docker --version Docker version 18.06.1-ce, build e68fc7a
修改镜像仓库 # cat > /etc/docker/daemon.json << EOF { "registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"] } EOF
安装kubeadm,kubelet和kubectl
# yum install -y kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0 # systemctl enable kubelet
3. 部署Kubernetes Master
只在Master执行。
# kubeadm init \ --apiserver-advertise-address=192.168.60.13 \ --image-repository registry.aliyuncs.com/google_containers \ --kubernetes-version v1.18.0 \ --service-cidr=10.96.0.0/12 \ --pod-network-cidr=10.244.0.0/16
第一行:指定apiserver暴露的IP地址
第二行:指定镜像仓库
第三行:指定当前安装版本
第四行:指定service的IP地址段,不要与现有网络冲突
第五段:指定pod的IP地址段,不要与现有网络冲突
执行完成后,有如下提示
Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: kubeadm join 192.168.60.13:6443 --token zfbpba.s701lhju22skuhif \ --discovery-token-ca-cert-hash sha256:f26c0b5d5fcbb7c0eb2baba4b156368bd4b9ff686048a5c82ff68c2f67f43839
按提示操作
# mkdir -p $HOME/.kube # sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config # sudo chown $(id -u):$(id -g) $HOME/.kube/config # kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-master1 NotReady master 16m v1.18.0 k8s-node1 NotReady <none> 3m52s v1.18.0 k8s-node2 NotReady <none> 3m9s v1.18.0
此时status为NotReady
4. 加入集群
在192.168.60.15/16(Node)执行。
向集群添加新节点
直接执行回显命令 # kubeadm join 192.168.60.13:6443 --token zfbpba.s701lhju22skuhif \ --discovery-token-ca-cert-hash sha256:f26c0b5d5fcbb7c0eb2baba4b156368bd4b9ff686048a5c82ff68c2f67f43839
默认token有效期为24小时,当过期之后,该token就不可用了。这时就需要重新创建token,操作如下:
# kubeadm token create # kubeadm token list # openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' 63bca849e0e01691ae14eab449570284f0c3ddeea590f8da988c07fe2729e924 # kubeadm join 192.168.60.13:6443 --token nuja6n.o3jrhsffiqs9swnu --discovery-token-ca-cert-hash sha256:63bca849e0e01691ae14eab449570284f0c3ddeea590f8da988c07fe2729e924
5. 安装Flannel
# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml # kubectl apply -f kube-flannel.yml
flannel均为running就安装成功了
# kubectl get pods -n kube-system kube-flannel-ds-amd64-69gts 1/1 Running 0 97m kube-flannel-ds-amd64-n7njn 1/1 Running 0 97m kube-flannel-ds-amd64-twpmd 1/1 Running 0 97m
查看node状态为Ready
# kubectl get node NAME STATUS ROLES AGE VERSION k8s-master1 Ready master 121m v1.18.0 k8s-node1 Ready <none> 108m v1.18.0 k8s-node2 Ready <none> 107m v1.18.0
6. 测试k8s集群
在K8s集群中创建一个pod,验证是否正常运行:
# kubectl create deployment nginx --image=nginx # kubectl expose deployment nginx --port=80 --type=NodePort # kubectl get pod,svc
访问地址:http://NodeIP:Port
7. 部署 Dashboard
$ wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml
默认Dashboard只能集群内部访问
修改recommended.yaml使Service为NodePort类型,暴露到外部:
kind: Service apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard spec: type: NodePort ports: - port: 443 targetPort: 8443 selector: k8s-app: kubernetes-dashboard
安装Dashboard
# kubectl apply -f recommended.yaml
查看暴露端口
# kubectl get svc -n kubernetes-dashboard NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE dashboard-metrics-scraper ClusterIP 10.103.201.27 <none> 8000/TCP 95m kubernetes-dashboard NodePort 10.99.220.198 <none> 443:32052/TCP 95m
访问地址:https://NodeIP:Port
创建service account并绑定默认cluster-admin管理员集群角色:
kubectl create serviceaccount dashboard-admin -n kube-system kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
使用输出的token登录Dashboard。
相关文章推荐
- 使用kubeadm快速部署一个K8S集群
- 使用kubeadm部署k8s集群06-扩容kube-controller-manager到3节点
- 使用kubeadm部署k8s集群04-配置kubelet访问kube-apiserver
- CentOS7利用kubeadm快速部署k8s集群
- 使用kubeadm部署k8s集群09-配置worker节点
- Ubuntu 16.04使用kubeadm快速部署Kubernetes-v1.13.4集群
- K8S学习003--使用kubeadm部署安装集群
- 使用kubeadm部署k8s集群07-扩容kube-scheduler到3节点
- 使用kubeadm部署k8s集群00-缓存gcr.io镜像
- 使用kubeadm部署k8s集群00-缓存rpm包
- 使用kubeadm部署k8s集群02-配置etcd高可用
- 使用kubeadm部署k8s集群03-扩容kube-apiserver到3节点
- 使用kubeadm部署k8s集群08-配置LB指向kube-apiserver
- 再探使用kubeadm部署高可用的k8s集群-01引言
- 使用kubeadm部署k8s集群01-初始化
- Docker集群管理工具-Kubernetes1.10.6(k8s)四节点集群使用kubeadm部署流程(一)
- k8s实战二 使用kubeadm部署集群kubeV1.13 (加入node)
- Kubernetes/3.使用Kubeadm部署k8s集群
- 搭建及使用K8s集群 <k8s dashboard pod方式部署>