撰写kubeadm是官方社区推出的一个用于快速部署kubernetes集群的工具。
这个工具能通过两条指令完成一个kubernetes集群的部署:
# kubeadm init #创建一个 Master 节点 # kubeadm join <Master节点的IP和端口> #将一个Node节点加入到当前集群中
服务器要求
• 一台或多台机器,操作系统 CentOS7.x-86_x64 • 硬件配置:2GB或更多RAM,2个CPU或更多CPU,硬盘30GB或更多 • 集群中所有机器之间网络互通 • 可以访问外网,需要拉取镜像 • 禁止swap分区
1、环境准备(所有服务器操作)
1.1、服务器信息及角色: 192.168.6.115 master节点 192.168.6.116 node节点 192.168.6.117 node节点 1.2、关闭防火墙: # systemctl stop firewalld # systemctl disable firewalld 1.3、关闭selinux: # sed -i 's/enforcing/disabled/' /etc/selinux/config 1.4、关闭swap: # swapoff -a 1.5、添加主机名与IP对应关系: # cat /etc/hosts 192.168.6.115 ks-115 192.168.6.116 ks-116 192.168.6.117 ks-117 1.6、将桥接的IPv4流量传递到iptables的链: # cat > /etc/sysctl.d/k8s.conf << EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF # sysctl --system
2、安装docker/kubeadm/kubelet(所有服务器操作)
2.1、安装Docker: # wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo # yum -y install docker-ce # systemctl start docker # systemctl enable docker # docker --version
2.2、添加阿里云yum源: # cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
2.3、安装kubeadm,kubelet和kubectl: # yum -y install kubelet-1.14.0 # yum -y install kubeadm-1.14.0 kubectl-1.14.0 # systemctl start kubelet && systemctl enable kubelet # rpm -qa|grep kube
3、部署Kubernetes Master(master端操作):
# kubeadm init \ --apiserver-advertise-address=192.168.6.115 \ --image-repository registry.aliyuncs.com/google_containers \ --kubernetes-version v1.14.0 \ --service-cidr=10.1.0.0/16 \ --pod-network-cidr=10.244.0.0/16 注:下面截图中框出来的内容后面会用到
4、使用kubectl工具(master端操作)
# mkdir -p $HOME/.kube # sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config # sudo chown $(id -u):$(id -g) $HOME/.kube/config # kubectl get nodes
5、安装Pod网络插件(CNI,master端操作)
# wget https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml # kubectl apply -f kube-flannel.yml 注:kube-flannel.yml 文件中的镜像地址原本是国外的,访问不了可以改成个人镜像地址:liyupei/flannel:v0.11.0-amd64
6、将node加入集群(在node端操作)
# kubeadm join 192.168.6.115:6443 --token qgvys8.hv4ix9fj5i9x6awn \
--discovery-token-ca-cert-hash sha256:e78d2c577f1c8a5114ddd30d86e9fb65a2d9ccd92d00c13f301e11ab71368bac
7、查看集群状态(在master端操作)
# kubectl get nodes
8、测试kubernetes集群(在master端操作)
# kubectl create deployment nginx --image=nginx # kubectl expose deployment nginx --port=80 --type=NodePort # kubectl get pod,svc,deployment
9、部署 Dashboard
# https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml 注:kubernetes-dashboard.yaml 文件中的镜像地址原本是国外的,访问不了可以改成个人镜像地址:liyupei/kubernetes-dashboard-amd64:v1.10.1
默认Dashboard只能集群内部访问,修改Service为NodePort类型,暴露到外部
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
nodePort: 30001
selector:
k8s-app: kubernetes-dashboard
# kubectl apply -f kubernetes-dashboard.yaml
浏览器输入:https://IP:30001
创建service account并绑定默认cluster-admin管理员集群角色
# kubectl create serviceaccount dashboard-admin -n kube-system
# kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
注:复制下面的token信息到dashboard的令牌处即可登录
