标签:system centos7 Running 集群 localhost https kube root kubernetes1.16
环境
三台 Centos 7 服务器:kube_1、kube_2、kube_3,配置:2核 4G
设置主机名称(*不改的话,加入work节点时会出大错,这个细节改了好久)
# 临时修改 hostname XXX # 永久修改 (建议) hostnamectl set-hostname xxx
关闭、禁用防火墙:
1 systemctl stop firewalld 2 3 systemctl disable firewalld
禁用SELINUX:
1 setenforce 0
禁用交换分区
1 swapoff -a
修改 /etc/fstab 文件,将交换分区的文件系统注释掉,如下
# /dev/mapper/centos-swap swap swap defaults 0 0
创建 /etc/sysctl.d/k8s.conf
文件,添加如下内容:
1 net.bridge.bridge-nf-call-ip6tables = 1 2 net.bridge.bridge-nf-call-iptables = 1 3 net.ipv4.ip_forward = 1
执行如下命令使修改生效:
1 modprobe br_netfilter 2 3 sysctl -p /etc/sysctl.d/k8s.conf
安装Docker
1 # step 1: 安装必要的一些系统工具 2 sudo yum install -y yum-utils device-mapper-persistent-data lvm2 3 4 # Step 2: 添加软件源信息 5 sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo 6 7 # Step 3: 更新并安装 Docker-CE 8 sudo yum makecache fast 9 sudo yum -y install docker-ce 10 11 # Step 4: 开启Docker服务 12 sudo service docker start 13 14 # Step 5: 设置开机启动 15 sudo systemctl enable docker
配置阿里云镜像加速器:
1 mkdir -p /etc/docker 2 3 tee /etc/docker/daemon.json <<-'EOF' 4 { 5 "registry-mirrors": ["https://obww7jh1.mirror.aliyuncs.com"] 6 } 7 EOF 8 9 systemctl daemon-reload 10 11 systemctl restart docker
安装 kubelet kubeadm kubectl
1 cat <<EOF > /etc/yum.repos.d/kubernetes.repo 2 [kubernetes] 3 name=Kubernetes 4 baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ 5 enabled=1 6 gpgcheck=1 7 repo_gpgcheck=1 8 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg 9 EOF 10 11 yum install -y kubelet-1.16.7 kubeadm-1.16.7 kubectl-1.16.7 12 13 systemctl enable --now kubelet
构建 Kubernetes 集群
1、初始化 Master 节点 kube1
1 kubeadm init --pod-network-cidr=10.244.0.0/16 --image-repository=registry.aliyuncs.com/google_containers
- --pod-network-cidr :后续安装 flannel 的前提条件,且值为 10.244.0.0/16, 参考资料
- --image-repository :指定镜像仓库
输出日志:
1 [addons] Applied essential addon: CoreDNS 2 3 Your Kubernetes control-plane has initialized successfully! 4 5 To start using your cluster, you need to run the following as a regular user: 6 7 mkdir -p $HOME/.kube 8 sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config 9 sudo chown $(id -u):$(id -g) $HOME/.kube/config 10 11 You should now deploy a pod network to the cluster. 12 Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: 13 https://kubernetes.io/docs/concepts/cluster-administration/addons/ 14 15 Then you can join any number of worker nodes by running the following on each as root: 16 17 kubeadm join 192.168.1.127:6443 --token yjscgl.eybl86olwr3g2ct9 \ 18 --discovery-token-ca-cert-hash sha256:91f7982ff4ffb9099b5228449044483192b73d52932929674985ef595a769055
从日志中,可以看出,要使用集群,需要执行如下命令:
1 mkdir -p $HOME/.kube 2 sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config 3 sudo chown $(id -u):$(id -g) $HOME/.kube/config
还需要部署一个 Pod Network 到集群中,此处选择 flannel
,因为要访问国外资源的缘故,这里另外处理
# 将 yml 文件下载到本地 [root@localhost ~]# wget https://raw.githubusercontent.com/coreos/flannel/2140ac876ef134e0ed5af15c65e414cf26827915/Documentation/kube-flannel.yml # 打开文件,将文件中所有 quay.io 修改为 quay-mirror.qiniu.com (https://blog.csdn.net/zsd498537806/article/details/85157560) # 最后拉取镜像 [root@localhost ~]# kubectl apply -f kube-flannel.yml
至此,Master 节点初始化完毕,查看集群相关信息:
# 查看集群 [root@localhost ~]# kubectl cluster-info Kubernetes master is running at https://192.168.1.127:6443 KubeDNS is running at https://192.168.1.127:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'. # 查看 node [root@localhost ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-master Ready master 106m v1.16.7 k8s-node1 Ready <none> 102m v1.16.7 k8s-node2 Ready <none> 33m v1.16.4 # 查看pod [root@localhost ~]# kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-58cc8c89f4-955zb 1/1 Running 0 106m kube-system coredns-58cc8c89f4-bp746 1/1 Running 0 106m kube-system etcd-k8s-master 1/1 Running 0 106m kube-system kube-apiserver-k8s-master 1/1 Running 0 105m kube-system kube-controller-manager-k8s-master 1/1 Running 0 105m kube-system kube-flannel-ds-amd64-ckdzv 1/1 Running 0 102m kube-system kube-flannel-ds-amd64-fvrmj 1/1 Running 0 105m kube-system kube-flannel-ds-amd64-m8557 1/1 Running 0 34m kube-system kube-proxy-6lgbv 1/1 Running 0 34m kube-system kube-proxy-d8sxd 1/1 Running 0 106m kube-system kube-proxy-v9xnz 1/1 Running 0 102m kube-system kube-scheduler-k8s-master 1/1 Running 0 106m
* 如果初始化中遇到问题:
[root@localhost ~]# kubeadm reset [root@localhost ~]# rm -rf /var/lib/cni/ [root@localhost ~]# rm -f $HOME/.kube/config
* 若出现 节点 NotReady, coredns 为 pending (https://www.jianshu.com/p/d446121dbfc2)
[root@localhost ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION k8s-master NotReady master 2m48s v1.16.7 # 查看 Pods 信息 [root@localhost ~]# kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-9d85f5447-4f65b 0/1 Pending 0 63m kube-system coredns-9d85f5447-b2m6m 0/1 Pending 0 63m kube-system etcd-localhost.localdomain 1/1 Running 0 63m kube-system kube-apiserver-localhost.localdomain 1/1 Running 0 63m kube-system kube-controller-manager-localhost.localdomain 1/1 Running 0 63m kube-system kube-proxy-sz9ld 1/1 Running 0 63m kube-system kube-scheduler-localhost.localdomain 1/1 Running 0 63m
解决方法:安装CNI,安装CNI配置文件
$ mkdir -p /etc/cni/net.d $ cat >/etc/cni/net.d/10-mynet.conf <<EOF { "cniVersion": "0.2.0", "name": "mynet", "type": "bridge", "bridge": "cni0", "isGateway": true, "ipMasq": true, "ipam": { "type": "host-local", "subnet": "10.22.0.0/16", "routes": [ { "dst": "0.0.0.0/0" } ] } } EOF $ cat >/etc/cni/net.d/99-loopback.conf <<EOF { "cniVersion": "0.2.0", "name": "lo", "type": "loopback" } EOF
这里两个配置一个是给容器塞一个网卡挂在网桥上的,另外一个配置负责撸(本地回环)
添加work节点
方式1 :使用 kubeadm init时返回的信息加入 (在work节点中输入命令)
kubeadm join 192.168.1.127:6443 --token yjscgl.eybl86olwr3g2ct9 \ --discovery-token-ca-cert-hash sha256:91f7982ff4ffb9099b5228449044483192b73d52932929674985ef595a769055
方式2 :重新生成token
kubeadm token generate kubeadm token create <generated-token> --print-join-command --ttl=24h
参考:
kubernetes v1.16.x环境搭建 :https://www.jianshu.com/p/832bcd89bc07
彻底理解kubernetes CNI :https://www.jianshu.com/p/d446121dbfc2
gcr.io和quay.io拉取镜像失败 :https://blog.csdn.net/zsd498537806/article/details/85157560
标签:system,centos7,Running,集群,localhost,https,kube,root,kubernetes1.16 来源: https://www.cnblogs.com/wzllzw/p/12323595.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。