k8s 1.6.1 安装(国内加速)

参考

https://mritd.me/2016/10/29/set-up-kubernetes-cluster-by-kubeadm/
http://www.jianshu.com/p/4f5066dad9b4
http://kubernetes.io/docs/admin/addons/
https://github.com/kubernetes/kubernetes/issues/43815
https://github.com/kubernetes/kubernetes/pull/43835
https://www.addops.cn/post/kubernetes-deployment.html

环境

centos 7.2
docker-engine-1.12.6(使用阿里云加速器)
k8s 1.6.1
主机名可解析

打包rpm

yum  install git -y
git clone https://github.com/kubernetes/release && cd release/rpm && ./docker-build.sh
[root@cloud4ourself-mykc1 release]# git rev-parse --short HEAD
ee84be6

安装(master and nodes)

echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
sysctl -p

yum install output/x86_64/kube*.rpm -y

此处kubeadm 1.6.0存在一个bug,https://github.com/kubernetes/kubernetes/issues/43815,
1.6.1已解决

下载docker images

docker pull 4admin2root/kube-controller-manager-amd64:v1.6.0
docker pull 4admin2root/kube-scheduler-amd64:v1.6.0
docker pull 4admin2root/kube-apiserver-amd64:v1.6.0
docker pull 4admin2root/etcd-amd64:3.0.17
docker pull 4admin2root/kube-proxy-amd64:v1.6.0
docker pull  4admin2root/k8s-dns-sidecar-amd64:1.14.1
docker pull  4admin2root/k8s-dns-dnsmasq-nanny-amd64:1.14.1
docker pull  4admin2root/pause-amd64:3.0
docker pull 4admin2root/etcd:2.2.1

docker pull 4admin2root/node:v1.1.0
docker pull 4admin2root/cni:v1.6.1
docker pull 4admin2root/kube-policy-controller:v0.5.4


docker tag 4admin2root/kube-controller-manager-amd64:v1.6.0    gcr.io/google_containers/kube-controller-manager-amd64:v1.6.0
docker tag 4admin2root/kube-scheduler-amd64:v1.6.0             gcr.io/google_containers/kube-scheduler-amd64:v1.6.0
docker tag 4admin2root/kube-apiserver-amd64:v1.6.0             gcr.io/google_containers/kube-apiserver-amd64:v1.6.0
docker tag 4admin2root/etcd-amd64:3.0.17                       gcr.io/google_containers/etcd-amd64:3.0.17
docker tag 4admin2root/kube-proxy-amd64:v1.6.0                 gcr.io/google_containers/kube-proxy-amd64:v1.6.0
docker tag  4admin2root/k8s-dns-sidecar-amd64:1.14.1           gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.1 
docker tag  4admin2root/k8s-dns-dnsmasq-nanny-amd64:1.14.1     gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.1
docker tag  4admin2root/pause-amd64:3.0                        gcr.io/google_containers/pause-amd64:3.0
docker tag  4admin2root/etcd:2.2.1                             gcr.io/google_containers/etcd:2.2.1

docker tag  4admin2root/node:v1.1.0   quay.io/calico/node:v1.1.0
docker tag  4admin2root/cni:v1.6.1    quay.io/calico/cni:v1.6.1
docker tag  4admin2root/kube-policy-controller:v0.5.4  quay.io/calico/kube-policy-controller:v0.5.4

master执行init(使用下载版本kubeadm)

[root@cloud4ourself-mykc2 ~]# kubeadm init
[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.
[init] Using Kubernetes version: v1.6.0
[init] Using Authorization mode: RBAC
[preflight] Running pre-flight checks
[preflight] WARNING: kubelet service is not enabled, please run 'systemctl enable kubelet.service'
[preflight] Starting the kubelet service
[certificates] Generated CA certificate and key.
[certificates] Generated API server certificate and key.
[certificates] API Server serving cert is signed for DNS names [cloud4ourself-mykc2.novalocal kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.9.5.107]
[certificates] Generated API server kubelet client certificate and key.
[certificates] Generated service account token signing key and public key.
[certificates] Generated front-proxy CA certificate and key.
[certificates] Generated front-proxy client certificate and key.
[certificates] Valid certificates and keys now exist in "/etc/kubernetes/pki"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/admin.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/controller-manager.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/scheduler.conf"
[apiclient] Created API client, waiting for the control plane to become ready
[apiclient] All control plane components are healthy after 23.784875 seconds
[apiclient] Waiting for at least one node to register
[apiclient] First node has registered after 4.502966 seconds
[token] Using token: 8d92f5.922276a553ed2847
[apiconfig] Created RBAC rules
[addons] Created essential addon: kube-proxy
[addons] Created essential addon: kube-dns

Your Kubernetes master has initialized successfully!

To start using your cluster, you need to run (as a regular user):

  sudo cp /etc/kubernetes/admin.conf $HOME/
  sudo chown $(id -u):$(id -g) $HOME/admin.conf
  export KUBECONFIG=$HOME/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  http://kubernetes.io/docs/admin/addons/

You can now join any number of machines by running the following on each node
as root:

  kubeadm join --token 8d92f5.922276a553ed2847 10.9.5.107:6443
[root@cloud4ourself-mykc2 ~]# kubectl --kubeconfig /etc/kubernetes/admin.conf get nodes
NAME                            STATUS     AGE       VERSION
cloud4ourself-mykc2.novalocal   NotReady   9m        v1.6.1
[root@cloud4ourself-mykc2 ~]# kubectl --kubeconfig /etc/kubernetes/admin.conf get pod --all-namespaces
NAMESPACE     NAME                                                    READY     STATUS    RESTARTS   AGE
kube-system   etcd-cloud4ourself-mykc2.novalocal                      1/1       Running   0          9m
kube-system   kube-apiserver-cloud4ourself-mykc2.novalocal            1/1       Running   0          9m
kube-system   kube-controller-manager-cloud4ourself-mykc2.novalocal   1/1       Running   0          9m
kube-system   kube-dns-3913472980-jgk3f                               0/3       Pending   0          10m
kube-system   kube-proxy-9ghw7                                        1/1       Running   0          10m
kube-system   kube-scheduler-cloud4ourself-mykc2.novalocal            1/1       Running   0          9m

#docker pull quay.io/calico/cni:v1.6.1
#docker pull quay.io/calico/node:v1.1.0
#docker pull quay.io/calico/kube-policy-controller:v0.5.4

[root@cloud4ourself-mykc2 ~]# kubectl apply -f http://docs.projectcalico.org/v2.1/getting-started/kubernetes/installation/hosted/kubeadm/1.6/calico.yaml --kubeconfig /etc/kubernetes/admin.conf
configmap "calico-config" created
daemonset "calico-etcd" created
service "calico-etcd" created
daemonset "calico-node" created
deployment "calico-policy-controller" created
clusterrolebinding "calico-cni-plugin" created
clusterrole "calico-cni-plugin" created
serviceaccount "calico-cni-plugin" created
clusterrolebinding "calico-policy-controller" created
clusterrole "calico-policy-controller" created
serviceaccount "calico-policy-controller" created
[root@cloud4ourself-mykc2 ~]# kubectl --kubeconfig /etc/kubernetes/admin.conf get pod --all-namespaces
NAMESPACE     NAME                                                    READY     STATUS              RESTARTS   AGE
kube-system   calico-etcd-q6p11                                       1/1       Running             0          8s
kube-system   calico-node-j3b47                                       0/2       ContainerCreating   0          7s
kube-system   calico-policy-controller-2561685917-8sj5l               0/1       Pending             0          7s
kube-system   etcd-cloud4ourself-mykc2.novalocal                      1/1       Running             0          12m
kube-system   kube-apiserver-cloud4ourself-mykc2.novalocal            1/1       Running             0          12m
kube-system   kube-controller-manager-cloud4ourself-mykc2.novalocal   1/1       Running             0          12m
kube-system   kube-dns-3913472980-jgk3f                               0/3       Pending             0          13m
kube-system   kube-proxy-9ghw7                                        1/1       Running             0          13m
kube-system   kube-scheduler-cloud4ourself-mykc2.novalocal            1/1       Running             0          12m

[root@cloud4ourself-mykc2 ~]# kubectl --kubeconfig /etc/kubernetes/admin.conf get pod --all-namespaces
NAMESPACE     NAME                                                    READY     STATUS    RESTARTS   AGE
kube-system   calico-etcd-q6p11                                       1/1       Running   0          9m
kube-system   calico-node-j3b47                                       2/2       Running   0          9m
kube-system   calico-policy-controller-2561685917-8sj5l               1/1       Running   0          9m
kube-system   etcd-cloud4ourself-mykc2.novalocal                      1/1       Running   0          21m
kube-system   kube-apiserver-cloud4ourself-mykc2.novalocal            1/1       Running   0          21m
kube-system   kube-controller-manager-cloud4ourself-mykc2.novalocal   1/1       Running   0          21m
kube-system   kube-dns-3913472980-jgk3f                               3/3       Running   0          22m
kube-system   kube-proxy-9ghw7                                        1/1       Running   0          22m
kube-system   kube-scheduler-cloud4ourself-mykc2.novalocal            1/1       Running   0          21m
[root@cloud4ourself-mykc2 ~]# echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
[root@cloud4ourself-mykc2 ~]# source ~/.bash_profile

其他节点

#docker pull quay.io/calico/cni:v1.6.1
#docker pull quay.io/calico/node:v1.1.0
#docker pull quay.io/calico/kube-policy-controller:v0.5.4

[root@cloud4ourself-mykc3 ~]#  kubeadm join --token 8d92f5.922276a553ed2847 10.9.5.107:6443
[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.
[preflight] Running pre-flight checks
[discovery] Trying to connect to API Server "10.9.5.107:6443"
[discovery] Created cluster-info discovery client, requesting info from "https://10.9.5.107:6443"
[discovery] Cluster info signature and contents are valid, will use API Server "https://10.9.5.107:6443"
[discovery] Successfully established connection with API Server "10.9.5.107:6443"
[bootstrap] Detected server version: v1.6.0
[bootstrap] The server supports the Certificates API (certificates.k8s.io/v1beta1)
[csr] Created API client to obtain unique certificate for this node, generating keys and certificate signing request
[csr] Received signed certificate from the API server, generating KubeConfig...
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"

Node join complete:
* Certificate signing request sent to master and response
  received.
* Kubelet informed of new secure connection details.

Run 'kubectl get nodes' on the master to see this machine join.

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 215,012评论 6 497
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 91,628评论 3 389
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 160,653评论 0 350
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 57,485评论 1 288
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 66,574评论 6 386
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 50,590评论 1 293
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 39,596评论 3 414
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 38,340评论 0 270
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 44,794评论 1 307
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 37,102评论 2 330
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 39,276评论 1 344
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 34,940评论 5 339
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 40,583评论 3 322
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 31,201评论 0 21
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 32,441评论 1 268
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 47,173评论 2 366
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 44,136评论 2 352

推荐阅读更多精彩内容

  • 安装k8s Master高可用集群 主机 角色 组件 172.18.6.101 K8S Master Kubele...
    jony456123阅读 8,050评论 0 9
  • 虫二,来源于流行元素与生活感悟,以轻松、创新、俏皮、精致的为特点,穿出怀旧与时尚、大胆与内敛、玩味与优雅的对比融合...
    JimT阅读 585评论 0 0
  • 第一世 (一) 海外有仙山,虚无缥缈间。 不知名的仙山之上青松环抱,灵气充沛。 常年薄雾环绕之下,似真似幻,如若仙...
    廖木空青阅读 719评论 0 0
  • 第一个声音:垂死挣扎的女人 “如果一开始,我就拒绝你,也许事情就不会发展到现在这一步了。” 我看着他迷人的眼睛,只...
    藏菁雅阁阅读 1,227评论 0 0
  • 珍贵的贫穷 我出生在一个并不富裕的家庭。记得小时候,父亲总对我说:“出身贫寒不是耻辱,能屈能伸方为丈夫。”父亲的话...
    轩辕睿好阅读 432评论 0 5