K8S03-源码包安装(1.11.0版)

9.集群中测试启用一个nginx实例
1.在1台master上执行以下命令
[root@master1 ~]# kubectl run nginx --replicas=2 --labels="run=nginx-service" --image=172.16.0.2:5000/docker.io/nginx --port=80
deployment.apps/nginx created
nginx 为实例名
--replicas=2 创建2个复本
--labels 标签
--image 镜像地址,搭建的是本地私有仓库
--port 启用80端口
查看应用名
[root@master1 ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 2 2 2 2 9s
查看复本名
[root@master1 ~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
nginx-6c9b9fc894 2 2 2 13s
查看node节点
[root@master1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
172.16.0.8 Ready <none> 1d v1.11.0
172.16.0.9 Ready <none> 1d v1.11.0
查看启动的pod名称
[root@master1 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6c9b9fc894-8ccwr 1/1 Running 0 22s
nginx-6c9b9fc894-wx449 1/1 Running 0 22s
删除nginx应用执行以下命令即可
[root@master1 ~]# kubectl delete deployment nginx
deployment.extensions "nginx" deleted
或kubectl delete deploy/nginx
[root@master1 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
example-service NodePort 169.169.27.9 <none> 80:55313/TCP 23h
kubernetes ClusterIP 169.169.0.1 <none> 443/TCP 5d
或kubectl delete svc/example-service
缩减少或者扩容pod
[root@master1 ~]# kubectl scale deployment nginx --replicas=3
deployment.extensions/nginx scaled
[root@master1 ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 3 3 3 3 6d
[root@master1 ~]# kubectl get deployment -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
nginx 3 3 3 3 6d nginx 172.16.0.2:5000/docker.io/nginx run=wbb
分配一个虚拟集群ip(169.169.0.0段的ip)
[root@master2 ~]#kubectl expose deployment nginx --type=NodePort --name=nginx-service
查看svc集群ip分配情况及删除
[root@master2 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 169.169.0.1 <none> 443/TCP 5d
nginx-service NodePort 169.169.157.14 <none> 800:52773/TCP 2s
[root@master1 ~]#kubectl delete deployment nginx
[root@master1 ~]# kubectl delete svc example-service
service "example-service" deleted
查看创建的pod分配情况nginx-service
[root@master2 ~]# kubectl describe svc nginx-service
Name: nginx-service
Namespace: default
Labels: run=nginx-service
Annotations: <none>
Selector: run=nginx-service
Type: NodePort
IP: 169.169.157.14
Port: <unset> 800/TCP
TargetPort: 800/TCP
NodePort: <unset> 52773/TCP
Endpoints: 10.10.12.2:800,10.10.36.2:800
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
[root@node1 ~]# curl -L http://10.10.36.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.

Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@node2 ~]# curl -L http://10.10.12.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.

Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
以后安装完后,发现二个node间不能互相访问,即在node1上执行curl http://10.10.12.2,发现获取不到nginx数据,执行以下二个即可
modprobe ip_tables;
iptables -P FORWARD ACCEPT;
注意: 此时可能会出现不同node节点上面的pod之间网络不通,解决方法如下

设置所有节点iptables

yum install iptables-services -y;
systemctl disable iptables;
systemctl stop iptables;
modprobe ip_tables;
iptables -P FORWARD ACCEPT;
10.coredns安装
第一种方式:从官网下载
mkdir coredns && cd coredns
wget https://raw.githubusercontent.com/coredns/deployment/master/kubernetes/coredns.yaml.sed
wget https://raw.githubusercontent.com/coredns/deployment/master/kubernetes/deploy.sh
chmod +x deploy.sh
./deploy.sh -i 10.96.0.10 > coredns.yml
kubectl apply -f coredns.yml

查看

kubectl get pods --namespace kube-system
kubectl get svc --namespace kube-system
然后在所有node节点的
[root@node2 kubernetes]# cat kubelet.conf
KUBELET_ARGS="--cgroup-driver=systemd
--hostname-override=172.16.0.9
--cert-dir=/etc/kubernetes/pki
--bootstrap-kubeconfig=/etc/kubernetes/bootstrap.kubeconfig
--kubeconfig=/etc/kubernetes/kubelet.kubeconfig
--cluster-dns=169.169.0.2
--cluster-domain=cluster.local" 增加以上二行
然后重启kubelet服务
测试是否生效
1.在master服务器上生成二个nginx服务
kubectl run nginx --replicas=2 --labels="run=wbb" --image=172.16.0.2:5000/docker.io/nginx --port=800
deployment.apps/nginx created
2.在node上查看,nginx的容器和coredns的容器已启动
[root@node2 kubernetes]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4462774c0860 172.16.0.2:5000/docker.io/nginx@sha256:0b5c73966ec996a05672c4aea0a0d1910c6d7495147805ef88205bff51e119f3 "nginx -g 'daemon ..." 32 minutes ago Up 32 minutes k8s_nginx_nginx-66b6fb98fd-gdz97_default_5c2de123-c2ed-11e8-af1a-5254d2b1bb60_0
bfe9625300e7 k8s.gcr.io/pause:3.1 "/pause" 32 minutes ago Up 32 minutes k8s_POD_nginx-66b6fb98fd-gdz97_default_5c2de123-c2ed-11e8-af1a-5254d2b1bb60_0
3ca7f4570d93 docker.io/coredns/coredns@sha256:3e2be1cec87aca0b74b7668bbe8c02964a95a402e45ceb51b2252629d608d03a "/coredns -conf /e..." 3 hours ago Up 3 hours k8s_coredns_coredns-55f86bf584-95xd7_kube-system_5f915bfb-c2d5-11e8-af1a-5254d2b1bb60_0
b204ac0c0a88 k8s.gcr.io/pause:3.1 "/pause" 3 hours ago Up 3 hours k8s_POD_coredns-55f86bf584-95xd7_kube-system_5f915bfb-c2d5-11e8-af1a-5254d2b1bb60_0
在集群的master,node服务器上执行以下,说明nginx启动正常
[root@node2 kubernetes]# curl -L http://10.10.36.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.

Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
登录任意台nginx容器里检查/etc/resolv.conf里配置文件是否已修改为169.169.0.2dns的虚拟ip
[root@master1 coredns]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-66b6fb98fd-g54fk 1/1 Running 0 34m
nginx-66b6fb98fd-gdz97 1/1 Running 0 34m
说明容器里面的dns已指向了coredns了
[root@master1 coredns]# kubectl exec -it nginx-66b6fb98fd-gdz97 /bin/bash
root@nginx-66b6fb98fd-gdz97:/# cat /etc/resolv.conf
nameserver 169.169.0.2
search default.svc.cluster.local svc.cluster.local cluster.local hk1.zfcloud.com
options ndots:5
-------------------------------------------------------------------------------------------------------------------------------------------------------以上coredns安装完毕
第二种方式:
下载kubernetes源码包时,里面已包括了coredns的安装脚本放在
按上面方式也是一样可以安装
11.dashboard-ui平台安装
1.下载镜像文件
然后导入私有仓库k8s.gcr.io/kubernetes-dashboard-amd64
k8s.gcr.io/kube-apiserver-amd64 v1.11.3 3de571b6587b 2 weeks ago 187 MB
172.16.0.2:5000/k8s.gcr.io/kubernetes-dashboard-amd64 v1.10.0 0dab2435c100 5 weeks ago 122 MB
2.从kubernetes源码包里直接安装
ls /root/kubernetes/cluster/addons/dashboard
dashboard-controller.yaml dashboard-rbac.yaml dashboard-secret.yaml dashboard-service.yaml
vim dashboard-controller.yaml
[root@master1 dashboard]# cat dashboard-controller.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
serviceAccountName: dashboard
containers:
- name: kubernetes-dashboard
image: 172.16.0.2:5000/k8s.gcr.io/kubernetes-dashboard-amd64 修改镜像文件为本地搭建的私有仓库,然后下载镜像
resources:
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 9090
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
[root@master1 dashboard]# cat dashboard-service.yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
type: NodePort 增加此行
selector:
k8s-app: kubernetes-dashboard
ports:

  • port: 80
    targetPort: 9090
    2.创建文件
    [root@master1 dashboard]# kubectl create -f kubernetes-dashboard.yaml dashboard-rbac.yaml dashboard-secret.yaml dashboard-service.yaml 最好一个个文件执行
    secret/kubernetes-dashboard-certs created
    serviceaccount/kubernetes-dashboard created
    role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
    rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
    deployment.apps/kubernetes-dashboard created
    service/kubernetes-dashboard created
    3.删除yaml文件产生的容器,用以下方式
    kubectl delete -f rc-nginx.yaml
    [root@master1 dashboard]# kubectl get pods -n kube-system -o wide
    NAME READY STATUS RESTARTS AGE IP NODE
    coredns-55f86bf584-6lg79 1/1 Running 0 2d 10.10.36.3 172.16.0.8
    coredns-55f86bf584-95xd7 1/1 Running 0 2d 10.10.12.3 172.16.0.9
    kubernetes-dashboard-58c47d9476-gv6x4 1/1 Running 0 1d 10.10.36.4 172.16.0.8 出现此行说明dashboard已安装完成,并启动成功,安装在172.16.0.8的node节点服务器上,容器的ip为10.10.36.4
    [root@master1 dashboard]# kubectl get svc -n kube-system -o wide
    NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
    kube-dns ClusterIP 169.169.0.2 <none> 53/UDP,53/TCP 2d k8s-app=kube-dns
    kubernetes-dashboard NodePort 169.169.110.197 <none> 80:17189/TCP 1d k8s-app=kubernetes-dashboard 由于启用了Nodeport,所 容器有对外映射一个17189的端口,到此dashboard平台已搭建完毕,但还是不能访问
    如何在外网访问,并打开页面
    之前在etcd有安装haproxy+keepalived
    vim /etc/haproxy/haproxy.conf文件中最下面一行增如下内容
    listen dashborad
    bind *:8086 外网访问端口为:8086
    mode tcp
    maxconn 65535
    balance roundrobin
    server node1 10.10.36.4:9090 check inter 10000 fall 2 rise 2 weight 1 etcd服务器可以直接访问dashboard 容器的ip地址,10.10.36.4的9090端口
    或者用下面也可以
    server node1 172.16.0.8:17189 check inter 10000 fall 2 rise 2 weight 1 node网卡节点ip:映射的外网端口.通过harpoxy反射代理来访问
    然后重启haproxy
    浏览器输入以下链接访问页面
    http://172.16.0.100:8086的负载均衡ip地址
    -----------------------------------------------------------------------------------------------------------------------------------------------到此dashboard安装完毕
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 204,590评论 6 478
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 86,808评论 2 381
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 151,151评论 0 337
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 54,779评论 1 277
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 63,773评论 5 367
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 48,656评论 1 281
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 38,022评论 3 398
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 36,678评论 0 258
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 41,038评论 1 299
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 35,659评论 2 321
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 37,756评论 1 330
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 33,411评论 4 321
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 39,005评论 3 307
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 29,973评论 0 19
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 31,203评论 1 260
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 45,053评论 2 350
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 42,495评论 2 343

推荐阅读更多精彩内容