1. 前提
本文是针对Centos7 系统的Kubernetes集群搭建,通过手动配置,你将会理解所有底层的包、服务、端口等。
Kubernetes包提供了一些服务:kube-apiserver, kube-scheduler, kube-controller-manager,kubelet, kube-proxy。这些服务通过systemd进行管理,配置信息都集中存放在一个地方:/etc/kubernetes。我们将会把这些服务运行到不同的主机上。总共三台虚拟机:k8s-master、k8s-node1、k8s-node2。
k8s-master服务列表:kube-apiserver、 kubecontroller-manager、kube-scheduler还有etcd
k8s-node1和k8s-node2服务列表:kubelet、kube-proxy、flannel和docker
具体机器信息:
k8s-master=>192.168.8.131
k8s-node1=>192.168.8.133
k8s-node2=>192.168.8.134
2. hosts配置
在k8s-master进行如下配置:
[root@localhost ~]$ vi /etc/hosts
[root@localhost ~]$ cat /etc/hosts
#注意:此处只展示修改部分
192.168.8.131 k8s-master
192.168.8.131 etcd
192.168.8.133 k8s-node1
192.168.8.134 k8s-node2
然后拷贝至k8s-node1和k8s-node2
3. 禁用防火墙
[root@localhost ~]$ systemctl disable firewalld.service
[root@localhost ~]$ systemctl stop firewalld.service
3. yum源配置
在k8s-master进行如下配置:
[root@localhost ~]$ vi /etc/yum.repos.d/docker.repo
[root@localhost ~]$ cat /etc/yum.repos.d/docker.repo
[virt7-docker-common-release]
name=virt7-docker-common-release
baseurl=http://cbs.centos.org/repos/virt7-docker-common-release/x86_64/os/
gpgcheck=0
然后拷贝至k8s-node1和k8s-node2
4. 安装配置Kubernetes Master
[root@localhost ~]$ sudo yum -y install etcd kubernetes-master
[root@localhost ~]$ vi /etc/etcd/etcd.conf
[root@localhost ~]$ cat /etc/etcd/etcd.conf
#注意:此处只展示修改部分
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://etcd:2379"
[root@localhost ~]$ vi /etc/kubernetes/apiserver
[root@localhost ~]$ cat /etc/kubernetes/apiserver
#注意:此处只展示修改部分
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_API_PORT="--port=8080"
KUBELET_PORT="--kubelet-port=10250"
KUBE_ETCD_SERVERS="--etcd-servers=http://etcd:2379"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
启动Master中相关服务,Master中要启动的服务列表:
- etcd
- kube-apiserver
- kube-controller-manager
- kube-scheduler
将这些服务启动并设置开机自启
[root@localhost ~]$ cat k8s-master-services-bind.sh
#!/bin/bash
for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler;
do
systemctl restart $SERVICES;
systemctl enable $SERVICES;
systemctl status $SERVICES;
done
在etcd中定义flanneld网络
[root@localhost ~]$ etcdctl mk /atomic.io/network/config '{"Network":"10.254.0.0/16"}'
{"Network":"10.254.0.0/16"}
5. 安装配置Kubernetes Node
使用yum源安装flannel和kubernetes-node
[root@localhost ~]$ yum -y install flannel kubernetes-node
[gexiaobing@k8s-node1 ~]$ vi /etc/sysconfig/flanneld
[gexiaobing@k8s-node1 ~]$ cat !$
cat /etc/sysconfig/flanneld
#注意:只展示修改部分
FLANNEL_ETCD_ENDPOINTS="http://etcd:2379"
[root@k8s-node1 ~]$ vi /etc/kubernetes/config
[root@k8s-node1 ~]$ cat !$
cat /etc/kubernetes/config
#注意:只展示修改部分
KUBE_MASTER="--master=http://k8s-master:8080"
[root@k8s-node1 ~]$ vi /etc/kubernetes/kubelet
[root@k8s-node1 ~]$ cat !$
cat /etc/kubernetes/kubelet
#注意:只展示修改部分
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_PORT="--port=10250"
KUBELET_HOSTNAME="--hostname-override=k8s-node1"
KUBELET_API_SERVER="--api-servers=http://k8s-master:8080"
启动Node中相关服务,Node中要启动的服务列表:
- kube-proxy
- kubelet
- docker
- flanneld
将这些服务启动并设置开机自启:
[root@k8s-node1 ~]$ cat k8s-node-services-bind.sh
for SERVICES in kube-proxy kubelet docker flanneld;
do
systemctl restart $SERVICES;
systemctl enable $SERVICES;
systemctl status $SERVICES;
done
6. 验证集群是否安装成功
在master上执行
[root@k8s-master ~]$ kubectl get nodes
NAME STATUS AGE
k8s-node1 Ready 18s
k8s-node2 Ready 2m
另:常见问题
-
创建pod时状态一直是ContainerCreating ?
解决方法:
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem -
不同主机Pods之间网络不能互通?
解决方法:
#在各个node之上执行以下命令 iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -F iptables -L -n -
docker ps报错?
Got permission denied while trying to connect to the Docker daemon socket at解决方法:
sudo groupadd docker #添加docker用户组 sudo gpasswd -a $USER docker #将登陆用户加入到docker用户组中 newgrp docker #更新用户组 docker ps #测试docker命令是否可以使用sudo正常使用
