Error message here!

Hide Error message here!

忘记密码?

Error message here!

请输入正确邮箱

Hide Error message here!

密码丢失?请输入您的电子邮件地址。您将收到一个重设密码链接。

Error message here!

返回登录

Close

使用kubeadm部署Kubernetes集群

readygood 2019-02-01 15:14:00 阅读数:228 评论数:0 点赞数:0 收藏数:0

一、环境架构与部署准备

1.集群节点架构与各节点所需安装的服务如下图:

2.安装环境与软件版本:

Master:

所需软件:docker-ce 17.03、kubelet1.11.1、kubeadm1.11.1、kubectl1.11.1

所需镜像:

mirrorgooglecontainers/kube-proxy-amd64:v1.11.1、mirrorgooglecontainers/kube-scheduler-amd64:v1.11.1、mirrorgooglecontainers/kube-controller-manager-amd64:v1.11.1、mirrorgooglecontainers/kube-apiserver-amd64:v1.11.1、coredns/coredns:1.1.3、mirrorgooglecontainers/etcd-amd64:3.2.18、mirrorgooglecontainers/pause:3.1、registry.cn-hangzhou.aliyuncs.com/readygood/flannel:v0.10.0-amd64

Node:

所需软件:docker-ce 17.03、kubelet1.11.1、kubeadm1.11.1

所需镜像:mirrorgooglecontainers/kube-proxy-amd64:v1.11.1、mirrorgooglecontainers/pause:3.1、registry.cn-hangzhou.aliyuncs.com/readygood/flannel:v0.10.0-amd64

二、部署Master

1.关闭Firewall和SELinux

由于kubeadm在初始化时会自动生成ipv4规则,所以尽量在部署前关闭防火墙。

2.配置阿里云的Kubernetes镜像和Docker-ce镜像并安装

K8s yum源配置:

[k8s]
name=k8s
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgchecke=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
enabled=1

Docker-ce源配置:

wget -o /etc/yum.repos.d/ https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

修改Docker镜像默认拉取源:

mkdir -p /etc/docker
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}

安装注意指定版本:

yum install -y --setopt=obsoletes=0 docker-ce-17.03.2.ce-1.el7.centos.x86_64 docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch
yum install kubelet-1.11.1 kubeadm-1.11.1 kubectl-1.11.1 -y

3.设置内核转发规则,即要求iptables对bridge的数据进行处理,默认为0.

echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables

4.关闭或者忽略swap,部署Kubernetes集群时尽量不要使用swap分区,Kubernetes会提示是否要关闭或者忽略,忽略方式如下:

vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"

5.初始化Kubernetes

kubeadm init --kubernetes-version=1.11.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap

如果在初始化中出现错误可以使用 kubeadm reset 重置初始化,如果出现" [kubelet-check] It seems like the kubelet isn't running or healthy. "的错误,建议检查swap设置。

初始化完成会出现如下提示,按提示完成操作初始化便完成,最后一段数字一定要保留下来,这是加入集群必须要的认证信息:

Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of machines by running the following on each node
as root:
kubeadm join 192.168.29.111:6443 --token 4qswp9.rxgwhn0vqp4c9npl --discovery-token-ca-cert-hash sha256:2d9bc0bd6b1eb12dcb8695f17191b243ecf3ed169d4aafaacc5c5c1272a85f07

6.关于运行Kubernetes所需镜像下载的问题:

由于某些原因无法正常下载官方镜像,但Kubeadm只支持认证官方的镜像标签,所以必须在dockerhub上下载镜像后修改标签才能使用,可使用dockerhub或者阿里云镜像,然后修改标签名:

mirrorgooglecontainers/kube-proxy-amd64
mirrorgooglecontainers/kube-apiserver-amd64
mirrorgooglecontainers/kube-scheduler-amd64
mirrorgooglecontainers/kube-controller-manager-amd64
coredns/coredns
mirrorgooglecontainers/etcd-amd64
mirrorgooglecontainers/pause
k8s.gcr.io/kube-proxy-amd64 v1.11.1 d5c25579d0ff 8 weeks ago 97.8MB
k8s.gcr.io/kube-scheduler-amd64 v1.11.1 272b3a60cd68 8 weeks ago 56.8MB
k8s.gcr.io/kube-controller-manager-amd64 v1.11.1 52096ee87d0e 8 weeks ago 155MB
k8s.gcr.io/kube-apiserver-amd64 v1.11.1 816332bd9d11 8 weeks ago 187MB
k8s.gcr.io/coredns 1.1.3 b3b94275d97c 3 months ago 45.6MB
k8s.gcr.io/etcd-amd64 3.2.18 b8df3b177be2 5 months ago 219MB
quay.io/coreos/flannel v0.10.0-amd64 f0fad859c909 7 months ago 44.6MB
k8s.gcr.io/pause 3.1 da86e6ba6ca1 8 months ago 742kB

7.关于flannel的安装

在确定已经下载镜像 quay.io/coreos/flannel 后(能访问谷歌请忽略),运行下面的命令。

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

三、Nodes部署

  1.安装node所需组件

和master一样,需要安装docker、kubeadm、kubelet,并设置开机自启,步骤参考master,这里不赘述了。下载好Node所需镜像,并重命名为k8s.gcr.io/:

mirrorgooglecontainers/kube-proxy-amd64 v1.11.1 d5c25579d0ff 6 months ago 97.8 MB
registry.cn-hangzhou.aliyuncs.com/readygood/flannel v0.10.0-amd64 50e7aa4dbbf8 9 months ago 44.6 MB
registry.cn-hangzhou.aliyuncs.com/readygood/pause 3.1 da86e6ba6ca1 13 months ago 742 kB

docker镜像下载完成后初始化flannel服务:

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

2.初始化node节点

kubeadm join 192.168.29.111:6443 --token 4qswp9.rxgwhn0vqp4c9npl --discovery-token-ca-cert-hash sha256:2d9bc0bd6b1eb12dcb8695f17191b243ecf3ed169d4aafaacc5c5c1272a85f07 --ignore-preflight-errors=Swap

如果不关闭swap同样需要配置swap设置以及修改iptables对bridge的数据进行处理设置:

vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables

出现如下提示即初始化完成:

This node has joined the cluster:
* Certificate signing request was sent to master and a response
was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the master to see this node join the cluster.

查看集群状态:

]# kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE
coredns-78fcdf6894-kpt2k 1/1 Running 1 18h 10.244.0.5 master
coredns-78fcdf6894-nzdkz 1/1 Running 1 18h 10.244.0.4 master
etcd-master 1/1 Running 3 16h 192.168.29.111 master
kube-apiserver-master 1/1 Running 3 16h 192.168.29.111 master
kube-controller-manager-master 1/1 Running 3 16h 192.168.29.111 master
kube-flannel-ds-amd64-5gnd8 1/1 Running 1 16h 192.168.29.111 master
kube-flannel-ds-amd64-7rtb8 1/1 Running 0 2h 192.168.29.112 node1
kube-flannel-ds-amd64-qqjdv 1/1 Running 0 2h 192.168.29.113 node2
kube-proxy-kfsfj 1/1 Running 0 2h 192.168.29.113 node2
kube-proxy-lnk67 1/1 Running 0 2h 192.168.29.112 node1
kube-proxy-v8d2q 1/1 Running 2 18h 192.168.29.111 master
kube-scheduler-master 1/1 Running 2 16h 192.168.29.111 master
]# kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master Ready master 18h v1.11.1 192.168.29.111 <none> CentOS Linux 7 (Core) 3.10.0-957.el7.x86_64 docker://17.3.2
node1 Ready <none> 2h v1.11.1 192.168.29.112 <none> CentOS Linux 7 (Core) 3.10.0-957.el7.x86_64 docker://17.3.2
node2 Ready <none> 2h v1.11.1 192.168.29.113 <none> CentOS Linux 7 (Core) 3.10.0-957.el7.x86_64 docker://17.3.2

还需要特别注意的是,各Node之间的主机名不要相同,一定要修改,不然Kubeadm会识别为同一Node而无法加入。

Node2和Node3的部署和Node1相同,可以完全按照Node1的方法来部署。

版权声明
本文为[readygood]所创,转载请带上原文链接,感谢
https://www.cnblogs.com/readygood/p/10345858.html

编程之旅,人生之路,不止于编程,还有诗和远方。
阅代码原理,看框架知识,学企业实践;
赏诗词,读日记,踏人生之路,观世界之行;

支付宝红包,每日可领