K8S運維筆記-單節點叢集安裝(1.11版本)
阿新 • • 發佈:2018-12-09
使用kubeadm安裝K8S
安裝kubeadm
更新安裝源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun .com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
配置
setenforce 0
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
安裝
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable kubelet && systemctl start kubelet
使用kubeadm安裝K8S
安裝Master
前提條件
需要安裝docker 需要安裝kubeadm
準備映象
檢視映象所需包
kubeadm config images list
1.11.2版本需要如下包
k8s.gcr.io/kube-apiserver-amd64:v1.11.2
k8s.gcr.io/kube-controller-manager-amd64:v1.11.2
k8s.gcr.io/kube-scheduler-amd64:v1.11.2
k8s.gcr.io/kube-proxy-amd64:v1.11.2
k8s.gcr .io/pause:3.1
k8s.gcr.io/etcd-amd64:3.2.18
k8s.gcr.io/coredns:1.1.3
quay.io/calico/typha:v0.7.4
quay.io/calico/node:v3.1.3
quay.io/calico/cni:v3.1.3
拉取映象
docker pull mirrorgooglecontainers/kube-apiserver-amd64:v1.11.2
docker pull mirrorgooglecontainers/kube-controller-manager-amd64:v1.11.2
docker pull mirrorgooglecontainers/kube-scheduler-amd64:v1.11.2
docker pull mirrorgooglecontainers/kube-proxy-amd64:v1.11.2
docker pull mirrorgooglecontainers/pause-amd64:3.1
docker pull mirrorgooglecontainers/etcd-amd64:3.2.18
docker pull coredns/coredns:1.1.3
docker pull calico/typha:v0.7.4
docker pull calico/node:v3.1.3
docker pull calico/cni:v3.1.3
映象更名
docker tag mirrorgooglecontainers/kube-apiserver-amd64:v1.11.2 k8s.gcr.io/kube-apiserver-amd64:v1.11.2
docker tag mirrorgooglecontainers/kube-controller-manager-amd64:v1.11.2 k8s.gcr.io/kube-controller-manager-amd64:v1.11.2
docker tag mirrorgooglecontainers/kube-scheduler-amd64:v1.11.2 k8s.gcr.io/kube-scheduler-amd64:v1.11.2
docker tag mirrorgooglecontainers/kube-proxy-amd64:v1.11.2 k8s.gcr.io/kube-proxy-amd64:v1.11.2
docker tag mirrorgooglecontainers/pause-amd64:3.1 k8s.gcr.io/pause:3.1
docker tag mirrorgooglecontainers/etcd-amd64:3.2.18 k8s.gcr.io/etcd-amd64:3.2.18
docker tag coredns/coredns:1.1.3 k8s.gcr.io/coredns:1.1.3
docker tag calico/typha:v0.7.4 quay.io/calico/typha:v0.7.4
docker tag calico/node:v3.1.3 quay.io/calico/node:v3.1.3
docker tag calico/cni:v3.1.3 quay.io/calico/cni:v3.1.3
刪除舊映象
docker rmi mirrorgooglecontainers/kube-apiserver-amd64:v1.11.2
docker rmi mirrorgooglecontainers/kube-controller-manager-amd64:v1.11.2
docker rmi mirrorgooglecontainers/kube-scheduler-amd64:v1.11.2
docker rmi mirrorgooglecontainers/kube-proxy-amd64:v1.11.2
docker rmi mirrorgooglecontainers/pause-amd64:3.1
docker rmi mirrorgooglecontainers/etcd-amd64:3.2.18
docker rmi coredns/coredns:1.1.3
docker rmi calico/typha:v0.7.4
docker rmi calico/node:v3.1.3
docker rmi calico/cni:v3.1.3
安裝
–pod-network-cidr 指定安裝Calico網路 –kubernetes-version=1.11.2 指定安裝k8s具體版本,指定後將不用上網掃描
kubeadm init --pod-network-cidr=192.168.0.0/16 --kubernetes-version=1.11.2
配置kubectl
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
配置網路
kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
配置埠範圍
vi /etc/kubernetes/manifests/kube-apiserver.yaml
--service-node-port-range=1-65535
失敗處理
查詢日誌,查明原因 journalctl -f -u kubelet master上重置節點
kubeadm reset
使用kubeadm安裝K8S
安裝Node
前提條件
需要安裝docker 需要安裝kubeadm
準備映象
k8s.gcr.io/kube-proxy-amd64:v1.11.2
k8s.gcr.io/pause:3.1
拉取映象
docker pull mirrorgooglecontainers/kube-proxy-amd64:v1.11.2
docker pull mirrorgooglecontainers/pause-amd64:3.1
映象更名
docker tag mirrorgooglecontainers/kube-proxy-amd64:v1.11.2 k8s.gcr.io/kube-proxy-amd64:v1.11.2
docker tag mirrorgooglecontainers/pause-amd64:3.1 k8s.gcr.io/pause:3.1
刪除舊映象
docker rmi mirrorgooglecontainers/kube-proxy-amd64:v1.11.2
docker rmi mirrorgooglecontainers/pause-amd64:3.1
在master節點上檢視join命令需要的值
token
kubeadm token list
hash
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
master-ip:master-port
cat /etc/kubernetes/kubelet.conf
安裝
kubeadm join --token <token> <master-ip>:<master-port> --discovery-token-ca-cert-hash sha256:<hash>
kubeadm join --token 6w4krr.0jecbasna9n2wyrs 172.16.240.208:6443 --discovery-token-ca-cert-hash sha256:e7ca4b7e85a8b1802e32ea2438bfe9fbff35c6f31134d77ceaa0d241ec2fb315
配置kubectl
mkdir -p $HOME/.kube
複製config檔案到.kube資料夾
chown $(id -u):$(id -g) $HOME/.kube/config
失敗處理
查詢日誌,查明原因 journalctl -f -u kubelet 刪除node節點
kubectl drain <node name> --delete-local-data --force --ignore-daemonsets
kubectl delete node <node name>
node上重置節點
kubeadm reset