1. 程式人生 > >K8S運維筆記-單節點叢集安裝(1.11版本)

K8S運維筆記-單節點叢集安裝(1.11版本)

使用kubeadm安裝K8S

安裝kubeadm

更新安裝源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
       http://mirrors.aliyun
.com/kubernetes/yum/doc/rpm-package-key.gpg EOF

配置

setenforce 0
cat <<EOF >  /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

安裝

yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable kubelet && systemctl start
kubelet

使用kubeadm安裝K8S

安裝Master

前提條件

需要安裝docker 需要安裝kubeadm

準備映象

檢視映象所需包

kubeadm config images list

1.11.2版本需要如下包

k8s.gcr.io/kube-apiserver-amd64:v1.11.2
k8s.gcr.io/kube-controller-manager-amd64:v1.11.2
k8s.gcr.io/kube-scheduler-amd64:v1.11.2
k8s.gcr.io/kube-proxy-amd64:v1.11.2
k8s.gcr
.io/pause:3.1 k8s.gcr.io/etcd-amd64:3.2.18 k8s.gcr.io/coredns:1.1.3 quay.io/calico/typha:v0.7.4 quay.io/calico/node:v3.1.3 quay.io/calico/cni:v3.1.3

拉取映象

docker pull mirrorgooglecontainers/kube-apiserver-amd64:v1.11.2
docker pull mirrorgooglecontainers/kube-controller-manager-amd64:v1.11.2
docker pull mirrorgooglecontainers/kube-scheduler-amd64:v1.11.2
docker pull mirrorgooglecontainers/kube-proxy-amd64:v1.11.2
docker pull mirrorgooglecontainers/pause-amd64:3.1
docker pull mirrorgooglecontainers/etcd-amd64:3.2.18
docker pull coredns/coredns:1.1.3
docker pull calico/typha:v0.7.4
docker pull calico/node:v3.1.3
docker pull calico/cni:v3.1.3

映象更名

docker tag mirrorgooglecontainers/kube-apiserver-amd64:v1.11.2 k8s.gcr.io/kube-apiserver-amd64:v1.11.2
docker tag mirrorgooglecontainers/kube-controller-manager-amd64:v1.11.2 k8s.gcr.io/kube-controller-manager-amd64:v1.11.2
docker tag mirrorgooglecontainers/kube-scheduler-amd64:v1.11.2 k8s.gcr.io/kube-scheduler-amd64:v1.11.2
docker tag mirrorgooglecontainers/kube-proxy-amd64:v1.11.2 k8s.gcr.io/kube-proxy-amd64:v1.11.2
docker tag mirrorgooglecontainers/pause-amd64:3.1 k8s.gcr.io/pause:3.1
docker tag mirrorgooglecontainers/etcd-amd64:3.2.18 k8s.gcr.io/etcd-amd64:3.2.18
docker tag coredns/coredns:1.1.3 k8s.gcr.io/coredns:1.1.3
docker tag calico/typha:v0.7.4 quay.io/calico/typha:v0.7.4
docker tag calico/node:v3.1.3 quay.io/calico/node:v3.1.3
docker tag calico/cni:v3.1.3 quay.io/calico/cni:v3.1.3

刪除舊映象

docker rmi mirrorgooglecontainers/kube-apiserver-amd64:v1.11.2
docker rmi mirrorgooglecontainers/kube-controller-manager-amd64:v1.11.2
docker rmi mirrorgooglecontainers/kube-scheduler-amd64:v1.11.2
docker rmi mirrorgooglecontainers/kube-proxy-amd64:v1.11.2
docker rmi mirrorgooglecontainers/pause-amd64:3.1
docker rmi mirrorgooglecontainers/etcd-amd64:3.2.18
docker rmi coredns/coredns:1.1.3
docker rmi calico/typha:v0.7.4
docker rmi calico/node:v3.1.3
docker rmi calico/cni:v3.1.3

安裝

–pod-network-cidr 指定安裝Calico網路 –kubernetes-version=1.11.2 指定安裝k8s具體版本,指定後將不用上網掃描

kubeadm init --pod-network-cidr=192.168.0.0/16 --kubernetes-version=1.11.2

配置kubectl

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

配置網路

kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml

配置埠範圍

vi /etc/kubernetes/manifests/kube-apiserver.yaml
--service-node-port-range=1-65535

失敗處理

查詢日誌,查明原因 journalctl -f -u kubelet master上重置節點

kubeadm reset

使用kubeadm安裝K8S

安裝Node

前提條件

需要安裝docker 需要安裝kubeadm

準備映象

k8s.gcr.io/kube-proxy-amd64:v1.11.2
k8s.gcr.io/pause:3.1

拉取映象

docker pull mirrorgooglecontainers/kube-proxy-amd64:v1.11.2
docker pull mirrorgooglecontainers/pause-amd64:3.1

映象更名

docker tag mirrorgooglecontainers/kube-proxy-amd64:v1.11.2 k8s.gcr.io/kube-proxy-amd64:v1.11.2
docker tag mirrorgooglecontainers/pause-amd64:3.1 k8s.gcr.io/pause:3.1

刪除舊映象

docker rmi mirrorgooglecontainers/kube-proxy-amd64:v1.11.2
docker rmi mirrorgooglecontainers/pause-amd64:3.1

在master節點上檢視join命令需要的值

token

kubeadm token list

hash

openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'

master-ip:master-port

cat /etc/kubernetes/kubelet.conf

安裝

kubeadm join --token <token> <master-ip>:<master-port> --discovery-token-ca-cert-hash sha256:<hash>
kubeadm join --token 6w4krr.0jecbasna9n2wyrs 172.16.240.208:6443 --discovery-token-ca-cert-hash sha256:e7ca4b7e85a8b1802e32ea2438bfe9fbff35c6f31134d77ceaa0d241ec2fb315

配置kubectl

mkdir -p $HOME/.kube

複製config檔案到.kube資料夾

chown $(id -u):$(id -g) $HOME/.kube/config

失敗處理

查詢日誌,查明原因 journalctl -f -u kubelet 刪除node節點

kubectl drain <node name> --delete-local-data --force --ignore-daemonsets
kubectl delete node <node name>

node上重置節點

kubeadm reset