您好,登录后才能下订单哦!
本篇文章给大家分享的是有关kubeadm中怎么搭建k8s集群,小编觉得挺实用的,因此分享给大家学习,希望大家阅读完这篇文章后可以有所收获,话不多说,跟着小编一起来看看吧。
两台Centos7主机,166(master)167(node01),两台机都安装docker,以下操作在两台机上都执行。
修改/etc/hosts文件内容
[zjin@master ~]$ cat /etc/hosts 10.3.4.166 master 10.3.4.167 node01
禁用防火墙
[zjin@master ~]$ sudo systemctl stop firewalld [zjin@master ~]$ sudo systemctl disable firewalld
关闭selinux
cat /etc/selinux/config SELINUX=disabled
创建/etc/sysctl.d/k8s.conf文件
net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1
再执行如下命令:
[zjin@master ~]$ sudo modprobe br_netfilter [zjin@master ~]$ sudo sysctl -p /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1
在master上:
docker pull akipa11/kube-apiserver-amd64:v1.10.0 docker pull akipa11/kube-scheduler-amd64:v1.10.0 docker pull akipa11/kube-controller-manager-amd64:v1.10.0 docker pull akipa11/kube-proxy-amd64:v1.10.0 docker pull akipa11/k8s-dns-kube-dns-amd64:1.14.8 docker pull akipa11/k8s-dns-dnsmasq-nanny-amd64:1.14.8 docker pull akipa11/k8s-dns-sidecar-amd64:1.14.8 docker pull akipa11/etcd-amd64:3.1.12 docker pull akipa11/flannel:v0.10.0-amd64 docker pull akipa11/pause-amd64:3.1 docker tag akipa11/kube-apiserver-amd64:v1.10.0 k8s.gcr.io/kube-apiserver-amd64:v1.10.0 docker tag akipa11/kube-scheduler-amd64:v1.10.0 k8s.gcr.io/kube-scheduler-amd64:v1.10.0 docker tag akipa11/kube-controller-manager-amd64:v1.10.0 k8s.gcr.io/kube-controller-manager-amd64:v1.10.0 docker tag akipa11/kube-proxy-amd64:v1.10.0 k8s.gcr.io/kube-proxy-amd64:v1.10.0 docker tag akipa11/k8s-dns-kube-dns-amd64:1.14.8 k8s.gcr.io/k8s-dns-kube-dns-amd64:1.14.8 docker tag akipa11/k8s-dns-dnsmasq-nanny-amd64:1.14.8 k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64:1.14.8 docker tag akipa11/k8s-dns-sidecar-amd64:1.14.8 k8s.gcr.io/k8s-dns-sidecar-amd64:1.14.8 docker tag akipa11/etcd-amd64:3.1.12 k8s.gcr.io/etcd-amd64:3.1.12 docker tag akipa11/flannel:v0.10.0-amd64 quay.io/coreos/flannel:v0.10.0-amd64 docker tag akipa11/pause-amd64:3.1 k8s.gcr.io/pause-amd64:3.1
node01上:
docker pull akipa11/kube-proxy-amd64:v1.10.0 docker pull akipa11/flannel:v0.10.0-amd64 docker pull akipa11/pause-amd64:3.1 docker pull akipa11/kubernetes-dashboard-amd64:v1.8.3 docker pull akipa11/heapster-influxdb-amd64:v1.3.3 docker pull akipa11/heapster-grafana-amd64:v4.4.3 docker pull akipa11/heapster-amd64:v1.4.2 docker pull akipa11/k8s-dns-kube-dns-amd64:1.14.8 docker pull akipa11/k8s-dns-dnsmasq-nanny-amd64:1.14.8 docker pull akipa11/k8s-dns-sidecar-amd64:1.14.8 docker tag akipa11/flannel:v0.10.0-amd64 quay.io/coreos/flannel:v0.10.0-amd64 docker tag akipa11/pause-amd64:3.1 k8s.gcr.io/pause-amd64:3.1 docker tag akipa11/kube-proxy-amd64:v1.10.0 k8s.gcr.io/kube-proxy-amd64:v1.10.0 docker tag akipa11/k8s-dns-kube-dns-amd64:1.14.8 k8s.gcr.io/k8s-dns-kube-dns-amd64:1.14.8 docker tag akipa11/k8s-dns-dnsmasq-nanny-amd64:1.14.8 k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64:1.14.8 docker tag akipa11/k8s-dns-sidecar-amd64:1.14.8 k8s.gcr.io/k8s-dns-sidecar-amd64:1.14.8 docker tag akipa11/kubernetes-dashboard-amd64:v1.8.3 k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.3 docker tag akipa11/heapster-influxdb-amd64:v1.3.3 k8s.gcr.io/heapster-influxdb-amd64:v1.3.3 docker tag akipa11/heapster-grafana-amd64:v4.4.3 k8s.gcr.io/heapster-grafana-amd64:v4.4.3 docker tag akipa11/heapster-amd64:v1.4.2 k8s.gcr.io/heapster-amd64:v1.4.2
1、配置yum源:
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
2、安装kubeadm、kubelet、kubectl
此处我们安装的版本均为1.10.0-0
$ yum makecache fast $ yum install -y kubelet-1.10.0-0 $ yum install -y kubectl-1.10.0-0 $ yum install -y kubeadm-1.10.0-0
3、配置kubelet
修改cgroup-driver的参数
修改文件 kubelet 的配置文件/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
,将其中的KUBELET_CGROUP_ARGS
参数更改成cgroupfs
增加swap的配置参数
在ExecStart
之前,增加以下内容:
Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"
最后再重新加载配置文件
systemctl daemon-reload
在master上执行以下命令:
[zjin@master ~]$ sudo kubeadm init \ > --kubernetes-version=v1.10.0 \ > --pod-network-cidr=10.244.0.0/16 \ > --apiserver-advertise-address=10.3.4.166 \ > --ignore-preflight-errors=Swap
集群初始化的命令:kubeadm init,后面的参数是需要安装的集群版本,因为我们这里选择flannel
作为 Pod 的网络插件,所以需要指定–pod-network-cidr=10.244.0.0/16
,然后是 apiserver 的通信地址,这里就是我们 master 节点的 IP 地址,–ignore-preflight-errors=Swap
表示忽略 swap 的错误提示信息。
最后,我们可以看到集群安装成功的信息:
Your Kubernetes master has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ You can now join any number of machines by running the following on each node as root: kubeadm join 10.3.4.166:6443 --token b9ftqo.6a3igsfxq96b1dt6 --discovery-token-ca-cert-hash sha256:d4517be6c40e40e1bbc749b24b35c0a7f68c0f75c1380c32b24d1ccb42e0decc
输入以下命令来配置使用kubectl访问集群:
[zjin@master ~]$ sudo mkdir -p $HOME/.kube [zjin@master ~]$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config [zjin@master ~]$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
配置好kubectl之后,我们就可以使用kubectl来查看集群的相关信息了:
[zjin@master ~]$ kubectl get cs NAME STATUS MESSAGE ERROR controller-manager Healthy ok scheduler Healthy ok etcd-0 Healthy {"health": "true"} [zjin@master ~]$ kubectl get csr NAME AGE REQUESTOR CONDITION csr-nff2l 6m system:node:master Approved,Issued
如果在集群安装过程中遇到了错误,可以使用下面的命令来进行重置:
$ kubeadm reset $ ifconfig cni0 down && ip link delete cni0 $ ifconfig flannel.1 down && ip link delete flannel.1 $ rm -rf /var/lib/cni/
此处我们安装的是flannel网络插件。
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
注意,此处文件内容的inage版本号要修改为v0.10.0
[zjin@master ~]$ kubectl apply -f kube-flannel.yml podsecuritypolicy.policy "psp.flannel.unprivileged" created clusterrole.rbac.authorization.k8s.io "flannel" created clusterrolebinding.rbac.authorization.k8s.io "flannel" created serviceaccount "flannel" created configmap "kube-flannel-cfg" created daemonset.apps "kube-flannel-ds-amd64" created daemonset.apps "kube-flannel-ds-arm64" created daemonset.apps "kube-flannel-ds-arm" created daemonset.apps "kube-flannel-ds-ppc64le" created daemonset.apps "kube-flannel-ds-s390x" created
安装完成后,我们可以使用kubectl get pods命令来查看集群中各组件的运行状态:
[zjin@master ~]$ kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE kube-system etcd-master 1/1 Running 0 40s kube-system kube-apiserver-master 1/1 Running 0 40s kube-system kube-controller-manager-master 1/1 Running 0 40s kube-system kube-dns-86f4d74b45-4vbx5 3/3 Running 0 12m kube-system kube-flannel-ds-amd64-wskq5 1/1 Running 0 52s kube-system kube-proxy-7dk2l 1/1 Running 0 12m kube-system kube-scheduler-master 1/1 Running 0 40s
可以看到,全部都是Running状态。
node01(167)上安装版本号一致的docker、kubeadm、kubelet、kubectl,然后执行以下命令:
[zjin@node01 ~]$ sudo kubeadm join 10.3.4.166:6443 --token ebimj5.91xj7atpxbke4x yz --discovery-token-ca-cert-hash sha256:1eda2afcd5711343714ec2d2b6c6ea73ec06737 ee350b229d5b2eebfd82fb58a --ignore-preflight-errors=Swap
如果报错:
[preflight] Some fatal errors occurred: [ERROR CRI]: unable to check if the container runtime at "/var/run/docke rshim.sock" is running: fork/exec /bin/crictl -r /var/run/dockershim.sock info: no such file or directory
这个是cri-tools版本造成的错误,可以卸载掉cri-tools即可解决。
yum remove cri-tools
再执行加入节点的命令:
[zjin@node01 ~]$ sudo kubeadm join 10.3.4.166:6443 --token ebimj5.91xj7atpxbke4x yz --discovery-token-ca-cert-hash sha256:1eda2afcd5711343714ec2d2b6c6ea73ec06737 ee350b229d5b2eebfd82fb58a --ignore-preflight-errors=Swap [preflight] Running pre-flight checks. [WARNING SystemVerification]: docker version is greater than the most re cently validated version. Docker version: 18.03.0-ce. Max validated version: 17. 03 [WARNING FileExisting-crictl]: crictl not found in system path Suggestion: go get github.com/kubernetes-incubator/cri-tools/cmd/crictl [discovery] Trying to connect to API Server "10.3.4.166:6443" [discovery] Created cluster-info discovery client, requesting info from "https:/ /10.3.4.166:6443" [discovery] Requesting info from "https://10.3.4.166:6443" again to validate TLS against the pinned public key [discovery] Cluster info signature and contents are valid and TLS certificate va lidates against pinned roots, will use API Server "10.3.4.166:6443" [discovery] Successfully established connection with API Server "10.3.4.166:6443 " This node has joined the cluster: * Certificate signing request was sent to master and a response was received. * The Kubelet was informed of the new secure connection details. Run 'kubectl get nodes' on the master to see this node join the cluster.
然后把 master 节点的~/.kube/config
文件拷贝到当前节点对应的位置即可使用 kubectl 命令行工具了。
[zjin@master ~]$ kubectl get nodes NAME STATUS ROLES AGE VERSION master Ready master 47m v1.10.0 node01 Ready <none> 3m v1.10.0
以上就是kubeadm中怎么搭建k8s集群,小编相信有部分知识点可能是我们日常工作会见到或用到的。希望你能通过这篇文章学到更多知识。更多详情敬请关注亿速云行业资讯频道。
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。