系统环境初始化

一、安装docker

提示：所有节点都要安装docker

注：此实验环境是三台服务器:linux-node1、linux-node2、linux-node3

基础环境配置见：https://www.cnblogs.com/hwlong/p/9101660.html

第一步：按装Docker

#使用国内docker源

root@linux-node1 ~]#  cd /etc/yum.repos.d/
[root@linux-node1 yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

第二步：安装docker

[root@linux-node1 yum.repos.d]# cd ~
[root@linux-node1 ~]# yum install -y docker-ce
[root@linux-node1 ~]# echo $?
0

第三步：启动后台进程

#启动服务

[root@linux-node1 ~]# systemctl start docker

#查看服务状态

[root@linux-node1 ~]# systemctl status docker

二、准备部署目录

提示：所有节点都要创建此目录

[root@linux-node1 ~]# mkdir -p /opt/kubernetes/{cfg,bin,ssl,log}
[root@linux-node1 ~]# tree /opt/kubernetes/
/opt/kubernetes/
├── bin  　　　　#存放二进制文件
├── cfg         #存放配置文件
├── log　　　　　　#存放日志文件
└── ssl　　　　　　#存放证书文件

4 directories, 0 files

三、准备软件包

官方软件包(生产环境)：https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.10.md
链接:https://pan.baidu.com/s/1N6fjJMEjkQNYnRjExC2WWQ  密码:9wf6
[root@linux-node1 src]# rz
rz waiting to receive.**B0100000023be50
[root@linux-node1 src]# 
[root@linux-node1 src]# du -sh k8s-v1.10.1-manual.zip
567M    k8s-v1.10.1-manual.zip

四、解压软件包

安装解压缩工具

[root@linux-node1 src]# yum -y install unzip

[root@linux-node1 src]# ls
k8s-v1.10.1-manual.zip
[root@linux-node1 src]# unzip k8s-v1.10.1-manual.zip
Archive:  k8s-v1.10.1-manual.zip
   creating: k8s-v1.10.1-manual/
   creating: k8s-v1.10.1-manual/k8s-v1.10.1/
  inflating: k8s-v1.10.1-manual/k8s-v1.10.1/cfssl-certinfo_linux-amd64
  inflating: k8s-v1.10.1-manual/k8s-v1.10.1/cfssl_linux-amd64
  inflating: k8s-v1.10.1-manual/k8s-v1.10.1/cfssljson_linux-amd64
  inflating: k8s-v1.10.1-manual/k8s-v1.10.1/cni-plugins-amd64-v0.7.1.tgz
  inflating: k8s-v1.10.1-manual/k8s-v1.10.1/etcd-v3.2.18-linux-amd64.tar.gz
  inflating: k8s-v1.10.1-manual/k8s-v1.10.1/flannel-v0.10.0-linux-amd64.tar.gz
  inflating: k8s-v1.10.1-manual/k8s-v1.10.1/kubernetes-client-linux-amd64.tar.gz
  inflating: k8s-v1.10.1-manual/k8s-v1.10.1/kubernetes-node-linux-amd64.tar.gz
  inflating: k8s-v1.10.1-manual/k8s-v1.10.1/kubernetes-server-linux-amd64.tar.gz
  inflating: k8s-v1.10.1-manual/k8s-v1.10.1/kubernetes.tar.gz
[root@linux-node1 src]# ls
k8s-v1.10.1-manual  k8s-v1.10.1-manual.zip
[root@linux-node1 src]# cd k8s-v1.10.1-manual/k8s-v1.10.1/
[root@linux-node1 k8s-v1.10.1]# ll -l
total 599096
-rw-r--r-- 1 root root   6595195 Mar 30  2016 cfssl-certinfo_linux-amd64
-rw-r--r-- 1 root root   2277873 Mar 30  2016 cfssljson_linux-amd64
-rw-r--r-- 1 root root  10376657 Mar 30  2016 cfssl_linux-amd64
-rw-r--r-- 1 root root  17108856 Apr 12 17:35 cni-plugins-amd64-v0.7.1.tgz
-rw-r--r-- 1 root root  10562874 Mar 30 01:58 etcd-v3.2.18-linux-amd64.tar.gz
-rw-r--r-- 1 root root   9706487 Jan 24 02:58 flannel-v0.10.0-linux-amd64.tar.gz
-rw-r--r-- 1 root root  13344537 Apr 13 01:51 kubernetes-client-linux-amd64.tar.gz
-rw-r--r-- 1 root root 112427817 Apr 13 01:51 kubernetes-node-linux-amd64.tar.gz
-rw-r--r-- 1 root root 428337777 Apr 13 01:51 kubernetes-server-linux-amd64.tar.gz
-rw-r--r-- 1 root root   2716855 Apr 13 01:51 kubernetes.tar.gz

[root@linux-node1 k8s-v1.10.1]#
[root@linux-node1 k8s-v1.10.1]# tar zxf kubernetes.tar.gz            #k8s源码包
[root@linux-node1 k8s-v1.10.1]# tar zxf kubernetes-server-linux-amd64.tar.gz
[root@linux-node1 k8s-v1.10.1]# tar zxf kubernetes-client-linux-amd64.tar.gz
[root@linux-node1 k8s-v1.10.1]# tar zxf kubernetes-node-linux-amd64.tar.gz
#把所有包移动至/usr/local/src/目录下
[root@linux-node1 k8s-v1.10.1]# mv * /usr/local/src/
[root@linux-node1 k8s-v1.10.1]# cd /usr/local/src/
[root@linux-node1 src]# ls -l
total 1178908
-rw-r--r--  1 root root   6595195 Mar 30  2016 cfssl-certinfo_linux-amd64
-rw-r--r--  1 root root   2277873 Mar 30  2016 cfssljson_linux-amd64
-rw-r--r--  1 root root  10376657 Mar 30  2016 cfssl_linux-amd64
-rw-r--r--  1 root root  17108856 Apr 12 17:35 cni-plugins-amd64-v0.7.1.tgz
-rw-r--r--  1 root root  10562874 Mar 30 01:58 etcd-v3.2.18-linux-amd64.tar.gz
-rw-r--r--  1 root root   9706487 Jan 24 02:58 flannel-v0.10.0-linux-amd64.tar.gz
drwxr-xr-x  3 root root        25 Apr 23 20:19 k8s-v1.10.1-manual
-rw-r--r--  1 root root 593725046 May 29 17:01 k8s-v1.10.1-manual.zip
drwxr-xr-x 11 root root       211 Apr 12 23:16 kubernetes
-rw-r--r--  1 root root  13344537 Apr 13 01:51 kubernetes-client-linux-amd64.tar.gz
-rw-r--r--  1 root root 112427817 Apr 13 01:51 kubernetes-node-linux-amd64.tar.gz
-rw-r--r--  1 root root 428337777 Apr 13 01:51 kubernetes-server-linux-amd64.tar.gz
-rw-r--r--  1 root root   2716855 Apr 13 01:51 kubernetes.tar.gz

五、添加PATH路径

提示：所有节点都要执行此操作

[root@linux-node1 k8s-v1.10.1]# vim ~/.bash_profile
PATH=$PATH:$HOME/bin:/opt/kubernetes/bin
[root@linux-node1 k8s-v1.10.1]# source ~/.bash_profile

六、ssh免密码登录

[root@linux-node1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
82:a2:ae:56:9a:1f:a6:74:ab:cb:08:1b:7d:51:6c:a4 root@linux-node1.example.com
The key's randomart image is:
+--[ RSA 2048]----+
|      .          |
|     +           |
|    E +          |
|     +           |
|  . o . S        |
| o o . .         |
|+.=+.            |
|**+.o            |
|**+o             |
+-----------------+



[root@linux-node1 ~]# ssh-copy-id linux-node1
The authenticity of host 'linux-node1 (192.168.56.11)' can't be established.
ECDSA key fingerprint is 3d:38:1c:40:6b:f3:49:82:dc:16:76:36:96:27:30:7c.
Are you sure you want to continue connecting (yes/no)? yes

▽
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@linux-node1's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'linux-node1'"
and check to make sure that only the key(s) you wanted were added.

[root@linux-node1 ~]# ssh-copy-id linux-node2
The authenticity of host 'linux-node2 (192.168.56.12)' can't be established.
ECDSA key fingerprint is 74:26:27:18:8b:d7:c7:4b:fb:46:d4:0a:76:f5:2c:a4.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@linux-node2's password:


▽
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'linux-node2'"
and check to make sure that only the key(s) you wanted were added.

[root@linux-node1 ~]# ssh-copy-id linux-node3
The authenticity of host 'linux-node3 (192.168.56.13)' can't be established.
ECDSA key fingerprint is b7:47:b1:27:f6:50:20:b7:d9:20:b0:f0:91:0d:72:4e.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@linux-node3's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'linux-node3'"
and check to make sure that only the key(s) you wanted were added.


[root@linux-node1 ~]# ssh linux-node2
Last login: Wed May 30 18:50:01 2018 from 192.168.56.1
[root@linux-node2 ~]# exit
logout
Connection to linux-node2 closed.
[root@linux-node1 ~]# ssh linux-node3

[root@linux-node1 ~]# ssh linux-node3
Last login: Wed May 30 18:50:07 2018 from 192.168.56.1
[root@linux-node3 ~]# exit
logout
Connection to linux-node3 closed.

posted @ 2018-05-29 16:31 KubeSec 阅读(1237) 评论(0) 编辑收藏举报

刷新页面返回顶部

Loading

公众号: KubeSec