Kubernetes学习与应用(05)——安装Kubernetes

1. 安装CRI-O

容器运行时接口Container Runtime Interface(CRI):这是一个插件接口,它让 kubelet(用于创建 pod 和启动容器的集群节点代理)有使用不同的兼容 OCI 的容器运行时的能力,而不需要重新编译 Kubernetes。在这项工作的基础上,CRI-O 项目([原名 OCID] 13)准备为 Kubernetes 提供轻量级的运行时。

CRI-O 允许你直接从 Kubernetes 运行容器,而不需要任何不必要的代码或工具。只要容器符合 OCI 标准,CRI-O 就可以运行它,去除外来的工具,并让容器做其擅长的事情:加速你的新一代原生云程序。

modprobe overlay
modprobe br_netfilter

# 创建kubernetes cri需要的网络参数
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-iptables  = 1
net.ipv4.ip_forward                 = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF

sysctl -p /etc/sysctl.d/k8s.conf

# 安装必要组件
yum-config-manager --add-repo=https://cbs.centos.org/repos/paas7-crio-115-release/x86_64/os/

# 安装CRI-O
yum install --nogpgcheck cri-o

# 启动CRI-O
systemctl daemon-reload
systemctl start crio

 

2. 安装containerd

cat > /etc/modules-load.d/containerd.conf <<EOF
overlay
br_netfilter
EOF

modprobe overlay
modprobe br_netfilter

# 安装所需的软件包
yum install yum-utils device-mapper-persistent-data lvm2

# 添加docker存储库
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

# 安装容器(会自动把docker升级到最新版)
yum update --skip-broken && yum install containerd.io

# 配置containerd
mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml

# 重启containerd
systemctl restart containerd

 

3. 安装Kubernetes

关闭swap

swapoff -a

vi /etc/fstab

注释swap

# /dev/mapper/cl-swap     swap                    swap    defaults        0 0

执行下面命令

mount -a
echo "KUBELET_EXTRA_ARGS=--fail-swap-on=false" > /etc/sysconfig/kubelet

 

使用国内源安装

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
yum install -y kubelet-1.17.0 kubeadm-1.17.0 kubectl-1.17.0
systemctl enable kubelet && systemctl start kubelet

 

查看当前Kubernetes版本支持的Docker版本,可点击打开https://github.com/kubernetes/kubernetes

进入对应版本CHANGELOG-1.xx.md,查找docker关键就可以看到相关信息

4. 修改服务器系统环境变量

vi /etc/profile

在尾部添加下面配置

export KUBECONFIG=/etc/kubernetes/admin.conf

保存退出后,运行命令,让配置马上生效

source /etc/profile

 

5. 初始化Kubernetes

提交命令,加载所需的镜像,对Kubernetes进行初始化操作

kubeadm init --cri-socket /var/run/dockershim.sock --image-repository=registry.aliyuncs.com/google_containers --kubernetes-version=v1.17.0 --pod-network-cidr=192.168.16.0/20 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap

执行完初始化后,会生成加入节点的命令行,并打印出来

kubeadm join 192.168.xx.xxx:6443 --token ryotic.bt5ms3fx0tku0gxd \
    --discovery-token-ca-cert-hash sha256:94014c7543fd0ff86a847959e3f8e149691d4665b7dbc1abdf3d28c9c0ebf75d 

这样的命令,需要将它复制下来,后续添加容器到Kubernetes时需要用到

生成的这个令牌24小时内有效,过期后可以使用命令重新生成

如果忘记复制,可以使用下面命令重新打印出来

kubeadm token create –print-join-command

后续可能需要用到admin.conf生成密钥,按下面操作将配置复制到指定位置

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

 

6. 检查状态

kubectl get cs

显示下面信息就表示服务已正常启动了

NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok                  
controller-manager   Healthy   ok                  
etcd-0               Healthy   {"health":"true"}  

输入命令

kubectl get nodes

显示

NAME     STATUS   ROLES    AGE   VERSION
master   Ready    master   12m   v1.17.0

 

检查全部节点运行状态

kubectl get pods --all-namespaces

可以查看到

NAMESPACE     NAME                             READY   STATUS    RESTARTS   AGE
kube-system   coredns-9d85f5447-hccsk          1/1     Pending   0          33m
kube-system   coredns-9d85f5447-jc7dd          1/1     Pending   0          33m
kube-system   etcd-master                      1/1     Running   0          33m
kube-system   kube-apiserver-master            1/1     Running   0          33m
kube-system   kube-controller-manager-master   1/1     Running   0          33m
kube-system   kube-flannel-ds-amd64-gjp99      1/1     Running   0          11m
kube-system   kube-proxy-t8rrj                 1/1     Running   0          33m
kube-system   kube-scheduler-master            1/1     Running   0          33m

 

coredns节点状态为Pending,这是因为还没有安装网络插件,按下面部署安装了Weave后,这两个状态就会显示Running

查看master节点的详细信息

kubectl describe node master

 

7. 安装集群网络Weave Net

下载weave.yaml文件

curl -L "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')" > weave.yaml

修改weave.yaml配置

vi weave.yaml

在配置文件中查找到“/home/weave/launch.sh”,在下面的env中添加IPALLOC_RANGE,具体如下

        spec:
          containers:
            - name: weave
              command:
                - /home/weave/launch.sh
              env:
                - name: HOSTNAME
                  valueFrom:
                    fieldRef:
                      apiVersion: v1
                      fieldPath: spec.nodeName
                - name: IPALLOC_RANGE
                  value: 192.168.16.0/20

 

这里将会绑定IP分配范围为本地指定的范围,192.168.16.0/20这个值必须与初始化时的pod-network-cidr值一致,不然可能会导至服务出错

安装插件

kubectl apply -f weave.yaml

删除插件

kubectl delete -f weave.yaml

稍等一会,输入命令查看pod运行状态,就可以看到weave-net的状态处于Running中

kubectl get pod --all-namespaces -o wide

显示内容

NAMESPACE     NAME                             READY   STATUS    RESTARTS   AGE     IP               NODE     NOMINATED NODE   READINESS GATES
kube-system   coredns-9d85f5447-v9qld          1/1     Running   0          21m     10.244.0.3       master   <none>           <none>
kube-system   coredns-9d85f5447-z22vf          1/1     Running   0          21m     10.244.0.2       master   <none>           <none>
kube-system   etcd-master                      1/1     Running   0          21m     192.168.10.161   master   <none>           <none>
kube-system   kube-apiserver-master            1/1     Running   0          21m     192.168.10.161   master   <none>           <none>
kube-system   kube-controller-manager-master   1/1     Running   0          21m     192.168.10.161   master   <none>           <none>
kube-system   kube-proxy-gn9gv                 1/1     Running   0          21m     192.168.10.161   master   <none>           <none>
kube-system   kube-scheduler-master            1/1     Running   0          21m     192.168.10.161   master   <none>           <none>
kube-system   weave-net-v97dl                  2/2     Running   0          4m37s   192.168.10.161   master 

查看当前docker镜像,也可以看到weave

docker images

docker镜像列表

REPOSITORY                                                        TAG                 IMAGE ID            CREATED             SIZE
registry.aliyuncs.com/google_containers/kube-proxy                v1.17.0             7d54289267dc        2 weeks ago         116MB
registry.aliyuncs.com/google_containers/kube-controller-manager   v1.17.0             5eb3b7486872        2 weeks ago         161MB
registry.aliyuncs.com/google_containers/kube-apiserver            v1.17.0             0cae8d5cc64c        2 weeks ago         171MB
registry.aliyuncs.com/google_containers/kube-scheduler            v1.17.0             78c190f736b1        2 weeks ago         94.4MB
weaveworks/weave-npc                                              2.6.0               5105e13e253e        7 weeks ago         34.9MB
weaveworks/weave-kube                                             2.6.0               174e0e8ef23d        7 weeks ago         114MB
registry.aliyuncs.com/google_containers/coredns                   1.6.5               70f311871ae1        7 weeks ago         41.6MB
registry.aliyuncs.com/google_containers/etcd                      3.4.3-0             303ce5db0e90        2 months ago        288MB
registry.aliyuncs.com/google_containers/pause                     3.1                 da86e6ba6ca1        2 years ago         742kB

查看本机网络信息,会发现新增cni0和flannel.1两个网络节点

ifconfig

 

8. 重置服务

如果初始化出现问题,或需要恢复到初始状态重新配置,可以执行下列命令

kubeadm reset
ifconfig cni0 down
ifconfig flannel.1 down
ifconfig weave down
ip link delete cni0
ip link delete flannel.1
ip link delete weave
rm -rf $HOME/.kube/config
rm -rf /var/lib/cni/
rm -rf /var/lib/kubelet/*
rm -rf /etc/kubernetes/
rm -rf /etc/cni/

除了清除kubernetes的这些数据外,还需要将对应的docker镜像删除,重新初始化才可能不会出错

posted @ 2020-06-09 09:50  AllEmpty  阅读(562)  评论(0编辑  收藏  举报