cenos 搭建k8s集群
1、准备环境
#开放防火墙端口或关闭防火墙
systemctl stop firewalld
#关闭selinux
setenforce 0
或者 永久修改
sed -i 's/enforcing/disabled/' /etc/selinux/config
#关闭swa
swapoff -a
#三台服务器都修改/etc/hosts
test1作为master
test2作为节点1
test3作为节点2
# 将桥接的IPv4流量传递到iptables的链
vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
#执行修改生效
sysctl --system
以上操作,三台服务器都要执行!
2、三台服务器都安装docker
本次安装:kubeadm-1.19.0 kubelet-1.19.0 kubectl-1.19.0,对应的docker版本是:19.03
安装docker-19.03.15.tgz 参考https://www.cnblogs.com/leihongnu/p/16309585.html
拆坑记录:
之前没有安装过20以下的docker,需要在 /etc/docker/daemon.json文件中加入以下内容:
{
"registry-mirrors": ["https://registry.docker-cn.com","https://nrbewqda.mirror.aliyuncs.com","https://dmmxhzvq.mirror.aliyuncs.com"],
"exec-opts":["native.cgroupdriver=systemd"]
}
第一行是联网,否者下载不了镜像(20以上版本没有要求),
第二行是初始化master消除告警《
detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
》
#设置docker开机自起,一定要设置,否则初始化报错
systemctl enable docker
3、安装kubeadm、kubelet和kubectl
#安装工具
yum install conntrack-tools
#添加阿里云yum软件源
[root@test1 ~]# cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
#安装
yum install -y kubeadm-1.19.0 kubelet-1.19.0 kubectl-1.19.0
#设置开机启动kubelet,启动也不会成功,需要初始化之后才可以,会一直在刷日志,先不管
systemctl enable kubelet
4、初始化master
--ignore-preflight-errors=all :cpu最少需要两个,我的虚拟机只有一个,懒得改,直接忽略这个错误(
[ERROR NumCPU]: the number of available CPUs 1 is less than the required 2
)
kubeadm init --kubernetes-version=1.19.0 --apiserver-advertise-address=master的ip --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=all
注意初始化会有报错,根据提示解决。
节点1和节点需要执行的加入语句:
kubeadm join 192.168.56.101:6443 --token yy85lu.00jmm2hqd321gczx \
--discovery-token-ca-cert-hash sha256:3726d33eb051ce11f1dd7fdc0405bc8b0bd4f29fc93c2314aabebadbc6579d86
5、创建文件夹将admin.conf文件 copy到对应的位置
这里$PATH是/root
#创建目录
mkdir -p $HOME/.kube
#复制文件到目录
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
#将master的/etc/kubernetes/admin.conf 文件复制给节点1和节点2
scp -p /etc/kubernetes/admin.conf test2:/etc/kubernetes/admin.conf
scp -p /etc/kubernetes/admin.conf test3:/etc/kubernetes/admin.conf
6、将节点1和节点2加入master
到节点1和节点2执行下面的语句:
kubeadm join 192.168.56.101:6443 --token yy85lu.00jmm2hqd321gczx \
--discovery-token-ca-cert-hash sha256:3726d33eb051ce11f1dd7fdc0405bc8b0bd4f29fc93c2314aabebadbc6579d86
执行后的结果
7、在master中查看节点
[root@test1 ~]# kubectl get nodes
以上搭建完成!
8、验证
#在master上,安装部署CNI网络插件
[root@test1 ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
namespace/kube-flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
[root@test1 ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-6d56c8448f-gld5m 0/1 Pending 0 62m
coredns-6d56c8448f-xkt57 0/1 Pending 0 62m
etcd-test1 1/1 Running 0 62m
kube-apiserver-test1 1/1 Running 4 62m
kube-controller-manager-test1 1/1 Running 1 62m
kube-proxy-nkbvj 1/1 Running 0 9m52s
kube-proxy-skmvx 1/1 Running 0 62m
kube-scheduler-test1 1/1 Running 1 62m.
#安装nginx
#在kubenetes集群中创建一个pod 创建nginx
[root@test1 ~]# kubectl create deployment nginx --image=nginx
deployment.apps/nginx created
#暴露Nginx端口
[root@test1 ~]# kubectl expose deployment nginx --port=80 --type=NodePort
service/nginx exposed
#查看Nginx端口
[root@test1 ~]# kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/nginx-6799fc88d8-98lkz 0/1 Pending 0 18s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 67m
service/nginx NodePort 10.100.54.94 <none> 80:30448/TCP 7s
30448就是kubectl 分配给nginx的访问端口
查看容器
在自己的本机浏览器访问地址:192.168.56.101:30448 或者 192.168.56.102:30448都可以访问上nginx