k8s 部署

 

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

yum clean all  
yum makecache

yum -y update

k8s 安装
时间同步安装
yum -y install chrony
启动
systemctl start chronyd && systemctl enable chronyd
检测
chronyc sources
查看
date

修改主机名称
hostnamectl set-hostname master

编辑文件 ip映射主机名
vi /etc/hosts
192.168.1.20 master
192.168.1.21 node1
192.168.1.22 node2
配置master配置ssh免密登入。
ssh-keygen -t rsa

进入 ssh 目录

?

1

cd .ssh

查看公钥

?

1	cat id_rsa.pub

在master中执行以下命令，对node1和node2进行免密登录，需要把master的公钥放到node1和node2的authorized_keys文件里

?

1 2	ssh-copy-id node1 ssh-copy-id node2

 

关闭防火墙
如有firewalld服务或iptables规则关闭各节点iptables和firewalld服务
systemctl stop firewalld && systemctl disable firewalld
iptables -F

永久关闭
vi /etc/sysconfig/selinux 中改SELINUX=disabled

禁用Swap设备

临时禁用
swapoff -a  

永久禁用

vi /etc/fstab #注释dev/mapper/centos-swap swap

检查
free
打开iptables桥接功能及路由转发 各节点开启桥接。
查看
sysctl -a |grep bridge
开启
modprobe br_netfilter

cat >> /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF

sysctl -p /etc/sysctl.d/k8s.conf

各节点开启转发。
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
cat /etc/sysctl.conf |grep ip_forward
sysctl -p

部署docker
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum -y install docker-ce-19.03.13
systemctl enable docker && systemctl start docker
docker --version

查看原
yum list docker-ce --showduplicates | sort -r
查询安装过的包
yum list installed | grep docker

部署kubernetes
获取yum。
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

安装 k8s
yum -y install kubelet-1.19.4 kubectl-1.19.4 kubeadm-1.19.4
开机启动
systemctl enable kubelet
查看安装
yum list installed | grep kubelet

配置Master节点初始化
kubeadm init \
--apiserver-advertise-address=192.168.1.20 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.19.4 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16

查看节点  #报这个错误的话 执行下边命令 The connection to the server 192.168.1.20:6443 was refused - did you specify the right host or port?

kubectl get nodes

echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile

source ~/.bash_profile

 

 网络插件安装

wget --no-check-certificate https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml 

kubectl apply -f kube-flannel.yml

删除旧的docker

yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-engine

重启kubelet

systemctl restart kubelet

卸载k8s
yum remove -y kubelet kubeadm kubectl

kubeadm reset -f

modprobe -r ipip
lsmod
rm -rf ~/.kube/
rm -rf /etc/kubernetes/
rm -rf /etc/systemd/system/kubelet.service.d
rm -rf /etc/systemd/system/kubelet.service
rm -rf /usr/bin/kube*
rm -rf /etc/cni
rm -rf /opt/cni
rm -rf /var/lib/etcd
rm -rf /var/etcd

部署nginx

kubectl create deployment nginx --image=nginx

查看pod

kubectl get pod

安装网络工具

yum install net-tools -y

查询端口

netstat -nlpt

 

查询控制器

kubectl get deployment

kubectl get pod

kubectl get service

暴露nginx

kubectl expose deployment nginx --port=80 --type=NodePort

删除控制器

kubectl delete deployment nginx 

删除pod

kubectl delete pod nginx-XXXXX

仪表盘

wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml --no-check-certificate

kubectl create -f recommended.yaml

获取token

#创建一个dashboard的管理用户

kubectl create serviceaccount dashboard-admin -n kube-system

#将创建的dashboard用户绑定为管理用户
kubectl create clusterrolebinding dashboard-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin

#获取刚刚创建的用户对应的token名称
kubectl get secrets -n kube-system | grep dashboard

#查看token的详细信息

kubectl describe secrets -n kube-system dashboard-admin-token-ghfwf

查看 

kubectl get service -A