记录k8s安装过程
https://www.cnblogs.com/xiaochangwei/p/kubernetes-03.html
Master安装
1.master节点上执行:
yum -y install kubernetes flannel etcd
2.修改etcd配置为:
[root@k8s-master ~]# vi /etc/etcd/etcd.conf ETCD_NAME=default ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"
3.修改apiserver配置为:
[root@k8s-master ~]# vi /etc/kubernetes/apiserver KUBE_API_ADDRESS="--address=0.0.0.0" KUBE_API_PORT="--port=8080" KUBELET_PORT="--kubelet_port=10250" KUBE_ETCD_SERVERS="--etcd_servers=http://127.0.0.1:2379" KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16" KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota" KUBE_API_ARGS=""
注意:红色部分为后续创建service时,虚拟ip的地址范围
4.修改kubelet配置
openssl s_client -showcerts -servername registry.access.redhat.com -connect registry.access.redhat.com:443 </dev/null 2>/dev/null | openssl x509 -text > /etc/rhsm/ca/redhat-uep.pem
docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
[root@k8s-master ~]# vi /etc/kubernetes/kubelet ### # kubernetes kubelet (minion) config # The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) KUBELET_ADDRESS="--address=0.0.0.0" # The port for the info server to serve on # KUBELET_PORT="--port=10250" # You may leave this blank to use the actual hostname KUBELET_HOSTNAME="--hostname-override=k8s-master" # location of the api-server KUBELET_API_SERVER="--api-servers=http://127.0.0.1:8080" # pod infrastructure container KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest" #KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=192.168.100.6:5000/rhel7/pod-infrastructure:1.0" # Add your own! KUBELET_ARGS="--cluster-dns=10.254.0.2 --cluster-domain=cluster.local"
注意:
1. 192.168.100.6:5000/rhel7/pod-infrastructure:1.0 为私库中的地址,默认配置文件中地址被和谐了,所以可以获取其他镜像源到本地私库
[root@localhost ~]# docker images |grep pod-infrastructure 127.0.0.1:5000/rhel7/pod-infrastructure 1.0 adf142596532 8 months ago 206 MB docker.io/jqka/pod-infrastructure latest adf142596532 8 months ago 206 MB
2. --cluster-dns=10.254.0.2 --cluster-domain=cluster.local
# 10.254.0.2 为dns解析地址 和 第3步中的ip要在同一范围
# cluster.local 集群的域名字,用在服务发现dns解析中
5. 修改kuberlet 配置信息
[root@k8s-master ~]# vi /etc/kubernetes/config KUBE_LOGTOSTDERR="--logtostderr=true" # journal message level, 0 is debug KUBE_LOG_LEVEL="--v=0" # Should this cluster be allowed to run privileged docker containers KUBE_ALLOW_PRIV="--allow-privileged=false" # How the controller-manager, scheduler, and proxy find the apiserver KUBE_MASTER="--master=http://k8s-master:8080"
6.启动服务并设置为开机启动
for SERVICES in flanneld etcd docker kube-apiserver kube-controller-manager kube-scheduler; do systemctl restart $SERVICES systemctl enable $SERVICES systemctl status $SERVICES -l done
7.设置etcd网络信息,用于后续节点启动的容器ip分配
etcdctl mk /atomic.io/network/config '{"Network":"172.16.0.0/16"}'
Node安装
1.node节点不需要安装etcd来存储相关信息
yum -y install flannel kubernetes
2.修改flanneld网络相关信息
[root@k8s-node1 ~]# vi /etc/sysconfig/flanneld # Flanneld configuration options FLANNEL_ETCD="http://k8s-master:2379" # etcd url location. Point this to the server where etcd runs FLANNEL_ETCD_ENDPOINTS="http://k8s-master:2379" # etcd config key. This is the configuration key that flannel queries # For address range assignment FLANNEL_ETCD_PREFIX="/atomic.io/network" # Any additional options that you want to pass #FLANNEL_OPTIONS=""
注意: /atomic.io/network 需与 Master配置中的第7步 中配置 etcdctl mk /atomic.io/network/config '{"Network":"172.16.0.0/16"}' 名称一致
3.kubelet config信息
[root@k8s-node1 ~]# vi /etc/kubernetes/config ### # kubernetes system config # # The following values are used to configure various aspects of all # kubernetes services, including # # kube-apiserver.service # kube-controller-manager.service # kube-scheduler.service # kubelet.service # kube-proxy.service # logging to stderr means we get it in the systemd journal KUBE_LOGTOSTDERR="--logtostderr=true" # journal message level, 0 is debug KUBE_LOG_LEVEL="--v=0" # Should this cluster be allowed to run privileged docker containers KUBE_ALLOW_PRIV="--allow-privileged=false" # How the controller-manager, scheduler, and proxy find the apiserver KUBE_MASTER="--master=http://k8s-master:8080"
4.kubelet 核心文件修改
openssl s_client -showcerts -servername registry.access.redhat.com -connect registry.access.redhat.com:443 </dev/null 2>/dev/null | openssl x509 -text > /etc/rhsm/ca/redhat-uep.pem
docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
[root@k8s-node1 ~]# vi /etc/kubernetes/kubelet # The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) KUBELET_ADDRESS="--address=0.0.0.0" # The port for the info server to serve on KUBELET_PORT="--port=10250" # You may leave this blank to use the actual hostname KUBELET_HOSTNAME="--hostname-override=k8s-node1" # location of the api-server KUBELET_API_SERVER="--api-servers=http://k8s-master:8080" # pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
#KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=192.168.100.6:5000/rhel7/pod-infrastructure:1.0" KUBELET_ARGS="--cluster-dns=10.254.0.2 --cluster-domain=cluster.local"
注意:修改 KUBELET_HOSTNAME 中节点信息,KUBELET_POD_INFRA_CONTAINER 对应到私库地址 , KUBELET_ARGS 配置的为dns解析信息 Master配置值的第4步 配置一致
5.启动服务
for SERVICES in kube-proxy kubelet flanneld; do systemctl restart $SERVICES systemctl enable $SERVICES systemctl status $SERVICES done