k8s安装笔记

1、安装docker

sudo yum -y install docker

#docker增加非https仓库支持：
sudo vi /etc/docker/daemon.json
{ "insecure-registries":["10.255.1.153:5000"] }

#启用服务
sudo systemctl start docker
sudo systemctl enable docker
#授权oper用户使用docker
sudo chown oper  ..../docker/sock

2、安装k8s

（1）增加repo文件

cat > /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
EOF

（2）修改系统配置

vi /etc/sysctl.d/k8s.conf 
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

###
sysctl -p  /etc/sysctl.d/k8s.conf

（3）修改机器名称并添加hosts

vi /etc/hosts
127.0.0.1 uat-k8s-master

（5）拉取本地k8s镜象：

docker pull 10.255.1.153:5000/coredns:1.2.6 
docker pull 10.255.1.153:5000/etcd:3.2.24 
docker pull 10.255.1.153:5000/kube-apiserver:v1.13.3 
docker pull 10.255.1.153:5000/kube-controller-manager:v1.13.3
docker pull 10.255.1.153:5000/kube-proxy:v1.13.3 
docker pull 10.255.1.153:5000/kube-scheduler:v1.13.3 
docker pull 10.255.1.153:5000/pause:3.1 

（6）对本地镜像重新tag：

docker tag 10.255.1.153:5000/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
docker tag 10.255.1.153:5000/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag 10.255.1.153:5000/kube-apiserver:v1.13.3 k8s.gcr.io/kube-apiserver:v1.13.3
docker tag 10.255.1.153:5000/kube-controller-manager:v1.13.3 k8s.gcr.io/kube-controller-manager:v1.13.3
docker tag 10.255.1.153:5000/kube-proxy:v1.13.3 k8s.gcr.io/kube-proxy:v1.13.3
docker tag 10.255.1.153:5000/kube-scheduler:v1.13.3 k8s.gcr.io/kube-scheduler:v1.13.3
docker tag 10.255.1.153:5000/pause:3.1 k8s.gcr.io/pause:3.1

（7）创建完成后保存join的链接：

kubeadm join 10.255.16.89:6443 --token aohbe5.8pw6ui9sa5o0fq6g --discovery-token-ca-cert-hash sha256:48fd01ab4863809e6d08af94ccab7f5ced842b0413c6750e1480c32e09aaf19f

nfs安装

（1）master:

yum -y install nfs-utils rpcbind

vim /etc/exports 
# 添加以下内容
/data/deploy/logs 10.10.103.0/24(rw,no_root_squash,no_all_squash,sync)
# 使配置生效
exportfs -r
# 依次启动服务
systemctl start rpcbind
systemctl start nfs-server

（2）node:

yum -y install nfs-utils 

安装elk

docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 \
-it --name elk \
sebp/elk

修改elk中的filebeat-input，进行json格式codec处理

input {
  beats {
    port => 5044
    ssl => false
    codec => "json"
  }
}

在worker节点上安装filebeat

1、准备配置文件filebeat.yml

filebeat.prospectors:
- type: log
  paths:
    - /data/deploy/*/logs/wrapper.log
output.logstash:
  hosts: ["10.255.16.89:5044"]

2、执行docker镜像

docker run -d --name filebeat \
-v /data/apps/filebeat/filebeat.yml:/filebeat.yml \
-v /data/deploy:/data/deploy \
prima/filebeat

增加elasticsearch的代理对filebeat过来的日志进行精确排序

docker run -d --rm --name elasticproxy \
-p 8899:8899 zhangyuming/elasticproxy elasticproxy \
-elastic_host 10.255.16.89:9200

修改kibana.yml，将elasticsearch的指向改为8899的代理

vi /opt/kibana/config/kibana.yml
# 修改以下行
elasticsearch.url: "http://10.255.16.89:8899"

小贴士

（1）强制删除pod

kubectl delete pod trtec-web-mp-6mlzs  --grace-period=0 --force