架构描述:1台master node,2台slave node
安装Docker
1. root账户登录,查看系统内核版本(ubuntu内核3.8+,Centos 6.5+)
# uname -a
2. 升级yum包到最新(可选)
# yum update
3. 设置yum源
# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
4. 查看仓库中的docker版本,选择特定版本安装
# yum list docker-ce --showduplicates | sort -r
5. 安装Docker,命令:yum installdocker-ce-版本号
# yum install docker-ce-17.12.1.ce
6. 启动Docker
# systemctl start docker
# systemctl enable docker
7. 检查是否安装成功(有client和service两部分表示docker安装启动成功)
# docker version
8. 开启Docker远程访问
# vim/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock#
# systemctldaemon-reload
# systemctlrestart docker
验证
http://ip:2375/images/json或curl http:/ip:2375/info
在Docker主机配置远程镜像仓库(registry搭建私有仓库 )
# vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"insecure-registries": ["192.168.1.45:5000"]
}
修改完重启重置
# systemctldaemon-reload
# systemctlrestart docker
# sudoservice docker status
其他相关命令
# docker stop docker --停止docker
# docker restart docker --重启docker
# docker ps --查看正在运行的容器
# docker ps -a --查看所有容器的状态
# docker images --查看本地镜像
# docker rm id/name --删除某个容器
# docker rmi id/name --删除某个镜像
# docker build -t eureka:v1 . --通过当前目录下的Dockerfile构建一个名为eureka:v1的镜像
# docker build -t eureka:v1 -f dockerfile_eureka . --通过指定配置文件名构建镜像
# docker run -d -p 1111:1111 --name crm-eureka eureka:v1 --通过镜像构建名为crm-eureka的容器,并以后台模式运行
安装kubernets
1. 关闭防火墙
# systemctl disable firewalld
# systemctl stop firewalld
# setenforce 0
2. master节点安装etcd和kubernets
# yum install etcd -y
# vi /etc/hosts
10.0.0.11 master
10.0.0.12 node-1
10.0.0.13 node-2
# systemctl restart network
# vi/etc/etcd/etcd.conf
.......
6行:ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
21行:ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379"
.......
# systemctl start etcd.service
# systemctl enable etcd.service
检测etcd是否安装成功
# etcdctl set testdir/testkey0 0
# etcdctl get testdir/testkey0
检测健康状态
# etcdctl -C http://10.0.0.11:2379cluster-health
安装kubernetes
# yum install kubernetes-master.x86_64-y
# yum install etcd -y kubernetes
# vi /etc/kubernetes/apiserver
......
8行: KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
11行:KUBE_API_PORT="--port=8080"
17行:KUBE_ETCD_SERVERS="--etcd-servers=http://10.0.0.11:2379"
23行:此处是一行
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
......
# vi /etc/kubernetes/config
......
22行:KUBE_MASTER="--master=http://10.0.0.11:8080"
......
3. 启动所有服务
# systemctl enable kube-apiserver.service
# systemctl start kube-apiserver
# systemctl restartkube-apiserver.service
# systemctl enablekube-controller-manager.service
# systemctl restartkube-controller-manager.service
# systemctl enablekube-scheduler.service
# systemctl restartkube-scheduler.service
检查服务是否安装成功
# kubectl get componentstatus
4. node节点安装kubernets
# yum install kubernetes-node.x86_64-y
# vi /etc/kubernetes/config
......
22行:KUBE_MASTER="--master=http://10.0.0.11:8080"
......
# vi /etc/kubernetes/kubelet
......
5行:KUBELET_ADDRESS="--address=0.0.0.0"
8行:KUBELET_PORT="--port=10250"
11行:KUBELET_HOSTNAME="--hostname-override=10.0.0.12"
14行:KUBELET_API_SERVER="--api-servers=http://10.0.0.11:8080"
......
# systemctl enable kubelet.service
# systemctl start kubelet.service
# systemctl enable kube-proxy.service
# systemctl start kube-proxy.service
在master节点检查node运行状态
# kubectl get nodes
5. 所有节点分别配置flannel网络
# yum install flannel -y
#sed -i
's#http://127.0.0.1:2379#http://10.0.0.11:2379#g'/etc/sysconfig/flanneld
master节点操作
# etcdctl mk /atomic.io/network/config'{ "Network": "172.16.0.0/16" }'
# yum install docker -y
# systemctl enable flanneld.service
# systemctl restart flanneld.service
# systemctl restart docker
# systemctl enable docker
# systemctl restart kube-apiserver.service
# systemctl restartkube-controller-manager.service
# systemctl restartkube-scheduler.service
node节点:node-1 node-2
# systemctl enable flanneld.service
# systemctl restart flanneld.service
# systemctl restart docker
# systemctl restart kubelet.service
# systemctl restart kube-proxy.service
所有节点启动docker node-1node-2都部署
#vi/usr/lib/systemd/system/docker.service
在[Service]区域下增加一行
......
[Service]
ExecStartPost=/usr/sbin/iptables -P FORWARDACCEPT
......
# systemctl daemon-reload
# systemctl restart docker
6. 将node加入到kubernetes集群中
首先在master上执行下列命令获取token
# kubeadm token list
(如果过期可先执行此命令
# kubeadm token create #重新生成token
列出token
# kubeadm token list | awk -F" "'{print $1}' |tail -n 1获取CA公钥的哈希值
# openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin-outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^ .* //'从节点加入集群(master的ip或域名)
# kubeadm join 192.168.40.8:6443 --token token填这里,--discovery-token-ca-cert-hash sha256:哈希值填这里)
然后在node1控制台输入
# kubeadm join --token=4fccd2.b0e0f8918bd95d3e192.168.119.132:6443
在master执行查看node1加入状态
# kubectl get node
在crm-eureka工程下添加Dockerfile文件,用于maven打包docker镜像:
修改Maven pom.xml文件
通过Jenkins自动化打包工程并发布镜像到服务器上
查看本地镜像
#docker images
镜像上传到Docker Hub
#docker login
通过账号密码登录成功后
# docker pushmchr/crm-eureka:0.0.1-SNAPSHOT
登录Docker Hub主页查看
命令方式部署服务
# kubectl run crm-eureka--image=mchr/crm-eureka:0.0.1-SNAPSHOT --replicas=1 --port=1111
查看pod
# kubectl get pods
查看服务详情信息
# kubectl describe podcrm-eureka-379829228-cwlbb
查看已部署
# kubectl get deployments
其他相关操作命令
删除pod
# kubectl delete podcrm-eureka-379829228-cwlbb
删除deployment
# kubectl delete deployment crm-eureka
扩展副本
# kubectl scale deployment crm-eureka --replicas=3
或
# kubectl scale deployment/crm-eureka --replicas=3
更新应用镜像版本
# kubectl set imagedeployment/crm-eureka eureka=mchr/crm-eureka:0.0.2-SNAPSHOT
确认是否更新成功
# kubectl rollout statusdeployment/crm-eureka
yaml文件创建服务
# mkdir k8s_yaml
# cd k8s_yaml/
# mkdir deployment
# cd deployment/
# vi crm-eureka.yaml
检验配置文件的正确性
# kubectl create -f crm-eureka.yaml--validate
在master执行如下命令启动deployment 和service
# kubectl create -f crm-eureka.yaml
查看命令
#kubectl get all -o wide
#kubectl get deployments
#kubectl get pod
# kubectl get services
查看pod副本和service
#kubectl get pods -o wide
#kubectl get svc -o wide
