|NO.Z.00004|——————————|^^ 部署 ^^|——|Kubernetes&kubeadm部署.V03|——|kubernetes集群部署|
一、部署kubernetes Master
### --- 在10.10.10.11(master)执行
[root@k8s-master ~]# kubeadm init \
> --apiserver-advertise-address=10.10.10.11 \ # 当前节点的IP
> --image-repository registry.aliyuncs.com/google_containers \ # 镜像仓库;阿里云镜像
> --kubernetes-version v1.18.0 \ # 当前版本
> --service-cidr=10.96.0.0/12 \ # 最后两条参数:IP,和当前节点不冲突即可,没什么特别的含义
> --pod-network-cidr=10.244.0.0/16
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull' #拉取镜像
Your Kubernetes control-plane has initialized successfully! # successfully成功提示,表示执行成功了
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube # 第一步:提示执行第一步骤
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.10.10.11:6443 --token 8asf0c.05zp7rlwnpc6nnx3 \ # 第二步:提示执行第二步骤
--discovery-token-ca-cert-hash sha256:367501994a40b68283accfb0d24e79f0a2320a3efd89af2ec436105282ab5d01 ### --- 拉取到的镜像
~~~ 由于默认拉取镜像地址k8s.gcr.io国内无法访问,这里指定阿里云镜像仓库地址
[root@k8s-master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.aliyuncs.com/google_containers/kube-proxy v1.18.0 43940c34f24f 11 months ago 117MB
registry.aliyuncs.com/google_containers/kube-apiserver v1.18.0 74060cea7f70 11 months ago 173MB
registry.aliyuncs.com/google_containers/kube-controller-manager v1.18.0 d3e55153f52f 11 months ago 162MB
registry.aliyuncs.com/google_containers/kube-scheduler v1.18.0 a31f78c7c8ce 11 months ago 95.3MB
registry.aliyuncs.com/google_containers/pause 3.2 80d28bedfe5d 12 months ago 683kB
registry.aliyuncs.com/google_containers/coredns 1.6.7 67da37a9a360 12 months ago 43.8MB
registry.aliyuncs.com/google_containers/etcd 3.4.3-0 303ce5db0e90 16 months ago 288MB二、使用kubectl工具(根据提示执行步骤)
### --- 使用kubectl工具(根据提示执行步骤)
[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
$[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master NotReady master 6m1s v1.18.0 #NotReady:没有准备好三、安装Pod网络插件(CNI)
### --- 安装Pod网络插件(CNI)
~~~ 确保能够访问到quay.io这个registery,如果Pod镜像下载失败,可以改这个镜像地址
[root@k8s-master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created #created:创建### --- 查看当前部署了什么组件
~~~ 服务启动需要时间,等待服务启动
[root@k8s-master ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-7ff77c879f-9ms2h 1/1 Running 0 45m
coredns-7ff77c879f-f2xvg 1/1 Running 0 45m
etcd-k8s-master 1/1 Running 0 46m
kube-apiserver-k8s-master 1/1 Running 0 46m
kube-controller-manager-k8s-master 1/1 Running 0 46m
kube-flannel-ds-kbshh 1/1 Running 0 30m
kube-flannel-ds-mcr74 1/1 Running 0 30m
kube-flannel-ds-r4djc 1/1 Running 0 30m
kube-proxy-29l97 1/1 Running 0 36m
kube-proxy-8vvh9 1/1 Running 0 45m
kube-proxy-qj5vh 1/1 Running 0 36m
kube-scheduler-k8s-master 1/1 Running 0 46m[root@k8s-master ~]# kubectl get nodes #ready准备就绪
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 46m v1.18.0
k8s-node1 Ready <none> 36m v1.18.0
k8s-node2 Ready <none> 36m v1.18.0四、加入kubernetes Node
### --- 在10.10.10.12/13(Node)执行
~~~ 向集群添加新节点,执行在kubeadm init输出的kubeadm join命令:
[root@k8s-node1 ~]# kubeadm join 10.10.10.11:6443 --token 8asf0c.05zp7rlwnpc6nnx3 \
> --discovery-token-ca-cert-hash sha256:367501994a40b68283accfb0d24e79f0a2320a3efd89af2ec436105282ab5d01
[root@k8s-node2 ~]# kubeadm join 10.10.10.11:6443 --token 8asf0c.05zp7rlwnpc6nnx3 \
> --discovery-token-ca-cert-hash sha256:367501994a40b68283accfb0d24e79f0a2320a3efd89af2ec436105282ab5d01 [root@k8s-master ~]# kubectl get nodes #状态为NotReady,缺少网络组件
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 46m v1.18.0
k8s-node1 Ready <none> 36m v1.18.0
k8s-node2 Ready <none> 36m v1.18.0五、测试kubernetes集群
### --- 在kubernetes集群中创建一个pod,验证是否正常运行:
[root@k8s-master ~]# kubectl create deployment nginx --image=nginx #创建nginx
deployment.apps/nginx created
[root@k8s-master ~]# kubectl get pod #状态为running即可
NAME READY STATUS RESTARTS AGE
nginx-f89759699-p8tnx 1/1 Running 0 17s [root@k8s-master ~]# kubectl expose deployment nginx --port=80 --type=NodePort #对外暴露端口
service/nginx exposed
[root@k8s-master ~]# kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/nginx-f89759699-p8tnx 1/1 Running 0 118s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 50m
service/nginx NodePort 10.104.117.58 <none> 80:31149/TCP 10s #暴露的端口是31149### --- 访问地址:http://NodeIP:Port
~~~ 通过Chrome访问:node节点地址,若访问成功,说明容器集群部署成功
http://10.10.10.12:31149/ # 可以访问到Welcome to nginx!
http://10.10.10.13:31149/ # 可以访问到Welcome to nginx!Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart
——W.S.Landor
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· Manus爆火,是硬核还是营销?
· 终于写完轮子一部分:tcp代理 了,记录一下
· 别再用vector<bool>了!Google高级工程师:这可能是STL最大的设计失误
· 单元测试从入门到精通