一、源配置
[root@kubernetes-master yum.repos.d]# wget -O /etc/yum.repos.d/docker-ce.repo https://download.docker.com/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.tuna.tsinghua.edu.cn/docker-ce+' /etc/yum.repos.d/docker-ce.repo[root@kubernetes-node1 yum.repos.d]# wget -O /etc/yum.repos.d/docker-ce.repo https://download.docker.com/linux/centos/docker-ce.repo
[root@kubernetes-node1 yum.repos.d]# sed -i 's+download.docker.com+mirrors.tuna.tsinghua.edu.cn/docker-ce+' /etc/yum.repos.d/docker-ce.repo二、下载docker
[root@kubernetes-master yum.repos.d]# yum install docker-ce -y
[root@kubernetes-node1 yum.repos.d]# yum install docker-ce -y三、安装kubeadm
[root@kubernetes-master yum.repos.d]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
> [kubernetes]
> name=Kubernetes
> baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
> enabled=1
> gpgcheck=1
> repo_gpgcheck=1
> gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
> EOF
[root@kubernetes-master yum.repos.d]# setenforce 0
setenforce: SELinux is disabled
[root@kubernetes-master yum.repos.d]# yum install -y kubelet kubeadm kubectl
[root@kubernetes-master yum.repos.d]# systemctl enable kubelet && systemctl start kubelet[root@kubernetes-node1 yum.repos.d]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
> [kubernetes]
> name=Kubernetes
> baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
> enabled=1
> gpgcheck=1
> repo_gpgcheck=1
> gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
> EOF
[root@kubernetes-node1 yum.repos.d]# setenforce 0
setenforce: SELinux is disabled
[root@kubernetes-node1 yum.repos.d]# yum install -y kubelet kubeadm kubectl
[root@kubernetes-node1 yum.repos.d]# systemctl enable kubelet && systemctl start kubelet四、优化内核
[root@kubernetes-master yum.repos.d]# cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@kubernetes-master yum.repos.d]# sudo sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/k8s.conf ...
* Applying /etc/sysctl.conf ...[root@kubernetes-node1 yum.repos.d]# cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@kubernetes-node1 yum.repos.d]# sudo sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/k8s.conf ...
* Applying /etc/sysctl.conf ...五、关闭swap
[root@kubernetes-node1 ~]# swapoff -a
[root@kubernetes-node1 ~]# vi /etc/fstab
#
# /etc/fstab
# Created by anaconda on Fri Apr 19 12:16:44 2019
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=35076632-0a8a-4234-bd8a-45dc7df0fdb3 / xfs defaults 0 0
#UUID=72aabc10-44b8-4c05-86bd-049157d771f8 swap swap defaults 0 0[root@kubernetes-master ~]# swapoff -a
[root@kubernetes-master ~]# vi /etc/fstab
#
# /etc/fstab
# Created by anaconda on Fri Apr 19 12:16:44 2019
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=35076632-0a8a-4234-bd8a-45dc7df0fdb3 / xfs defaults 0 0
#UUID=72aabc10-44b8-4c05-86bd-049157d771f8 swap swap defaults 0 0六、master节点初始化
[root@kubernetes-master ~]# systemctl enable docker.service
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service. #设置docker开机自启,不然报错
[root@kubernetes-master ~]# systemctl start docker.service #启动docker,否则也会报错
[root@kubernetes-master ~]# kubeadm init --kubernetes-version=v1.18.0 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --service-cidr=10.254.0.0/16[root@kubernetes-master ~]# mkdir -p $HOME/.kube
[root@kubernetes-master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@kubernetes-master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config九、查看组件状态
[root@kubernetes-master ~]# kubectl get componentstatus
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true"} 十、node节点加入k8s集群
[root@kubernetes-node1 ~]# systemctl restart docker.service && systemctl enable docker.service
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@kubernetes-node1 ~]# kubeadm join 10.0.0.11:6443 --token 5wlmar.xurufixja2u9h1cy \
> --discovery-token-ca-cert-hash sha256:c435ad572fbf0bf88b4e217f39b539702d3c1ed949694a12c47909bb1dd64b2a
十一、查看是否加入
[root@kubernetes-master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
kubernetes-master NotReady master 17m v1.18.3 #主机名就是node名字
kubernetes-node1 NotReady <none> 58s v1.18.3十二、配置网络插件
[root@kubernetes-master ~]# docker pull quay.io/coreos/flannel:v0.12.0-amd64
[root@kubernetes-node1 ~]# docker pull quay.io/coreos/flannel:v0.12.0-amd64[root@kubernetes-master ~]# kubectl create -f kube-flannel.yml
podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds-amd64 created
daemonset.apps/kube-flannel-ds-arm64 created
daemonset.apps/kube-flannel-ds-arm created
daemonset.apps/kube-flannel-ds-ppc64le created
daemonset.apps/kube-flannel-ds-s390x created十三、node节点状态ready
[root@kubernetes-master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
kubernetes-master Ready master 26m v1.18.3
kubernetes-node1 Ready <none> 10m v1.18.3十四、设定kubectl命令补全
[root@kubernetes-master ~]# source <(kubectl completion bash)
[root@kubernetes-master ~]# echo "source <(kubectl completion bash)" >> ~/.bashrc十五、创建一个deployment资源
[root@kubernetes-master ~]# cat nginx-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 3
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.13
ports:
- containerPort: 80
resources:
limits:
cpu: 100m
requests:
cpu: 100m[root@kubernetes-master ~]# kubectl create -f nginx-deploy.yaml
deployment.apps/nginx-deployment created十六、查看资源
[root@kubernetes-master ~]# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx 1/1 Running 0 13m
pod/nginx-deployment-675f488855-dccgs 1/1 Running 0 73s
pod/nginx-deployment-675f488855-n48wq 1/1 Running 0 73s
pod/nginx-deployment-675f488855-p9jr2 1/1 Running 0 73s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.254.0.1 <none> 443/TCP 54m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-deployment 3/3 3 3 81s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-deployment-675f488855 3 3 3 81s十七、暴露端口,创建svc
[root@kubernetes-master ~]# kubectl expose deployment nginx-deployment --port=80 --target-port=80 --type=NodePort
service/nginx-deployment exposed十八、查看,访问
[root@kubernetes-master ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.254.0.1 <none> 443/TCP 58m
nginx-deployment NodePort 10.254.230.28 <none> 80:30386/TCP 44s访问 10.0.0.12:30386
十九、查看系统资源,dns服务自带
[root@kubernetes-master ~]# kubectl get all -n kube-system
NAME READY STATUS RESTARTS AGE
pod/coredns-7ff77c879f-hgx9q 1/1 Running 0 62m
pod/coredns-7ff77c879f-tqm9v 1/1 Running 0 62m
pod/etcd-kubernetes-master 1/1 Running 0 63m
pod/kube-apiserver-kubernetes-master 1/1 Running 0 63m
pod/kube-controller-manager-kubernetes-master 1/1 Running 3 63m
pod/kube-flannel-ds-amd64-9trrn 1/1 Running 0 38m
pod/kube-flannel-ds-amd64-h46zh 1/1 Running 0 38m
pod/kube-proxy-fhjft 1/1 Running 0 46m
pod/kube-proxy-w765b 1/1 Running 0 62m
pod/kube-scheduler-kubernetes-master 1/1 Running 3 63m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kube-dns ClusterIP 10.254.0.10 <none> 53/UDP,53/TCP,9153/TCP 63m
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/kube-flannel-ds-amd64 2 2 2 2 2 <none> 38m
daemonset.apps/kube-flannel-ds-arm 0 0 0 0 0 <none> 38m
daemonset.apps/kube-flannel-ds-arm64 0 0 0 0 0 <none> 38m
daemonset.apps/kube-flannel-ds-ppc64le 0 0 0 0 0 <none> 38m
daemonset.apps/kube-flannel-ds-s390x 0 0 0 0 0 <none> 38m
daemonset.apps/kube-proxy 2 2 2 2 2 kubernetes.io/os=linux 63m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/coredns 2/2 2 2 63m
NAME DESIRED CURRENT READY AGE
replicaset.apps/coredns-7ff77c879f 2 2 2 62m
0 Comments