kubernetes master 节点包含的组件:
1、kube-apiserver :集群核心,集群API接口、集群各个组件通信的中枢;集群安全控制;
2、kube-scheduler: 集群调度器 ,根据node负载(cpu、内存、存储、策略等)将pod分配到合适node。
3、kube-controller-manager:集群状态管理器 。当集群状态与集群期望值不同时,该控制器会根据已有策略将其恢复到指定状态。
kube-scheduler、kube-controller-manager 和 kube-apiserver 三者的功能紧密相关,前需要部署在同一台机器上。
4、etcd 一个高可用的K/V键值对存储和服务发现系统
注意:集群只能有一个 kube-scheduler、kube-controller-manager 进程处于工作状态,如果运行多个,则需要通过选举产生一个 leader
kubernetes node 节点包含的组件:
1、kubelet 在Node节点上按照配置文件中定义的容器规格启动容器
2、kube-proxy 提供网络代理服务,将service与pod打通。
3、flannel 实现夸主机的容器网络的通信
4、docker 这个就不用说了!
安装环境准备:
1、关闭防火墙服务,避免与docker容器的防火墙规则冲突。
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
2、关闭selinux
修改/etc/selinux/config为SELINUX=disabled
[root@localhost ~]# getenforce
Disabled
一、master安装部署
1、安装master组件:
kubernetes-master (包含:kube-apiserver、kube-scheduler、kube-controller-manager)
etcd
[root@localhost ~]# yum install etcd kubernetes-master -y
2、编辑/etc/etcd/etcd.conf文件
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" #监听所有IP的2379端口
ETCD_NAME="default" #etcd名字,没有高可用只有一台的话可用默认!
ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"
3、编辑/etc/kubernetes/apiserver文件
###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#
# The address on the local server to listen to.
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"
# Port minions listen on
KUBELET_PORT="--kubelet-port=10250"
# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.1.201:2379"
# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
# default admission control policies
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
# Add your own!
KUBE_API_ARGS=""
4、/etc/kubernetes/config
KUBE_MASTER="--master=http://127.0.0.1:8080" 默认指向本机不需修改!
启动etcd、kube-apiserver、kube-controller-manager、kube-scheduler等服务,并设置开机启动。
5、在etcd中定义flannel网络
[root@master01 ~]# etcdctl mk /atomic.io/network/config '{"Network":"172.80.0.0/16"}'
二、node安装部署 (适用所有node)
1,安装flannel和kubernetes-node
[root@node01 ~]# yum install kubernetes-node flannel -y
2、为flannel网络指定etcd服务,修改/etc/sysconfig/flanneld文件
# Flanneld configuration options
# etcd url location. Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://192.168.1.201:2379" # 192.168.1.201为etcd所在服务器的IP(可设置多个--高可用)!
# etcd config key. This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/atomic.io/network"
# Any additional options that you want to pass
#FLANNEL_OPTIONS=""
3、修改/etc/kubernetes/config文件
###
# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
# kube-apiserver.service
# kube-controller-manager.service
# kube-scheduler.service
# kubelet.service
# kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"
# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"
# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"
# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://192.168.1,201:8080" #192.168.1.201为master所在服务器的IP!
4、修改node节点配置文件/etc/kubernetes/kubelet
###
# kubernetes kubelet (minion) config
# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=0.0.0.0"
# The port for the info server to serve on
KUBELET_PORT="--port=10250"
# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=192.168.1.202" #192.168.1.202为本机node的IP!
# location of the api-server
KUBELET_API_SERVER="--api-servers=http://192.168.1.201:8080" #192.168.1.201为apiserver所在服务器的IP!
# pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
# Add your own!
KUBELET_ARGS=""