2台机器,1台为Master,1台为Node
修改Host Master为dmaster,Node为dslave
安装K8s and Etcd
在Master机器上安装
yum install etcd
yum install kubernetes
Node机器只需要
yum install kubernetes
安装k8s会自动安装docker,目前版本是1.8
配置K8s
Etcd默认的监听端口是4001,在这里修改
vim /etc/etcd/etcd.conf
修改Master机器K8s配置
1. apiserver配置
vim /etc/kubernetes/apiserver
### # kubernetes system config # # The following values are used to configure the kube-apiserver # # The address on the local server to listen to. KUBE_API_ADDRESS="--address=0.0.0.0" # The port on the local server to listen on. KUBE_API_PORT="--port=8080" # Port minions listen on KUBELET_PORT="--kubelet_port=10250" # Comma separated list of nodes in the etcd cluster KUBE_ETCD_SERVERS="--etcd_servers=http://127.0.0.1:4001" # Address range to use for services KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16" # default admission control policies KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota" # Add your own! KUBE_API_ARGS="--secure-port=0"
2.K8s配置
vim /etc/kubernetes/config
# kubernetes system config # # The following values are used to configure various aspects of all # kubernetes services, including # # kube-apiserver.service # kube-controller-manager.service # kube-scheduler.service # kubelet.service # kube-proxy.service # logging to stderr means we get it in the systemd journal KUBE_LOGTOSTDERR="--logtostderr=true" # journal message level, 0 is debug KUBE_LOG_LEVEL="--v=0" # Should this cluster be allowed to run privileged docker containers KUBE_ALLOW_PRIV="--allow_privileged=false" # How the controller-manager, scheduler, and proxy find the apiserver KUBE_MASTER="--master=http://dmaster:8080" KUBE_ETCD_SERVERS="--etcd-servers=http://dmaster:4001"
3.启动服务
systemctl enable etcd kube-apiserver kube-controller-manager kube-scheduler
systemctl restart etcd kube-apiserver kube-controller-manager kube-scheduler
systemctl status etcd kube-apiserver kube-controller-manager kube-scheduler
修改Node机器配置
1. K8s配置
vim /etc/kubernetes/kubelet
# kubernetes kubelet (minion) config # The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) KUBELET_ADDRESS="--address=127.0.0.1" # The port for the info server to serve on KUBELET_PORT="--port=10250" # You may leave this blank to use the actual hostname KUBELET_HOSTNAME="--hostname_override=dslave" # location of the api-server KUBELET_API_SERVER="--api_servers=http://dmaster:8080" # Add your own! KUBELET_ARGS=""
2. 启动服务
systemctl enable kube-proxy kubeletdocker
systemctl restart kube-proxy kubeletdocker
systemctl status kube-proxy kubeletdocker
新增Pod
1. 在Master机器查看Node状态
[root@192 k8s]# kubectl get nodes NAME LABELS STATUS dslave kubernetes.io/hostname=dslave Ready
2. 新建Pod资源文件
apiVersion: v1 kind: Pod metadata: name: mysql labels: name: mysql spec: containers: - resources: limits : cpu: 0.5 image: mysql name: mysql env: - name: MYSQL_ROOT_PASSWORD # change this value: rootpwd ports: - containerPort: 3306 name: mysql volumeMounts: # name must match the volume name below - name: mysql-persistent-storage # mount path within the container mountPath: /var/lib/mysql volumes: - name: mysql-persistent-storage cinder: volumeID: bd82f7e2-wece-4c01-a505-4acf60b07f4a fsType: ext4
3. 导入资源
kubectl create -f mysql.yaml
4. 查看资源状态
[root@192 k8s]# kubectl get pods NAME READY STATUS RESTARTS AGE mysql 1/1 Running 0 1h
这里已经部署在运行了,所以是Running。Status开始是Ready。
5. 查看日志
Master机器日志
tail -f /var/log/messages | grep kube
Dec 11 09:54:11 192 kube-scheduler: I1211 09:54:11.380994 20445 event.go:203] Event(api.ObjectReference{Kind:"Pod", Namespace:"default", Name:"mysql", UID:"2f192467-a030-11e5-8a55-000c298cfaa1", APIVersion:"v1", ResourceVersion:"3522", FieldPath:""}): reason: 'scheduled' Successfully assigned mysql to dslave
在部署Pod时,在Node机器日志中报错
Dec 11 09:30:22 dslave kubelet: E1211 09:30:22.745867 99650 manager.go:1557] Failed to create pod infra container: image pull failed for gcr.io/google_containers/pause:0.8.0, this may be because there are no credentials on this request. details: (Network timed out while trying to connect to http://gcr.io/v1/repositories/google_containers/pause/images. You may want to check your internet connection or if you are behind a proxy.); Skipping pod "mysql_default" Dec 11 09:30:22 dslave kubelet: E1211 09:30:22.955470 99650 pod_workers.go:111] Error syncing pod bcbb3b8a-a02a-11e5-8a55-000c298cfaa1, skipping: image pull failed for gcr.io/google_containers/pause:0.8.0, this may be because there are no credentials on this request. details: (Network timed out while trying to connect to http://gcr.io/v1/repositories/google_containers/pause/images. You may want to check your internet connection or if you are behind a proxy.)
Google被墙了,下载资源包到本地
在Node节点导入
docker load --input pause-0.8.0.tar
这是一个容器,负责Pod内部的网络
还有一个问题是权限的问题
no API token found for service account default/default, retry after the token is automatically created and added to the service account
这样即可解决
#vim /etc/kubernetes/apiserver KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota" #systemctl restart kube-apiserver.service