new tem

for  record

yum -y install epel-release
yum -y install python-pip
pip install shadowsocks
pip install --upgrade pip

mkdir /etc/shadowsocks
cat <<EOF > /etc/shadowsocks/shadowsocks.json
{
      "server": "us07.anss.vip",
      "server_port": 14860,
      "password": "apex.com",
      "method": "AES-256-CFB",
      "plugin": "",
      "plugin_opts": "",
      "remarks": "美国7",
      "timeout": 5
 }
EOF

cat <<EOF > /etc/systemd/system/shadowsocks.service
[Unit]
Description=Shadowsocks
[Service]
TimeoutStartSec=0
ExecStart=/usr/bin/sslocal -c /etc/shadowsocks/shadowsocks.json
[Install]
WantedBy=multi-user.target
EOF

 systemctl enable shadowsocks.service     &&      systemctl start shadowsocks.service    &&       systemctl status shadowsocks.service

 curl --socks5 127.0.0.1:1080 http://httpbin.org/ip



yum install privoxy -y
systemctl enable privoxy
systemctl start privoxy
systemctl status privoxy


echo "forward-socks5t / 127.0.0.1:1080 ."   >> /etc/privoxy/config

systemctl restart privoxy

PROXY_HOST=127.0.0.1
export all_proxy=http://$PROXY_HOST:8118
export ftp_proxy=http://$PROXY_HOST:8118
export http_proxy=http://$PROXY_HOST:8118
export https_proxy=http://$PROXY_HOST:8118
export no_proxy=localhost,172.16.0.0/16,192.168.0.0/16.,127.0.0.1,10.10.0.0/16,10.96.0.0/12,10.244.0.0/16,192.168.50.134

curl -I www.google.com

while read var; do unset $var; done < <(env | grep -i proxy | awk -F= '{print $1}')




安装kubectl

 curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
 chmod +x ./kubectl
mv ./kubectl /usr/local/bin/kubectl


安装kubeadmin  (master)

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
        https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF


setenforce 0
yum install -y kubelet kubeadm
systemctl enable kubelet && systemctl start kubelet


初始化  (flannel网络)
kubeadm init --apiserver-advertise-address 192.168.xx.xx --pod-network-cidr=10.244.0.0/16  
 
yum install docker -y

    systemctl start docker (报错)
    # /etc/sysconfig/docker

    # Modify these options if you want to change the way the docker daemon runs
    OPTIONS='--selinux-enabled=false --log-driver=journald --signature-verification=false'
    if [ -z "${DOCKER_CERT_PATH}" ]; then
        DOCKER_CERT_PATH=/etc/docker

    disable swap
    swapoff -a

    systemctl start kubelet.service  systemctl enable kubelet.service systemctl status kubelet.service

    拉取组建镜像 在其他地方拉，打goole的tag
    [ERROR ImagePull]: failed to pull image [k8s.gcr.io/kube-apiserver-amd64:v1.11.2]: exit status 1
    [ERROR ImagePull]: failed to pull image [k8s.gcr.io/kube-controller-manager-amd64:v1.11.2]: exit status 1
    [ERROR ImagePull]: failed to pull image [k8s.gcr.io/kube-scheduler-amd64:v1.11.2]: exit status 1
    [ERROR ImagePull]: failed to pull image [k8s.gcr.io/kube-proxy-amd64:v1.11.2]: exit status 1
    [ERROR ImagePull]: failed to pull image [k8s.gcr.io/pause:3.1]: exit status 1
    [ERROR ImagePull]: failed to pull image [k8s.gcr.io/etcd-amd64:3.2.18]: exit status 1
    [ERROR ImagePull]: failed to pull image [k8s.gcr.io/coredns:1.1.3]: exit status 1

docker pull docker.io/mirrorgooglecontainers/kube-apiserver-amd64:v1.11.2
docker pull docker.io/mirrorgooglecontainers/kube-controller-manager-amd64:v1.11.2
docker pull docker.io/mirrorgooglecontainers/kube-scheduler-amd64:v1.11.2
docker pull docker.io/mirrorgooglecontainers/kube-proxy-amd64:v1.11.2
docker pull docker.io/mirrorgooglecontainers/pause:3.1
docker pull docker.io/mirrorgooglecontainers/etcd-amd64:3.2.18
docker pull docker.io/coredns/coredns:1.1.3

改标签
docker tag docker.io/mirrorgooglecontainers/kube-apiserver-amd64:v1.11.2   k8s.gcr.io/kube-apiserver-amd64:v1.11.2
docker tag docker.io/mirrorgooglecontainers/kube-controller-manager-amd64:v1.11.2    k8s.gcr.io/kube-controller-manager-amd64:v1.11.2
docker tag docker.io/mirrorgooglecontainers/kube-scheduler-amd64:v1.11.2    k8s.gcr.io/kube-scheduler-amd64:v1.11.2
docker tag docker.io/mirrorgooglecontainers/kube-proxy-amd64:v1.11.2      k8s.gcr.io/kube-proxy-amd64:v1.11.2
docker tag docker.io/mirrorgooglecontainers/pause:3.1     k8s.gcr.io/pause:3.1
docker tag docker.io/mirrorgooglecontainers/etcd-amd64:3.2.18      k8s.gcr.io/etcd-amd64:3.2.18
docker tag docker.io/coredns/coredns:1.1.3    k8s.gcr.io/coredns:1.1.3

删除原来的标签

docker rmi docker.io/mirrorgooglecontainers/kube-apiserver-amd64:v1.11.2
docker rmi docker.io/mirrorgooglecontainers/kube-controller-manager-amd64:v1.11.2
docker rmi docker.io/mirrorgooglecontainers/kube-scheduler-amd64:v1.11.2
docker rmi docker.io/mirrorgooglecontainers/kube-proxy-amd64:v1.11.2
docker rmi docker.io/mirrorgooglecontainers/pause:3.1
docker rmi docker.io/mirrorgooglecontainers/etcd-amd64:3.2.18
docker rmi docker.io/coredns/coredns:1.1.3

更改配置文件vim /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
添加Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs"



                  

安装pod网络
 export KUBECONFIG=/etc/kubernetes/admin.conf
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml


添加node节点到集群
kubeadmin token list
kubeadm join --token d38a01.13653e584ccc1980 192.168.56.105:6443


helm init --upgrade -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.10.0 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
 kubectl taint nodes --all node-role.kubernetes.io/master-

kubectl create serviceaccount --namespace kube-system tiller

kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller

kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'