安装 docker-ce
# 添加 docker-ce 源
curl http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
# 安装 docker-ce
yum install docker-ce -y
# 配置 docker-ce daemon.json 文件
mkdir -pv /etc/docker
cat << 'EOF' > /etc/docker/daemon.json
{
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"exec-opts": ["native.cgroupdriver=systemd"],
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"registry-mirrors": [
"https://docker.mirrors.ustc.edu.cn",
"https://hub-mirror.c.163.com"
]
}
EOF
# 启动服务
systemctl enable docker; systemctl start docker; docker info
安装 kubectl
# 使用国内阿里云源安装【目前版本为:v1.13.4 已经停止更新】
~ curl -LO http://kubernetes.oss-cn-hangzhou.aliyuncs.com/kubernetes-release/release/`curl -s http://kubernetes.oss-cn-hangzhou.aliyuncs.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl && chmod +x kubectl && sudo mv kubectl /usr/local/bin/kubectl
# 使用谷歌源安装(国内网路会很慢)【目前版本为:v1.23.5】
~ curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl && chmod +x kubectl && sudo mv kubectl /usr/local/bin/kubectl
由于不可描述原因,google 无法访问,可通过aliyun 通过的源 直接安装 rpm 包。
# 添加源
cat << 'EOF' > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
<br>
<br>
# 安装 kubelet
yum install kubectl -y
kubectl version --client
Client Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.5", GitCommit:"c285e781331a3785a7f436042c65c5641ce8a9e9", GitTreeState:"clean", BuildDate:"2022-03-16T15:58:47Z", GoVersion:"go1.17.8", Compiler:"gc", Platform:"linux/amd64"}
安装 minikube
# 下载 minikube-linux-amd64
wget https://github.com/kubernetes/minikube/releases/download/v1.7.3/minikube-linux-amd64
# 将minikube-linux-amd64 放置到 /usr/local/bin 目录下。
install minikube-linux-amd64 /usr/local/bin/minikube
# 查看版本
minikube version
minikube version: v1.25.2
commit: 362d5fdc0a3dbee389b3d3f1034e8023e72bd3a7
启动 minikube
初始化
- 关闭 selinux
- 关闭防火墙
- 关闭 swap
调整内核参数
cat << 'EOF' > /etc/sysctl.d/kubernetes.conf
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0 # 禁止使用 swap 空间,只有当系统 OOM 时才允许使用它
vm.overcommit_memory=1 # 不检查物理内存是否够用
vm.panic_on_oom=0 # 开启 OOM
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720
EOF
sysctl --system
启动minikube
# 启动minikube --image-mirror-country 指定 CN 会自动采用国内源
minikube start --driver=docker --image-mirror-country='CN'
* minikube v1.25.2 on Centos 7.4.1708 (amd64)
* Using the docker driver based on user configuration
* The "docker" driver should not be used with root privileges.
* If you are running minikube within a VM, consider using --driver=none:
* https://minikube.sigs.k8s.io/docs/reference/drivers/none/
X Exiting due to DRV_AS_ROOT: The "docker" driver should not be used with root privileges.
这里无法使用 root 权限运行 docker, 需要创建普通用户并加入docker 组。
# 创建用户
useradd -g docker docker
echo 'docker:docker' | chpasswd
普通用户启动 minikube
su - docker
$ minikube start --driver=docker --image-mirror-country='CN'
* minikube v1.25.2 on Centos 7.4.1708 (amd64)
* Using the docker driver based on user configuration
* Using image repository registry.cn-hangzhou.aliyuncs.com/google_containers
* Starting control plane node minikube in cluster minikube
* Pulling base image ...
> registry.cn-hangzhou.aliyun...: 379.06 MiB / 379.06 MiB 100.00% 1.30 MiB
* Creating docker container (CPUs=2, Memory=2200MB) ...
* Preparing Kubernetes v1.23.3 on Docker 20.10.12 ...
- kubelet.housekeeping-interval=5m
> kubectl.sha256: 64 B / 64 B [--------------------------] 100.00% ? p/s 0s
> kubeadm.sha256: 64 B / 64 B [--------------------------] 100.00% ? p/s 0s
> kubelet.sha256: 64 B / 64 B [--------------------------] 100.00% ? p/s 0s
> kubeadm: 43.12 MiB / 43.12 MiB [---------------] 100.00% 1.52 MiB p/s 29s
> kubectl: 44.43 MiB / 44.43 MiB [---------------] 100.00% 1.17 MiB p/s 38s
> kubelet: 118.75 MiB / 118.75 MiB [------------] 100.00% 1.80 MiB p/s 1m6s
- Generating certificates and keys ...
- Booting up control plane ...
- Configuring RBAC rules ...
* Verifying Kubernetes components...
- Using image registry.cn-hangzhou.aliyuncs.com/google_containers/storage-provisioner:v5
* Enabled addons: storage-provisioner, default-storageclass
* Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
查看节点
[docker@localhost ~]$ kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true","reason":""}
[docker@localhost ~]$ kubectl get po -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-65c54cc984-n5b9c 1/1 Running 0 4m3s
kube-system etcd-minikube 1/1 Running 0 4m21s
kube-system kube-apiserver-minikube 1/1 Running 0 4m16s
kube-system kube-controller-manager-minikube 1/1 Running 0 4m19s
kube-system kube-proxy-pchvk 1/1 Running 0 4m3s
kube-system kube-scheduler-minikube 1/1 Running 0 4m18s
kube-system storage-provisioner 1/1 Running 0 4m12s
minikube 新增节点
注意:minikube 仅仅是基于本地 standalone 部署一款简易 k8s 集群,因此添加节点,也仅仅是本地的指定的 docker、kvm、vbox 添加一个节点,而非跨物理网络的节点。
官方文档对集群做了说明:
[docker@localhost ~]$ minikube start --nodes 3
* minikube v1.25.2 on Centos 7.4.1708 (amd64)
* Using the docker driver based on existing profile
* Starting control plane node minikube in cluster minikube
* Pulling base image ...
* Updating the running docker "minikube" container ...
* Preparing Kubernetes v1.23.3 on Docker 20.10.12 ...
- kubelet.housekeeping-interval=5m
* Verifying Kubernetes components...
- Using image registry.cn-hangzhou.aliyuncs.com/google_containers/storage-provisioner:v5
* Enabled addons: storage-provisioner, default-storageclass
! The cluster minikube already exists which means the --nodes parameter will be ignored. Use "minikube node add" to add nodes to an existing cluster.
* Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
[docker@localhost ~]$ minikube node add
* Adding node m02 to cluster minikube
! Cluster was created without any CNI, adding a node to it might cause broken networking.
* Starting worker node minikube-m02 in cluster minikube
* Pulling base image ...
* Creating docker container (CPUs=2, Memory=2200MB) ...
! This container is having trouble accessing https://registry.cn-hangzhou.aliyuncs.com/google_containers
* To pull new external images, you may need to configure a proxy: https://minikube.sigs.k8s.io/docs/reference/networking/proxy/
* Preparing Kubernetes v1.23.3 on Docker 20.10.12 ...
* Verifying Kubernetes components...
* Successfully added m02 to minikube!
[docker@localhost ~]$ minikube status minikube
minikube
type: Control Plane
host: Running
kubelet: Running
apiserver: Running
kubeconfig: Configured
minikube-m02
type: Worker
host: Running
kubelet: Running
新增节点存在的问题:
单节点的 minikube 创建的 pod 可以被外部访问正常使用,通过minikube 创建多节点的集群node,无法访问到 node 节点创建的 pod