1 yum -y install nginx 2 vi /etc/nginx/conf.d/vhost.conf 3 server { 4 listen 80; 5 server_name 192.168.140.101; 6 location / { 7 proxy_pass http://127.0.0.1:8001; 8 proxy_set_header Host $proxy_host; 9 proxy_set_header X-Real-IP $remote_addr; 10 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 11 proxy_set_header Via "nginx"; 12 } 13 } 14 15 systemctl enable nginx 16 systemctl start nginx
本机浏览器输入
http://192.168.140.101/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login
访问dashboard
一、Kubernetes集群部署方式
方式1. minikube
Minikube是一个工具,可以在本地快速运行一个单点的Kubernetes,尝试Kubernetes或日常开发的用户使用。不能用于生产环境。
官方地址:https://kubernetes.io/docs/setup/minikube/
方式2. kubeadm
Kubeadm也是一个工具,提供kubeadm init和kubeadm join,用于快速部署Kubernetes集群。
官方地址:https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm/
方式3. 直接使用epel-release yum源,缺点就是版本较低 1.5
方式4. 二进制包
从官方下载发行版的二进制包,手动部署每个组件,组成Kubernetes集群。
其他的开源工具:
https://docs.kubeoperator.io/kubeoperator-v2.2/introduction
二、Kubeadm部署k8s集群
官方文档:
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
kubeadm部署k8s高可用集群的官方文档:
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/
1 安装centos8系统,配置固定IP
2 配置基本系统
swapoff -a 去掉Swap分区 yum -y remove firewalld yum -y install iptables-services
sed -i 's/SELINUX=permissive/SELINUX=disabled/' /etc/sysconfig/selinuxcat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sudo sysctl --system
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# Set SELinux in permissive mode (effectively disabling it)
setenforce 0
wget https://download.docker.com/linux/centos/docker-ce.repo
yum -y install epel-releaseyum makecache
yum install -y kubelet kubeadm kubectl ipvsadm
更新镜像
[root@master ~]# kubeadm config images list k8s.gcr.io/kube-apiserver:v1.20.1 k8s.gcr.io/kube-controller-manager:v1.20.1 k8s.gcr.io/kube-scheduler:v1.20.1 k8s.gcr.io/kube-proxy:v1.20.1 k8s.gcr.io/pause:3.2 k8s.gcr.io/etcd:3.4.13-0 k8s.gcr.io/coredns:1.7.0 使用docker pull拉取镜像
安装初始化
kubeadm init
安装flannel网络管理插件
github
https://github.com/coreos/flannel
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
安装dashboard进行管理
https://github.com/kubernetes/dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.1.0/aio/deploy/recommended.yaml
kubectl proxy
运行成功后为了进行网页管理 我装了nginx来转发,kubectl proxy监听本地的127.0.0.1:8001端口,使用ngix转发以便从实际IP访问管理
创建dashboard登录帐号:
cat <<EOF | kubectl apply -f - apiVersion: v1 kind: ServiceAccount metadata: name: admin-user namespace: kubernetes-dashboard EOF
把帐号与集群角色绑定
cat <<EOF | kubectl apply -f - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: admin-user namespace: kubernetes-dashboard EOF
获取登录的token
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
获取的TOKEN粘贴到登录界面就可以登录了
手动安装方式(我更喜欢,可以了解整个流程)
下载etcd安装程序 https://github.com/etcd-io/etcd
下载K8S安装程序,从https://kubernetes.io/docs/setup/release/notes/ 下载
解压后到cluster目录下,运行下载编译好的最新版本的k8s程序
[root@localhost cluster]# sh get-kube-binaries.sh Kubernetes release: v1.20.0 Server: linux/amd64 (to override, set KUBERNETES_SERVER_ARCH) Client: linux/amd64 (autodetected) (to override, set KUBERNETES_CLIENT_OS and/or KUBERNETES_CLIENT_ARCH) Will download kubernetes-server-linux-amd64.tar.gz from https://dl.k8s.io/v1.20.0 Will download and extract kubernetes-client-linux-amd64.tar.gz from https://dl.k8s.io/v1.20.0 Is this ok? [Y]/n