kubernetes 环境搭建

一.规划
1.系统
centos 7

2.ip规划及功能分配
192.168.2.24 master
192.168.2.24 etcd
192.168.2.25 node1(即minion)
192.168.2.26 node2(即minion)

二.基本环境配置
1.关闭防火墙
#systemctl stop firewalld.service
#systemctl disable firewalld.service

2.永久关闭SELinux
#vi /etc/selinux/config
SELINUX=disabled

3.重启
#reboot

4.安装NTP
为了让各个服务器的时间保持一致，还需要为所有的服务器安装NTP：
# yum -y install ntp
# systemctl start ntpd
# systemctl enable ntpd

三.Master配置及安装相应软件
1.安装和配置etcd
etcd是KV存储系统，用于集群的共享配置和服务发现

1.1 安装:
#yum install etcd

1.2 修改etcd配置文件
修改/etc/etcd/etcd.conf中的部分属性
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://etcd:2379"
PS：其中etcd表示etcd服务器主机名

1.3 运行etcd并配置开机启动
#systemctl start etcd
#systemctl enable etcd

1.4 etcd中的网络配置
etcdctl -C //192.168.2.24:2379 set /atomic.io/network/config '{"Network":"172.17.0.0/16"}'

PS：其中网络号172.17.0.0/16与node中的docker中的docker0网络一致（若不一致，可修改docker0网络或者配置上述etcd网络）;atomic.io与下面的Flannel配置中的FLANNEL_ETCD_PREFIX对应

2.安装和配置kubernetes-master
2.1 安装
#yum install kubernetes-master
2.2 配置apiserver
#vi /etc/kubernetes/apiserver
-------------------
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_ETCD_SERVERS="--etcd-servers=http://etcd:2379"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
------------------

PS:
测试时需要把KUBE_ADMISSION_CONTROL中的SecurityContextDeny和ServiceAccount去掉，这是权限相关的

否则会出现错误retry after the token is automatically created and added to the service account

2.3 配置全局配置文件
#vi /etc/kubernetes/config
----------------------
KUBE_MASTER="--master=http://master:8080"
----------------------
2.4 启动master服务及开机启动
#systemctl enable kube-apiserver kube-scheduler kube-controller-manager
#systemctl start kube-apiserver kube-scheduler kube-controller-manager

2.5 测试master服务
#curl master:8080
返回如下数据:
{
"paths": [
"/api",
"/api/v1",
"/apis",
"/apis/apps",
"/apis/apps/v1beta1",
"/apis/authentication.k8s.io",
"/apis/authentication.k8s.io/v1beta1",
"/apis/authorization.k8s.io",
"/apis/authorization.k8s.io/v1beta1",
"/apis/autoscaling",
"/apis/autoscaling/v1",
"/apis/batch",
"/apis/batch/v1",
"/apis/batch/v2alpha1",
"/apis/certificates.k8s.io",
"/apis/certificates.k8s.io/v1alpha1",
"/apis/extensions",
"/apis/extensions/v1beta1",
"/apis/policy",
"/apis/policy/v1beta1",
"/apis/rbac.authorization.k8s.io",
"/apis/rbac.authorization.k8s.io/v1alpha1",
"/apis/storage.k8s.io",
"/apis/storage.k8s.io/v1beta1",
"/healthz",
"/healthz/ping",
"/healthz/poststarthook/bootstrap-controller",
"/healthz/poststarthook/extensions/third-party-resources",
"/healthz/poststarthook/rbac/bootstrap-roles",
"/logs",
"/metrics",
"/swaggerapi/",
"/ui/",
"/version"
]
}

四.node(minion)安装及配置
1.安装docker
#yum install docker

2.安装及配置flannel
flannel:网络规划工具，统一分配集群Docker容器的虚拟IP，并实现服务之间通信
2.1 安装
#yum install flannel

2.2 配置
#vi /etc/sysconfig/flanneld

--------------------
FLANNEL_ETCD_ENDPOINTS="http://etcd:2379"
FLANNEL_ETCD_PREFIX="/atomic.io/network"
--------------------

2.3 注意
yum安装的flanneld是0.7.1,存在问题,无法启动,启动会报错:
panic: runtime error: invalid memory address or nil pointer dereference

我们用0.8的可执行文件替换
版本选择参见:https://github.com/coreos/flannel/releases

#wget https://github.com/coreos/flannel/releases/download/v0.8.0/flannel-v0.8.0-linux-amd64.tar.gz
#tar xvf flannel-v0.8.0-linux-amd64.tar.gz
#mv /usr/bin/flanneld /usr/bin/flanneld.bak
#cp flanneld /usr/bin

　　

2.4 如果docker有启动,要停止docker

2.5 如果存在docker0这个ip地址,要先删除

#ip link delete docker0

　　

2.6 启动

#systemctl deamon-reload
#systemctl enable flanneld
#systemctl start flanneld

　　

2.7 启动docker

#systemctl start docker

　　

2.8 查看
#ifconfig

应该可以看到:

flannel0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1472
        inet 10.1.32.0  netmask 255.255.0.0  destination 10.1.32.0
        inet6 fe80::2987:ef4:fdde:30a7  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 78  bytes 5435 (5.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 31  bytes 3286 (3.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1472
        inet 10.1.32.1  netmask 255.255.255.0  broadcast 0.0.0.0
        inet6 fe80::42:2eff:fec1:7d9e  prefixlen 64  scopeid 0x20<link>
        ether 02:42:2e:c1:7d:9e  txqueuelen 0  (Ethernet)
        RX packets 9322  bytes 1046496 (1021.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8939  bytes 2183012 (2.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

　　

其中docker0是flannel0的子网

3.安装和配置kubernetes-node

3.1 安装kubernetes-node
#yum install kubernetes-node

3.2 配置全局文件
#vi /etc/kubernetes/config
--------------------------------------------
KUBE_MASTER="--master=http://master:8080"
---------------------------------------------

3.3 配置kubelet组件
#vi /etc/kubernetes/kubelet
--------------------
KUBELET_HOSTNAME="--hostname-override=node1"
KUBELET_API_SERVER="--api-servers=http://master:8080"
---------------------

PS:
node1 为规划的节点上的局域网ip

3.4 配置开机启动并启动服务
#systemctl enable kubelet kube-proxy
#systemctl start kubelet kube-proxy

五.master上查看节点:
#kubectl get nodes

如出现:
No resources found.

请查看master和node上的firewalld是否关闭,selinux是否关闭

正常应该出现:
NAME STATUS AGE
node1 Ready 1m
node2 Ready 1m