• k8s搭建实操记录一(master)


    #1)关闭CentOS7自带的防火墙服务
    systemctl disable firewalld
    systemctl stop firewalld

    swapoff  -a     ##虚拟机要关闭交换内存。

    #2)修改主机名

    hostnamectl set-hostname master

    hostnamectl set-hostname node1

    hostnamectl set-hostname node2

    #3)修改/etc/hosts

    cat >> /etc/hosts <<EOF

    172.16.110.111 master

    172.16.110.112 node1

    172.16.110.114 node2

    EOF

    #4)修改时间:

    yum -y install ntpdate

    ntpdate ntp1.aliyun.com

    #5)master上操作安装k8s和docker:

    Yum –y install wget

    wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

    cat >>/etc/yum.repos.d/kubernetes.repo <<EOF

    [kubernetes]

    name=kubernetes Repo

    baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/

    gpgcheck=1

    gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg

    enabled=1

    EOF

    wget https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

    rpm --import rpm-package-key.gpg

    yum -y install docker-ce kubelet kubeadm kubectl

    #6)更改环境变量,启动docker:

    cat  >> /usr/lib/systemd/system/docker.service <<EOF

    Environment="HTTPS_PROXY=http://www.ik8s.io:10080"

    Environment="NO_PROXY=127.0.0.0/8,172.0.0.0/16"

    EOF

    systemctl daemon-reload

    systemctl start docker

    systemctl enable docker

    systemctl enable kubelet

    #7)#设置下面的参数(设为0即要求iptables不对bridge的数据进行处理):

    cat >> /etc/sysctl.conf <<EOF

    net.ipv4.ip_forward=1

    net.bridge.bridge-nf-call-ip6tables = 1

    net.bridge.bridge-nf-call-iptables = 1

    net.bridge.bridge-nf-call-arptables = 1

    EOF

    ##如果net.bridge.bridge-nf-call-iptables=1,也就意味着二层的网桥在转发包时也会被#iptables的FORWARD规则所过滤,这样就会出现L3层的iptables rules去过滤L2的帧的问题所以涉及一些dnat, snat就不###生效了,举个例子,具体表现在openstack中就是metadata服#务不好使了。这个说法可参见https://bugzilla.redhat.com/show_bug.cgi?id=512206

    rpm -ql kubelet >>/opt/k8s_master_install.log

    #8)初始化(注意要记录好最后的token等):

    kubeadm config images pull      ##必须先拉镜像。

    sed -i "s@KUBELET_EXTRA_ARGS=@KUBELET_EXTRA_ARGS="--fail-swap-on=false"@g" /etc/sysconfig/kubelet

    kubeadm init --kubernetes-version=v1.16.1 --apiserver-advertise-address=172.16.110.111 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap

    #以下是最后的输出结果:

    #Your Kubernetes control-plane has initialized successfully!

     

    #To start using your cluster, you need to run the following as a regular user:

     

      #mkdir -p $HOME/.kube

      #sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

      #sudo chown $(id -u):$(id -g) $HOME/.kube/config

    #You should now deploy a pod network to the cluster.

    #Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:

      https://kubernetes.io/docs/concepts/cluster-administration/addons/

    #Then you can join any number of worker nodes by running the following on each as root:

    #kubeadm join 172.16.110.111:6443 --token gmxuck.nybmu19vbe3j7vm8

    --discovery-token-ca-cert-hash sha256:99a8e071df1a498bcf0797812640d58edf08fb6a0c6f8f496641021b27d0dbf4

     #############################################################################

    ##查看端口情况,以下是按最后的输出要求操作

    ss -ntl      

    mkdir -p $HOME/.kube

    sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

    kubectl get cs  

    kubectl cluster-info

    ##添加环境变量:

    echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile

    source  ~/.bash_profile

    ##失败则要用kubeadm reset重置

    # 9)部署网络插件flannel

    kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

    curl -sSL "https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel.yml?raw=true" | kubectl create –f –

     ##检查:

    kubectl get pods -n kube-system

    kubectl get  nodes

    ##10)配置文件传到node1node2(建议先安装好node12,同步安装也行)

    scp /usr/lib/systemd/system/docker.service node1:/usr/lib/systemd/system/docker.service

    scp /etc/sysconfig/kubelet node1:/etc/sysconfig/

    #11)nodes操作完成后检查:

    kubectl get pods -n kube-system -o wide

    kubectl get nodes

    #12)其它维护命令:

     kubadm token list       systemctl restart kubelet   #重启kubelet

    kubectl get componentstatuses //查看node节点组件状态

    kubectl get svc -n kube-system //查看应用

    kubectl cluster-info //查看集群信息

    kubectl describe --namespace kube-system service kubernetes-dashboard //详细服务信息

    kubectl apply -f kube-apiserver.yaml   //更新kube-apiserver容器

    kubectl delete -f /root/k8s/k8s_images/kubernetes-dashboard.yaml //删除应用

    kubectl  delete service example-server //删除服务

    systemctl  start kube-apiserver.service //启动服务。

    kubectl get deployment --all-namespaces //启动的应用

    kubectl get pod  -o wide  --all-namespaces //查看pod上跑哪些服务

    kubectl get pod -o wide -n kube-system //查看应用在哪个node上

    kubectl describe pod --namespace=kube-system //查看pod上活动信息

    kubectl describe depoly kubernetes-dashboard -n kube-system

    kubectl get depoly kubernetes-dashboard -n kube-system -o yaml

    kubectl get service kubernetes-dashboard -n kube-system //查看应用

    kubectl delete -f kubernetes-dashboard.yaml //删除应用

    kubectl get events //查看事件

    kubectl get rc/kubectl get svc

    kubectl get namespace //获取namespace信息

    kubectl delete node 节点名 //删除节点

  • 相关阅读:
    Mysql 查看 数据库/表 磁盘占用
    COLA 4.0 整洁面向对象分层架构
    《语言选择与就业方向》(2010/06/09)
    《为什么程序员不愿写文档》(2010/06/22)
    《我?还是我们?》(2010/06/30)
    《选择大公司还是小公司》(2010/06/11)
    《加班,加班,加班》(2010/06/17)
    《薪水的苦恼》(2010/06/15)
    《新手面试时的常见问题和对策》(2010/06/15)
    《大量编程带来的快乐和烦恼》(2010/06/20)
  • 原文地址:https://www.cnblogs.com/liulvzhong/p/11643149.html
Copyright © 2020-2023  润新知