#1)关闭CentOS7自带的防火墙服务
systemctl disable firewalld
systemctl stop firewalld
swapoff -a ##虚拟机要关闭交换内存。
#2)修改主机名
hostnamectl set-hostname master
hostnamectl set-hostname node1
hostnamectl set-hostname node2
#3)修改/etc/hosts
cat >> /etc/hosts <<EOF
172.16.110.111 master
172.16.110.112 node1
172.16.110.114 node2
EOF
#4)修改时间:
yum -y install ntpdate
ntpdate ntp1.aliyun.com
#5)master上操作安装k8s和docker:
Yum –y install wget
wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
cat >>/etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=kubernetes Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
enabled=1
EOF
wget https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
rpm --import rpm-package-key.gpg
yum -y install docker-ce kubelet kubeadm kubectl
#6)更改环境变量,启动docker:
cat >> /usr/lib/systemd/system/docker.service <<EOF
Environment="HTTPS_PROXY=http://www.ik8s.io:10080"
Environment="NO_PROXY=127.0.0.0/8,172.0.0.0/16"
EOF
systemctl daemon-reload
systemctl start docker
systemctl enable docker
systemctl enable kubelet
#7)#设置下面的参数(设为0即要求iptables不对bridge的数据进行处理):
cat >> /etc/sysctl.conf <<EOF
net.ipv4.ip_forward=1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 1
EOF
##如果net.bridge.bridge-nf-call-iptables=1,也就意味着二层的网桥在转发包时也会被#iptables的FORWARD规则所过滤,这样就会出现L3层的iptables rules去过滤L2的帧的问题所以涉及一些dnat, snat就不###生效了,举个例子,具体表现在openstack中就是metadata服#务不好使了。这个说法可参见https://bugzilla.redhat.com/show_bug.cgi?id=512206
rpm -ql kubelet >>/opt/k8s_master_install.log
#8)初始化(注意要记录好最后的token等):
kubeadm config images pull ##必须先拉镜像。
sed -i "s@KUBELET_EXTRA_ARGS=@KUBELET_EXTRA_ARGS="--fail-swap-on=false"@g" /etc/sysconfig/kubelet
kubeadm init --kubernetes-version=v1.16.1 --apiserver-advertise-address=172.16.110.111 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
#以下是最后的输出结果:
#Your Kubernetes control-plane has initialized successfully!
#To start using your cluster, you need to run the following as a regular user:
#mkdir -p $HOME/.kube
#sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
#sudo chown $(id -u):$(id -g) $HOME/.kube/config
#You should now deploy a pod network to the cluster.
#Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
#Then you can join any number of worker nodes by running the following on each as root:
#kubeadm join 172.16.110.111:6443 --token gmxuck.nybmu19vbe3j7vm8
--discovery-token-ca-cert-hash sha256:99a8e071df1a498bcf0797812640d58edf08fb6a0c6f8f496641021b27d0dbf4
#############################################################################
##查看端口情况,以下是按最后的输出要求操作
ss -ntl
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
kubectl get cs
kubectl cluster-info
##添加环境变量:
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source ~/.bash_profile
##失败则要用kubeadm reset重置
# 9)部署网络插件flannel
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
curl -sSL "https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel.yml?raw=true" | kubectl create –f –
##检查:
kubectl get pods -n kube-system
kubectl get nodes
##10)配置文件传到node1、node2(建议先安装好node12,同步安装也行)
scp /usr/lib/systemd/system/docker.service node1:/usr/lib/systemd/system/docker.service
scp /etc/sysconfig/kubelet node1:/etc/sysconfig/
#11)nodes操作完成后检查:
kubectl get pods -n kube-system -o wide
kubectl get nodes
#12)其它维护命令:
kubadm token list systemctl restart kubelet #重启kubelet
kubectl get componentstatuses //查看node节点组件状态
kubectl get svc -n kube-system //查看应用
kubectl cluster-info //查看集群信息
kubectl describe --namespace kube-system service kubernetes-dashboard //详细服务信息
kubectl apply -f kube-apiserver.yaml //更新kube-apiserver容器
kubectl delete -f /root/k8s/k8s_images/kubernetes-dashboard.yaml //删除应用
kubectl delete service example-server //删除服务
systemctl start kube-apiserver.service //启动服务。
kubectl get deployment --all-namespaces //启动的应用
kubectl get pod -o wide --all-namespaces //查看pod上跑哪些服务
kubectl get pod -o wide -n kube-system //查看应用在哪个node上
kubectl describe pod --namespace=kube-system //查看pod上活动信息
kubectl describe depoly kubernetes-dashboard -n kube-system
kubectl get depoly kubernetes-dashboard -n kube-system -o yaml
kubectl get service kubernetes-dashboard -n kube-system //查看应用
kubectl delete -f kubernetes-dashboard.yaml //删除应用
kubectl get events //查看事件
kubectl get rc/kubectl get svc
kubectl get namespace //获取namespace信息
kubectl delete node 节点名 //删除节点