在centos7上安装microk8s

参考文档

http://www.imooc.com/article/291860

https://www.jianshu.com/p/c4d404b7e894

安装部署

# 操作系统换源

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
#curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum clean all
yum makecache

# 关闭防火墙

systemctl stop firewalld.service            
systemctl disable firewalld.service        

# 安装 snap

yum install epel-release -y
yum install yum-plugin-copr -y
yum copr enable ngompa/snapcore-el7
yum -y install snapd
systemctl enable --now snapd.socket
ln -s /var/lib/snapd/snap /snap

# 设置环境变量

否则会报错 -bash: microk8s.kubectl: command not found
vi /etc/profile 

export PATH=$PATH:/snap/bin

source /etc/profile

# 调整时间和时区

否则会报错 error: too early for operation, device not yet seeded or device model not acknowledged

yum install ntpdate -y
ntpdate ntp.sjtu.edu.cn
timedatectl set-timezone Asia/Shanghai

# snap 安装 microk8s

#snap install microk8s --classic --channel=latest/stable
snap install microk8s --classic --channel=1.18.3/stable

# 查看 microk8s 信息 
snap info microk8s 

# 调整 microk8s 版本 
# snap refresh --channel=1.11/stable microk8s 
snap refresh --channel=latest/beta microk8s

# 调用 microk8s 命令

microk8s.kubectl get all

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 171m

# 设置别名查看版本信息

snap alias microk8s.kubectl kubectl
kubectl version

 
# 管理microk8s

# 查看状态
microk8s status 
# 启动
microk8s start
# 停止
microk8s stop

# 配置ctr镜像下载（不成功，正在尝试，请使用docker方式获取并导入镜像）

vi /var/snap/microk8s/current/args/containerd.template.toml

vi /var/snap/microk8s/current/args/containerd.toml

[plugins]
  [plugins.cri]
    [plugins.cri.registry]
      [plugins.cri.registry.mirrors]
        [plugins.cri.registry.mirrors."docker.io"]
          endpoint = ["https://registry.docker-cn.com","registry.cn-hangzhou.aliyuncs.com"]

# 使用docker获取镜像并导入镜像

# 安装docker
yum install docker -y

# 启动docker
systemctl start docker

# 开机启动docker
systemctl enable docker 

# 查看docker状态
systemctl status docker 

使用阿里云的镜像加速器

https://cr.console.aliyun.com/

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://du8c1in9.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

# 管理插件

snap alias microk8s.kubectl kubectl

# 附加插件
microk8s.enable dns dashboard ingress

# 去除插件
microk8s.disable dns dashboard ingress

# 查看状态
kubectl get pods --all-namespaces 

# 查看详情 
kubectl describe pod --all-namespaces
# 查看一个pod具体信息
kubectl describe pod -n kube-system kubernetes-dashboard-5c4844b787-kqt5

 如果启动不了，看缺什么镜像，使用以下脚本进行镜像补充，注意版本已经要改成对应的，来源镜像可以从阿里云获得

启动后可以使用如下脚本，获取需要的镜像列表，然后逐个通过docker导入，加快速度。

kubectl describe pod --all-namespaces| grep "Pulling image"

# 使用docker下载，并转存到microk8s.ctr中

运行以下脚本，将镜像导入即可

https://github.com/maobuji/docker-library/blob/master/import/import1.18.3.sh

导入后查看镜像信息 

microk8s.ctr images ls

# 检查镜像状态,如果都是runing就启动成功了。

[root@fan-vmwarelocal images]# kubectl get pods --all-namespaces 
NAMESPACE     NAME                                        READY   STATUS    RESTARTS   AGE
ingress       nginx-ingress-microk8s-controller-jqtcp     1/1     Running   0          8m8s
kube-system   coredns-588fd544bf-4fsrw                    1/1     Running   0          8m19s
kube-system   dashboard-metrics-scraper-59f5574d4-x7k4s   1/1     Running   0          8m10s
kube-system   kubernetes-dashboard-5c4844b787-fdrh9       1/1     Running   0          8m10s
kube-system   metrics-server-v0.2.1-95c9bd697-k74pg       2/2     Running   0          8m11s

# 使用本地映射访问 dashboard

# 找到pod名
kubectl get pods --all-namespaces | grep dashboard

# 查看pod的开放端口, 一般是8443
kubectl describe --namespace kube-system pod/kubernetes-dashboard-6fd7f9c494-dgxlj

# 将pod的开放端口映射到本地,这个转发命令行不能关闭
kubectl port-forward --namespace=kube-system --address=0.0.0.0 pod/kubernetes-dashboard-6fd7f9c494-dgxlj 8443:8443

访问https://{ServerIP}:8443/ 就可以看到管控台界面了，需要使用token进行登录，下面我们来获取token

kubectl get secrets --all-namespaces | grep dashboard-token

kubectl describe --namespace kube-system secrets kubernetes-dashboard-token-khh2z
---------------------------------------------------------------------------
Name:         kubernetes-dashboard-token-khh2z
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kubernetes-dashboard
              kubernetes.io/service-account.uid: 9114b171-7eee-4c83-ace9-6ebed56526b0

Type:  kubernetes.io/service-account-token

Data
====
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IlI1cTFUOTVfbHNpVzBOOXFWYWhZYU00cjg1VWJ1TXRFbDU2clJfQW9uZmsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1raGgyeiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjkxMTRiMTcxLTdlZWUtNGM4My1hY2U5LTZlYmVkNTY1MjZiMCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.xCLVOivZRZlSGGP0UCn6ksOnYzo3vhq8bbDalEb8G2xSvGzzs4fT3JBcmdVxHWpmEjtIzan8Ok-cPjppzebzUbVjZYpOLnPpKzS6xiU-fxhrCfT6d0JOMaUdWw5Xoh_ydqavgw5kshyqh9M-LChWw6aw77JbxMYFAzfqEFn_p5J5f-V5eRfh3QzBzWG7NL93R1zqxMDiRuA09HLRi0rgIdwhRpsvdnVnNI900ro2jKT1h3fquSfEv_zzVtZkyj_Ia3jV0dOrL6RM73AkCiwWJ0UQcRRBdeBTQL8xrZPY8zARzUIVGxQHvAcHCN1V3orQDgXQvEZI48L1suLeGkYGrQ

输入token后登录，就能看到管理界面了

# 使用代理（未成功，可以看到界面，但无法登录）

kubectl proxy --accept-hosts=.* --address=0.0.0.0

访问：http://{ServerIP}:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/