kubeadm
kubeadm是一个专门快速部署kubernetes集群的工具。
可以使用kubeadm init 来初始化master节点,然后使用kubeadm join 将其他的node节点加入到集群中
kubeadm通过一个简单的配置是将一个最小可用的集群运行起来
- 新用户可以从kubeadm开始快速搭建kubernetes
- 熟悉的人可以使用kubeadm快熟搭建集群并测试他们的应用
- 大型的项目可以配合其他工具,
官方文档
https://kubernetes.io/docs/reference/setup-tools/kubueadm/kubeadm
https://kubernetes.io/docs/setup/independet/install-kubeadm
基于kubeadm部署k8s
14 master kubeadm,kubelet,kubectl,docker
10 node01 kubeadm,kubelet,kubectl,docker
11 node02 kubeadm,kubelet,kubectl,docker
关闭防火墙个selinux
[root@master ~]# setenforce 0
setenforce: SELinux is disabled
[root@master ~]# iptables -F
[root@master ~]# systemctl stop firewalld
[root@master ~]# systemctl disable firewalld
[root@master ~]# systemctl stop NetworkManager
[root@master ~]# systemctl disable NetworkManger
Failed to execute operation: No such file or directory
[root@master ~]# systemctl disable NetworkManager
[root@master ~]# sed -i '/^SELINUX=/s/enforcing/disabled/' /etc/selinux/config
部署主机并绑定hosts
[root@k8s-master ~]# vim /etc/hosts
192.168.200.14 k8s-master
192.168.200.10 k8s-node01
a92.168.200.11 k8s-node02
[root@master ~]# scp /etc/hosts 192.168.200.10:/etc/
[root@master ~]# scp /etc/hosts 192.168.200.20:/etc/
主机配置初识化
[root@k8s-master ~]# yum -y install vim wget net-tools lrzsz
[root@k8s-master ~]# swapoff -a
[root@k8s-master ~]# sed -i '/swap/s/^/#/' /etc/fstab
cat <<EOF>> /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
[root@k8s-master ~]# modprobe br_netfilter
[root@k8s-master ~]# sysctl -p
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
所有主机部署docker环境
所有主机配置阿里云镜像加速
部署kubernetes集群
组件介绍
- kubeadm:安装工具,使所有的组件都会以容器的方式运行
- kubectl:客户端连接k8s api 工具
- kubelet:运行在node节点,用来启动容器的工具
推荐使用阿里云的yum源
所有主机安装kubelet kubeadm kubectl
yum install -y install kubelet-1.17.0 kubeadm-1.17.0 kubectl-1.17.0
[root@k8s-master k8s]# ls
conntrack-tools-1.4.4-7.el7.x86_64.rpm kubernetes-cni-0.8.7-0.x86_64.rpm
cri-tools-1.13.0-0.x86_64.rpm libnetfilter_cthelper-1.0.0-11.el7.x86_64.rpm
kubeadm-1.20.0-0.x86_64.rpm libnetfilter_cttimeout-1.0.0-7.el7.x86_64.rpm
kubectl-1.20.0-0.x86_64.rpm libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm
kubelet-1.20.0-0.x86_64.rpm
yum -y install *.rpm
[root@k8s-master ~]# systemctl enable kubelet.service
#kubelet刚安装后是无法启动的,需要加入节点或者初始化为master后才可以启动
配置init-config.yaml
kubeadm的配置项都吨出在configMap中,可以将其写入配置文件,方便管理
#在master主机上配置
[root@k8s-master ~]# kubeadm config print init-defaults > init-config.yaml
#打印初始化相关的配置到config.yaml文件中
kubeadm config view:查看当前集群中的配置值
kubeadm config print join-defaults:输出kubeadm join 默认参数文件内容
init-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.200.14 #master的ip
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: k8s-master
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd #容器挂载到本地的目录
imageRepository: registry.aliyuncs.com/google_containers #切换国内的镜像地址
kind: ClusterConfiguration
kubernetesVersion: v1.20.0
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
podSubnet: 10.244.0.0/16 #新增pod网段
scheduler: {}
安装master节点
[root@k8s-master ~]# kubeadm config images list(pull) --config init-config.yaml #查看配置文件关联的镜像(下载)
[root@k8s-master master]# ls
coredns_1.7.0.tar kube-controller-manager_v1.20.0.tar pause_3.2.tar
etcd_3.4.13-0.tar kube-proxy_v1.20.0.tar
kube-apiserver_v1.20.0.tar kube-scheduler_v1.20.0.tar
[root@k8s-master master]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@k8s-master master]# ls | while read line
> do
> docker load < $line
> done #保存镜像
[root@k8s-master ~]# docker images
REPOSITORY TAG IMAGE IDED SIZE
registry.aliyuncs.com/google_containers/kube-proxy v1.20.0 10cc8819nths ago 118MB
registry.aliyuncs.com/google_containers/kube-apiserver v1.20.0 ca9843d3nths ago 122MB
registry.aliyuncs.com/google_containers/kube-controller-manager v1.20.0 b9fa1895nths ago 116MB
registry.aliyuncs.com/google_containers/kube-scheduler v1.20.0 3138b6e3nths ago 46.4MB
registry.aliyuncs.com/google_containers/etcd 3.4.13-0 0369cf43nths ago 253MB
registry.aliyuncs.com/google_containers/coredns 1.7.0 bfe3a36enths ago 45.2MB
registry.aliyuncs.com/google_containers/pause 3.2 80d28bednths ago 683kB
[root@k8s-master ~]# kubeadm init - -config=init-config.yaml #初始化安装k8s
kubectl默认会在执行的用户家目录下面的。kube目录下寻找config文件,所以在当前目录下创建一个.kube文件,并且将初始化生成的admin.conf拷贝到./kube/config
初始化的时候会提示,直接拉取执行
初始化时
安装node节点
#初始化时自动提示,在node节点直接执行
[root@k8s-node01 ~]# kubeadm join 192.168.200.14:6443 --token abcdef.0123456789abcdef
> --discovery-token-ca-cert-hash sha256:546631d9bc3d6fe0043d6b4da27ec3332a2909b991cb66a4156760fc63be78ca
--token(临时二十四小时连接验证)
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
提示在master上执行kubectl get nodes,获取node节点信息
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master NotReady control-plane,master 9m v1.20.0
k8s-node01 NotReady <none> 2m17s v1.20.0
k8s-node02 NotReady <none> 2m13s v1.20.0
安装flannel
master节点notready 的原因就是没有网络插件。
此时master主机上传kube-flannel.yml 所有主机上传flannel_v0.12.0-amd64.tar
[root@k8s-master ~]# ls
docker flannel_v0.12.0-amd64.tar init-config.yaml k8s kube-flannel.yml master
[root@k8s-master ~]# scp flannel_v0.12.0-amd64.tar 192.168.200.10:/root/
[root@k8s-master ~]# scp flannel_v0.12.0-amd64.tar 192.168.200.11:/root/
docker load < flannel_v0.12.0-amd64.tar #所有主机导入镜像
[root@k8s-master ~]# kubectl apply -f kube-flannel.yml #master运行
[root@k8s-master ~]# kubectl get nodes #再次查看节点
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane,master 17m v1.20.0
k8s-node01 Ready <none> 11m v1.20.0
k8s-node02 Ready <none> 11m v1.20.0
[root@k8s-master ~]# kubectl get pods -n kube-system
安装D安上board UI
所有主机部署Dashboard
默认这个部署文件中,会独立创建一个kubernetes-dashboard的命令空间。
dashboard的镜像来自于docker hub官方
[root@k8s-master ~]# ls
dashboard_v2.0.0.tar init-config.yaml master
docker k8s metrics-scraper_v1.0.4.tar
flannel_v0.12.0-amd64.tar kube-flannel.yml recommended.yaml
[root@k8s-master ~]# docker load < dashboard_v2.0.0.tar
[root@k8s-master ~]# docker load < metrics-scraper_v1.0.4.tar
[root@k8s-master ~]# vim recommended.yaml
41 ports:
42 - port: 443
43 targetPort: 8443
44 nodePort: 32443
164 name: cluster-admin #管理权限
[root@k8s-master ~]# kubectl apply -f recommended.yaml #部署文件
[root@k8s-master ~]# kubectl get pods -n kubernetes-dashboard #查看
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-7b59f7d4df-css6p 1/1 Running 0 38s
kubernetes-dashboard-74d688b6bc-nvhdj 1/1 Running 0 38s
#此时就可以使用浏览器访问
使用koten进入
[root@k8s-master ~]# kubectl describe secret -n kubernetes-dashboard $(kubectl get secret -n kubernetes-dashboard-token | awk '{print $1}') | grep token | awk '{print $2}' #获取到密码
命名空间可详细查看
安装metrics-server
在node节点下载镜像
[root@k8s-node01 ~]# ls
dashboard_v2.0.0.tar flannel_v0.12.0-amd64.tar metrics-scraper_v1.0.4.tar
docker k8s metrics-server-amd64_v0.3.6.tar
[root@k8s-node01 ~]# docker load < metrics-server-amd64_v0.3.6.tar
932da5156413: Loading layer 3.062MB/3.062MB
7bf3709d22bb: Loading layer 38.13MB/38.13MB
Loaded image: bluersw/metrics-server-amd64:v0.3.6
[root@k8s-node01 ~]# docker tag bluersw/metrics-server-amd64:v0.3.6 k8s.gcr.io/metrics-server-amd64:v0.3.6
修改kubernetes apiserver启动参数
[root@k8s-master ~]# vim /etc/kubernetes/manifests/kube-apiserver.yaml
44 - --enable-aggregator-routing=true #添加的
下载一个配置文件
[root@k8s-master ~]# kubectl create -f components.yaml
#此时就可以查看状态了
[root@k8s-master ~]# kubectl top nodes
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
k8s-master 235m 5% 1187Mi 69%
k8s-node01 81m 2% 749Mi 43%
k8s-node02 68m 1% 825Mi 48%
