blank的编程之路


  • 首页

  • 归档

  • 搜索
consul atomikos mybatisplus druid nexus nas named bind mysqldump acme.sh Dockerfile rsync keepalived swarm kibana ubuntu linux scp bugfix https ssl certbot curl gogs adminer harbor yum portainer python kubernetes idea java springboot maven docker-compose redis nginx mysql brew git chocolatey jenkins elasticsearch docker haproxy rabbitmq centos

CentOS7 安装 Kubernetes 配置 集群

发表于 2019-08-01 | 分类于 运维 | 0 | 阅读次数 676

以下操作 除非特殊说明 三台服务器相同

  • node51 192.168.10.51 master
  • node52 192.168.10.52 node
  • node53 192.168.10.53 node

安装 docker-ce

# docker 安装依赖
sudo yum install -y yum-utils device-mapper-persistent-data lvm2

# 添加软件源信息
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum-config-manager --disable docker-ce-edge
yum-config-manager --disable docker-ce-test

# 更新并安装 Docker-CE
yum makecache fast
yum -y install docker-ce

# 更改cgroup driver
cat > /etc/docker/daemon.json <<EOF
{
  "registry-mirrors": ["http://hub-mirror.c.163.com"],
  "insecure-registries" : ["192.168.10.52"],
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF

mkdir -p /etc/systemd/system/docker.service.d
# 开启Docker服务 开机自启
systemctl start docker && systemctl enable docker

安装k8s前的依赖配置

# 关闭SElinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
# k8s要求关闭swap
# 关闭swap
swapoff -a && sysctl -w vm.swappiness=0
# 取消开机挂载swap
sed -ri '/^[^#]*swap/[email protected]^@#@' /etc/fstab

cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-iptables  = 1
net.ipv4.ip_forward                 = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF

sysctl --system
modprobe overlay
modprobe br_netfilter

echo "* soft nofile 65536" >> /etc/security/limits.conf
echo "* hard nofile 65536" >> /etc/security/limits.conf
echo "* soft nproc 65536"  >> /etc/security/limits.conf
echo "* hard nproc 65536"  >> /etc/security/limits.conf
echo "* soft  memlock  unlimited"  >> /etc/security/limits.conf
echo "* hard memlock  unlimited"  >> /etc/security/limits.conf

添加 k8s 阿里云 repo 源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

kubernetes-install-1

安装 k8s

yum install -y kubelet kubeadm kubectl

yum-install-kubelet

安装依赖参考

开机自启

systemctl enable kubelet

国内网络环境提前拉取镜像

vim /root/pull.sh

for i in `kubeadm config images list`; do 
  imageName=${i#k8s.gcr.io/}
  docker pull registry.aliyuncs.com/google_containers/$imageName
  docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
  docker rmi registry.aliyuncs.com/google_containers/$imageName
done;

给脚本执行权限 并执行

chmod 755 /root/pull.sh
sh /root/pull.sh

kubeadm-images-list-pull

注意 前面安装的操作 master 节点 node 节点 全都一样

master 节点才需要执行 init

node 节点 不需要执行 init

创建配置文件kubeadm-init.yaml文件

cat <<EOF > kubeadm-init.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: InitConfiguration
kubernetesVersion: v1.15.2
localAPIEndpoint:
  advertiseAddress: 192.168.10.51
  bindPort: 6443
---
apiVersion: kubeadm.k8s.io/v1beta2
kubernetesVersion: v1.15.2
kind: ClusterConfiguration
networking:
  podSubnet: 10.244.0.0/16
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
EOF

master 节点运行初始化命令

# 
kubeadm init --config kubeadm-init.yaml
# 或直接执行 (我测试过这样好像有问题请先用配置文件来初始化)
kubeadm init --kubernetes-version=$(kubeadm version -o short)  --pod-network-cidr=10.244.0.0/16
# 或直接执行
kubeadm init --kubernetes-version=$(kubeadm version -o short) --apiserver-advertise-address 192.168.10.51 --pod-network-cidr=10.244.0.0/16
  • --kubernetes-version: 用于指定 k8s版本
  • --apiserver-advertise-address:用于指定使用 Master的哪个network interface进行通信,若不指定,则 kubeadm会自动选择具有默认网关的 interface
  • --pod-network-cidr:用于指定Pod的网络范围。该参数使用依赖于使用的网络方案,本文将使用经典的flannel网络方案。

kubeadm-init-with-config

在 master 节点运行 安装网络组件

kubectl apply -f flannel.yaml

flannel.yaml

master 节点运行 安装 dashboard 视图管理界面 (推荐)

如果使用官方 dashboard.yaml 99% 会出各种问题...

kubectl apply -f dashboard.yaml

dashboard.yaml

登陆 https://masterip:31234 进入

kubeadm-dashboard-login

查找 admkn token

kubectl -n kube-system get secret |grep  kubernetes-dashboard-token |cut -f1 -d ' ' |  xargs kubectl -n kube-system describe  secret

yum-kubernetes-dashboard-admin-token-find

使用找到的token 使用 令牌方式登陆 dashboard

kubeadm-dashboard-home

node 节点执行加入节点命令就可以加入 k8s 集群

也就是在 192.168.10.52/192.168.10.53 上执行

kubeadm join 192.168.10.51:6443 --token 5svrrd.p86x9jgti1322l65 \
    --discovery-token-ca-cert-hash sha256:afee8529fdad9f3b7b8f92185836148508d6600711393751579dad83140ccb0c

kubeadm-node-join

查看节点状态

kubectl get nodes

kubectl-get-nodes

查看所有 Pod 状态

kubectl-get-pods-all-namespaces-o-wide

集群加入之后 dashboard #集群节点

kubeadm-dashboard-cluster

安装 weave 图形管理界面 (可选)

kubectl apply -f "https://cloud.weave.works/k8s/scope.yaml?k8s-version=$(kubectl version | base64 | tr -d '\n')"

kubectl-apple-weave

开启端口转发

kubectl port-forward --address=0.0.0.0 -n weave "$(kubectl get -n weave pod --selector=weave-scope-component=app -o jsonpath='{.ite..metadata.name}')" 4040

kubeadm-weave-port-forward

登陆上一脚本执行所在机器ip:4040

kubeadm-weave-scope-gui

拆散集群

# 首先处理各节点 (在master节点执行)
kubectl drain <node name> --delete-local-data --force --ignore-daemonsets

kubectl delete node <node name>
# 节点移除后 在可以执行以下命令来重置集群 (全部节点执行)
kubeadm reset

kubectl-reset-cluster

卸载并清理数据

# 如果是master节点才执行 kubectl drain ...
kubectl drain <node name> --delete-local-data --force --ignore-daemonsets
kubeadm reset
yum remove -y kube*
rm -rf ./etc/sysconfig/kubelet
rm -rf ~/.kube
rm -rf ./var/lib/kubelet
rm -rf ./etc/kubernetes
  • 本文作者: blank
  • 本文链接: https://blankhang.com/2019/08/01/201908071817
  • 版权声明: 本博客所有文章除特别声明外,均采用CC BY-NC-SA 3.0 许可协议。转载请注明出处!
# consul # atomikos # mybatisplus # druid # nexus # nas # named # bind # mysqldump # acme.sh # Dockerfile # rsync # keepalived # swarm # kibana # ubuntu # linux # scp # bugfix # https # ssl # certbot # curl # gogs # adminer # harbor # yum # portainer # python # kubernetes # idea # java # springboot # maven # docker-compose # redis # nginx # mysql # brew # git # chocolatey # jenkins # elasticsearch # docker # haproxy # rabbitmq # centos
jenkins 集群 搭建
升级 Centos7 中的 Python2.7 到 Python3.6
© 2023 blank
Everything is energy and everything has a frequency