Yum 部署K8S集群

目录

[1、准备环境 (温馨提示:尽量一次完成集群)](#1、准备环境 (温馨提示:尽量一次完成集群))

2.安装master节点

3、安装k8s-master上的node

4、安装配置k8s-node1节点

5、安装k8s-node2节点

6、为所有node节点配置flannel网络

7、配置docker开启加载防火墙规则允许转发数据


一. 环境搭建

1、准备环境 (温馨提示:尽量一次完成集群)

集群很容易断网

1) 计算机说明,建议系统版本7.4或者7.6

|------------|---------------|-------------|-----------------------------------------------------------------------|
| 主机名 | IP地址 | 角色 | 硬件 |
| k8s-master | 192.168.50.53 | master+node | Etcd、apiserver、controlor-manager、scheduler、kube-proxy、docker、registry |
| k8s-node1 | 192.168.50.50 | node | Kubletel、kube-proxy、docker |
| k8s-node2 | 192.168.50.51 | node | Kubletel、kube-proxy、docker |

2) 修改主机的计算机名设置host文件

root@localhost \~# hostname k8s-master

root@localhost \~# bash

root@k8s-master \~# vim /etc/hosts

192.168.50.53 k8s-master

192.168.50.50 k8s-node1

192.168.50.51 k8s-node2

~

root@k8s-master \~# scp /etc/hosts 192.168.50.51:/etc

root@k8s-master \~# scp /etc/hosts 192.168.50.50:/etc

2.安装master节点

1)安装etcd配置etcd

root@k8s-master \~# yum -y install etcd

root@k8s-master \~# cp /etc/etcd/etcd.conf /etc/etcd/etcd.conf.bak

root@k8s-master \~# vim /etc/etcd/etcd.conf

6 ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"

21 ETCD_ADVERTISE_CLIENT_URLS="http://192.168.50.53:2379"

root@k8s-master \~# systemctl start etcd

root@k8s-master \~# systemctl enable etcd

Created symlink from /etc/systemd/system/multi-user.target.wants/etcd.service to /usr/lib/systemd/system/etcd.service.

2)安装k8s-master节点

root@k8s-master \~# yum -y install kubernetes-master.x86_64

3)配置apiserver

root@k8s-master \~# vim /etc/kubernetes/apiserver

1 ###

2 # kubernetes system config

3 #

4 # The following values are used to configure the kube-apiserver

5 #

6

7 # The address on the local server to listen to.

8 KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"

9

10 # The port on the local server to listen on.

11 KUBE_API_PORT="--port=8080"

12

13 # Port minions listen on

14 KUBELET_PORT="--kubelet-port=10250"

15

16 # Comma separated list of nodes in the etcd cluster

17 KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.50.53:2379"

18

19 # Address range to use for services

20 KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

21

22 # default admission control policies

23KUBE_ADMISSION_CONTROL="admissioncontrol=NamespaceLifecycle,NamespaceExists,LimitRanger,Security ContextDeny,ResourceQuota"

24

25 # Add your own!

26 KUBE_API_ARGS=""

4) 配置controller和scheduler

root@k8s-master \~# vim /etc/kubernetes/config

22 KUBE_MASTER="--master=http://192.168.50.53:8080"

启动k8s服务

root@k8s-master \~# systemctl start kube-apiserver.service

root@k8s-master \~# systemctl start kube-controller-manager.service

root@k8s-master \~# systemctl start kube-scheduler.service

root@k8s-master \~# systemctl enable kube-apiserver.service

Created symlink from /etc/systemd/system/multi-user.target.wants/kube-apiserver.service to /usr/lib/systemd/system/kube-apiserver.service.

root@k8s-master \~# systemctl enable kube-controller-manager.service

Created symlink from /etc/systemd/system/multi-user.target.wants/kube-controller-manager.service to /usr/lib/systemd/system/kube-controller-manager.service.

root@k8s-master \~# systemctl enable kube-scheduler.server

Failed to execute operation: No such file or directory

root@k8s-master \~# systemctl enable kube-scheduler.service

Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.

检查节点是否监控

root@k8s-master \~# kubectl get componentstatus

NAME STATUS MESSAGE ERROR

etcd-0 Healthy {"health":"true"}

controller-manager Healthy ok

scheduler Healthy ok

3、安装k 8 s - master上的node

1)安装node

root@k8s-master \~# yum -y install kubernetes node.x86_64

2)配置kubelet

root@k8s-master \~# vim /etc/kubernetes/kubelet

5 KUBELET_ADDRESS="--address=192.168.50.53"

11 KUBELET_HOSTNAME="--hostname-override=k8s-master"

14 KUBELET_API_SERVER="--api-servers=http://192.168.50.53:8080"

3)启动kubelet启动自动启动docker服务

root@k8s-master \~# systemctl start kubelet

root@k8s-master \~# systemctl enable kubelet

Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.

4)启动kubelet-proxy

root@k8s-master \~# systemctl start kube-proxy

root@k8s-master \~# systemctl enable kube-proxy

Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /usr/lib/systemd/system/kube-proxy.service.

5)检查node节点

root@k8s-master \~# kubectl get nodes

NAME STATUS AGE

k8s-master Ready 1m

4、安装配置k 8 s - node 1 节点

1)安装node

root@k8s-node1 \~# yum -y install kubernetes node.x86_64

2)node1连接k8s-master

root@k8s-node1 \~# vim /etc/kubernetes/config

22 KUBE_MASTER="--master=http://192.168.50.53:8080"

3)配置kubelet

root@k8s-node1 \~# vim /etc/kubernetes/kubelet

5 KUBELET_ADDRESS="--address=192.168.50.50"

11 KUBELET_HOSTNAME="--hostname-override=k8s-node1"

14 KUBELET_API_SERVER="--api-servers=http://192.168.50.53:8080"

4)启动服务

root@k8s-node1 \~# systemctl start kubelet

root@k8s-node1 \~# systemctl start kube-proxy

root@k8s-node1 \~# systemctl enable kubelet

Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.

root@k8s-node1 \~# systemctl enable kube-proxy

Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /usr/lib/systemd/system/kube-proxy.service.

5)在master节点检测node节点状态

root@k8s-master \~# kubectl get nodes

NAME STATUS AGE

k8s-master Ready 13m

k8s-node1 Ready 1m

5 、安装k 8 s - node 2 节点

1)安装node

root@k8s-node2 \~# yum -y install kubernetes node.x86_64

2)node1连接k8s-master

root@k8s-node2 \~# vim /etc/kubernetes/config

22 KUBE_MASTER="--master=http://192.168.50.53:8080"

3)配置kubelet

root@k8s-node2 \~# vim /etc/kubernetes/kubelet

5 KUBELET_ADDRESS="--address=192.168.50.51"

11 KUBELET_HOSTNAME="--hostname-override=k8s-node2"

14 KUBELET_API_SERVER="--api-servers=http://192.168.50.53:8080"

4)启动服务

root@k8s-node2 \~# systemctl start kubelet

root@k8s-node2 \~# systemctl start kube-proxy

root@k8s-node2 \~# systemctl enable kubelet

Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.

root@k8s-node2 \~# systemctl enable kube-proxy

Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /usr/lib/systemd/system/kube-proxy.service.

5)在master节点检测node节点状态

root@k8s-master \~# kubectl get nodes

NAME STATUS AGE

k8s-master Ready 19m

k8s-node1 Ready 7m

k8s-node2 Ready 1m

6、为所有node节点配置flannel网络

1)在k8s-master节点安装flannel

root@k8s-master \~# yum -y install flannel -y

root@k8s-master \~# vim /etc/sysconfig/flanneld

4 FLANNEL_ETCD_ENDPOINTS="http://192.168.50.53:2379"

root@k8s-master \~# etcdctl set /atomic.io/network/config '{"Network":"172.16.0.0/16"}'

{"Network":"172.16.0.0/16"} //查看多一个网络

root@k8s-master \~# systemctl start flanneld //重新启动docker服务和flannel网络一至

root@k8s-master \~# systemctl enable flanneld

Created symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

Created symlink from /etc/systemd/system/docker.service.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

root@k8s-master \~# ifconfig //查看多一个网络

flannel0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1472

inet 172.16.48.0 netmask 255.255.0.0 destination 172.16.48.0

inet6 fe80::4fff:f857:41f4:3894 prefixlen 64 scopeid 0x20<link>

unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)

RX packets 0 bytes 0 (0.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 3 bytes 144 (144.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

root@k8s-master \~# systemctl restart docker

sysroot@k8s-master \~# systemctl enable docker

Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

root@k8s-master \~# ifconfig

docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500

inet 172.16.48.1 netmask 255.255.255.0 broadcast 0.0.0.0

ether 02:42:87:58:2f:59 txqueuelen 0 (Ethernet)

RX packets 0 bytes 0 (0.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 0 bytes 0 (0.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

2)配置node1节点flannel网络

root@k8s-node1 \~# yum -y install flannel -y

root@k8s-node1 \~# vim /etc/sysconfig/flanneld

4 FLANNEL_ETCD_ENDPOINTS="http://192.168.50.53:2379"

root@k8s-node1 \~# systemctl start flanneld

root@k8s-node1 \~# systemctl enable flanneld

Created symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

Created symlink from /etc/systemd/system/docker.service.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

root@k8s-node1 \~# systemctl restart docker

root@k8s-node1 \~# systemctl enable docker

Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

3)安装node2节点flannel网络

root@k8s-node2 \~# yum -y install flannel -y

root@k8s-node2 \~# vim /etc/sysconfig/flanneld

4 FLANNEL_ETCD_ENDPOINTS="http://192.168.50.53:2379"
root@k8s-node2 \~# systemctl start flanneld

root@k8s-node2 \~# systemctl enable flanneld

Created symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

Created symlink from /etc/systemd/system/docker.service.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

root@k8s-node2 \~# systemctl restart docker

syroot@k8s-node2 \~# systemctl enable docker

Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

master查看

root@k8s-master \~# kubectl get nodes

NAME STATUS AGE

k8s-master Ready 35m

k8s-node1 Ready 23m

k8s-node2 Ready 17m

4)测试docker容器跨宿主机通信

root@k8s-master \~# iptables -P FORWARD ACCEPT

root@k8s-master \~#

root@k8s-node1 \~# iptables -P FORWARD ACCEPT

root@k8s-node1 \~#

root@k8s-node2 \~# iptables -P FORWARD ACCEPT

root@k8s-node2 \~#

iptables -P FORWARD ACCEPT : 这个命令将iptables的FORWARD链的默认策略设置为ACCEPT(接受)。iptables是Linux上的防火墙工具,它可以用来设置网络规则和过滤器。

-P FORWARD : 指定要更改的链是FORWARD链,这个链控制通过Linux主机的转发流量

ACCEPT : 设置为接受(允许)转发流量,默认情况下,FORWARD链的默认策略是DROP(拒绝)。

# : 这是Linux命令行中用于表示注释的符号。在这个上下文中,# 后面的内容被视为注释,不会被执行。

这意味着iptables的FORWARD链的默认策略已被成功更改为接受(ACCEPT),允许通过Linux主机的转发流量。

7、配置docker开启加载防火墙规则允许转发数据

1)配置k8s-master节点

root@k8s-master \~# vim /usr/lib/systemd/system/docker.service

1 Unit

2 Description=Docker Application Container Engine

3 Documentation=http://docs.docker.com

4 After=network.target

5 Wants=docker-storage-setup.service

6 Requires=docker-cleanup.timer

7

8 Service

9 Type=notify

10 NotifyAccess=main

11 EnvironmentFile=-/run/containers/registries.conf

12 EnvironmentFile=-/etc/sysconfig/docker

13 EnvironmentFile=-/etc/sysconfig/docker-storage

14 EnvironmentFile=-/etc/sysconfig/docker-network

15 Environment=GOTRACEBACK=crash

16 Environment=DOCKER_HTTP_HOST_COMPAT=1

17 Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin

18 ExecStartPort=/usr/sbin/iptables -P FORWARD ACCEPT 添加这一行

19 ExecStart=/usr/bin/dockerd-current \

root@k8s-master \~# systemctl daemon-reload

root@k8s-master \~# systemctl restart docker

2)配置k8s-node1节点

root@k8s-node1 \~# vim /usr/lib/systemd/system/docker.service

18 ExecStartPort=/usr/sbin/iptables -P FORWARD ACCEPT

root@k8s-node1 \~# systemctl daemon-reload

root@k8s-node1 \~# systemctl restart docker

3)配置k8s-node2节点

root@k8s-node2 \~# vim /usr/lib/systemd/system/docker.service

18 ExecStartPort=/usr/sbin/iptables -P FORWARD ACCEPT

root@k8s-node2 \~# systemctl daemon-reload

root@k8s-node2 \~# systemctl restart docker

相关推荐
Tian_Hang5 小时前
Eclipse Ditto 物模型相关代码
java·运维·服务器·ide·eureka·eclipse
假如梵高是飞行员5 小时前
WSL2 从 img 镜像文件启动特定 Linux 发行版完整指南
linux·windows·wsl
瓶中怪7 小时前
ROS2 机器人软件系统
linux·c++·python·ubuntu·vmware·ros2·机器人软件开发
iangyu7 小时前
linux配置时间同步
linux·运维·服务器
天空'之城7 小时前
Linux 系统编程 04:进程基础
linux·开发语言·进程基础
从零开始的代码生活_7 小时前
NAT、代理服务与内网穿透详解
linux·服务器·网络·c++·http·智能路由器
灯厂码农7 小时前
C语言内存管理——内存对齐与共用体union
linux·服务器·c语言
charlie1145141917 小时前
Cinux: 加载第一个内核:从 bootloader 跳进 C++
linux·开发语言·c++·嵌入式
iPad协议个微协议8 小时前
企业微信文件上传下载在自动化系统中的处理方式
java·运维·人工智能·机器人·自动化·企业微信
Tian_Hang8 小时前
eclipse ditto 学习笔记
运维·服务器·开发语言·javascript·3d