文章目录
测试环境
[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
kubernetes安装
加入节点到当前kubernetes集群可根据上述文档加入
环境配置
swapoff -a
setenforce 0
rm -rf $HOME/.kube #已安装过
安装程序
shell
#安装docker
yum install docker -y
#安装kubeadm、kubectl
#添加下载源:
cat << EOF >/etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# 安装指定版本的kubeadm kubectl kubelet
# 查询所有版本:yum list available kubeadm --showduplicates
# 比如此处安装1.23.0的kubernetes, 需要安装对应的版本
# 否则会报错, 如:
# this version of kubeadm only supports deploying clusters with the control plane version >= 1.27.0. Current version: v1.23.0
yum install kubeadm-1.23.0-0 kubectl-1.23.0-0 kubelet-1.23.0-0 -y下载镜像
shell
#使用kubeadm初始化Master节点
#执行命令下列命令查看需要下载的docker镜像及相应版本,这里的名字必须与后面的docker images中显示的名字一样,否则初始化时会失败:
kubeadm config images list
#生成脚本,并将其中的版本信息填入到下列脚本:
cat << EOF >download.sh
#!/bin/bash
set -e
KUBE_VERSION=v1.23.0
KUBE_PAUSE_VERSION=3.6
ETCD_VERSION=3.5.1-0
CORE_DNS_VERSION=v1.8.6
GCR_URL=k8s.gcr.io
ALIYUN_URL=registry.cn-hangzhou.aliyuncs.com/google_containers
images=(
kube-proxy:${KUBE_VERSION}
kube-scheduler:${KUBE_VERSION}
kube-controller-manager:${KUBE_VERSION}
kube-apiserver:${KUBE_VERSION}
pause:${KUBE_PAUSE_VERSION}
etcd:${ETCD_VERSION}
coredns:${CORE_DNS_VERSION}
)
for imageName in ${images[@]} ; do
docker pull ${ALIYUN_URL}/$imageName
docker tag ${ALIYUN_URL}/$imageName ${GCR_URL}/$imageName
docker rmi ${ALIYUN_URL}/$imageName
done
# 额外tag一下
docker tag ${GCR_URL}/coredns:v1.8.6 ${GCR_URL}/coredns/coredns:v1.8.6
EOF初始化
reset环境
shell
# 如果安装过则进行reset
kubeadm resetinit构建kubernetes
shell
#使用如下命令查看初始化时的默认配置:
kubeadm config print init-defaults >init.yaml
#初始化,#可根据需要修改上一步获取到的配置,如修改kubernetes版本,以及其它ip等配置
kubeadm init --config=init.yaml
# 建议直接使用此命令
kubeadm init --kubernetes-version=1.23.0 --node-name=master异常分析:
这一步骤容易出现错误,可以根据提示进行分析,kubeadm init增加参数--v=5可以查看详细信息,如果这里还没有找到问题原因,则通过journalctl -xeu kubelet查找问题
cgroup driver报错:
shell
# error: Failed to run kubelet" err="failed to run Kubelet: misconfiguration: kubelet cgroup driver: \"systemd\" is different from docker cgroup driver: \"cgroupfs\""
# 创建配置文件 kubeadm-config.yaml, 并配置version和cgroupDriver
kind: ClusterConfiguration
apiVersion: kubeadm.k8s.io/v1beta3
kubernetesVersion: v1.23.0
---
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
cgroupDriver: cgroupfs
# kubeadm reset后重新kubeadm init
kubeadm init --config=kubeadm-config.yaml配置授权信息
上一步完成后,会有提示,可根据提示配置授权信息
也可加入worker节点到集群
提示信息:
shell
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 172.20.20.114:6443 --token s8qj24.jken8zoqh8hqhneq \
--discovery-token-ca-cert-hash sha256:dd5f58c9ad1113daf894c79a61cadd67ded2c89ee99611ebd4f7e50dc3d89658 如果忘记token和sha256可通过命令查询
shell
# 查询token
kubeadm token list
# sha256
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'配置网络插件
shell
# 下载,也可以用wget https://raw.githubusercontent.com/projectcalico/calico/v3.27.3/manifests/calico.yaml
curl https://raw.githubusercontent.com/projectcalico/calico/v3.27.3/manifests/calico.yaml -O
# apply
kubectl apply -f calico.yaml查看状态
上一步会去拉镜像等操作,可能需要一些时间
shell
#查看是否安装成功,默认生成namespace kube-system
[root@localhost kubernetes]# kubectl get po -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-5bd579bf9c-9j8nx 1/1 Running 0 3m3s
kube-system calico-node-7b2cv 1/1 Running 0 3m3s
kube-system coredns-64897985d-lrsg4 1/1 Running 0 15m
kube-system coredns-64897985d-qkjdz 1/1 Running 0 15m
kube-system etcd-master 1/1 Running 0 15m
kube-system kube-apiserver-master 1/1 Running 0 15m
kube-system kube-controller-manager-master 1/1 Running 0 15m
kube-system kube-proxy-hgktb 1/1 Running 0 15m
kube-system kube-scheduler-master 1/1 Running 0 15m
# node ready
[root@localhost kubernetes]# kubectl get node
NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 26m v1.23.0简单实例测试
由于上一步只是创建了一个节点,即只有一个主节点,kubernetes默认时不再master上运行pod的,所以需要先配置一下,允许在master上运行pod
shell
#单节点,设置master节点也可以运行Pod,kubernetes官方默认策略是worker节点运行Pod,master节点不运行Pod。如果只是为了开发或者其他目的而需要部署单节点集群,可以通过以下的命令设置:
kubectl taint nodes --all node-role.kubernetes.io/master-
#kubectl taint node master node-role.kubernetes.io/master="":NoSchedule #将 Master 恢复成 Master Only 状态创建nginx-deployment控制器yaml文件
cat << EOF >nginx-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.15.4
ports:
- containerPort: 80
EOF
创建nginx-service服务yaml文件
cat << EOF >nginx-service.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-service
labels:
app: nginx
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
nodePort: 30949
selector:
app: nginx
EOF
根据已创建的yaml文件生成deployment、service,这里由于未指定命名空间,所有都在default命名空间创建,若在其他空间创建的,可以增加参数-n
kubectl apply -f nginx-deployment.yaml
kubectl apply -f nginx-service.yaml
查看是否成功
kubectl get svc -n default
kubectl get deploy
kubectl get pod
结果示例
[root@localhost ~]# kubectl get svc -n default
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2d3h
nginx-service NodePort 10.97.200.51 <none> 80:30949/TCP 101s
[root@localhost ~]# kubectl get deploy -n default
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 1/1 1 1 2m11s
[root@localhost ~]# kubectl get pod -n default
NAME READY STATUS RESTARTS AGE
nginx-deployment-746ccc65d8-pwcqb 1/1 Running 0 2m13s
可根据上述生成的nginx-service.yaml中的nodePort得到服务开放端口30949,然后通过如下命令访问:
[root@localhost ~]# curl localhost:30949
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
查看pod日志,根据命令kubectl get pod -n default查看pod名字,然后使用 kubectl -n default logs -f 查看日志
[root@localhost ~]# kubectl get pod -n default
NAME READY STATUS RESTARTS AGE
nginx-deployment-746ccc65d8-pwcqb 1/1 Running 0 8m12s
[root@localhost ~]# kubectl -n default logs -f nginx-deployment-746ccc65d8-pwcqb