K8s部署

1.開局一張架構(gòu)圖

image.png

2.修改IP、主機(jī)名和相互host解析

10.0.0.11  k8s-master
10.0.0.12  k8s-node-1
10.0.0.13  k8s-node-2

3.master節(jié)點(diǎn)安裝etcd(數(shù)據(jù)庫)

yum install etcd -y

vim /etc/etcd/etcd.conf  
6行:ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
21行:ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379"

systemctl start etcd.service
systemctl enable etcd.service

4.master節(jié)點(diǎn)安裝kubernetes

yum install kubernetes-master.x86_64 -y

vim /etc/kubernetes/apiserver 
8行: KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"  
11行:KUBE_API_PORT="--port=8080"  
14行: KUBELET_PORT="--kubelet-port=10250"  
17行:KUBE_ETCD_SERVERS="--etcd-servers=http://10.0.0.11:2379"  
23行:KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"  
23行是刪除了一個(gè)插件,注意對比

vim /etc/kubernetes/config  
22行:KUBE_MASTER="--master=http://10.0.0.11:8080"

systemctl enable kube-apiserver.service  
systemctl restart kube-apiserver.service  
systemctl enable kube-controller-manager.service  
systemctl restart kube-controller-manager.service  
systemctl enable kube-scheduler.service  
systemctl restart kube-scheduler.service

5.node節(jié)點(diǎn)安裝kubernetes

yum install kubernetes-node.x86_64 -y

vim /etc/kubernetes/config 
22行:KUBE_MASTER="--master=http://10.0.0.11:8080"

vim /etc/kubernetes/kubelet  
5行:KUBELET_ADDRESS="--address=0.0.0.0"  
8行:KUBELET_PORT="--port=10250"  
11行:KUBELET_HOSTNAME="--hostname-override=10.0.0.12"    注意13節(jié)點(diǎn)此IP為10.0.0.13
14行:KUBELET_API_SERVER="--api-servers=http://10.0.0.11:8080"

systemctl enable kubelet.service  
systemctl start kubelet.service  
systemctl enable kube-proxy.service  
systemctl start kube-proxy.service

master節(jié)點(diǎn)檢查node節(jié)點(diǎn)有沒有注冊進(jìn)來

[root@k8s-master ~]# kubectl get nodes
NAME        STATUS    AGE
10.0.0.12   Ready     37s
10.0.0.13   Ready     39s

6.所有節(jié)點(diǎn)配置flannel網(wǎng)絡(luò)

所有節(jié)點(diǎn)
yum install flannel -y
sed -i 's#http://127.0.0.1:2379#http://10.0.0.11:2379#g' /etc/sysconfig/flanneld

master節(jié)點(diǎn):
etcdctl mk /atomic.io/network/config '{ "Network": "172.16.0.0/16" }'

yum install docker -y  
systemctl enable flanneld.service 
systemctl restart flanneld.service 
service docker restart  
systemctl restart kube-apiserver.service  
systemctl restart kube-controller-manager.service  
systemctl restart kube-scheduler.service

node節(jié)點(diǎn):  
systemctl enable flanneld.service 
systemctl restart flanneld.service 
service docker restart  
systemctl restart kubelet.service  
systemctl restart kube-proxy.service

所有節(jié)點(diǎn)下載鏡象(測試)

wget http://192.168.12.201/docker_image/docker_busybox.tar.gz
所有節(jié)點(diǎn)導(dǎo)入鏡象  
docker load -i docker_busybox.tar.gz  
所有節(jié)點(diǎn)啟動(dòng)容器  
docker run -it docker.io/busybox:latest  

flannel會(huì)自動(dòng)修改iptables規(guī)則,此時(shí)發(fā)現(xiàn)容器不能互ping了
解決:再給它改成接受模式,注意是所有節(jié)點(diǎn):
iptables -P FORWARD ACCEPT

但是這是臨時(shí)的,永久生效方法:
vim /usr/lib/systemd/system/docker.service
17行下邊:
ExecStartPost=/usr/sbin/iptables -P FORWARD ACCEPT

重啟生效
systemctl daemon-reload
重啟docker測試網(wǎng)絡(luò)是否還是通的
systemctl restart docker

7.配置master為鏡像倉庫

所有節(jié)點(diǎn)  
vim /etc/sysconfig/docker
把原來的OPTIONS注釋掉,加上下邊的一行
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --registry-mirror=[https://registry.docker-cn.com](https://registry.docker-cn.com) --insecure-registry=10.0.0.11:5000'

systemctl restart kubelet.service

master節(jié)點(diǎn)起動(dòng)一個(gè)registry倉庫,需要先上傳鏡象,略

docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry  registry

任意一個(gè)node節(jié)點(diǎn)測試私有倉庫
打標(biāo)簽
docker tag docker.io/busybox
10.0.0.11:5000/docker.io/busybox
上傳到私有倉庫
docker push 10.0.0.11:5000/docker.io/busybox
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容