生产级别的容器编排系统
Kubernetes 是用于自动部署,扩展和管理容器化应用程序的开源系统
k8s
最基本的硬件要求
CPU:双核
Mem:2G
3台dockerhost时间必须同步
Kubeadm工具自动部署k8s集群
//给3台docker命名,禁用swap交换分区
[root@localhost ~]# hostnamectl set-hostname master
[root@localhost ~]# su -
[root@localhost ~]# hostnamectl set-hostname node01
[root@localhost ~]# su -
[root@localhost ~]# hostnamectl set-hostname node02
[root@localhost ~]# su -
[root@master ~]# swapoff -a //临时禁用
[root@master ~]# free
total used free shared buff/cache available
Mem: 1867292 335448 908540 9256 623304 1290100
Swap: 0 0 0
//永久禁用
[root@master ~]# vim /etc/fstab //注释掉swap那一行
//禁用selinux,防火墙,并关闭开机自启(三台都需要)
[root@master ~]# vim /etc/selinux/config
SELINUX=disabled
[root@master ~]# setenforce 0
[root@master ~]# systemctl stop firewalld
[root@master ~]# systemctl disable firewalld
//编写hosts文件,设置域名解析
[root@master ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.70 master
192.168.1.50 node01
192.168.1.40 node02
[root@master ~]# scp /etc/hosts root@192.168.1.50:/etc
[root@master ~]# scp /etc/hosts root@192.168.1.40:/etc
//设置免密登录
[root@master ~]# ssh-keygen -t rsa
[root@master ~]# ssh-copy-id node01
[root@master ~]# ssh-copy-id node02
//打开iptables的桥接功能,开启路由转发
[root@master ~]# vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
[root@master ~]# echo net.ipv4.ip_forward = 1 >> /etc/sysctl.conf
[root@master ~]# sysctl -p
net.ipv4.ip_forward = 1
[root@master ~]# sysctl -p /etc/sysctl.d/k8s.conf //如果这条命令不成功则需要添加一个模块[root@master ~]# modprobe br_netfilter
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
[root@master ~]# scp /etc/sysctl.d/k8s.conf node01:/etc/sysctl.d
[root@master ~]# scp /etc/sysctl.d/k8s.conf node02:/etc/sysctl.d
[root@master ~]# scp /etc/sysctl.conf node02:/etc/
[root@master ~]# scp /etc/sysctl.conf node01:/etc/
[root@node01 ~]# sysctl -p
net.ipv4.ip_forward = 1
[root@node01 ~]# sysctl -p /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
[root@node02 ~]# sysctl -p
net.ipv4.ip_forward = 1
[root@node02 ~]# sysctl -p /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
//获取yum源
[root@master ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
> [kubernetes]
> name=Kubernetes
> baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
> enabled=1
> gpgcheck=1
> repo_gpgcheck=1
> gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
> EOF
[root@master ~]# yum repolist
[root@master ~]# yum makecache
//三台都需要这个yum源(node01,node02步骤省略)
//安装以下三个组件
kubectl:k8s客户端
kubeadm:自动化快速部署k8s集群工具
kubelet:客户端代理
[root@master ~]# yum -y install kubeadm-1.15.0-0 kubelet-1.15.0-0 kubectl-1.15.0-0
//node01、node02不需要安装kubectl
[root@node01 ~]# yum -y install kubeadm-1.15.0-0 kubelet-1.15.0-0
[root@node02 ~]# yum -y install kubeadm-1.15.0-0 kubelet-1.15.0-0
//加入开机自启(三台全部加入开机自启)
[root@master ~]# systemctl enable kubelet
//导入镜像
[root@master ~]# mkdir images
[root@master ~]# cd images/
[root@master images]# ls
coredns-1-3-1.tar kube-apiserver-1-15.tar kube-proxy-1-15.tar myflannel-11-0.tar
etcd-3-3-10.tar kube-controller-1-15.tar kube-scheduler-1-15.tar pause-3-1.tar
[root@master ~]# cat > images.sh <<EOF
> #!/bin/bash
> for i in /root/images/*
> do
> docker load < $i
> done
> EOF
[root@master ~]# chmod +x images.sh
[root@master ~]# sh images.sh
//初始化k8s集群
[root@master ~]# kubeadm init --kubernetes-version=v1.15.0 \
> --pod-network-cidr=10.244.0.0/16 \
> --service-cidr=10.96.0.0/12 \
> --ignore-preflight-errors=Swap
//如果初始化失败,需要重置k8s集群
[root@master ~]# kubeadm reset
//初始化完成后的操作
[root@master ~]# mkdir -p $HOME/.kube
[root@master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master ~]# chown $(id -u):$(id -g) $HOME/.kube/config
//查看节点信息情况
[root@master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
master NotReady master 10m v1.15.0
//部署flannel网络,(k8s版本必须是1.7版本以上)
[root@master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
PS:这里执行不成功的话可能是网络的问题
//在node01、node02上提前导入镜像(不然在加入集群的时候,它会自动下载镜像)
[root@node02 ~]# mkdir images
[root@node02 ~]# cd images/
[root@node02 images]# ls
kube-proxy-1-15.tar myflannel-11-0.tar pause-3-1.tar
docker load < kube-proxy-1-15.tar && docker load < myflannel-11-0.tar && docker load < pause-3-1.tar
//node01、node02加入集群
kubeadm join 192.168.1.70:6443 --token x85ks8.4x5qrhw87zct1vti \
--discovery-token-ca-cert-hash sha256:227c69c29f16521a7dccb52104710b8cdd449aa0f7cb787affb62514fc8cc9eb
[root@master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
master Ready master 25m v1.15.0
node01 Ready <none> 82s v1.15.0
node02 Ready <none> 76s v1.15.0
//确保是running的状态
[root@master ~]# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-5c98db65d4-fr894 1/1 Running 0 28m
kube-system coredns-5c98db65d4-qkqh5 1/1 Running 0 28m
kube-system etcd-master 1/1 Running 0 27m
kube-system kube-apiserver-master 1/1 Running 0 27m
kube-system kube-controller-manager-master 1/1 Running 0 27m
kube-system kube-flannel-ds-amd64-rjnns 1/1 Running 0 4m44s
kube-system kube-flannel-ds-amd64-tpkh5 1/1 Running 0 4m50s
kube-system kube-flannel-ds-amd64-x425t 1/1 Running 0 13m
kube-system kube-proxy-4qsj2 1/1 Running 0 4m44s
kube-system kube-proxy-gngnx 1/1 Running 0 28m
kube-system kube-proxy-shkw9 1/1 Running 0 4m50s
kube-system kube-scheduler-master 1/1 Running 0 27m
//设置tab键的距离
[root@master ~]# vim .vimrc
set tabstop=2
[root@master ~]# source .vimrc
//将kubectl命令加入tab自动补全
[root@master ~]# source /usr/share/bash-completion/bash_completion
[root@master ~]# source <(kubectl completion bash)
[root@master ~]# echo " source <(kubectl completion bash)" >> ~/.bashrc
