Kubernetes学习(二)
1.2Kubernetes快速入门
环境准备:
关闭CentOS防火墙
systemctl disable firewalld
systemctl stop firewalld
安装etcd和kubernetes软件
yum install -y etcd kubernetes
启动服务
systemctl start etcd (用于配置共享和服务发现的键值存储系统)
systemctl start docker (创建容器的)
如果docker启动h失败(参考vi /etc/sysconfig/selinux 将selinux后面的改为disable,重启服务器,再重启docker即可)
systemctl start kube-apiserver (API Server是整个系统的对外接口,供客户端和其它组件调用,相当于“营业厅”)
systemctl start kube-controller-manager (Controller manager负责管理控制器,相当于“大总管”。)
systemctl start kube-scheduler (Scheduler负责对集群内部的资源进行调度,相当于“调度室”。)
systemctl start kubelet (Kubelet,主要负责监视指派到它所在Node上的Pod,包括创建、修改、监控、删除等。)
systemctl start kube-proxy (Kube-proxy,主要负责为Pod对象提供代理。)
配置
mytomcat-rc.yamltomcat配置:/usr/local/k8s/
mytomcat-rc.yaml
mytomcat-svc.yamlkubectl create -f mytomcat-rc.yaml
mytomcat-svc.yaml
kubectl create -f mytomcat-svc.yaml
kubectl get svc :查看服务
问题解决
docker pull 失败
1. yum install rhsm -y
2. docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
如果以上 两步可以解决问题,则不需要执行以下步骤。
3. docker search pod-infrastructure
4. docker pull docker.io/tianyebj/pod-infrastructure
5. docker tag tianyebj/pod-infrastructure 192.168.0.19:5000/pod-infrastructure
6. docker push 192.168.0.19:5000/pod-infrastructure
7. vi /etc/kubernetes/kubelet
修改KUBELET_POD_INFRA_CONTAINER="-pod-infra-container-image=192.168.0.19:5000/pod-infrastructure:latest"
8. 重启服务
systemctl restart kube-apiserver
systemctl restart kube-controller-manager
systemctl restart kube-scheduler
systemctl restart kubelet
systemctl restart kube-proxy
方案二:
1. docker pull kubernetes/pause
2. docker tag docker.io/kubernetes/pause:latest 192.168.0.19:5000/google_containers/pause-amd64.3.0
3. docker push 192.168.0.19:5000/google_containers/pause-amd64.3.0
4. vi /etc/kubernetes/kubelet配置为:
KUBELET_ARGS="- pod_infra_container_image=192.168.0.19:5000/google_containers/pause-amd64.3.0"
5. 重启kubelet服务:systemctl restart kubelet
外网不能访问
在搭建好的k8s集群内创建的容器,只能在其所在的节点上curl可访问,但是在其他任何主机上无法访问容器占用端口
解决方案:
1. vim /etc/sysctl.conf
2. net.ipv4.ip_forward=1
kubectl get pods时No resources found问题
1. vim /etc/kubernetes/apiserver
2. 找到KUBE_ADMISSION_CONTROL="-admission_control=NamespaceLifecycle,NameSpaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota",去掉ServiceAccount,保存退出。
3. systemctl restart kube-apiserver
补充:
kubectl replace -f mytomcat-rc.yaml
kubectl delete svc --all
kubectl create -f mytomcat-svc.yaml