K8s安装(一)

2020-05-05  本文已影响0人  designer

一.系统配置修改

1.禁用swap

   swapoff -a
同时把/etc/fstab包含swap那行记录删掉。

2.关闭防火墙

    systemctl stop firewalld
    systemctl disable firewalld

3.禁用Selinux

    apt install selinux-utils
    setenforce 0

4.安装kubectl,kubelet,kubeadm

   在Master和Node节点分别执行如下操作

4.1添加Kubernetes软件源
# docker 和 k8s 镜像源
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | apt-key add -
curl -fsSL https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -

cat <<EOF >/etc/apt/sources.list.d/docker-k8s.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable
EOF

4.2安装
   apt-get update && apt-get install -y kubelet kubeadm kubectl
   systemctl enable kubelet

5.配置Master

在/etc/profile 下面增加如下环境变量

echo 'export KUBECONFIG=/etc/kubernetes/admin.conf' >> ~/.bashrc
source ~/.bashrc

重起kubelet

systemctl daemon-reload
systemctl restart kubelet

6.在master节点上执行

kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.0.102 --kubernetes-version=v1.18.2 --ignore-preflight-errors=Swap

–pod-network-cidr是指配置节点中的pod的可用IP地址,此为内部IP

–apiserver-advertise-address 为master的IP地址

–kubernetes-version 通过kubectl version 可以查看到

不幸的是报错, k8s.gcr.io 被墙了,镜像下载失败

[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
error execution phase preflight: [preflight] Some fatal errors occurred:
    [ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-apiserver:v1.13.2: output: Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
, error: exit status 1
........

根据报错信息,在国内网站站上找到相关的镜像(docker需要配置阿里云的镜像仓库)

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.18.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.18.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.18.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.3-0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.7
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.18.2


docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.18.2 k8s.gcr.io/kube-controller-manager:v1.18.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.18.2 k8s.gcr.io/kube-scheduler:v1.18.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.18.2 k8s.gcr.io/kube-proxy:v1.18.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2 k8s.gcr.io/pause:3.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.3-0 k8s.gcr.io/etcd:3.4.3-0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.7 k8s.gcr.io/coredns:1.6.7
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.18.2 k8s.gcr.io/kube-apiserver:v1.18.2


重新执行

kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.0.102 --kubernetes-version=v1.18.2 --ignore-preflight-errors=Swap

执行kubeadm init集群初始化时遇到:

[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd".

[警告IsDockerSystemdCheck]:检测到“cgroupfs”作为Docker cgroup驱动程序。 推荐的驱动程序是“systemd”

所以我们更换一下驱动。

解决方法:修改docker

在/etc/docker下创建daemon.json并编辑:

mkdir /etc/docker/daemon.json
加入以下内容:

{
"exec-opts":["native.cgroupdriver=systemd"]
}

重启docker

systemctl restart docker
systemctl status docker
Your Kubernetes master has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of machines by running the following on each node
as root:

  kubeadm join 192.168.0.102:6443 --token nyd3pc.c3q6l7ltpol4i3yw \
      --discovery-token-ca-cert-hash sha256:cd8755a732355f6fd89c129644f39ea17a7af655545f3a0e3c0ca1b5b5309788 

在安装完Master节点后,查看节点信息( kubectl get nodes)会发现节点的状态为noready。查看noready的原因发现是由于cni插件没有配置。其实这是由于还没有配置网络。可以配置多种网络,这里作者选用最长远的fannel网络进行配置。

kubectl apply -f https://gitee.com/fffqqql/k8s/blob/master/kube-flannel.yml

7.配置node

在各个node节点执行如下命令(对应master配置返回的 kubeadm join命令),加入master集群

kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.0.102 --kubernetes-version=v1.18.2 --ignore-preflight-errors=Swap

在master查看nodes状态,Node的状态为NotReady

root@wangcf-k8s-m:~# kubectl get nodes
NAME            STATUS     ROLES    AGE     VERSION
wangcf-k8s-m    Ready      master   20m     v1.13.2
wangcf-k8s-n1   NotReady   <none>   8m21s   v1.13.2
wangcf-k8s-n2   NotReady   <none>   2m40s   v1.13.2

查看pod状态,部分服务没有正常启动,原因是各个node也缺少镜像,需要手动下载,按照在master手动下载镜像的方式

root@wangcf-k8s-m:~# kubectl get pod --all-namespaces
NAMESPACE     NAME                                   READY   STATUS              RESTARTS   AGE
kube-system   coredns-86c58d9df4-hpbbh               0/1     ContainerCreating   0          18m
kube-system   coredns-86c58d9df4-qj56q               0/1     ContainerCreating   0          18m
kube-system   etcd-wangcf-k8s-m                      1/1     Running             2          17m
kube-system   kube-apiserver-wangcf-k8s-m            1/1     Running             2          17m
kube-system   kube-controller-manager-wangcf-k8s-m   1/1     Running             2          17m
kube-system   kube-flannel-ds-amd64-bskks            0/1     Init:0/1            0          2m34s
kube-system   kube-flannel-ds-amd64-rdnw2            1/1     Running             0          2m34s
kube-system   kube-flannel-ds-amd64-sdbxj            0/1     Init:0/1            0          55s
kube-system   kube-proxy-6h6rv                       0/1     ContainerCreating   0          55s
kube-system   kube-proxy-fsfwq                       0/1     ContainerCreating   0          6m36s
kube-system   kube-proxy-z7dqx                       1/1     Running             2          18m
kube-system   kube-scheduler-wangcf-k8s-m            1/1     Running             2          17m

9.K8S部署mysql学习

新建mysql-rc.yaml


apiVersion: v1
kind: ReplicationController
metadata:
  name: mysql-rc
  labels:
    name: mysql-rc
spec:
  replicas: 1
  selector:
    name: mysql-pod
  template:
    metadata:
      labels: 
        name: mysql-pod
    spec:
      containers:
      - name: mysql
        image: mysql
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 3306
        env:
        - name: MYSQL_ROOT_PASSWORD
          value: "password"

10.创建mysql-svc.yaml

创建mysql-svc.yaml


apiVersion: v1
kind: Service
metadata:
  name: mysql-svc
  labels: 
    name: mysql-svc
spec:
  type: NodePort
  ports:
  - port: 3306
    protocol: TCP
    targetPort: 3306
    name: http
    nodePort: 30000
  selector:
    name: mysql-pod

11.安装

k8s 执行文件,下载mysql镜像和运行mysqlr容器

[root@k8s-master ~]# kubectl create -f mysql-rc.yaml 
replicationcontroller "mysql-rc" created
[root@k8s-master ~]# kubectl create -f mysql-svc.yaml 
service "mysql-svc" created

在其中一台node节点上看到mysql容器实例已启动


root@wangcf-k8s-n1:~# docker ps
CONTAINER ID        IMAGE                  COMMAND                  CREATED             STATUS              PORTS               NAMES
338cd4b675ab        mysql                  "docker-entrypoint.s…"   15 hours ago        Up 15 hours                             k8s_mysql_mysql-rc-d5zht_default_f55914bc-1a49-

进入容器看到mysql的版本为 8.0.13

root@wangcf-k8s-n1:~# docker exec -it 338cd4b675ab bash
root@mysql-rc-d5zht:/# mysql -uroot -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 23
Server version: 8.0.13 MySQL Community Server - GPL

设置root远程访问

$mysql -u root -p
Enter password:
mysql> use mysql;
mysql> GRANT ALL ON *.* TO 'root'@'%';
Query OK, 0 rows affected (0.04 sec)

mysql> ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'password';
Query OK, 0 rows affected (0.01 sec)

最后在mysql客户端连接mysql容器实例

IP:(任意master或node节点IP)

用户名:root

密码:password 【设置的密码】

端口:30000 【设置的端口】

上一篇 下一篇

猜你喜欢

热点阅读