快速搭建环境:k8s+docker环境集成

2019-07-03  本文已影响0人  暗夜精灵_NightElf

目标:建立一套可持续集成的环境,日常开发以及维护。分几节讲:

初级篇

1、k8s+docker集成

2、jenkins安装和应用( https://www.jianshu.com/p/16fc6cc8ec03)

3、建立私有仓库Registry(https://www.jianshu.com/p/e79e37b34abb

4、发布部署应用(https://www.jianshu.com/p/64bda4b7899c)

进阶篇

5、安装Gitlab和应用(https://www.jianshu.com/p/340e60d61903)

6、利用GitLab webhook来实现触发Jenkins自动操作(https://www.jianshu.com/p/303e15fc11bd

7、 Jenkins pipeline自动化运行发布部署(https://www.jianshu.com/p/256181be306a

8、发布前自动测试+静态扫描(Sonar)的检测(待更新)

....

一、下载安装虚拟工具VirtualBox

地址:https://www.virtualbox.org/wiki/Downloads (选择对应的系统安装包)

二、安装ubuntu系统(Ubuntu 16.04.6 LTS)

镜像地址:http://releases.ubuntu.com/ (先择iso镜像)

三、安装环境

1、打开桥接模式,可以上网

2、打开open-ssh,可以远程连接 

安装ssh:

sudo apt-get update  

sudo apt-get install ssh

更改配置:

vim /etc/ssh/sshd_config ==> PermitEmptyPasswords yes

将PermitRootLogin 的值改为yes

重启

systemctl restart sshd

设置root密码

sudo passwd root

ssh root@xxx.xxx.xxx.xxx

关闭防火

sudo ufw disable

3、主机分别准备docker & kubernetes环境(3台分别执行) 

主机:10.20.17.177

node: 10.20.16.146

node2: 10.20.16.162

安装k8s的时候先把网络设成科学上网,安装包的时候不会报错

# docker安装

sudo apt-get update && sudo apt-get install -y apt-transport-https

sudo apt install -y docker.io

sudo systemctl start docker

sudo systemctl enable docker

# kubernetes安装

sudo curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add 

(如果有问题,可以先浏览器下载完后传到该对应的机器上,执行:sudo apt-key add apt-key.gpg)

sudo echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list

(可以自己编辑文件输入源)

增加源:

vim /etc/apt/sources.list

# 系统安装源

deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted

deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted

deb http://mirrors.aliyun.com/ubuntu/ xenial universe

deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe

deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse

deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse

deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse

# kubeadm及kubernetes组件安装源

deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main

sudo apt-get update

sudo apt-get install -y kubelet kubeadm kubectl kubernetes-cni

备注:

如果上述源连不上,可以用ustc的:

vim /etc/apt/sources.list

deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main

4、配置Master机器的配置

在/etc/profile 下面增加如下环境变量

export KUBECONFIG=/etc/kubernetes/admin.conf

# 重起kubelet 

systemctl daemon-reload 

systemctl restart kubelet

在master节点上执行

kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.20.16.203 --kubernetes-version=v1.15.0 --ignore-preflight-errors=Swap

--pod-network-cidr是指配置节点中的pod的可用IP地址,此为内部IP

--apiserver-advertise-address 为master的IP地址

--kubernetes-version 通过kubectl version 可以查看到

不幸的是报错, k8s.gcr.io 被墙了,镜像下载失败

根据报错信息,在国内网站站上找到相关的镜像(docker需要配置阿里云的镜像仓库)

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.15.0

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.15.0

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.15.0

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.10

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.3.1

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.15.0

把这些images重新tag一下。

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.15.0 k8s.gcr.io/kube-controller-manager:v1.15.0

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.15.0 k8s.gcr.io/kube-scheduler:v1.15.0

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.15.0 k8s.gcr.io/kube-proxy:v1.15.0

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.15.0 k8s.gcr.io/kube-apiserver:v1.15.0

重新执行

sudo kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.20.16.203 --kubernetes-version=v1.15.0 --ignore-preflight-errors=NumCPU  --ignore-preflight-errors=Swap

安装成功,最后一行输出

kubeadm join 10.20.17.177:6443 --token l8iehg.p6yo7ktd0cfbb2d7 \

    --discovery-token-ca-cert-hash sha256:bacd932a406e3ee48e024dae631726fb9ffe3cc07071e334be6f5650e0353331

在安装完Master节点后,查看节点信息( kubectl get nodes)会发现节点的状态为noready。查看noready的原因发现是由于cni插件没有配置。其实这是由于还没有配置网络。可以配置多种网络,这里作者选用最长远的fannel网络进行配置。

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

执行命令:

mkdir -p $HOME/.kube

  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

  sudo chown $(id -u):$(id -g) $HOME/.kube/config

安装k8s网络配置(只在Master上执行)

sudo sysctl net.bridge.bridge-nf-call-iptables=1

下载kube-flannel.yml

sudo curl -O https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml

在-key上面增加一个

- key: node.kubernetes.io/not-ready

        operator: Exists

        effect: NoSchedule

启动

sudo kubectl apply -f kube-flannel.yml

查看结点运行是否正常:

sudo kubectl get node

sudo kubectl get po --all-namespaces

5、增加Node(只在node上执行)

sudo swapoff -a

执行上面的加入结点

kubeadm join 10.20.17.177:6443 --token l8iehg.p6yo7ktd0cfbb2d7  --discovery-token-ca-cert-hash sha256:bacd932a406e3ee48e024dae631726fb9ffe3cc07071e334be6f5650e0353331

sudo sysctl net.bridge.bridge-nf-call-iptables=1

检查所有结点状态

sudo kubectl get po --all-namespaces -o wide

查看pod错误信息

sudo kubectl describe po xxxx -n kube-system

查看到报了failed pulling image "k8s.gcr.io/pause:3.1的错误

也是上面的方法docker pull 然后打上tag

docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1

过一会自己会刷新就可以了,如果不行就手动自己删除掉

删除命令:

sudo kubectl delete pod kube-flannel-ds-wg6wb -n kube-system

在node 执行,断开node命令:

在master上执行后可以重新init命令:

kubeadm reset

重新启动后,要执行如下命令

swapoff -a

systemctl daemon-reload

system restart kubelet

6、k8s基本使用命令

sudo kubectl get deployments --all-namespaces

sudo kubectl delete -f /root/kube.yaml

sudo kubectl apply -f /root/kube.yaml

sudo kubectl get services --all-namespaces

sudo kubectl get pod --all-namespaces -o wide

sudo kubectl describe pod xxxx -n kube-system

sudo kubectl delete pod xxxx -n kube-system

问题:

1、如果k8sMaster的IP换了怎么办?

把vim /etc/kubernetes/admin.conf 里的ip改成现在IP

然后执行

$ mkdir -p $HOME/.kube

$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

重启后需要关闭掉

swapoff -a

kubectl get nodes

sudo vi /etc/kubernetes/manifests/kube-apiserver.yaml 改成现在IP

sudo sysctl net.bridge.bridge-nf-call-iptables=1

systemctl disable firewald.service

网络提示:

The connection to the server localhost:8080 was refused - did you specify the right host or port?

https://www.cnblogs.com/aios/p/10023299.html

上一篇下一篇

猜你喜欢

热点阅读