kubadm安装kubernetes集群和Dashboard U
2019-08-12 本文已影响0人
gukwa
一、环境准备
| 主机名 | 主机ip | 角色 | 安装软件 |
|---|---|---|---|
| master01 | 192.168.83.161 | master | kubeadm、kubelet、kubectl、docker |
| node01 | 192.168.83.164 | node | kubeadm、kubelet、kubectl、docker |
| node02 | 192.168.83.165 | node | kubeadm、kubelet、kubectl、docker |
| node03 | 192.168.83.166 | node | kubeadm、kubelet、kubectl、docker |
二、初始化环境
1、关闭防火墙
sudo ufw disable
2、关闭swap后重新执行
swapoff -a
sed -i '/ swap / s/^/#/' /etc/fstab
三、安装环境
1、安装docker
apt-get remove docker docker-engine docker.io containerd runc
apt-get update
apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io
usermod -aG docker $USER
systemctl enable docker && systemctl start docker
2、kubernetes repo源
##添加apt key以及源
sudo apt update && sudo apt install -y apt-transport-https curl
curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
3、安装kubelet、 kubeadm、 kubectl
apt-get install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet
4、从国内网站上下载镜像
##先查看要用到的镜像有哪些,这里要注意的是:要拉取的4个核心组件的镜像版本和你安装的kubelet、kubeadm、kubectl 版本需要是一致的。
[root@master] ~$ kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.15.2
k8s.gcr.io/kube-controller-manager:v1.15.2
k8s.gcr.io/kube-scheduler:v1.15.2
k8s.gcr.io/kube-proxy:v1.15.2
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.10
k8s.gcr.io/coredns:1.3.1
##下载镜像
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.15.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.15.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.15.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.15.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.10
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.3.1
##修改tag 将镜像标记为k8s.gcr.io
docker images |grep registry.cn-hangzhou.aliyuncs.com/google_containers |awk '{print "docker tag ",$1":"$2,$1":"$2}' |sed -e 's#registry.cn-hangzhou.aliyuncs.com/google_containers#k8s.gcr.io#2' |sh -x
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
##删除无用的镜像
docker images | grep registry.cn-hangzhou.aliyuncs.com | awk '{print "docker rmi " $1":"$2}' | sh -x
5、查看镜像
root@gukwa-virtual-machine:~# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
k8s.gcr.io/kube-controller-manager v1.15.2 9f5df470155d 3 days ago 159MB
k8s.gcr.io/kube-scheduler v1.15.2 88fa9cb27bd2 3 days ago 81.1MB
k8s.gcr.io/kube-apiserver v1.15.2 34a53be6c9a7 3 days ago 207MB
k8s.gcr.io/kube-proxy v1.15.2 167bbf6c9338 3 days ago 82.4MB
k8s.gcr.io/coredns 1.3.1 eb516548c180 6 months ago 40.3MB
k8s.gcr.io/etcd 3.3.10 2c4adeb21b4f 8 months ago 258MB
k8s.gcr.io/pause 3.1 da86e6ba6ca1 19 months ago 742kB
root@gukwa-virtual-machine:~#
6、克隆虚拟机,制作3个工作节点
7、在master节点上初始化,成功后会输出 加入此集群的代码,如下图
kubeadm init --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=NumCPU --kubernetes-version=1.15.2
image.png
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
8、在node节点上运行下列命令 、加入到集群。
kubeadm join 192.168.83.161:6443 --token uyhvk1.f65hcxmfujq8azfi \
--discovery-token-ca-cert-hash sha256:1b7f5544cff4f9fe96b02b680af7d2d73346db0e2b9cfc6fbf90a8ef42e4e5aa
9、在master节点上查看
image.png
提示notready,查看下日志
kubectl describe node node01
image.png
日志显示是cni未初始化
下载cni的yml文件,并添加如下一行(根据自己虚拟机网卡,我的是ens33)
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
image.png
初始化CNI
kubectl apply -f kube-flannel.yml
image.png
过几分钟后查看
image.png
集群部署成功~
四、安装Dashboard UI
从官网下载yml文件,并修改
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta1/aio/deploy/recommended.yaml
vim recommended.yaml
添加如下两行
image.png
kubectl apply -f recommended.yaml
创建用户
root@gukwa-virtual-machine:/home/gukwa#vim dashboard-adminuser.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
root@gukwa-virtual-machine:/home/gukwa#kubectl apply -f dashboard-adminuser.yaml
绑定角色
root@gukwa-virtual-machine:/home/gukwa#vim admin-user-role-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
root@gukwa-virtual-machine:/home/gukwa#kubectl create -f admin-user-role-binding.yaml
查看对外暴露端口号
image.png
获取tocken
kubectl get secret -n kubernetes-dashboard
image.png
kubectl describe secret kubernetes-dashboard-token-w2qnt -n kubernetes-dashboard
image.png
通过火狐浏览器访问https://192.168.83.161:30001
image.png
image.png
完成~
