kubernetes(k8s)安装配置及使用

2018-11-20  本文已影响0人  potenstop

环境

os: Ubuntu18
apt源: 阿里源
Kubernetes: 1.11.3
docker: 17.12.1

1 安装docker

sudo apt-get update && sudo apt-get install -y apt-transport-https
sudo apt install -y docker.io
sudo systemctl start docker
sudo systemctl enable docker

2 安装Kubernetes(master和salve)

sudo apt-get install gnupg -y
wget https://raw.githubusercontent.com/potenstop/services-init/master/public/apt-key.gpg -O apt-key.gpg
apt-key add apt-key.gpg 
sudo echo "deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubernetes-cni=0.6.0-00
sudo apt-get install -y kubectl=1.11.3-00  kubeadm=1.11.3-00  kubelet=1.11.3-00

3 关闭swap分区(master和salve)

swapoff -a  # 临时关闭
sed -i '/swap/ s/^/#/' /etc/fstab  # 永久关闭  

4 手动下载镜像 否则需要翻墙(master)

### 版本信息
K8S_VERSION=v1.11.3
ETCD_VERSION=3.2.18
COREDNS_VERSION=1.1.3
PAUSE_VERSION=3.1
## 基本组件
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver-amd64:$K8S_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager-amd64:$K8S_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler-amd64:$K8S_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy-amd64:$K8S_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd-amd64:$ETCD_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:$PAUSE_VERSION

### 网络
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:$COREDNS_VERSION

## 修改tag
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver-amd64:$K8S_VERSION k8s.gcr.io/kube-apiserver-amd64:$K8S_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager-amd64:$K8S_VERSION k8s.gcr.io/kube-controller-manager-amd64:$K8S_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler-amd64:$K8S_VERSION k8s.gcr.io/kube-scheduler-amd64:$K8S_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy-amd64:$K8S_VERSION k8s.gcr.io/kube-proxy-amd64:$K8S_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd-amd64:$ETCD_VERSION k8s.gcr.io/etcd-amd64:$ETCD_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:$COREDNS_VERSION k8s.gcr.io/coredns:$COREDNS_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:$PAUSE_VERSION k8s.gcr.io/pause:$PAUSE_VERSION
## 删除镜像
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver-amd64:$K8S_VERSION
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager-amd64:$K8S_VERSION
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler-amd64:$K8S_VERSION
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy-amd64:$K8S_VERSION
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/etcd-amd64:$ETCD_VERSION
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:$COREDNS_VERSION
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:$PAUSE_VERSION

5 初始化(master)

192.168.200.10为master的内网ip, 需要替换为对应的ip

kubeadm init --apiserver-advertise-address=192.168.200.10 --ignore-preflight-errors=all  --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.11.3
mkdir -p $HOME/.kube
\cp -f /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

6 安装helm(master)

wget http://note.youdao.com/yws/public/resource/b58d28c992c7ca7bbedba7293a8645e3/xmlnote/8980D26EEF794B2DA709394BAC53F712/6554 -O helm-v2.11.0-linux-amd64.tar.gz
tar -zxf helm-v2.11.0-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin/
kubectl create serviceaccount --namespace kube-system tiller
kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
helm init --upgrade -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.11.0 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'

执行 kubectl get pods --watch动态查询安装的动态
,执行helm version不报错则正常安装

7 使用helm安装nginx-ingress

kubectl label node  k8s-dev-master node-role.kubernetes.io/edge=
helm repo update
kubectl taint nodes --all node-role.kubernetes.io/master-
helm install stable/nginx-ingress --set controller.hostNetwork=true,rbac.create=true 

8 使用helm安装kubernetes-dashboard

## 需要替换dashboard.potens.top为你自己对应的域名
$ cat kubernetes-dashboard.yaml
api:
  config:
    repos:
      - name: stable
        url: https://aliacs-app-catalog.oss-cn-hangzhou.aliyuncs.com/charts
        source: https://github.com/kubernetes/charts/tree/master/stable
      - name: incubator
        url: https://aliacs-app-catalog.oss-cn-hangzhou.aliyuncs.com/charts-incubator
        source: https://github.com/kubernetes/charts/tree/master/incubator
      - name: monocular
        url: https://kubernetes-helm.github.io/monocular
        source: https://github.com/kubernetes-helm/monocular/tree/master/charts
#Default values for kubernetes-dashboard
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value


replicaCount: 1

## Here labels can be added to the kubernetes dashboard deployment
##
labels: {}
# kubernetes.io/cluster-service: "true"
# kubernetes.io/name: "Kubernetes Dashboard"

## Additional container arguments
##
#extraArgs:
#  - --enable-insecure-login
#  - --system-banner="Welcome to Kubernetes"
#  - --port=8444 # By default, https uses 8443 so we move it away to something else
#  - --insecure-port=8443 # The chart has 8443 hard coded as a containerPort in the deployment spec so we must use this internally for the http service
#  - --insecure-bind-address=0.0.0.0

## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}

## List of node taints to tolerate (requires Kubernetes >= 1.6)
tolerations: []
#  - key: "key"
#    operator: "Equal|Exists"
#    value: "value"
#    effect: "NoSchedule|PreferNoSchedule|NoExecute"

service:
  type: ClusterIP
  externalPort: 443

  ## This allows an override of the heapster service name
  ## Default: {{ .Chart.Name }}
  ##
  # nameOverride:

  ## Kubernetes Dashboard Service annotations
  ##
  annotations: {}
  # foo.io/bar: "true"

  ## Here labels can be added to the Kubernetes Dashboard service
  ##
  labels: {}
  # kubernetes.io/name: "Kubernetes Dashboard"

resources:
  limits:
    cpu: 100m
    memory: 50Mi
  requests:
    cpu: 100m
    memory: 50Mi

ingress:
  ## If true, Kubernetes Dashboard Ingress will be created.
  ##
  enabled: true

  ## Kubernetes Dashboard Ingress annotations
  ##
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/secure-backends: "true"
    #nginx.ingress.kubernetes.io/configuration-snippet: |
    #  proxy_set_header "Host: 127.0.0.1";
    #kubernetes.io/tls-acme: 'true'

  ## Kubernetes Dashboard Ingress path
  ##
  path: /

  ## Kubernetes Dashboard Ingress hostnames
  ## Must be provided if Ingress is enabled
  ##
  hosts:
    - dashboard.potens.top

  ## Kubernetes Dashboard Ingress TLS configuration
  ## Secrets must be manually created in the namespace
  ##
  tls:
   - secretName: dashboard-imroc-io-tls
     hosts:
       - dashboard.potens.top

rbac:
  # Specifies whether RBAC resources should be created
  create: true

  # Specifies whether cluster-admin ClusterRole will be used for dashboard
  # ServiceAccount (NOT RECOMMENDED).
  clusterAdminRole: true

serviceAccount:
  # Specifies whether a service account should be created
  create: true
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name:
helm install stable/kubernetes-dashboard  -f kubernetes-dashboard.yaml

9 helm相关命令

helm ls # 查看安装的应用的状态
helm version # helm版本
helm delete ${name} # helm ls对应的NAME列

10 kubernetes相关命令

kubectl get pod --all-namespaces -o wide # 查看所有命名空间pod状态
kubectl taint nodes --all node-role.kubernetes.io/master-  # 默认情况下, master节点是不会调度pod, 也就是说, 只有一台主机的情况下, 我们无法启动pod, 但有的时候我们的确只有一台机器, 这个时候可以执行命令, 允许master调度pod
kubectl describe pod  --namespace=kube-system # 查看对应namespace下pod的状态
kubectl get pods --watch # 动态查看pod
kubectl delete pod left-wolf-mongodb-5bf7d78bf-jmt76  # 删除pod
kubeadm token create --print-join-command  # join连接找回
kubeadm reset  # 重置配置 
journalctl -f -u kubelet.server  # 

11 salve加入master

kubeadm token create --print-join-command master 执行命令找到加入连接,返回kubeadm join 192.168.133.132:6443 --token kxochq.woy512lwztjs6nwd --discovery-token-ca-cert-hash sha256:71b47dd144951f3891273e86a66ea6443ff0594cd2630f183bdb8893e42d3c1, 复制命令到salve执行

上一篇 下一篇

猜你喜欢

热点阅读