搞了,两三天才算部署成功,看了很多人的文章,本身对这些东西也不懂,就是搭建起来看看是个啥玩意,想用的时候怎么用。
在自己的笔记本上搭建了3台虚拟机,前期已经准备好了 centos和docker
三台虚拟主机分别为
192.168.160.130
192.168.160.132
192.168.160.133
安装docker
所有节点都需要安装docker
1. 安装依赖包
yum install -y yum-utils device-mapper-persistent-data lvm2
2. 设置docker镜像源
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
3.安装docker ce
yum list docker-ce --showduplicates | sort -r #查询ce版本
yum install -y docker-ce docker-ce-cli containerd.io #安装最新版本
4.启动docker
systemctl start docker && systemctl enable docker
5.命令补全
yum -y install bash-completion #安装bash-completion
source /etc/profile.d/bash_completion.sh #加载bash-completion
6 配置镜像加速器
vim /etc/daemon.json
{
"registry-mirrors": ["https://v16stybc.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
7 重新加载daemon
systemctl daemon-reload && systemctl restart docker
新增kubernetes
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
更新缓存
yum clean all && yum -y makecache
Master节点安装
版本查看
yum list kubelet --showduplicates | sort -r
安装kubelet、kubeadm和kubectl
yum install -y kubelet-1.14.2 kubeadm-1.14.2 kubectl-1.14.2
启动kubelet 启动kubelet并设置开机启动
systemctl enable kubelet && systemctl start kubelet
kubelet命令补全
echo "source <(kubectl completion bash)" >> ~/.bash_profile
source .bash_profile
镜像下载的脚本
more image.sh
#!/bin/bash
url=registry.cn-hangzhou.aliyuncs.com/google_containers
version=v1.14.2
images=(`kubeadm config images list --kubernetes-version=$version|awk -F '/' '{print $2}'`)
for imagename in ${images[@]} ; do
docker pull $url/$imagename
docker tag $url/$imagename k8s.gcr.io/$imagename
docker rmi -f $url/$imagename
done
初始化Master
apiserver-advertise-address(master主机ip)
pod-network-cidr (docker network inspect bridge)
kubeadm init --apiserver-advertise-address 192.168.160.130 --pod-network-cidr=172.17.0.0/16
apiserver-advertise-address指定master的interface,pod-network-cidr指定Pod网络的范围
初始化成功后执行
mkdir -p $HOME/.kube cp -i /etc/kubernetes/admin.conf $HOME/.kube/config chown $(id -u):$(id -g) $HOME/.kube/config
安装calico(在master节点上操作)
Calico官网:https://docs.projectcalico.org/v3.6/getting-started/kubernetes/
kubectl apply -f \ https://docs.projectcalico.org/v3.5/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
Node节点安装
版本查看
yum list kubelet --showduplicates | sort -r
安装kubelet、kubeadm和kubectl
yum install -y kubelet-1.14.2 kubeadm-1.14.2 kubectl-1.14.2
启动kubelet 启动kubelet并设置开机启动
systemctl enable kubelet && systemctl start kubelet
kubelet命令补全
echo "source <(kubectl completion bash)" >> ~/.bash_profile
source .bash_profile
镜像下载的脚本
more image.sh
#!/bin/bash
url=registry.cn-hangzhou.aliyuncs.com/google_containers
version=v1.14.2
images=(`kubeadm config images list --kubernetes-version=$version|awk -F '/' '{print $2}'`)
for imagename in ${images[@]} ; do
docker pull $url/$imagename
docker tag $url/$imagename k8s.gcr.io/$imagename
docker rmi -f $url/$imagename
done
加入集群
以下操作master上执行
查看令牌
kubeadm token list
生成新的令牌
kubeadm token create
生成新的加密串
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \ openssl dgst -sha256 -hex | sed 's/^.* //'
node节点加入集群
在node节点上分别执行如下操作:
kubeadm join 192.168.160.130:6443 --token z87rtz.aeo6yb0q5vql4jfz --discovery-token-ca-cert-hash sha256:6a9b7fd28121101bf041785d57b8ebd3ee7cf985615d14c5b36c7aff83ec6f50
Dashboard安装
下载yaml
wget https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended/kubernetes-dashboard.yaml (404了)
wget http://mirror.faasx.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml 地址我用的这个
配置yaml
修改镜像地址
sed -i 's/k8s.gcr.io/registry.cn-hangzhou.aliyuncs.com\/kuberneters/g' kubernetes-dashboard.yaml
由于默认的镜像仓库网络访问不通,故改成阿里镜像
外网访问
sed -i '/targetPort:/a\ \ \ \ \ \ nodePort: 30001\n\ \ type: NodePort' kubernetes-dashboard.yaml
配置NodePort,外部通过https://NodeIp:NodePort 访问Dashboard,此时端口为30001
新增管理员帐号
cat >> kubernetes-dashboard.yaml << EOF --- # ------------------- dashboard-admin ------------------- # apiVersion: v1 kind: ServiceAccount metadata: name: dashboard-admin namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: dashboard-admin subjects: - kind: ServiceAccount name: dashboard-admin namespace: kube-system roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin EOF ######这步没有成功 我直接把以下的代码拷贝到文件中了 --- # ------------------- dashboard-admin ------------------- # apiVersion: v1 kind: ServiceAccount metadata: name: dashboard-admin namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: dashboard-admin subjects: - kind: ServiceAccount name: dashboard-admin namespace: kube-system roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin
创建超级管理员的账号用于登录Dashboard
部署访问
部署Dashboard
kubectl apply -f kubernetes-dashboard.yaml
状态查看
kubectl get deployment kubernetes-dashboard -n kube-system kubectl get pods -n kube-system -o wide kubectl get services -n kube-system
我遇到了coredns 一直pending的问题所以改用了安装Calico得已解决 没有使用安装pod网络(使用pod一直是pending不知道为什么)
令牌查看
kubectl describe secrets -n kube-system dashboard-admin
生成的令牌访问k8s可视化站点的时候要用
看了很多人的文章都说是访问主机的ip加端口号
但是我的一直访问不到,查询后得到了解决方案
在master部署的dashboard访问的ip地址竟然是node的。。。不明白为什么
安装dashboard 过程还遇到了 ImagePullBackOff
这里查询后是把dashboard image先拉取到本地解决的
搞了两,三天总算搞起来了 个人留存参考地址:https://blog.51cto.com/3241766/2405624https://www.cnblogs.com/ding2016/p/10784620.html