——网络环境
系统:CentOS-7.0
内核:3.10.0-514.el7.x86_64
centos-master 192.168.100.110
centos-minion 192.168.100.111
centos-minion 192.168.100.112
——基础环境配置
同步时间
# ntpdate cn.pool.ntp.org
关闭防火墙
# systemctl disable firewalld
# systemctl stop firewalld
关闭Selinux
# setenforce 0
修改主机名称
# hostnamectl set-hostname centos-master
# hostnamectl set-hostname centos-minion-1
# hostnamectl set-hostname centos-minion-2
添加主机解析
# cat >> /etc/hosts << EOF
192.168.100.110 centos-master
192.168.100.111 centos-minion-1
192.168.100.112 centos-minion-2
EOF
添加Kubernetes源
# cat < EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http:
//yum
.kubernetes.io
/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https:
//packages
.cloud.google.com
/yum/doc/yum-key
.gpg
https:
//packages
.cloud.google.com
/yum/doc/rpm-package-key
.gpg
EOF
——ETCD集群搭建配置
安装etcd服务
# yum -y install etcd
# cp /etc/etcd/etcd.conf /etc/etcd/etcd.conf.bak_$(date +%Y%m%d)
# vim /etc/etcd/etcd.conf
ETCD_NAME=etcd_node1
//
节点名称
ETCD_DATA_DIR=
"/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS=
"http://192.168.100.110:2380"
ETCD_LISTEN_CLIENT_URLS=
"http://192.168.100.110:2379,http://127.0.0.1:2379"
//
必须增加127.0.0.1否则启动会报错
ETCD_INITIAL_ADVERTISE_PEER_URLS=
"http://192.168.100.110:2380"
ETCD_INITIAL_CLUSTER=
"etcd_node1=http://192.168.100.110:2380,etcd_node2=http://192.168.100.111:2380"
//
集群IP地址
ETCD_INITIAL_CLUSTER_STATE=
"new"
ETCD_INITIAL_CLUSTER_TOKEN=
"etcd-cluster"
ETCD_ADVERTISE_CLIENT_URLS=
"http://192.168.100.110:2379"
# systemctl enable etcd.service
# systemctl start etcd.service && systemctl status etcd.service
验证etcd集群配置
# etcdctl cluster-health
member 7e218077496bccf9 is healthy: got healthy result from http:
//localhost
:2379
cluster is healthy
//
表示安装成功
——Kubernetes集群搭建配置
安装Kubernetes服务
# yum install docker kubelet kubeadm kubectl kubernetes-cni -y
启动kubelet和docker服务
# systemctl enable docker && systemctl restart docker && systemctl status docker
# systemctl enable kubelet.service && systemctl restart kubelet.service && systemctl status kubelet.service
初始化kubelet服务
# kubeadm init \
--api-advertise-addresses=192.168.100.110 \
--use-kubernetes-version v1.5.4 \
--pod-network-cidr 10.244.0.0
/16
\
--external-etcd-endpoints http:
//192
.168.100.110:2379
[kubeadm] WARNING: kubeadm is
in
alpha, please
do
not use it
for
production clusters.
[preflight] Running pre-flight checks
[preflight] WARNING: kubelet service is not enabled, please run
‘systemctl enable kubelet.service‘
[preflight] Starting the kubelet service
[init] Using Kubernetes version: v1.5.4
[tokens] Generated token:
"086fba.998d660409d17c93"
[certificates] Generated Certificate Authority key and certificate.
[certificates] Generated API Server key and certificate
[certificates] Generated Service Account signing keys
[certificates] Created keys and certificates
in
"/etc/kubernetes/pki"
[kubeconfig] Wrote KubeConfig
file
to disk:
"/etc/kubernetes/kubelet.conf"
[kubeconfig] Wrote KubeConfig
file
to disk:
"/etc/kubernetes/admin.conf"
[apiclient] Created API client, waiting
for
the control plane to become ready
[apiclient] All control plane components are healthy after 307.408362 seconds
[apiclient] Waiting
for
at least one node to register and become ready
[apiclient] First node is ready after 1.506007 seconds
[apiclient] Creating a
test
deployment
[apiclient] Test deployment succeeded
[token-discovery] Created the kube-discovery deployment, waiting
for
it to become ready
[token-discovery] kube-discovery is ready after 138.004510 seconds
[addons] Created essential addon: kube-proxy
[addons] Created essential addon: kube-dns
Your Kubernetes master has initialized successfully!
You should now deploy a pod network to the cluster.
Run
"kubectl apply -f [podnetwork].yaml"
with one of the options listed at:
http:
//kubernetes
.io
/docs/admin/addons/
You can now
join
any number of machines by running the following on each node:
kubeadm
join
--token=086fba.998d660409d17c93 192.168.100.110
检查Pod状态
# kube-dns 状态一直处于ContainerCreating是因为没有创建 Pod Network
# kubectl get pods -n kube-system
NAMESPACE NAME READY STATUS RESTARTS AGE kube-system dummy-2088944543-f98tb 1/1 Running 0 4m kube-system kube-apiserver-centos-master 1/1 Running 0 2m kube-system kube-controller-manager-centos-master 1/1 Running 0 3m kube-system kube-discovery-1769846148-lzn11 1/1 Running 0 4m kube-system kube-dns-2924299975-thhq4 0/4 ContainerCreating 0 4m kube-system kube-proxy-1mktc 1/1 Running 0 4m kube-system kube-scheduler-centos-master 1/1 Running 0 3m
安装flannel Pod网络
# 如果虚拟机用了两个网卡,这里需要指定一个网卡组成虚拟网络,因此在flannel运行命令后面加了参数--iface=eth0
# 修改前: command: [ "/opt/bin/flanneld", "--ip-masq", "--kube-subnet-mgr" ]
# 修改后内容: command: [ "/opt/bin/flanneld", "--ip-masq", "--kube-subnet-mgr", "--iface=eth0" ]
# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
# kubectl create -n kube-system -f kube-flannel.yml
# kubectl get pods -n kube-system
NAMESPACE NAME READY STATUS RESTARTS AGE kube-system dummy-2088944543-52s9x 1/1 Running 0 2m kube-system kube-apiserver-centos-master 1/1 Running 0 2m kube-system kube-controller-manager-centos-master 1/1 Running 0 2m kube-system kube-discovery-1769846148-r1z03 1/1 Running 0 2m kube-system kube-dns-2924299975-b6fb7 4/4 Running 0 2m kube-system kube-flannel-ds-xspmc 2/2 Running 0 1m kube-system kube-proxy-kz96k 1/1 Running 0 2m kube-system kube-scheduler-centos-master 1/1 Running 0 2m
将minion节点添加到集群
# kubeadm join --token=086fba.998d660409d17c93 192.168.100.110
[kubeadm] WARNING: kubeadm is
in
alpha, please
do
not use it
for
production clusters.
[preflight] Running pre-flight checks
[preflight] Starting the kubelet service
[tokens] Validating provided token
[discovery] Created cluster info discovery client, requesting info from
"http://192.168.100.110:9898/cluster-info/v1/?token-id=086fba"
[discovery] Cluster info object received, verifying signature using given token
[discovery] Cluster info signature and contents are valid, will use API endpoints [https:
//192
.168.100.110:6443]
[bootstrap] Trying to connect to endpoint https:
//192
.168.100.110:6443
[bootstrap] Detected server version: v1.5.4
[bootstrap] Successfully established connection with endpoint
"https://192.168.100.110:6443"
[csr] Created API client to obtain unique certificate
for
this node, generating keys and certificate signing request
[csr] Received signed certificate from the API server:
Issuer: CN=kubernetes | Subject: CN=system:node:centos-minion-1 | CA:
false
Not before: 2017-01-18 10:13:00 +0000 UTC Not After: 2018-01-18 10:13:00 +0000 UTC
[csr] Generating kubelet configuration
[kubeconfig] Wrote KubeConfig
file
to disk:
"/etc/kubernetes/kubelet.conf"
Node
join
complete:
* Certificate signing request sent to master and response
received.
* Kubelet informed of new secure connection details.
Run
‘kubectl get nodes‘
on the master to see this machine
join
.
检查node<->pod<->pod<->node网络
待补充......
安装Dashboard服务
# wget https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml
# kubectl create -f kubernetes-dashboard.yaml
# 查看dashboard外网访问端口,默认NodePort模式
# kubectl describe svc kubernetes-dashboard -n kube-system
访问Dashboard服务