Install kubernetes

2台机器，1台为Master，1台为Node

修改Host Master为dmaster,Node为dslave

安装K8s and Etcd

yum install etcd

yum install kubernetes 

Node机器只需要

yum install kubernetes 

安装k8s会自动安装docker，目前版本是1.8

配置K8s

vim /etc/etcd/etcd.conf

修改Master机器K8s配置

1. apiserver配置

vim /etc/kubernetes/apiserver

###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#

# The address on the local server to listen to.
KUBE_API_ADDRESS="--address=0.0.0.0"

# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"

# Port minions listen on
KUBELET_PORT="--kubelet_port=10250"

# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd_servers=http://127.0.0.1:4001"

# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

# default admission control policies
KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

# Add your own!
KUBE_API_ARGS="--secure-port=0"

2.K8s配置

vim /etc/kubernetes/config

# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
#   kube-apiserver.service
#   kube-controller-manager.service
#   kube-scheduler.service
#   kubelet.service
#   kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"

# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"

# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow_privileged=false"

# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://dmaster:8080"
KUBE_ETCD_SERVERS="--etcd-servers=http://dmaster:4001"

3.启动服务

systemctl enable kube-apiserver kube-controller-manager kube-scheduler

systemctl restart kube-apiserver kube-controller-manager kube-scheduler

systemctl status kube-apiserver kube-controller-manager kube-scheduler

修改Node机器配置

1. K8s配置

vim /etc/kubernetes/kubelet

# kubernetes kubelet (minion) config

# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=127.0.0.1"

# The port for the info server to serve on
KUBELET_PORT="--port=10250"

# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname_override=dslave"

# location of the api-server
KUBELET_API_SERVER="--api_servers=http://dmaster:8080"

# Add your own!
KUBELET_ARGS=""

2. 启动服务

systemctl enable kube-proxy kubeletdocker

systemctl restart kube-proxy kubeletdocker

systemctl status kube-proxy kubeletdocker

新增Pod

[[email protected]192 k8s]# kubectl get nodes
NAME      LABELS                          STATUS
dslave    kubernetes.io/hostname=dslave   Ready

2. 新建Pod资源文件

apiVersion: v1
kind: Pod
metadata:
  name: mysql
  labels:
    name: mysql
spec:
  containers:
    - resources:
        limits :
          cpu: 0.5
      image: mysql
      name: mysql
      env:
        - name: MYSQL_ROOT_PASSWORD
          # change this
          value: rootpwd
      ports:
        - containerPort: 3306
          name: mysql
      volumeMounts:
          # name must match the volume name below
        - name: mysql-persistent-storage
          # mount path within the container
          mountPath: /var/lib/mysql
  volumes:
    - name: mysql-persistent-storage
      cinder:
        volumeID: bd82f7e2-wece-4c01-a505-4acf60b07f4a
        fsType: ext4

3. 导入资源

kubectl create -f mysql.yaml

4. 查看资源状态

[[email protected]192 k8s]# kubectl get pods
NAME      READY     STATUS    RESTARTS   AGE
mysql     1/1       Running   0          1h

这里已经部署在运行了，所以是Running。Status开始是Ready。

5. 查看日志

Master机器日志

tail -f /var/log/messages |grepkube

Dec 11 09:54:11 192 kube-scheduler: I1211 09:54:11.380994   20445 event.go:203] Event(api.ObjectReference{Kind:"Pod", Namespace:"default", Name:"mysql", UID:"2f192467-a030-11e5-8a55-000c298cfaa1", APIVersion:"v1", ResourceVersion:"3522", FieldPath:""}): reason: ‘scheduled‘ Successfully assigned mysql to dslave

在部署Pod时，在Node机器日志中报错

Dec 11 09:30:22 dslave kubelet: E1211 09:30:22.745867   99650 manager.go:1557] Failed to create pod infra container: image pull failed for gcr.io/google_containers/pause:0.8.0, this may be because there are no credentials on this request.  details: (Network timed out while trying to connect to http://gcr.io/v1/repositories/google_containers/pause/images. You may want to check your internet connection or if you are behind a proxy.); Skipping pod "mysql_default"
Dec 11 09:30:22 dslave kubelet: E1211 09:30:22.955470   99650 pod_workers.go:111] Error syncing pod bcbb3b8a-a02a-11e5-8a55-000c298cfaa1, skipping: image pull failed for gcr.io/google_containers/pause:0.8.0, this may be because there are no credentials on this request.  details: (Network timed out while trying to connect to http://gcr.io/v1/repositories/google_containers/pause/images. You may want to check your internet connection or if you are behind a proxy.)

Google被墙了，下载资源包到本地

http://www.sunmite.com/linux/installing-kubernetes-cluster-on-centos7-to-manage-pods-and-services/attachment/pause-0-8-0/

在Node节点导入

docker load --input pause-0.8.0.tar

这是一个容器，负责Pod内部的网络

还有一个问题是权限的问题

no API token found for service account default/default, retry after the token is automatically created and added to the service account

这样即可解决

#vim /etc/kubernetes/apiserver
KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"

#systemctl restart kube-apiserver.service