[转帖]centos7 使用kubeadm 快速部署 kubernetes 国内源

centos7 使用kubeadm 快速部署 kubernetes 国内源

https://www.cnblogs.com/qingfeng2010/p/10540832.html

前言

搭建kubernetes时看文档以及资料走了很多弯路,so 整理了最后成功安装的过程已做记录。网上的搭建文章总是少一些步骤,想本人这样的小白总是部署不成功(^_^)。

准备两台或两台以上的虚拟机,系统centos7, 本文只准备了两个虚拟机(电脑风扇已转的飞起)。

多注意红色加粗的 代码以及文字 ------qingfeng

我开始整理这个文章的时候使用的是 kubernetes 1.13, 但是当我发布的时候阿里云的源已经更新到了 kubernetes 1.14 所以我想这个文章笔记对用kubeadm 安装 kubernetes 都会有帮助

过程中碰到的问题可以先查一下文章最后看看有没有碰到同样的问题

基础环境准备

两台机器信息

10.211.55.6   k8s-master

10.211.55.7   k8s-node

#设置hostname 的方法
hostnamectl set-hostname k8s-master  #在 10.211.55.6 上执行
hostnamectl set-hostname k8s-node    #在 10.211.55.7 上执行
hostnamectl --static #查看设置结果

所有操作无特殊说明都需要在所有节点(k8s-master 和 k8s-node)上执行

关闭防火墙 :: 如果不想启用防火墙,设置可以参考这里看一下kubernetes需要开放的端口 https://kubernetes.io/docs/setup/independent/install-kubeadm/#check-required-ports

systemctl stop firewalld.service
systemctl disable firewalld.serviceyum upgrade

关闭swap :: kubernetes1.8开始不关闭swap无法启动

#去掉 /etc/fstab 里面这一行 /dev/mapper/centos-swap swap                    swap    defaults        0 0
swapoff -a
cp /etc/fstab /etc/fstab_bak
cat /etc/fstab_bak |grep -v swap > /etc/fstab
cat /etc/fstab

修改iptables参数 :: RHEL / CentOS 7上的一些用户报告了由于iptables被绕过而导致流量路由不正确的问题。创建/etc/sysctl.d/k8s.conf文件,添加如下内容:

cat <<EOF >  /etc/sysctl.d/k8s.conf
vm.swappiness = 0
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

#使配置生效
modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf

加载ipvs模块

cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF

#这条命令有点长
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

安装docker :: 注意docker版本, 现在最高18.06版本做了验证

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum makecache fast
yum install -y --setopt=obsoletes=0 docker-ce-18.06.1.ce-3.el7
systemctl start docker
systemctl enable docker

#查看docker版本号
docker -v
Docker version 18.06.1-ce, build e68fc7a

用kubeadm 部署 kubernetes

安装kubeadm, kubelet  注意:: yum install 安装的时候一定要看一下kubernetes的版本号后面kubeadm init 的时候需要用到

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
exclude=kube*
EOF

#安装   注意::这里一定要看一下版本号,因为 Kubeadm init 的时候 填写的版本号不能低于kuberenete版本
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes#注 如果需要指定版本 用下面的命令   kubelet-<version>yum install kubelet-1.14.1 kubeadm-1.14.1 kubectl-1.14.1 --disableexcludes=kubernetes

#启动 kubelet
systemctl enable kubelet.service && systemctl start kubelet.service

启动kubelet.service之后 我们查看一下kubelet状态是未启动状态,查看原因发现是 “/var/lib/kubelet/config.yaml”文件不存在,这里可以暂时先不用处理,当kubeadm init 之后会创建此文件

#查看 kubelet 状态
[[email protected] ~]# systemctl status kubelet.service
● kubelet.service - kubelet: The Kubernetes Node Agent
   Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/kubelet.service.d
           └─10-kubeadm.conf
   Active: activating (auto-restart) (Result: exit-code) since 日 2019-03-31 16:18:55 CST; 7s ago
     Docs: https://kubernetes.io/docs/
  Process: 4564 ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS (code=exited, status=255)
 Main PID: 4564 (code=exited, status=255)

3月 31 16:18:55 k8s-node systemd[1]: Unit kubelet.service entered failed state.
3月 31 16:18:55 k8s-node systemd[1]: kubelet.service failed.
[[email protected] ~]#

#查看出错信息
[[email protected] ~]# journalctl -xefu kubelet
3月 31 16:19:46 k8s-node systemd[1]: kubelet.service holdoff time over, scheduling restart.
3月 31 16:19:46 k8s-node systemd[1]: Stopped kubelet: The Kubernetes Node Agent.
-- Subject: Unit kubelet.service has finished shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit kubelet.service has finished shutting down.
3月 31 16:19:46 k8s-node systemd[1]: Started kubelet: The Kubernetes Node Agent.
-- Subject: Unit kubelet.service has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit kubelet.service has finished starting up.
--
-- The start-up result is done.
3月 31 16:19:46 k8s-node kubelet[4611]: F0331 16:19:46.989588    4611 server.go:193] failed to load Kubelet config file /var/lib/kubelet/config.yaml, error failed to read kubelet config file "/var/lib/kubelet/config.yaml", error: open /var/lib/kubelet/config.yaml: no such file or directory
3月 31 16:19:46 k8s-node systemd[1]: kubelet.service: main process exited, code=exited, status=255/n/a
3月 31 16:19:46 k8s-node systemd[1]: Unit kubelet.service entered failed state.
3月 31 16:19:46 k8s-node systemd[1]: kubelet.service failed.

我们在 k8s-master上用kubeadm ini初始化kubernetes :: 注意::这里的kubernetes-version 一定要和上面安装的版本号一致 否则会报错,报错信息可以参考文章后面错误集锦

#只在 k8s-master上执行   node节点不执行
kubeadm init --apiserver-advertise-address=10.211.55.6 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.13.1 --pod-network-cidr=10.244.0.0/16

--apiserver-advertise-addres :: 填写 k8s-master ip

--image-repository :: 镜像地址

--kubernetes-version :: 关闭版本探测,因为它的默认值是stable-1,会从https://storage.googleapis.com/kubernetes-release/release/stable-1.txt下载最新的版本号,指定版本跳过网络请求,再次强调一定要和Kubernetes版本号一致

kubeadm init 初始化信息,  我们看一下初始化过程发现自动创建了 "/var/lib/kubelet/config.yaml" 这个文件

[init] Using Kubernetes version: v1.13.1
[preflight] Running pre-flight checks
    [WARNING Service-Kubelet]: kubelet service is not enabled, please run ‘systemctl enable kubelet.service‘
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using ‘kubeadm config images pull‘
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Activating the kubelet service
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [centos kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.211.55.6]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [centos localhost] and IPs [10.211.55.6 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [centos localhost] and IPs [10.211.55.6 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[apiclient] All control plane components are healthy after 19.507714 seconds
[uploadconfig] storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.13" in namespace kube-system with the configuration for the kubelets in the cluster
[patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "centos" as an annotation
[mark-control-plane] Marking the node centos as control-plane by adding the label "node-role.kubernetes.io/master=‘‘"
[mark-control-plane] Marking the node centos as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: sfaff2.iet15233unw5jzql
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstraptoken] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstraptoken] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstraptoken] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstraptoken] creating the "cluster-info" ConfigMap in the "kube-public" namespace
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

Your Kubernetes master has initialized successfully!

To start using your cluster, you need to run the following as a regular user:
  #======这里是用时再使用集群之前需要执行的操作------qingfeng
  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of machines by running the following on each node
as root:
  #=====这是增加节点的方法 token过期 请参考问题集锦------qingfeng
  kubeadm join 10.211.55.6:6443 --token sfaff2.iet15233unw5jzql --discovery-token-ca-cert-hash sha256:f798c5be53416ca3b5c7475ee0a4199eb26f9e31ee7106699729c0660a70f8d7

[[email protected] ~]#

初始化成功后会提示在使用之前需要再配置一下,配置方法已经给出,另外会生成一个临时token以及增加节点的方法

#普通用户要使用k8s 需要执行下面操作

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

#如果是root 可以直接执行
export KUBECONFIG=/etc/kubernetes/admin.conf

# 以上两个二选一即可,这里我是直接用的root 所以直接执行
export KUBECONFIG=/etc/kubernetes/admin.conf

现在我们查看一下 kubelet 的状态 已经是 running 状态 ,启动成功

[[email protected] ~]# systemctl status kubelet.service
● kubelet.service - kubelet: The Kubernetes Node Agent
   Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/kubelet.service.d
           └─10-kubeadm.conf
   Active: active (running) since 日 2019-03-31 16:11:57 CST; 26min ago
     Docs: https://kubernetes.io/docs/
 Main PID: 32083 (kubelet)
    Tasks: 16
   Memory: 39.6M
   CGroup: /system.slice/kubelet.service
           └─32083 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --cgroup-driver=systemd --network-plugin=cni --pod-infra-...

3月 31 16:38:28 k8s-master kubelet[32083]: W0331 16:38:28.028997   32083 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
3月 31 16:38:28 k8s-master kubelet[32083]: E0331 16:38:28.752039   32083 kubelet.go:2170] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not read...fig uninitialized
3月 31 16:38:33 k8s-master kubelet[32083]: W0331 16:38:33.029684   32083 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
3月 31 16:38:33 k8s-master kubelet[32083]: E0331 16:38:33.754045   32083 kubelet.go:2170] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not read...fig uninitialized
3月 31 16:38:38 k8s-master kubelet[32083]: W0331 16:38:38.030077   32083 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
3月 31 16:38:38 k8s-master kubelet[32083]: E0331 16:38:38.756061   32083 kubelet.go:2170] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not read...fig uninitialized
3月 31 16:38:43 k8s-master kubelet[32083]: W0331 16:38:43.030827   32083 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
3月 31 16:38:43 k8s-master kubelet[32083]: E0331 16:38:43.757292   32083 kubelet.go:2170] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not read...fig uninitialized
3月 31 16:38:48 k8s-master kubelet[32083]: W0331 16:38:48.031403   32083 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
3月 31 16:38:48 k8s-master kubelet[32083]: E0331 16:38:48.758876   32083 kubelet.go:2170] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not read...fig uninitialized
Hint: Some lines were ellipsized, use -l to show in full.

查看状态 ::确认每个 组件都是  Healthy 状态

[[email protected] ~]kubectl get cs
NAME                 STATUS    MESSAGE              ERROR
scheduler            Healthy   ok
controller-manager   Healthy   ok
etcd-0               Healthy   {"health": "true"}

查看node状态  da

[[email protected] ~]kubectl get node
NAME     STATUS     ROLES    AGE   VERSION
centos   NotReady   master   11m   v1.13.4

安装port Network( flannel )  :: k8s cluster 工作 必须安装pod网络,否则pod之间无法通信,k8s支持多种方案,这里选择flannel

[[email protected] ~]kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
podsecuritypolicy.extensions/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.extensions/kube-flannel-ds-amd64 created
daemonset.extensions/kube-flannel-ds-arm64 created
daemonset.extensions/kube-flannel-ds-arm created
daemonset.extensions/kube-flannel-ds-ppc64le created
daemonset.extensions/kube-flannel-ds-s390x created
[[email protected] ~]

检查pod状态,需要确保当前Pod 都是 running

[[email protected] ~]kubectl get pod --all-namespaces -o wide
NAMESPACE     NAME                             READY   STATUS    RESTARTS   AGE     IP            NODE     NOMINATED NODE   READINESS GATES
kube-system   coredns-78d4cf999f-6b5wq         1/1     Running   0          5h1m    10.244.0.2    centos   <none>           <none>
kube-system   coredns-78d4cf999f-clhkc         1/1     Running   0          5h1m    10.244.0.3    centos   <none>           <none>
kube-system   etcd-centos                      1/1     Running   0          5h      10.211.55.6   centos   <none>           <none>
kube-system   kube-apiserver-centos            1/1     Running   0          5h      10.211.55.6   centos   <none>           <none>
kube-system   kube-controller-manager-centos   1/1     Running   0          5h      10.211.55.6   centos   <none>           <none>
kube-system   kube-flannel-ds-amd64-lnp55      1/1     Running   0          3m41s   10.211.55.6   centos   <none>           <none>
kube-system   kube-proxy-xsnr8                 1/1     Running   0          5h1m    10.211.55.6   centos   <none>           <none>
kube-system   kube-scheduler-centos            1/1     Running   0          5h      10.211.55.6   centos   <none>           <none>
[[email protected] ~]

再次查看node状态; pod状态变为 Ready

[[email protected] ~]kubectl get nodes
NAME     STATUS   ROLES    AGE    VERSION
centos   Ready    master   5h2m   v1.13.4
[[email protected] ~]

至此k8s就安装完成了

安装完了赶快体验一下,写个简单的 deployment 测试一下

创建一个 nginx-deployment.yaml  内容如下

[[email protected] testnginx]# cat nginx-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: qf-test-nginx
  #namespace: qingfeng-deve
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: qingfenglian/test_nginx
        ports:
        - containerPort: 80

创建 svc, pod, 查看pod状态 发现到这里发现  pod 状态一直是 Pending

[[email protected] ~]# mkdir -p k8s/testnginx
[[email protected] ~]# cd k8s/testnginx/
[[email protected] testnginx]# vim nginx-deployment.yaml
[[email protected] testnginx]# vim nginx-deployment.yaml
[[email protected] testnginx]# kubectl create -f nginx-deployment.yaml
deployment.extensions/qf-test-nginx created
[[email protected] testnginx]# kubectl get svc,pod
NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
service/kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   19m

NAME                                 READY   STATUS    RESTARTS   AGE
pod/qf-test-nginx-56db997f77-gkvcz   0/1     Pending   0          8s

原因是:k8s-master 这台机器不允许创建pod ,想要在k8s-master上创建pod ,实现k8s单点部署可以执行下面操作

#先查看一下 k8s-master这台机器是否允许创建Pod,发现是 NoSchedule
[[email protected] testnginx]# kubectl describe node k8s-master | grep Taint
Taints:             node-role.kubernetes.io/master:NoSchedule

#现在允许 k8s-master创建 pod
[[email protected] testnginx]# kubectl taint nodes k8s-master node-role.kubernetes.io/master-
node/k8s-master untainted

#我们再来查看一下是否允许创建pod
[[email protected] testnginx]# kubectl describe node k8s-master | grep Taint
Taints:             <none>

########--------------分割线------------#########
#可能有的小伙伴测试完成后还想恢复到 k8s-master上禁止创建Pod,可以执行下面操作
kubectl taint nodes k8s-master node-role.kubernetes.io/master=:NoSchedule

当允许k8s-master允许创建pod 之后,我们再来看一下pod状态

[[email protected] testnginx]# kubectl describe node k8s-master | grep Taint
Taints:             node-role.kubernetes.io/master:NoSchedule
[[email protected] testnginx]# kubectl taint nodes k8s-master node-role.kubernetes.io/master-
node/k8s-master untainted
[[email protected] testnginx]# kubectl describe node k8s-master | grep Taint
Taints:             <none>
[[email protected] testnginx]# kubectl get pod
NAME                             READY   STATUS    RESTARTS   AGE
qf-test-nginx-56db997f77-gkvcz   1/1     Running   0          8m50s    ----------------这里可以发现pod 已经启动

增加node节点

执行 kubeadm join

[[email protected] ~]# kubeadm join 10.211.55.6:6443 --token uf2c4g.n7ibf1g8gxbkqz2z >     --discovery-token-ca-cert-hash sha256:f01892c96cee8d02c373e34bed3a45c8f3f9888fdd19767e706ec09e8fb9c893
[preflight] Running pre-flight checks
    [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
    [WARNING Hostname]: hostname "k8s-node" could not be reached
    [WARNING Hostname]: hostname "k8s-node": lookup k8s-node on 10.211.55.1:53: no such host
    [WARNING Service-Kubelet]: kubelet service is not enabled, please run ‘systemctl enable kubelet.service‘
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with ‘kubectl -n kube-system get cm kubeadm-config -oyaml‘
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.14" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Activating the kubelet service
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run ‘kubectl get nodes‘ on the control-plane to see this node join the cluster.

现在可以 用 kubectl get node 查看 有多少节点了  , 如果想在node节点上使用kubectl 命令需要把 k8s-master 上 /etc/kubernetes/admin.conf 文件copy到几点机器上并使用 export KUBECONFIG=/etc/kubernetes/admin.conf, 这个在初始化的时候已经提到,, 可以用scp 命令拷贝

[[email protected] testnginx]# kubectl get node
NAME         STATUS     ROLES    AGE     VERSION
k8s-master   Ready      master   37m     v1.14.0
k8s-node     NotReady   <none>   2m55s   v1.14.0

copy admin.conf 到 节点机器:: 在节点机器上执行下面命令

[[email protected] ~]# kubectl get node                -------------节点 使用kubectl
The connection to the server localhost:8080 was refused - did you specify the right host or port? ----这是报错
[[email protected] ~]# scp [email protected]:/etc/kubernetes/admin.conf /etc/kubernetes/admin.conf    -----从k8s-master 把admin.conf文件copy到当前节点机器上
The authenticity of host ‘10.211.55.6 (10.211.55.6)‘ can‘t be established.
ECDSA key fingerprint is SHA256:ijx7s49ok7H8PMRY0tVKn7Be06G0OjArv/DpCNtHoIw.
ECDSA key fingerprint is MD5:89:68:de:2f:fe:ca:3f:26:e2:28:30:87:2b:21:e9:3d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘10.211.55.6‘ (ECDSA) to the list of known hosts.
[email protected]‘s password:
admin.conf                                                                                           100% 5451     5.4MB/s   00:00
[[email protected] ~]# export KUBECONFIG=/etc/kubernetes/admin.conf      --------导入
[[email protected] ~]# kubectl get node    ------------再次使用kubectl 查看 node
NAME         STATUS   ROLES    AGE     VERSION
k8s-master   Ready    master   43m     v1.14.0
k8s-node     Ready    <none>   8m15s   v1.14.0

删除node

删除节点之后,节点想再次加入到集群中 需要先执行  kubeadm reset , 之后再执行 kubeadm join

[[email protected] testnginx]# kubectl delete node k8s-node    ---k8s-node节点名称,当然不只这一种删除pod的方法,我这里不一一列出了

增加节点时token过期,重新生成token的方法, 直接上命令了

[[email protected] testnginx]# kubeadm token list
TOKEN                     TTL       EXPIRES                     USAGES                   DESCRIPTION                                                EXTRA GROUPS
uf2c4g.n7ibf1g8gxbkqz2z   23h       2019-04-03T15:28:40+08:00   authentication,signing   The default bootstrap token generated by ‘kubeadm init‘.   system:bootstrappers:kubeadm:default-node-token
[[email protected] testnginx]# kubeadm token create
w0r09e.e5olwz1rlhwvgo9p
[[email protected] testnginx]# kubeadm token list
TOKEN                     TTL       EXPIRES                     USAGES                   DESCRIPTION                                                EXTRA GROUPS
uf2c4g.n7ibf1g8gxbkqz2z   23h       2019-04-03T15:28:40+08:00   authentication,signing   The default bootstrap token generated by ‘kubeadm init‘.   system:bootstrappers:kubeadm:default-node-token
w0r09e.e5olwz1rlhwvgo9p   23h       2019-04-03T16:19:56+08:00   authentication,signing   <none>                                                     system:bootstrappers:kubeadm:default-node-token
[[email protected] testnginx]#

由于我们允许k8s-master创建pod ,so现在我们有两个节点了,我们把刚才的 nginx-deployment.yaml 中pod个数改成2 看看结果

#nginx-deployment 修改之后的内容,,其实 只改了 spec.replicas 由1改成 2
[[email protected] testnginx]# cat nginx-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: qf-test-nginx
  #namespace: qingfeng-deve
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: qingfenglian/test_nginx
        ports:
        - containerPort: 80

#重新部署
[[email protected] testnginx]# kubectl apply -f nginx-deployment.yaml
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
deployment.extensions/qf-test-nginx configured

#查看pod 状态 发现已经是2个pod的,但是一个还没起来,稍等一下
[[email protected] testnginx]# kubectl get pod -o wide
NAME                             READY   STATUS              RESTARTS   AGE   IP           NODE         NOMINATED NODE   READINESS GATES
qf-test-nginx-56db997f77-gkvcz   1/1     Running             0          35m   10.244.0.6   k8s-master   <none>           <none>
qf-test-nginx-56db997f77-tx4wk   0/1     ContainerCreating   0          12s   <none>       k8s-node     <none>           <none>

#这里再看 两个Pod都已经启动成功,,注意看 NODE 列 发现是在不同的NODE上面
[[email protected] testnginx]# kubectl get pod -o wide
NAME                             READY   STATUS    RESTARTS   AGE    IP           NODE         NOMINATED NODE   READINESS GATES
qf-test-nginx-56db997f77-gkvcz   1/1     Running   0          37m    10.244.0.6   k8s-master   <none>           <none>
qf-test-nginx-56db997f77-tx4wk   1/1     Running   0          107s   10.244.3.2   k8s-node     <none>           <none>
[[email protected] testnginx]#

好了,这次记录就到此结束了。

遇到的问题

问题1:kubernetes源的问题

描述:开始是想通过命令行代理的方式解决源的问题,再实际使用中发现在 kubeadm init 的时候会报找不到 k8s-master主机

解决:用aliyum的原

问题2:k8s启动不成功之 docker版本问题

解决:写这篇文章的时候k8s对docker验证最高到 18.06,但此时docker版本已经到了18.09,开始本着测试体验最新版本结果...

其他错误

报错 kubectl get pod  提示 ::The connection to the server localhost:8080 was refused - did you specify the right host or port?

解决: 将主节点(master节点)中的【/etc/kubernetes/admin.conf】文件拷贝到从节点相同目录下

报错:the kubelet version is higher than the control plane version. This is not a supported version skew and may lead to a malfunctional cluster. Kubelet version: "1.14.0" Control plane version: "1.13.1

解决:注意安装过程中红色字体部分,已经提示在kubeadm init 初始化的时候kubernetes的版本

报错: [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/

解决:

[[email protected] ~]# docker info
Containers: 17
 Running: 16
 Paused: 0
 Stopped: 1
Images: 8
Server Version: 18.06.1-ce
Storage Driver: overlay2
 Backing Filesystem: xfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: systemd      ######------主要看这里,没有修改之前应该是 cgroup

#修改 docker文件驱动, 修改保存后 重新启动 docker  , docker重新启动方法(systemctl restart docker)

#修改或者创建
vim /etc/docker/daemon.json

#添加如下内容 --这行就不要添加了这只是个注释(^_^)------qingfeng

{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

阿里云专有网络etcd启动失败

如果是阿里云专有网络的ecs  apiserver-advertise-address的地址应该是私有ip地址。

官方文档:
https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/

https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init/

域名访问服务请参考 ::  kubernetes + istio进行流量管理

k8s使用中我遇到的问题之后会整理到这里 kubernetes 常见问题整理

原文地址:https://www.cnblogs.com/jinanxiaolaohu/p/12039553.html

时间: 2024-10-25 05:15:41

[转帖]centos7 使用kubeadm 快速部署 kubernetes 国内源的相关文章

使用kubeadm快速部署Kubernetes(v1.12.1)集群---来源:马哥教育马哥原创

使用kubeadm快速部署Kubernetes(v1.12.1)集群------来源:马哥教育马哥原创 Kubernetes技术已经成为了原生云技术的事实标准,它是目前基础软件领域最为热门的分布式调度和管理平台.于是,Kubernetes也几乎成了时下开发工程师和运维工程师必备的技能之一. 一.主机环境预设 1.测试环境说明 测试使用的Kubernetes集群可由一个master主机及一个以上(建议至少两个)node主机组成,这些主机可以是物理服务器,也可以运行于vmware.virtualbo

centos7基于kubeadm安装部署Kubernetes (1.15.2)集群

一.什么是 Kubernetes Kubernetes 是 Google (谷歌内部:Borg)开源的容器集群管理系统,其提供应用部署.维护. 扩展机制等功能,利用 Kubernetes 能方便地管理跨机器运行容器化的应用,可以实现容器集群的自动化部署.自动扩缩容.维护等功能.它既是一款容器编排工具,也是全新的基于容器技术的分布式架构领先方案. 二. Kubernetes架构和组件 K8S集群中有管理节点与工作节点两种类型. 1)架构 k8s集群的管理节点,负责管理集群,提供集群的资源数据访问入

2、kubeadm快速部署kubernetes(v1.15.0)集群190623

一.网络规划 节点网络:192.168.100.0/24 Service网络:10.96.0.0/12 Pod网络(默认):10.244.0.0/16 二.组件分布及节点规划 master(192.168.100.51): API Server/ etcd/ controller-manager/ sheduler node(192.168.100.61,62, ...):kube-proxy/ kubelet/ docker/ flannel 三.基础环境 Kernel 3.10+ or 4+

Shell脚本快速部署Kubernetes集群系统

本文紧跟上节所讲的手动部署Kubernetes管理Docker篇所写,本篇主要内容利用Shell脚本完成快速部署Kubernetes集群.上节博文看过的朋友也能感觉到部署过程相对比较简单,那么,出于简化工作流程,推进运维自动化角度来说,于是花了2/3天时间写这个部署Kubernetes脚本. 运维工作中,常常会遇到部署各种各样的服务,建议:常规部署都应该尽量使用脚本完成,一方面提高自身脚本编写能力,另一方面推进运维自动化. 详细部署说明文档:http://lizhenliang.blog.51c

使用Rancher的RKE快速部署Kubernetes集群

简要说明: 本文共涉及3台Ubuntu机器,1台RKE部署机器(192.168.3.161),2台Kubernetes集群机器(3.162和3.163). 先在Windows机器上,将rke_linux-amd64从github上下载下来,重新命名为rke ,编辑好cluster.yml集群部署文件,使用putty提供的pscp命令,将文件上传到3.161机器上.在3.161机器上,执行rke命令,将集群部署到3.162和3.163机器上. 只要环境配置正确,部署非常快,整个集群5分钟搞定. 准

docker/kubernetes国内源/镜像源解决方式

最近在使用kubeadm时,被各种连接不上搞到崩溃.费了很多力气,基本都解决了.这里统一整理了国内的一些镜像源,apt源,kubeadm源等,以便查阅. 国内镜像源 Azure China提供了目前用过的质量最好的镜像源.无论是速度还是覆盖范围.而且都支持匿名拉取,也就是不需要登录.这点特别友好. 这里,我开发了一个小的脚本azk8spull,这个脚本可以自动根据镜像名称进行解析,转换为azure的mirror镜像源域名.并进行拉取.拉取完成后会自动进行tag重命名为原本的镜像名.该脚本已经开源

Centos7.7使用kubeadm快速部署K8s集群(适合新手)

部署环境: 以下实验都是在VM虚拟机中进行部署的,仅供个人学习测试,不建议直接上生产环境. PS:其中,master的CPU核数至少需要2核,还没有测试过1G内存是否可以正常安装 节点 系统 CPU核数 内存 磁盘 IP k8s-master Centos7.7minimal 2核 2G 20G 192.168.2.130 k8s-node01 Centos7.7minimal 1核 1G 20G 192.168.2.134 k8s-node02 Centos7.7minimal 1核 1G 2

使用 Kubeadm 安装部署 Kubernetes 1.12.1 集群

手工搭建 Kubernetes 集群是一件很繁琐的事情,所以就产生了很多辅助性安装工具,如 Kubeadm ,Kubespray,RKE 等组件,我最终选择了官方的 Kubeadm 主要是不同的 Kubernetes 版本都有一些差异,Kubeadm 更新与支持的会好一些. Kubeadm 是 Kubernetes 官方提供的快速安装和初始化 Kubernetes 集群的工具,目前的还处于孵化开发状态,伴随 Kubernetes 每个版本的发布都会同步更新,伴随着 Kubernetes 每次版本

快速部署kubernetes单master集群-学习使用

五.ubuntu16/Centos7上部署安装k8s1.9(二进制包) 5.1 主机节点规划 角色 主机名 主机ip 组件 etcd etcd 192.168.0.106 etcd master kube-master 192.168.0.107 kube-apiserver,kube-controller-manager,kube-scheduler node1 kube-node1 192.168.0.108 kubelet,kube-proxy,docker node2 kube-node