CentOS上部署安装K8s v1.6.4
[TOC]
github地址:
-
kubernetes: https://github.com/kubernetes/kubernetes/releases
-
docker: https://docs.docker.com/engine/installation/linux/centos/
部署环境
1. 准备工作
a. 升级内核到最新
1. - rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
2. - yum install -y http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
3. - yum --enablerepo=elrepo-kernel install -y kernel-ml
4. - awk -F\' '$1=="menuentry " {print $2}' /etc/grub2.cfg
5. - 默认启动的顺序是从0开始,但我们新内核是从头插入(目前位置在0,而3.10的是在1),所以需要选择0,如果想生效最新的内核,需要 :grub2-set-default 0
b. 关闭selinux及防火墙
1. sed -i s'/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
2. systemctl disable firewalld; systemctl stop firewalld
3. 重启服务器
2. Master 部署
部署etcd
1. tar zxvf etcd-v3.2.1-linux-amd64.tar.gz -C /usr/local/
2. mv /usr/local/etcd-v3.1.0-linux-amd64/ /usr/local/etcd
3. ln -s /usr/local/etcd/etcd /usr/local/bin/etcd
4. ln -s /usr/local/etcd/etcdctl /usr/local/bin/etcdctl
5. 设置systemd服务文件 vi /usr/lib/systemd/system/etcd.service
设置systemd服务文件
vi /usr/lib/systemd/system/etcd.service
[Unit]
Description=Eted Server
After=network.target
[Service]
WorkingDirectory=/data/etcd/
EnvironmentFile=-/etc/etcd/etcd.conf
ExecStart=/usr/local/bin/etcd
Type=notify
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
其中WorkingDirector表示etcd数据保存的目录,需要在启动etcd服务之前进行创建
etcd单点默认配置
cat /etc/etcd/etcd.conf
ETCD_NAME=k8s1
ETCD_DATA_DIR="/data/etcd"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://0.0.0.0:2379"
etcd服务启动
systemctl daemon-reload
systemctl enable etcd.service
systemctl start etcd.service
etcd服务检查
[root@vm227224 ~]# etcdctl cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://0.0.0.0:2379
cluster is healthy
[root@vm227224 ~]# etcdctl member list
8e9e05c52164694d: name=k8s1 peerURLs=http://localhost:2380 clientURLs=http://0.0.0.0:2379 isLeader=true
部署kube-apiserver服务
安装kube-apiserver
[root@vm227224 ~]# tar zxvf kubernetes.tar.gz -C /usr/local/
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-apiserver /usr/local/bin/kube-apiserver
其他服务顺便做下软链接
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/hyperkube /usr/local/bin/hyperkube
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kubeadm /usr/local/bin/kubeadm
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-controller-manager /usr/local/bin/kube-controller-manager
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kubectl /usr/local/bin/kubectl
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-discovery /usr/local/bin/kube-discovery
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-dns /usr/local/bin/kube-dns
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kubefed /usr/local/bin/kubefed
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kubelet /usr/local/bin/kubelet
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-proxy /usr/local/bin/kube-proxy
[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-scheduler /usr/local/bin/kube-scheduler
配置kubernetes system config
[root@vm227224 pkg]# cat /etc/kubernetes/config
KUBE_LOGTOSTDERR="--logtostderr=false"
KUBE_LOG_DIR="--log-dir=/data/logs/kubernetes"
KUBE_LOG_LEVEL="--v=2"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://10.210.227.224:8080"
设置systemd服务文件
[root@vm227224 pkg]# cat /usr/lib/systemd/system/kube-apiserver.service
[Unit]
Description=Kubernetes API Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=network.target
After=etcd.service
[Service]
EnvironmentFile=-/etc/kubernetes/config
EnvironmentFile=-/etc/kubernetes/apiserver
ExecStart=/usr/local/bin/kube-apiserver \
$KUBE_LOGTOSTDERR \
$KUBE_LOG_LEVEL \
$KUBE_ETCD_SERVERS \
$KUBE_API_ADDRESS \
$KUBE_API_PORT \
$KUBELET_PORT \
$KUBE_ALLOW_PRIV \
$KUBE_SERVICE_ADDRESSES \
$KUBE_ADMISSION_CONTROL \
$KUBE_API_ARGS
Restart=on-failure
Type=notify
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
配置kuber-apiserver启动参数
[root@vm227224 pkg]# cat /etc/kubernetes/apiserver
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_ETCD_SERVERS="--etcd-servers=http://10.210.227.224:2379"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
KUBE_API_ARGS=""
KUBE_MASTER="–master=http://10.210.227.224:8080"
启动kube-api-servers服务
[root@vm227224 ~]# systemctl daemon-reload
[root@vm227224 ~]# systemctl enable kube-apiserver.service
[root@vm227224 ~]# systemctl start kube-apiserver.service
[root@vm227224 ~]# systemctl status kube-apiserver.service
验证服务
浏览器输入 http://10.210.227.224:8080/ 查看
部署kube-controller-manager服务
[root@vm227224 pkg]# cat /usr/lib/systemd/system/kube-controller-manager.service
[Unit]
Description=Kubernetes Controller Manager
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=kube-apiserver.service
Requires=kube-apiserver.service
[Service]
EnvironmentFile=-/etc/kubernetes/config
EnvironmentFile=-/etc/kubernetes/controller-manager
ExecStart=/usr/local/bin/kube-controller-manager \
$KUBE_LOGTOSTDERR \
$KUBE_LOG_LEVEL \
$KUBE_LOG_DIR \
$KUBE_MASTER \
$KUBE_CONTROLLER_MANAGER_ARGS
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
配置kube-controller-manager启动参数
[root@vm227224 pkg]# cat /etc/kubernetes/controller-manager
KUBE_CONTROLLER_MANAGER_ARGS=""
启动kube-controller-manager服务
[root@vm227224 ~]# systemctl daemon-reload
[root@vm227224 ~]# systemctl enable kube-controller-manager
[root@vm227224 ~]# systemctl start kube-controller-manager
[root@vm227224 ~]# systemctl status kube-controller-manager
部署kube-scheduler服务
[root@vm227224 pkg]# cat /usr/lib/systemd/system/kube-scheduler.service
[Unit]
Description=Kubernetes Scheduler Plugin
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=kube-apiserver.service
Requires=kube-apiserver.service
[Service]
EnvironmentFile=-/etc/kubernetes/config
EnvironmentFile=-/etc/kubernetes/scheduler
ExecStart=/usr/local/bin/kube-scheduler \
$KUBE_LOGTOSTDERR \
$KUBE_LOG_LEVEL \
$KUBE_LOG_DIR \
$KUBE_MASTER \
$KUBE_SCHEDULER_ARGS
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
配置kube-schedulerr启动参数
[root@k8s-master ~]# cat /etc/kubernetes/schedulerr
KUBE_SCHEDULER_ARGS=""
启动kube-scheduler服务
[root@vm227224 ~]# systemctl daemon-reload
[root@vm227224 ~]# systemctl enable kube-scheduler
[root@vm227224 ~]# systemctl start kube-scheduler
[root@vm227224 ~]# systemctl status kube-scheduler
for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler; do systemctl restart $SERVICES; systemctl enable $SERVICES; systemctl status $SERVICES; done
Node节点部署
安装docker
yum instll docker
修改systemd服务文件
--exec-opt native.cgroupdriver=systemfs 改为 --exec-opt native.cgroupdriver=systemfs
[root@vm227225 bin]# cat /lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target
Wants=docker-storage-setup.service
Requires=docker-cleanup.timer
[Service]
Type=notify
NotifyAccess=all
KillMode=process
EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/sysconfig/docker-network
Environment=GOTRACEBACK=crash
Environment=DOCKER_HTTP_HOST_COMPAT=1
Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin
ExecStart=/usr/bin/dockerd-current \
--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \
--default-runtime=docker-runc \
--exec-opt native.cgroupdriver=systemd \
--userland-proxy-path=/usr/libexec/docker/docker-proxy-current \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$ADD_REGISTRY \
$BLOCK_REGISTRY \
$INSECURE_REGISTRY
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
Restart=on-abnormal
MountFlags=slave
[Install]
WantedBy=multi-user.target
[root@vm227224 ~]# systemctl daemon-reload
[root@vm227224 ~]# systemctl enable docker
[root@vm227224 ~]# systemctl start docker
[root@vm227224 ~]# systemctl status docker
安装kubernetes客户端
安装kubelet,kube-proxy
[root@vm227225 ~]# tar zxvf kubernetes-client-linux-amd64.tar.gz -C /usr/local/
[root@vm227225 ~]# ln -s /usr/local/kubernetes/client/bin/kubectl /usr/local/bin/kubectl
[root@vm227225 ~]# ln -s /usr/local/kubernetes/client/bin/kubefed /usr/local/bin/kubefed
kube-proxy kubelet包默认client没有可以从master拷贝过来
[root@vm227225 ~]# ln -s /usr/local/kubernetes/client/bin/kube-proxy /usr/local/bin/kube-proxy
[root@vm227225 ~]# ln -s /usr/local/kubernetes/client/bin/kubelet /usr/local/bin/kubelet
部署kubelet服务
[root@vm227225 bin]# cat /etc/kubernetes/config
KUBE_LOGTOSTDERR="--logtostderr=false"
KUBE_LOG_DIR="--log-dir=/data/logs/kubernetes"
KUBE_LOG_LEVEL="--v=2"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://10.210.227.224:8080"
设置systemd服务文件
[root@vm227225 bin]# cat /usr/lib/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=docker.service
Requires=docker.service
[Service]
WorkingDirectory=/data/kubelet
EnvironmentFile=-/etc/kubernetes/config
EnvironmentFile=-/etc/kubernetes/kubelet
ExecStart=/usr/local/bin/kubelet \
$KUBE_LOGTOSTDERR \
$KUBE_LOG_LEVEL \
$KUBE_LOG_DIR \
$KUBELET_API_SERVER \
$KUBELET_ADDRESS \
$KUBELET_PORT \
$KUBELET_HOSTNAME \
$KUBE_ALLOW_PRIV \
$KUBELET_POD_INFRA_CONTAINER \
$KUBELET_ARGS
Restart=on-failure
[Install]
WantedBy=multi-user.target
ps: 要创建WorkingDirectory=/data/kubelet的目录
配置kubelet启动参数
[root@vm227225 bin]# cat /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_PORT="--port=10250"
KUBELET_HOSTNAME="--hostname-override=10.210.227.225"
KUBELET_API_SERVER="--api-servers=http://10.210.227.224:8080"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
KUBELET_ARGS="--log-dir=/var/log/kubernetes --cgroup-driver=systemd --cgroups-per-qos=false --enforce-node-allocatable="
启动kubelet服务
[root@vm227225 ~]# systemctl daemon-reload
[root@vm227225 ~]# systemctl enable kubelet.service
[root@vm227225 ~]# systemctl start kubelet.service
[root@vm227225 ~]# systemctl status kubelet.service
部署kube-proxy服务
设置systemd服务文件
[root@vm227225 bin]# cat /usr/lib/systemd/system/kube-proxy.service
[Unit]
Description=Kubernetes Kube-Proxy Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=network.target
[Service]
EnvironmentFile=-/etc/kubernetes/config
EnvironmentFile=-/etc/kubernetes/proxy
ExecStart=/usr/local/bin/kube-proxy \
$KUBE_LOGTOSTDERR \
$KUBE_LOG_LEVEL \
$KUBE_LOG_DIR \
$KUBE_MASTER \
$KUBE_PROXY_ARGS
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
配置kubelet启动参数
[root@vm227225 bin]# cat /etc/kubernetes/proxy
KUBE_PROXY_ARGS=""
启动kubelet服务
[root@vm227225 ~]# systemctl daemon-reload
[root@vm227225 ~]# systemctl enable kube-proxy.service
[root@vm227225 ~]# systemctl start kube-proxy.service
[root@vm227225 ~]# systemctl status kube-proxy.service
for SERVICES in kube-proxy kubelet docker; do systemctl restart $SERVICES; systemctl enable $SERVICES; systemctl status $SERVICES; done
验证节点是否启动
[root@vm227224 pkg]# kubectl get node
NAME STATUS AGE VERSION
10.210.227.225 Ready 14h v1.6.4
网友评论