基于kubeadm快速部署kubernetes K8S V1.17.4集群,并部署Dashboard Web页面,实现可视化查看Kubernetes资源
服务器名称(hostname) | 系统版本 | 配置 | 内网IP | 外网IP(模拟) |
---|---|---|---|---|
k8s-master | CentOS7.7 | 2C/4G/20G | 172.16.1.110 | 10.0.0.110 |
k8s-node01 | CentOS7.7 | 2C/4G/20G | 172.16.1.111 | 10.0.0.111 |
k8s-node02 | CentOS7.7 | 2C/4G/20G | 172.16.1.112 | 10.0.0.112 |
注意:没有swap分区
1、在所有节点上安装Docker和kubeadm
2、部署Kubernetes Master
3、部署容器网络插件
4、部署 Kubernetes Worker,并将节点加入Kubernetes集群中
5、部署Dashboard Web页面,可视化查看Kubernetes资源
kubeadm 是 Kubernetes 官方支持的安装方式,“二进制” 不是。本文档采用 kubernetes.io 官方推荐的 kubeadm 工具安装 kubernetes 集群。
注意:所有机器都要安装
脚本如下:
1 [root@k8s-master k8s_install]# pwd 2 /root/k8s_install 3 # 脚本信息如下【支持多次执行】 4 [root@k8s-master k8s_install]# cat install_kubelet.sh 5 #!/bin/sh 6 7 ##### 在 master 节点和 worker 节点都要执行 【所有机器执行】 8 9 # 加载环境变量 10 . /etc/profile 11 . /etc/bashrc 12 13 ############################################### 14 # 添加主机名与IP对应关系(每台主机必须设置主机名) 15 # 如下命令:没有则添加信息 若使用请根据自身主机情况修改 ★★★★★ 「你需要修改处」 16 grep '172.16.1.110.*k8s-master' /etc/hosts || echo "172.16.1.110 k8s-master" >> /etc/hosts 17 grep '172.16.1.111.*k8s-node01' /etc/hosts || echo "172.16.1.111 k8s-node01" >> /etc/hosts 18 grep '172.16.1.112.*k8s-node02' /etc/hosts || echo "172.16.1.112 k8s-node02" >> /etc/hosts 19 20 21 ############################################### 22 # 必要的基础配置或包安装 23 ## 必须安装 nfs-utils 才能挂载 nfs 网络存储 24 yum install -y nfs-utils 25 ## wget 用于下载文件 26 yum install -y wget 27 ## 其他必要包 28 yum install -y conntrack ipvsadm ipset 29 30 31 # 关闭 防火墙 32 systemctl stop firewalld 33 systemctl disable firewalld 34 systemctl stop iptables 35 systemctl disable iptables 36 37 # 关闭 SeLinux 38 setenforce 0 39 sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config 40 41 # 关闭 swap , 本次涉及的机器没有swap,因此注释了 42 ## 如果有swap分区则放开注释 43 #swapoff -a 44 #yes | cp /etc/fstab /etc/fstab_bak 45 #cat /etc/fstab_bak | grep -v swap > /etc/fstab 46 47 # 时间设置 48 ## 时区设置:东八区,上海 49 ls -l /etc/localtime | grep 'Asia/Shanghai' || (rm -f /etc/localtime && ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime) 50 ## 时间同步定时任务:没有则添加定,进行时间同步 51 crontab -l | grep 'ntpdate' || echo -e "# time syncn*/10 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1" >> /var/spool/cron/root 52 ## 查看硬件时间 hwclock --show 53 ## 系统时间同步到硬件时间 54 hwclock --systohc 55 56 # 关闭邮件服务 57 systemctl stop postfix.service && systemctl disable postfix.service 58 59 60 61 ############################################### 62 # 修改 /etc/sysctl.conf 63 # 开启 ip_forward 转发并解决流量路由不正确问题 64 # 如果有配置,则修改 65 sed -i "s#^net.ipv4.ip_forward.*#net.ipv4.ip_forward = 1#g" /etc/sysctl.conf 66 sed -i "s#^net.ipv4.tcp_tw_recycle.*#net.ipv4.tcp_tw_recycle = 0#g" /etc/sysctl.conf 67 sed -i "s#^net.bridge.bridge-nf-call-ip6tables.*#net.bridge.bridge-nf-call-ip6tables = 1#g" /etc/sysctl.conf 68 sed -i "s#^net.bridge.bridge-nf-call-iptables.*#net.bridge.bridge-nf-call-iptables = 1#g" /etc/sysctl.conf 69 # IPv6 转发 70 sed -i "s#^net.ipv6.conf.all.forwarding.*#net.ipv6.conf.all.forwarding = 1#g" /etc/sysctl.conf 71 sed -i "s#^net.netfilter.nf_conntrack_max.*#net.netfilter.nf_conntrack_max = 2310720#g" /etc/sysctl.conf 72 ## 如下两条非必要 73 sed -i "s#^fs.file-max.*#fs.file-max = 52706963#g" /etc/sysctl.conf 74 sed -i "s#^fs.nr_open.*#fs.nr_open = 52706963#g" /etc/sysctl.conf 75 76 # 如果没有,追加 77 grep 'net.ipv4.ip_forward = 1' /etc/sysctl.conf || echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf 78 grep 'net.ipv4.tcp_tw_recycle = 0' /etc/sysctl.conf || echo "net.ipv4.tcp_tw_recycle = 0" >> /etc/sysctl.conf 79 grep 'net.bridge.bridge-nf-call-ip6tables = 1' /etc/sysctl.conf || echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf 80 grep 'net.bridge.bridge-nf-call-iptables = 1' /etc/sysctl.conf || echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf 81 grep 'net.ipv6.conf.all.forwarding = 1' /etc/sysctl.conf || echo "net.ipv6.conf.all.forwarding = 1" >> /etc/sysctl.conf 82 grep 'net.netfilter.nf_conntrack_max = 2310720' /etc/sysctl.conf || echo "net.netfilter.nf_conntrack_max = 2310720" >> /etc/sysctl.conf 83 grep 'fs.file-max = 52706963' /etc/sysctl.conf || echo "fs.file-max = 52706963" >> /etc/sysctl.conf 84 grep 'fs.nr_open = 52706963' /etc/sysctl.conf || echo "fs.nr_open = 52706963" >> /etc/sysctl.conf 85 86 # 执行命令以生效 87 sysctl -p 88 #### 说明:上面的命令中/etc/sysctl.conf可以用/etc/sysctl.d/k8s.conf替换;生效使用sysctl -p /etc/sysctl.d/k8s.conf 命令 89 90 91 ############################################### 92 # kube-proxy 开启ipvs的前置条件【本步骤可忽略,但推荐使用IPVS】 93 modprobe br_netfilter 94 95 cat > /etc/sysconfig/modules/ipvs.modules << EOF 96 #!/bin/bash 97 modprobe -- ip_vs 98 modprobe -- ip_vs_rr 99 modprobe -- ip_vs_wrr 100 modprobe -- ip_vs_sh 101 modprobe -- nf_conntrack_ipv4 102 EOF 103 104 chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4 105 106 107 108 ############################################### 109 # 安装 docker 110 ## 参考文档如下 111 # https://www.cnblogs.com/zhanglianghhh/p/9891293.html 112 # https://docs.docker.com/install/linux/docker-ce/centos/ 113 # https://docs.docker.com/install/linux/linux-postinstall/ 114 115 ## 卸载旧版本 根据需要放开注释 116 #yum remove -y docker 117 #docker-client 118 #docker-client-latest 119 #docker-common 120 #docker-latest 121 #docker-latest-logrotate 122 #docker-logrotate 123 #docker-selinux 124 #docker-engine-selinux 125 #docker-engine 126 127 ## 设置 docker yum repository 128 yum install -y yum-utils device-mapper-persistent-data lvm2 129 yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo 130 131 ## 安装docker 132 # yum install -y docker-ce 133 yum install -y docker-ce-19.03.8 134 135 ## 启动docker服务,这样可以创建/etc/docker目录 136 systemctl start docker 137 138 ## 配置daemon 139 ## 1、修改docker Cgroup Driver为systemd;2、日志格式设定 140 ## 如果不修改,在添加 worker 节点时可能会碰到如下错误 141 ## [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". 142 ## Please follow the guide at https://kubernetes.io/docs/setup/cri/ 143 cat > /etc/docker/daemon.json << EOF 144 { 145 "exec-opts": ["native.cgroupdriver=systemd"], 146 "log-driver": "json-file", 147 "log-opts": { 148 "max-size": "100m" 149 } 150 } 151 EOF 152 153 ## 开机自启动 154 systemctl stop docker && systemctl daemon-reload && systemctl enable docker && systemctl start docker 155 156 157 158 ############################################### 159 # 配置K8S的yum源 160 cat > /etc/yum.repos.d/kubernetes.repo <<EOF 161 [kubernetes] 162 name=Kubernetes 163 baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 164 enabled=1 165 gpgcheck=0 166 repo_gpgcheck=1 167 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg 168 https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg 169 EOF 170 171 172 # 卸载旧版本 根据需要放开注释 173 #yum remove -y kubelet kubeadm kubectl 174 175 # 由于版本更新频繁,这里指定版本号部署 176 ## 安装kubelet、kubeadm、kubectl 177 ## 将 ${1} 替换为 kubernetes 版本号,例如 1.17.4 178 ## yum install -y kubelet-${1} kubeadm-${1} kubectl-${1} 179 yum install -y kubelet-1.17.4 kubeadm-1.17.4 kubectl-1.17.4 180 181 182 # 重启 docker,并启动 kubelet 183 systemctl daemon-reload 184 systemctl restart docker 185 systemctl enable kubelet && systemctl start kubelet 186 187 188 # 打印分割线 189 echo "=====================" 190 191 # 打印docker版本信息 192 docker version
执行上述脚本
用kubeadm的方法安装kubelet后,运行systemctl status kubelet 和 journalctl -f -u kubelet 发现kubelet服务启动失败,错误代码255。
后来查了资料,运行journalctl -xefu kubelet 命令查看systemd日志才发现,真正的错误是:
failed to load Kubelet config file /var/lib/kubelet/config.yaml, error failed to read kubelet config file "/var/lib/kubelet/config.yaml", error: open /var/lib/kubelet/config.yaml: no such file or directory
原因:
关键文件缺失,多发生于没有做 kubeadm init就运行了systemctl start kubelet。
暂时可以有不管,后面 kubeadm init 后会恢复正常。
注意:仅在master节点操作
kubeadm init 配置详解的官网地址如下:
https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init/
这里使用 flannel 网络
kubernetes 服务启动依赖很多镜像,这些镜像要是在国内没有(fan qiang)的话,是下载不下来的。这里我们可以去阿里云容器镜像服务【别人放好的镜像】搜寻并下载指定版本的镜像替代。
下载完成后,通过 docker tag … 命令修改成指定名称的镜像即可。
需要哪些镜像及版本,查看方式如下:
1 [root@k8s-master ~]# kubeadm config images list --kubernetes-version v1.17.4 2 W0728 16:31:09.770937 8119 validation.go:28] Cannot validate kube-proxy config - no validator is available 3 W0728 16:31:09.770998 8119 validation.go:28] Cannot validate kubelet config - no validator is available 4 k8s.gcr.io/kube-apiserver:v1.17.4 5 k8s.gcr.io/kube-controller-manager:v1.17.4 6 k8s.gcr.io/kube-scheduler:v1.17.4 7 k8s.gcr.io/kube-proxy:v1.17.4 8 k8s.gcr.io/pause:3.1 9 k8s.gcr.io/etcd:3.4.3-0 10 k8s.gcr.io/coredns:1.6.5
1 [root@k8s-master k8s_install]# pwd 2 /root/k8s_install 3 [root@k8s-master k8s_install]# kubeadm config print init-defaults > kubeadm-config.yaml 4 # 做了适当修改 5 [root@k8s-master k8s_install]# cat kubeadm-config.yaml 6 apiVersion: kubeadm.k8s.io/v1beta2 7 bootstrapTokens: 8 - groups: 9 - system:bootstrappers:kubeadm:default-node-token 10 token: abcdef.0123456789abcdef 11 ttl: 24h0m0s 12 usages: 13 - signing 14 - authentication 15 kind: InitConfiguration 16 localAPIEndpoint: 17 # 改为本机内网IP 18 advertiseAddress: 172.16.1.110 19 bindPort: 6443 20 nodeRegistration: 21 criSocket: /var/run/dockershim.sock 22 name: k8s-master 23 taints: 24 - effect: NoSchedule 25 key: node-role.kubernetes.io/master 26 --- 27 apiServer: 28 timeoutForControlPlane: 4m0s 29 apiVersion: kubeadm.k8s.io/v1beta2 30 certificatesDir: /etc/kubernetes/pki 31 clusterName: kubernetes 32 controllerManager: {} 33 dns: 34 type: CoreDNS 35 etcd: 36 local: 37 dataDir: /var/lib/etcd 38 imageRepository: k8s.gcr.io 39 kind: ClusterConfiguration 40 # 本次部署的版本为 v1.17.4 41 kubernetesVersion: v1.17.4 42 networking: 43 dnsDomain: cluster.local 44 # 添加如下行,指定pod网络的IP地址范围,因为flannel 就是这个网段 45 podSubnet: 10.244.0.0/16 46 # 默认值即可,无需改变。服务VIP使用可选的IP地址范围。默认10.96.0.0/12 47 serviceSubnet: 10.96.0.0/12 48 scheduler: {} 49 --- 50 # 添加如下配置段,调度方式从默认改为ipvs方式【如果上面初始化没有做ipvs,那么这段就不需要】 51 apiVersion: kubeproxy.config.k8s.io/v1alpha1 52 kind: KubeProxyConfiguration 53 featureGates: 54 SupportIPVSProxyMode: true 55 mode: ipvs
创建 init_master.sh文件并编写脚本进行批量下载镜像;之后修改镜像tag,与google的k8s镜像名称一致;再之后初始化并安装Pod网络插件。
脚本如下:
1 [root@k8s-master k8s_install]# pwd 2 /root/k8s_install 3 [root@k8s-master k8s_install]# cat init_master.sh 4 #!/bin/bash 5 6 ##### 在 k8s master 节点执行 7 8 # 加载环境变量 9 . /etc/profile 10 . /etc/bashrc 11 12 13 ############################################### 14 # 从国内下载 master 节点所需镜像,并对镜像重命名 15 # src_registry="registry.aliyunccnblogs.com/google_containers" 16 src_registry="registry.cn-beijing.aliyunccnblogs.com/google_registry" 17 18 # 定义镜像集合数组 19 # 具体版本信息根据 kubeadm config images list --kubernetes-version v1.17.4 得到的 20 images=( 21 kube-apiserver:v1.17.4 22 kube-controller-manager:v1.17.4 23 kube-scheduler:v1.17.4 24 kube-proxy:v1.17.4 25 pause:3.1 26 etcd:3.4.3-0 27 coredns:1.6.5 28 ) 29 # 循环从国内获取的Docker镜像 30 for img in ${images[@]}; 31&
参与评论
手机查看
返回顶部