【云原生 · Kubernetes】部署Kubernetes集群
2024-05-17 09:49:04
【云原生 · Kubernetes】搭建Harbor仓库
接着上次的内容,后续来了!
在master节点执行脚本k8s_master_install.sh即可完成K8S集群的部署,具体步骤参考如下(1)-(4)步骤。
5.部署Kubernetes集群
(1)安装Kubeadm
所有节点安装Kubeadm工具:
[root@master ~]# yum -y install kubeadm-1.18.1 kubectl-1.18.1 kubelet-1.18.1
[root@master ~]# systemctl enable kubelet && systemctl start kubelet
(2)初始化集群
在master节点初始化集群:
[root@master opt]# kubeadm init --kubernetes-version=1.18.1 --apiserver-advertise-address=192.168.100.10 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16[init] Using Kubernetes version: v1.18.1
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
..................
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.18.4.10:6443 --token cxtb79.mqg7drycn5s82hhc \--discovery-token-ca-cert-hash sha256:d7465b10f81ecb32ca30459efc1e0efe4f22bfbddc0c17d9b691f611082f415c
初始化完成后执行:
[root@master opt]# mkdir -p $HOME/.kube
[root@master opt]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master opt]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
查看集群状态:
[root@master ~]# kubectl get csNAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health":"true"}
查看节点状态:
[root@master ~]# kubectl get nodesNAME STATUS ROLES AGE VERSION
master NotReady master 2m57s v1.18.1
可以发现master处于notready状态,这是正常的,因为还没有网络插件,接下来安装网络后就变为正常了:
[root@master ~]# kubectl apply -f yaml/kube-flannel.yaml podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
[root@master ~]# kubectl get pods -ANAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-7ff77c879f-7vj79 1/1 Running 0 14m
kube-system coredns-7ff77c879f-nvclj 1/1 Running 0 14m
kube-system etcd-master 1/1 Running 0 14m
kube-system kube-apiserver-master 1/1 Running 0 14m
kube-system kube-controller-manager-master 1/1 Running 0 14m
kube-system kube-flannel-ds-d5p4g 1/1 Running 0 11m
kube-system kube-proxy-2gstw 1/1 Running 0 14m
kube-system kube-scheduler-master 1/1 Running 0 14m[root@master ~]# kubectl get nodesNAME STATUS ROLES AGE VERSION
master Ready master 17m v1.18.1
(3)安装Dashboard
创建证书:
[root@master ~]# mkdir dashboard-certs
[root@master ~]# cd dashboard-certs/
[root@master ~]# kubectl create namespace kubernetes-dashboard
[root@master ~]# openssl genrsa -out dashboard.key 2048Generating RSA private key, 2048 bit long modulus
......................................+++
...........................................................+++
e is 65537 (0x10001)[root@master ~]## openssl req -days 36000 -new -out dashboard.csr -key dashboard.key -subj '/CN=dashboard-cert'[root@master ~]## openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crtSignature ok
subject=/CN=dashboard-cert
Getting Private key[root@master ~]## kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard
安装Dashboard:
[root@master ~]# kubectl apply -f recommended.yaml namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created查看Dashboard 关联Pod和Service的状态:
[root@master ~]# kubectl get pod,svc -n kubernetes-dashboardNAME READY STATUS RESTARTS AGE
pod/dashboard-metrics-scraper-6b4884c9d5-f7qxd 1/1 Running 0 62s
pod/kubernetes-dashboard-5585794759-2c6xt 1/1 Running 0 62sNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/dashboard-metrics-scraper ClusterIP 10.105.228.249 <none> 8000/TCP 62s
service/kubernetes-dashboard NodePort 10.98.134.7 <none> 443:30000/TCP 62s创建serviceaccount和clusterrolebinding
[root@master ~]# kubectl apply -f dashboard-adminuser.yaml serviceaccount/dashboard-admin created
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin-bind-cluster-role created在浏览器访问dashboard(https://IP:30000)
获取Token:
# kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep dashboard-admin | awk '{print $1}')
Name: dashboard-admin-token-x9fnq
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: dashboard-adminkubernetes.io/service-account.uid: f780f22d-f620-4cdd-ad94-84bf593ca882Type: kubernetes.io/service-account-tokenData
====
ca.crt: 1025 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IkRWNXNrYWV6dFo4bUJrRHVZcmwtcTVpNzdFMDZYZjFYNzRzQlRyYmlVOGsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4teDlmbnEiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiZjc4MGYyMmQtZjYyMC00Y2RkLWFkOTQtODRiZjU5M2NhODgyIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmVybmV0ZXMtZGFzaGJvYXJkOmRhc2hib2FyZC1hZG1pbiJ9.h5BGk2yunmRcA8U60wIJh0kWpRLI1tZqS58BaDy137k1SYkvwG4rfG8MGnoDMAREWd9JIX43N4qpfbivIefeKIO_CZhYjv4blRefjAHo9c5ABChMc1lrZq9m_3Br_fr7GonsYulkaW6qYkCcQ0RK1TLlxntvLTi7gWMSes8w-y1ZumubL4YIrUh-y2OPoi2jJNevn4vygkgxtX5Y9LlxegVYJfeE_Sb9jV9ZL7e9kDqmBIYxm5PBJoPutjsTBmJf3IFrf6vUk6bBWtE6-nZgdf6FAGDd2W2-1YcidjITwgUvj68OfQ5tbB94EYlJhuoAGVajKxO14XaE9NH0_NZjqw
输入Token后进入Dashboard仪表盘界面
(4)删除污点
出于安全考虑,默认配置下Kubernetes不会将Pod调度到Master节点。如果希望将master也当作Node节点使用,可以执行如下命令:
# kubectl taint node master node-role.kubernetes.io/master-node/master untainted
或者在浏览器访问dashboard(http://IP:31000)
6.node节点加入集群
在node节点执行脚本k8s_node_install.sh即可将node节点加入集群,具体步骤参考如下(1)-(2)步骤。
(1)node节点加入集群
在node节点执行以下命令加入集群:
# kubeadm join 192.168.100.10:6443 \
--token cxtb79.mqg7drycn5s82hhc --discovery-token-ca-cert-hash \
sha256:d7465b10f81ecb32ca30459efc1e0efe4f22bfbddc0c17d9b691f611082f415c
(2)查看节点信息
在master节点查看节点状态:
# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 56m v1.18.1
node Ready <none> 60s v1.18.1
期待下次的分享,别忘了三连支持博主呀~
我是 念舒_C.ying ,期待你的关注~【云原生 · Kubernetes】部署Kubernetes集群相关推荐
- 阿里云ECS服务器部署HADOOP集群(三):ZooKeeper 完全分布式集群搭建
本篇将在阿里云ECS服务器部署HADOOP集群(一):Hadoop完全分布式集群环境搭建的基础上搭建,多添加了一个 datanode 节点 . 1 节点环境介绍: 1.1 环境介绍: 服务器:三台阿里 ...
- 【K8S】 基于Kubernetes部署Kafka集群
主要参考了https://stackoverflow.com/questions/44651219/kafka-deployment-on-minikube和https://github.com/ra ...
- kubernetes 部署redis 集群 guestbook
节选自 <kubernetes 权威指南2 > 2.3节 guestbook 示例 下载 docker images docker pull kubeguide/redis-master ...
- 云原生分布式 PostgreSQL+Citus 集群在 Sentry 后端的实践
优化一个分布式系统的吞吐能力,除了应用本身代码外,很大程度上是在优化它所依赖的中间件集群处理能力.如:kafka/redis/rabbitmq/postgresql/分布式存储(CephFS,Juic ...
- 【云原生Kubernetes系列第五篇】kubeadm v1.20 部署K8S 集群架构(人生这道选择题,总会有遗憾)
系列文章目录 ??即日起,更新云原生相关知识,喜欢的小伙伴可以给我点个三连喔 ??收录至专栏 云原生 ??[云原生Docker系列第一篇]Docker镜像管理 ??[云原生Docker系列第二篇]Do ...
- 云原生时代, Kubernetes 多集群架构初探
为什么我们需要多集群? 近年来,多集群架构已经成为"老生常谈".我们喜欢高可用,喜欢异地多可用区,而多集群架构天生就具备了这样的能力.另一方面我们也希望通过多集群混合云来降低成本, ...
- 云原生之在kubernetes环境下部署wordpress
云原生之在kubernetes环境下部署wordpress 一.wordpress介绍 1.wordpress简介 2.wordpress特点 二.kubernetes集群介绍 1.k8s简介 2.k ...
- 教你在Kubernetes中快速部署ES集群
摘要:ES集群是进行大数据存储和分析,快速检索的利器,本文简述了ES的集群架构,并提供了在Kubernetes中快速部署ES集群的样例:对ES集群的监控运维工具进行了介绍,并提供了部分问题定位经验,最 ...
- Kubernetes(5)-K8s集群部署
部署环境: IP 主机名 角色 192.168.100.142 kube-master1,kube-master1.suosuoli.cn K8s 集群主节点 1 192.168.100.144 ku ...
- Kubernetes学习总结(16)—— Kubernetes 实战之部署 Redis 集群
一.问题分析 本质上来说在 k8s 上部署一个 redis 集群和部署一个普通应用没有什么太大的区别,但需要注意下面几个问题: Redis 是一个有状态应用:这是部署 redis 集群时我们最需要注意 ...
最新文章
- 简单DP【p2642】双子序列最大和
- 第七篇:SpringBoot 2.x集成Lombok
- 给GPT-2加上“人类偏好”补丁,它说的话就越来越有人情味了丨代码已开源
- 阿里副总裁肖利华:数智化转型的7个关键词
- linux定时任务Crond生产规范案例精讲09
- 如何与室友相处?2017-12-08
- 【哲学】罗素《哲学问题》,把我从怀疑派拉回来,本能信仰
- java 注解数组初始化_Java 之 注解的定义
- cacti 忘记密码的方法
- git clone 报错 Clone failed: Authentication failed for
- thoughtworks笔试整理【转载】
- java修改文件后缀_java批量修改文件后缀的方法介绍
- osgb转json_基于CAD平台的OSGB数据分级渲染的方法与流程
- obs无法录制mkv视频文件的解决方法
- 微信第三方平台服务器,EasyWeChat微信开放平台第三方平台接入
- 【Camera】Camera中光圈系数概念以及光圈的作用
- 硬盘大于2t能不能装Oracle,硬盘容量超过2t的电脑怎么装系统|硬盘大于2t电脑安装系统教程...
- 嵌入式Linux--制作根文件系统--buildroot
- 计算机solidwork实训报告,SolidWorks实训报告.doc
- Redis在win7下安装步骤
热门文章