Kubeadm部署单Master节点
预处理操作
所有节点(master和node)都执行
主机名 | IP |
---|---|
kube-master | 192.168.71.60 |
kube-node1 | 192.168.71.61 |
kube-node2 | 192.168.71.62 |
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
iptables -F
关闭selinux
sed -i 's/SELINUX=.*enforcing/SELINUX=disabled/' /etc/selinux/config
关闭交换分区
swapoff -a
vim /etc/fstab 将swap所在行注释
#/dev/mapper/centos_test-swap swap swap defaults 0 0
设置主机名,添加hosts解析
hostnamectl set-hostname kube-master
hostnamectl set-hostname kube-node1
hostnamectl set-hostname kube-node2cat >> /etc/hosts << EOF
192.168.71.60 kube-master
192.168.71.61 kube-node1
192.168.71.62 kube-node2
EOF
开启ipv6流量转发
cat > /etc/sysctl.d/k8s.conf << EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOFsysctl -p
echo "1" >/proc/sys/net/bridge/bridge-nf-call-iptables
时区与时间同步
vim /etc/chrony.conf
server ntp.aliyun.com iburst
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
重启chronyd时间服务
systemctl restart chronyd
配置开机自启
systemctl enable chronyd
配置阿里云YUM源
rm -f /etc/yum.repos.d/*下载镜像源
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo清理缓存
yum clean all创建缓存
yum makecache中间可能会报错,一些源不可用,可以从Centos-7.repo中删除,像下边这两行,删除之后,在清理缓存,创建缓存即可http://mirrors.aliyuncs.com/centos/$releasever/os/$basearch/http://mirrors.cloud.aliyuncs.com/centos/$releasever/os/$basearch/
配置EPEL源
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repoyum makecache
安装docker
安装依赖
yum install -y yum-utils device-mapper-persistent-data lvm2
配置docker源
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repoyum makecache
安装指定版本docker
yum list docker-ce --showduplicate |sort -ryum install docker-ce-19.03.9-3.el7 -y
启动docker
systemctl start docker
systemctl enable docker
查看docker版本,是否安装成功
docker --version
Docker version 19.03.13, build 4484c46d9d
添加镜像加速文件
默认从官方镜像仓库拉取镜像,拉取速度较慢,在这里配置国内镜像仓库
vim /etc/docker/daemon.json
{"registry-mirrors": ["https://reg-mirror.qiniu.com"]
}
重启docker
systemctl restart docker
拉取hello-world镜像
docker pull hello-world
启动容器,看到下边内容即成功
docker run hello-worldHello from Docker!
This message shows that your installation appears to be working correctly.To generate this message, Docker took the following steps:1. The Docker client contacted the Docker daemon.2. The Docker daemon pulled the "hello-world" image from the Docker Hub.(amd64)3. The Docker daemon created a new container from that image which runs theexecutable that produces the output you are currently reading.4. The Docker daemon streamed that output to the Docker client, which sent itto your terminal.To try something more ambitious, you can run an Ubuntu container with:$ docker run -it ubuntu bashShare images, automate workflows, and more with a free Docker ID:https://hub.docker.com/For more examples and ideas, visit:https://docs.docker.com/get-started/
kubernetes
配置kubernetes服务Yum源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum makecache
安装kubelet kubeadm kubectl,先不启动kubelet
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet
master节点生成预处理文件
kubeadm config print init-defaults > kubeadm-init.yaml
修改预处理文件
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:- system:bootstrappers:kubeadm:default-node-tokentoken: abcdef.0123456789abcdefttl: 24h0m0susages:- signing- authentication
kind: InitConfiguration
localAPIEndpoint:advertiseAddress: 192.168.71.60 #master节点IP地址bindPort: 6443
nodeRegistration:criSocket: /var/run/dockershim.sockname: kube-mastertaints:- effect: NoSchedulekey: node-role.kubernetes.io/master
---
apiServer:timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:type: CoreDNS
etcd:local:dataDir: /var/lib/etcd
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers #配置阿里云镜像源
kind: ClusterConfiguration
kubernetesVersion: v1.19.0 #kubenetes版本号
networking:dnsDomain: cluster.localserviceSubnet: 10.96.0.0/12 #默认即可podSubnet: 10.245.0.0/16 #添加pod网段
scheduler: {}
提前拉取镜像,如果直接采用kubeadm init来初始化,中间会有系统自动拉取镜像的这一步骤,这是比较慢的,这里建议分开来做,先拉取镜像
kubeadm config images pull --config kubeadm-init.yaml
初始化
kubeadm init --config kubeadm-init.yaml
创建文件
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
查看集群节点
[root@kube-master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
kube-master NotReady master 33m v1.19.2
node节点加入集群
kubeadm join 192.168.71.60:6443 --token abcdef.0123456789abcdef \--discovery-token-ca-cert-hash sha256:d1d57b39e4da309096bca4784faf10d2b3ee7d9410ac83456e51a8b80e78b12d
状态为NotReady,即集群不可用,是因为需要安装网络插件,这里使用fannel插件
更换falnel镜像源
curl -o kube-flannel.yml https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml[root@kube-master ~]# sed -i 's/quay.io/quay.mirrors.ustc.edu.cn/g' kube-flannel.yml[root@kube-master ~]# kubectl apply -f kube-flannel.yml 查看kube-flannel的pod是否运行正常
```shellkubectl get pod -n kube-system | grep kube-flannel
kube-flannel-ds-4j8gj 1/1 Running 0 2m49s
kube-flannel-ds-m7tbc 1/1 Running 0 2m49s
kube-flannel-ds-xbkqp 1/1 Running 0 2m49s
查看节点是否可用
[root@kube-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
kube-master Ready master 23h v1.19.2
kube-node1 Ready <none> 22h v1.19.2
kube-node2 Ready <none> 22h v1.19.2
测试kubenetes集群
[root@kube-master ~]# kubectl create deployment nginx --image=nginx
deployment.apps/nginx created
暴露端口
[root@kube-master ~]# kubectl expose deployment nginx --port=80 --type=NodePort
service/nginx exposed
kubectl get pod,svc -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/nginx-6799fc88d8-dt6f2 0/1 ContainerCreating 0 27s <none> kube-node2 <none> <none>NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 14h <none>
service/nginx NodePort 10.108.195.168 <none> 80:32343/TCP 10s app=nginx
访问nginx
安装dashboard
下载dashboard配置文件
curl -o recommended.yaml https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml
可能会下载失败
curl -o recommended.yaml https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml% Total % Received % Xferd Average Speed Time Time Time CurrentDload Upload Total Spent Left Speed0 0 0 0 0 0 0 0 --:--:-- 0:00:15 --:--:-- 0curl: (7) Failed connect to raw.githubusercontent.com:443; Connection refused
修改hosts解决
echo "199.232.28.133 raw.githubusercontent.com" >> /etc/hosts
修改配置文件
kind: Service
apiVersion: v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
spec:type: NodePortports:- port: 443targetPort: 8443nodePort: 30065selector:k8s-app: kubernetes-dashboard
运行此文件
kubectl apply -f recommended.yaml
kubectl get pod,svc -n kubernetes-dashboard -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/dashboard-metrics-scraper-7b9b99d599-2zc8c 1/1 Running 0 29s 10.245.0.2 kube-master <none> <none>
pod/kubernetes-dashboard-6d4799d74-grr2h 1/1 Running 0 29s 10.245.1.3 kube-node1 <none> <none>NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/dashboard-metrics-scraper ClusterIP 10.105.8.238 <none> 8000/TCP 29s k8s-app=dashboard-metrics-scraper
service/kubernetes-dashboard NodePort 10.101.26.35 <none> 443:30065/TCP 29s k8s-app=kubernetes-dashboard
获取token
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
Data
====
ca.crt: 1066 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6Ii1uRDhoMWVKWl9hWWxUWXdPNGNVMlVaV1Z2ZVhGWXhzRm1YYzhzLTVWMEkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJ0dGwtY29udHJvbGxlci10b2tlbi1mNm1tYyIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJ0dGwtY29udHJvbGxlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjRjMWYzNTQzLTczZjctNDE2Ny05MGI1LTk5MjBlMTYxZGJkOSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTp0dGwtY29udHJvbGxlciJ9.I-NkhkeNZxunZBlnD1eZbhqWfgFfxB2s6gG7p3jdaNUNd84olZfRHssxbD_TH-7lwAkHPSS62M-G_YRpjkb-KuMTsgWgn-IoMy0AWaXwfXdyVeJmyjcrfSmFVdhwOf6xIUpYZ0sHrfWQlyyDNmaBzx3x-I91uiqnqh6D0bwtWacuuoLLpI8ZGsm72PyVQVCQ9ljwD9t767Oaq9_vzGcJLzO6_BYASKGGhK_Y4of_dTz5RX9TQK41nlYfb5oggyjO0KhYLQFiUYg1MZaAG57QxM49hi7eYkfHfX2Y4FqSOhiJZyR1IqEMRIFCcZWS0jC2GWKdur9-puLm9EgQwwiQFg
登进去后不能查看集群信息,因为还没有绑定集群角色
cluster-admin管理员角色绑定
[root@kube-master ~]# kubectl create serviceaccount dashboard-admin -n kube-system
[root@kube-master ~]# kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
[root@kube-master ~]# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
再使用输出的token登陆dashboard即可。
Kubeadm部署单Master节点相关推荐
- 【重要】kubernetes二进制部署单master节点
目录 1.安装要求 2.安装规划 3.1.分步骤操作 3.2.一键执行脚本 4.1.安装cfssl证书生成工具 4.2.创建认证中心(根CA中心) 4.3.使用自签CA签发Etcd证书 4.4.部署E ...
- kubernetes二进制部署单master节点
目录 1.安装要求 2.安装规划 3.1.分步骤操作 3.2.一键执行脚本 4.1.安装cfssl证书生成工具 4.2.创建认证中心(根CA中心) 4.3.使用自签CA签发Etcd证书 4.4.部署E ...
- K8S——单master节点和基于单master节点的双master节点二进制部署(本机实验,防止卡顿,所以多master就不做3台了)
K8S--单master节点和基于单master节点的双master节点二进制部署 一.准备 二.ETCD集群 1.master节点 2.node节点 三.Flannel网络部署 四.测试容器间互通 ...
- 二进制部署 单Master Kubernetes-v1.14.1集群
一.部署Kubernetes集群 1.1 Kubernetes介绍 Kubernetes(K8S)是Google开源的容器集群管理系统,K8S在Docker容器技术的基础之上,大大地提高了容器化部署应 ...
- 【K8S】基于单Master节点安装K8S集群
写在前面 最近在研究K8S,今天就输出部分研究成果吧,后续也会持续更新. 集群规划 IP 主机名 节点 操作系统版本 192.168.175.101 binghe101 Master CentOS 8 ...
- kubeadm集群化部署多master节点(生产环境适用)
一.背景介绍. k8s通过master集中式管理worknode的容器编排系统,而在生产环境为了维护高可用性,master的地位起到举无轻重的作用.一旦master节点失守,则会导致整个集群服务不可用 ...
- kubeadm高可用master节点(三主两从)
1.安装要求 在开始之前,部署Kubernetes集群机器需要满足以下几个条件: 五台机器,操作系统 CentOS7.5+(mini) 硬件配置:2GBRAM,2vCPU+,硬盘30GB+ 集群中所有 ...
- 【重要】kubeadm高可用master节点(三主两从)
目录 1.安装要求 2.安装步骤 2.1.安装前预处理操作 2.2.安装docker 2.3.安装kubernetes 2.4.Haproxy+Keepalived配置高可用VIP 2.5.部署Mas ...
- 基于阿里云镜像源使用kubeadm安装k8s单master节点集群(v1.17.3)
一.环境准备 1.系统要求 按量付费阿里云主机三台 要求:centos7.6~7.8:以下为 https://kuboard.cn/install/install-k8s.html#%E6%A3%80 ...
- kubeadm安装kubernetes之MASTER节点部署
kubernetes MASTER节点部署 1.初始化环境,基础组件安装 #各个节点配置主机名 hostnamectl set-hostname k8smaster #关闭防火墙 systemctl ...
最新文章
- C语言之基本算法26—佩尔方程求解
- 渗透知识-脚本木马的制作原理
- 免费资源 | ActiveReports 报表控件发布多平台 Demo 代码集合
- 机器学习笔记:过拟合和欠拟合
- 将frm,myi,myd文件打包成sql文件
- 【软考-软件设计师】汇编程序基本原理
- Java黑皮书课后题第5章:*5.24(数列求和)编写程序,计算下面数列的和:1/3+3/5+5/7+7/9+……95/97+97/99
- c语言十佳运动员有奖评选系统_2019年沃德十佳内饰解读
- UIMenuController 和 UIResponderStandardEditActions
- Android 样式
- 2014中国十大管理实践-世界经理人网站
- ai人工智能_人工智能能否赢得奥运
- 申论是什么额?如何备考,带你走进它
- 江苏省考计算机类包括哪些专业,2019年江苏省公务员考试计算机类包括哪些专业..._公务员考试_帮考网...
- 软工中级实训——实训总结报告
- 轻松读书——麦肯锡教我的写作武器
- 安装 Win10+GTX1050ti+cuda8.0+cuDNN5.1+Tensorflow-gpu1.2
- 马宁伟-20年工作经验谈-4-男怕入错行
- 基于等价类的邮箱注册测试用例设计
- 7 Hive数据仓库
热门文章
- 计算机用几个字节储存,一个文字在计算机中用两个字节来储存。()
- 工商银行支付接口开发Java
- python中怎么压缩文件_使用Python实现文件压缩和解压
- win11使用excel卡顿怎么办 Windows11使用excel卡死的解决方法
- 便捷开票二维码应用简介
- SpringBoot Spring Cloud项目学习汇总
- libx264开发笔记(一):libx264介绍、海思平台移植编译
- C语言程序设计---跟随Frank-FuckPPT
- PHP实现微信小程序免密支付,微信免密支付,微信小程序实现微信支付功能!!!...
- 隐含表(状态对图)消消乐