《【大神课堂】轻松加愉快的 Kubernetes 安装教程.doc》由会员分享,可在线阅读,更多相关《【大神课堂】轻松加愉快的 Kubernetes 安装教程.doc(9页珍藏版)》请在三一文库上搜索。
1、【大神课堂】轻松加愉快的 Kubernetes 安装教程在国内安装 K8S,一直是大家很头痛的问题,各种麻烦,关键是还不知道需要下载什么工具。蛋疼。而且大部分国内教程要么太老,要么太挫。今天就来告诉大家如何在国内愉快的安装K8S。安装环境使用的是 kubeadm 进行安装,过程基本安装官方教程来的。虽然写的是阿里云 VPC,但是虚拟机也支持。影响不大。如果仅仅是本地安装玩一玩,都可以配置成1核1G。接下来的过程,如果有翻墙主机的情况,按照流程走就可以,没有的话直接看下载好的结果就可以了。安装过程安装过程基本包括下载软件,下载镜像,主机配置,启动 Master 节点,配置网络,启动 Node 节
2、点。下载软件这个步骤有能力的人可以直接按照步骤来,没有的话可以使用我打包好的1.6.2软件包。首先在自己的主机配置K8S源。cat /etc/yum.repos.d/kubernetes.repokubernetesname=Kubernetesbaseurl=https:/packages.cloud.google/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https:/packages.cloud.google/yum/doc/yum-key.gpg https:/packages.clo
3、ud.google/yum/doc/rpm-package-key.gpgEOF配置好后,下载软件包yum install -y -downloadonly kubelet kubeadm kubectl kubernetes-cni将下载好的所有 RPM 打包,发回到本地。这样就完成了K8S软件包的下载了。下载好的 RPM:https:/pan.baidu/s/1clIpjCcp6h下载镜像下载镜像可以直接使用我提供的脚本,前提是要能连外网。我自己也已经下载过一份了。提供给大家使用。#!/usr/bin/env bashimages=( kube-proxy-amd64:v1.6.2 kub
4、e-controller-manager-amd64:v1.6.2 kube-apiserver-amd64:v1.6.2 kube-scheduler-amd64:v1.6.2 kubernetes-dashboard-amd64:v1.6.0 k8s-dns-sidecar-amd64:1.14.1 k8s-dns-kube-dns-amd64:1.14.1 k8s-dns-dnsmasq-nanny-amd64:1.14.1 etcd-amd64:3.0.17 pause-amd64:3.0)for imageName in $images ; do docker pull gcr.io
5、/google_containers/$imageName docker tag gcr.io/google_containers/$imageName registry-beijing.aliyuncs/bbt_k8s/$imageName docker push registry-beijing.aliyuncs/bbt_k8s/$imageNamedonequay.io/coreos/flannel:v0.7.0-amd64docker tag quay.io/coreos/flannel:v0.7.0-amd64 registry-beijing.aliyuncs/bbt_k8s/fl
6、annel:v0.7.0-amd64docker push registry-beijing.aliyuncs/bbt_k8s/flannel:v0.7.0-amd64关于这个脚本我解释一下。这个脚本是下载常用的镜像,然后回传到国内的源上,可以将registry-beijing.aliyuncs/bbt_k8s改成你自己的地址,必须先用docker login 进行登录,否则可能会出现权限认证错误。推荐使用阿里云,网易的服务。如果使用自己的地址,请注意下面的配置,根据自己的情况进行修改,不在累赘了。镜像版本号说明:OK,这些镜像下载完成就 OK 了,不会连外网的,就直接跳过吧。主机配置上面的内
7、容下载好后,我们就可以安装了。更新系统没什么可以介绍的。yum update -y安装 DockerK8S 的1.6.x 版本仅仅在 Docker 1.12上测试过,虽然最新版本 Docker 也可以运行,但是不推荐安装最新版本,免得遇到什么问题。curl -sSL http:/acs-public-mirror.oss-cn-hangzhou.aliyuncs/docker-engine/internet | sh /dev/stdin 1.12.6安装完成后,禁用 Docker 的更新,禁用方式为,在/etc/yum.conf添加exclude=docker-engine*配置 Docke
8、r主要是配置一些加速器,避免自己下载镜像速度太慢。修改/etc/docker/daemon.json 添加如下内容: registry-mirrors: https:/自己的加速地址之后就是启动Docker 的服务,systemctl daemon-reloadsystemctl enable dockersystemctl start docker修改网络主要是开启桥接相关支持,这个是 flannel 需要的配置,具体是否需要,看自己的网络组件选择的是什么。修改/usr/lib/sysctl.d/00-system.conf,将net.bridge.bridge-nf-call-iptabl
9、es改成1.之后修改当前内核状态echo 1 /proc/sys/net/bridge/bridge-nf-call-iptables安装K8S包上传RPM 包,到自己的服务器上,然后执行yum install -y *.rpm之后开启kubelet的开机启动systemctl enable kubelet然后配置 kubelet,修改/etc/systemd/system/kubelet.service.d/10-kubeadm.conf成如下文件ServiceEnvironment=KUBELET_KUBECONFIG_ARGS=-kubeconfig=/etc/kubernetes/ku
10、belet.conf -require-kubeconfig=trueEnvironment=KUBELET_SYSTEM_PODS_ARGS=-pod-manifest-path=/etc/kubernetes/manifests -allow-privileged=trueEnvironment=KUBELET_NETWORK_ARGS=-network-plugin=cni -cni-conf-dir=/etc/cni/net.d -cni-bin-dir=/opt/cni/binEnvironment=KUBELET_DNS_ARGS=-cluster-dns=10.96.0.10 -
11、cluster-domain=cluster.localEnvironment=KUBELET_AUTHZ_ARGS=-authorization-mode=Webhook -client-ca-file=/etc/kubernetes/pki/ca.crtEnvironment=KUBELET_ALIYUN_ARGS=-pod-infra-container-image=registry-vpc-beijing.aliyuncs/bbt_k8s/pause-amd64:3.0ExecStart=ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_AR
12、GS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_EXTRA_ARGS $KUBELET_ALIYUN_ARGS在这里主要修正2个问题,一个是将 POD 的基础容器修改为我们自己源里面的,另外一个是最新版本的 K8S 的资源管理和 Docker 默认的资源管理方式有冲突,这里把这块给删除了。具体可以参考https:/github/kubernetes/release/issues/306然后重新 reload 服务。systemctl daemon-
13、reload这样就完成了主机环境的初始化,如果是使用虚拟机,拷贝3份就可以了。如果是实体机,3台都按照这个步骤来一遍就好了。然后为每一台主机根据类型设置好 HostName,K8S会把 HostName 当做主机标识。启动 Master配置完主机后,我们就可以启动我们的 Master 节点了,通常 Master 节点推荐2-3个,本地测试我们就简单一些,一个节点就可以了。export KUBE_REPO_PREFIX=registry-vpc-beijing.aliyuncs/bbt_k8sexport KUBE_ETCD_IMAGE=registry-vpc-beijing.aliyuncs
14、/bbt_k8s/etcd-amd64:3.0.17kubeadm init -kubernetes-version=v1.6.2 -pod-network-cidr=10.96.0.0/12前面2个环境变量配置,是让kubeadm 初始化的时候,使用我们的镜像源下载镜像。最后 kubeadm init 是初始化 Master 节点。其中需要配置的参数我说明一下。执行完毕后,稍等一阵,就完成了。kubeadm init -kubernetes-version=v1.6.2 -pod-network-cidr=10.96.0.0/12kubeadm WARNING: kubeadm is in
15、beta, please do not use it for production clusters.init Using Kubernetes version: v1.6.2init Using Authorization mode: RBACpreflight Running pre-flight checkspreflight Starting the kubelet servicecertificates Generated CA certificate and key.certificates Generated API server certificate and key.cert
16、ificates API Server serving cert is signed for DNS names node0 kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local and IPs 10.96.0.1 192.168.61.41certificates Generated API server kubelet client certificate and key.certificates Generated service account token si
17、gning key and public key.certificates Generated front-proxy CA certificate and key.certificates Generated front-proxy client certificate and key.certificates Valid certificates and keys now exist in /etc/kubernetes/pkikubeconfig Wrote KubeConfig file to disk: /etc/kubernetes/admin.confkubeconfig Wro
18、te KubeConfig file to disk: /etc/kubernetes/kubelet.confkubeconfig Wrote KubeConfig file to disk: /etc/kubernetes/controller-manager.confkubeconfig Wrote KubeConfig file to disk: /etc/kubernetes/scheduler.confapiclient Created API client, waiting for the control plane to become readyapiclient All co
19、ntrol plane components are healthy after 14.583864 secondsapiclient Waiting for at least one node to registerapiclient First node has registered after 6.008990 secondstoken Using token: e7986d.e440de5882342711apiconfig Created RBAC rulesaddons Created essential addon: kube-proxyaddons Created essent
20、ial addon: kube-dnsYour Kubernetes master has initialized successfully!To start using your cluster, you need to run (as a regular user): sudo cp /etc/kubernetes/admin.conf $HOME/ sudo chown $(id -u):$(id -g) $HOME/admin.conf export KUBECONFIG=$HOME/admin.confYou should now deploy a pod network to th
21、e cluster.Run kubectl apply -f podnetwork.yaml with one of the options listed at: http:/kubernetes.io/docs/admin/addons/You can now join any number of machines by running the following on each nodeas root: kubeadm join -token 1111.1111111111111 *.*.*.*:6443安装完成后,有一个内容非常重要,查看安装日志,拷贝类似于下面的语句,这条语句用来初始化
22、之后的节点。kubeadm join -token 11111.11111111111111 *.*.*.*:6443接下来我们就可以去看看我们 K8S 的状态。我这使用的是 Mac。 Linux 和 Windows 的同学自行处理。安装 kubectlbrew install kubectl然后拷贝 Master 节点上的/etc/kubernetes/admin.conf文件到本机的/.kube/config之后执行kebectl get node。我这里已经安装完毕了,所以有全部信息,只要能看到节点,就算是成功了。安装网络组件接下来我们安装网络组件,我这里使用的是flannel。创建2个
23、文件kube-flannel-rbac.yml# Create the clusterrole and clusterrolebinding:# $ kubectl create -f kube-flannel-rbac.yml# Create the pod using the same namespace used by the flannel serviceaccount:# $ kubectl create -namespace kube-system -f kube-flannel.yml-kind: ClusterRoleapiVersion: rbac.authorization
24、.k8s.io/v1beta1metadata: name: flannelrules: - apiGroups: - resources: - pods verbs: - get - apiGroups: - resources: - nodes verbs: - list - watch - apiGroups: - resources: - nodes/status verbs: - patch-kind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1beta1metadata: name: flannelroleR
25、ef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: flannelsubjects:- kind: ServiceAccount name: flannel namespace: kube-systemkube-flannel-ds.yaml-apiVersion: v1kind: ServiceAccountmetadata: name: flannel namespace: kube-system-kind: ConfigMapapiVersion: v1metadata: name: kube-flannel-c
26、fg namespace: kube-system labels: tier: node app: flanneldata: cni-conf.json: | name: cbr0, type: flannel, delegate: isDefaultGateway: true net-conf.json: | Network: 10.96.0.0/12, Backend: Type: vxlan -apiVersion: extensions/v1beta1kind: DaemonSetmetadata: name: kube-flannel-ds namespace: kube-syste
27、m labels: tier: node app: flannelspec: template: metadata: labels: tier: node app: flannel spec: hostNetwork: true nodeSelector: beta.kubernetes.io/arch: amd64 tolerations: - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule serviceAccountName: flannel containers: - name: kube-
28、flannel image: registry-beijing.aliyuncs/bbt_k8s/flannel:v0.7.0-amd64 command: /opt/bin/flanneld, -ip-masq, -kube-subnet-mgr securityContext: privileged: true env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace
29、volumeMounts: - name: run mountPath: /run - name: flannel-cfg mountPath: /etc/kube-flannel/ - name: install-cni image: registry-beijing.aliyuncs/bbt_k8s/flannel:v0.7.0-amd64 command: /bin/sh, -c, set -e -x; cp -f /etc/kube-flannel/cni-conf.json /etc/cni/net.d/10-flannel.conf; while true; do sleep 36
30、00; done volumeMounts: - name: cni mountPath: /etc/cni/net.d - name: flannel-cfg mountPath: /etc/kube-flannel/ volumes: - name: run hostPath: path: /run - name: cni hostPath: path: /etc/cni/net.d - name: flannel-cfg configMap: name: kube-flannel-cfg然后使用使用命令进行配置。kubectl create -f kube-flannel-rbac.ym
31、lkubectl create -f kube-flannel-ds.yaml启动 Node分别在2个Node节点,执行下面的命令。export KUBE_REPO_PREFIX=registry-vpc-beijing.aliyuncs/bbt_k8sexport KUBE_ETCD_IMAGE=registry-vpc-beijing.aliyuncs/bbt_k8s/etcd-amd64:3.0.17kubeadm join -token 1111.111111111111 *.*.*.*:6443其中 kubeadm join 请参考启动 Master 节点中的内容。其它理论上我们安装
32、到这里,K8S 就已经可以使用了。接下来主要是K8S的 Dashboard 的安装,仅供参考,不一定要安装。安装 DashBoard 工具创建文件kubernetes-dashboard.yaml# Copyright 2015 Google Inc. All Rights Reserved.# Licensed under the Apache License, Version 2.0 (the License);# you may not use this file except in compliance with the License.# You may obtain a copy
33、of the License at# http:/apache/licenses/LICENSE-2.0# Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an AS IS BASIS,# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.# See the License for the specific langu
34、age governing permissions and# limitations under the License.# Configuration to deploy release version of the Dashboard UI compatible with# Kubernetes 1.6 (RBAC enabled).# Example usage: kubectl create -f apiVersion: v1kind: ServiceAccountmetadata: labels: app: kubernetes-dashboard name: kubernetes-
35、dashboard namespace: kube-system-apiVersion: rbac.authorization.k8s.io/v1beta1kind: ClusterRoleBindingmetadata: name: kubernetes-dashboard labels: app: kubernetes-dashboardroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-adminsubjects:- kind: ServiceAccount name: kubernet
36、es-dashboard namespace: kube-system-kind: DeploymentapiVersion: extensions/v1beta1metadata: labels: app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-systemspec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app: kubernetes-dashboard template: metadata: labels: app:
37、kubernetes-dashboard spec: containers: - name: kubernetes-dashboard image: registry-beijing.aliyuncs/bbt_k8s/kubernetes-dashboard-amd64:v1.6.0 imagePullPolicy: Always ports: - containerPort: 9090 protocol: TCP args: # Uncomment the following line to manually specify Kubernetes API server Host # If n
38、ot specified, Dashboard will attempt to auto discover the API server and connect # to it. Uncomment only if the default does not work. # - -apiserver-host=http:/my-address:port livenessProbe: httpGet: path: / port: 9090 initialDelaySeconds: 30 timeoutSeconds: 30 serviceAccountName: kubernetes-dashbo
39、ard # Comment the following tolerations if Dashboard must not be deployed on master tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule-kind: ServiceapiVersion: v1metadata: labels: app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-systemspec: type: NodePort ports
40、: - port: 80 targetPort: 9090 selector: app: kubernetes-dashboard创建文件dashboard-rbac.yamlkind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1beta1metadata: name: dashboard-adminroleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects:- kind: ServiceAccou
41、nt name: default namespace: kube-system之后执行kubectl create -f dashboard-rbac.ymlkubectl create -f kubernetes-dashboard.yaml之后用下面的命令,获取到对应端口号。主要是看NodePort: 31867/TCP这样的内容。然后使用http:/NodeIp:NodePort访问就可以了,其中 NodeIp 为 Master 或者 Node 的 IP,NodePort为NodePort的端口。kubectl describe -namespace kube-system service kubernetes-dashboard到此,这份安装教程就到这里结束了。最后奉上一份安装后的截图。