——————————————————————————————————————————————
博主介紹:Java領域優質創作者,博客之星城市賽道TOP20、專注于前端流行技術框架、Java后端技術領域、項目實戰運維以及GIS地理信息領域。
🍅文末獲取源碼下載地址🍅
👇🏻 精彩專欄推薦訂閱👇🏻 歡迎點贊收藏評論拍磚…
【Docker Swarm總結】《容器技術 Docker+K8S專欄》?
【uniapp+uinicloud多用戶社區博客實戰項目】《完整開發文檔-從零到完整項目》?
【Springcloud Alibaba微服務分布式架構 | Spring Cloud】《系列教程-更新完畢》?
【SpringSecurity-從入門到精通】《學習完整筆記-附(完整demo源碼)》?
【從零開始Vue項目中使用MapboxGL開發三維地圖教程】《系列教程-不定時更新》?
【Vue.js學習詳細課程系列】《共32節專欄收錄內容》?
感興趣的可以先收藏起來相關問題都可以給我留言咨詢,希望幫助更多的人。
——————————————————————————————————————————————
文章目錄
- 1. 安裝要求
- 2. 準備環境
- 3. 所有master節點部署keepalived
- 3.1 安裝相關包和keepalived
- 3.2配置master節點
- 3.3 啟動和檢查
- 4. 部署haproxy
- 4.1 安裝
- 4.2 配置
- 4.3 啟動和檢查
- 5. 所有節點安裝Docker/kubeadm/kubelet
- 5.1 安裝Docker
- 5.2 添加阿里云YUM軟件源
- 5.3 安裝kubeadm,kubelet和kubectl
- 6. 部署Kubernetes Master
- 6.1 創建kubeadm配置文件
- 6.2 在master1節點執行
- 7.安裝集群網絡
- 8、master2節點加入集群
- 8.1 復制密鑰及相關文件
- 8.2 master2加入集群
- 5. 加入Kubernetes Node
- 7. 測試kubernetes集群
kubeadm是官方社區推出的一個用于快速部署kubernetes集群的工具。
這個工具能通過兩條指令完成一個kubernetes集群的部署:
# 創建一個 Master 節點
$ kubeadm init# 將一個 Node 節點加入到當前集群中
$ kubeadm join <Master節點的IP和端口 >
1. 安裝要求
在開始之前,部署Kubernetes集群機器需要滿足以下幾個條件:
- 一臺或多臺機器,操作系統 CentOS7.x-86_x64
- 硬件配置:2GB或更多RAM,2個CPU或更多CPU,硬盤30GB或更多
- 可以訪問外網,需要拉取鏡像,如果服務器不能上網,需要提前下載鏡像并導入節點
- 禁止swap分區
2. 準備環境
| 角色 | IP |
|---|---|
| master1 | 192.168.44.155 |
| master2 | 192.168.44.156 |
| node1 | 192.168.44.157 |
| VIP(虛擬ip) | 192.168.44.158 |
# 關閉防火墻
systemctl stop firewalld
systemctl disable firewalld# 關閉selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 臨時# 關閉swap
swapoff -a # 臨時
sed -ri 's/.*swap.*/#&/' /etc/fstab # 永久# 根據規劃設置主機名
hostnamectl set-hostname <hostname># 在master添加hosts
cat >> /etc/hosts << EOF
192.168.44.158 master.k8s.io k8s-vip
192.168.44.155 master01.k8s.io master1
192.168.44.156 master02.k8s.io master2
192.168.44.157 node01.k8s.io node1
EOF# 將橋接的IPv4流量傳遞到iptables的鏈
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system # 生效# 時間同步
yum install ntpdate -y
ntpdate time.windows.com
3. 所有master節點部署keepalived
3.1 安裝相關包和keepalived
yum install -y conntrack-tools libseccomp libtool-ltdlyum install -y keepalived
3.2配置master節點
master1節點配置
cat > /etc/keepalived/keepalived.conf <<EOF
! Configuration File for keepalivedglobal_defs {router_id k8s
}vrrp_script check_haproxy {script "killall -0 haproxy"interval 3weight -2fall 10rise 2
}vrrp_instance VI_1 {state MASTER interface ens33 virtual_router_id 51priority 250advert_int 1authentication {auth_type PASSauth_pass ceb1b3ec013d66163d6ab}virtual_ipaddress {192.168.44.158}track_script {check_haproxy}}
EOF
master2節點配置
cat > /etc/keepalived/keepalived.conf <<EOF
! Configuration File for keepalivedglobal_defs {router_id k8s
}vrrp_script check_haproxy {script "killall -0 haproxy"interval 3weight -2fall 10rise 2
}vrrp_instance VI_1 {state BACKUP interface ens33 virtual_router_id 51priority 200advert_int 1authentication {auth_type PASSauth_pass ceb1b3ec013d66163d6ab}virtual_ipaddress {192.168.44.158}track_script {check_haproxy}}
EOF
3.3 啟動和檢查
在兩臺master節點都執行
# 啟動keepalived
$ systemctl start keepalived.service
設置開機啟動
$ systemctl enable keepalived.service
# 查看啟動狀態
$ systemctl status keepalived.service
啟動后查看master1的網卡信息
ip a s ens33
4. 部署haproxy
4.1 安裝
yum install -y haproxy
4.2 配置
兩臺master節點的配置均相同,配置中聲明了后端代理的兩個master節點服務器,指定了haproxy運行的端口為16443等,因此16443端口為集群的入口
cat > /etc/haproxy/haproxy.cfg << EOF
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global# to have these messages end up in /var/log/haproxy.log you will# need to:# 1) configure syslog to accept network log events. This is done# by adding the '-r' option to the SYSLOGD_OPTIONS in# /etc/sysconfig/syslog# 2) configure local2 events to go to the /var/log/haproxy.log# file. A line like the following can be added to# /etc/sysconfig/syslog## local2.* /var/log/haproxy.log#log 127.0.0.1 local2chroot /var/lib/haproxypidfile /var/run/haproxy.pidmaxconn 4000user haproxygroup haproxydaemon # turn on stats unix socketstats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaultsmode httplog globaloption httplogoption dontlognulloption http-server-closeoption forwardfor except 127.0.0.0/8option redispatchretries 3timeout http-request 10stimeout queue 1mtimeout connect 10stimeout client 1mtimeout server 1mtimeout http-keep-alive 10stimeout check 10smaxconn 3000
#---------------------------------------------------------------------
# kubernetes apiserver frontend which proxys to the backends
#---------------------------------------------------------------------
frontend kubernetes-apiservermode tcpbind *:16443option tcplogdefault_backend kubernetes-apiserver
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend kubernetes-apiservermode tcpbalance roundrobinserver master01.k8s.io 192.168.44.155:6443 checkserver master02.k8s.io 192.168.44.156:6443 check
#---------------------------------------------------------------------
# collection haproxy statistics message
#---------------------------------------------------------------------
listen statsbind *:1080stats auth admin:awesomePasswordstats refresh 5sstats realm HAProxy\ Statisticsstats uri /admin?stats
EOF
4.3 啟動和檢查
兩臺master都啟動
# 設置開機啟動
$ systemctl enable haproxy
# 開啟haproxy
$ systemctl start haproxy
# 查看啟動狀態
$ systemctl status haproxy
檢查端口
netstat -lntup|grep haproxy
5. 所有節點安裝Docker/kubeadm/kubelet
Kubernetes默認CRI(容器運行時)為Docker,因此先安裝Docker。
5.1 安裝Docker
$ wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
$ yum -y install docker-ce-18.06.1.ce-3.el7
$ systemctl enable docker && systemctl start docker
$ docker --version
Docker version 18.06.1-ce, build e68fc7a
$ cat > /etc/docker/daemon.json << EOF
{"registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]
}
EOF
5.2 添加阿里云YUM軟件源
$ cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
5.3 安裝kubeadm,kubelet和kubectl
由于版本更新頻繁,這里指定版本號部署:
$ yum install -y kubelet-1.16.3 kubeadm-1.16.3 kubectl-1.16.3
$ systemctl enable kubelet
6. 部署Kubernetes Master
6.1 創建kubeadm配置文件
在具有vip的master上操作,這里為master1
$ mkdir /usr/local/kubernetes/manifests -p$ cd /usr/local/kubernetes/manifests/$ vi kubeadm-config.yamlapiServer:certSANs:- master1- master2- master.k8s.io- 192.168.44.158- 192.168.44.155- 192.168.44.156- 127.0.0.1extraArgs:authorization-mode: Node,RBACtimeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta1
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: "master.k8s.io:16443"
controllerManager: {}
dns: type: CoreDNS
etcd:local: dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: v1.16.3
networking: dnsDomain: cluster.local podSubnet: 10.244.0.0/16serviceSubnet: 10.1.0.0/16
scheduler: {}
6.2 在master1節點執行
$ kubeadm init --config kubeadm-config.yaml
按照提示配置環境變量,使用kubectl工具:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
$ kubectl get nodes
$ kubectl get pods -n kube-system
按照提示保存以下內容,一會要使用:
kubeadm join master.k8s.io:16443 --token jv5z7n.3y1zi95p952y9p65 \--discovery-token-ca-cert-hash sha256:403bca185c2f3a4791685013499e7ce58f9848e2213e27194b75a2e3293d8812 \--control-plane
查看集群狀態
kubectl get cskubectl get pods -n kube-system
7.安裝集群網絡
從官方地址獲取到flannel的yaml,在master1上執行
mkdir flannel
cd flannel
wget -c https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
安裝flannel網絡
kubectl apply -f kube-flannel.yml
檢查
kubectl get pods -n kube-system
8、master2節點加入集群
8.1 復制密鑰及相關文件
從master1復制密鑰及相關文件到master2
# ssh root@192.168.44.156 mkdir -p /etc/kubernetes/pki/etcd# scp /etc/kubernetes/admin.conf root@192.168.44.156:/etc/kubernetes# scp /etc/kubernetes/pki/{ca.*,sa.*,front-proxy-ca.*} root@192.168.44.156:/etc/kubernetes/pki# scp /etc/kubernetes/pki/etcd/ca.* root@192.168.44.156:/etc/kubernetes/pki/etcd
8.2 master2加入集群
執行在master1上init后輸出的join命令,需要帶上參數--control-plane表示把master控制節點加入集群
kubeadm join master.k8s.io:16443 --token ckf7bs.30576l0okocepg8b --discovery-token-ca-cert-hash sha256:19afac8b11182f61073e254fb57b9f19ab4d798b70501036fc69ebef46094aba --control-plane
檢查狀態
kubectl get nodekubectl get pods --all-namespaces
5. 加入Kubernetes Node
在node1上執行
向集群添加新節點,執行在kubeadm init輸出的kubeadm join命令:
kubeadm join master.k8s.io:16443 --token ckf7bs.30576l0okocepg8b --discovery-token-ca-cert-hash sha256:19afac8b11182f61073e254fb57b9f19ab4d798b70501036fc69ebef46094aba
集群網絡重新安裝,因為添加了新的node節點
檢查狀態
kubectl get nodekubectl get pods --all-namespaces
7. 測試kubernetes集群
在Kubernetes集群中創建一個pod,驗證是否正常運行:
$ kubectl create deployment nginx --image=nginx
$ kubectl expose deployment nginx --port=80 --type=NodePort
$ kubectl get pod,svc
訪問地址:http://NodeIP:Port
![[GPT]Andrej Karpathy微軟Build大會GPT演講(上)--GPT如何訓練](http://pic.xiahunao.cn/[GPT]Andrej Karpathy微軟Build大會GPT演講(上)--GPT如何訓練)
)
 call 解決方法)
)
:QIODevice)
