准备
云原生的概念越来越火,忍不住去看了看kubernetes,初次接触,晕晕乎乎的,于是不管三七二十一,先搭建个单机版的再说(没钱买服务器,目前也懒得装虚拟机),跑起来也算是第一步吧。网上教程一顿搜,各种配置一顿配,这里正好做个记录。
步骤
关闭防火强和selinux
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
[root@zhangpeilei ~]# cat /etc/selinux/config
SELINUX=disabled
SELINUXTYPE=targeted
禁用swap
swapoff -a
修改内核参数和模块
- 修改文件/etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
sysctl --system
modprobe br_netfilter
安装docker,网上方法很多
yum -y install yum-utils device-mapper-persistent-data lvm2
yum-config-manager -y --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum -y install docker-ce-18.06.3.ce-3.el7 docker-ce-cli-18.06.3.ce-3.el7 containerd.io
systemctl start docker
systemctl enable docker
安装完执行下
docker version
[root@zhangpeilei ~]
Client:
Version: 18.06.3-ce
API version: 1.38
Go version: go1.10.3
Git commit: d7080c1
Built: Wed Feb 20 02:26:51 2019
OS/Arch: linux/amd64
Experimental: false
Server:
Engine:
Version: 18.06.3-ce
API version: 1.38 (minimum version 1.12)
Go version: go1.10.3
Git commit: d7080c1
Built: Wed Feb 20 02:28:17 2019
OS/Arch: linux/amd64
Experimental: false
安装kubernates组件
- 修改文件/etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
yum -y install kubelet-1.13* kubeadm-1.13* kubectl-1.13*
systemctl start kubelet
systemctl enable kubelet
下载kubernetes镜像,并且打标签
docker pull mirrorgooglecontainers/kube-apiserver:v1.13.3
docker pull mirrorgooglecontainers/kube-controller-manager:v1.13.3
docker pull mirrorgooglecontainers/kube-scheduler:v1.13.3
docker pull mirrorgooglecontainers/kube-proxy:v1.13.3
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.2.24
docker pull coredns/coredns:1.2.6
docker tag mirrorgooglecontainers/kube-apiserver:v1.13.3 k8s.gcr.io/kube-apiserver:v1.13.3
docker tag mirrorgooglecontainers/kube-controller-manager:v1.13.3 k8s.gcr.io/kube-controller-manager:v1.13.3
docker tag mirrorgooglecontainers/kube-scheduler:v1.13.3 k8s.gcr.io/kube-scheduler:v1.13.3
docker tag mirrorgooglecontainers/kube-proxy:v1.13.3 k8s.gcr.io/kube-proxy:v1.13.3
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag mirrorgooglecontainers/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
初始化
kubeadm init --kubernetes-version=v1.13.3 --pod-network-cidr=10.100.0.0/16
接下来根据提示做如下操作
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')
[root@zhangpeilei ~]
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-86c58d9df4-7b8vr 0/1 Pending 0 76s
kube-system coredns-86c58d9df4-z8lrf 0/1 Pending 0 76s
kube-system etcd-zhangpeilei 1/1 Running 0 22s
kube-system kube-apiserver-zhangpeilei 1/1 Running 0 13s
kube-system kube-controller-manager-zhangpeilei 1/1 Running 0 20s
kube-system kube-proxy-qlmpp 1/1 Running 0 76s
kube-system kube-scheduler-zhangpeilei 1/1 Running 0 31s
kube-system weave-net-2ph7d 2/2 Running 0 9s
至此我们安装应该成功了.
master加入节点
kubeadm join <ip>:<port> --token <token> --discovery-token-ca-cert-hash <hash>
查看节点
[root@zhangpeilei ~]
NAME STATUS ROLES AGE VERSION
zhangpeilei Ready master 3h40m v1.13.12
但安装的时候哪有一帆风顺的,下面是我碰到的一些问题。
问题一
root@zhangpeilei ~]
Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")
解决方式:如果执行完
kubeadm reset
命令后,需要先
rm -rf $HOME/.kube
然后再执行如下命令:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
问题二
查看节点
[root@zhangpeilei ~]
NAME STATUS ROLES AGE VERSION
zhangpeilei NotReady master 3h40m v1.13.12
发现节点状态是NotReady,首先通过命令查看日志
journalctl -f -u kubelet.service
修改文件/etc/cni/net.d/10-flannel.conflist
{
"name": "cbr0",
"cniVersion": "0.2.0",
"plugins": [
{
"type": "flannel",
"delegate": {
"hairpinMode": true,
"isDefaultGateway": true
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
修改后运行
systemctl daemon-reload
|