CentOS上部署安装K8s v1.6.4

[TOC]

github地址：

• etct: https://github.com/coreos/etcd/releases

• flannel: https://github.com/coreos/flannel/releases

• kubernetes: https://github.com/kubernetes/kubernetes/releases

• docker: https://docs.docker.com/engine/installation/linux/centos/

部署环境

1. 准备工作

a. 升级内核到最新

1. - rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

2. - yum install -y http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm

3. - yum --enablerepo=elrepo-kernel install -y kernel-ml

4. - awk -F\' '$1=="menuentry " {print $2}' /etc/grub2.cfg

5. - 默认启动的顺序是从0开始，但我们新内核是从头插入（目前位置在0，而3.10的是在1），所以需要选择0，如果想生效最新的内核，需要 ：grub2-set-default 0

b. 关闭selinux及防火墙

1. sed -i s'/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux

2. systemctl disable firewalld; systemctl stop firewalld

3. 重启服务器

2. Master 部署

部署etcd

1. tar zxvf etcd-v3.2.1-linux-amd64.tar.gz -C /usr/local/

2. mv /usr/local/etcd-v3.1.0-linux-amd64/ /usr/local/etcd

3. ln -s /usr/local/etcd/etcd /usr/local/bin/etcd

4. ln -s /usr/local/etcd/etcdctl /usr/local/bin/etcdctl

5. 设置systemd服务文件 vi /usr/lib/systemd/system/etcd.service

设置systemd服务文件

vi /usr/lib/systemd/system/etcd.service

[Unit]

Description=Eted Server

After=network.target

[Service]

WorkingDirectory=/data/etcd/

EnvironmentFile=-/etc/etcd/etcd.conf

ExecStart=/usr/local/bin/etcd

Type=notify

Restart=on-failure

LimitNOFILE=65536

[Install]

WantedBy=multi-user.target

其中WorkingDirector表示etcd数据保存的目录，需要在启动etcd服务之前进行创建

etcd单点默认配置

cat /etc/etcd/etcd.conf

ETCD_NAME=k8s1

ETCD_DATA_DIR="/data/etcd"

ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"

ETCD_ADVERTISE_CLIENT_URLS="http://0.0.0.0:2379"

etcd服务启动

systemctl daemon-reload

systemctl enable etcd.service

systemctl start etcd.service

etcd服务检查

[root@vm227224 ~]#  etcdctl cluster-health

member 8e9e05c52164694d is healthy: got healthy result from http://0.0.0.0:2379

cluster is healthy

[root@vm227224 ~]# etcdctl member list

8e9e05c52164694d: name=k8s1 peerURLs=http://localhost:2380 clientURLs=http://0.0.0.0:2379 isLeader=true

部署kube-apiserver服务

安装kube-apiserver

[root@vm227224 ~]# tar zxvf kubernetes.tar.gz  -C /usr/local/

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-apiserver /usr/local/bin/kube-apiserver

其他服务顺便做下软链接

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/hyperkube /usr/local/bin/hyperkube

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kubeadm /usr/local/bin/kubeadm

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-controller-manager /usr/local/bin/kube-controller-manager

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kubectl  /usr/local/bin/kubectl

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-discovery /usr/local/bin/kube-discovery

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-dns  /usr/local/bin/kube-dns

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kubefed /usr/local/bin/kubefed

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kubelet /usr/local/bin/kubelet

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-proxy /usr/local/bin/kube-proxy

[root@vm227224 ~]# ln -s /usr/local/kubernetes/server/bin/kube-scheduler /usr/local/bin/kube-scheduler

配置kubernetes system config

[root@vm227224 pkg]# cat /etc/kubernetes/config

KUBE_LOGTOSTDERR="--logtostderr=false"

KUBE_LOG_DIR="--log-dir=/data/logs/kubernetes"

KUBE_LOG_LEVEL="--v=2"

KUBE_ALLOW_PRIV="--allow-privileged=false"

KUBE_MASTER="--master=http://10.210.227.224:8080"

设置systemd服务文件

[root@vm227224 pkg]# cat /usr/lib/systemd/system/kube-apiserver.service

[Unit]

Description=Kubernetes API Server

Documentation=https://github.com/GoogleCloudPlatform/kubernetes

After=network.target

After=etcd.service

[Service]

EnvironmentFile=-/etc/kubernetes/config

EnvironmentFile=-/etc/kubernetes/apiserver

ExecStart=/usr/local/bin/kube-apiserver \

$KUBE_LOGTOSTDERR \

$KUBE_LOG_LEVEL \

$KUBE_ETCD_SERVERS \

$KUBE_API_ADDRESS \

$KUBE_API_PORT \

$KUBELET_PORT \

$KUBE_ALLOW_PRIV \

$KUBE_SERVICE_ADDRESSES \

$KUBE_ADMISSION_CONTROL \

$KUBE_API_ARGS

Restart=on-failure

Type=notify

LimitNOFILE=65536

[Install]

WantedBy=multi-user.target

配置kuber-apiserver启动参数

[root@vm227224 pkg]#  cat /etc/kubernetes/apiserver

KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"

KUBE_ETCD_SERVERS="--etcd-servers=http://10.210.227.224:2379"

KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"

KUBE_API_ARGS=""

KUBE_MASTER="–master=http://10.210.227.224:8080"

启动kube-api-servers服务

[root@vm227224 ~]# systemctl daemon-reload

[root@vm227224 ~]# systemctl enable kube-apiserver.service

[root@vm227224 ~]# systemctl start kube-apiserver.service

[root@vm227224 ~]# systemctl status kube-apiserver.service

验证服务

浏览器输入 http://10.210.227.224:8080/ 查看

部署kube-controller-manager服务

[root@vm227224 pkg]# cat /usr/lib/systemd/system/kube-controller-manager.service

[Unit]

Description=Kubernetes Controller Manager

Documentation=https://github.com/GoogleCloudPlatform/kubernetes

After=kube-apiserver.service

Requires=kube-apiserver.service

[Service]

EnvironmentFile=-/etc/kubernetes/config

EnvironmentFile=-/etc/kubernetes/controller-manager

ExecStart=/usr/local/bin/kube-controller-manager \

$KUBE_LOGTOSTDERR \

$KUBE_LOG_LEVEL \

$KUBE_LOG_DIR \

$KUBE_MASTER \

$KUBE_CONTROLLER_MANAGER_ARGS

Restart=on-failure

LimitNOFILE=65536

[Install]

WantedBy=multi-user.target

配置kube-controller-manager启动参数

[root@vm227224 pkg]# cat /etc/kubernetes/controller-manager

KUBE_CONTROLLER_MANAGER_ARGS=""

启动kube-controller-manager服务

[root@vm227224 ~]# systemctl daemon-reload

[root@vm227224 ~]# systemctl enable kube-controller-manager

[root@vm227224 ~]# systemctl start kube-controller-manager

[root@vm227224 ~]# systemctl status kube-controller-manager

部署kube-scheduler服务

[root@vm227224 pkg]# cat /usr/lib/systemd/system/kube-scheduler.service

[Unit]

Description=Kubernetes Scheduler Plugin

Documentation=https://github.com/GoogleCloudPlatform/kubernetes

After=kube-apiserver.service

Requires=kube-apiserver.service

[Service]

EnvironmentFile=-/etc/kubernetes/config

EnvironmentFile=-/etc/kubernetes/scheduler

ExecStart=/usr/local/bin/kube-scheduler \

$KUBE_LOGTOSTDERR \

$KUBE_LOG_LEVEL \

$KUBE_LOG_DIR \

$KUBE_MASTER \

$KUBE_SCHEDULER_ARGS

Restart=on-failure

LimitNOFILE=65536

[Install]

WantedBy=multi-user.target

配置kube-schedulerr启动参数

[root@k8s-master ~]# cat /etc/kubernetes/schedulerr

KUBE_SCHEDULER_ARGS=""

启动kube-scheduler服务

[root@vm227224 ~]# systemctl daemon-reload

[root@vm227224 ~]# systemctl enable kube-scheduler

[root@vm227224 ~]# systemctl start kube-scheduler

[root@vm227224 ~]# systemctl status kube-scheduler

for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler; do systemctl restart $SERVICES; systemctl enable $SERVICES; systemctl status $SERVICES; done

Node节点部署

安装docker

yum instll docker

修改systemd服务文件

--exec-opt native.cgroupdriver=systemfs 改为 --exec-opt native.cgroupdriver=systemfs

[root@vm227225 bin]# cat /lib/systemd/system/docker.service

[Unit]

Description=Docker Application Container Engine

Documentation=http://docs.docker.com

After=network.target

Wants=docker-storage-setup.service

Requires=docker-cleanup.timer

[Service]

Type=notify

NotifyAccess=all

KillMode=process

EnvironmentFile=-/etc/sysconfig/docker

EnvironmentFile=-/etc/sysconfig/docker-storage

EnvironmentFile=-/etc/sysconfig/docker-network

Environment=GOTRACEBACK=crash

Environment=DOCKER_HTTP_HOST_COMPAT=1

Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin

ExecStart=/usr/bin/dockerd-current \

--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \

--default-runtime=docker-runc \

--exec-opt native.cgroupdriver=systemd \

--userland-proxy-path=/usr/libexec/docker/docker-proxy-current \

$OPTIONS \

$DOCKER_STORAGE_OPTIONS \

$DOCKER_NETWORK_OPTIONS \

$ADD_REGISTRY \

$BLOCK_REGISTRY \

$INSECURE_REGISTRY

ExecReload=/bin/kill -s HUP $MAINPID

LimitNOFILE=1048576

LimitNPROC=1048576

LimitCORE=infinity

TimeoutStartSec=0

Restart=on-abnormal

MountFlags=slave

[Install]

WantedBy=multi-user.target

[root@vm227224 ~]# systemctl daemon-reload

[root@vm227224 ~]# systemctl enable docker

[root@vm227224 ~]# systemctl start docker

[root@vm227224 ~]# systemctl status docker

安装kubernetes客户端

安装kubelet，kube-proxy

[root@vm227225 ~]# tar zxvf kubernetes-client-linux-amd64.tar.gz  -C /usr/local/

[root@vm227225 ~]# ln -s /usr/local/kubernetes/client/bin/kubectl /usr/local/bin/kubectl

[root@vm227225 ~]# ln -s /usr/local/kubernetes/client/bin/kubefed /usr/local/bin/kubefed

kube-proxy kubelet包默认client没有可以从master拷贝过来

[root@vm227225 ~]# ln -s /usr/local/kubernetes/client/bin/kube-proxy /usr/local/bin/kube-proxy

[root@vm227225 ~]# ln -s /usr/local/kubernetes/client/bin/kubelet /usr/local/bin/kubelet

部署kubelet服务

[root@vm227225 bin]# cat  /etc/kubernetes/config

KUBE_LOGTOSTDERR="--logtostderr=false"

KUBE_LOG_DIR="--log-dir=/data/logs/kubernetes"

KUBE_LOG_LEVEL="--v=2"

KUBE_ALLOW_PRIV="--allow-privileged=false"

KUBE_MASTER="--master=http://10.210.227.224:8080"

设置systemd服务文件

[root@vm227225 bin]# cat /usr/lib/systemd/system/kubelet.service

[Unit]

Description=Kubernetes Kubelet Server

Documentation=https://github.com/GoogleCloudPlatform/kubernetes

After=docker.service

Requires=docker.service

[Service]

WorkingDirectory=/data/kubelet

EnvironmentFile=-/etc/kubernetes/config

EnvironmentFile=-/etc/kubernetes/kubelet

ExecStart=/usr/local/bin/kubelet \

$KUBE_LOGTOSTDERR \

$KUBE_LOG_LEVEL \

$KUBE_LOG_DIR \

$KUBELET_API_SERVER \

$KUBELET_ADDRESS \

$KUBELET_PORT \

$KUBELET_HOSTNAME \

$KUBE_ALLOW_PRIV \

$KUBELET_POD_INFRA_CONTAINER \

$KUBELET_ARGS

Restart=on-failure

[Install]

WantedBy=multi-user.target

ps: 要创建WorkingDirectory=/data/kubelet的目录

配置kubelet启动参数

[root@vm227225 bin]# cat /etc/kubernetes/kubelet

KUBELET_ADDRESS="--address=0.0.0.0"

KUBELET_PORT="--port=10250"

KUBELET_HOSTNAME="--hostname-override=10.210.227.225"

KUBELET_API_SERVER="--api-servers=http://10.210.227.224:8080"

KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"

KUBELET_ARGS="--log-dir=/var/log/kubernetes --cgroup-driver=systemd --cgroups-per-qos=false --enforce-node-allocatable="

启动kubelet服务

[root@vm227225 ~]# systemctl daemon-reload

[root@vm227225 ~]# systemctl enable kubelet.service

[root@vm227225 ~]# systemctl start kubelet.service

[root@vm227225 ~]# systemctl status kubelet.service

部署kube-proxy服务

设置systemd服务文件

[root@vm227225 bin]# cat /usr/lib/systemd/system/kube-proxy.service

[Unit]

Description=Kubernetes Kube-Proxy Server

Documentation=https://github.com/GoogleCloudPlatform/kubernetes

After=network.target

[Service]

EnvironmentFile=-/etc/kubernetes/config

EnvironmentFile=-/etc/kubernetes/proxy

ExecStart=/usr/local/bin/kube-proxy \

$KUBE_LOGTOSTDERR \

$KUBE_LOG_LEVEL \

$KUBE_LOG_DIR \

$KUBE_MASTER \

$KUBE_PROXY_ARGS

Restart=on-failure

LimitNOFILE=65536

[Install]

WantedBy=multi-user.target

配置kubelet启动参数

[root@vm227225 bin]#  cat /etc/kubernetes/proxy

KUBE_PROXY_ARGS=""

启动kubelet服务

[root@vm227225 ~]# systemctl daemon-reload

[root@vm227225 ~]# systemctl enable kube-proxy.service

[root@vm227225 ~]# systemctl start kube-proxy.service

[root@vm227225 ~]# systemctl status kube-proxy.service

for SERVICES in kube-proxy kubelet docker; do systemctl restart $SERVICES; systemctl enable $SERVICES; systemctl status $SERVICES; done

验证节点是否启动

[root@vm227224 pkg]# kubectl get node

NAME            STATUS    AGE      VERSION

10.210.227.225  Ready    14h      v1.6.4