K8S03-源码包安装(1.11.0版)

9.集群中测试启用一个nginx实例
1.在1台master上执行以下命令
[root@master1 ~]# kubectl run nginx --replicas=2 --labels="run=nginx-service" --image=172.16.0.2:5000/docker.io/nginx --port=80
deployment.apps/nginx created
nginx 为实例名
--replicas=2 创建2个复本
--labels 标签
--image 镜像地址,搭建的是本地私有仓库
--port 启用80端口
查看应用名
[root@master1 ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 2 2 2 2 9s
查看复本名
[root@master1 ~]# kubectl get rs
NAME DESIRED CURRENT READY AGE
nginx-6c9b9fc894 2 2 2 13s
查看node节点
[root@master1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
172.16.0.8 Ready <none> 1d v1.11.0
172.16.0.9 Ready <none> 1d v1.11.0
查看启动的pod名称
[root@master1 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6c9b9fc894-8ccwr 1/1 Running 0 22s
nginx-6c9b9fc894-wx449 1/1 Running 0 22s
删除nginx应用执行以下命令即可
[root@master1 ~]# kubectl delete deployment nginx
deployment.extensions "nginx" deleted
或kubectl delete deploy/nginx
[root@master1 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
example-service NodePort 169.169.27.9 <none> 80:55313/TCP 23h
kubernetes ClusterIP 169.169.0.1 <none> 443/TCP 5d
或kubectl delete svc/example-service
缩减少或者扩容pod
[root@master1 ~]# kubectl scale deployment nginx --replicas=3
deployment.extensions/nginx scaled
[root@master1 ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 3 3 3 3 6d
[root@master1 ~]# kubectl get deployment -o wide
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
nginx 3 3 3 3 6d nginx 172.16.0.2:5000/docker.io/nginx run=wbb
分配一个虚拟集群ip(169.169.0.0段的ip)
[root@master2 ~]#kubectl expose deployment nginx --type=NodePort --name=nginx-service
查看svc集群ip分配情况及删除
[root@master2 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 169.169.0.1 <none> 443/TCP 5d
nginx-service NodePort 169.169.157.14 <none> 800:52773/TCP 2s
[root@master1 ~]#kubectl delete deployment nginx
[root@master1 ~]# kubectl delete svc example-service
service "example-service" deleted
查看创建的pod分配情况nginx-service
[root@master2 ~]# kubectl describe svc nginx-service
Name: nginx-service
Namespace: default
Labels: run=nginx-service
Annotations: <none>
Selector: run=nginx-service
Type: NodePort
IP: 169.169.157.14
Port: <unset> 800/TCP
TargetPort: 800/TCP
NodePort: <unset> 52773/TCP
Endpoints: 10.10.12.2:800,10.10.36.2:800
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
[root@node1 ~]# curl -L http://10.10.36.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.

Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@node2 ~]# curl -L http://10.10.12.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.

Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
以后安装完后,发现二个node间不能互相访问,即在node1上执行curl http://10.10.12.2,发现获取不到nginx数据,执行以下二个即可
modprobe ip_tables;
iptables -P FORWARD ACCEPT;
注意：此时可能会出现不同node节点上面的pod之间网络不通，解决方法如下

设置所有节点iptables

yum install iptables-services -y;
systemctl disable iptables;
systemctl stop iptables;
modprobe ip_tables;
iptables -P FORWARD ACCEPT;
10.coredns安装
第一种方式:从官网下载
mkdir coredns && cd coredns
wget https://raw.githubusercontent.com/coredns/deployment/master/kubernetes/coredns.yaml.sed
wget https://raw.githubusercontent.com/coredns/deployment/master/kubernetes/deploy.sh
chmod +x deploy.sh
./deploy.sh -i 10.96.0.10 > coredns.yml
kubectl apply -f coredns.yml

查看

kubectl get pods --namespace kube-system
kubectl get svc --namespace kube-system
然后在所有node节点的
[root@node2 kubernetes]# cat kubelet.conf
KUBELET_ARGS="--cgroup-driver=systemd
--hostname-override=172.16.0.9
--cert-dir=/etc/kubernetes/pki
--bootstrap-kubeconfig=/etc/kubernetes/bootstrap.kubeconfig
--kubeconfig=/etc/kubernetes/kubelet.kubeconfig
--cluster-dns=169.169.0.2
--cluster-domain=cluster.local" 增加以上二行
然后重启kubelet服务
测试是否生效
1.在master服务器上生成二个nginx服务
kubectl run nginx --replicas=2 --labels="run=wbb" --image=172.16.0.2:5000/docker.io/nginx --port=800
deployment.apps/nginx created
2.在node上查看,nginx的容器和coredns的容器已启动
[root@node2 kubernetes]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4462774c0860 172.16.0.2:5000/docker.io/nginx@sha256:0b5c73966ec996a05672c4aea0a0d1910c6d7495147805ef88205bff51e119f3 "nginx -g 'daemon ..." 32 minutes ago Up 32 minutes k8s_nginx_nginx-66b6fb98fd-gdz97_default_5c2de123-c2ed-11e8-af1a-5254d2b1bb60_0
bfe9625300e7 k8s.gcr.io/pause:3.1 "/pause" 32 minutes ago Up 32 minutes k8s_POD_nginx-66b6fb98fd-gdz97_default_5c2de123-c2ed-11e8-af1a-5254d2b1bb60_0
3ca7f4570d93 docker.io/coredns/coredns@sha256:3e2be1cec87aca0b74b7668bbe8c02964a95a402e45ceb51b2252629d608d03a "/coredns -conf /e..." 3 hours ago Up 3 hours k8s_coredns_coredns-55f86bf584-95xd7_kube-system_5f915bfb-c2d5-11e8-af1a-5254d2b1bb60_0
b204ac0c0a88 k8s.gcr.io/pause:3.1 "/pause" 3 hours ago Up 3 hours k8s_POD_coredns-55f86bf584-95xd7_kube-system_5f915bfb-c2d5-11e8-af1a-5254d2b1bb60_0
在集群的master,node服务器上执行以下,说明nginx启动正常
[root@node2 kubernetes]# curl -L http://10.10.36.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.

Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
登录任意台nginx容器里检查/etc/resolv.conf里配置文件是否已修改为169.169.0.2dns的虚拟ip
[root@master1 coredns]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-66b6fb98fd-g54fk 1/1 Running 0 34m
nginx-66b6fb98fd-gdz97 1/1 Running 0 34m
说明容器里面的dns已指向了coredns了
[root@master1 coredns]# kubectl exec -it nginx-66b6fb98fd-gdz97 /bin/bash
root@nginx-66b6fb98fd-gdz97:/# cat /etc/resolv.conf
nameserver 169.169.0.2
search default.svc.cluster.local svc.cluster.local cluster.local hk1.zfcloud.com
options ndots:5
-------------------------------------------------------------------------------------------------------------------------------------------------------以上coredns安装完毕
第二种方式:
下载kubernetes源码包时,里面已包括了coredns的安装脚本放在
按上面方式也是一样可以安装
11.dashboard-ui平台安装
1.下载镜像文件
然后导入私有仓库k8s.gcr.io/kubernetes-dashboard-amd64
k8s.gcr.io/kube-apiserver-amd64 v1.11.3 3de571b6587b 2 weeks ago 187 MB
172.16.0.2:5000/k8s.gcr.io/kubernetes-dashboard-amd64 v1.10.0 0dab2435c100 5 weeks ago 122 MB
2.从kubernetes源码包里直接安装
ls /root/kubernetes/cluster/addons/dashboard
dashboard-controller.yaml dashboard-rbac.yaml dashboard-secret.yaml dashboard-service.yaml
vim dashboard-controller.yaml
[root@master1 dashboard]# cat dashboard-controller.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
serviceAccountName: dashboard
containers:
- name: kubernetes-dashboard
image: 172.16.0.2:5000/k8s.gcr.io/kubernetes-dashboard-amd64 修改镜像文件为本地搭建的私有仓库,然后下载镜像
resources:
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 9090
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
[root@master1 dashboard]# cat dashboard-service.yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
type: NodePort 增加此行
selector:
k8s-app: kubernetes-dashboard
ports:

port: 80
targetPort: 9090
2.创建文件
[root@master1 dashboard]# kubectl create -f kubernetes-dashboard.yaml dashboard-rbac.yaml dashboard-secret.yaml dashboard-service.yaml 最好一个个文件执行
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
3.删除yaml文件产生的容器,用以下方式
kubectl delete -f rc-nginx.yaml
[root@master1 dashboard]# kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE
coredns-55f86bf584-6lg79 1/1 Running 0 2d 10.10.36.3 172.16.0.8
coredns-55f86bf584-95xd7 1/1 Running 0 2d 10.10.12.3 172.16.0.9
kubernetes-dashboard-58c47d9476-gv6x4 1/1 Running 0 1d 10.10.36.4 172.16.0.8 出现此行说明dashboard已安装完成,并启动成功,安装在172.16.0.8的node节点服务器上,容器的ip为10.10.36.4
[root@master1 dashboard]# kubectl get svc -n kube-system -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kube-dns ClusterIP 169.169.0.2 <none> 53/UDP,53/TCP 2d k8s-app=kube-dns
kubernetes-dashboard NodePort 169.169.110.197 <none> 80:17189/TCP 1d k8s-app=kubernetes-dashboard 由于启用了Nodeport,所容器有对外映射一个17189的端口,到此dashboard平台已搭建完毕,但还是不能访问
如何在外网访问,并打开页面
之前在etcd有安装haproxy+keepalived
vim /etc/haproxy/haproxy.conf文件中最下面一行增如下内容
listen dashborad
bind *:8086 外网访问端口为:8086
mode tcp
maxconn 65535
balance roundrobin
server node1 10.10.36.4:9090 check inter 10000 fall 2 rise 2 weight 1 etcd服务器可以直接访问dashboard 容器的ip地址,10.10.36.4的9090端口
或者用下面也可以
server node1 172.16.0.8:17189 check inter 10000 fall 2 rise 2 weight 1 node网卡节点ip:映射的外网端口.通过harpoxy反射代理来访问
然后重启haproxy
浏览器输入以下链接访问页面
http://172.16.0.100:8086的负载均衡ip地址
-----------------------------------------------------------------------------------------------------------------------------------------------到此dashboard安装完毕

人面猴
序言：七十年代末，一起剥皮案震惊了整个滨河市，随后出现的几起案子，更是在滨河造成了极大的恐慌，老刑警刘岩，带你破解...
沈念sama阅读 203,772评论 6赞 477
死咒
序言：滨河连续发生了三起死亡事件，死亡现场离奇诡异，居然都是意外死亡，警方通过查阅死者的电脑和手机，发现死者居然都...
沈念sama阅读 85,458评论 2赞 381
救了他两次的神仙让他今天三更去死
文/潘晓璐我一进店门，熙熙楼的掌柜王于贵愁眉苦脸地迎上来，“玉大人，你说我怎么就摊上这事。” “怎么了？”我有些...
开封第一讲书人阅读 150,610评论 0赞 337
道士缉凶录：失踪的卖姜人
文/不坏的土叔我叫张陵，是天一观的道长。经常有香客问我，道长，这世上最难降的妖魔是什么？我笑而不...
开封第一讲书人阅读 54,640评论 1赞 276
港岛之恋（遗憾婚礼）
正文为了忘掉前任，我火速办了婚礼，结果婚礼上，老公的妹妹穿的比我还像新娘。我一直安慰自己，他们只是感情好，可当我...
茶点故事阅读 63,657评论 5赞 365
恶毒庶女顶嫁案：这布局不是一般人想出来的
文/花漫我一把揭开白布。她就那样静静地躺着，像睡着了一般。火红的嫁衣衬着肌肤如雪。梳的纹丝不乱的头发上，一...
开封第一讲书人阅读 48,590评论 1赞 281
城市分裂传说
那天，我揣着相机与录音，去河边找鬼。笑死，一个胖子当着我的面吹牛，可吹牛的内容都是我干的。我是一名探鬼主播，决...
沈念sama阅读 37,962评论 3赞 395
双鸳鸯连环套：你想象不到人心有多黑
文/苍兰香墨我猛地睁开眼，长吁一口气：“原来是场噩梦啊……” “哼！你这毒妇竟也来了？” 一声冷哼从身侧响起，我...
开封第一讲书人阅读 36,631评论 0赞 258
万荣杀人案实录
序言：老挝万荣一对情侣失踪，失踪者是张志新（化名）和其女友刘颖，没想到半个月后，有当地人在树林里发现了一具尸体，经...
沈念sama阅读 40,870评论 1赞 297
护林员之死
正文独居荒郊野岭守林人离奇死亡，尸身上长有42处带血的脓包…… 初始之章·张勋以下内容为张勋视角年9月15日...
茶点故事阅读 35,611评论 2赞 321
白月光启示录
正文我和宋清朗相恋三年，在试婚纱的时候发现自己被绿了。大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
茶点故事阅读 37,704评论 1赞 329
活死人
序言：一个原本活蹦乱跳的男人离奇死亡，死状恐怖，灵堂内的尸体忽然破棺而出，到底是诈尸还是另有隐情，我是刑警宁泽，带...
沈念sama阅读 33,386评论 4赞 319
日本核电站爆炸内幕
正文年R本政府宣布，位于F岛的核电站，受9级特大地震影响，放射性物质发生泄漏。R本人自食恶果不足惜，却给世界环境...
茶点故事阅读 38,969评论 3赞 307
男人毒药：我在死后第九天来索命
文/蒙蒙一、第九天我趴在偏房一处隐蔽的房顶上张望。院中可真热闹，春花似锦、人声如沸。这庄子的主人今日做“春日...
开封第一讲书人阅读 29,944评论 0赞 19
一桩弑父案，背后竟有这般阴谋
文/苍兰香墨我抬头看了看天上的太阳。三九已至，却和暖如春，着一层夹袄步出监牢的瞬间，已是汗流浃背。一阵脚步声响...
开封第一讲书人阅读 31,179评论 1赞 260
情欲美人皮
我被黑心中介骗来泰国打工，没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留，地道东北人。一个月前我还...
沈念sama阅读 44,742评论 2赞 349
代替公主和亲
正文我出身青楼，却偏偏与公主长得像，于是被迫代替她去往敌国和亲。传闻我的和亲对象是个残疾皇子，可洞房花烛夜当晚...
茶点故事阅读 42,440评论 2赞 342

K8S03-源码包安装(1.11.0版)

设置所有节点iptables

查看

推荐阅读更多精彩内容