看完本篇能学到的知识点
- k8s集群的安装
- k8s的 kubectl 常用命令的使用
- k8s发布一个简单的应用
- k8s的应用网络访问三种方式
安装过程中遇到的问题
组件controller-manager与scheduler状态为Unhealthy处理
image.jpeg
image.jpeg
改完重启
systemctl restart kubelet
[ERROR FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables contents are not set to 1
[ERROR FileContent--proc-sys-net-ipv4-ip_forward]: /proc/sys/net/ipv4/ip_forward contents are not set to 1
解决:
echo '1' > /proc/sys/net/ipv4/ip_forward
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables
硬件要求
- x86-64 processor
- 2CPU
- 2GB RAM
- 10GB free disk space
- RedHat Enterprise Linux 7.x+, CentOS 7.x+, Ubuntu 16.04+, or Debian 9.x+
来自 <https://docs.projectcalico.org/getting-started/kubernetes/quickstart>;
实验环境
| 主机名 | IP | 角色 | 操作系统 | CPU/MEM |
| master | 192.168.118.20 | Master | CentOS7 | 2core/2GB |
| node1 | 192.168.118.21 | node1 | CentOS7 | 2core/2GB |
| node2 | 192.168.118.22 | node2 | CentOS7 | 2core/2GB |
安装步骤
一、 环境预设(在所有主机上操作)
1.1、关闭firewalld
systemctl stop firewalld; systemctl disable firewalld
1.2、关闭SElinux
setenforce 0; sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
1.3、关闭Swap
swapoff -a; sed -i "s/\/dev\/mapper\/centos-swap/\#\/dev\/mapper\/centos-swap/g" /etc/fstab
如果不想关闭swap,可以跳过检查
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
在初始化时加入参数--ignore-preflight-errors=Swap
1.4、使用阿里云yum源:
wget -O /etc/yum.repos.d/CentOS7-Aliyun.repo http://mirrors.aliyun.com/repo/Centos-7.repo
1.5、修改内核参数
[root@master ~]# cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
使配置生效
[root@master ~]# sysctl --system
1.6、配置本地解析
vim /etc/hosts
192.168.118.20 master
192.168.118.21 node1
192.168.118.22 node2
二、. 安装docker引擎(在所有主机上操作)
2.1、安装阿里云docker源
wget -O /etc/yum.repos.d/docker-ce.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2.2、安装docker
yum install docker-ce -y
2.3、启动docker
systemctl enable docker;systemctl start docker
2.4、调整docker部分参数
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://dkqah25p.mirror.aliyuncs.com"], // 换成自己的阿里云镜像加速器地址
"exec-opts": ["native.cgroupdriver=systemd"] // 默认cgroupfs,k8s官方推荐systemd,否则初始化出现Warning
}
EOF
systemctl daemon-reload
systemctl restart docker
2.5、检查确认docker的Cgroup Driver信息
[root@master ~]# docker info |grep Cgroup
Cgroup Driver: systemd
三、 安装kubernetes初始化工具(在所有主机上操作)
3.1、使用阿里云的kubernetes源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
3.2、安装
yum install -y kubelet kubeadm kubectl
3.3、启动kubelet
systemctl enable kubelet;systemctl start kubelet
#此时启动不成功正常,初始化后有配置文件了就启动了
四、 初始化集群(在master节点上操作)
4.1、master初始化
kubeadm init --kubernetes-version=1.18.5 --apiserver-advertise-address=192.168.118.20 --image-repository mirrorgcrio --service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16 --ignore-preflight-errors=Swap,NumCPU
--kubernetes-version:k8s版本
--apiserver-advertise-address:spiserver的地址
--image-repository:由于kubeadm 默认从官网k8s.grc.io下载所需镜像,国内无法访问,因此需要通过–image-repository指定mirrorgcrio。
--ignore-preflight-errors=Swap,NumCPU:跳过swap和cpu检查
出现以下内容是初始化成功
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.118.20:6443 --token akiiod.ajlbeux62nhin6kw \
--discovery-token-ca-cert-hash sha256:76a5cfca9c7c90e319a0c27731dfab0d6c40932ba4c10b0dfb46d9528492a1d9
4.2、按照提示操作
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
如果是root 可以直接执行
export KUBECONFIG=/etc/kubernetes/admin.conf
以上两个二选一即可,我这里用root
export KUBECONFIG=/etc/kubernetes/admin.conf
确认master各组件状态
[root@k8s-master docker]# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health":"true"}
将admin配置文件复制到所有node节点
scp /etc/kubernetes/admin.conf node1:/etc/kubernetes/
scp /etc/kubernetes/admin.conf node2:/etc/kubernetes/
配置环境变量
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
立即生效
source ~/.bash_profile
4.3、重新初始化集群
当初始化中途出现报错时,先重置集群,后重新初始化集群
kubeadm reset
systemctl daemon-reload
systemctl restart kubelet
iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X
iptables -nL #检查防火墙规则是否清空
netstat -antlp #检查端口是否全被放开
五、 安装calico(在master节点上操作)
5.1、安装
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
5.2、安装成功后查看pod
[root@master ~]# kubectl get pod -n kube-system -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
calico-kube-controllers-58b656d69f-jk7fr 1/1 Running 0 3m42s 10.122.219.67 master <none> <none>
calico-node-2jhdt 1/1 Running 0 3m42s 192.168.118.20 master <none> <none>
coredns-54f99b968c-5wmbp 1/1 Running 0 11m 10.122.219.66 master <none> <none>
coredns-54f99b968c-lgvsw 1/1 Running 0 11m 10.122.219.65 master <none> <none>
etcd-master 1/1 Running 0 11m 192.168.118.20 master <none> <none>
kube-apiserver-master 1/1 Running 0 11m 192.168.118.20 master <none> <none>
kube-controller-manager-master 1/1 Running 0 11m 192.168.118.20 master <none> <none>
kube-proxy-7ms45 1/1 Running 0 11m 192.168.118.20 master <none> <none>
kube-scheduler-master 1/1 Running 0 11m 192.168.118.20 master <none> <none>
六、node加入集群(非master节点操作)
6.1、加入集群
kubeadm join 192.168.118.20:6443 --token akiiod.ajlbeux62nhin6kw \
--discovery-token-ca-cert-hash sha256:76a5cfca9c7c90e319a0c27731dfab0d6c40932ba4c10b0dfb46d9528492a1d9 \
--ignore-preflight-errors=Swap,NumCPU
6.2、master节点查看node及pod
[root@master ~]# kubectl get pod -n kube-system -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
calico-kube-controllers-58b656d69f-jk7fr 1/1 Running 0 7m39s 10.122.219.67 master <none> <none>
calico-node-2jhdt 1/1 Running 0 7m39s 192.168.118.20 master <none> <none>
calico-node-4258m 0/1 Running 0 119s 192.168.118.21 node1 <none> <none>
calico-node-lpcvq 0/1 Running 0 113s 192.168.118.22 node2 <none> <none>
coredns-54f99b968c-5wmbp 1/1 Running 0 15m 10.122.219.66 master <none> <none>
coredns-54f99b968c-lgvsw 1/1 Running 0 15m 10.122.219.65 master <none> <none>
etcd-master 1/1 Running 0 15m 192.168.118.20 master <none> <none>
kube-apiserver-master 1/1 Running 0 15m 192.168.118.20 master <none> <none>
kube-controller-manager-master 1/1 Running 0 15m 192.168.118.20 master <none> <none>
kube-proxy-65tr6 1/1 Running 0 119s 192.168.118.21 node1 <none> <none>
kube-proxy-7ms45 1/1 Running 0 15m 192.168.118.20 master <none> <none>
kube-proxy-h7sg5 1/1 Running 0 113s 192.168.118.22 node2 <none> <none>
kube-scheduler-master 1/1 Running 0 15m 192.168.118.20 master <none> <none>
[root@master ~]# kubectl get node -n kube-system -owide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIM
Emaster Ready master 15m v1.18.5 192.168.118.20 <none> CentOS Linux 7 (Core) 3.10.0-693.el7.x86_64 docker://19.3.12
node1 Ready <none> 2m3s v1.18.5 192.168.118.21 <none> CentOS Linux 7 (Core) 3.10.0-693.el7.x86_64 docker://19.3.12
node2 Ready <none> 117s v1.18.5 192.168.118.22 <none> CentOS Linux 7 (Core) 3.10.0-693.el7.x86_64 docker://19.3.12
参考文章:https://www.jianshu.com/p/ad27168bebb5
转自:
https://my.oschina.net/u/4302015/blog/4330880
经实战,此实装有效,中间会遇到一些问题
k8s状态
image.png
pods 状态
image.png
service 状态
通过pods访问应用
通过service访问应用
image.png
通过外网(NodePort)访问应用
image.png
image.png
image.png
