1、简介
K8s部署主要有两种方式:- 1、Kubeadm
Kubeadm是一个K8s部署工具,提供kubeadm init和kubeadm join,用于快速部署Kubernetes集群。
- 2、二进制
从github下载发行版的二进制包,手动部署每个组件,组成Kubernetes集群。
本文通过kudeadm的方式在centos7上安装kubernetes集群。
2、环境准备
(1)初始化配置
#关闭防火墙
systemctl stop firewalld systemctl disable firewalld
#关闭selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config
#关闭swap
把/etc/fstab下的swap注释掉。
sed -ri 's/.*swap.*/#&/' /etc/fstab
#设置主机名
hostnamectl set-hostname k8s-node hostnamectl set-hostname k8s-master
#在master添加hosts
cat > /etc/hosts << EOF 192.168.44.137 k8s-node 192.168.44.138 k8s-master EOF
#将桥接的IPV4流量传递到iptables的链:
cat > /etc/sysctl.d/k8s.conf << EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl --system
#时间同步
yum install ntpdate -y ntpdate time.windows.com
(2) 安装Docker
wget http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo yum -y install docker-ce systemctl enable docker && systemctl start docker #配置镜像加速器 sudo mkdir -p /etc/docker sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://kd88kykb.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart docker
(3)添加阿里云yum软件源
cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
(4)安装kubeadm、kubelet和kubectl
yum install -y kubelet-1.19.0 kubeadm-1.19.0 kubectl-1.19.0
systemctl enable kubelet
3、部署Kubernetes Master
kubeadm init \
--apiserver-advertise-address=192.168.44.138 \ --image-repository=registry.aliyuncs.com/google_containers \ --kubernetes-version=v1.19.0 \ --service-cidr=10.96.0.0/12 \ --pod-network-cidr=10.244.0.0/16 \ --ignore-preflight-errors=all
安装成功:
使用kubectl查看节点状态
4、部署Node节点
向集群添加新节点,执行kubeadm join命令即可。
kubeadm join 192.168.44.138:6443 --token 1g5b2s.sany5uo5w4op3hae \ --discovery-token-ca-cert-hash sha256:0fc38e874b727a9a4c2118e562a0b941dde98fa6ecc4ec2a6161b7d70a3966e2
journalctl -u kubelet
5、部署容器网络(CNI)
找到k8s版本对应的calico
https://projectcalico.docs.tigera.io/archive/v3.20/getting-started/kubernetes/requirements
#下载calico.yaml,替换CALICO_IPV4POOL_CIDR
curl https://raw.githubusercontent.com/projectcalico/calico/v3.25.0/manifests/calico-etcd.yaml -o calico.yaml
kubectl apply -f calico.yaml kubectl get pods -n kube-system
6、测试kubernetes集群
在集群中创建一个pod,验证是否正常运行:
kubectl create deployment nginx --image=nginx kubectl expose deployment nginx --port=80 --type=NodePort kubectl get pod,svc
http://192.168.44.138:31819/
http://192.168.44.137:31819/
7、部署Dashboard
下载,并增加 type: NodePort
https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.3/aio/deploy/recommended.yaml
kubectl apply -f recommended.yaml kubectl get pod,svc -n kubernetes-dashboard
浏览器访问:
创建service account 并绑定默认cluster-admin管理员集群角色:
#创建用户 kubectl create serviceaccount dashboard-admin -n kube-system #用户授权 kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin #获取用户token kubectl describe secret -n kube-system $(kubectl -n kube-system get secret|awk '/dashboard-admin/{print $1}')
使用token登录dashboard。
标签:kubectl,kubernetes,etc,部署,--,kubeadm,K8s,docker From: https://www.cnblogs.com/xiaozi/p/17110071.html