一翅睛、禁用SELINUX:
setenforce 0
vi /etc/selinux/config?
SELINUX=disabled
二捅僵、創(chuàng)建/etc/sysctl.d/k8s.conf文件钱反,添加如下內(nèi)容:
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
執(zhí)行命令使修改生效掖看。
modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf
三匣距、安裝Docker
1、設(shè)置docker的yum源(采用阿里云):
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager \
? ? --add-repo \
? ? https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2哎壳、下載docker-ce毅待,這里采用18.06.1.ce版本
yum makecache fast
yum install -y --setopt=obsoletes=0 \
? docker-ce-18.06.1.ce-3.el7
3、啟動docker
systemctl start docker
systemctl enable docker
4耳峦、確認(rèn)一下iptables filter表中FOWARD鏈的默認(rèn)策略(pllicy)為ACCEPT
iptables -nvL
Chain INPUT (policy ACCEPT 263 packets, 19209 bytes) pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)?
pkts bytes target prot opt in out source destination
如果不是ACCEPT恩静,則修改
iptables? -P?FORWARD??ACCEPT?
四、使用kubeadm部署Kubernetes
1蹲坷、安裝kubeadm和kubelet(這里也采用阿里云鏡像)
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
? ? ? ? http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum makecache fast && yum install -y kubelet kubeadm kubectl
這里會從google下載鏡像驶乾,如果無法翻墻請執(zhí)行下面命令后在執(zhí)行上面名
docker pull mirrorgooglecontainers/kube-apiserver-amd64:v1.12.2
docker pull mirrorgooglecontainers/kube-controller-manager-amd64:v1.12.2
docker pull mirrorgooglecontainers/kube-scheduler-amd64:v1.12.2
docker pull mirrorgooglecontainers/kube-proxy-amd64:v1.12.2
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd-amd64:3.2.24
docker pull coredns/coredns:1.2.2
docker tag docker.io/mirrorgooglecontainers/kube-proxy-amd64:v1.12.2 k8s.gcr.io/kube-proxy:v1.12.2
docker tag docker.io/mirrorgooglecontainers/kube-scheduler-amd64:v1.12.2 k8s.gcr.io/kube-scheduler:v1.12.2
docker tag docker.io/mirrorgooglecontainers/kube-apiserver-amd64:v1.12.2 k8s.gcr.io/kube-apiserver:v1.12.2
docker tag docker.io/mirrorgooglecontainers/kube-controller-manager-amd64:v1.12.2 k8s.gcr.io/kube-controller-manager:v1.12.2
docker tag docker.io/mirrorgooglecontainers/etcd-amd64:3.2.24? k8s.gcr.io/etcd:3.2.24
docker tag docker.io/mirrorgooglecontainers/pause:3.1? k8s.gcr.io/pause:3.1
docker tag docker.io/coredns/coredns:1.2.2? k8s.gcr.io/coredns:1.2.2
Kubernetes 1.8開始要求關(guān)閉系統(tǒng)的Swap,默認(rèn)配置下kubelet將無法啟動循签。
swapoff -a
修改/etc/sysctl.d/k8s.conf级乐,增加下面一行。然后執(zhí)行sysctl -p /etc/sysctl.d/k8s.conf使修改生效县匠。
vm.swappiness=0
sysctl -p /etc/sysctl.d/k8s.conf
修改/etc/sysconfig/kubelet风科,增加--fail-swap-on=false
KUBELET_EXTRA_ARGS=--fail-swap-on=false
2 使用kubeadm init初始化集群
在各節(jié)點(diǎn)開機(jī)啟動kubelet服務(wù):
systemctl enable kubelet.service
接下來使用kubeadm初始化集群,選擇node1作為Master Node乞旦,在node1上執(zhí)行下面的命令(請將IP換成你自己的master機(jī)器IP):
kubeadm init \
? --kubernetes-version=v1.12.2 \
? --pod-network-cidr=10.244.0.0/16 \
? --apiserver-advertise-address= 172.20.38.10
? --ignore-preflight-errors=Swap
在輸出日志后面你會看到成功標(biāo)記
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
?mkdir -p $HOME/.kube
? sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
? sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:? ????https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each nodeas root:?
kubeadm join 172.20.38.10:6443 --token 62u3or.7rvaxpgra3r9c1u9 --discovery-token-ca-cert-hash sha256:0fe59a4d41817cff8d3190a0e3c541219957abd938c4f9243d03782523c663dc
kubeadm join ...這行是在節(jié)點(diǎn)上執(zhí)行贼穆,用來加入到集群的命令。
按照他的提示執(zhí)行以下命令
mkdir -p $HOME/.kube
? sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
? sudo chown $(id -u):$(id -g) $HOME/.kube/config
3兰粉、檢查集群狀態(tài)
kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager? Healthy? ok
scheduler? ? ? ? ? ? Healthy? ok
etcd-0? ? ? ? ? ? ? Healthy? {"health": "true"}
4 安裝Pod Network
mkdir -p ~/k8s/cd ~/k8s
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
由于默認(rèn)生成的master節(jié)點(diǎn)沒有加入到集群故痊,他的狀態(tài)是not-ready:NoSchedule
因此需要修改成
tolerations: - key: node-role.kubernetes.io/master
? ? ? ? operator: Exists? ? ? ? effect: NoSchedule? ? ? - key: node.kubernetes.io/not-ready
? ? ? ? operator: Exists? ? ? ? effect: NoSchedule
aplly修改操作
kubectl apply -f kube-flannel.yml
執(zhí)行kubectl get nodes,發(fā)現(xiàn)ready的表示已經(jīng)完成
kubectl get nodes
NAME? ? ? ? ? ? ? ? ? ? ? ? STATUS? ROLES? ? AGE? ? VERSION
test-chentianhui--devms--1? Ready? ? master? 6h5m? v1.12.2