安裝docker
-
安裝docker環(huán)境必要的包
sudo yum install -y yum-utils device-mapper-persistent-data lvm2 -
加入docker repo
sudo yum-config-manager \ --add-repo \ https://download.docker.com/linux/centos/docker-ce.repo -
安裝docker-ce (ce 版本為社區(qū)版本张足,ee版本為商業(yè)版本)
sudo yum makecache fast sudo yum install docker-ce安裝過程中可能會(huì)出現(xiàn)依賴問題,缺少 container-selinux-2.9 這個(gè)安裝包寒矿,此時(shí)需要執(zhí)行以下安裝命令
sudo yum install ftp://fr2.rpmfind.net/linux/centos/7.3.1611/extras/x86_64/Packages/container-selinux-2.9-4.el7.noarch.rpm成功后繼續(xù)執(zhí)行
sudo yum install docker-ce -
啟動(dòng)docker服務(wù)
sudo systemctl start docker.service
安裝 kubectl
-
下載最新的kublet程序
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl -
添加可執(zhí)行權(quán)限
chmod +x ./kubectl -
移動(dòng)到系統(tǒng)環(huán)境中
sudo mv ./kubectl /usr/local/bin/kubectl
安裝 kubelet,kubectl
-
切換到root環(huán)境
su root 或者 sudo -i -
安裝 kubelet 和 kubeadm
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg EOF setenforce 0 yum install -y kubelet kubeadm -
啟動(dòng)kubelet服務(wù)
systemctl enable kubelet && systemctl start kubelet
初始化 mater node(該操作只需要在主節(jié)點(diǎn)上執(zhí)行)
-
使用kubeadm初始化master
kubeadm init -
初始化輸出示例
[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters. [init] Using Kubernetes version: v1.7.0 [init] Using Authorization modes: [Node RBAC] [preflight] Running pre-flight checks [preflight] Starting the kubelet service [certificates] Generated CA certificate and key. [certificates] Generated API server certificate and key. [certificates] API Server serving cert is signed for DNS names [kubeadm-master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.138.0.4] [certificates] Generated API server kubelet client certificate and key. [certificates] Generated service account token signing key and public key. [certificates] Generated front-proxy CA certificate and key. [certificates] Generated front-proxy client certificate and key. [certificates] Valid certificates and keys now exist in "/etc/kubernetes/pki" [kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/admin.conf" [kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf" [kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/controller-manager.conf" [kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/scheduler.conf" [apiclient] Created API client, waiting for the control plane to become ready [apiclient] All control plane components are healthy after 16.502136 seconds [token] Using token: <token> [apiconfig] Created RBAC rules [addons] Applied essential addon: kube-proxy [addons] Applied essential addon: kube-dns Your Kubernetes master has initialized successfully! To start using your cluster, you need to run (as a regular user): mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: http://kubernetes.io/docs/admin/addons/ You can now join any number of machines by running the following on each node as root: kubeadm join --token <token> <master-ip>:<master-port> -
執(zhí)行上述輸入中的內(nèi)容(遺漏該步驟可能會(huì)導(dǎo)致 kube-dns pod 一直無法running的錯(cuò)誤)
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config -
安裝 pod network (用于pod以及docker容器之間進(jìn)行網(wǎng)絡(luò)通信)
kubectl apply -f https://git.io/weave-kube-1.6Note:pod network 有多種蟆淀,此處我們選擇 weave拯啦,其他網(wǎng)絡(luò)可自行研究
加入子節(jié)點(diǎn)
-
子節(jié)點(diǎn)加入到 Cluster
kubeadm join --token <token> <master-ip>:<master-port>
安裝dashboard
-
安裝命令
kubectl create -f https://git.io/kube-dashboard -
運(yùn)行dashboard(需要在主機(jī)上查看)
執(zhí)行 kubectl proxy瀏覽器訪問: http://localhost:8081/ui
k8s dashboard
問題匯總
-
執(zhí)行 kubeadm init 后一直卡在
[apiclient] Created API client, waiting for the control plane to become ready可使用以下命令查看日志
journalctl -xeu kubelet問題原因: gcr.io/google_containers/pause-amd64:3.0 沒有pull下來
解決方式:docker pull gcr.io/google_containers/pause-amd64:3.0,若仍然pull不下來,可開啟外網(wǎng)代理再使用docker pull kubelet: error: failed to run Kubelet: failed to create kubelet: misconfiguration: kubelet cgroup driver: "systemd" is different from docker cgroup driver: "cgroupfs"
問題原因:kubelet 使用的cgroup driver和docker使用的不一致
解決方式:修改kubelet配置文件: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf熔任,將systemd修改為 cgroupfs,重啟kubelet ( systemctl restart kubelet )-
使用kubectl get nodes 命令報(bào)錯(cuò):The connection to the server localhost:8080 was refused - did you specify the right host or port?
解決方式:添加 KUBECONFIG環(huán)境變量vim ~/.bash_profile 末尾添加 export KUBECONFIG=/etc/kubernetes/admin.conf source ~/.bash_profile 安裝 kubelet kubeadm 報(bào)錯(cuò):https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/repomd.xml: [Errno 14] curl#7 - "Failed to connect to 2404:6800:4008:801::200e: 網(wǎng)絡(luò)不可
達(dá)"
解決方式:開啟外網(wǎng)代理安裝-
kube-dns 一直無法處于 3/3 running 狀態(tài)
問題原因:使用 kubectl describe pod kube-dns --namespace=kube-system 查看發(fā)現(xiàn)如下logReadiness probe failed: Get http://10.32.0.3:8081/readiness: dial tcp 10.32.0.3:8081: getsockopt: connection refused解決方式:執(zhí)行init后的 output:
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config重啟 docker kubelet
systemctl restart docker.service systemctl restart kubelet.service
