三臺(tái)服務(wù)器:

10.2.103.19/20/21

在21上執(zhí)行:

wget https://github.com/kubernetes-sigs/kubespray/archive/v2.13.1.tar.gz

tar -zxvf v2.13.1.tar.gz

sudo yum install -y epel-release python3-pip

sudo pip3 install -r requirements.txt

cp -rfp inventory/sample inventory/mycluster

declare -a IPS=( 10.2.103.19 10.2.103.20 10.2.103.21)

CONFIG_FILE=inventory/mycluster/hosts.yaml python3 contrib/inventory_builder/inventory.py ${IPS[@]}

查看自動(dòng)生成的hosts.yaml，kubespray會(huì)根據(jù)提供的節(jié)點(diǎn)數(shù)量自動(dòng)規(guī)劃節(jié)點(diǎn)角色。這里部署2個(gè)master節(jié)點(diǎn)溃肪，同時(shí)3個(gè)節(jié)點(diǎn)也作為node证薇，3個(gè)節(jié)點(diǎn)也用來部署etcd

[root@node1 kubespray-2.13.1]# cat inventory/mycluster/hosts.yaml

all:

? hosts:

? ? node1:

? ? ? ansible_host:?10.2.103.19

? ? ? ip: 10.2.103.19

? ? ? access_ip: 10.2.103.19

? ? node2:

? ? ? ansible_host: 10.2.103.20

? ? ? ip: 10.2.103.20

? ? ? access_ip: 10.2.103.20

? ? node3:

? ? ? ansible_host: 10.2.103.21

? ? ? ip: 10.2.103.21

? ? ? access_ip: 10.2.103.21

? children:

? ? kube-master:

? ? ? hosts:

? ? ? ? node1:

? ? ? ? node2:

? ? kube-node:

? ? ? hosts:

? ? ? ? node1:

? ? ? ? node2:

? ? ? ? node3:

? ? etcd:

? ? ? hosts:

? ? ? ? node1:

? ? ? ? node2:

? ? ? ? node3:

? ? k8s-cluster:

? ? ? children:

? ? ? ? kube-master:

? ? ? ? kube-node:

? ? calico-rr:

? ? ? hosts: {}

修改全局環(huán)境變量（默認(rèn)即可）

cat inventory/mycluster/group_vars/all/all.yml

默認(rèn)安裝版本較低，指定kubernetes版本

# vim inventory/mycluster/group_vars/k8s-cluster/k8s-cluster.yml

kube_version: v1.18.3

配置ssh免密昭伸，kubespray ansible節(jié)點(diǎn)對(duì)所有節(jié)點(diǎn)免密

在所有節(jié)點(diǎn)執(zhí)行:ssh-keygen -t rsa

然后把生成的id_rsa.pub上傳需要免密的服務(wù)器.ssh下面

執(zhí)行 cat??id_rsa.pub >>?authorized_keys 把信息追加進(jìn)去就ok了

cd?/home/admin/kubespray-2.13.1

執(zhí)行:

ansible-playbook -i inventory/mycluster/hosts.yaml --become --become-user=root /home/admin/kubespray-2.13.1/cluster.yml

如果報(bào)錯(cuò)如下:

Pull k8s.gcr.io/k8s-dns-node-cache:1.15.1 required is: True

類似于這種，可以自己預(yù)先在各服務(wù)器上下載好，打好相應(yīng)的標(biāo)簽

sudo docker pull?registry.cn-hangzhou.aliyuncs.com/k8s-arthur/k8s-dns-node-cache:1.15.1

sudo docker tag?registry.cn-hangzhou.aliyuncs.com/k8s-arthur/k8s-dns-node-cache:1.15.1??k8s.gcr.io/k8s-dns-node-cache:1.15.1

sudo docker rmi registry.cn-hangzhou.aliyuncs.com/k8s-arthur/k8s-dns-node-cache:1.15.1

查看狀態(tài):

kubectl get nodes -o wide

如果報(bào)錯(cuò)：

The connection to the server localhost:8080 was refused - did you specify the right host or port?

在master上執(zhí)行:

mkdir -p $HOME/.kube

sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config

sudo chown $(id -u):$(id -g) $HOME/.kube/config

cp -p $HOME/.bash_profile $HOME/.bash_profile.bak$(date '+%Y%m%d%H%M%S')

echo "export KUBECONFIG=$HOME/.kube/config" >> $HOME/.bash_profile

source $HOME/.bash_profile

再執(zhí)行:??kubectl get nodes

node上的解決方案:

mkdir -p $HOME/.kube

sudo cp /etc/kubernetes/kubelet.conf $HOME/.kube/config

sudo chown $(id -u):$(id -g) $HOME/.kube/config

cp -p $HOME/.bash_profile $HOME/.bash_profile.bak$(date '+%Y%m%d%H%M%S')

echo "export KUBECONFIG=$HOME/.kube/config" >> $HOME/.bash_profile

source $HOME/.bash_profile

清理集群:

ansible-playbook -i inventory/mycluster/hosts.yaml --become --become-user=root reset.yml

說明：幾個(gè)重要配置文件

inventory/mycluster/group_vars/k8s-cluster/k8s-cluster.yml

inventory/mycluster/group_vars/all/all.yml

roles/download/defaults/main.yml

可以在main.yml中修改相應(yīng)鏡像源

可以用scale.yml增加節(jié)點(diǎn)

用remove-node.yml刪除節(jié)點(diǎn)