Kubernetes 簡稱 k8s. 是一個開源的 Linux 容器自動化運維平臺,它消除了容器化應用程序在部署、 伸縮時涉及到的許多手動操作蟀淮。換句話說最住,你可以將多臺主機組合成集群來運行 Linux 容器,而 Kubernetes 可以幫助你簡單高效地管理那些集群
k8s物理架構圖(四個API server,Controller,Scheduler,etcd)
5W6H$HTOAW0`V987}W1DXF1.png
Node的架構圖(三個Kube-proxy,kuberlet,Docker)
I})17NI((Y53ZFDP6M4AAW9.png
k8s系統(tǒng)架構,邏輯架構,網(wǎng)絡架構
image.png
開始實操:
第一章 部署前操作
1.1 改名字
hostnamectl set-hostname node1
hostnamectl set-hostname node2
hostnamectl set-hostname node3
1.2 三臺機時間同步(三臺機)
yum install ntpdate -y
ntpdate time1.aliyun.com
1.3 查看防火墻
iptables -nL
getenforce
第二章 安裝部署指定版本docker
1設置國內YUM源
cd /etc/yum.repos.d/
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2安裝指定的docker版本
yum -y install docker-ce-18.09.7-3.el7 docker-ce-cli-18.09.7
3啟動后臺進程
systemctl enable docker && systemctl start docker
4設置cgroup驅動使用systemd
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
systemctl restart docker
5查看docker版本
docker -v
第三章 部署kubeadm和kubelet
注意5』獭U歉俊!所有的機器都操作
1.配置國內源
cat >/etc/yum.repos.d/kubernetes.repo<<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
2.安裝軟件包 (ipvsadm就是LVS負載均衡)
yum install -y kubelet-1.15.1 kubeadm-1.15.1 kubectl-1.15.1 ipvsadm
3.配置kubelet禁止使用swap
swapoff -a
sed -i '/swap/d' /etc/fstab
cat > /etc/sysconfig/kubelet<<EOF
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
EOF
4.設置內核參數(shù)
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
#使上面的生效
sysctl --system
5.設置開機自啟動
systemctl enable kubelet && systemctl start kubelet
6.使用IPVS進行負載均衡
cat >/etc/sysconfig/modules/ipvs.modules<<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
chmod +x /etc/sysconfig/modules/ipvs.modules
source /etc/sysconfig/modules/ipvs.modules
lsmod | grep -e ip_vs -e nf_conntrack_ip
第四章 初始化集群部署Master
1.Master節(jié)點執(zhí)行初始化操作 (新開一個窗口docker images)
kubeadm init \
--apiserver-advertise-address=10.0.1.51 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.15.1 \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.2.0.0/16 \
--service-dns-domain=cluster.local \
--ignore-preflight-errors=Swap \
--ignore-preflight-errors=NumCPU
執(zhí)行完成后會有輸出策治,需要根據(jù)輸出的要求配置kubectl命令來訪問集群
================================================================
init 0
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.0.1.51:6443 --token h7o1k7.enq1bz8z9gadjyox \
--discovery-token-ca-cert-hash sha256:9a0029f9bff257b21dca8ea67f355400a5969f8d600e1accebdf96c2aae47d3f
================================================================
2.為kubectl準備kubeconfig文件
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
3.使用kubectl命令查看組件狀態(tài)
[root@node1 ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true"}
4.使用kubectl獲取Node信息
[root@node1 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
node1 NotReady master 2m38s v1.15.1
5.支持命令補全
yum install bash-completion -y
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
第五章 部署網(wǎng)絡插件
Master節(jié)點操作
1.部署canal網(wǎng)絡插件
kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/canal/rbac.yaml
kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/canal/canal.yaml
2.查看啟動的pod
kubectl get pods --all-namespaces
3.查看節(jié)點狀態(tài)
kubectl get nodes
06鏡像下載不了解決方法
導出鏡像
docker save calico/node:v3.3.7 >calico.tar
docker save calico/cni:v3.3.7 >cni.tar
docker save registry.aliyuncs.com/google_containers/kube-proxy:v1.15.1 > kube-proxy.tar
docker save registry.aliyuncs.com/google_containers/kube-scheduler:v1.15.1 > kube-scheduler.tar
docker save registry.aliyuncs.com/google_containers/kube-controller-manager:v1.15.1 >kube-controller-manager.tar
docker save registry.aliyuncs.com/google_containers/kube-apiserver:v1.15.1 >kube-apiserver.tar
docker save registry.aliyuncs.com/google_containers/coredns:1.3.1 >coredns.tar
docker save registry.aliyuncs.com/google_containers/etcd:3.3.10 >etcd.tar
docker save registry.aliyuncs.com/google_containers/pause:3.1 >pause.tar
docker save quay.io/coreos/flannel:v0.9.1 >flannel.tar
導入鏡像
docker load < calico.tar
docker load < cni.tar
docker load < flannel.tar.
docker load < coredns.tar
刪除重新創(chuàng)建
wget https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/canal/rbac.yaml
wget https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/canal/canal.yaml
kubectl delete -f rbac.yaml
kubectl delete -f canal.yaml
kubectl apply -f rbac.yaml
kubectl apply -f canal.yaml
查看啟動的pod
kubectl get pods --all-namespaces
查看節(jié)點狀態(tài)
kubectl get nodes
第六章 部署Node節(jié)點
1.在Master節(jié)點上輸出增加節(jié)點的命令
kubeadm token create --print-join-command
2.在Node2和node3節(jié)點執(zhí)行 (上面的命令執(zhí)行結果, 每次不一樣!!)
##kubeadm join 10.0.1.51:6443 --token h7o1k7.enq1bz8z9gadjyox \
--discovery-token-ca-cert-hash sha256:9a0029f9bff257b21dca8ea67f355400a5969f8d600e1accebdf96c2aae47d3f ##
3.node1節(jié)點上查看節(jié)點狀態(tài)
kubectl get nodes
第8章測試k8s集群
1創(chuàng)建一個單pod的Nginx應用
kubectl create deployment nginx --image=nginx:alpine
2.查看啟動的pod
[root@node1 ~/k8s]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-8f6959bd-wm66d 1/1 Running 0 65s 10.2.1.2 node2 <none> <none>
3.測試訪問
curl 10.2.1.2
4.測試擴容
kubectl scale deployment nginx --replicas=2
查看狀態(tài)
kubectl get pod -o wide
5.為Nginx增加Service
kubectl expose deployment nginx --port=80 --type=NodePort
6.查看service
kubectl get service nginx -o wide
7.測試訪問
curl 10.0.1.51:32483
