192.168.251.9 master
192.168.251.231 node建议可以搭建etcd集群来做数据库存储,并搭建kube-dns,然后把k8s的日志落地到/var/log/kubernetes目录
1.关闭防火墙
查看防火墙状态firewalldsystemctl status firewalld.service关闭防火墙systemctl stop firewalld.servicesystemctl disable firewalld.service安全设置setenforce 0关闭Selinux/etc/selinux/configSELINUX=disabled查看iptablessystemctl status iptables.servicesystemctl stop iptables.service设置主机名hostnamectl k8s-1hostnamectl k8s-2 设置ntpyum -y install ntp systemctl start ntpd systemctl enable ntpdreboot重启机器
2.加入yum源
cd /etc/yum.repos.dwget http://mirrors.163.com/.help/CentOS7-Base-163.repowget http://mirrors.aliyun.com/repo/Centos-7.reporpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm
3.安装
master 需要安装 kubernetes-master etcd flannel docker
node需要安装 kubernetes-node flannel docker 4.安装masteryum install docker libdevmapper* ntp etcd flannel kubernetes-master -y
(1)配置 etcd
所有的etcd都统一配置cat /etc/etcd/etcd.confETCD_NAME=defaultETCD_DATA_DIR="/var/lib/etcd/default.etcd"ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"ETCD_ADVERTISE_CLIENT_URLS="http://192.168.163.148:2379" //masterIP端口
/etc/kubernetes/apiserverKUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.251.9:2379"KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=192.168.0.0/16"
/etc/kubernetes/controller-managerKUBE_CONTROLLER_MANAGER_ARGS="--node-monitor-grace-period=10s --pod-eviction-timeout=10s"
/etc/kubernetes/configKUBE_MASTER="--master=http://192.168.251.9:8080"
启动 注意先启动kubernetes,再启动docker
systemctl enable dockersystemctl restart flanneld dockersystemctl enable etcd kube-apiserver kube-scheduler kube-controller-managersystemctl start etcd kube-apiserver kube-scheduler kube-controller-managersystemctl stop etcd kube-apiserver kube-scheduler kube-controller-manager
yum -y install docker kubernetes-node flannelsystemctl start dockersystemctl enable docker
(1)修改kube-node
[root@localhost ~]# vi /etc/kubernetes/configKUBE_LOGTOSTDERR="--logtostderr=true"# journal message level, 0 is debugKUBE_LOG_LEVEL="--v=0"# Should this cluster be allowed to run privileged docker containersKUBE_ALLOW_PRIV="--allow-privileged=false"# How the controller-manager, scheduler, and proxy find the apiserver#KUBE_MASTER="--master=http://127.0.0.1:8080"KUBE_MASTER="--master=http://192.168.251.9:8080"
(2)配置kubelet
[root@localhost ~]# vi /etc/kubernetes/kubelet#### kubernetes kubelet (minion) config# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)KUBELET_ADDRESS="--address=127.0.0.1"# The port for the info server to serve on# KUBELET_PORT="--port=10250"# You may leave this blank to use the actual hostnameKUBELET_HOSTNAME="--hostname-override=192.168.251.231"# location of the api-serverKUBELET_API_SERVER="--api-servers=http://192.168.251.9:8080"# pod infrastructure containerKUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"# Add your own!#KUBELET_ARGS=""KUBELET_ARGS="--pod-infra-container-image=kubernetes/pause"
/etc/sysconfig/flanneldFLANNEL_ETCD_ENDPOINTS="http://192.168.251.9:2379"FLANNEL_ETCD_PREFIX="/coreos.com/network"
systemctl restart flanneld dockersystemctl start kubelet kube-proxysystemctl enable flanneld kubelet kube-proxy docker
# kubectl get nodes ## 获取k8s客户端registry.alauda.cn/googlecontainer/kubernetes-dashboard-amd64
6.在master上安装web ui kubernetes-dashboard:
cd /opt/dockerwget https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml获取 kubernetes-dashboard.yaml文件 修改,将google的替换本地的镜像image: docker.io/ist0ne/kubernetes-dashboard-amd64不要去google拉取镜像imagePullPolicy: IfNotPresent配置apiserver的ip和端口- --apiserver-host=http://192.168.251.9:8080修改完成后上传至master运行 kubectl create -f kubernetes-dashboard.yaml验证# kubectl get pods --namespace=kube-systemNAME READY STATUS RESTARTS AGEkubernetes-dashboard-747085828-0r767 0/1 ContainerCreating 0 33s查看该容器的详细过程:# kubectl describe pods kubernetes-dashboard-747085828-0r767 --namespace=kube-systemName: kubernetes-dashboard-747085828-0r767Namespace: kube-systemNode: 192.168.251.231/192.168.251.231Start Time: Thu, 02 Mar 2017 14:51:55 +0800Labels: app=kubernetes-dashboardpod-template-hash=747085828Status: RunningIP: 172.17.40.2Controllers: ReplicaSet/kubernetes-dashboard-747085828Containers:kubernetes-dashboard:Container ID: docker://5ac9c56ae81ceb37dae1c15e9a0d5b4d87cea5556c9cd92f5e667ac4659d815aImage: docker.io/ist0ne/kubernetes-dashboard-amd64Image ID: docker-pullable://docker.io/ist0ne/kubernetes-dashboard-amd64@sha256:faf7362425df7c542c65280ae15f2ba8e56a188d6999f4870b6821bb3ef5c637Port: 9090/TCPArgs:--apiserver-host=http://192.168.251.9:8080State: RunningStarted: Thu, 02 Mar 2017 14:52:39 +0800Ready: TrueRestart Count: 0Liveness: http-get http://:9090/ delay=30s timeout=30s period=10s #success=1 #failure=3Volume Mounts:Environment Variables: Conditions:Type StatusInitialized True Ready True PodScheduled True No volumes.QoS Class: BestEffortTolerations: dedicated=master:Equal:NoScheduleEvents:FirstSeen LastSeen Count From SubobjectPath Type Reason Message--------- -------- ----- ---- ------------- -------- ------ -------2m 2m 1 {default-scheduler } Normal Scheduled Successfully assigned kubernetes-dashboard-747085828-0r767 to 192.168.251.231 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Pulling pulling image "docker.io/ist0ne/kubernetes-dashboard-amd64" 2 {kubelet 192.168.251.231} Warning MissingClusterDNS kubelet does not have ClusterDNS IP configured and cannot create Pod using "ClusterFirst" policy. Falling back to DNSDefault policy. 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Pulled Successfully pulled image "docker.io/ist0ne/kubernetes-dashboard-amd64" 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Created Created container with docker id 5ac9c56ae81c; Security:[seccomp=unconfined] 1 {kubelet 192.168.251.231} spec.containers{kubernetes-dashboard} Normal Started Started container with docker id 5ac9c56ae81c
当有多个node,可以用该命令中看到容器被分配到哪个node上,启动后分配的ip地址等信息.
如果在结果中看到"State: Running"时,请移步到node查看容器运行状态,应该也是up的状态. 此时可以通过http://kube-apiserver:port/ui访问http://192.168.251.9:8080/ui
7.监控之Docker监控——cadvisor k8s自带的单机版监控,每个node都有界面,
http://192.168.251.9:4194http://192.168.251.231:4194/containers/api接口 http://192.168.251.9:8080/swaager-ui
8. 注意点&遇到的问题:
1). 注意服务的启动顺序,特别是master,在确保etcd启动的情况下,先启动apiserver2). 注意yaml文件的格式缩进.3). 如果发现刚创建的pod的status是depening,原因可能有几点:其一,客户端配置有listen 127.0.0.1的服务,master无法与其建立连接;其二,环境初始化没有做好;其三,移步node,使用docker logs 查看日志4). kubernetes-dashboard.yaml文件中的containers images地址目前为公开的,09月30日会关闭.5). 如果自己有国外vps,可在服务器上创建docker registry;先pull下google的k8s dashboard,然后push到自己的registry,自己修改下yaml中的image即可.
9.参考文档:
https://kubernetes.io/docs/tutorials/
http://blog.csdn.net/dream_broken/article/details/52954069http://blog.csdn.net/swcj/article/details/54969234http://www.jb51.net/article/94343.htmhttp://www.cnblogs.com/softlin/p/5675890.htmlhttp://blog.csdn.net/freewebsys/article/details/52685592