kubeadm部署k8s
- 在所有节点上安装Docker和kubeadm
- 部署kubernetes Master
- 部署容器网络插件
- 部署kubernetes Node,将节点加入kubernetes集群中
- 部署Dashboard web页面
所有节点,关闭防火墙规则,关闭selinux,关闭swap交换
systemctl stop firewalld.service && setenforce 0
swapoff -a
修改主机名
hostnamectl set-hostname master01
hostnamectl set-hostname node01
hostnamectl set-hostname node02
所有节点修改hosts文件
vi /etc/hosts
192.168.158.9 master01
192.168.158.11 node01
192.168.158.12 node02
[root@master01 ~]# scp -r /etc/hosts root@node01:/etc/hosts
[root@master01 ~]# scp -r /etc/hosts root@node02:/etc/hosts
所有节点将网桥的ipv4流量传递给iptables
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
#生效参数
sysctl --system
所有节点上安装Docker和Kubeadm
sudo yum install docker-ce -y
阿里云加速
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://s8vlfga6.mirror.aliyuncs.com"]
}
EOF
echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf
sysctl -p
sudo systemctl daemon-reload
sudo systemctl restart docker
部署kubernetes Master
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0
mkdir k8s && cd k8s
kubeadm init --apiserver-advertise-address=192.168.158.9--image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.15.0 --service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
#其他节点通过此命令加入群集
kubeadm join 192.168.158.9:6443 --token a9kkdi.uir6gz2c9yej46xr \
--discovery-token-ca-cert-hash sha256:300898053ee7af2ea05c4a445c576619130f09b6d33d7badaf6a089500ff506c
#可通过此命令查看join信息
kubeadm token create --print-join-command
node加入群集
[root@node01 opt]# kubeadm join 192.168.158.9:6443 --token or1an2.zit30g3gxwi8oasg --discovery-token-ca-cert-hash sha256:300898053ee7af2ea05c4a445c576619130f09b6d33d7badaf6a089500ff506c
网络插件
所有节点安装flannel
所有导入flannel镜像
docker load < flannel.tar
kubectl apply -f kube-flannel.yml
kubectl create deployment nginx --image=nginx
#暴露服务
kubectl expose deployment nginx --port=80 --type=NodePort
[root@master01 sysctl.d]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 3h5m
nginx NodePort 10.1.83.111 <none> 80:31031/TCP 11s
部署Dashboard界面
docker load < dashboard.tar
kubectl apply -f kubernetes-dashboard
[root@master01 k8s]# kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.1.0.10 <none> 53/UDP,53/TCP,9153/TCP 3h46m
kubernetes-dashboard NodePort 10.1.44.19 <none> 443:30001/TCP 131m
kubectl create serviceaccount dashboard-admin -n kube-system
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
#查看令牌
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
资源
https://pan.baidu.com/s/16c5oibnqMFfKt_bznjuT3g
提取码: vgvv