下载软件包
将所有软件下载至/data目录,下载地址见文后链接。
master到node做免密认证
ssh-keygen
ssh-copy-id root@192.168.1.237
ssh-copy-id root@192.168.1.100
ssh-copy-id root@192.168.1.188
设定主机名与host文件
# 分别设定node与master的主机名
hostnamectl set-hostname master
exec bash
# 同步所有主机的hosts文件
vim /etc/hosts
192.168.1.78 master localhost
192.168.1.237 node1
192.168.1.100 node2
192.168.1.188 node3
解决DNS解析localhost
此云主机的DNS解析localhost会解析到一个鬼地址,这是个大坑。kubeadm初始化是会用到localhost。如果你的主机能解析到自己的IP,那么这步可以跳过。如果不能则需要自己搭建一个DNS,将localhost解析到自己。
# 1.检测
[root@node2 ~]# nslookup localhost
Server: 118.118.118.9
Address: 118.118.118.9#53
Non-authoritative answer:
Name: localhost.openstacklocal
Address: 183.136.168.91
# 2.搭建DNS
yum -y install dnsmasq
cp /etc/resolv.conf{,.bak}
rm -rf /etc/resolv.conf
echo -e "nameserver 127.0.0.1\nnameserver $(hostname -i)" >> /etc/resolv.conf
chmod 444 /etc/resolv.conf
chattr +i /etc/resolv.conf
echo -e "server=8.8.8.8\nserver=8.8.4.4" > /etc/dnsmasq.conf
echo -e "$(hostname -i)\tlocalhost.$(hostname -d)" >> /etc/hosts
service dnsmasq restart
# 3.再次检测
[root@master ~]# nslookup localhost
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: localhost
Address: 192.168.1.78
# 4.添加域名解析
vim /etc/dnsmasq.conf
address=/www.baidu.com/123.123.123.123
同步系统时间
ntpdate 0.CentOS.pool.ntp.org
关闭防火墙
iptables -F
systemctl stop firewalld
systemctl disable firewalld
关闭SELinux & 关闭swap
swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab
setenforce 0
确认时区
timedatectl set-timezone Asia/Shanghai
systemctl restart chronyd.service
修改系统参数
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
安装docker
tar -xvf docker-packages.tar
cd docker-packages
yum -y install local *.rpm
systemctl start docker && systemctl enable docker
配置镜像加速器
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://lw9sjwma.mirror.aliyuncs.com"]
}
systemctl daemon-reload
systemctl restart docker
配置k8s的yum源
vim /etc/yum.repos.d/k8s.repo
[k8s]
name=k8s
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=0
获取kube软件包
cd kube-packages-1.10.1 # 软件包在网盘中下载
tar -xvf kube-packages-1.10.1.tar
cd kube-packages-1.10.1
yum -y install local *.rpm
systemctl start kubelet && systemctl enable kubelet
统一k8s与docker的驱动
# 1.查看docker驱动
docker info | Cgroup Driver
Cgroup Driver: cgroupfs
# 修改k8s配置文件与docker保持一致
sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
导入基础镜像
cd /data
docker load -i k8s-images-1.10.tar.gz
二、初始化master节点
# 初始化master 指定的版本要与kubeadm版本一致
# kubeadm只给定了最少选项,集群名称等等都没有指定,kubeadm init
[root@master ~]# kubeadm init --kubernetes-version=v1.10.1 --pod-network-cidr=10.244.0.0/16
# 初始化完成后得到如下信息
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join 192.168.1.78:6443 --token qabol0.c2gq0uyfxvpqr8bu --discovery-token-ca-cert-hash sha256:2237ec7b8efd5a8f68adcb04900a0b17b9df2a78675a7d62b4aef644a7f62c05
# kubeadm join 是node节点加入集群的命令,注意token的有效期
如果以后要通过其他普通用户运行k8s,那么切换用户后执行,否则root下直接执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
基本命令
# 查看pods
kubectl get pods