kubeadm部署k8s集羣

實驗環境：
主節點：192.168.1.10（master）
Node1節點：192.168.1.20（node01）
Node2節點：192.168.1.30（node02）

環境準備：
分別將3臺虛擬機命名，設置好對應IP，並將其寫入域名解析/etc/hosts中，關閉防火牆，iptables，禁用selinux。還有要作到，時間必須一致。所有禁用swap

這裏咱們指定咱們安裝的k8s版本爲1.15.0版本。DOCKER部署安裝指定版本18.9.0
[root@localhost ~]# yum install -y docker-ce-18.09.0-3.el7 docker-ce-cli-18.09.0-3.el7 containerd.io-1.2.0-3.el7

[root@localhost ~]# hostnamectl set-hostname master //master節點操做
[root@localhost ~]# hostnamectl set-hostname node01 //nod1節點操做
[root@localhost ~]# hostnamectl set-hostname node02 //node2節點操做
[root@master ~]# systemctl stop firewalld
[root@master ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@master ~]# iptables -F
[root@master ~]# iptables-save
[root@master ~]# vim /etc/selinux/config

#3臺虛擬機所有禁用swap
[root@master ~]# swapoff –a
[root@node01 ~]# vim /etc/fstab
#/dev/mapper/centos-swap swap swap defaults 0 0

[root@master ~]# free -h

[root@master ~]# vim /etc/hosts

#開啓無密碼傳送
#連續點3下回車鍵
[root@master ~]# ssh-keygen -t rsa
[root@master ~]# ssh-copy-id root@node01
[root@master ~]# ssh-copy-id root@node02

#打開iptables橋接功能
[root@master ~]# vim /etc/sysctl.d/k8s.conf

[root@master ~]# sysctl -p /etc/sysctl.d/k8s.conf //若是提示沒有文件夾或目錄輸入下面命令
[root@master ~]# modprobe br_netfilter
[root@master ~]# sysctl -p /etc/sysctl.d/k8s.conf //兩個node節點也須要作
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

到此基本環境準備完畢，先來master節點上操做
[root@master ~]# cd /etc/yum.repos.d/

[root@master yum.repos.d]# vi docker-ce.repo
[docker-ce]
name=docker-ce
baseurl=https://download.docker.com/linux/centos/7/x86_64/stable/
enable=1
gpgcheck=0

[```
root@master yum.repos.d]# vim kubernetes.repo
[kubernetes]
name=kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enable=1
gpgcheck=0
~

[root@master yum.repos.d]# scp docker-ce.repo kubernetes.repo node01:/etc/yum.repos.d/
[root@master yum.repos.d]# scp docker-ce.repo kubernetes.repo node02:/etc/yum.repos.d/

#注意下載

##查看docker 版本
[root@master ~]# yum list docker-ce --showduplicates | sort –r

[root@master yum.repos.d]# yum install -y kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0

[root@master ~]# systemctl enable docker
[root@master ~]# systemctl enable kubelet

#配置docker加速器
[root@master ~]# curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://f1361db2.m.daocloud.io

[root@master ~]# vi /etc/docker/daemon.json
{"registry-mirrors": ["http://f1361db2.m.daocloud.io"]}

[root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl restart docker

[root@master ~]# rpm -ql kubelet
/etc/kubernetes/manifests               //清單目錄
/etc/sysconfig/kubelet                  //配置文件
/etc/systemd/system/kubelet.service
/usr/bin/kubelet                        

至此，準備工做作完，能夠開始初始化，但是因爲國內網絡環境限制，咱們不能直接從谷歌的鏡像站下載鏡像，這時，須要咱們手工從docker鏡像站下載鏡像，而後從新命名，這裏用腳原本實現。
docker pull mirrorgooglecontainers/kube-apiserver:v1.14.1
docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.1
docker pull mirrorgooglecontainers/kube-scheduler:v1.14.1
docker pull mirrorgooglecontainers/kube-proxy:v1.14.1
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker pull coredns/coredns:1.3.1

docker tag mirrorgooglecontainers/kube-proxy:v1.14.1  k8s.gcr.io/kube-proxy:v1.14.1
docker tag mirrorgooglecontainers/kube-scheduler:v1.14.1 k8s.gcr.io/kube-scheduler:v1.14.1
docker tag mirrorgooglecontainers/kube-apiserver:v1.14.1 k8s.gcr.io/kube-apiserver:v1.14.1
docker tag mirrorgooglecontainers/kube-controller-manager:v1.14.1 k8s.gcr.io/kube-controller-manager:v1.14.1
docker tag mirrorgooglecontainers/etcd:3.3.10  k8s.gcr.io/etcd:3.3.10
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
docker tag mirrorgooglecontainers/pause:3.1  k8s.gcr.io/pause:3.1

docker rmi mirrorgooglecontainers/kube-apiserver:v1.14.1
docker rmi mirrorgooglecontainers/kube-controller-manager:v1.14.1
docker rmi mirrorgooglecontainers/kube-scheduler:v1.14.1
docker rmi mirrorgooglecontainers/kube-proxy:v1.14.1
docker rmi mirrorgooglecontainers/pause:3.1
docker rmi mirrorgooglecontainers/etcd:3.3.10
docker rmi coredns/coredns:1.3.1
這裏我已經下載好了，只須要導入形影的鏡像遍可。
![](https://s1.51cto.com/images/blog/202001/31/15ea2bf8ed379fb9b7e39b8b3f277809.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)

[root@master images]# systemctl enable kubelet

[root@master ~]# kubeadm init --kubernetes-version=v1.14.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap  

![](https://s1.51cto.com/images/blog/202001/31/3ef96ff9c2d5f2e016ea0a6a7cfa974d.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
![](https://s1.51cto.com/images/blog/202001/31/4d0482468b427e05a819e2f7d509cd28.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
**能夠看出master的狀態是未就緒（NotReady），之因此是這種狀態是由於還缺乏一個附件flannel，沒有網絡各Pod是沒法通訊的
也能夠經過檢查組件的健康狀態**
![](https://s1.51cto.com/images/blog/202001/31/917fff812a293acd25581ea3980b7c43.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
、添加網絡組件（flannel）
 組件flannel能夠經過https://github.com/coreos/flannel中獲取
![](https://s1.51cto.com/images/blog/202001/31/790957863f23ecfd017932813056920c.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

**看到不少東西被建立是還不夠的，還須要查看flannel是否處於正常啓動並運行的狀態，纔算正在的部署完成**
![](https://s1.51cto.com/images/blog/202001/31/05643601871197e8bc429e970af2b43f.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
![](https://s1.51cto.com/images/blog/202001/31/dd9c50dfe61096645ead9b89fd14d7dc.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
[root@master ~]# kubectl get ns
NAME          STATUS   AGE
default       Active   14m
kube-public   Active   14m
kube-system   Active   14m                  

以上是主節點的安裝部署，而後個node幾點的安裝，和加入集羣
[root@node01 ~]# yum install -y kubelet-1.15.0 kubeadm-1.15.0 
[root@node01 ~]# systemctl enable docker kubelet

在加入集羣以前，仍須要咱們手工下載2個鏡像，這樣速度更快。
[root@node01 ~]# docker pull mirrorgooglecontainers/kube-proxy:v1.14.1
[root@node01 ~]# docker pull mirrorgooglecontainers/pause:3.1
[root@node01 ~]# docker tag mirrorgooglecontainers/kube-proxy:v1.14.1  k8s.gcr.io/kube-proxy:v1.14.1
[root@node01 ~]# docker tag mirrorgooglecontainers/pause:3.1  k8s.gcr.io/pause:3.1
[root@node01 ~]# docker rmi mirrorgooglecontainers/kube-proxy:v1.14.1
[root@node01 ~]# docker rmi mirrorgooglecontainers/pause:3.1

[root@node01 ~]kubeadm join 192.168.1.110:6443 --token njus35.kw3hxkys3urmnuob --discovery-token-ca-cert-hash sha256:05761b73b571c18eebd6972fb70323cd3c4d8e0aa7514efa2680411310424184
![](https://s1.51cto.com/images/blog/202001/31/fe13516f4788917d10a04179bd0fa10a.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)

等待一會去master節點驗證。等待的是同步flannel網絡。
![](https://s1.51cto.com/images/blog/202001/31/2ea606191e5700bf75b1a5cb254bc1eb.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)

> **如何安裝指定版本kubenetes，這裏注意，kubernetes的版本一致，主要體如今下載的各個組件的統一，那麼這裏注意組件是
> Kube-proxy,kube-apiserver,kube-controller-manager,kube-scheduler**
> 

列出已經安裝過的rpm包
yum list installed | grep kube

卸載安裝的rpm包
yum remove kubeadm.x86_64 kubectl.x86_64 kubelet.x86_64 -y

> 安裝指定的kubeadm
> yum install -y kubelet-1.12.1 kubeadm-1.12.1 kubectl-1.12.1
> 
> 設置kubectl命令行工具自動補全功能
> [root@k8s-master ~]# yum install -y bash-completion
> [root@k8s-master ~]# source /usr/share/bash-completion/bash_completion
> [root@k8s-master ~]# source <(kubectl completion bash)
> [root@k8s-master ~]# echo "source <(kubectl completion bash)" >> ~/.bashrc
設置tab鍵空格個數
[root@master ~]# vim .vimrc
![](https://s1.51cto.com/images/blog/202001/31/43f6afc0c6fffa5445b9f6d31b639f6a.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
[root@master ~]# source .vimrc