手把手教你玩轉K8s部署之Kubeadm篇
Kubeadm背景
Kubeadm 是社區官方持續維護的集羣搭建工具,在 Kubernertes v1.13 版本的時候就已經 GA 了(GA 即 General Availability,指官方開始推薦普遍使用),它跟着 Kubernetes 的版本一塊兒發佈,目前 Kubeadm 代碼放在 Kubernetes 的主代碼庫中。node
Kubeadm優點
- 社區官方持續維護。
- 支持快速搭建出符合一致性測試認證(Conformance Test)的集羣。
- 用戶體驗很是優秀,使用起來很是方便,而且能夠用於搭建生產環境,支持搭建高可用集羣。
- 代碼設計採用了可組合的模塊方式。
- 支持向下兼容低一個小版本的 K8s。
- 支持集羣平滑升級到高版本。
Kubeadm定位
Kubeadm 在設計之初的定位就是隻關心集羣的 bootstrapping,並不負責物理資源的管理和申請。在集羣 bootstrapping 搭建完成後,你能夠根據本身的須要,在集羣中部署本身的 add-on 組件,好比 CNI 插件、Dashboard 等。linux
環境準備
採用一臺master節點和一臺node節點作部署git
master [關閉selinux, 關閉防火牆和安裝docker]
[root@master ~]# cat /etc/redhat-release CentOS Linux release 7.8.2003 (Core) [root@master ~]# uname -r 3.10.0-1127.19.1.el7.x86_64 [root@master ~]# hostname master [root@master ~]# getenforce Disabled [root@master ~]# docker -v Docker version 19.03.13, build 4484c46d9d [root@master ~]# firewall-cmd --state not running
node [關閉selinux, 關閉防火牆和安裝docker]
[root@node ~]# cat /etc/redhat-release CentOS Linux release 7.8.2003 (Core) [root@node ~]# uname -r 3.10.0-1127.19.1.el7.x86_64 [root@node ~]# hostname node [root@node ~]# getenforce Disabled [root@node ~]# docker -v Docker version 19.03.13, build 4484c46d9d [root@node ~]# firewall-cmd --state not running
實踐
設置sysctl iptable參數 -- master和node節點都執行以下操做
[root@master ~]# cat <<EOF > /etc/sysctl.d/k8s.conf > net.bridge.bridge-nf-call-ip6tables = 1 > net.bridge.bridge-nf-call-iptables = 1 > EOF [root@master ~]# sysctl --system
安裝k8s yum源(本次採用阿里雲的源) -- master和node節點都執行以下操做
master
[root@master ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo > [kubernetes] > name=Kubernetes > baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 > enabled=1 > gpgcheck=1 > repo_gpgcheck=1 > gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg > EOF [root@master ~]# yum makecache Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com base | 3.6 kB 00:00:00 docker-ce-stable | 3.5 kB 00:00:00 extras | 2.9 kB 00:00:00 kubernetes/signature | 454 B 00:00:00 Retrieving key from https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg Importing GPG key 0xA7317B0F: Userid : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>" Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f From : https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg Is this ok [y/N]: y kubernetes/signature | 1.4 kB 00:00:06 !!! updates | 2.9 kB 00:00:00 (1/11): extras/7/x86_64/filelists_db | 217 kB 00:00:00 (2/11): extras/7/x86_64/other_db | 124 kB 00:00:00 (3/11): base/7/x86_64/other_db | 2.6 MB 00:00:00 (4/11): kubernetes/primary | 78 kB 00:00:00 (5/11): base/7/x86_64/filelists_db | 7.1 MB 00:00:01 (6/11): kubernetes/other | 51 kB 00:00:00 (7/11): kubernetes/filelists | 26 kB 00:00:01 (8/11): updates/7/x86_64/filelists_db | 2.4 MB 00:00:00 (9/11): updates/7/x86_64/other_db | 318 kB 00:00:00 (10/11): docker-ce-stable/x86_64/filelists_db | 21 kB 00:00:02 (11/11): docker-ce-stable/x86_64/other_db | 114 kB 00:00:02 kubernetes 570/570 kubernetes 570/570 kubernetes 570/570 Metadata Cache Created
node
[root@node ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo > [kubernetes] > name=Kubernetes > baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 > enabled=1 > gpgcheck=1 > repo_gpgcheck=1 > gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg > EOF [root@node ~]# yum makecache Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com base | 3.6 kB 00:00:00 docker-ce-stable | 3.5 kB 00:00:00 extras | 2.9 kB 00:00:00 kubernetes/signature | 454 B 00:00:00 Retrieving key from https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg Importing GPG key 0xA7317B0F: Userid : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>" Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f From : https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg Is this ok [y/N]: y kubernetes/signature | 1.4 kB 00:00:10 !!! updates | 2.9 kB 00:00:00 (1/11): base/7/x86_64/other_db | 2.6 MB 00:00:00 (2/11): extras/7/x86_64/filelists_db | 217 kB 00:00:00 (3/11): extras/7/x86_64/other_db | 124 kB 00:00:00 (4/11): docker-ce-stable/x86_64/filelists_db | 21 kB 00:00:00 (5/11): kubernetes/filelists | 26 kB 00:00:00 (6/11): kubernetes/other | 51 kB 00:00:00 (7/11): docker-ce-stable/x86_64/other_db | 114 kB 00:00:00 (8/11): updates/7/x86_64/other_db | 318 kB 00:00:00 (9/11): kubernetes/primary | 78 kB 00:00:00 (10/11): base/7/x86_64/filelists_db | 7.1 MB 00:00:01 (11/11): updates/7/x86_64/filelists_db | 2.4 MB 00:00:00 kubernetes 570/570 kubernetes 570/570 kubernetes 570/570 Metadata Cache Created
安裝kubeadm組件 -- master和node節點都執行以下操做
kubeadm:用來初始化集羣的指令。github
kubelet:在集羣中的每一個節點上用來啓動 pod 和容器等。docker
kubectl:用來與集羣通訊的命令行工具。bootstrap
[root@master ~]# yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes [root@master ~]# systemctl enable kubelet Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
在master節點建立控制面
kubeadm init --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swapapi
- --image-repository #因爲kubeadm默認是從官網k8s.grc.io下載所需鏡像,國內沒法訪問,因此這裏經過--image-repository指定爲阿里雲鏡像倉庫地址
- --pod-network-cidr #指定pod網絡段
- --service-cidr #指定service網絡段
- --ignore-preflight-errors=Swap #忽略swap報錯信息
執行成功後, 會出現下面這些信息告訴你安裝成功, 以及一些常規指定
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.147.129:6443 --token fr99wu.9b51dl4k0yg5u3by \
--discovery-token-ca-cert-hash sha256:c4293c31d3e30d6171290407e6af503dd75633fe0cb0e1668d8f9c0c6a611bbb
複製配置文件(/etc/kubernetes/admin.conf)至各節點(master和node)的$HOME/.kube/config下
[root@master ~]# mkdir -p $HOME/.kube [root@master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config [root@master ~]# chown $(id -u):$(id -g) $HOME/.kube/config
複製master執行成功後提示的kubeadm join命令, 在node節點中運行將其加入集羣
[root@node .kube]# kubeadm join 192.168.147.129:6443 --token fr99wu.9b51dl4k0yg5u3by \ > --discovery-token-ca-cert-hash sha256:c4293c31d3e30d6171290407e6af503dd75633fe0cb0e1668d8f9c0c6a611bbb
在master中執行部署網絡通訊組件 flannel
[root@master ~]# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml [root@master ~]# kubectl apply -f kube-flannel.yml
查看各節點和pod狀態 -- 全部節點爲ready和pod處在Running狀態下即爲部署成功
[root@master ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master Ready master 10m v1.19.2 node Ready <none> 2m6s v1.19.2 [root@master ~]# kubectl get pod --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-6d56c8448f-9crzw 1/1 Running 0 9m55s kube-system coredns-6d56c8448f-qrmkr 1/1 Running 0 9m55s kube-system etcd-master 1/1 Running 0 10m kube-system kube-apiserver-master 1/1 Running 0 10m kube-system kube-controller-manager-master 1/1 Running 0 10m kube-system kube-flannel-ds-6f4tl 1/1 Running 0 57s kube-system kube-flannel-ds-s8nw5 1/1 Running 0 57s kube-system kube-proxy-dj9q4 1/1 Running 0 2m15s kube-system kube-proxy-mrf9v 1/1 Running 0 9m55s kube-system kube-scheduler-master 1/1 Running 0 10m
相關文章
- 1. 手把手教你玩轉K8s部署之Kubeadm篇
- 2. 手把手教你部署k8s(kubeadm方式)-------詳解
- 3. 手把手教你玩轉SOCKET模型之重疊I/O篇
- 4. 手把手教你玩轉git
- 5. 手把手教你玩轉npm包
- 6. 手把手教你玩轉谷歌TensorFlow
- 7. 手把手教你如何玩轉Hibernate
- 8. 手把手教你玩轉Git
- 9. 手把手教你玩GDB
- 10. 手把手教你玩jenkins
- 更多相關文章...
- • Maven 自動化部署 - Maven教程
- • XQuery 參考手冊 - XQuery 教程
- • 再有人問你分佈式事務,把這篇扔給他
- • 使用阿里雲OSS+CDN部署前端頁面與加速靜態資源
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. No provider available from registry 127.0.0.1:2181 for service com.ddbuy.ser 解決方法
- 2. Qt5.7以上調用虛擬鍵盤(支持中文),以及源碼修改(可拖動,水平縮放)
- 3. 軟件測試面試- 購物車功能測試用例設計
- 4. ElasticSearch(概念篇):你知道的, 爲了搜索…
- 5. redux理解
- 6. gitee創建第一個項目
- 7. 支持向量機之硬間隔(一步步推導,通俗易懂)
- 8. Mysql 異步複製延遲的原因及解決方案
- 9. 如何在運行SEPM配置嚮導時將不可認的複雜數據庫密碼改爲簡單密碼
- 10. windows系統下tftp服務器使用
歡迎關注本站公眾號,獲取更多信息
相關文章