在 Linux 上部署 Kubernetes

先決條件

1. 操做系統： Ubuntu 16.04, CentOS 7 or HypriotOS v1.0.1+

2. 至少 1GB RAM

3. 確保集羣內全部計算機之間的網絡鏈接（公共或專用網絡都行）

目標

• 在你的機器上安裝一個安全的 Kubernetes 集羣

• 在集羣上安裝一個 pod 網絡，一遍應用組件（pods）之間能夠正常通訊。

安裝

在主機上安裝 kubelet 和 kubeadm

如下爲將要在你的主機上安裝的包：

• docker

• kubelet

• kubectl

• kubeadm

依次爲每一個主機進行安裝配置：

1. 切換爲 root 用戶 su root

2. 若是你的機器是運行的 ubuntu 16.04 或 HypriotOS v1.0.1，執行以下命令：

# curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
# cat <<EOF> /etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
# apt-get update
# # Install docker if you don't have it already.
# apt-get install -y docker.io
# apt-get install -y kubelet kubeadm kubectl kubernetes-cni

3. CentOS 7，執行以下命令：

# cat <<EOF> /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
# setenforce 0
# yum install -y docker kubelet kubeadm kubectl kubernetes-cni
# systemctl enable docker && systemctl start docker
# systemctl enable kubelet && systemctl start kubelet

初始化 master

# kubeadm init

輸出結果大致這樣：

<master/tokens> generated token: "f0c861.753c505740ecde4c"
<master/pki> created keys and certificates in "/etc/kubernetes/pki"
<util/kubeconfig> created "/etc/kubernetes/kubelet.conf"
<util/kubeconfig> created "/etc/kubernetes/admin.conf"
<master/apiclient> created API client configuration
<master/apiclient> created API client, waiting for the control plane to become ready
<master/apiclient> all control plane components are healthy after 61.346626 seconds
<master/apiclient> waiting for at least one node to register and become ready
<master/apiclient> first node is ready after 4.506807 seconds
<master/discovery> created essential addon: kube-discovery
<master/addons> created essential addon: kube-proxy
<master/addons> created essential addon: kube-dns

Kubernetes master initialised successfully!

You can connect any number of nodes by running:

kubeadm join --token <token> <master-ip>

記錄下 kubeadm init 輸出的 kubeadm join 命令行。

安裝節點網絡插件

你必須在安裝一個 pod 網絡插件，以確保 pods 之間可以相互通訊。

• kubernetes 支持的 pod 網絡插件類型

  1. Calico

  2. Canal

  3. Flannel

  4. Romana

  5. Weave

經過以下命令安裝 pod 網絡插件：

# kubectl apply -f <add-on.yaml>

以 Calico 網絡插件爲例，在 Calico 官網 上下載 calico.yaml 文件到本地，而後執行以下命令：

# kubectl apply -f calico.yaml

具體細節請參閱特定插件安裝指南。一個集羣中只能安裝一個 pod 網絡。

添加節點

節點做爲工做負載運行容器和 pods 等。若是你要將一個新的機器做爲節點加入集羣中，須將每一個機器切換爲 root 用戶，並執行以前 kubeadm init 的輸出命令，例如：

# kubeadm join --token <token> <master-ip>
<util/tokens> validating provided token
<node/discovery> created cluster info discovery client, requesting info from "http://138.68.156.129:9898/cluster-info/v1/?token-id=0f8588"
<node/discovery> cluster info object received, verifying signature using given token
<node/discovery> cluster info signature and contents are valid, will use API endpoints [https://138.68.156.129:443]
<node/csr> created API client to obtain unique certificate for this node, generating keys and certificate signing request
<node/csr> received signed certificate from the API server, generating kubelet configuration
<util/kubeconfig> created "/etc/kubernetes/kubelet.conf"

Node join complete:
* Certificate signing request sent to master and response
  received.
* Kubelet informed of new secure connection details.

Run 'kubectl get nodes' on the master to see this machine join.

在 master 上運行 kubectl get nodes 命名便可插件節點集羣信息。

可選配置

非 master 節點控制集羣

# scp root@<master ip>:/etc/kubernetes/admin.conf .
# kubectl --kubeconfig ./admin.conf get nodes

撤銷 kubeadm

撤銷 kubeadm，只需執行以下命令：

# kubeadm reset

若是你想從新啓動集羣，執行 systemctl start kubelet ，再執行 kubeadm init 或 kubeadm join 。