kubernetes 環境搭建

一.規劃
1.系統
centos 7

2.ip規劃及功能分配
192.168.2.24 master
192.168.2.24 etcd
192.168.2.25 node1(即minion)
192.168.2.26 node2(即minion)

二.基本環境配置
1.關閉防火牆
#systemctl stop firewalld.service
#systemctl disable firewalld.service

2.永久關閉SELinux
#vi /etc/selinux/config
SELINUX=disabled

3.重啓
#reboot

4.安裝NTP
爲了讓各個服務器的時間保持一致，還須要爲全部的服務器安裝NTP：
# yum -y install ntp
# systemctl start ntpd
# systemctl enable ntpd

三.Master配置及安裝相應軟件
1.安裝和配置etcd
etcd是KV存儲系統，用於集羣的共享配置和服務發現

1.1 安裝:
#yum install etcd

1.2 修改etcd配置文件
修改/etc/etcd/etcd.conf中的部分屬性
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://etcd:2379"
PS：其中etcd表示etcd服務器主機名

1.3 運行etcd並配置開機啓動
#systemctl start etcd
#systemctl enable etcd

1.4 etcd中的網絡配置
etcdctl -C //192.168.2.24:2379 set /atomic.io/network/config '{"Network":"172.17.0.0/16"}'

PS：其中網絡號172.17.0.0/16與node中的docker中的docker0網絡一致（若不一致，可修改docker0網絡或者配置上述etcd網絡）;atomic.io與下面的Flannel配置中的FLANNEL_ETCD_PREFIX對應

2.安裝和配置kubernetes-master
2.1 安裝
#yum install kubernetes-master
2.2 配置apiserver
#vi /etc/kubernetes/apiserver
-------------------
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
KUBE_ETCD_SERVERS="--etcd-servers=http://etcd:2379"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
------------------

PS:
測試時須要把KUBE_ADMISSION_CONTROL中的SecurityContextDeny和ServiceAccount去掉，這是權限相關的

不然會出現錯誤retry after the token is automatically created and added to the service account

2.3 配置全局配置文件
#vi /etc/kubernetes/config
----------------------
KUBE_MASTER="--master=http://master:8080"
----------------------
2.4 啓動master服務及開機啓動
#systemctl enable kube-apiserver kube-scheduler kube-controller-manager
#systemctl start kube-apiserver kube-scheduler kube-controller-manager

2.5 測試master服務
#curl master:8080
返回以下數據:
{
"paths": [
"/api",
"/api/v1",
"/apis",
"/apis/apps",
"/apis/apps/v1beta1",
"/apis/authentication.k8s.io",
"/apis/authentication.k8s.io/v1beta1",
"/apis/authorization.k8s.io",
"/apis/authorization.k8s.io/v1beta1",
"/apis/autoscaling",
"/apis/autoscaling/v1",
"/apis/batch",
"/apis/batch/v1",
"/apis/batch/v2alpha1",
"/apis/certificates.k8s.io",
"/apis/certificates.k8s.io/v1alpha1",
"/apis/extensions",
"/apis/extensions/v1beta1",
"/apis/policy",
"/apis/policy/v1beta1",
"/apis/rbac.authorization.k8s.io",
"/apis/rbac.authorization.k8s.io/v1alpha1",
"/apis/storage.k8s.io",
"/apis/storage.k8s.io/v1beta1",
"/healthz",
"/healthz/ping",
"/healthz/poststarthook/bootstrap-controller",
"/healthz/poststarthook/extensions/third-party-resources",
"/healthz/poststarthook/rbac/bootstrap-roles",
"/logs",
"/metrics",
"/swaggerapi/",
"/ui/",
"/version"
]
}

四.node(minion)安裝及配置
1.安裝docker
#yum install docker

2.安裝及配置flannel
flannel:網絡規劃工具，統一分配集羣Docker容器的虛擬IP，並實現服務之間通訊
2.1 安裝
#yum install flannel

2.2 配置
#vi /etc/sysconfig/flanneld

--------------------
FLANNEL_ETCD_ENDPOINTS="http://etcd:2379"
FLANNEL_ETCD_PREFIX="/atomic.io/network"
--------------------

2.3 注意
yum安裝的flanneld是0.7.1,存在問題,沒法啓動,啓動會報錯:
panic: runtime error: invalid memory address or nil pointer dereference

咱們用0.8的可執行文件替換
版本選擇參見:https://github.com/coreos/flannel/releases

#wget https://github.com/coreos/flannel/releases/download/v0.8.0/flannel-v0.8.0-linux-amd64.tar.gz
#tar xvf flannel-v0.8.0-linux-amd64.tar.gz
#mv /usr/bin/flanneld /usr/bin/flanneld.bak
#cp flanneld /usr/bin

　　

2.4 若是docker有啓動,要中止docker

2.5 若是存在docker0這個ip地址,要先刪除

#ip link delete docker0

　　

2.6 啓動

#systemctl deamon-reload
#systemctl enable flanneld
#systemctl start flanneld

　　

2.7 啓動docker

#systemctl start docker

　　

2.8 查看
#ifconfig

應該能夠看到:

flannel0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1472
        inet 10.1.32.0  netmask 255.255.0.0  destination 10.1.32.0
        inet6 fe80::2987:ef4:fdde:30a7  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 78  bytes 5435 (5.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 31  bytes 3286 (3.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1472
        inet 10.1.32.1  netmask 255.255.255.0  broadcast 0.0.0.0
        inet6 fe80::42:2eff:fec1:7d9e  prefixlen 64  scopeid 0x20<link>
        ether 02:42:2e:c1:7d:9e  txqueuelen 0  (Ethernet)
        RX packets 9322  bytes 1046496 (1021.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8939  bytes 2183012 (2.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

　　

其中docker0是flannel0的子網

3.安裝和配置kubernetes-node

3.1 安裝kubernetes-node
#yum install kubernetes-node

3.2 配置全局文件
#vi /etc/kubernetes/config
--------------------------------------------
KUBE_MASTER="--master=http://master:8080"
---------------------------------------------

3.3 配置kubelet組件
#vi /etc/kubernetes/kubelet
--------------------
KUBELET_HOSTNAME="--hostname-override=node1"
KUBELET_API_SERVER="--api-servers=http://master:8080"
---------------------

PS:
node1 爲規劃的節點上的局域網ip

3.4 配置開機啓動並啓動服務
#systemctl enable kubelet kube-proxy
#systemctl start kubelet kube-proxy

五.master上查看節點:
#kubectl get nodes

如出現:
No resources found.

請查看master和node上的firewalld是否關閉,selinux是否關閉

正常應該出現:NAME STATUS AGEnode1 Ready 1mnode2 Ready 1m