centos7 使用kubeadm 快速部署 kubernetes 國內源

時間 2019-11-08

標籤 centos7 centos 使用 kubeadm 快速部署 kubernetes 內源欄目 Tomcat 简体版

原文原文鏈接

前言

搭建kubernetes時看文檔以及資料走了不少彎路，so 整理了最後成功安裝的過程已作記錄。網上的搭建文章老是少一些步驟，想本人這樣的小白老是部署不成功(^_^)。php

準備兩臺或兩臺以上的虛擬機，系統centos7, 本文只准備了兩個虛擬機(電腦風扇已轉的飛起)。html

多注意紅色加粗的 代碼以及文字 ------qingfengnode

我開始整理這個文章的時候使用的是 kubernetes 1.13, 可是當我發佈的時候阿里雲的源已經更新到了 kubernetes 1.14 因此我想這個文章筆記對用kubeadm 安裝 kubernetes 都會有幫助linux

過程當中碰到的問題能夠先查一下文章最後看看有沒有碰到一樣的問題nginx

基礎環境準備

兩臺機器信息git

10.211.55.6 k8s-mastergithub

10.211.55.7 k8s-nodedocker

#設置hostname 的方法 
hostnamectl set-hostname k8s-master  #在 10.211.55.6 上執行
hostnamectl set-hostname k8s-node    #在 10.211.55.7 上執行
hostnamectl --static #查看設置結果

全部操做無特殊說明都須要在全部節點(k8s-master 和 k8s-node)上執行json

關閉防火牆 :: 若是不想啓用防火牆，設置能夠參考這裏看一下kubernetes須要開放的端口 https://kubernetes.io/docs/setup/independent/install-kubeadm/#check-required-portsbootstrap

systemctl stop firewalld.service
systemctl disable firewalld.service
yum upgrade

關閉swap :: kubernetes1.8開始不關閉swap沒法啓動

#去掉 /etc/fstab 裏面這一行 /dev/mapper/centos-swap swap                    swap    defaults        0 0
swapoff -a
cp /etc/fstab /etc/fstab_bak
cat /etc/fstab_bak |grep -v swap > /etc/fstab
cat /etc/fstab

修改iptables參數 :: RHEL / CentOS 7上的一些用戶報告了因爲iptables被繞過而致使流量路由不正確的問題。建立/etc/sysctl.d/k8s.conf文件，添加以下內容：

cat <<EOF >  /etc/sysctl.d/k8s.conf
vm.swappiness = 0
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF


#使配置生效
modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf

加載ipvs模塊

cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF

#這條命令有點長
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

安裝docker :: 注意docker版本，如今最高18.06版本作了驗證

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum makecache fast
yum install -y --setopt=obsoletes=0 docker-ce-18.06.1.ce-3.el7
systemctl start docker
systemctl enable docker

#查看docker版本號
docker -v
Docker version 18.06.1-ce, build e68fc7a

用kubeadm 部署 kubernetes

安裝kubeadm, kubelet 注意:: yum install 安裝的時候必定要看一下kubernetes的版本號後面kubeadm init 的時候須要用到

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
exclude=kube*
EOF

#安裝   注意：：這裏必定要看一下版本號，由於 Kubeadm init 的時候 填寫的版本號不能低於kuberenete版本
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
#注 若是須要指定版本 用下面的命令 kubelet-<version>
yum install kubelet-1.14.1 kubeadm-1.14.1 kubectl-1.14.1 --disableexcludes=kubernetes

#啓動 kubelet 
systemctl enable kubelet.service && systemctl start kubelet.service

啓動kubelet.service以後咱們查看一下kubelet狀態是未啓動狀態，查看緣由發現是「/var/lib/kubelet/config.yaml」文件不存在，這裏能夠暫時先不用處理，當kubeadm init 以後會建立此文件

#查看 kubelet 狀態
[root@centos2 ~]# systemctl status kubelet.service
● kubelet.service - kubelet: The Kubernetes Node Agent
   Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/kubelet.service.d
           └─10-kubeadm.conf
   Active: activating (auto-restart) (Result: exit-code) since 日 2019-03-31 16:18:55 CST; 7s ago
     Docs: https://kubernetes.io/docs/
  Process: 4564 ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS (code=exited, status=255)
 Main PID: 4564 (code=exited, status=255)

3月 31 16:18:55 k8s-node systemd[1]: Unit kubelet.service entered failed state.
3月 31 16:18:55 k8s-node systemd[1]: kubelet.service failed.
[root@centos2 ~]#


#查看出錯信息
[root@centos2 ~]# journalctl -xefu kubelet
3月 31 16:19:46 k8s-node systemd[1]: kubelet.service holdoff time over, scheduling restart.
3月 31 16:19:46 k8s-node systemd[1]: Stopped kubelet: The Kubernetes Node Agent.
-- Subject: Unit kubelet.service has finished shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit kubelet.service has finished shutting down.
3月 31 16:19:46 k8s-node systemd[1]: Started kubelet: The Kubernetes Node Agent.
-- Subject: Unit kubelet.service has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit kubelet.service has finished starting up.
--
-- The start-up result is done.
3月 31 16:19:46 k8s-node kubelet[4611]: F0331 16:19:46.989588    4611 server.go:193] failed to load Kubelet config file /var/lib/kubelet/config.yaml, error failed to read kubelet config file "/var/lib/kubelet/config.yaml", error: open /var/lib/kubelet/config.yaml: no such file or directory
3月 31 16:19:46 k8s-node systemd[1]: kubelet.service: main process exited, code=exited, status=255/n/a
3月 31 16:19:46 k8s-node systemd[1]: Unit kubelet.service entered failed state.
3月 31 16:19:46 k8s-node systemd[1]: kubelet.service failed.

咱們在 k8s-master上用kubeadm ini初始化kubernetes ：： 注意：：這裏的kubernetes-version 必定要和上面安裝的版本號一致不然會報錯，報錯信息能夠參考文章後面錯誤集錦

#只在 k8s-master上執行   node節點不執行
kubeadm init \
--apiserver-advertise-address=10.211.55.6 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.13.1 \
--pod-network-cidr=10.244.0.0/16

--apiserver-advertise-addres :: 填寫 k8s-master ip

--image-repository :: 鏡像地址

--kubernetes-version :: 關閉版本探測，由於它的默認值是stable-1，會從https://storage.googleapis.com/kubernetes-release/release/stable-1.txt下載最新的版本號，指定版本跳過網絡請求，再次強調必定要和Kubernetes版本號一致

kubeadm init 初始化信息, 咱們看一下初始化過程發現自動建立了 "/var/lib/kubelet/config.yaml" 這個文件

[init] Using Kubernetes version: v1.13.1
[preflight] Running pre-flight checks
    [WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Activating the kubelet service
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [centos kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.211.55.6]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [centos localhost] and IPs [10.211.55.6 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [centos localhost] and IPs [10.211.55.6 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[apiclient] All control plane components are healthy after 19.507714 seconds
[uploadconfig] storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.13" in namespace kube-system with the configuration for the kubelets in the cluster
[patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "centos" as an annotation
[mark-control-plane] Marking the node centos as control-plane by adding the label "node-role.kubernetes.io/master=''"
[mark-control-plane] Marking the node centos as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: sfaff2.iet15233unw5jzql
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstraptoken] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstraptoken] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstraptoken] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstraptoken] creating the "cluster-info" ConfigMap in the "kube-public" namespace
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

Your Kubernetes master has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  #======這裏是用時再使用集羣以前須要執行的操做------qingfeng
  mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of machines by running the following on each node
as root: #=====這是增長節點的方法 token過時 請參考問題集錦------qingfeng kubeadm join 10.211.55.6:6443 --token sfaff2.iet15233unw5jzql --discovery-token-ca-cert-hash sha256:f798c5be53416ca3b5c7475ee0a4199eb26f9e31ee7106699729c0660a70f8d7

[root@centos ~]#

初始化成功後會提示在使用以前須要再配置一下，配置方法已經給出，另外會生成一個臨時token以及增長節點的方法

#普通用戶要使用k8s 須要執行下面操做
  
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config


#若是是root 能夠直接執行
export KUBECONFIG=/etc/kubernetes/admin.conf

# 以上兩個二選一便可，這裏我是直接用的root 因此直接執行
export KUBECONFIG=/etc/kubernetes/admin.conf

如今咱們查看一下 kubelet 的狀態已是 running 狀態，啓動成功

[root@k8s-master ~]# systemctl status kubelet.service
● kubelet.service - kubelet: The Kubernetes Node Agent
   Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/kubelet.service.d
           └─10-kubeadm.conf
   Active: active (running) since 日 2019-03-31 16:11:57 CST; 26min ago
     Docs: https://kubernetes.io/docs/
 Main PID: 32083 (kubelet)
    Tasks: 16
   Memory: 39.6M
   CGroup: /system.slice/kubelet.service
           └─32083 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --cgroup-driver=systemd --network-plugin=cni --pod-infra-...

3月 31 16:38:28 k8s-master kubelet[32083]: W0331 16:38:28.028997   32083 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
3月 31 16:38:28 k8s-master kubelet[32083]: E0331 16:38:28.752039   32083 kubelet.go:2170] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not read...fig uninitialized
3月 31 16:38:33 k8s-master kubelet[32083]: W0331 16:38:33.029684   32083 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
3月 31 16:38:33 k8s-master kubelet[32083]: E0331 16:38:33.754045   32083 kubelet.go:2170] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not read...fig uninitialized
3月 31 16:38:38 k8s-master kubelet[32083]: W0331 16:38:38.030077   32083 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
3月 31 16:38:38 k8s-master kubelet[32083]: E0331 16:38:38.756061   32083 kubelet.go:2170] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not read...fig uninitialized
3月 31 16:38:43 k8s-master kubelet[32083]: W0331 16:38:43.030827   32083 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
3月 31 16:38:43 k8s-master kubelet[32083]: E0331 16:38:43.757292   32083 kubelet.go:2170] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not read...fig uninitialized
3月 31 16:38:48 k8s-master kubelet[32083]: W0331 16:38:48.031403   32083 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
3月 31 16:38:48 k8s-master kubelet[32083]: E0331 16:38:48.758876   32083 kubelet.go:2170] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not read...fig uninitialized
Hint: Some lines were ellipsized, use -l to show in full.

查看狀態 ::確認每一個組件都是 Healthy 狀態

[root@centos ~]kubectl get cs
NAME                 STATUS    MESSAGE              ERROR
scheduler            Healthy   ok
controller-manager   Healthy   ok
etcd-0               Healthy   {"health": "true"}

查看node狀態 da

[root@centos ~]kubectl get node
NAME     STATUS     ROLES    AGE   VERSION
centos   NotReady   master   11m   v1.13.4

安裝port Network( flannel ) :: k8s cluster 工做必須安裝pod網絡，不然pod之間沒法通訊，k8s支持多種方案，這裏選擇flannel

[root@centos ~]kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
podsecuritypolicy.extensions/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.extensions/kube-flannel-ds-amd64 created
daemonset.extensions/kube-flannel-ds-arm64 created
daemonset.extensions/kube-flannel-ds-arm created
daemonset.extensions/kube-flannel-ds-ppc64le created
daemonset.extensions/kube-flannel-ds-s390x created
[root@centos ~]

檢查pod狀態，須要確保當前Pod 都是 running

[root@centos ~]kubectl get pod --all-namespaces -o wide
NAMESPACE     NAME                             READY   STATUS    RESTARTS   AGE     IP            NODE     NOMINATED NODE   READINESS GATES
kube-system   coredns-78d4cf999f-6b5wq         1/1     Running   0          5h1m    10.244.0.2    centos   <none>           <none>
kube-system   coredns-78d4cf999f-clhkc         1/1     Running   0          5h1m    10.244.0.3    centos   <none>           <none>
kube-system   etcd-centos                      1/1     Running   0          5h      10.211.55.6   centos   <none>           <none>
kube-system   kube-apiserver-centos            1/1     Running   0          5h      10.211.55.6   centos   <none>           <none>
kube-system   kube-controller-manager-centos   1/1     Running   0          5h      10.211.55.6   centos   <none>           <none>
kube-system   kube-flannel-ds-amd64-lnp55      1/1     Running   0          3m41s   10.211.55.6   centos   <none>           <none>
kube-system   kube-proxy-xsnr8                 1/1     Running   0          5h1m    10.211.55.6   centos   <none>           <none>
kube-system   kube-scheduler-centos            1/1     Running   0          5h      10.211.55.6   centos   <none>           <none>
[root@centos ~]

再次查看node狀態； pod狀態變爲 Ready

[root@centos ~]kubectl get nodes
NAME     STATUS   ROLES    AGE    VERSION
centos   Ready    master   5h2m   v1.13.4
[root@centos ~]

至此k8s就安裝完成了

安裝完了趕快體驗一下，寫個簡單的 deployment 測試一下

建立一個 nginx-deployment.yaml 內容以下

[root@k8s-master testnginx]# cat nginx-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: qf-test-nginx
  #namespace: qingfeng-deve
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: qingfenglian/test_nginx
        ports:
        - containerPort: 80

建立 svc, pod, 查看pod狀態發現到這裏發現 pod 狀態一直是 Pending

[root@k8s-master ~]# mkdir -p k8s/testnginx
[root@k8s-master ~]# cd k8s/testnginx/
[root@k8s-master testnginx]# vim nginx-deployment.yaml
[root@k8s-master testnginx]# vim nginx-deployment.yaml
[root@k8s-master testnginx]# kubectl create -f nginx-deployment.yaml
deployment.extensions/qf-test-nginx created
[root@k8s-master testnginx]# kubectl get svc,pod
NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
service/kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   19m

NAME                                 READY   STATUS    RESTARTS   AGE
pod/qf-test-nginx-56db997f77-gkvcz   0/1     Pending   0          8s

緣由是：k8s-master 這臺機器不容許建立pod ,想要在k8s-master上建立pod ,實現k8s單點部署能夠執行下面操做

#先查看一下 k8s-master這臺機器是否容許建立Pod，發現是 NoSchedule
[root@k8s-master testnginx]# kubectl describe node k8s-master | grep Taint
Taints:             node-role.kubernetes.io/master:NoSchedule

#如今容許 k8s-master建立 pod
[root@k8s-master testnginx]# kubectl taint nodes k8s-master node-role.kubernetes.io/master-
node/k8s-master untainted

#咱們再來查看一下是否容許建立pod
[root@k8s-master testnginx]# kubectl describe node k8s-master | grep Taint
Taints:             <none>



########--------------分割線------------#########
#可能有的小夥伴測試完成後還想恢復到 k8s-master上禁止建立Pod,能夠執行下面操做
kubectl taint nodes k8s-master node-role.kubernetes.io/master=:NoSchedule

當容許k8s-master容許建立pod 以後，咱們再來看一下pod狀態

[root@k8s-master testnginx]# kubectl describe node k8s-master | grep Taint
Taints:             node-role.kubernetes.io/master:NoSchedule
[root@k8s-master testnginx]# kubectl taint nodes k8s-master node-role.kubernetes.io/master-
node/k8s-master untainted
[root@k8s-master testnginx]# kubectl describe node k8s-master | grep Taint
Taints:             <none>
[root@k8s-master testnginx]# kubectl get pod
NAME                             READY   STATUS    RESTARTS   AGE
qf-test-nginx-56db997f77-gkvcz   1/1     Running   0          8m50s    ----------------這裏能夠發現pod 已經啓動

增長node節點

執行 kubeadm join

[root@k8s-node ~]# kubeadm join 10.211.55.6:6443 --token uf2c4g.n7ibf1g8gxbkqz2z \
>     --discovery-token-ca-cert-hash sha256:f01892c96cee8d02c373e34bed3a45c8f3f9888fdd19767e706ec09e8fb9c893
[preflight] Running pre-flight checks
    [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
    [WARNING Hostname]: hostname "k8s-node" could not be reached
    [WARNING Hostname]: hostname "k8s-node": lookup k8s-node on 10.211.55.1:53: no such host
    [WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.14" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Activating the kubelet service
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

如今能夠用 kubectl get node 查看有多少節點了 , 若是想在node節點上使用kubectl 命令須要把 k8s-master 上 /etc/kubernetes/admin.conf 文件copy到幾點機器上並使用 export KUBECONFIG=/etc/kubernetes/admin.conf, 這個在初始化的時候已經提到,, 能夠用scp 命令拷貝

[root@k8s-master testnginx]# kubectl get node
NAME         STATUS     ROLES    AGE     VERSION
k8s-master   Ready      master   37m     v1.14.0
k8s-node     NotReady   <none>   2m55s   v1.14.0

copy admin.conf 到節點機器:: 在節點機器上執行下面命令

[root@k8s-node ~]# kubectl get node                -------------節點 使用kubectl
The connection to the server localhost:8080 was refused - did you specify the right host or port? ----這是報錯
[root@k8s-node ~]# scp root@10.211.55.6:/etc/kubernetes/admin.conf /etc/kubernetes/admin.conf    -----從k8s-master 把admin.conf文件copy到當前節點機器上
The authenticity of host '10.211.55.6 (10.211.55.6)' can't be established.
ECDSA key fingerprint is SHA256:ijx7s49ok7H8PMRY0tVKn7Be06G0OjArv/DpCNtHoIw.
ECDSA key fingerprint is MD5:89:68:de:2f:fe:ca:3f:26:e2:28:30:87:2b:21:e9:3d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.211.55.6' (ECDSA) to the list of known hosts.
root@10.211.55.6's password:
admin.conf                                                                                           100% 5451     5.4MB/s   00:00
[root@k8s-node ~]# export KUBECONFIG=/etc/kubernetes/admin.conf      --------導入
[root@k8s-node ~]# kubectl get node    ------------再次使用kubectl 查看 node 
NAME         STATUS   ROLES    AGE     VERSION
k8s-master   Ready    master   43m     v1.14.0
k8s-node     Ready    <none>   8m15s   v1.14.0

刪除node

刪除節點以後，節點想再次加入到集羣中須要先執行 kubeadm reset , 以後再執行 kubeadm join

[root@k8s-master testnginx]# kubectl delete node k8s-node    ---k8s-node節點名稱，固然不僅這一種刪除pod的方法，我這裏不一一列出了

增長節點時token過時，從新生成token的方法, 直接上命令了

[root@k8s-master testnginx]# kubeadm token list
TOKEN                     TTL       EXPIRES                     USAGES                   DESCRIPTION                                                EXTRA GROUPS
uf2c4g.n7ibf1g8gxbkqz2z   23h       2019-04-03T15:28:40+08:00   authentication,signing   The default bootstrap token generated by 'kubeadm init'.   system:bootstrappers:kubeadm:default-node-token
[root@k8s-master testnginx]# kubeadm token create
w0r09e.e5olwz1rlhwvgo9p
[root@k8s-master testnginx]# kubeadm token list
TOKEN                     TTL       EXPIRES                     USAGES                   DESCRIPTION                                                EXTRA GROUPS
uf2c4g.n7ibf1g8gxbkqz2z   23h       2019-04-03T15:28:40+08:00   authentication,signing   The default bootstrap token generated by 'kubeadm init'.   system:bootstrappers:kubeadm:default-node-token
w0r09e.e5olwz1rlhwvgo9p   23h       2019-04-03T16:19:56+08:00   authentication,signing   <none>                                                     system:bootstrappers:kubeadm:default-node-token
[root@k8s-master testnginx]#

因爲咱們容許k8s-master建立pod ,so如今咱們有兩個節點了,咱們把剛纔的 nginx-deployment.yaml 中pod個數改爲2 看看結果

#nginx-deployment 修改以後的內容，，其實 只改了 spec.replicas 由1改爲 2 
[root@k8s-master testnginx]# cat nginx-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: qf-test-nginx
  #namespace: qingfeng-deve
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: qingfenglian/test_nginx
        ports:
        - containerPort: 80


#從新部署
[root@k8s-master testnginx]# kubectl apply -f nginx-deployment.yaml
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
deployment.extensions/qf-test-nginx configured

#查看pod 狀態 發現已是2個pod的，可是一個還沒起來，稍等一下
[root@k8s-master testnginx]# kubectl get pod -o wide
NAME                             READY   STATUS              RESTARTS   AGE   IP           NODE         NOMINATED NODE   READINESS GATES
qf-test-nginx-56db997f77-gkvcz   1/1     Running             0          35m   10.244.0.6   k8s-master   <none>           <none>
qf-test-nginx-56db997f77-tx4wk   0/1     ContainerCreating   0          12s   <none>       k8s-node     <none>           <none>

#這裏再看 兩個Pod都已經啓動成功，，注意看 NODE 列 發現是在不一樣的NODE上面
[root@k8s-master testnginx]# kubectl get pod -o wide
NAME                             READY   STATUS    RESTARTS   AGE    IP           NODE         NOMINATED NODE   READINESS GATES
qf-test-nginx-56db997f77-gkvcz   1/1     Running   0          37m    10.244.0.6   k8s-master   <none>           <none>
qf-test-nginx-56db997f77-tx4wk   1/1     Running   0          107s   10.244.3.2   k8s-node     <none>           <none>
[root@k8s-master testnginx]#

好了，此次記錄就到此結束了。

遇到的問題

問題1：kubernetes源的問題

描述：開始是想經過命令行代理的方式解決源的問題，再實際使用中發如今 kubeadm init 的時候會報找不到 k8s-master主機

解決：用aliyum的原

問題2：k8s啓動不成功之 docker版本問題

解決：寫這篇文章的時候k8s對docker驗證最高到 18.06，但此時docker版本已經到了18.09,開始本着測試體驗最新版本結果...

其餘錯誤

報錯 kubectl get pod 提示：：The connection to the server localhost:8080 was refused - did you specify the right host or port?

解決：將主節點（master節點）中的【/etc/kubernetes/admin.conf】文件拷貝到從節點相同目錄下

報錯：the kubelet version is higher than the control plane version. This is not a supported version skew and may lead to a malfunctional cluster. Kubelet version: "1.14.0" Control plane version: "1.13.1

解決：注意安裝過程當中紅色字體部分，已經提示在kubeadm init 初始化的時候kubernetes的版本

報錯: [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/

解決:

[root@k8s-master ~]# docker info
Containers: 17
 Running: 16
 Paused: 0
 Stopped: 1
Images: 8
Server Version: 18.06.1-ce
Storage Driver: overlay2
 Backing Filesystem: xfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: systemd      ######------主要看這裏，沒有修改以前應該是 cgroup


#修改 docker文件驅動, 修改保存後 從新啓動 docker  , docker從新啓動方法(systemctl restart docker)

#修改或者建立
vim /etc/docker/daemon.json

#添加以下內容 --這行就不要添加了這只是個註釋(^_^)------qingfeng

{
  "exec-opts": ["native.cgroupdriver=systemd"]
}