CentOS7.3利用kubeadm安裝kubernetes1.7.3完整版(官方文檔填坑篇)

時間  2019-12-20
標籤 centos7.3 centos 利用 kubeadm 安裝 kubernetes1.7.3 kubernetes 完整 官方 文檔 欄目 CentOS 简体版
原文   原文鏈接

安裝前記:

近來容器對企業來講已經不是什麼陌生的概念,Kubernetes做爲Google開源的容器運行平臺,受到了你們的熱捧。搭建一套完整的kubernetes平臺,也成爲試用這套平臺必須邁過的坎兒。kubernetes1.5版本以及以前,安裝仍是相對比較方便的,官方就有經過yum源在centos7安裝kubernetes。可是在kubernetes1.6以後,安裝就比較繁瑣了,須要證書各類認證,對於剛接觸kubernetes的人來講很不友好,按照官方文檔在本地安裝「集羣」的的話,我以爲你確定是跑不起來的,除非你突破了GFW的限制,還要懂得怎麼樣不斷修改參數。node

令我驚訝的事,漫天都在吹捧kubernetes的強大,竟然一篇能夠幫助安裝的文檔都找不到(你能夠說我菜,可是我找的官方和非官方文檔不下十幾篇,無一成功)。python

我本身搞了一個星期,把kubernetes1.7.3版本(網絡組件選用Calico),終於按照官方文檔+填坑的方式部署成功,寫此文但願能幫助更多的人部署kubernetes1.7成功。linux

安裝

安裝準備

  • 操做系統:CentOS7.3
[root@centos7-base-ok]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)
  • 安裝機器:k8s-1爲master節點,k8s-二、k8s-3爲slave節點
[root@centos7-base-ok]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

k8s-1 192.168.80.28
k8s-2 192.168.80.35
k8s-3 192.168.80.14

安裝步驟

安裝docker 1.12(全部節點)

注意:如今docker已經更新到CE版本,可是kubernetes官方文檔說在1.12上測試經過,最近版本的兼容性未測試,爲了不後面出現大坑,咱們仍是乖乖安裝1.12版本的docker。nginx

1.新建docker.repo文件,將文件移動到/etc/yum.repos.d/目錄下git

[root@centos7-base-ok]# cat /etc/yum.repos.d/docker.repo
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/7/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg

2.運行yum命令,找到須要安裝的docker版本github

10:21 [root@centos7-base-ok]# yum list|grep docker | sort -r
python2-avocado-plugins-runner-docker.noarch
python-dockerpty.noarch                 0.4.1-6.el7                    epel
python-dockerfile-parse.noarch          0.0.5-1.el7                    epel
python-docker-scripts.noarch            0.4.4-1.el7                    epel
python-docker-pycreds.noarch            1.10.6-1.el7                   extras
python-docker-py.noarch                 1.10.6-1.el7                   extras
kdocker.x86_64                          4.9-1.el7                      epel
golang-github-fsouza-go-dockerclient-devel.x86_64
docker.x86_64                           2:1.12.6-32.git88a4867.el7.centos
docker-v1.10-migrator.x86_64            2:1.12.6-32.git88a4867.el7.centos
docker-unit-test.x86_64                 2:1.12.6-32.git88a4867.el7.centos
docker-registry.x86_64                  0.9.1-7.el7                    extras
docker-registry.noarch                  0.6.8-8.el7                    extras
docker-python.x86_64                    1.4.0-115.el7                  extras
docker-novolume-plugin.x86_64           2:1.12.6-32.git88a4867.el7.centos
docker-lvm-plugin.x86_64                2:1.12.6-32.git88a4867.el7.centos
docker-logrotate.x86_64                 2:1.12.6-32.git88a4867.el7.centos
docker-latest.x86_64                    1.13.1-13.gitb303bf6.el7.centos
docker-latest-v1.10-migrator.x86_64     1.13.1-13.gitb303bf6.el7.centos
docker-latest-logrotate.x86_64          1.13.1-13.gitb303bf6.el7.centos
docker-forward-journald.x86_64          1.10.3-44.el7.centos           extras
docker-engine.x86_64                    17.05.0.ce-1.el7.centos        dockerrepo
docker-engine.x86_64                    1.12.6-1.el7.centos            @dockerrepo
docker-engine-selinux.noarch            17.05.0.ce-1.el7.centos        @dockerrepo
docker-engine-debuginfo.x86_64          17.05.0.ce-1.el7.centos        dockerrepo
docker-distribution.x86_64              2.6.1-1.el7                    extras
docker-devel.x86_64                     1.3.2-4.el7.centos             extras
docker-compose.noarch                   1.9.0-5.el7                    epel
docker-common.x86_64                    2:1.12.6-32.git88a4867.el7.centos
docker-client.x86_64                    2:1.12.6-32.git88a4867.el7.centos
docker-client-latest.x86_64             1.13.1-13.gitb303bf6.el7.centos
cockpit-docker.x86_64                   141-3.el7.centos               extras

3.找到對應版本後,執行yum install -y 包名+版本號,安裝1.12版本的docker-enginegolang

[root@centos7-base-ok]# yum install -y docker-engine.x86_64-1.12.6-1.el7.centos

4.執行docker version命令,驗證docker安裝版本,執行docker run命令,驗證docker是否安裝成功docker

[root@centos7-base-ok]# docker version
Client:
 Version:      1.12.6
 API version:  1.24
 Go version:   go1.6.4
 Git commit:   78d1802
 Built:        Tue Jan 10 20:20:01 2017
 OS/Arch:      linux/amd64

Server:
 Version:      1.12.6
 API version:  1.24
 Go version:   go1.6.4
 Git commit:   78d1802
 Built:        Tue Jan 10 20:20:01 2017
 OS/Arch:      linux/amd64

5.設置開機啓動,啓動容器,docker安裝完成centos

[root@centos7-base-ok]# systemctl enbale docker && systemctl start docker

安裝kubectl、kubelet、kubeadm(根據需求在不一樣節點安裝)

注意:此步驟是填坑的開始,由於官方文檔的yum源在國內沒法使用,安裝完成後注意觀察你的/var/log/message日誌,會瘋狂報錯,彆着急,跟着我一步一步來填坑。api

1.新建kubernetes.repo文件,將文件移動到/etc/yum.repos.d/目錄下(全部節點)

[root@centos7-base-ok]# cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0

2.經過yum安裝kubectl、kubelet、kubeadm(全部節點)

[root@centos7-base-ok]# cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0

3.修改kubelet配置,啓動kubelet(全部節點)

注意:時刻查看/var/log/message的日誌輸出,會看到kubelet一直啓動失敗。

編輯10-kubeadm.conf的文件,修改cgroup-driver配置:

[root@centos7-base-ok]# cat /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--kubeconfig=/etc/kubernetes/kubelet.conf --require-kubeconfig=true"
Environment="KUBELET_SYSTEM_PODS_ARGS=--pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true"
Environment="KUBELET_NETWORK_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin"
Environment="KUBELET_DNS_ARGS=--cluster-dns=10.96.0.10 --cluster-domain=cluster.local"
Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.crt"
Environment="KUBELET_CADVISOR_ARGS=--cadvisor-port=0"
Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs"
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_CADVISOR_ARGS $KUBELET_CGROUP_ARGS $KUBELET_EXTRA_ARGS

將「--cgroup-driver=systems」修改爲爲「--cgroup-driver=cgroupfs」,從新啓動kubelet。

[root@centos7-base-ok]# systemctl restart kubelet

4.下載安裝k8s依賴鏡像

注意:此步驟很是關鍵,kubenetes初始化啓動會依賴這些鏡像,天朝的網絡確定是拉不下來google的鏡像的,通常人過了上一關,這一關未必過的去,必定要提早把鏡像下載到本地,kubeadm安裝纔會繼續,下面我會列出來master節點和node依賴的鏡像列表。(備註:考慮到隨着kubernetes版本一直更新,鏡像也可能會有變化,你們能夠先執行 kubeadm init 生成配置文件,日誌輸出到 [apiclient] Created API client, waiting for the control plane to become ready 這一行就會卡住不動了,你能夠直接執行 ctrl + c 停止命令執行,而後查看 ls -ltr /etc/kubernetes/manifests/
yaml文件列表,每一個文件都會寫着鏡像的地址和版本)
在這裏我提一個能夠解決下載google鏡像的方法,就是買一臺能夠下載的機器,安裝代理軟件,在須要下載google鏡像的機器的docker設置 HTTP_PROXY 配置項,配置好本身的服務代理便可(也能夠直接買能夠訪問到google的服務器安裝).

master節點:

REPOSITORY                                               TAG                 IMAGE ID            CREATED             SIZE
quay.io/calico/kube-policy-controller                    v0.7.0              fe3174230993        3 days ago          21.94 MB
kubernetesdashboarddev/kubernetes-dashboard-amd64        head                e2cadb73b2df        5 days ago          136.5 MB
quay.io/calico/node                                      v2.4.1              7643422fdf0f        6 days ago          277.4 MB
gcr.io/google_containers/kube-controller-manager-amd64   v1.7.3              d014f402b272        11 days ago         138 MB
gcr.io/google_containers/kube-apiserver-amd64            v1.7.3              a1cc3a3d8d0d        11 days ago         186.1 MB
gcr.io/google_containers/kube-scheduler-amd64            v1.7.3              51967bf607d3        11 days ago         77.2 MB
gcr.io/google_containers/kube-proxy-amd64                v1.7.3              54d2a8698e3c        11 days ago         114.7 MB
quay.io/calico/cni                                       v1.10.0             88ca805c8ddd        13 days ago         70.25 MB
gcr.io/google_containers/kubernetes-dashboard-amd64      v1.6.3              691a82db1ecd        2 weeks ago         139 MB
quay.io/coreos/etcd                                      v3.1.10             47bb9dd99916        4 weeks ago         34.56 MB
gcr.io/google_containers/k8s-dns-sidecar-amd64           1.14.4              38bac66034a6        7 weeks ago         41.81 MB
gcr.io/google_containers/k8s-dns-kube-dns-amd64          1.14.4              a8e00546bcf3        7 weeks ago         49.38 MB
gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64     1.14.4              f7f45b9cb733        7 weeks ago         41.41 MB
gcr.io/google_containers/etcd-amd64                      3.0.17              243830dae7dd        5 months ago        168.9 MB
gcr.io/google_containers/pause-amd64                     3.0                 99e59f495ffa        15 months ago       746.9 kB

node節點:

[root@centos7-base-ok]# docker images
REPOSITORY                                            TAG                 IMAGE ID            CREATED             SIZE
kubernetesdashboarddev/kubernetes-dashboard-amd64     head                e2cadb73b2df        5 days ago          137MB
quay.io/calico/node                                   v2.4.1              7643422fdf0f        6 days ago          277MB
gcr.io/google_containers/kube-proxy-amd64             v1.7.3              54d2a8698e3c        11 days ago         115MB
quay.io/calico/cni                                    v1.10.0             88ca805c8ddd        13 days ago         70.3MB
gcr.io/google_containers/kubernetes-dashboard-amd64   v1.6.3              691a82db1ecd        2 weeks ago         139MB
nginx                                                 latest              b8efb18f159b        2 weeks ago         107MB
hello-world                                           latest              1815c82652c0        2 months ago        1.84kB
gcr.io/google_containers/pause-amd64                  3.0                 99e59f495ffa        15 months ago       747kB

5.利用kubeadm初始化服務(master節點)

注意:若是你在上一步執行過 kubeadm init 命令,沒有關係,此步執行只須要執行時加上 --skip-preflight-checks 這個配置項便可。

注意:執行 kubeadm init--pod-network-cidr 參數和選擇的網絡組件有關係,詳細能夠看官方文檔說明,本文選用的網絡組件爲 Calico

[root@centos7-base-ok]# kubeadm init --pod-network-cidr=192.168.0.0/16 --apiserver-advertise-address=0.0.0.0 --apiserver-cert-extra-sans=192.168.80.28,192.168.80.14,192.168.80.35,127.0.0.1,k8s-1,k8s-2,k8s-3,192.168.0.1 --skip-preflight-checks

參數說明:

參數名稱 必選 參數說明
pod-network-cidr Yes For certain networking solutions the Kubernetes master can also play a role in allocating network ranges (CIDRs) to each node. This includes many cloud providers and flannel. You can specify a subnet range that will be broken down and handed out to each node with the --pod-network-cidr flag. This should be a minimum of a /16 so controller-manager is able to assign /24 subnets to each node in the cluster. If you are using flannel with this manifest you should use --pod-network-cidr=10.244.0.0/16. Most CNI based networking solutions do not require this flag.
apiserver-advertise-address Yes This is the address the API Server will advertise to other members of the cluster. This is also the address used to construct the suggested kubeadm join line at the end of the init process. If not set (or set to 0.0.0.0) then IP for the default interface will be used.
apiserver-cert-extra-sans Yes Additional hostnames or IP addresses that should be added to the Subject Alternate Name section for the certificate that the API Server will use. If you expose the API Server through a load balancer and public DNS you could specify this with.

其它的 kubeadm 參數設置請參照 官方文檔

6.作一枚安靜的美男子,等待安裝成功,安裝成功後你會看到日誌以下(master節點):

注意:記錄這段日誌,後面添加node節點要用到。

[apiclient] All control plane components are healthy after 22.003243 seconds
[token] Using token: 33729e.977f7b5d0a9b5f3e
[apiconfig] Created RBAC rules
[addons] Applied essential addon: kube-proxy
[addons] Applied essential addon: kube-dns

Your Kubernetes master has initialized successfully!

To start using your cluster, you need to run (as a regular user):

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  http://kubernetes.io/docs/admin/addons/

You can now join any number of machines by running the following on each node
as root:

  kubeadm join --token xxxxxxx 192.168.80.28:6443

7.建立kube的目錄,添加kubectl配置(master節點)

mkdir -p $HOME/.kube
 sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
 sudo chown $(id -u):$(id -g) $HOME/.kube/config

8.用 kubectl 添加網絡組件Calico(master節點)

kubectl apply -f http://docs.projectcalico.org/v2.4/getting-started/kubernetes/installation/hosted/kubeadm/1.6/calico.yaml

注意:此處坑爲該文件未必下載的到,建議仍是提早下載到本地,而後執行 kubectl apply -f <本地路徑>

9.確認安裝是否成功(master節點)

9.1 打開你的/var/log/messages,查看是否有報錯,理論上,執行完上一步過去5分鐘,日誌應該不會有任何錯誤出現,若是持續報錯,而且過了10分鐘錯誤依然沒有消失,檢查以前的步驟是否有問題

9.2 運行 kubectl get pods --all-namespaces 查看結果,若是STATUS都爲Running,恭喜你,你的master已經安裝成功了。

注意:你的結果顯示的條數未必和我徹底同樣,由於我這裏有node節點的相關信息,而你尚未添加node節點。

[root@centos7-base-ok]# kubectl get pods --all-namespaces
NAMESPACE     NAME                                       READY     STATUS    RESTARTS   AGE
default       nginx-app-1666850838-4z2tb                 1/1       Running   0          3d
kube-system   calico-etcd-0ssdd                          1/1       Running   0          3d
kube-system   calico-node-1zfxd                          2/2       Running   1          3d
kube-system   calico-node-s2gfs                          2/2       Running   1          3d
kube-system   calico-node-xx30v                          2/2       Running   1          3d
kube-system   calico-policy-controller-336633499-wgl8j   1/1       Running   0          3d
kube-system   etcd-k8s-1                                 1/1       Running   0          3d
kube-system   kube-apiserver-k8s-1                       1/1       Running   0          3d
kube-system   kube-controller-manager-k8s-1              1/1       Running   0          3d
kube-system   kube-dns-2425271678-trmxx                  3/3       Running   1          3d
kube-system   kube-proxy-79kkh                           1/1       Running   0          3d
kube-system   kube-proxy-n1g6j                           1/1       Running   0          3d
kube-system   kube-proxy-vccr6                           1/1       Running   0          3d
kube-system   kube-scheduler-k8s-1                       1/1       Running   0          3d

10.安裝node節點,執行在master節點執行成功輸出的日誌語句(node節點執行)

注意:執行以下語句的以前,必定要確認node節點下載了上文提到的鏡像,不然由於鏡像下載不成功會致使node節點初始化失敗;第二點,必定要時刻查看/var/log/messages日誌,若是鏡像版本發生變化,在日誌裏會提示須要下載的鏡像;第三點,就是要有耐心,若是你的網絡能夠下載到鏡像,你當個安靜的美男子就能夠了,由於 kubeadm 會幫你作一切,知道你發現/var/log/messages再也不有錯誤日誌出現,說明它已經幫你搞定了全部事情,你能夠開心的玩耍了。

[root@centos7-base-ok]# kubeadm join --token xxxxxxxx 192.168.80.28:6443
  1. 驗證子節點,在master節點執行 kubectl get nodes 查看節點狀態。

注意:node的狀態會變化,添加成功後纔是Ready。

[root@centos7-base-ok]# kubectl get nodes
NAME      STATUS    AGE       VERSION
k8s-1     Ready     3d        v1.7.3
k8s-2     Ready     3d        v1.7.3
k8s-3     Ready     3d        v1.7.3

12.恭喜你,你能夠開心的進行kubernetes1.7.3之旅了

安裝後記

Kubernetes,想說愛你不容易啊 ,歡迎其它團隊或者我的與咱們團隊進行交流,有意向能夠評論區給我留言。

補充:目前官方說dashboard的HEAD版本支持1.7,可是我試了下dashboard確實不行,但願官方加快修復,還有就是多些錯誤定位的方法,不然很難提出具體的問題。

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程