CentOS7 安裝kubernetes

2臺機器，1臺爲Master，1臺爲Node

修改Host Master爲dmaster,Node爲dslave

 

安裝K8s and Etcd

---

在Master機器上安裝

yum install etcd

yum install kubernetes 

 

Node機器只須要

yum install kubernetes 

 

安裝k8s會自動安裝docker，目前版本是1.8

 

配置K8s

---

 

Etcd默認的監聽端口是4001，在這裏修改

vim /etc/etcd/etcd.conf

 

修改Master機器K8s配置

1. apiserver配置

vim /etc/kubernetes/apiserver

 

###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#

# The address on the local server to listen to.
KUBE_API_ADDRESS="--address=0.0.0.0"

# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"

# Port minions listen on
KUBELET_PORT="--kubelet_port=10250"

# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd_servers=http://127.0.0.1:4001"

# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

# default admission control policies
KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

# Add your own!
KUBE_API_ARGS="--secure-port=0"

 

2.K8s配置

vim /etc/kubernetes/config

# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
#   kube-apiserver.service
#   kube-controller-manager.service
#   kube-scheduler.service
#   kubelet.service
#   kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"

# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"

# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow_privileged=false"

# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://dmaster:8080"
KUBE_ETCD_SERVERS="--etcd-servers=http://dmaster:4001"

 

3.啓動服務

systemctl enable etcd kube-apiserver kube-controller-manager kube-scheduler

systemctl restart etcd kube-apiserver kube-controller-manager kube-scheduler

systemctl status etcd kube-apiserver kube-controller-manager kube-scheduler

 

 

修改Node機器配置

1. K8s配置

vim /etc/kubernetes/kubelet

# kubernetes kubelet (minion) config

# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=127.0.0.1"

# The port for the info server to serve on
KUBELET_PORT="--port=10250"

# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname_override=dslave"

# location of the api-server
KUBELET_API_SERVER="--api_servers=http://dmaster:8080"

# Add your own!
KUBELET_ARGS=""

 

2. 啓動服務

systemctl enable kube-proxy kubeletdocker

systemctl restart kube-proxy kubeletdocker

systemctl status kube-proxy kubeletdocker

 

新增Pod

---

1. 在Master機器查看Node狀態

[root@192 k8s]# kubectl get nodes
NAME      LABELS                          STATUS
dslave    kubernetes.io/hostname=dslave   Ready

2. 新建Pod資源文件

apiVersion: v1
kind: Pod
metadata:
  name: mysql
  labels: 
    name: mysql
spec: 
  containers: 
    - resources:
        limits :
          cpu: 0.5
      image: mysql
      name: mysql
      env:
        - name: MYSQL_ROOT_PASSWORD
          # change this
          value: rootpwd
      ports: 
        - containerPort: 3306
          name: mysql
      volumeMounts:
          # name must match the volume name below
        - name: mysql-persistent-storage
          # mount path within the container
          mountPath: /var/lib/mysql
  volumes:
    - name: mysql-persistent-storage
      cinder:
        volumeID: bd82f7e2-wece-4c01-a505-4acf60b07f4a
        fsType: ext4

3. 導入資源

kubectl create -f mysql.yaml

 

4. 查看資源狀態

[root@192 k8s]# kubectl get pods
NAME      READY     STATUS    RESTARTS   AGE
mysql     1/1       Running   0          1h

這裏已經部署在運行了，因此是Running。Status開始是Ready。

 

5. 查看日誌

Master機器日誌

tail -f /var/log/messages | grep kube

Dec 11 09:54:11 192 kube-scheduler: I1211 09:54:11.380994   20445 event.go:203] Event(api.ObjectReference{Kind:"Pod", Namespace:"default", Name:"mysql", UID:"2f192467-a030-11e5-8a55-000c298cfaa1", APIVersion:"v1", ResourceVersion:"3522", FieldPath:""}): reason: 'scheduled' Successfully assigned mysql to dslave

 

在部署Pod時，在Node機器日誌中報錯

Dec 11 09:30:22 dslave kubelet: E1211 09:30:22.745867   99650 manager.go:1557] Failed to create pod infra container: image pull failed for gcr.io/google_containers/pause:0.8.0, this may be because there are no credentials on this request.  details: (Network timed out while trying to connect to http://gcr.io/v1/repositories/google_containers/pause/images. You may want to check your internet connection or if you are behind a proxy.); Skipping pod "mysql_default"
Dec 11 09:30:22 dslave kubelet: E1211 09:30:22.955470   99650 pod_workers.go:111] Error syncing pod bcbb3b8a-a02a-11e5-8a55-000c298cfaa1, skipping: image pull failed for gcr.io/google_containers/pause:0.8.0, this may be because there are no credentials on this request.  details: (Network timed out while trying to connect to http://gcr.io/v1/repositories/google_containers/pause/images. You may want to check your internet connection or if you are behind a proxy.)

Google被牆了，下載資源包到本地

http://www.sunmite.com/linux/installing-kubernetes-cluster-on-centos7-to-manage-pods-and-services/attachment/pause-0-8-0/

在Node節點導入

docker load --input pause-0.8.0.tar

 

這是一個容器，負責Pod內部的網絡

 

還有一個問題是權限的問題

no API token found for service account default/default, retry after the token is automatically created and added to the service account

這樣便可解決

#vim /etc/kubernetes/apiserver
KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"

#systemctl restart kube-apiserver.service