k8s Docker 安裝
點(diǎn)擊上方藍(lán)色字體,選擇“標(biāo)星公眾號(hào)”
優(yōu)質(zhì)文章,第一時(shí)間送達(dá)
? 作者?|??論精微而朗暢?
來(lái)源 |? urlify.cn/f2eeim
66套java從入門到精通實(shí)戰(zhàn)課程分享
一、運(yùn)行環(huán)境
Centos 7.7
虛擬機(jī)內(nèi)核為 3.10
基礎(chǔ)組件版本:
k8s.gcr.io/kube-apiserver:v1.16.0
k8s.gcr.io/kube-controller-manager:v1.16.0
k8s.gcr.io/kube-scheduler:v1.16.0
k8s.gcr.io/kube-proxy:v1.16.0
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.15-0
k8s.gcr.io/coredns:1.6.2
| hsjry-16-114-128 | 172.16.114.128 | 2c2G | master |
| hsjry-16-114-129 | 172.16.114.129 | 2c2G | node1 |
| hsjry-16-114-130 | 172.16.114.130 | 2c2G | node2 |
二、介質(zhì)準(zhǔn)備
需要下載安裝 docker 所需要的依賴和 docker 本身。
需要下載上述組件的鏡像包
準(zhǔn)備 kubeadm kubectl kubelet
?cat?>?/etc/yum.repos.d/kubernetes.repo?<[kubernetes]
name=Kubernetes?Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
enabled=1
EOF
yum?list?kubeadm?--showduplicates
yum?remove?kubectl?kubeadm?kubelet
yum?-y?install?kubectl-1.16.0-0?kubeadm-1.16.0-0?kubelet-1.16.0-0
三、安裝 docker
1.殘余卸載
安裝之前先將原有的
yum?remove?docker?\
??????????????????docker-client?\
??????????????????docker-client-latest?\
??????????????????docker-common?\
??????????????????docker-latest?\
??????????????????docker-latest-logrotate?\
??????????????????docker-logrotate?\
??????????????????docker-selinux?\
??????????????????docker-engine-selinux?\
??????????????????docker-engine
rm?-rf?/etc/systemd/system/docker.service.d
rm?-rf?/var/lib/docker
rm?-rf?/var/run/docker
2.前期準(zhǔn)備
#?關(guān)閉防火墻
systemctl?stop?firewalld?&&?systemctl?disable?firewalld
iptables?-F?&&?iptables?-X?&&?iptables?-F?-t?nat?&&?iptables?-X?-t?nat?&&?iptables?-P?FORWARD?ACCEPT
#?關(guān)閉?SELinux
setenforce?0
sed?-i?"s/SELINUX=enforcing/SELINUX=disabled/g"?/etc/selinux/config
#?關(guān)閉?swapoff
swapoff?-a
sed?-i?'/?swap?/?s/^\(.*\)$/#\1/g'?/etc/fstab
3.rpm 安裝 docker
rpm?-ivh?*.rpm?--nodeps?--force
4.收尾設(shè)置
這里的資源管理方式采用 systemd(可自行根據(jù)情況選擇)
systemctl?enable?docker
systemctl?start?docker
cat?<>?/etc/docker/daemon.json?
{
??"exec-opts":?["native.cgroupdriver=systemd"],
??"insecure-registries":?["0.0.0.0/0"]
}
EOF
systemctl?restart?docker
四、安裝 kubernetes
1.前期配置
這個(gè)階段的內(nèi)容需要在各個(gè)節(jié)點(diǎn)上執(zhí)行
base_dir=./k8s
#?加載內(nèi)核參數(shù)
modprobe?--?ip_vs
modprobe?--?ip_vs_rr
modprobe?--?ip_vs_wrr
modprobe?--?ip_vs_sh
if?[[?$(uname?-r?|cut?-d?.?-f1)?-ge?4?&&?$(uname?-r?|cut?-d?.?-f2)?-ge?19?]];?then
??modprobe?--?nf_conntrack
else
??modprobe?--?nf_conntrack_ipv4
fi
cat?<??/etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables?=?1
net.bridge.bridge-nf-call-iptables?=?1
EOF
#?立即生效
sysctl?--system
sysctl?-w?net.ipv4.ip_forward=1
systemctl?stop?firewalld?&&?systemctl?disable?firewalld
swapoff?-a?||?true
setenforce?0?||?true
#?這里是將下載好的直接?cp,也可選擇?rpm?安裝的方式
chmod?a+x?$base_dir/bin/*
cp?$base_dir/bin/*?/usr/bin
cp?$base_dir/conf/kubelet.service?/etc/systemd/system/
mkdir?/etc/systemd/system/kubelet.service.d
cp?$base_dir/conf/10-kubeadm.conf?/etc/systemd/system/kubelet.service.d/
#?獲取?docker?的?cgroupDriver
cgroupDriver=$(docker?info|grep?Cg)
driver=${cgroupDriver##*:?}
echo?"driver?is?${driver}"
mkdir?-p?/var/lib/kubelet/?||?true
#?聲明?kubelete?的配置內(nèi)容
cat?<?/var/lib/kubelet/config.yaml
address:?0.0.0.0
apiVersion:?kubelet.config.k8s.io/v1beta1
authentication:
??anonymous:
????enabled:?false
??webhook:
????cacheTTL:?2m0s
????enabled:?true
??x509:
????clientCAFile:?/etc/kubernetes/pki/ca.crt
authorization:
??mode:?Webhook
??webhook:
????cacheAuthorizedTTL:?5m0s
????cacheUnauthorizedTTL:?30s
cgroupDriver:?${driver}
cgroupsPerQOS:?true
clusterDNS:
-?10.96.0.10
clusterDomain:?cluster.local
configMapAndSecretChangeDetectionStrategy:?Watch
containerLogMaxFiles:?5
containerLogMaxSize:?10Mi
contentType:?application/vnd.kubernetes.protobuf
cpuCFSQuota:?true
cpuCFSQuotaPeriod:?100ms
cpuManagerPolicy:?none
cpuManagerReconcilePeriod:?10s
enableControllerAttachDetach:?true
enableDebuggingHandlers:?true
enforceNodeAllocatable:
-?pods
eventBurst:?10
eventRecordQPS:?5
evictionHard:
??imagefs.available:?15%
??memory.available:?100Mi
??nodefs.available:?10%
??nodefs.inodesFree:?5%
evictionPressureTransitionPeriod:?5m0s
failSwapOn:?true
fileCheckFrequency:?20s
hairpinMode:?promiscuous-bridge
healthzBindAddress:?127.0.0.1
healthzPort:?10248
httpCheckFrequency:?20s
imageGCHighThresholdPercent:?85
imageGCLowThresholdPercent:?80
imageMinimumGCAge:?2m0s
iptablesDropBit:?15
iptablesMasqueradeBit:?14
kind:?KubeletConfiguration
kubeAPIBurst:?10
kubeAPIQPS:?5
makeIPTablesUtilChains:?true
maxOpenFiles:?1000000
maxPods:?110
nodeLeaseDurationSeconds:?40
nodeStatusUpdateFrequency:?10s
oomScoreAdj:?-999
podPidsLimit:?-1
port:?10250
registryBurst:?10
registryPullQPS:?5
resolvConf:?/etc/resolv.conf
rotateCertificates:?true
runtimeRequestTimeout:?2m0s
serializeImagePulls:?true
staticPodPath:?/etc/kubernetes/manifests
streamingConnectionIdleTimeout:?4h0m0s
syncFrequency:?1m0s
volumeStatsAggPeriod:?1m0s
EOF
#?加載鏡像包
docker?load?-i?$base_dir/images/images.tar.gz?||?true
systemctl?enable?kubelet
2.初始化 master
本次通過 kubeadm 的方式初始化 master 節(jié)點(diǎn)
base_dir=./k8s
kubeadm?init?--config?$base_dir/conf/kubeadm.yaml
mkdir?~/.kube
cp?/etc/kubernetes/admin.conf?~/.kube/config
kubectl?taint?nodes?--all?node-role.kubernetes.io/master-
kubectl?apply?-f?$base_dir/conf/kube-flannel.yaml
sleep?5
kubectl?apply?-f?$base_dir/conf/traefik-config.yaml
這里結(jié)束后會(huì)輸出一個(gè)命令,需要 cp 這個(gè)命令到 node 節(jié)點(diǎn)上敲下,就可以加入master 了
3.初始化 node
#?需執(zhí)行上述?1?的內(nèi)容
#?通過?kubeadm?create?token?創(chuàng)建的?token?,過期時(shí)間是24小時(shí),這就是為什么過了一天無(wú)法再次使用之前記錄的?kube?join?原生腳本的原因,也可以運(yùn)行?kubeadm?token?create?--ttl?0生成一個(gè)永不過期的?token,
4.驗(yàn)證
到 master 節(jié)點(diǎn)上敲 kubectl get nodes 就可以看到這個(gè)集群的信息咯
五、安裝 ingress
這里采用 traefix 來(lái)作為服務(wù)暴露的方式。kubectl apply -f $base_dir/conf/traefik-config.yaml
六、附件
github:
https://github.com/ankuo/k8s-install
粉絲福利:108本java從入門到大神精選電子書領(lǐng)取
???
?長(zhǎng)按上方鋒哥微信二維碼?2 秒 備注「1234」即可獲取資料以及 可以進(jìn)入java1234官方微信群
感謝點(diǎn)贊支持下哈?
評(píng)論
圖片
表情