本文讲解如何使用kubeadm安装。 作者|阿文 责编|郭芮 kubeadm能帮助您建立一个小型的符合最佳实践的Kubernetes集群。它可以运行在不同类型的机器上,例如笔记本、服务器和树莓派等。对于kubernetes不熟悉的新用户可以使用kubeadm快速的开始试用kubernetes。 准备三台机 192.168.10.89master 192.168.10.7node1 192.168.10.8node2 他们的配置是8核8G。 安装Docker 1.安装docker yum-yinstalldocker sudotee/etc/docker/'EOF' { "registry-mirrors":[""] } EOF sudosystemctldaemon-reload sudosystemctlrestartdocker 安装kubeadm 1.添加kubernetes源 catEOF/etc// [kubernetes] name=Kubernetes baseurl= enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey= EOF 2.执行如下命令安装kubeletkubeadmkubectl yuminstall-ykubeletkubeadmkubectl--disableexcludes=kubernetes systemctlenablekubeletsystemctlstartkubelet 3.执行查看kubeadm的images kubeadmconfigimageslist 可以看到如下信息: W081509:36:13.25161144413:98]couldnotfetchaKubernetesversionfromtheinternet:unabletogetURL"":Get() W081509:36:13.25173044413:99]fallingbacktothelocalclientversion: /kube-apiserver: /kube-controller-manager: /kube-scheduler: /kube-proxy: /pause:3.1 /etcd:3.3.10 /coredns:1.3.1 4.由于被墙,所以,我们可以使用阿里云的源来安装,将如下信息保存为k8s_images_后运行脚本下载镜像。 images=( kube-apiserver: kube-controller-manager: kube-scheduler: kube-proxy: pause:3.1 etcd:3.3.10 coredns:1.3.1 ) forimageNamein${images[@]};do /google_containers/$imageName /google_containers/$/$imageName /google_containers/$imageName done 5.然后执行如下命令安装kubeadm。 kubeadminit--kubernetes-version==10.244.0.0/16--service-cidr=10.96.0.0/12 安装完毕会提示: YourKubernetescontrol-planehasinitializedsuccessfully! Tostartusingyourcluster,youneedtorunthefollowingasaregularuser: mkdir-p$HOME/.kube sudocp-i/etc/kubernetes/$HOME/.kube/config sudochown$(id-u):$(id-g)$HOME/.kube/config Youshouldnowdeployapodnetworktothecluster. Run"kubectlapply-f[podnetwork].yaml"withoneoftheoptionslistedat: Thenyoucanjoinanynumberofworkernodesbyrunningthefollowingoneachasroot: :6443--\ --discovery-token-ca-cert-hashsha256:c8c4d08806ec22851c0eaa4e41962576b19d372e92f638a88e89f166e2a2c4af 注意这里的—— :6443--\ --discovery-token-ca-cert-hashsha256:c8c4d08806ec22851c0eaa4e41962576b19d372e92f638a88e89f166e2a2c4af 信息我们保存下来,稍后会在node节点使用到,我们根据提示执行: mkdir-p$HOME/.kube sudocp-i/etc/kubernetes/$HOME/.kube/config sudochown$(id-u):$(id-g)$HOME/.kube/config Kubernetes集群默认需要加密方式访问。所以,这几条命令,就是将刚刚部署生成的Kubernetes集群的安全配置文件,保存到当前用户的.kube目录下,kubectl默认会使用这个目录下的授权信息访问Kubernetes集群。 然后添加网络插件,否则CoreDNS、kube-controller-manager等依赖于网络的Pod都处于Ping状态,会调度失败。如下所示: kubectlgetpods--all-namespaces NAMESPACENAMEREADYSTATUSRESTARTSAGE kube-systemcoredns-5c98db65d4-5jntb1/1Running026m kube-systemcoredns-5c98db65d4-db2xj1/1Running026m /1Running025m /1Running025m /1Running025m kube-systemkube-flannel-ds-amd64-9tscr1/1Running016m kube-systemkube-flannel-ds-amd64-pc4kp1/1Running024m kube-systemkube-flannel-ds-amd64-tts291/1Running017m kube-systemkube-proxy-64f8t1/1Running016m kube-systemkube-proxy-6qwv61/1Running026m kube-systemkube-proxy-js7bb1/1Running017m /1Running025m Node节点配置 接下来我们分别配置2台node节点,以下配置分别在2台node上执行。 1.添加kubernetes源 catEOF/etc// [kubernetes] name=Kubernetes baseurl= enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey= EOF 2.执行 yuminstall-ykubeletkubeadmkubectl--disableexcludes=kubernetes systemctlenablekubeletsystemctlstartkubelet 3.安装node节点所需的组件,由于node节点不需要api-server和controller-manager、scheduler、etcd,我们只需要安装kube-proxy、pause、coredns即可。 images=( kube-proxy: pause:3.1 coredns:1.3.1 ) forimageNamein${images[@]};do /google_containers/$imageName /google_containers/$/$imageName /google_containers/$imageName done 然后执行master节点我们执行kubeadminit后得到join信息将node节点加入到集群: :6443--:00eb62a2a6020f94132e3fe1ab721349bbcd3e9b94da9654cfe15f2985ebd711 然后在master执行如下命令查看nodes信息: /config apiVersion:v1 clusters: -cluster: certificate-authority-data:LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNU1EZ3hOVEF5TWpneU1sb1hEVEk1TURneE1qQXlNamd5TWxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXpMClQycDJWamsyOVB4elBjSk5wSHM1QWxsUVIxNy8zMWRUNXJSTytVSkVFVzI2UC9xc3ZZSWE3U01pYi9IamNON1gKM1JwelMrVzNqVXVQd29MMlRuUkREYkNsSldLdHJ2S1lud2hKTXVYdU5ZWVAzbFNrSFpJQ3hSVkFBaDB5Mzh1bwpjaW9CRGMyQTkzQldqQzBWc2QrdC9EbFJwL0RESGk0dzR1bjVRbVFlbnBhZk14TzJIazVQa2g2Sm9DaWZOamN3CkhadGxMNnZwZi9FMDJiQXh1eGkrV1IwQUxxMG44Z1p5M3huRk5lWHczM2wwOCtiVVJPVDFKbnFKaGh1bEJPdTcKSUI5VWZEeXc0VzhsbEZYRWRrdHhWL214ZWxQbFl6cXduTGN4eFVqUE80cmNBak5YZnFuY1M1UmFvNCt5TnV1NwpKbGR1RytXamRwaGZuRUVHQ2kwQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFEdVl1ZTVDU3VkN1BZTzh1Zlh2a0k3Sk1VVzMKdnZjTDVDd3N5MXgwYWxxSUlxSXR4YS90UDRpbXhaQVJoTU1mVE85S3plcGpYd2VVelNTS1JoUWY4S2ZPUTJOeQpFaUJKMHp5VmprcmdUblFlT0xPQWE1TEFyNThBd1ZGWis1aFFNZk9SWENmZ004MVBNVC82NVovQUxQeXozWndICklTd0Noa3JTK2ZhUUhqWGh1M1ZoQ283VlNuU0E0dFF4eGx1Z3RiQWU3Nm1sSXJ0b3o2czd1aEFuN09FbWdYNUIKNjBIN1VGL2VsNzRwVVZjVGszN2haRTRRMWxzNXpDMUlCck04YmFEODQyWTA1SE1zRE5TZnhlR3Iyb0RQWWt6SwprQk9OMkZoOGptODlldXFic3NGckMxZ1BNSE5FaXc4RUltM056bkw1NmJ2MGtYViszQThZTWtKYUU4ST0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= server: name:kubernetes …… 当Client使用该config文件启动kubelet后,他将访问Master节点的6443端口获得数据(Master6443端口是处于LISTEN状态的),而非localhost:8080端口(因为Node节点无法找到该config文件)。 我们也可以把Client客户端放在其他主机中,甚至Node节点。只要将该config文件按照系统提示方式添加到Client客户端中即可。我们使用scp命令将文件发送至目标主机: /node1:/root /node2:/root 即可。 【】