K8S学习笔记

02/06 14:55
阅读数 61

1:配置基础环境

echo "192.168.142.59 k8s-master" >>/etc/hosts
echo "192.168.142.60 k8s-node-1" >>/etc/hosts
echo "192.168.142.61 k8s-node-2" >>/etc/hosts
[root@k8s-node-1 tools]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.142.59 k8s-master
192.168.142.60 k8s-node-1
192.168.142.61 k8s-node-2
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
setenforce 0 
systemctl stop firewalld.service
systemctl disable firewalld.service

2:所在节点安装

yum localinstall docker-common-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm -y
yum localinstall docker-client-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm  -y
yum localinstall docker-1.12.6-71.git3e8e77d.el7.centos.x86_64.rpm -y

3:master节点安装etcd数据库

[root@k8s-master tools]# yum install etcd.x86_64 -y

修改配置文件:

[root@k8s-master tools]# cat -n /etc/etcd/etcd.conf
第6行  6  ETCD_LISTEN_CLIENT_URLS="http://localhost:2379"
第21行 21  ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"
修改:
 6  ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
21  ETCD_ADVERTISE_CLIENT_URLS="http://192.168.142.59:2379"

4:启动服务

[root@k8s-master tools]# systemctl start etcd.service
[root@k8s-master tools]# systemctl enable etcd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/etcd.service to /usr/lib/systemd/s              ystem/etcd.service.
[root@k8s-master tools]# netstat -lntup #####2379端口
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name   
tcp        0      0 127.0.0.1:2380          0.0.0.0:*               LISTEN      4078/etcd          
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1247/sshd          
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1402/master        
tcp6       0      0 :::2379                 :::*                    LISTEN      4078/etcd          
tcp6       0      0 :::22                   :::*                    LISTEN      1247/sshd          
tcp6       0      0 ::1:25                  :::*                    LISTEN      1402/master        

测试存储功能

[root@k8s-master tools]# etcdctl set testdir/testkey0 zhangqy
zhangqy
[root@k8s-master tools]# etcdctl get testdir/testkey0
zhangqy
[root@k8s-master tools]# etcdctl -C http://192.168.142.59:2379 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://192.168.142.59:2379
cluster is healthy

5:master节点安装kubernetes

[root@k8s-master tools]# yum install kubernetes-master.x86_64 -y
修改配置文件:/etc/kubernetes/apiserver
第8行
第11行
第14行
第17行
第23行

8  KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
11  KUBE_API_PORT="--port=8080"
14  KUBELET_PORT="--kubelet-port=10250"
17  KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.142.59:2379"
23  KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

修改配置文件:/etc/kubernetes/config

22  KUBE_MASTER="--master=http://192.168.142.59:8080"
6.启动服务
systemctl enable kube-apiserver.service
systemctl start kube-apiserver.service
systemctl enable kube-controller-manager.service
systemctl start  kube-controller-manager.service
systemctl enable kube-scheduler.service
systemctl start kube-scheduler.service

apiserver 接受并响应用户的请求
controller 控制器的概念,保证容器存活
scheduler 调试器,选择启动容器的node节点

6:node节点安装kubernetes

yum install kubernetes-node.x86_64 -y

配置文件

[root@k8s-node-1 tools]# vim /etc/kubernetes/config

 22  KUBE_MASTER="--master=http://192.168.142.59:8080"
[root@k8s-node-1 tools]# cat -n /etc/kubernetes/kubelet
5  KUBELET_ADDRESS="--address=0.0.0.0"
8  KUBELET_PORT="--port=10250"
11  KUBELET_HOSTNAME="--hostname-override=k8s-node-1"
14  KUBELET_API_SERVER="--api-servers=http://192.168.142.59:8080"
[root@k8s-node-2 tools]# cat -n /etc/kubernetes/kubelet
5  KUBELET_ADDRESS="--address=0.0.0.0"
8  KUBELET_PORT="--port=10250"
11  KUBELET_HOSTNAME="--hostname-override=k8s-node-2"
14  KUBELET_API_SERVER="--api-servers=http://192.168.142.59:8080"

启动服务

systemctl enable kubelet.service
systemctl start kubelet.service
systemctl enable kube-proxy.service
systemctl start  kube-proxy.service

kubelet 调用docker管理容器的生命周期
kube-proxy 提供容器网络访问

7:所有节点配置flannel网络

yum install flannel -y
sed -i 's#http://127.0.0.1:2379#http://192.168.142.59:2379#g' /etc/sysconfig/flanneld

master节点:

etcdctl mk /atomic.io/network/config '{ "Network": "192.168.142.0/24" }' ##etcd 设置网段(这个网段将会分配给 flannel0 网卡)
systemctl enable flanneld.service
systemctl start flanneld.service
service docker restart
systemctl restart kube-apiserver.service
systemctl restart kube-controller-manager.service
systemctl restart kube-scheduler.service

备注:

etcdctl mk /atomic.io/network/config '{"Network":"172.20.0.0/16","SubnetMin":"172.20.1.0","SubnetMax":"172.20.254.0"}'
etcdctl get /atomic.io/network/config
etcdctl rm /atomic.io/network/config 配置错了就删掉

Node节点:

systemctl enable flanneld.service
systemctl start flanneld.service
service docker restart
systemctl restart kubelet.service
systemctl restart kube-proxy.service

测试:跨主机容器之间的通信

docker pull busybox
配置镜像加速器:
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://y2i6ykk8.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

[root@k8s-master ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
docker.io/busybox   latest              b97242f89c8a        2 weeks ago         1.232 MB

全部节点进入容器

docker run -it docker.io/busybox /bin/sh

测试网络:

[root@k8s-node-2 tools]# docker run -it docker.io/busybox /bin/sh
/ # ifconfig -a
eth0      Link encap:Ethernet  HWaddr 02:42:AC:10:18:02
          inet addr:172.16.24.2  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::42:acff:fe10:1802/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1472  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1016 (1016.0 B)  TX bytes:508 (508.0 B)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

/ # ping 172.16.65.2
PING 172.16.65.2 (172.16.65.2): 56 data bytes
64 bytes from 172.16.65.2: seq=0 ttl=60 time=12.595 ms
64 bytes from 172.16.65.2: seq=1 ttl=60 time=0.640 ms
64 bytes from 172.16.65.2: seq=2 ttl=60 time=0.915 ms
64 bytes from 172.16.65.2: seq=3 ttl=60 time=0.671 ms
^C
--- 172.16.65.2 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.640/3.705/12.595 ms
/ # ping 172.16.23.2
PING 172.16.23.2 (172.16.23.2): 56 data bytes
64 bytes from 172.16.23.2: seq=0 ttl=60 time=1.723 ms
64 bytes from 172.16.23.2: seq=1 ttl=60 time=1.191 ms
64 bytes from 172.16.23.2: seq=2 ttl=60 time=1.489 ms
^C
--- 172.16.23.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 1.191/1.467/1.723 ms

8:配置master为镜像仓库

master节点

vim /etc/sysconfig/docker
#OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --registry-mirror=https://registry.docker-cn.com --insecure-registry=192.168.142.59:5000'
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false  --insecure-registry=192.168.142.59:5000' 

==如果配置了镜像加速中间删掉 (--registry-mirror=https://registry.docker-cn.com)==

[root@k8s-master ~]# cat /etc/docker/daemon.json
{
  "registry-mirrors": ["https://y2i6ykk8.mirror.aliyuncs.com"]
}

docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry registry

[root@k8s-master ~]# docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry registry
dfbf5e8bc4f36d51c7928c39c7f2d5448488f221433e8f220668a12e33867b09
[root@k8s-master ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                    NAMES
dfbf5e8bc4f3        registry            "/entrypoint.sh /etc/"   About a minute ago   Up About a minute   0.0.0.0:5000->5000/tcp   registry
[root@k8s-master ~]# docker pull nginx:1.14
[root@k8s-master ~]# docker tag docker.io/nginx:1.14 192.168.142.59:5000/nginx:1.14
[root@k8s-master ~]# docker push 192.168.142.59:5000/nginx:1.14
The push refers to a repository [192.168.142.59:5000/nginx]
82ae01d5004e: Pushed
b8f18c3b860b: Pushed
5dacd731af1b: Pushed
1.14: digest: sha256:706446e9c6667c0880d5da3f39c09a6c7d2114f5a5d6b74a2fafd24ae30d2078 size: 948
展开阅读全文
打赏
0
0 收藏
分享
加载中
更多评论
打赏
0 评论
0 收藏
0
分享
返回顶部
顶部