Kubernetes实战1-K8S集群搭建(基于Kubeadm)

|10719字|658阅读

0.准备

0.1 学习K8S基础知识

0.2 注册vultr.com账号

链接

0.3服务器IP配置一台Master主节点,两个Node子节点

  • 三台服务器(Ubuntu 18.04.2 64位LTS,运行内存≥2GB,Master节点核数≥2)
1
2
3
4
5

| 节点名       | 内部IP      | 公网IP         | 节点登录名        |
| -------------| ----------- | -------------- |------------------ |
| acanx-master | 172.30.0.2  | 94.191.21.224  | ubuntu-v-master   |
|  acanx-node1 | 172.30.0.12 | 94.191.43.220  |  ubuntu-v-node1   |
| acanx-node2  | 172.30.0.22 | 94.191.43.120  | ubuntu-v-node2    |

0.4Ubuntu添加163云镜像

  • 更换apt源为163
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

$ vi /etc/apt/sources.list
deb http://mirrors.163.com/ubuntu/ xenial main
deb-src http://mirrors.163.com/ubuntu/ xenial main

deb http://mirrors.163.com/ubuntu/ xenial-updates main
deb-src http://mirrors.163.com/ubuntu/ xenial-updates main

deb http://mirrors.163.com/ubuntu/ xenial universe
deb-src http://mirrors.163.com/ubuntu/ xenial universe
deb http://mirrors.163.com/ubuntu/ xenial-updates universe
deb-src http://mirrors.163.com/ubuntu/ xenial-updates universe

deb http://mirrors.163.com/ubuntu/ xenial-security main
deb-src http://mirrors.163.com/ubuntu/ xenial-security main
deb http://mirrors.163.com/ubuntu/ xenial-security universe
deb-src http://mirrors.163.com/ubuntu/ xenial-security universe

0.5安装加速(可选)

1
2

$ sudo -i
# wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh && chmod +x bbr.sh && ./bbr.sh

在每台机器上关闭防火墙,清理防火墙规则和设置默认转发策略:

1
2
3
4

systemctl stop firewalld
systemctl disable firewalld
iptables -F && iptables -X && iptables -F -t nat && iptables -X -t nat
iptables -P FORWARD ACCEPT

关闭swap

kubernetes要求必须关闭swap。 这次装机遗憾的地方就是忘记把swap给关掉了。不接受“为啥要关swap啊”的讨论。 其实我在公司的台式机是开着的,因为狗日的内存只有8GB,我用的又是deepin,非常耗内存,但服务器上,别开swap,宁死不要swap,用户可没我这么好脾气。

1

swapoff -a

同时把/etc/fstab包含swap那行记录删掉。

1.开始安装

1.1安装Docker

  • 运行命令:
1

curl -fsSL https://get.docker.com | bash -s docker

1.2配置docker 国内镜像

创建(或修改)/etc/docker/daemon.json。官方中国镜像速度还行。

1

vi /etc/docker/daemon.json
  • 插入如下内容
1
2
3

{
    "registry-mirrors": ["https://registry.docker-cn.com"]
}

1.3安装k8s三个基本程序:

  • kubeadm: the command to bootstrap the cluster.

  • kubelet: the component that runs on all of the machines in your cluster and does things like starting pods and containers.

  • kubectl:the command line util to talk to your cluster.

  • 安装kubeadm、kubelet、kubectl的命令脚本

1
2
3
4
5
6
7
8
9

// 原版脚本
apt-get update && apt-get install -y apt-transport-https curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl
  • 新版脚本 install.sh 脚本 需要增加kubernetes aliyun镜像源,替换google cloud的默认源
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

#!/bin/bash
apt-get update && apt-get install -y apt-transport-https curl
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add - 
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
# Install docker if you don't have it already.
apt-get install -y docker.io
apt-get install -y kubelet kubeadm kubectl kubernetes-cni
apt-mark hold kubelet kubeadm kubectl

-----------------------------------------------------------------
chmod +x install.sh
sudo ./install.sh

1.4重启docker服务

1
2
3
4
5
6
7
8

systemctl unmask docker.service
systemctl unmask docker.socket
systemctl start docker.service

apt-get update && apt-get install apt-transport-https ca-certificates curl software-properties-common
mkdir -p /etc/systemd/system/docker.service.d
systemctl daemon-reload
systemctl restart docker

1.5准备K8S必要的docker镜像 离线

  • 1.5.1查看需要安装的必要镜像:
1

kubeadm config images list --kubernetes-version v1.14.1
  • 提示如下:
1
2
3
4
5
6
7

k8s.gcr.io/kube-apiserver:v1.14.1
k8s.gcr.io/kube-controller-manager:v1.14.1
k8s.gcr.io/kube-scheduler:v1.14.1
k8s.gcr.io/kube-proxy:v1.14.1
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.10
k8s.gcr.io/coredns:1.3.1
  • 1.5.2启动docker
1

systemctl restart docker
  • 1.5.3不能翻墙换个方法变通处理一下
1
2
3
4
5
6
7

docker pull mirrorgooglecontainers/kube-apiserver:v1.14.1
docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.1
docker pull mirrorgooglecontainers/kube-scheduler:v1.14.1
docker pull mirrorgooglecontainers/kube-proxy:v1.14.1
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker pull coredns/coredns:1.3.1
  • 1.5.4在重新给下载的打个tag
1
2
3
4
5
6
7

docker tag docker.io/mirrorgooglecontainers/kube-apiserver:v1.14.1 k8s.gcr.io/kube-apiserver:v1.14.1
docker tag docker.io/mirrorgooglecontainers/kube-controller-manager:v1.14.1 k8s.gcr.io/kube-controller-manager:v1.14.1
docker tag docker.io/mirrorgooglecontainers/kube-scheduler:v1.14.1 k8s.gcr.io/kube-scheduler:v1.14.1
docker tag docker.io/mirrorgooglecontainers/kube-proxy:v1.14.1 k8s.gcr.io/kube-proxy:v1.14.1
docker tag docker.io/mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag docker.io/mirrorgooglecontainers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10
docker tag docker.io/coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1

2.初始化Master主机

  • node主机不必执行下面的步骤,直接使用后面如下的命令
1

kubeadm join 178.128.214.74:6443

2.1Master节点主机安装

  • 5大基本组件由kubeadm帮我们自动安装
1

kubeadm init --kubernetes-version v1.14.1 --apiserver-advertise-address 0.0.0.0 --pod-network-cidr=172.30.0.0/24

  • --pod-network-cidr : flannel网络要求设置

  • Kubeadm初始化完成后,根据下面提示操作

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

# 安装flannel:
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml
下面这个存在问题,不要用(被坑了好久)
~~kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-legacy.yml~~
# 安装Dashboard:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml

Then you can join any number of worker nodes by running the following on each as root:
# 子节点加入master节点的命令:
kubeadm join 172.30.0.2:6443 --token fwu0at.stz02oag8qdr7bte --discovery-token-ca-cert-hash sha256:44a090e032f3623c84a21df5ef963fd83d8932ed92f5c3fb307e9b77890121ee
  • root用户还需运行命令
1

export KUBECONFIG=/etc/kubernetes/admin.conf

运行kubectl命令查看是否安装成功

1

kubectl get pod --all-namespaces


1

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml

3.将节点node加入到集群

3.1准备工作

  • 在节点上安装docker
  • 安装kubeadm、kubelet、kubectl

3.2将节点node1加入集群操作

  • node1位于美国纽约 在node1上运行命令:
1

kubeadm join 178.128.214.74:6443 --token 3agf5r.okfloxs1qz0kjpyd --discovery-token-ca-cert-hash sha256:e34ef064bd33fcf951a7c6a7b934f18334a169db300dba1e71d06e42d3db1c8a

3.3将节点node2加入到集群

  • node2位于美国旧金山 在node2上运行命令:
1

kubeadm join 178.128.214.74:6443 --token 3agf5r.okfloxs1qz0kjpyd --discovery-token-ca-cert-hash sha256:e34ef064bd33fcf951a7c6a7b934f18334a169db300dba1e71d06e42d3db1c8a
  • 检验两个节点是否已经加入到k8s集群 运行kubectl get nodes命令,获得k8s集群中存在的节点,输出如下:
1
2
3
4

NAME              STATUS     ROLES     AGE       VERSION
ubuntu-s-master   Ready      master    34m       v1.11.2
ubuntu-s-node1    NotReady   <none>    10s       v1.11.2
ubuntu-s-node2    Ready      <none>    5m        v1.11.2

4.在k8s集群中运行httpd服务

4.1 部署httpd程序

运行下面命令简单地部署httpd程序

1
2
3

kubectl run httpd-app --image=httpd --replicas=2
# 或者
kubectl run nginx-deploy –image=nginx –port=80 –replicas=1

4.2查看部署结果:

1
2
3

root@ubuntu-s-master:~# kubectl get deployment
NAME        DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
httpd-app   2         2         2            2           1m
  • 查看httpd在集群内的ip地址
1
2
3
4

root@ubuntu-s-master:~# kubectl get pod -o wide
NAME                         READY     STATUS    RESTARTS   AGE       IP           NODE             NOMINATED NODE
httpd-app-7bdd9f8ff4-hhszt   1/1       Running   0          6m        10.244.2.2   ubuntu-s-node1   <none>
httpd-app-7bdd9f8ff4-qp7wl   1/1       Running   0          6m        10.244.1.4   ubuntu-s-node2   <none>
  • 在master主机上用命令curl 10.244.2.2访问httpd服务,输出如下
1
2
3
4

<html><body>

# It works!
</body></html>
  • 现在我们虽然已经成功在k8s集群中部署了一个httpd服务,但仅是上面的配置的话,外网是无法访问我们的服务的(仅能在三台云主机上访问)。 所以我们要在master主机执行下面的命令,让我们的httpd服务可以被外网访问
1
2
3

kubectl expose deployment httpd-app --type=NodePort --name=httpd-service --port=8080 --target-port=80
# 或者
kubectl expose deployment nginx-deploy –name=nginx –port=80 –target-port=80 –type=NodePort

  • 然后我们用浏览器访问两台node云主机中任意一台的8080端口,如下

  • image.png

总结

  • 搭建总结(略)

附录

Docker-HelloWorld

  • Docker安装以及运行第一个HelloWorld https://blog.csdn.net/qq_26624661/article/details/79565735
1
2
3

service docker start
docker pull hello-world
docker run hello-world

node 节点加入集群命令

1

kubeadm join 172.30.0.2:6443 --token 7zvfq3.86f9bt645majzirc --discovery-token-ca-cert-hash sha256:abf3406c2d4c5a4e98cceae257cdfd6cd35af422453af27952b529ff798b15be

参考:
|10719字|658阅读
分类: Kubernetes
标签: 博客 SpringBoot SpringCloud 高考 Kubernetes
         
返回顶部