1、修改主机和host解析,关闭selinux192.168.20.11 k8s-master192.168.20.12 k8s-node-1192.168.20.13 k8s-node-2
2、所有节点安装docker-1.12.6-68上传安装包。yum localinstall docker-common-1.12.6-68.gitec8512b.el7.centos.x86_64.rpm -yyum localinstall docker-client-1.12.6-68.gitec8512b.el7.centos.x86_64.rpm -yyum localinstall docker-1.12.6-68.gitec8512b.el7.centos.x86_64.rpm -y链接:https://pan.baidu.com/s/1nUCPUc4yOzumJeTtriIdkQ提取码:o05o
3、master节点安装etcdyum install etcd -y修改配置文件vim /etc/etcd/etcd.confETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"ETCD_ADVERTISE_CLIENT_URLS="http://192.168.20.11:2379"加入开机自启动systemctl start etcd.servicesystemctl enable etcd.service
4、测试:etcdctl set test/test-key 0etcdctl get test/test-key检查集群状态etcdctl -C http://192.168.20.11:2379 cluster-health
5、master节点安装kubernetesyum install kubernetes-master.x86_64 -y修改apiser即枢潋雳ver配置文件vim /etc/kubernetes/apiserver KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"KUBE_API_PORT="--port=8080"KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.20.11:2379"# node节点监听的端口KUBELET_PORT="--kubelet-port=10250"KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny ,ResourceQuota"修改配置文件vim /etc/kubernetes/config#apiserver运行在哪,谁就是KUBE_MASTERKUBE_MASTER="--master=http://192.168.20.11:8080"systemctl enable kube-apiserver.servicesystemctl start kube-apiserver.servicesystemctl enable kube-controller-manager.servicesystemctl start kube-controller-manager.servicesystemctl enable kube-scheduler.service其中个组建的功能:api-server:接收并相应用户的请求controller:控制器的概念,保证docker容器存活schedule:调度器,选择启动容器的node节点
6、两台node节点安装kubernetesyum install kubernetes-node.x86_64 -y修改配置文件即枢潋雳vim /etc/kubernetes/configKUBE_MASTER="--master=http://192.168.20.11:8080"vim /etc/kubernetes/kubeletKUBELET_ADDRESS="--address=0.0.0.0"KUBELET_PORT="--port=10250"# node节点主机名或IP地址KUBELET_HOSTNAME="--hostname-override=192.168.20.12"KUBELET_API_SERVER="--api-servers=http://192.168.20.11:8080"systemctl enable kubelet.servicesystemctl restart kubelet.servicesystemctl enable kube-proxy.servicesystemctl restart kube-proxy.service其中个组建的功能:kubelet:调用docker管理容器的生命周期kube-proxy:提供容器的网络
7、检查能否出结果:[root@k8s-master tools]# kubectl get nodes
8、所有节点配置flannel网络yum install flannel -yvim /etc/sysconfig/flanneld也可以使用命令替换:sed -i 's#http://127.0.0.1:2379#http://192.168.20.11:2379#g' /etc/sysconfig/flanneldmaster上操作,创建网络和子网,以及类型etcdctl mk /atomic.io/network/config '{ "Network": "10.2.0.0/16", "SubnetLen": 24, "Backend": { "Type": "vxlan" }}'其中/atomic.io/network为指定 etcd 存放 flannel 网络配置信息的 key
9、配置开机启动和重启k8smaster节点:systemctl enable flanneld.servicesystemctl start flanneld.serviceservice docker restartsystemctl restart kube-apiserver.servicesystemctl restart kube-controller-manager.servicesystemctl restart kube-scheduler.servicenode节点:systemctl enable flanneld.servicesystemctl start flanneld.serviceservice docker restartsystemctl restart kubelet.servicesystemctl restart kube-proxy.service
10、flanneld 启动后,宿主机网络会发生一些变化使用ip add命令查看宿主机网络
11、每个节点启动busybox测试连通性(注意在docker 上配置加速)[root@k8s-master tools]# docker run -it busybox /bin/bash[root@k8s-node-1 ~]# docker run -it busybox /bin/bash[root@k8s-node-2 ~]# docker run -it busybox /bin/sh在master上ping其他的节点
12、配置master为镜像仓库docker run -d -p 5000:5000 --restart=锾攒揉敫always --name registry -v /opt/myregistry:/var/lib/registry registry修改连接访问仓库不使用HTTPSmaster:vim /etc/sysconfig/dockerOPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --insecure-registry=192.168.20.11:5000'systemctl restart dockernode节点vim /etc/sysconfig/dockerOPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --insecure-registry=192.168.20.11:5000'systemctl restart docker
13、安装k8s完毕