自己手工安装了k8s花费了不少时间,后来发现在kuboard.cn上有安装手册,今天测试一下
环境:
host主机:ubuntu 18.04, 192.168.10.8,虚拟网络 192.168.122.1
kvm虚拟机三台,centos7.8, 192.168.122.10: master,kvm名字 centos7v1
kvm虚拟机三台,centos7.8 ,192.168.122.51: work1,kvm名字 centos7v2
kvm虚拟机三台,centos7.8 ,192.168.122.52: work2,,kvm名字 centos7v3
步骤:准备master的环境并检查
master目前能够上网,已经配置好了。但还没有安装net-tools.否则网络工具不能使用
$ yum install net-tools -y
----- 省略 ----
net-tools-2.0-0.25.20131004git.el7.x86_64.rpm | 306 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : net-tools-2.0-0.25.20131004git.el7.x86_64 1/1
验证中 : net-tools-2.0-0.25.20131004git.el7.x86_64 1/1
已安装:
net-tools.x86_64 0:2.0-0.25.20131004git.el7
完毕!
使用命令看该机器的IP地址,马上需要使用.
[root@localhost ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.122.10 netmask 255.255.255.0 broadcast 192.168.122.255
inet6 fe80::5054:ff:feb8:ad60 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:b8:ad:60 txqueuelen 1000 (Ethernet)
RX packets 4337 bytes 5325748 (5.0 MiB)
RX errors 0 dropped 18 overruns 0 frame 0
TX packets 1772 bytes 127104 (124.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ip地址为192.168.122.10,将来作为master的地址使用.
设置机器的名称为k8s-master,将来为了识别比较方便,同时,在/etc/hosts文件尾部添加 127.0.0.1 k8s-master .
[root@localhost ~]# hostnamectl set-hostname k8s-master
使用lscpu命令看看cpu个数是不是大于2,如果小于2的话,使用virsh edit centos8v1 修改cpu的个数,重启虚拟机。
[root@localhost ~]# lscpu
lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 2
On-line CPU(s) list: 0,1
Thread(s) per core: 1
Core(s) per socket: 1
座: 2
NUMA 节点: 1
厂商 ID: GenuineIntel
CPU 系列: 6
型号: 42
型号名称: Intel Xeon E312xx (Sandy Bridge, IBRS update)
步进: 1
CPU MHz: 1396.827
BogoMIPS: 2793.65
超管理器厂商: KVM
虚拟化类型: 完全
L1d 缓存: 32K
L1i 缓存: 32K
L2 缓存: 4096K
L3 缓存: 16384K
NUMA 节点0 CPU: 0,1
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx rdtscp lm constant_tsc rep_good nopl xtopology eagerfpu pni pclmulqdq ssse3 cx16 sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx hypervisor lahf_lm ibrs ibpb xsaveopt arat spec_ctrl
步骤:安装docker及kubelet
设置环境变量,并利用kuboard安装脚本进行安装
[root@localhost ~]# export REGISTRY_MIRROR=https://registry.cn-hangzhou.aliyuncs.com
[root@localhost ~]# curl -sSL https://kuboard.cn/install-script/v1.19.x/install_kubelet.sh | sh -s 1.19.2
已加载插件:fastestmirror
参数 docker 没有匹配
参数 docker-client 没有匹配
参数 docker-client-latest 没有匹配
参数 docker-ce-cli 没有匹配
参数 docker-common 没有匹配
参数 docker-latest 没有匹配
参数 docker-latest-logrotate 没有匹配
参数 docker-logrotate 没有匹配
参数 docker-selinux 没有匹配
参数 docker-engine-selinux 没有匹配
参数 docker-engine 没有匹配
不删除任何软件包
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
软件包 device-mapper-persistent-data-0.8.5-2.el7.x86_64 已安装并且是最新版本
软件包 7:lvm2-2.02.186-7.el7_8.2.x86_64 已安装并且是最新版本
正在解决依赖关系
--> 正在检查事务
---> 软件包 yum-utils.noarch.0.1.1.31-54.el7_8 将被 安装
--> 正在处理依赖关系 python-kitchen,它被软件包 yum-utils-1.1.31-54.el7_8.noarch 需要
--> 正在处理依赖关系 libxml2-python,它被软件包 yum-utils-1.1.31-54.el7_8.noarch 需要
--> 正在检查事务
---> 软件包 libxml2-python.x86_64.0.2.9.1-6.el7.4 将被 安装
---> 软件包 python-kitchen.noarch.0.1.1.1-5.el7 将被 安装
--> 正在处理依赖关系 python-chardet,它被软件包 python-kitchen-1.1.1-5.el7.noarch 需要
--> 正在检查事务
---> 软件包 python-chardet.noarch.0.2.2.1-3.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
================================================================================
Package 架构 版本 源 大小
================================================================================
正在安装:
yum-utils noarch 1.1.31-54.el7_8 updates 122 k
为依赖而安装:
libxml2-python x86_64 2.9.1-6.el7.4 base 247 k
python-chardet noarch 2.2.1-3.el7 base 227 k
python-kitchen noarch 1.1.1-5.el7 base 267 k
事务概要
================================================================================
安装 1 软件包 (+3 依赖软件包)
总下载量:862 k
安装大小:4.3 M
Downloading packages:
(1/4): libxml2-python-2.9.1-6.el7.4.x86_64.rpm | 247 kB 00:00
===================省略=======================================================
作为依赖被安装:
conntrack-tools.x86_64 0:1.4.4-7.el7
cri-tools.x86_64 0:1.13.0-0
kubernetes-cni.x86_64 0:0.8.7-0
libnetfilter_cthelper.x86_64 0:1.0.0-11.el7
libnetfilter_cttimeout.x86_64 0:1.0.0-7.el7
libnetfilter_queue.x86_64 0:1.0.2-2.el7_2
socat.x86_64 0:1.7.3.2-2.el7
完毕!
[ 1979.111957] ip_tables: (C) 2000-2006 Netfilter Core Team
[ 1979.151006] nf_conntrack version 0.5.0 (16384 buckets, 65536 max)
[ 1979.333307] ctnetlink v0.93: registering with nfnetlink.
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
Client: Docker Engine - Community
Version: 19.03.11
API version: 1.40
Go version: go1.13.10
Git commit: 42e35e61f3
Built: Mon Jun 1 09:13:48 2020
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.11
API version: 1.40 (minimum version 1.12)
Go version: go1.13.10
Git commit: 42e35e61f3
Built: Mon Jun 1 09:12:26 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.2.13
GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc:
Version: 1.0.0-rc10
GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd
docker-init:
Version: 0.18.0
GitCommit: fec3683
[root@localhost ~]#
步骤:初始化master节点
关于初始化时用到的环境变量
- APISERVER_NAME 不能是 master 的 hostname
- APISERVER_NAME 必须全为小写字母、数字、小数点,不能包含减号
- POD_SUBNET 所使用的网段不能与 master节点/worker节点 所在的网段重叠。该字段的取值为一个 CIDR 值,如果您对 CIDR 这个概念还不熟悉,请仍然执行 export POD_SUBNET=10.100.0.1/16 命令,不做修改
[root@localhost ~]# export MASTER_IP=192.168.122.10
[root@localhost ~]# export APISERVER_NAME=apiserver.demo
[root@localhost ~]# export POD_SUBNET=10.100.0.1/16
[root@localhost ~]# echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 k8s-master
192.168.122.10 apiserver.demo
确认hosts文件修改正确,然后利用kuboard脚本直接执行,可能需要几分钟的时间。
[root@localhost ~]# curl -sSL https://kuboard.cn/install-script/v1.19.x/init_master.sh | sh -s 1.19.2
W0922 11:51:37.529458 10616 configset.go:348] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
[init] Using Kubernetes version: v1.19.2
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
==================省略 ====================================================================
clusterrole.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrole.rbac.authorization.k8s.io/calico-node created
clusterrolebinding.rbac.authorization.k8s.io/calico-node created
daemonset.apps/calico-node created
serviceaccount/calico-node created
deployment.apps/calico-kube-controllers created
serviceaccount/calico-kube-controllers created
[root@localhost ~]#
至此,master 初始化完成。测试master节点是否成功
# watch kubectl get node
Every 2.0s: kubectl get node Tue Sep 22 11:56:05 2020
NAME STATUS ROLES AGE VERSION
k8s-master NotReady master 2m29s v1.19.2
#最后如下
Every 2.0s: kubectl get node Tue Sep 22 11:59:10 2020
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 5m34s v1.19.2
安装和初始化完毕
步骤:初始化工作节点
在工作节点上,安装步骤和master节点一样,只是初始化过程不一样。work节点.
首先,在master节点上获取 token以便加入master
[root@k8s-master ~]# kubeadm token create --print-join-command
W0922 14:17:40.774697 24193 configset.go:348] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
kubeadm join apiserver.demo:6443 --token v5e4ul.yj7bukqa10lmimv9 --discovery-token-ca-cert-hash sha256:2d4f2273fe696436cfbb883d19d73c8f644ed161676f06548d7952f038aa5f
在安装好的work机器上,执行如下命令,其中token, --discovery-token-ca-cert-hash等全部需要。
[root@k8s-work2 ~]# kubeadm join apiserver.demo:6443 --token v5e4ul.yj7bukqa10lmimv9 --discovery-token-ca-cert-hash sha256:2d4f2273fe696436cfbb883d19d73c8f644ed161676f06548d7952f038aa5f0d
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
到master节点查询. ALL IS DONE
[root@k8s-master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 156m v1.19.2
k8s-work1 Ready <none> 47m v1.19.2
k8s-work2 Ready <none> 2m52s v1.19.2
[root@k8s-master ~]#