1. [root@localhost ~]# uname -a
  2. Linux localhost.localdomain 3.10.0-514.6.1.el7.x86_64 #1 SMP Wed Jan 18 13:06:36 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
  3. [root@localhost ~]# cat /etc/redhat-release 
  4. CentOS Linux release 7.3.1611 (Core)
  1. [网络环境]
  3. Master => hostnamectl --static set-hostname  k8s-master
  5. NODE1  => hostnamectl --static set-hostname  k8s-node-1
  7. //
  8. echo '10.0.0.107 k8s-master
  9. 10.0.0.107 etcd
  10. 10.0.0.107 registry
  11. 10.0.0.101 k8s-node-1' >> /etc/hosts
  13. // 关闭防火墙
  14. systemctl disable firewalld.service && systemctl stop firewalld.service
节点及功能 主机名 IP
Master、etcd、registry K8s-master 10.0.0.107
Node1 K8s-node-1 10.0.0.106
Node2 K8s-node-2 10.0.0.108

安装

  1. [etcd]
  3.     yum install etcd -y
  5. [docker]
  7.     yum install docker -y
  9. [kubernets]
  11.     yum install kubernetes -y
  13.   # kube-apiserver, kube-controller-manager, kube-scheduler
  14.   # kubelet, kube-proxy

Master 配置

[etcd]

  1. [vim /etc/etcd/etcd.conf]
  3. ETCD_NAME=master
  5. ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379,http://0.0.0.0:4001"
  7. ETCD_ADVERTISE_CLIENT_URLS="http://etcd:2379,http://etcd:4001"
  9. [启动]
  11. # systemctl enable etcd && systemctl start etcd
  13. [检测]
  15. # etcdctl -C http://etcd:4001 cluster-health
  16. member 8e9e05c52164694d is healthy: got healthy result from http://0.0.0.0:2379
  17. cluster is healthy
  19. # etcdctl -C http://etcd:2379 cluster-health
  20. member 8e9e05c52164694d is healthy: got healthy result from http://0.0.0.0:2379
  21. cluster is healthy
  23. #  etcdctl set testdir/testkey0 0
  24. #  etcdctl get testdir/testkey0

[docker]

  1. [vim /etc/sysconfig/docker]
  3. # Modify these options if you want to change the way the docker daemon runs
  4. OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
  5. if [ -z "${DOCKER_CERT_PATH}" ]; then
  6.     DOCKER_CERT_PATH=/etc/docker
  7. fi
  9. OPTIONS='--insecure-registry registry:5000' # 添加
  11. [启动]
  13. chkconfig docker on && service docker start

image.png

[kubernets => API Server & Controller Manager & Scheduler]

  1. [vim /etc/kubernetes/apiserver]
  3. KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
  5. KUBE_API_PORT="--port=8080"
  7. KUBE_ETCD_SERVERS="--etcd-servers=http://etcd:2379"
  9. # 删除 ServiceAccount
  10. KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
  12. [vim /etc/kubernetes/config]
  14. KUBE_MASTER="--master=http://k8s-master:8080"

image.png

image.png

  1. [启动]
  3. systemctl enable kube-apiserver.service && systemctl start kube-apiserver.service
  4. systemctl enable kube-controller-manager.service && systemctl start kube-controller-manager.service
  5. systemctl enable kube-scheduler.service && systemctl start kube-scheduler.service

NODE

[docker]

  1. [vim /etc/sysconfig/docker]
  3. # Modify these options if you want to change the way the docker daemon runs
  4. OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
  5. if [ -z "${DOCKER_CERT_PATH}" ]; then
  6.     DOCKER_CERT_PATH=/etc/docker
  7. fi
  9. OPTIONS='--insecure-registry registry:5000' # 添加
  11. [启动]
  13. chkconfig docker on && service docker start

[kubernets => Kubelet && Kubernets Proxy]

  1. [vim /etc/kubernetes/config]
  3. KUBE_MASTER="--master=http://k8s-master:8080"
  5. [vim /etc/kubernetes/kubelet]
  7. KUBELET_ADDRESS="--address=0.0.0.0"
  9. KUBELET_HOSTNAME="--hostname-override=k8s-node-1"
  11. KUBELET_API_SERVER="--api-servers=http://k8s-master:8080"

image.png

  1. [启动]
  3. systemctl enable kubelet.service && systemctl start kubelet.service
  4. systemctl enable kube-proxy.service && systemctl start kube-proxy.service

查看状态

  1. [root@k8s-master ~]# kubectl -s http://k8s-master:8080 get node
  2. NAME         STATUS    AGE
  3. k8s-node-1   Ready     3m
  4. k8s-node-2   Ready     16s
  6. [root@k8s-master ~]# kubectl get nodes
  7. NAME         STATUS    AGE
  8. k8s-node-1   Ready     3m
  9. k8s-node-2   Ready     43s

创建覆盖网络——Flannel

  1. [安装]
  3.     yum install flannel
  5. [配置 /etc/sysconfig/flanneld]
  7. FLANNEL_ETCD_ENDPOINTS="http://etcd:2379"
  9. [etcd - 配置]
  11.     mk /atomic.io/network/config '{ "Network": "10.0.0.0/24" }
  13. [启动 - master]
  15. systemctl enable flanneld.service && systemctl start flanneld.service 
  16. service docker restart
  17. systemctl restart kube-apiserver.service
  18. systemctl restart kube-controller-manager.service
  19. systemctl restart kube-scheduler.service
  21. [启动 - node]
  23. systemctl enable flanneld.service && systemctl start flanneld.service
  25. service docker restart
  26. systemctl restart kubelet.service
  27. systemctl restart kube-proxy.service