https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/

环境

阿里云ECS 2 vCPU 4 GiB 1Mbps
CentOS 7.6 64位

基本安装

Docker环境构建

  • Install required packages
  • set up the stable repository
  • Install the latest version of Docker CE and containerd
    1. yum install -y yum-utils device-mapper-persistent-data lvm2
    2. yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
    3. yum install docker-ce docker-ce-cli containerd.io
    添加yum源
    1. vim /etc/yum.repos.d/k8s.repo
    2. [k8s]
    3. name=Kubernetes
    4. baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
    5. enabled=1
    6. gpgcheck=0
    7. repo_gpgcheck=0
    8. gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
    安装k8s命令
    1. yum install -y kubelet kubeadm kubectl
    查看镜像Run kubeadm config images pull to verify connectivity to gcr.io registries.
    1. kubeadm config images list
    2. I0417 20:41:45.988681   31985 version.go:96] could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable-1.txt": Get https://dl.k8s.io/release/stable-1.txt: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
    3. I0417 20:41:45.988786   31985 version.go:97] falling back to the local client version: v1.14.1
    4. k8s.gcr.io/kube-apiserver:v1.14.1
    5. k8s.gcr.io/kube-controller-manager:v1.14.1
    6. k8s.gcr.io/kube-scheduler:v1.14.1
    7. k8s.gcr.io/kube-proxy:v1.14.1
    8. k8s.gcr.io/pause:3.1
    9. k8s.gcr.io/etcd:3.3.10
    10. k8s.gcr.io/coredns:1.3.1
    修改docker启动脚本(/lib/systemd/system/docker.service),找到ExecStart=xxx,在这行加入拉取镜像的站点
    1. https://7bezldxe.mirror.aliyuncs.com/
    配置如下
    1. ExecStart=/usr/bin/dockerd --registry-mirror=https://7bezldxe.mirror.aliyuncs.com/ -H fd:// --containerd=/run/containerd/containerd.sock
    拉取镜像,google 镜像并不在docker库中,由于国外镜像无法拉取,需要找国内代替镜像,在阿里云的镜像站点上没有新的v1.14.1版本,使用v1.13.3代替,但由于初始化时k8s会找最新的镜像,所以pull到本地后,需要重新对镜像打标签,以便在初始化时骗过kubeadm ``` cat k8simage kube-apiserver:v1.13.3 kube-controller-manager:v1.13.3 kube-scheduler:v1.13.3 kube-proxy:v1.13.3 k8s.gcr.io/pause:3.1 k8s.gcr.io/etcd:3.3.10 k8s.gcr.io/coredns:1.3.1

for i in cat k8simage; do docker pull registry.aliyuncs.com/google_containers/$i docker tag registry.aliyuncs.com/google_containers/$i k8s.gcr.io/$i docker rmi registry.aliyuncs.com/google_containers/$i done;

docker tag k8s.gcr.io/kube-apiserver:v1.13.3 k8s.gcr.io/kube-apiserver:v1.14.1 docker tag k8s.gcr.io/kube-controller-manager:v1.13.3 k8s.gcr.io/kube-controller-manager:v1.14.1 docker tag k8s.gcr.io/kube-scheduler:v1.13.3 k8s.gcr.io/kube-scheduler:v1.14.1 docker tag k8s.gcr.io/kube-proxy:v1.13.3 k8s.gcr.io/kube-proxy:v1.14.1

  1. 设置开机自启,并启动服务

systemctl enable kubelet && systemctl start kubelet

关闭防火墙

$ vim /etc/sysctl.conf // 添加如下内容 net.bridge.bridge-nf-call-iptables = 1

<a name="da8d9c8a"></a>
#### k8s集群初始化

kubeadm init …………………….. Your Kubernetes master has initialized successfully!

<a name="17aa86d8"></a>
#### 安装完成后的配置
kubectl 是 kubernetes 集群的命令行管理工具,kubectl 默认从 ~/.kube/config 文件读取 kube-apiserver 地址、证书、用户名等信息。

mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config // master 参与工作(单机模式必备) kubectl taint nodes —all node-role.kubernetes.io/master-

如果没有配置,执行 kubectl 命令时会出错
> The connection to the server localhost:8080 was refused - did you specify the right host or port?

查看k8s集群情况(只有system pod)

kubectl get pods —all-namespaces

查看master节点情况

kubectl get nodes NAME STATUS ROLES AGE VERSION iz1imm3eq6aj5vz NotReady master 19h v1.14.1

安装网络插件,节点status可由NotReady变为Ready<br />网络策略有多种选择<br />[https://kubernetes.io/docs/concepts/cluster-administration/addons/](https://kubernetes.io/docs/concepts/cluster-administration/addons/)<br />[https://www.weave.works/docs/net/latest/kubernetes/kube-addon/](https://www.weave.works/docs/net/latest/kubernetes/kube-addon/)<br />本次使用Weave Net,可以通过以下命令安装到启用CNI的Kubernetes集群上。

kubectl apply -f “https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d ‘\n’)”

 几秒钟后,Weave Net pod会在每个节点上运行,创建的任何其他pod将自动连接到Weave网络。
<a name="ccba8dcc"></a>
#### 配置tomcat RC
拉取镜像

// 查看所需要镜像 docker search tomcat // 下载tag为tomcat的images(默认版本为lasted) docker pull tomcat

cat tomcat-demo-rc.yaml apiVersion: v1 kind: ReplicationController metadata: name: tomcat-demo ##rc名称 spec:
replicas: 1 ##pod实例个数为1 selector: app: tomcat-demo
template: ##当运行实例个数小于replicas时候,rc会根据spec:template: 自动生成对应个数pod metadata: labels: app: tomcat-demo spec:
containers:

  - name: tomcat-demo   
    image: tomcat     ##docker镜像
    ports:   
    - containerPort: 8080

运行

kubectl create -f tomcat-demo-rc.yaml

<a name="3bc8cf06"></a>
#### 配置tomcat service

cat tomcat-demo-svc.yaml apiVersion: v1 kind: Service metadata: name: tomcat-demo ##服务名 spec: type: NodePort ports:

  • port: 8080 nodePort: 30001 ##映射端口8080:30001 selector: app: tomcat-demo
    运行
    kubectl create -f tomcat-demo-svc.yaml ``` 访问
    image.png
    [总结]