多master集群

4.安装k8s - 图1

配置master节点

安装keepalived

配置mysql高可用的时候已安装

部署haproxy

可以用nginx代替

配置mysql高可用的时候已安装,这里修改一下配置文件,下面是完整的配置

  1. global
  2.         log 127.0.0.1 local0 ##记日志的功能
  3.         maxconn 4096
  4.         chroot /var/lib/haproxy
  5.         daemon
  7. defaults
  8.         log global
  9.         option dontlognull
  10.         retries 3
  11.         option redispatch
  12.         maxconn 2000
  13.         timeout connect 5000
  14.         timeout client 50000
  15.         timeout server 50000
  17. listen admin_status
  18.         bind :1080 ##VIP
  19.         stats uri /stats ##统计页面
  20.         stats auth admin:admin
  21.         mode http
  22.         option httplog
  24. listen allmycat_service
  25.         bind :8096 ##转发到 mycat 的 8066 端口,即 mycat 的服务端口
  26.         mode tcp
  27.         option tcplog
  28.         option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
  29.         balance roundrobin
  30.         server mycat_61 192.168.1.61:8066 check port 48700 inter 5s rise 2 fall 3
  31.         server mycat_62 192.168.1.62:8066 check port 48700 inter 5s rise 2 fall 3
  32.         timeout server 20000
  34. listen allmycat_admin
  35.         bind :8097 ##转发到 mycat 的 9066 端口,即 mycat 的管理控制台端口
  36.         mode tcp
  37.         option tcplog
  38.         option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
  39.         balance roundrobin
  40.         server mycat_61 192.168.1.61:9066 check port 48700 inter 5s rise 2 fall 3
  41.         server mycat_62 192.168.1.62:9066 check port 48700 inter 5s rise 2 fall 3
  42.         timeout server 20000
  44. frontend kubernetes-apiserver
  45.        mode                 tcp
  46.        bind                 *:16443
  47.        option               tcplog
  48.        default_backend      kubernetes-apiserver
  49. #---------------------------------------------------------------------
  50. # round robin balancing between the various backends
  51. #---------------------------------------------------------------------
  52. backend kubernetes-apiserver
  53.        mode        tcp
  54.        balance     roundrobin
  55.        server      master01.k8s.io   192.168.1.64:6443 check
  56.        server      master02.k8s.io   192.168.1.63:6443 check

两台master都重启haproxy

  1. systemctl restart haproxy

安装kubeadm,kubelet和kubectl

由于版本更新频繁,这里指定版本号部署:

  1. $ yum install -y kubelet-1.16.3 kubeadm-1.16.3 kubectl-1.16.3
  2. $ systemctl enable kubelet

部署Kubernetes Master

创建kubeadm配置文件

在具有vip的master上操作,这里为master1

  1. $ mkdir /usr/local/kubernetes/manifests -p
  3. $ cd /usr/local/kubernetes/manifests/
  5. $ vi kubeadm-config.yaml
  7. apiServer:
  8.   certSANs:
  9.     - master1
  10.     - master2
  11.     - master.k8s.io
  12.     - 192.168.1.64
  13.     - 192.168.1.63
  14.     - 192.168.1.62
  15.     - 127.0.0.1
  16.   extraArgs:
  17.     authorization-mode: Node,RBAC
  18.   timeoutForControlPlane: 4m0s
  19. apiVersion: kubeadm.k8s.io/v1beta1
  20. certificatesDir: /etc/kubernetes/pki
  21. clusterName: kubernetes
  22. controlPlaneEndpoint: "master.k8s.io:16443"
  23. controllerManager: {}
  24. dns: 
  25.   type: CoreDNS
  26. etcd:
  27.   local:    
  28.     dataDir: /var/lib/etcd
  29. imageRepository: registry.aliyuncs.com/google_containers
  30. kind: ClusterConfiguration
  31. kubernetesVersion: v1.16.3
  32. networking: 
  33.   dnsDomain: cluster.local  
  34.   podSubnet: 10.244.0.0/16
  35.   serviceSubnet: 10.1.0.0/16
  36. scheduler: {}

在master1节点执行

  1. kubeadm init --config kubeadm-config.yaml
  3. # 重置集群
  4. kubeadm reset

按照提示配置环境变量,使用kubectl工具:

  1. mkdir -p $HOME/.kube
  2. sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  3. sudo chown $(id -u):$(id -g) $HOME/.kube/config
  4. $ kubectl get nodes
  5. $ kubectl get pods -n kube-system

按照提示保存以下内容,一会要使用:

  1. kubeadm join master.k8s.io:16443 --token 7tvdpz.7fdp3d8vbjaz6ubi \
  2. --discovery-token-ca-cert-hash sha256:e5e4768ba8f53553d692f344912fa71efc666371b08d8f9425308ddf2acae743  \
  3. --control-plane

查看集群状态

  1. kubectl get cs
  3. kubectl get pods -n kube-system

安装集群网络

从官方地址获取到flannel的yaml,在master1上执行

  1. mkdir flannel
  2. cd flannel
  3. wget -c https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

安装flannel网络

  1. kubectl apply -f kube-flannel.yml

检查

  1. kubectl get pods -n kube-system

master2加入集群

复制密钥及相关文件

从master1复制密钥及相关文件到master2

  1. $ ssh root@192.168.1.63 mkdir -p /etc/kubernetes/pki/etcd
  3. $ scp /etc/kubernetes/admin.conf root@192.168.1.63:/etc/kubernetes
  5. $ scp /etc/kubernetes/pki/{ca.*,sa.*,front-proxy-ca.*} root@192.168.1.63:/etc/kubernetes/pki
  7. $ scp /etc/kubernetes/pki/etcd/ca.* root@192.168.1.63:/etc/kubernetes/pki/etcd

加入集群

执行在master1上init后输出的join命令,需要带上参数--control-plane表示把master控制节点加入集群(上面提示保持的)

  1. kubeadm join master.k8s.io:16443 --token 7tvdpz.7fdp3d8vbjaz6ubi \
  2. --discovery-token-ca-cert-hash sha256:e5e4768ba8f53553d692f344912fa71efc666371b08d8f9425308ddf2acae743  \
  3. --control-plane

检查状态

  1. kubectl get node
  3. kubectl get pods --all-namespaces

加入Kubernetes Node

在node1上执行

向集群添加新节点,执行在kubeadm init输出的kubeadm join命令:不需要-_-control-plane_

  1. kubeadm join master.k8s.io:16443 --token 7tvdpz.7fdp3d8vbjaz6ubi \
  2. --discovery-token-ca-cert-hash sha256:e5e4768ba8f53553d692f344912fa71efc666371b08d8f9425308ddf2acae743

集群网络重新安装,因为添加了新的node节点

在master1节点上

  1. kubectl delete -f kube-flannel.yml 
  2. kubectl apply -f kube-flannel.yml

检查状态

  1. kubectl get node
  3. kubectl get pods --all-namespaces

测试kubernetes集群

在Kubernetes集群中创建一个pod,验证是否正常运行:

  1. $ kubectl create deployment nginx --image=nginx
  2. $ kubectl expose deployment nginx --port=80 --type=NodePort
  3. $ kubectl get pod,svc

访问地址:http://192.168.1.180:31507/