目录
1、准备环境 (温馨提示:尽量一次完成集群)
2.安装master节点
3、安装k8s-master上的node
4、安装配置k8s-node1节点
5、安装k8s-node2节点
6、为所有node节点配置flannel网络
7、配置docker开启加载防火墙规则允许转发数据
一. 环境搭建
1、准备环境 (温馨提示:尽量一次完成集群)
集群很容易断网
1) 计算机说明,建议系统版本7.4或者7.6
| 主机名 | IP地址 | 角色 | 硬件 |
| k8s-master | 192.168.50.53 | master+node | Etcd、apiserver、controlor-manager、scheduler、kube-proxy、docker、registry |
| k8s-node1 | 192.168.50.50 | node | Kubletel、kube-proxy、docker |
| k8s-node2 | 192.168.50.51 | node | Kubletel、kube-proxy、docker |
2) 修改主机的计算机名设置host文件
[root@localhost ~]# hostname k8s-master
[root@localhost ~]# bash
[root@k8s-master ~]# vim /etc/hosts
192.168.50.53 k8s-master
192.168.50.50 k8s-node1
192.168.50.51 k8s-node2
~[root@k8s-master ~]# scp /etc/hosts 192.168.50.51:/etc
[root@k8s-master ~]# scp /etc/hosts 192.168.50.50:/etc
2.安装master节点
1)安装etcd配置etcd
[root@k8s-master ~]# yum -y install etcd
[root@k8s-master ~]# cp /etc/etcd/etcd.conf /etc/etcd/etcd.conf.bak
[root@k8s-master ~]# vim /etc/etcd/etcd.conf
6 ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
21 ETCD_ADVERTISE_CLIENT_URLS="http://192.168.50.53:2379"
[root@k8s-master ~]# systemctl start etcd
[root@k8s-master ~]# systemctl enable etcd
Created symlink from /etc/systemd/system/multi-user.target.wants/etcd.service to /usr/lib/systemd/system/etcd.service.
2)安装k8s-master节点
[root@k8s-master ~]# yum -y install kubernetes-master.x86_64
3)配置apiserver
[root@k8s-master ~]# vim /etc/kubernetes/apiserver
1 ###
2 # kubernetes system config
3 #
4 # The following values are used to configure the kube-apiserver
5 #
6
7 # The address on the local server to listen to.
8 KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
9
10 # The port on the local server to listen on.
11 KUBE_API_PORT="--port=8080"
12
13 # Port minions listen on
14 KUBELET_PORT="--kubelet-port=10250"
15
16 # Comma separated list of nodes in the etcd cluster
17 KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.50.53:2379"
18
19 # Address range to use for services
20 KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
21
22 # default admission control policies
23KUBE_ADMISSION_CONTROL="admissioncontrol=NamespaceLifecycle,NamespaceExists,LimitRanger,Security ContextDeny,ResourceQuota"
24
25 # Add your own!
26 KUBE_API_ARGS=""
4) 配置controller和scheduler
[root@k8s-master ~]# vim /etc/kubernetes/config
22 KUBE_MASTER="--master=http://192.168.50.53:8080"
启动k8s服务
[root@k8s-master ~]# systemctl start kube-apiserver.service
[root@k8s-master ~]# systemctl start kube-controller-manager.service
[root@k8s-master ~]# systemctl start kube-scheduler.service
[root@k8s-master ~]# systemctl enable kube-apiserver.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-apiserver.service to /usr/lib/systemd/system/kube-apiserver.service.
[root@k8s-master ~]# systemctl enable kube-controller-manager.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-controller-manager.service to /usr/lib/systemd/system/kube-controller-manager.service.
[root@k8s-master ~]# systemctl enable kube-scheduler.server
Failed to execute operation: No such file or directory
[root@k8s-master ~]# systemctl enable kube-scheduler.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.
检查节点是否监控
[root@k8s-master ~]# kubectl get componentstatus
NAME STATUS MESSAGE ERROR
etcd-0 Healthy {"health":"true"}
controller-manager Healthy ok
scheduler Healthy ok
3、安装k8s-master上的node
1)安装node
[root@k8s-master ~]# yum -y install kubernetes node.x86_64
2)配置kubelet
[root@k8s-master ~]# vim /etc/kubernetes/kubelet
5 KUBELET_ADDRESS="--address=192.168.50.53"
11 KUBELET_HOSTNAME="--hostname-override=k8s-master"
14 KUBELET_API_SERVER="--api-servers=http://192.168.50.53:8080"
3)启动kubelet启动自动启动docker服务
[root@k8s-master ~]# systemctl start kubelet
[root@k8s-master ~]# systemctl enable kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
4)启动kubelet-proxy
[root@k8s-master ~]# systemctl start kube-proxy
[root@k8s-master ~]# systemctl enable kube-proxy
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /usr/lib/systemd/system/kube-proxy.service.
5)检查node节点
[root@k8s-master ~]# kubectl get nodes
NAME STATUS AGE
k8s-master Ready 1m
4、安装配置k8s-node1节点
1)安装node
[root@k8s-node1 ~]# yum -y install kubernetes node.x86_64
2)node1连接k8s-master
[root@k8s-node1 ~]# vim /etc/kubernetes/config
22 KUBE_MASTER="--master=http://192.168.50.53:8080"
3)配置kubelet
[root@k8s-node1 ~]# vim /etc/kubernetes/kubelet
5 KUBELET_ADDRESS="--address=192.168.50.50"
11 KUBELET_HOSTNAME="--hostname-override=k8s-node1"
14 KUBELET_API_SERVER="--api-servers=http://192.168.50.53:8080"
4)启动服务
[root@k8s-node1 ~]# systemctl start kubelet
[root@k8s-node1 ~]# systemctl start kube-proxy
[root@k8s-node1 ~]# systemctl enable kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
[root@k8s-node1 ~]# systemctl enable kube-proxy
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /usr/lib/systemd/system/kube-proxy.service.
5)在master节点检测node节点状态
[root@k8s-master ~]# kubectl get nodes
NAME STATUS AGE
k8s-master Ready 13m
k8s-node1 Ready 1m
5、安装k8s-node2节点
1)安装node
[root@k8s-node2 ~]# yum -y install kubernetes node.x86_64
2)node1连接k8s-master
[root@k8s-node2 ~]# vim /etc/kubernetes/config
22 KUBE_MASTER="--master=http://192.168.50.53:8080"
3)配置kubelet
[root@k8s-node2 ~]# vim /etc/kubernetes/kubelet
5 KUBELET_ADDRESS="--address=192.168.50.51"
11 KUBELET_HOSTNAME="--hostname-override=k8s-node2"
14 KUBELET_API_SERVER="--api-servers=http://192.168.50.53:8080"
4)启动服务
[root@k8s-node2 ~]# systemctl start kubelet
[root@k8s-node2 ~]# systemctl start kube-proxy
[root@k8s-node2 ~]# systemctl enable kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
[root@k8s-node2 ~]# systemctl enable kube-proxy
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /usr/lib/systemd/system/kube-proxy.service.
5)在master节点检测node节点状态
[root@k8s-master ~]# kubectl get nodes
NAME STATUS AGE
k8s-master Ready 19m
k8s-node1 Ready 7m
k8s-node2 Ready 1m
6、为所有node节点配置flannel网络
1)在k8s-master节点安装flannel
[root@k8s-master ~]# yum -y install flannel -y
[root@k8s-master ~]# vim /etc/sysconfig/flanneld
4 FLANNEL_ETCD_ENDPOINTS="http://192.168.50.53:2379"
[root@k8s-master ~]# etcdctl set /atomic.io/network/config '{"Network":"172.16.0.0/16"}'
{"Network":"172.16.0.0/16"} //查看多一个网络
[root@k8s-master ~]# systemctl start flanneld //重新启动docker服务和flannel网络一至
[root@k8s-master ~]# systemctl enable flanneld
Created symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.
Created symlink from /etc/systemd/system/docker.service.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.
[root@k8s-master ~]# ifconfig //查看多一个网络
flannel0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1472
inet 172.16.48.0 netmask 255.255.0.0 destination 172.16.48.0
inet6 fe80::4fff:f857:41f4:3894 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3 bytes 144 (144.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@k8s-master ~]# systemctl restart docker
sys[root@k8s-master ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@k8s-master ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.16.48.1 netmask 255.255.255.0 broadcast 0.0.0.0
ether 02:42:87:58:2f:59 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2)配置node1节点flannel网络
[root@k8s-node1 ~]# yum -y install flannel -y
[root@k8s-node1 ~]# vim /etc/sysconfig/flanneld
4 FLANNEL_ETCD_ENDPOINTS="http://192.168.50.53:2379"
[root@k8s-node1 ~]# systemctl start flanneld
[root@k8s-node1 ~]# systemctl enable flanneld
Created symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.
Created symlink from /etc/systemd/system/docker.service.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.
[root@k8s-node1 ~]# systemctl restart docker
[root@k8s-node1 ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
3)安装node2节点flannel网络
[root@k8s-node2 ~]# yum -y install flannel -y
[root@k8s-node2 ~]# vim /etc/sysconfig/flanneld
4 FLANNEL_ETCD_ENDPOINTS="http://192.168.50.53:2379"
[root@k8s-node2 ~]# systemctl start flanneld
[root@k8s-node2 ~]# systemctl enable flanneld
Created symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.
Created symlink from /etc/systemd/system/docker.service.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.
[root@k8s-node2 ~]# systemctl restart docker
sy[root@k8s-node2 ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
master查看
[root@k8s-master ~]# kubectl get nodes
NAME STATUS AGE
k8s-master Ready 35m
k8s-node1 Ready 23m
k8s-node2 Ready 17m
4)测试docker容器跨宿主机通信
[root@k8s-master ~]# iptables -P FORWARD ACCEPT
[root@k8s-master ~]#
[root@k8s-node1 ~]# iptables -P FORWARD ACCEPT
[root@k8s-node1 ~]#
[root@k8s-node2 ~]# iptables -P FORWARD ACCEPT
[root@k8s-node2 ~]#
iptables -P FORWARD ACCEPT: 这个命令将iptables的FORWARD链的默认策略设置为ACCEPT(接受)。iptables是Linux上的防火墙工具,它可以用来设置网络规则和过滤器。
-P FORWARD: 指定要更改的链是FORWARD链,这个链控制通过Linux主机的转发流量
ACCEPT: 设置为接受(允许)转发流量,默认情况下,FORWARD链的默认策略是DROP(拒绝)。
#: 这是Linux命令行中用于表示注释的符号。在这个上下文中,#后面的内容被视为注释,不会被执行。
这意味着iptables的FORWARD链的默认策略已被成功更改为接受(ACCEPT),允许通过Linux主机的转发流量。
7、配置docker开启加载防火墙规则允许转发数据
1)配置k8s-master节点
[root@k8s-master ~]# vim /usr/lib/systemd/system/docker.service
1 [Unit]
2 Description=Docker Application Container Engine
3 Documentation=http://docs.docker.com
4 After=network.target
5 Wants=docker-storage-setup.service
6 Requires=docker-cleanup.timer
7
8 [Service]
9 Type=notify
10 NotifyAccess=main
11 EnvironmentFile=-/run/containers/registries.conf
12 EnvironmentFile=-/etc/sysconfig/docker
13 EnvironmentFile=-/etc/sysconfig/docker-storage
14 EnvironmentFile=-/etc/sysconfig/docker-network
15 Environment=GOTRACEBACK=crash
16 Environment=DOCKER_HTTP_HOST_COMPAT=1
17 Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin
18 ExecStartPort=/usr/sbin/iptables -P FORWARD ACCEPT 添加这一行
19 ExecStart=/usr/bin/dockerd-current \
[root@k8s-master ~]# systemctl daemon-reload
[root@k8s-master ~]# systemctl restart docker
2)配置k8s-node1节点
[root@k8s-node1 ~]# vim /usr/lib/systemd/system/docker.service
18 ExecStartPort=/usr/sbin/iptables -P FORWARD ACCEPT
[root@k8s-node1 ~]# systemctl daemon-reload
[root@k8s-node1 ~]# systemctl restart docker
3)配置k8s-node2节点
[root@k8s-node2 ~]# vim /usr/lib/systemd/system/docker.service
18 ExecStartPort=/usr/sbin/iptables -P FORWARD ACCEPT
[root@k8s-node2 ~]# systemctl daemon-reload
[root@k8s-node2 ~]# systemctl restart docker
)
)
![[Leetcode] [Tutorial] 堆](http://pic.xiahunao.cn/[Leetcode] [Tutorial] 堆)
)
)
![Vue [Day6]](http://pic.xiahunao.cn/Vue [Day6])
)