一直以来都想尝鲜下Kubernates但是每次看网站都云里雾里的,在google中看到很多博客都写了安装的步骤,于是乎我就参考了Jimmy Song写的在CentOS上安装Kubernetes详细指南。这里写下安装的步骤记录一下。
系统环境
- CentOS Linux release 7.3.1611
- Docker 17.03.1-ce
- Etcd 3.1.5
- Kubernetes 1.6.0
- flannel 0.7.0-1
一. Master安装
-
关闭sellinux和防火墙
echo "SELINUX=disabled SELINUXTYPE=targeted" > /etc/sysconfig/selinux setenforce 0 systemctl stop firewalld systemctl disable firewalld -
打开文件限制
echo "* - nofile 65536" >> /etc/security/limits.conf -
安装docker
curl -sSL https://get.docker.com/ | sh -
安装配置etcd
-
下载安装包并将解压后的文件etcd,etcdctl放入/usr/bin/下
DOWNLOAD_URL=https://storage.googleapis.com/etcd ETCD_VER=v3.1.5 wget ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz tar xvf etcd-${ETCD_VER}-linux-amd64.tar.gz cd etcd-${ETCD_VER}-linux-amd64/ mv etcd etcdtl /usr/bin/ -
添加配置文件
mkdir -p /etc/etcd/ touch /etc/etcd/etcd.conf cat << ETCD_CONF >/etc/etcd/etcd.conf # [member] ETCD_NAME=default ETCD_DATA_DIR="/var/lib/etcd/default.etcd" # ETCD_WAL_DIR="" # ETCD_SNAPSHOT_COUNT="10000" # ETCD_HEARTBEAT_INTERVAL="100" # ETCD_ELECTION_TIMEOUT="1000" # ETCD_LISTEN_PEER_URLS="http://localhost:2380" ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" # ETCD_MAX_SNAPSHOTS="5" # ETCD_MAX_WALS="5" # ETCD_CORS="" # # [cluster] # ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380" # if you use different ETCD_NAME (e.g. test), set ETCD_INITIAL_CLUSTER value for this name, i.e. "test=http://..." # ETCD_INITIAL_CLUSTER="default=http://localhost:2380" # ETCD_INITIAL_CLUSTER_STATE="new" # ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster" ETCD_ADVERTISE_CLIENT_URLS="http://0.0.0.0:2379" # ETCD_DISCOVERY="" # ETCD_DISCOVERY_SRV="" # ETCD_DISCOVERY_FALLBACK="proxy" # ETCD_DISCOVERY_PROXY="" # # [proxy] # ETCD_PROXY="off" # ETCD_PROXY_FAILURE_WAIT="5000" # ETCD_PROXY_REFRESH_INTERVAL="30000" # ETCD_PROXY_DIAL_TIMEOUT="1000" # ETCD_PROXY_WRITE_TIMEOUT="5000" # ETCD_PROXY_READ_TIMEOUT="0" # # [security] # ETCD_CERT_FILE="" # ETCD_KEY_FILE="" # ETCD_CLIENT_CERT_AUTH="false" # ETCD_TRUSTED_CA_FILE="" # ETCD_PEER_CERT_FILE="" # ETCD_PEER_KEY_FILE="" # ETCD_PEER_CLIENT_CERT_AUTH="false" # ETCD_PEER_TRUSTED_CA_FILE="" # [logging] # ETCD_DEBUG="false" # examples for -log-package-levels etcdserver=WARNING,security=DEBUG # ETCD_LOG_PACKAGE_LEVELS="" ETCD_CONF -
创建etcd.service
mkdir -p /var/lib/etcd cat << ETCD_SERVICE > /usr/lib/systemd/system/etcd.service [Unit] Description=Etcd Server After=network.target After=network-online.target Wants=network-online.target [Service] Type=notify WorkingDirectory=/var/lib/etcd/ EnvironmentFile=/etc/etcd/etcd.conf # set GOMAXPROCS to number of processors ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd --name=\"${ETCD_NAME}\" --data-dir=\"${ETCD_DATA_DIR}\" --listen-client-urls=\"${ETCD_LISTEN_CLIENT_URLS}\"" Restart=on-failure [Install] WantedBy=multi-user.target ETCD_SERVICE
-
-
安装flannel
yum install flannel -y -
安装kubernetes
-
下载kubernetes并安装
wget https://github.com/kubernetes/kubernetes/releases/download/v1.6.0/kubernetes.tar.gz tar -zxvf kubernetes.tar.gz cd kubernetes ./cluster/get-kube-binaries.sh cd server tar -xvf kubernetes-server-linux-amd64.tar.gz cd kubernetes/bin rm -f *_tag *.tar chmod 755 * mv * /usr/bin -
配置kubernates
Master节点需要配置的kubernetes的组件有:
- kube-apiserver
- kube-controller-manager
- kube-scheduler
- kube-proxy
- kubectl
- 配置kube-apiserver
#创建kube-apiserver的配置文件 touch /etc/kubernetes/apiserver cat << KUBE_APISERVER > /etc/kubernetes/apiserver ### ## kubernetes system config ## ## The following values are used to configure the kube-apiserver ## # ## The address on the local server to listen to. KUBE_API_ADDRESS="--insecure-bind-address=${your_master_api_address}" # ## The port on the local server to listen on. KUBE_API_PORT="--insecure-port=8080" # ## Port minions listen on KUBELET_PORT="--kubelet_port=10250" # ## Comma separated list of nodes in the etcd cluster KUBE_ETCD_SERVERS="--etcd_servers=http://127.0.0.1:2379" # ## Address range to use for services KUBE_SERVICE_ADDREKUBELET_POD_INFRA_CONTAINERSSES="--service-cluster-ip-range=10.254.0.0/16" # ## default admission control policies KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota" # ## Add your own! KUBE_API_ARGS="" KUBE_APISERVER #创建kube-apiserver的service文件 touch /usr/lib/systemd/system/kube-apiserver.service cat << KUBE_APISERVER_SERVICE > /usr/lib/systemd/system/kube-apiserver.service [Unit] Description=Kubernetes API Service Documentation=https://github.com/GoogleCloudPlatform/kubernetes After=network.target After=etcd.service [Service] EnvironmentFile=/etc/kubernetes/config EnvironmentFile=/etc/kubernetes/apiserver ExecStart=/usr/bin/kube-apiserver \ $KUBE_LOGTOSTDERR \ $KUBE_LOG_LEVEL \ $KUBE_ETCD_SERVERS \ $KUBE_API_ADDRESS \ $KUBE_API_PORT \ $KUBE_ALLOW_PRIV \ $KUBE_SERVICE_ADDRESSES \ $KUBE_ADMISSION_CONTROL \ $KUBE_API_ARGS \ $KUBE_SERVICE_ADDREKUBELET_POD_INFRA_CONTAINERSSES Restart=on-failure Type=notify [Install] WantedBy=multi-user.target KUBE_APISERVER_SERVICE-
配置kube-controller-manager
# 创建kube-controller-manager配置文件 touch /etc/kubernetes/config cat << KUBE_CONFIG > /etc/kubernetes ### # kubernetes system config # # The following values are used to configure various aspects of all # kubernetes services, including # # kube-apiserver.service # kube-controller-manager.service # kube-scheduler.service # kubelet.service # kube-proxy.service # logging to stderr means we get it in the systemd journal KUBE_LOGTOSTDERR="--logtostderr=true" # journal message level, 0 is debug KUBE_LOG_LEVEL="--v=0" # Should this cluster be allowed to run privileged docker containers KUBE_ALLOW_PRIV="--allow_privileged=false" # How the controller-manager, scheduler, and proxy find the apiserver KUBE_MASTER="--master=http://${your_master_api_address}:8080" KUBE_CONFIG touch /etc/kubernetes/controller-manager cat << KUBE_CONTROLLER > /etc/kubernetes/controller-manmger ### # The following values are used to configure the kubernetes controller-manager # defaults from config and apiserver should be adequate # Add your own! KUBE_CONTROLLER_MANAGER_ARGS="" KUBE_CONTROLLER #创建kube-controller-manmger的service文件 touch /usr/lib/systemd/system/kube-controller-manmger.service cat KUBE_CONTROLLER_SERVICE > /usr/lib/systemd/system/kube-controller-manmger.service [unit] Description=Kubernetes Controller Manager Documentation=https://github.com/GoogleCloudPlatform/kubernetes [Service] EnvironmentFile=/etc/kubernetes/config EnvironmentFile=/etc/kubernetes/controller-manager ExecStart=/usr/bin/kube-controller-manager \ $KUBE_LOGTOSTDERR \ $KUBE_LOG_LEVEL \ $KUBE_MASTER \ $KUBE_CONTROLLER_MANAGER_ARGS Restart=on-failure [Install] WantedBy=multi-user.target KUBE_CONTROLLER_SERVICE -
配置kube-scheduler
#创建kube-scheduler的配置文件 touch /etc/kubernetes/scheduler cat << KUBE_SCHEDULER > /etc/kubernetes/scheduler ### # kubernetes scheduler config # default config should be adequate # Add your own! KUBE_SCHEDULER_ARGS="" KUBE_SCHEDULER #创建kube-scheduler的service文件 touch /usr/lib/systemd/system/kube-scheduler.service cat << KUBE_SCHEDULER_SERVICE > /usr/lib/systemd/system/kube-scheduler.service [Unit] Description=Kubernetes Scheduler Plugin Documentation=https://github.com/GoogleCloudPlatform/kubernetes [Service] EnvironmentFile=/etc/kubernetes/config EnvironmentFile=/etc/kubernetes/scheduler ExecStart=/usr/bin/kube-scheduler \ $KUBE_LOGTOSTDERR \ $KUBE_LOG_LEVEL \ $KUBE_MASTER \ $KUBE_SCHEDULER_ARGS Restart=on-failure [Install] WantedBy=multi-user.target KUBE_SCHEDULER_SERVICE -
配置kube-proxy
#创建kube-proxy的配置文件 touch /etc/kubernetes/proxy cat << KUBE_PROXY > /etc/kubernetes/proxy ### # kubernetes proxy config # default config should be adequate # Add your own! KUBE_PROXY_ARGS="" KUBE_PROXY #创建kube-proxy的service文件 touch /usr/lib/systemd/system/kube-proxy.service cat << KUBE_PROXY_SERVICE > /usr/lib/systemd/system/kube-proxy.service [Unit] Description=Kubernetes Kube-Proxy Server Documentation=https://github.com/GoogleCloudPlatform/kubernetes After=network.target [Service] EnvironmentFile=/etc/kubernetes/config EnvironmentFile=/etc/kubernetes/proxy ExecStart=/usr/bin/kube-proxy \ $KUBE_LOGTOSTDERR \ $KUBE_LOG_LEVEL \ $KUBE_MASTER \ $KUBE_PROXY_ARGS Restart=on-failure [Install] WantedBy=multi-user.target KUBE_PROXY_SERVICE -
配置kubelet
#创建kubelet的配置文件 touch /etc/kubernetes/kubelet cat << KUBELET > /etc/kubernetes/kubelet ### ## kubernetes kubelet (minion) config # ## The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) KUBELET_ADDRESS="--address=0.0.0.0" # ## The port for the info server to serve on KUBELET_PORT="--port=10250" # ## You may leave this blank to use the actual hostname KUBELET_HOSTNAME="--hostname_override=${your_master_api_address}" # ## location of the api-server KUBELET_API_SERVER="--api_servers=http://${your_master_api_address}:8080" # ## pod infrastructure container KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest" # ## Add your own! KUBELET_ARGS="" KUBELET #创建kubelet的service文件 touch /usr/lib/systemd/system/kubelet.service cat << KUBELET_SERVICE > /usr/lib/systemd/system/kubelet.service [Unit] Description=Kubernetes Kubelet Server Documentation=https://github.com/GoogleCloudPlatform/kubernetes After=docker.service Requires=docker.service [Service] WorkingDirectory=/var/lib/kubelet EnvironmentFile=/etc/kubernetes/config EnvironmentFile=/etc/kubernetes/kubelet ExecStart=/usr/bin/kubelet \ $KUBE_LOGTOSTDERR \ $KUBE_LOG_LEVEL \ $KUBELET_API_SERVER \ $KUBELET_ADDRESS \ $KUBELET_PORT \ $KUBELET_HOSTNAME \ $KUBE_ALLOW_PRIV \ $KUBELET_POD_INFRA_CONTAINER \ $KUBELET_ARGS Restart=on-failure [Install] WantedBy=multi-user.target KUBELET_SERVICE
-
启动kubernetes master
for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler kube-proxy kubelet flanneld; do systemctl restart $SERVICES systemctl enable $SERVICES systemctl status $SERVICES done -
在master上验证kubernetes
#如果你的master用的是IP,那就得先运行 alias kubectl=" kubectl -s http://${your_master_api_address}:8080" #然后就可以运行 kubectl get all #运行后一般会有这样的结果 NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE svc/kubernetes 10.254.0.1 <none> 443/TCP 2h
-