本文共 7576 字,大约阅读时间需要 25 分钟。
Kubernetes(k8s)介绍
Kubernetes是一门基于go语言开发的容器编排的技术。容器编排技术有哪些?Docker Swarm、Google Kubernetes以及docker自身单机版本的docker-compose各有千秋,自行百度每个软件的区别。Kubernetes目前是使用最为广泛的容器编排软件,甚至可以说Kubernetes与docker相辅相成。
Kubernetes必须基于docker,相对的Kubernetes实现了docker容器的生死自动化。 各大主流公司如谷歌、阿里等都有自己的Kubernetes架构。对于Kubernetes于其他容器编排技术之间的区分,这里有一片很棒的:
链接: 本篇文章转自网易云架构师刘超的个人公众号,刘超的通俗云计算。docker version:18.09.3
k8s version:1.15.2 pause:3.1 etcd:3.3.10 coredns:1.3.1 CentOS Linux release 7.5.1804 (Core)本教程在现有docker的宿主机上部署k8s,在此情况下需要先期对k8s对应支持的docker版本搞清,并相应选择能够支持的k8s版本。
实验环境直接掐了
systemctl stop firewalld.service #停止firewallsystemctl status firewalld.service #firewall状态
vim /etc/selinux/config
将selinux禁用 SELINUX=disabled
2 # This file controls the state of SELinux on the system. 3 # SELINUX= can take one of these three values: 4 # enforcing - SELinux security policy is enforced. 5 # permissive - SELinux prints warnings instead of enforcing. 6 # disabled - No SELinux policy is loaded. 7 SELINUX=disabled 8 # SELINUXTYPE= can take one of three values: 9 # targeted - Targeted processes are protected, 10 # minimum - Modification of targeted policy. Only selected processes are protected. 11 # mls - Multi Level Security protection. 12 SELINUXTYPE=targeted 13 14
创建k8s.conf,vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1net.ipv4.ip_forward = 1
然后执行配置生效
modprobe br_netfiltersysctl -p /etc/sysctl.d/k8s.conf
其实使用iptables -nvL测试iptables filter表中FOWARD链就可以了,docker 18.06之后均无需管
k8s在设计上是要求关闭swap的,这样做能提高性能,但是鉴于大部分服务器都在跑着其他的服务,且实验用的服务器其实在性能上并不需要这样,还要保证容错率,不建议暴力关闭swap,选择k8s启动参数里面让系统忽略过这一步。
搜索10-kubeadm.conf,一般有两种路径
/usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
加入Environment=“KUBELET_EXTRA_ARGS=–fail-swap-on=false”
[Service]Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamicallyEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.EnvironmentFile=-/etc/sysconfig/kubeletExecStart=ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS
然后应用改动
systemctl daemon-reload
我们这一步直接使用阿里云的资源yum安装 kubelet kubeadm kubectl
vim /etc/yum.repos.d/kubernetes.repo
[kubernetes]name=Kubernetesbaseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=0repo_gpgcheck=0gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
注意先确定自己需要什么版本的k8s
yum list kubeadm --showduplicates | sort -r这里我们选择版本v1.15.2
yum install kubeadm-1.15.2-0.x86_64 kubelet-1.15.2-0.x86_64 kubectl-1.15.2-0.x86_64
安装完成之后直接启动即可
/bin/systemctl start kubelet
正常的话,直接执行就成功了,可以通过kubelet --version验证
kubelet --version如果出现以下错误的话,考虑reload设置 搜索10-kubeadm.conf,一般有两种路径
/usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
加入Environment=“KUBELET_EXTRA_ARGS=–fail-swap-on=false”
[Service]Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamicallyEnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.EnvironmentFile=-/etc/sysconfig/kubeletExecStart=ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS
然后应用改动
systemctl daemon-reload
这时候再去/bin/systemctl start kubelet即可
由于k8s由谷歌开源,有条件可以科学上网下载。
另可使用阿里开源镜像资源。首先我们下载相关的镜像资源并重命名备用
#!/bin/bash#k8s-pull-aliyun.sh#docker version:18.09.3kube_v=v1.15.2docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:$kube_vdocker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:$kube_vdocker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:$kube_vdocker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$kube_vdocker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.10docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.3.1docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:$kube_v k8s.gcr.io/kube-apiserver:$kube_vdocker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:$kube_v k8s.gcr.io/kube-controller-manager:$kube_vdocker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:$kube_v k8s.gcr.io/kube-scheduler:$kube_vdocker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$kube_v k8s.gcr.io/kube-proxy:$kube_vdocker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
另附删除脚本
#!/bin/bash#k8s-rmi-aliyun.sh#docker version:18.09.3kube_v=v1.15.2docker rmi k8s.gcr.io/kube-apiserver:$kube_vdocker rmi k8s.gcr.io/kube-controller-manager:$kube_vdocker rmi k8s.gcr.io/kube-scheduler:$kube_vdocker rmi k8s.gcr.io/kube-proxy:$kube_vdocker rmi k8s.gcr.io/pause:3.1docker rmi k8s.gcr.io/etcd:3.3.10docker rmi k8s.gcr.io/coredns:1.3.1docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:$kube_vdocker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:$kube_vdocker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:$kube_vdocker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$kube_vdocker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.10docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.3.1
注意查看脚本是否下载完全所有镜像,小心没下载全把自己坑到,会出现部分服务未running或errimage的状况
至此我们已经完成了准备工序
这边我们直接给出master节点初始化命令:
1 #!/bin/bash 2 #docker version:18.09.3 3 #k8s version:1.15.2 4 5 #make sure your k8s images are downloaded in this PC 6 #the swap is ignored do not make it down 7 kubeadm init \ 8 --apiserver-advertise-address=10.19.155.206 \ #本机的地址 9 --kubernetes-version v1.15.2 \ #k8s版本 10 --pod-network-cidr=10.244.0.0/16 \ #master节点的pod子网 11 --ignore-preflight-errors=Swap #初始化时忽略swap未关闭的错误
因为我们选择了不关闭swap就启动k8s,直接初始化会报错error未关闭swap,所以需要关闭相关错误报警
未完
转载地址:http://xktni.baihongyu.com/