kubernetes1.8 部署安装
2021-05-18 04:27
                         标签:dashboard   kubernetes    环境说明: 我这里的部署环境是三台虚拟机 Linux系统内核为:3.10.0-327.el7.x86_64   kubernetes版本:1.8 因需要上google,download image和kubernetes软件包,我事先己经使用proxy下载好全部打包成(kubernetes-all-1.8.tar.gz)软件包,里面包含配置文件、Docker软件包、kubernetes软件包以及下面的镜像 软件包己上传至baidu云盘,下载地址:http://pan.baidu.com/s/1slOCHop 密码:cm1o k8s所使用的镜像以及版本号:        下面开始部署操作 1.配置系统环境 2.解压软件kubernetes软件包、安装Docker 3.导入所需的镜像、查看是否正常 4.安装kubernetes软件包       6.允许远程操作集群      9.查看部署是否正常 10.安装部署node节点 11.部署Dashboard 12.将dashboard端口映射到node上 13.查看映射出来的端口 14.部署dashboard rbac 15.使用浏览器访问ui,会自动跳到登录页面 17.部署heapster 以上是部署整个过程,因只是刚开始学习,有什么问题请直接留言一起学习进步; 本文出自 “junly” 博客,请务必保留此出处http://junly917.blog.51cto.com/2846717/1976424 kubernetes1.8 部署安装 标签:dashboard   kubernetes    原文地址:http://junly917.blog.51cto.com/2846717/1976424master:172.17.80.10、node01:172.17.80.11、node02:172.17.80.12
docker_soft:docker安装所需要软件包
images:镜像文件
k8s_soft:k8s软件包
yaml:部署时所需要的配置文件
gcr.io/google_containers/kube-apiserver-amd64  v1.8.2        
gcr.io/google_containers/kube-controller-manager-amd64  v1.8.2        
gcr.io/google_containers/kube-scheduler-amd64 v1.8.2        
gcr.io/google_containers/kube-proxy-amd64  v1.8.2        
gcr.io/google_containers/kubernetes-dashboard-init-amd64 v1.0.1        
gcr.io/google_containers/kubernetes-dashboard-amd64  v1.7.1        
gcr.io/google_containers/k8s-dns-sidecar-amd64 1.14.5        
gcr.io/google_containers/k8s-dns-kube-dns-amd64 1.14.5        
gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64 1.14.5        
quay.io/coreos/flannel   v0.9.0-amd64  
gcr.io/google_containers/heapster-influxdb-amd64  v1.3.3        
gcr.io/google_containers/heapster-grafana-amd64  v4.4.3        
gcr.io/google_containers/heapster-amd64  v1.4.0        
gcr.io/google_containers/etcd-amd64  3.0.17        
gcr.io/google_containers/pause-amd64 3.0
[root@master ~]#setenforce 0 &&iptables -F && service iptables save 
[root@master ~]#swapoff -a
[root@master ~]#cat   /etc/sysctl.d/k8s.conf
[root@master ~]#net.bridge.bridge-nf-call-ip6tables = 1
[root@master ~]#net.bridge.bridge-nf-call-iptables = 1
[root@master ~]#EOF
[root@master ~]#sysctl --system
[root@master ~]#tar xf kubernetes-all-1.8.tar.gz
[root@master ~]#cd kubernetes-all-1.8
[root@master kubernetes-all-1.8]# cd docker_soft/
[root@master ~]#yum localinstall -y *
[root@master ~]#systemctl enable docker && systemctl start docker
[root@master images]# cd /root/kubernetes-all-1.8/images
[root@master ~]#for i in `cat images.txt ` ; do docker load 
                    [root@master k8s_soft]# cd /root/kubernetes-all-1.8/k8s_soft
[root@master ~]#yum localinstall -y kubelet kubeadm kubectl
[root@master ~]#systemctl enable kubelet && systemctl start kubelet
5.kubernetes初始化[root@master ~]# kubeadm init --apiserver-advertise-address=172.17.80.10 --pod-network-cidr=10.244.0.0/16
    [kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.
    [init] Using Kubernetes version: v1.8.2
    [init] Using Authorization modes: [Node RBAC]
    [preflight] Skipping pre-flight checks
    [kubeadm] WARNING: starting in 1.8, tokens expire after 24 hours by default (if you require a non-expiring token use --token-ttl 0)
    [certificates] Using the existing ca certificate and key.
    [certificates] Using the existing apiserver certificate and key.
    [certificates] Using the existing apiserver-kubelet-client certificate and key.
    [certificates] Using the existing sa key.
    [certificates] Using the existing front-proxy-ca certificate and key.
    [certificates] Using the existing front-proxy-client certificate and key.
    [certificates] Valid certificates and keys now exist in "/etc/kubernetes/pki"
    [kubeconfig] Using existing up-to-date KubeConfig file: "admin.conf"
    [kubeconfig] Using existing up-to-date KubeConfig file: "kubelet.conf"
    [kubeconfig] Using existing up-to-date KubeConfig file: "controller-manager.conf"
    [kubeconfig] Using existing up-to-date KubeConfig file: "scheduler.conf"
    [controlplane] Wrote Static Pod manifest for component kube-apiserver to "/etc/kubernetes/manifests/kube-apiserver.yaml"
    [controlplane] Wrote Static Pod manifest for component kube-controller-manager to "/etc/kubernetes/manifests/kube-controller-manager.yaml"
    [controlplane] Wrote Static Pod manifest for component kube-scheduler to "/etc/kubernetes/manifests/kube-scheduler.yaml"
    [etcd] Wrote Static Pod manifest for a local etcd instance to "/etc/kubernetes/manifests/etcd.yaml"
    [init] Waiting for the kubelet to boot up the control plane as Static Pods from directory "/etc/kubernetes/manifests"
    [init] This often takes around a minute; or longer if the control plane images have to be pulled.
    [apiclient] All control plane components are healthy after 25.003235 seconds
    [uploadconfig] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
    [markmaster] Will mark node master.junly.com as master by adding a label and a taint
    [markmaster] Master master.junly.com tainted and labelled with key/value: node-role.kubernetes.io/master=""
    [bootstraptoken] Using token: 916ff9.96f48b52e66d9e03
    [bootstraptoken] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
    [bootstraptoken] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
    [bootstraptoken] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
    [bootstraptoken] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
    [addons] Applied essential addon: kube-dns
    [addons] Applied essential addon: kube-proxy
    Your Kubernetes master has initialized successfully!
    To start using your cluster, you need to run (as a regular user):
      mkdir -p $HOME/.kube
      sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
      sudo chown $(id -u):$(id -g) $HOME/.kube/config
    You should now deploy a pod network to the cluster.
    Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
      http://kubernetes.io/docs/admin/addons/
    You can now join any number of machines by running the following on each node
    as root:
      kubeadm join --token 916ff9.96f48b52e66d9e03 172.17.80.10:6443 --discovery-token-ca-cert-hash sha256:2ae7f364929e442ed04bb1e0af840a343bb1efb356c5301ae7aed566b1f30d40
[root@master ~]# mkdir -p $HOME/.kube
[root@master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master ~]# chown $(id -u):$(id -g) $HOME/.kube/config
7.踢除master,不允许在master上进行部署服务[root@master kubernetes-images-1.8]# kubectl taint nodes --all node-role.kubernetes.io/master-
    node "master.junly.com" untainted
8.安装flanner网络[root@master ~]# kubectl create -f kube-flannel.yml 
    clusterrole "flannel" created
    clusterrolebinding "flannel" created
    serviceaccount "flannel" created
    configmap "kube-flannel-cfg" created
    daemonset "kube-flannel-ds" created
[root@master ~]# kubectl get pods --all-namespaces
    NAMESPACE     NAME                                       READY     STATUS    RESTARTS   AGE
    kube-system   etcd-master.junly.com                      1/1       Running   0          4m
    kube-system   kube-apiserver-master.junly.com            1/1       Running   0          4m
    kube-system   kube-controller-manager-master.junly.com   1/1       Running   1          4m
    kube-system   kube-dns-545bc4bfd4-nmhwl                  3/3       Running   0          5m
    kube-system   kube-flannel-ds-5mkm7                      1/1       Running   0          52s
    kube-system   kube-proxy-lmhzr                           1/1       Running   0          5m
    kube-system   kube-scheduler-master.junly.com            1/1       Running   0          4m
    在所有节点上按照前4步进行操作之后,加入集群[root@node01 ~]#kubeadm join --token 916ff9.96f48b52e66d9e03 172.17.80.10:6443 --discovery-token-ca-cert-hash sha256:2ae7f364929e442ed04bb1e0af840a343bb1efb356c5301ae7aed566b1f30d40
[root@master kubernetes-images-1.8]# kubectl create -f kubernetes-dashboard.yaml 
    secret "kubernetes-dashboard-certs" created
    serviceaccount "kubernetes-dashboard" created
    role "kubernetes-dashboard-minimal" created
    rolebinding "kubernetes-dashboard-minimal" created
    deployment "kubernetes-dashboard" created
    service "kubernetes-dashboard" created
 
[root@master ~]# kubectl get pods -n kube-system
    NAME                                       READY     STATUS    RESTARTS   AGE
    etcd-master.junly.com                      1/1       Running   0          10m
    kube-apiserver-master.junly.com            1/1       Running   0          10m
    kube-controller-manager-master.junly.com   1/1       Running   1          10m
    kube-dns-545bc4bfd4-nmhwl                  3/3       Running   0          11m
    kube-flannel-ds-5mkm7                      1/1       Running   0          6m
    kube-flannel-ds-l9xvp                      1/1       Running   0          1m
    kube-flannel-ds-v6hht                      1/1       Running   0          1m
    kube-proxy-4xgj8                           1/1       Running   0          1m
    kube-proxy-b72xm                           1/1       Running   0          1m
    kube-proxy-lmhzr                           1/1       Running   0          11m
    kube-scheduler-master.junly.com            1/1       Running   0          10m
    kubernetes-dashboard-747c4f7cf-9v9t8       1/1       Running   0          10s
[root@master ~]# kubectl edit service kubernetes-dashboard  -n kube-system service "kubernetes-dashboard" edited
    # Please edit the object below. Lines beginning with a ‘#‘ will be ignored,
    # and an empty file will abort the edit. If an error occurs while saving this file will be
    # reopened with the relevant failures.
    #
    apiVersion: v1
    kind: Service
    metadata:
      creationTimestamp: 2017-10-26T03:10:16Z
      labels:
        k8s-app: kubernetes-dashboard
      name: kubernetes-dashboard
      namespace: kube-system
      resourceVersion: "1334"
      selfLink: /api/v1/namespaces/kube-system/services/kubernetes-dashboard
      uid: 31166784-b9fb-11e7-abe1-000c29c7c723
    spec:
      clusterIP: 10.96.47.166
      externalTrafficPolicy: Cluster
      ports:
      - nodePort: 31334
        port: 443
        protocol: TCP
        targetPort: 8443
      selector:
        k8s-app: kubernetes-dashboard
      sessionAffinity: None
      type: NodePort            #修改此处将Cluster改NodePort
    status:
      loadBalancer: {}[root@master kubernetes-images-1.8]# kubectl get service kubernetes-dashboard  -n kube-system
    NAME                   TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)         AGE
    kubernetes-dashboard   NodePort   10.96.47.166   
[root@master ~]# cd /root/kubernetes-all-1.8/yaml
[root@master yaml]# kubectl create -f kubernetes-dashboard-admin.rbac.yaml
    serviceaccount "kubernetes-dashboard-admin" created
    clusterrolebinding "kubernetes-dashboard-admin" created
    https://172.17.80.11:31334
16.使用token来登录[root@master yaml]# kubectl -n kube-system get secret | grep kubernetes-dashboard-admin
    kubernetes-dashboard-admin-token-2p6dj   kubernetes.io/service-account-token   3         3h
[root@master yaml]# 
[root@master yaml]#  kubectl describe -n kube-system secret/kubernetes-dashboard-admin-token-2p6dj
    Name:         kubernetes-dashboard-admin-token-2p6dj
    Namespace:    kube-system
    Labels:       
[root@master ~]# cd /root/kubernetes-all-1.8/yaml
[root@master yaml]# ls
    grafana.yaml  heapster.yaml  influxdb.yaml
[root@master heapster]# kubectl create -f . 
    deployment "monitoring-grafana" created
    service "monitoring-grafana" created
    serviceaccount "heapster" created
    deployment "heapster" created
    service "heapster" created
    deployment "monitoring-influxdb" created
    service "monitoring-influxdb" created
[root@master ~]# kubectl -n kube-system get pods
    NAME                                       READY     STATUS    RESTARTS   AGE
    etcd-master.junly.com                      1/1       Running   1          3h
    heapster-5d67855584-xbkxp                  1/1       Running   0          2h
    kube-apiserver-master.junly.com            1/1       Running   4          3h
    kube-controller-manager-master.junly.com   1/1       Running   4          3h
    kube-dns-545bc4bfd4-nmhwl                  3/3       Running   6          3h
    kube-flannel-ds-5mkm7                      1/1       Running   1          3h
    kube-flannel-ds-l9xvp                      1/1       Running   0          2h
    kube-flannel-ds-v6hht                      1/1       Running   0          2h
    kube-proxy-4xgj8                           1/1       Running   0          2h
    kube-proxy-b72xm                           1/1       Running   0          2h
    kube-proxy-lmhzr                           1/1       Running   1          3h
    kube-scheduler-master.junly.com            1/1       Running   3          3h
    kubernetes-dashboard-747c4f7cf-9v9t8       1/1       Running   0          2h
    monitoring-influxdb-85cb4985d4-7t2p9       1/1       Running   5          2h
下一篇:.NET基础知识(九)