vagrant+virtualbox、kubeadm搭建kubernetes集群
前言:在学习Kubernetes时,有些时候需要使用到集群,而单机版的minikube和k3s显然,不能满足需要,此时如果你不想购买ECS,可以在本地借助于vagrant快速搭建集群环境。
注:该随笔只适合于学习kubernetes原理使用,不具备指导生产的意义。
先决条件:
(1)安装了virtualbox
(2)安装了vagrant
IP地址规划:
|
HOSTNAME |
IP |
角色 |
操作系统 |
|
master |
172.10.10.100 |
master,control-panel |
centos-7.9 |
|
work1 |
172.10.10.101 |
worker |
centos-7.9 |
|
work2 |
172.10.10.102 |
worker |
centos-7.9 |
安装
源码位置:
文件清单:
- Vagrantfile vagrant的主要配置文件,定义三个主机的网络信息、IP地址、内存/CPU限额;开启ssh root远程登录权限、设置centos yum源信息、安装tcpdum、关闭防火墙等;
- all.sh 对主机执行必要的配置,关闭swap等、安装和配置docker、配置k8s的yum源
- master.sh 安装k8s master 脚本、kubeadm init初始化信息、安装flannel
- worker.sh 安装work节点的脚本,主要执行kubeadm join,将work节点关联到master上;
注意:在master.sh中,如果你的apiserver-advertise-address 地址不是172.10.10.100,需要修改为自己的
#172.10.10.100为master的IP
kubeadm init --apiserver-advertise-address=172.10.10.100 \
--image-repository registry.aliyuncs.com/google_containers \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16 \1)下载仓库后,执行
执行vagrant up
完成后查看状态:
E:\vagrant\K8s>vagrant status
Current machine states:
master running (virtualbox)
worker1 running (virtualbox)
worker2 running (virtualbox)
This environment represents multiple VMs. The VMs are all listed
above with their current state. For more information about a specific
VM, run `vagrant status NAME`.
2)登录
默认的用户名和密码为:root/vagrant
E:\vagrant\K8s>ssh root@172.10.10.100
The authenticity of host '172.10.10.100 (172.10.10.100)' can't be established.
RSA key fingerprint is SHA256:PY7qUJ25D311RDlQOtj1lzn5TonhHoXqvAlKa0O5yHU.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.10.10.100' (RSA) to the list of known hosts.
root@172.10.10.100's password:
[root@master ~]# ls
master_202208281746.log script_202208280940.log注意:/root/master-*.log和script-*.log文件,这两个文件是安装过程中所记录的日志文件,如果安装过程中问题,可以到该文件中查看具体异常信息;另外它记录的kubeadm init过程中生成的token文件,一会我们需要使用它。
查看node信息:
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 36m v1.21.8
[root@master ~]#目前只有一个master节点,需要添加work节点。
不过在添加work节点之前有一个重要的工作要做。
默认情况下vagrant创建的虚拟机eth0为nat形式,eth1为host-only(如果指定了private-network或public-network),但这会导致在运行kubernetes的时候,可能出现unable to upgrade connection: pod does not exist等问题,为了避免这些问题,可以在创建完成后,手动为网卡重命名,并且需要同时在virtualbox中,将网卡1更换为host-only,将网卡2更换为nat。
3)配置网卡
(1)分别登录master和work将主机上的网卡重命名,并修改网卡配置文件
cd /etc/sysconfig/network-scripts/
mv ifcfg-eth0 ifcfg-eth00
mv ifcfg-eth1 ifcfg-eth0
mv ifcfg-eth00 ifcfg-eth1然后vi到ifcfg-eth0和ifcfg-eth1,将device名称分别修改为对应的网卡名,其他不要动:
ifcfg-eth0修改后:
#VAGRANT-BEGIN
# The contents below are automatically generated by Vagrant. Do not modify.
NM_CONTROLLED=yes
BOOTPROTO=none
ONBOOT=yes
IPADDR=172.10.10.100
NETMASK=255.255.255.0
DEVICE=eth0 #修改名称
PEERDNS=no
#VAGRANT-ENDifcfg-eth1修改后:
# Generated by parse-kickstart
DHCP_HOSTNAME="master"
BOOTPROTO="dhcp"
DEVICE="eth1" #修改名称
ONBOOT="yes"
IPV6INIT=no
IPV6_AUTOCONF=no
IPV6_DEFROUTE=no
IPV6_PEERDNS=no
IPV6_PEERROUTES=no
IPV6FORWARDING=no
IPV6_AUTOTUNNEL=no
修改完成后,重启网卡:
systemctl restart network在两台work节点上,需要做同样的操作
(2)在virtualbox中分别将master、work的网卡1更换为host-only,将网卡2更换为nat
网卡1:
网卡2:
注意:在网卡1配置过程中,你的网卡和名称可能和图上不一致,选择自己的即可(要在172.10.10.0网段的那个网卡)。
两台work虚拟机上均需做同样的操作。
(3)修改完成后,重启一下虚拟机
上面修改这么麻烦,为什么不能在定义vagrantfile的时候直接指定使用的网卡顺序呢?我也是这样想的,但是目前好像不支持。
4)添加work节点
上面我们在master节点中/root目录下,看到一个master-*.log日志文件,该文件中记录的有kubeadm join所需要的token信息:
kubeadm join 172.10.10.100:6443 --token cug5zp.0mryva95lv3av82z \
--discovery-token-ca-cert-hash sha256:1024cca63a0b8bf68be3d39e8b01a729d13b92a30fe38cba8a8f5fe16069e673
注:此时若是想要修改 kubeadm init信息,可以执行kubeadm reset后, 重新初始化即可。
分别在work1和work2上执行:
kubeadm join 172.10.10.100:6443 --token cug5zp.0mryva95lv3av82z \
--discovery-token-ca-cert-hash sha256:1024cca63a0b8bf68be3d39e8b01a729d13b92a30fe38cba8a8f5fe16069e673
再次查看node信息,由于已经安装了flannel,会在每个节点上部署一个flannel的POD,并创建一个flannel.1的网卡,所以节点状态才能为ready
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 95m v1.21.8
woker1 Ready <none> 8m19s v1.21.8
worker2 Ready 
如果你不想用flannel,想要使用其他如calico或weave,可以执行如下命令删除:
kubectl delete -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
建议制作一个快照:
$ vagrant snapshot save backeup1_installed_k8s基本操作
查看docker版本:
$ docker version
Client: Docker Engine - Community
Version: 20.10.12
API version: 1.41
Go version: go1.16.12
Git commit: e91ed57
Built: Mon Dec 13 11:45:41 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.12
API version: 1.41 (minimum version 1.12)
Go version: go1.16.12
Git commit: 459d0df
Built: Mon Dec 13 11:44:05 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.12
GitCommit: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc:
Version: 1.0.2
GitCommit: v1.0.2-0-g52b36a2
docker-init:
Version: 0.19.0
GitCommit: de40ad0
查看kubernetes版本:
$ kubectl version
Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.8", GitCommit:"4a3b558c52eb6995b3c5c1db5e54111bd0645a64", GitTreeState:"clean", BuildDate:"2021-12-15T14:52:11Z", GoVersion:"go1.16.12", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.14", GitCommit:"0f77da5bd4809927e15d1658fb4aa8f13ad890a5", GitTreeState:"clean", BuildDate:"2022-06-15T14:11:36Z", GoVersion:"go1.16.15", Compiler:"gc", Platform:"linux/amd64"}
查看集群信息:
$ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://172.10.10.100:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
创建Deployments:
$ kubectl apply -f - <<EOF
apiVersion: apps/v1
kind: Deployment
metadata:
name: frontend
spec:
replicas: 1
selector:
matchLabels:
tier: frontend
matchExpressions:
- {key: tier, operator: In, values: [frontend]}
template:
metadata:
labels:
app: app-demo
tier: frontend
spec:
containers:
- name: tomcat-demo
image: tomcat
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
EOF
创建service:
$ kubectl apply -f - <<EOF
apiVersion: v1
kind: Service
metadata:
name: tomcat-service
spec:
type: NodePort
ports:
- port: 8080
nodePort: 31002
selector:
tier: frontend
EOF查看deployment和pod:
[root@master Chapter01]# kubectl get svc,pods -owide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 148m <none>
service/tomcat-service NodePort 10.111.206.51 <none> 8080:31002/TCP 2m33s tier=frontend
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/frontend-7d7c57fc94-pwtqg 1/1 Running 0 3m15s 10.244.2.3 worker2 <none> <none>
访问:
[root@worker2 ~]# curl http://localhost:31002/
<!doctype html><html lang="en"><head><title>HTTP Status 404 – Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 – Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/10.0.14</h3></body></html>
